Biohackers Made a Cheap and Effective Home Covid Test -- But No One Is Allowed to Use It
Christi Guerrini, JD, MPH studies biomedical citizen science and is an Associate Professor at Baylor College of Medicine. Alex Pearlman, MA, is a science journalist and bioethicist who writes about emerging issues in biotechnology. They have recently launched outlawbio.org, a place for discussion about nontraditional research.
A stock image of a home test for COVID-19.
Last summer, when fast and cheap Covid tests were in high demand and governments were struggling to manufacture and distribute them, a group of independent scientists working together had a bit of a breakthrough.
Working on the Just One Giant Lab platform, an online community that serves as a kind of clearing house for open science researchers to find each other and work together, they managed to create a simple, one-hour Covid test that anyone could take at home with just a cup of hot water. The group tested it across a network of home and professional laboratories before being listed as a semi-finalist team for the XPrize, a competition that rewards innovative solutions-based projects. Then, the group hit a wall: they couldn't commercialize the test.
They wanted to keep their project open source, making it accessible to people around the world, so they decided to forgo traditional means of intellectual property protection and didn't seek patents. (They couldn't afford lawyers anyway). And, as a loose-knit group that was not supported by a traditional scientific institution, working in community labs and homes around the world, they had no access to resources or financial support for manufacturing or distributing their test at scale.
But without ethical and regulatory approval for clinical testing, manufacture, and distribution, they were legally unable to create field tests for real people, leaving their inexpensive, $16-per-test, innovative product languishing behind, while other, more expensive over-the-counter tests made their way onto the market.
Who Are These Radical Scientists?
Independent, decentralized biomedical research has come of age. Also sometimes called DIYbio, biohacking, or community biology, depending on whom you ask, open research is today a global movement with thousands of members, from scientists with advanced degrees to middle-grade students. Their motivations and interests vary across a wide spectrum, but transparency and accessibility are key to the ethos of the movement. Teams are agile, focused on shoestring-budget R&D, and aim to disrupt business as usual in the ivory towers of the scientific establishment.
Ethics oversight is critical to ensuring that research is conducted responsibly, even by biohackers.
Initiatives developed within the community, such as Open Insulin, which hopes to engineer processes for affordable, small-batch insulin production, "Slybera," a provocative attempt to reverse engineer a $1 million dollar gene therapy, and the hundreds of projects posted on the collaboration platform Just One Giant Lab during the pandemic, all have one thing in common: to pursue testing in humans, they need an ethics oversight mechanism.
These groups, most of which operate collaboratively in community labs, homes, and online, recognize that some sort of oversight or guidance is useful—and that it's the right thing to do.
But also, and perhaps more immediately, they need it because federal rules require ethics oversight of any biomedical research that's headed in the direction of the consumer market. In addition, some individuals engaged in this work do want to publish their research in traditional scientific journals, which—you guessed it—also require that research has undergone an ethics evaluation. Ethics oversight is critical to ensuring that research is conducted responsibly, even by biohackers.
Bridging the Ethics Gap
The problem is that traditional oversight mechanisms, such as institutional review boards at government or academic research institutions, as well as the private boards utilized by pharmaceutical companies, are not accessible to most independent researchers. Traditional review boards are either closed to the public, or charge fees that are out of reach for many citizen science initiatives. This has created an "ethics gap" in nontraditional scientific research.
Biohackers are seen in some ways as the direct descendents of "white hat" computer hackers, or those focused on calling out security holes and contributing solutions to technical problems within self-regulating communities. In the case of health and biotechnology, those problems include both the absence of treatments and the availability of only expensive treatments for certain conditions. As the DIYbio community grows, there needs to be a way to provide assurance that, when the work is successful, the public is able to benefit from it eventually. The team that developed the one-hour Covid test found a potential commercial partner and so might well overcome the oversight hurdle, but it's been 14 months since they developed the test--and counting.
In short, without some kind of oversight mechanism for the work of independent biomedical researchers, the solutions they innovate will never have the opportunity to reach consumers.
In a new paper in the journal Citizen Science: Theory & Practice, we consider the issue of the ethics gap and ask whether ethics oversight is something nontraditional researchers want, and if so, what forms it might take. Given that individuals within these communities sometimes vehemently disagree with each other, is consensus on these questions even possible?
We learned that there is no "one size fits all" solution for ethics oversight of nontraditional research. Rather, the appropriateness of any oversight model will depend on each initiative's objectives, needs, risks, and constraints.
