The Reconstruction Agenda

The 23andMe bankruptcy demonstrated the central failure of existing genetic data governance: the genome can be sold. Fifteen million genetic profiles, representing the most intimate and immutable data category in existence, became a line item in a commercial transaction. The existing legal frameworks -- GINA's prohibition of genetic discrimination in employment and health insurance, HIPAA's protections for medical records, state-level consumer privacy laws -- all failed at the same point: they regulate how genetic data is used but not whether it can be transferred as a commercial asset. The Don't Sell My DNA Act, introduced in Congress following the bankruptcy, represents the beginning of a legislative response, but the structural problem extends beyond any single legislative fix.

Genetic data sovereignty requires treating the genome as a categorically different kind of information. It is not a preference, a behavior, or a transaction record. It is the biological code of the person -- immutable, heritable, and uniquely identifying. It reveals predispositions to disease, familial relationships, ancestral origins, and biological characteristics that the person cannot change. It is, in a precise sense, more personal than any other category of personal data, because it is the data from which the person is constructed. The principle that such data can be collected by a commercial entity, stored on commercial servers, licensed to pharmaceutical companies, and sold in a bankruptcy proceeding represents a fundamental category error: the treatment of biological identity as a commercial commodity.

The indigenous data sovereignty movement provides the most developed operational model for an alternative. The OCAP principles (Ownership, Control, Access, Possession), developed by the First Nations Information Governance Centre in Canada, specify that indigenous communities own their collective data, control how it is collected and used, determine who has access to it, and maintain physical possession of it. The CARE principles (Collective Benefit, Authority to Control, Responsibility, Ethics), developed by the Global Indigenous Data Alliance, extend these principles to the international context. The Native BioData Consortium in the United States operationalizes these principles for genetic data specifically, maintaining a biorepository governed by indigenous communities rather than commercial entities.

A genetic data sovereignty framework, adapted from indigenous models to the general population, would require: (1) legal classification of genetic data as inalienable personal property, incapable of sale, transfer, or seizure in any legal proceeding; (2) a right to genetic data deletion, requiring commercial entities to permanently destroy genetic data upon request; (3) fiduciary duties imposed on any entity that holds genetic data, analogous to the duties of a trustee holding assets for the benefit of another; (4) criminal penalties for unauthorized transfer of genetic data, recognizing that the harm is comparable to identity theft; and (5) public genomic research infrastructure that provides the scientific benefits of genetic research without the commercial incentives that drive data commodification. These are not unprecedented legal categories. Trust law, fiduciary duty, inalienable property rights, and criminal penalties for unauthorized data access all exist in current legal frameworks. What does not exist is their application to genetic data specifically.

The AI acceleration problem documented in IS-004 requires regulatory responses at three levels: disclosure, design, and distribution. Disclosure requirements mandate that AI-generated or AI-modified imagery be labeled as such. France's requirement that digitally altered images of people be labeled "images retouchees" and AI-generated images be labeled "images virtuelles" represents the most developed existing disclosure framework. The EU's Code of Practice on marking and labeling AI-generated content extends this approach to the broader category of synthetic media. Norway's Marketing Control Act, amended in 2022, requires that advertisements using retouched images of bodies be labeled, with the specific requirement applying to changes in body shape, size, or skin. These disclosure frameworks establish the principle that viewers have a right to know when the image they are viewing has been algorithmically modified.

Disclosure alone is insufficient. The psychological research on beauty filters demonstrates that users continue to experience negative body image effects even when they are aware that the filter is modifying their appearance. The knowledge that the enhanced image is synthetic does not prevent the comparison process that produces body dissatisfaction. A second regulatory layer -- design regulation -- would address the mechanisms of the filters themselves. This could include: mandatory maximum modification thresholds (limiting the degree to which a filter can alter facial proportions or skin characteristics), prohibition of beauty filters for users below a specified age, required "original/filtered" toggle features that periodically show the unmodified image, and algorithmic impact assessments (analogous to environmental impact assessments) that evaluate the psychological effects of new filter designs before deployment.

