typewriter icon

Weekly Typed

Hashed DNA Database

June 4, 2013

There’s a simple solution to the Supreme Court’s ruling that taking DNA swabs of arrestees is permissible. It’s a ruling that has privacy advocates up in arms.

There are reasons to worry about this decision. Some are speculative, pessimistic or dystopian: it opens the door to a police state, it makes it easier for authorities to track your whereabouts and frame you. Some are genuine: DNA is private information about the very thing that makes a person who they are, and there are fears that insurance companies and even less benign parties may gain access to this information to misuse it.

Since I’m in Silicon Valley, it’s almost obligatory to come up with a technological solution to this. The basic DNA fingerprinting process is a 4-step procedure that ends with a nylon membrane with a pattern on it, which can be compared to existing patterns. I propose creating a national DNA fingerprint database, similar to the one the FBI has for regular fingerprints. The database should, by law, only be allowed to store a hash of a person’s DNA pattern.

To revise (and for non-tech readers), a hash is what you get when you run a piece of information through a hashing algorithm. A hash of a given data set has 2 properties:

  • It’s unique
  • You can’t get the original data back just from the hash value

For example, the hash of the string “I love tacos” using the MD5 algorithm is:

b5d19ec884a387e767811afbe097affc

And if you are given just “b5d19ec884a387e767811afbe097affc” you could never tell that it was generated by hashing “I love tacos”. You could also say with a high degree of certainty that only the string “I love tacos” would give you “b5d19ec884a387e767811afbe097affc”.

Do the same thing with DNA information (with a different, better algorithm, obviously) and the benefits are obvious:

  • Law enforcement has another tool to identify suspects uniquely. When they arrest a suspect, they swab him or her, a device calculates and stores the hash of the DNA on the swab and the swab is destroyed immediately. They compare the hash to hashes already in the database.
  • Privacy advocates are happy because it reduces DNA information to something as devoid of external meaning as a fingerprint. A DNA hash can’t betray anything about a person’s ancestry, probabilities of developing medical conditions or anything else that can be gleaned from a DNA sample.

Everyone wins here. Hashed databases have to be the way to go.

blog comments powered by Disqus