We also learned that nontraditional researchers are generally willing (and in some cases eager) to engage with traditional scientific, legal, and bioethics experts on ethics, safety, and related questions.
We suggest that these experts make themselves available to help nontraditional researchers build infrastructure for ethics self-governance and identify when it might be necessary to seek outside assistance.
Independent biomedical research has promise, but like any emerging science, it poses novel ethical questions and challenges. Existing research ethics and oversight frameworks may not be well-suited to answer them in every context, so we need to think outside the box about what we can create for the future. That process should begin by talking to independent biomedical researchers about their activities, priorities, and concerns with an eye to understanding how best to support them.
Christi Guerrini, JD, MPH studies biomedical citizen science and is an Associate Professor at Baylor College of Medicine. Alex Pearlman, MA, is a science journalist and bioethicist who writes about emerging issues in biotechnology. They have recently launched outlawbio.org, a place for discussion about nontraditional research.
Podcast: The Friday Five weekly roundup in health research
Scientists have designed a phone app that could alert consumers to high levels of cancer-causing chemicals, Yale researchers revive organs in dead pigs, and more in this week's Friday Five.
The Friday Five covers five stories in health research that you may have missed this week. There are plenty of controversies and troubling ethical issues in science – and we get into many of them in our online magazine – but this news roundup focuses on scientific creativity and progress to give you a therapeutic dose of inspiration headed into the weekend.
Listen to the Episode
Listen on Apple | Listen on Spotify | Listen on Stitcher | Listen on Amazon | Listen on Google
Covered in this week's Friday Five:
- A new blood test for cancer
- Patches of bacteria can use your sweat to power electronic devices
- Researchers revive organs of dead pigs
- Phone apps detects cancer-causing chemicals in foods
- Stem cells generate "synthetic placentas" in mice
Plus, an honorable mention for early research involving vitamin K and Alzheimer's
The limits of digital privacy are becoming clearer in the post-Dobbs era, as a wide range of data sources can reveal online and offline activities, including whether a woman seeks an abortion.
Since the recent reversal of Roe v. Wade — the landmark decision establishing a constitutional right to abortion — the vulnerabilities of reproductive health data and various other information stored on digital devices or shared through the Web have risen to the forefront.
Menstrual period tracking apps are an example of how technologies that collect information from users could be weaponized against abortions seekers. The apps, which help tens of millions of users in the U.S. predict when they’re ovulating, may provide evidence that leads to criminal prosecution in states with abortion bans, says Anton T. Dahbura, executive director of the Johns Hopkins University Information Security Institute. In states where abortion is outlawed, “it’s probably best to not use a period tracker,” he says.
Following the Dobbs v. Jackson ruling in late June that overturned Roe, even women who suffered a miscarriage could be suspected of having an abortion in some cases. While using these apps in anonymous mode may appear more secure, “data is notoriously difficult to perfectly anonymize,” Dahbura says. “Whether the data are stored on the user’s device or in the cloud, there are ways to connect that data to the user.”
Completely concealing one’s tracks in cyberspace poses enormous challenges. Digital forensics can take advantage of technology such as GPS apps, security cameras, license plate trackers, credit card transactions and bank records to reconstruct a person’s activities,” Dahbura says. “Abortion service providers are also in a world of risk for similar reasons.”
Practicing “good cyber hygiene” is essential. That’s particularly true in states where private citizens may be rewarded for reporting on women they suspect of having an abortion, such as Texas, which passed a so-called bounty hunter law last fall. To help guard against hacking, Dahbura suggests using strong passwords and two-factor authentication when possible while remaining on alert for phishing scams on email or texts.
Another option for safeguarding privacy is to avoid such apps entirely, but that choice will depend on an individual’s analysis of the risks and benefits, says Leah Fowler, research assistant professor at the University of Houston Law Center, Health Law & Policy Institute.
“These apps are popular because people find them helpful and convenient, so I hesitate to tell anyone to get rid of something they like without more concrete evidence of its nefarious uses,” she says. “I also hate the idea that asking anyone capable of becoming pregnant to opt out of all or part of the digital economy could ever be a viable solution. That’s an enormous policy failure. We have to do better than that.”
The potential universe of abortion-relevant data can include information from a variety of fitness and other biometric trackers, text and social media chat records, call details, purchase histories and medical insurance records.