The third regulatory layer -- distribution regulation -- addresses the platforms that deploy beauty filters and AI-generated imagery. The EU AI Act, which entered into force in 2024, classifies biometric categorization systems that infer protected characteristics as prohibited and requires transparency for AI systems that generate or manipulate content. However, the Act explicitly exempts augmented reality features that adjust filters based on facial structure or skin tone -- precisely the beauty filter mechanisms that produce the documented psychological harms. A complete regulatory framework would close this exemption, recognizing that beauty filters are not neutral augmented reality features but psychologically consequential systems that alter the user's relationship to their own biological appearance.

The synthetic influencer economy requires a distinct regulatory response. When a computationally generated entity with millions of followers sets appearance standards that no biological human can achieve, the regulatory question is whether this constitutes a form of consumer deception. Current advertising disclosure requirements in most jurisdictions require that sponsored content be labeled, but they do not require that the entity presenting the content be identified as synthetic. A comprehensive framework would require: mandatory disclosure of synthetic identity on all platforms, prohibition of synthetic influencers marketing appearance-related products (cosmetics, cosmetic surgery, fitness) without explicit disclosure, and platform liability for algorithmic amplification of synthetic content that produces documented psychological harms.

The commodification of biological duration -- lifespan itself becoming a market outcome correlated with purchasing power -- represents one of the most consequential dimensions of the biological capture documented in this series. The longevity industry, encompassing anti-aging medicine, regenerative therapies, senolytics, gene therapies, and life-extension research, is projected to reach $44 billion by 2030. The question is not whether these interventions will be developed. It is whether they will be distributed equitably or according to the same market logic that currently stratifies access to healthcare.

The WHO's framework on health equity provides the normative starting point. The WHO Constitution (1946) states that "the enjoyment of the highest attainable standard of health is one of the fundamental rights of every human being without distinction of race, religion, political belief, economic or social condition." The Commission on Social Determinants of Health, convened by the WHO in 2005 and reporting in 2008, documented that health inequities are driven by "the conditions in which people are born, grow, live, work and age" -- conditions shaped by the "distribution of money, power and resources at global, national and local levels." Longevity interventions that are available only to those who can afford them do not merely perpetuate existing health inequity. They amplify it, converting temporary disparities in health access into potentially permanent disparities in lifespan.

A longevity access framework would need to address three structural dimensions. First, research governance: publicly funded longevity research should be required to produce public goods -- open-access publications, freely licensed interventions, and equitable access conditions -- rather than private intellectual property controlled by commercial entities. The Bayh-Dole Act model, which allows universities to patent federally funded discoveries and license them to private companies, has been the dominant framework for biomedical research commercialization since 1980. An alternative model -- requiring that federally funded longevity research produce interventions that are accessible at cost or through public health systems -- would redirect the scientific investment toward equitable outcomes.

Second, access architecture: longevity interventions that demonstrate efficacy through rigorous clinical trials should be integrated into universal healthcare frameworks rather than available only through private purchase. The precedent exists: the Affordable Care Act required that preventive services with strong evidence be covered without cost-sharing. Extending this principle to validated longevity interventions -- not speculative anti-aging products but rigorously tested therapies with demonstrated efficacy -- would prevent biological duration from becoming a commodity available only to those who can pay. Third, anti-stratification safeguards: regulatory frameworks should prohibit pricing structures that create de facto longevity stratification by income, and should require that longevity interventions approved for clinical use be made available through public health systems within a specified timeframe, analogous to the compulsory licensing provisions in pharmaceutical patent law that allow governments to override patents in public health emergencies.

The concept of the commons -- resources that belong to a community collectively rather than to individuals or corporations privately -- has a long legal and intellectual history. The commons of medieval English law referred to shared land on which all members of a community could graze livestock. Garrett Hardin's influential 1968 essay "The Tragedy of the Commons" argued that commons resources are inevitably degraded by self-interested users. Elinor Ostrom's response -- for which she received the Nobel Prize in Economics in 2009 -- demonstrated that communities have historically governed commons resources successfully through institutional arrangements that are neither private property nor state control. Ostrom's design principles for sustainable commons governance -- clearly defined boundaries, proportional costs and benefits, collective choice arrangements, monitoring, graduated sanctions, conflict resolution mechanisms, and recognition of the right to organize -- provide the institutional template for biological commons protection.

