Promethease/privacy

From SNPedia

Jump to: navigation, search

Privacy is important to us. We want to do it right. The system was designed to maximize your privacy. But Promethease, like SNPedia and our understanding of genetics, is still a work in progress.

When you look at SNPedia with your webbrowser, or build a report with Promethease, the pages you've requested are part of the SNPedia webserver logs. This makes it technically possible to match a set of genotypes to a given IP address.

Promethease now allows you to optionally pay $2 to speed things up. This works by downloading a single file containing a compressed version of much of the information in SNPedia. Since its a single request and compressed it runs faster, but as a side benefit there is no need to request the pages for your genotypes. This greatly improves your privacy, and leaves SNPedia with no way to know what genotypes you have. However since the cache is not yet perfectly up to date, nor fully comprehensive, during even paid Promethease runs most users will need to request a *few* genotypes directly from SNPedia, which leaks some information. Even for a perfect cache which doesn't need to read any pages, most users will eventually click through with their webbrowser to look at the full details of some of their genotypes. Again this leaks information into the server logs.

For this reason, in time we hope to scrub the ip/genotypes from the SNPedia logs. But I am strong believer in release early, release often and Promethease wouldn't exist at all if I had to wait until every case was covered.

Therefore if you are extremely security conscious, Promethease may not yet be for you. If you can't wait, consider doctoring a few versions of your genotype file, and running Promethease a few times, from various coffee shops in foreign countries. You alone will know which file was real, and the rest will serve as chaff. Other possibilities exist, and your comments on this important topic are welcome.

These technical solutions are still being formulated, in line with the discussions raised in recent articles ([PMID 18769715]) and by the NIH and Wellcome Trust.

Retrieved from "http://www.snpedia.com/index.php/Promethease/privacy"