Instead, Fowler recommends that concerned consumers read the terms of service and privacy policies of the apps they’re using. If some of the terms are unclear, she suggests emailing customer service with questions until the answers are satisfactory. It’s also wise for consumers to research products that meet their specific needs and find out whether other women have raised concerns about specific apps. Users interested in more privacy may want to switch to an app that stores data locally, meaning the data stays on your device, or does not use third-party tracking, so the app-maker is the only company with access to it, she says.
Period tracking apps can be useful for those on fertility journeys, making it easier to store information digitally than on paper charts. But users may want to factor in whether they live in a state with an anti-abortion stance and run the risk of legal issues due to a potential data breach, says Carmel Shachar, executive director of the Petrie-Flom Center for Health Law Policy, Biotechnology, and Bioethics at Harvard Law School.
Consumers’ risks extend beyond period tracking apps in the post-Roe v. Wade era. “Anything that creates digital breadcrumbs to your reproductive choices and conduct could raise concerns — for example, googling ‘abortion providers near me’ or texting your best friend that you are pregnant but do not want to be,” Shachar says. Women also could incriminate themselves by bringing their phones, which may record geolocation data, to the clinic with them.
The potential universe of abortion-relevant data can include information from a variety of fitness and other biometric trackers, text and social media chat records, call details, purchase histories and medical insurance records, says Rebecca Wexler, faculty co-director of the Berkeley Center for Law & Technology. “These data sources can reveal a pregnant person’s decision to seek or obtain an abortion, as well as reveal a healthcare provider’s provision of abortion services and anyone else’s provision of abortion assistance,” she says.
In some situations, people or companies could inadvertently expose themselves to risk after posting on social media with offers of places for abortion seekers to stay after traveling from states with bans. They could be liable for aiding and abetting abortion. At this point, it’s unclear whether states that ban abortion will try to prosecute residents who seek abortions in other states without bans.
Another possibility is that a woman seeking an abortion will be prosecuted based not only on her phone’s data, but also on the data that law enforcement finds on someone else’s device or a shared computer. As a result, “people in one household may find themselves at odds with each other,” says K Royal, faculty fellow at the Center for Law, Science, and Innovation at Arizona State University’s Sandra Day O'Connor College of Law. “This is a very delicate situation.”
Individuals and corporate executives should research their options before leaving a digital footprint. “Guard your privacy carefully, whether you are seeking help or you are seeking to help someone,” Royal says. While she has come across recommendations from other experts who suggest carrying a second phone that is harder to link a person’s identity for certain online activities, “it’s not practical on a general basis.”
The privacy of this health data isn’t fully protected by the law because period trackers, texting services and other apps are not healthcare providers — and as a result, there’s no prohibition on sharing the information with a third party under the Health Insurance Portability and Accountability Act of 1996, says Florencia Marotta-Wurgler, a professor who specializes in online consumer contracts and data privacy at the NYU School of Law.
“So, as long as there is valid consent, then it’s fair game unless you say that it violates the reasonable expectations of consumers,” she says. “But this is pretty unchartered territory at the moment.”
As states implement laws granting anyone the power to report suspected or known pregnancies to law enforcement, anti-choice activists are purchasing reproductive health data from companies that make period apps, says Rebecca Herold, chief executive officer of Privacy & Security Brainiacs in Des Moines, Iowa, and a member of the Emerging Trends Working Group at ISACA, an association focused on information technology governance. They could also buy data on search histories and make it available in places like Texas for “bounty hunters” to find out which women have searched for information about abortions.
Some groups are creating their own apps described as providing general medical information on subjects such as pregnancy health. But they are “ultimately intended to ‘catch’ women” — to identify those who are probably pregnant and dissuade them from having an abortion, to launch harassment campaigns against them, or to report them to law enforcement, anti-choice groups and others in states where such prenatal medical care procedures are now restricted or prohibited, Herold says.
In addition to privacy concerns, the reversal of Roe v. Wade raises censorship issues. Facebook and Instagram have started to remove or flag content, particularly as it relates to providing the abortion pill, says Michael Kleinman, director of the Silicon Valley Initiative at Amnesty International USA, a global organization that promotes human rights.
Facebook and Instagram have rules that forbid private citizens from buying, selling or giving away pharmaceuticals, including the abortion pill, according to a social media post by a communications director for Meta, which owns both platforms. In the same post, though, the Meta official noted that the company’s enforcement of this rule has been “incorrect” in some cases.
“It’s terrifying to think that arbitrary decisions by these platforms can dramatically limit the ability of people to access critical reproductive rights information,” Kleinman says. However, he adds, “as it currently stands, the platforms make unilateral decisions about what reproductive rights information they allow and what information they take down.”