The biological commons is the proposal that certain categories of biological information and biological function be governed as commons resources rather than as private property or commercial assets. The human genome -- the shared biological code of the species, 99.9 percent identical across all humans -- is the clearest candidate. Individual genetic variations are personal data that belong to the individual. The human genome itself -- the shared code, the reference sequence, the fundamental biological architecture of the species -- is a commons resource. Treating it as such would mean that no entity can claim exclusive ownership of genomic data, that genomic research must produce public goods, and that the benefits of genomic knowledge must be distributed equitably.

Biometric data presents a similar case. A person's fingerprint, facial geometry, iris pattern, and voiceprint are biological identifiers that are inherent, immutable, and uniquely identifying. They are currently treated as information that can be collected, stored, and processed by commercial entities with varying degrees of consent. A biological commons framework would recognize biometric data as an extension of bodily sovereignty -- information so intimately connected to the body that its collection and use must be governed by the same principles that govern the body itself. The EU's prohibition of certain biometric categorization systems under the AI Act represents a step toward this recognition, but the framework remains incomplete.

Digital identity protection is the third domain of the biological commons. As deepfake technology enables the appropriation of a person's appearance for purposes they did not consent to, the question of who owns a person's biological likeness becomes urgent. Current legal frameworks address this through publicity rights (the right to control commercial use of one's name and likeness) and defamation law (the right to challenge false representations). Neither framework adequately addresses the deepfake problem, in which a person's appearance is not merely used commercially or misrepresented but is literally generated as a synthetic asset that can be deployed in any context. A biological commons framework would establish that a person's biological likeness -- face, body, voice -- is an inalienable aspect of their identity that cannot be replicated, generated, or deployed without explicit consent, regardless of the technological means used.

The reconstruction agenda specified in this paper is not a utopian proposal. Each element has existing institutional precedent, proposed or enacted legislation, and operational models that demonstrate feasibility. Genetic data sovereignty builds on the OCAP and CARE frameworks already governing indigenous data. Algorithmic beauty standard regulation builds on France's labeling requirements, Norway's advertising regulations, and the EU AI Act already in force. Longevity access frameworks build on WHO health equity principles and the universal healthcare systems that already operate in the majority of developed nations. Biological commons protection builds on Ostrom's institutional design principles, which have governed physical commons resources successfully for centuries.

What does not exist is the integration. Each element is being pursued independently, by different institutions, in different jurisdictions, on different timelines. The genetic privacy advocates are not coordinating with the beauty filter researchers. The longevity access ethicists are not coordinating with the digital identity protection legislators. The indigenous data sovereignty movement is not coordinated with the EU regulatory framework. The biological capture mechanisms, by contrast, are integrated. The same platforms that extract genetic data also deploy beauty filters. The same commercial logic that commodifies longevity also commodifies appearance. The same AI systems that generate synthetic faces also process biometric data. The capture is systemic. The response is fragmented.

The reconstruction standard, drawing on the historical record documented in IS-003, identifies what integration would require. The historical protection architectures -- kashrut, halal, Ayurveda, Buddhist dietary codes, Sabbath, fasting, indigenous food sovereignty -- succeeded precisely because they were integrated systems. They did not address diet independently of rest, or rest independently of community, or community independently of meaning. They wove biological protection into the fabric of identity, communal practice, and cosmological understanding. The contemporary reconstruction does not need to replicate the specific content of these traditions. But it does need to replicate their structural feature: integration of biological protection across multiple domains, embedded in institutional frameworks that are resistant to commercial capture because they are grounded in something other than commercial logic.

The Identity Substrate series has documented what biological sovereignty requires: recognition of the resource conversion (IS-001), completion of the legal and ethical framework (IS-002), recovery of the historical protection architectures (IS-003), response to the AI acceleration (IS-004), and specification of the institutional reconstruction agenda (IS-005). The biological commons is the positive vision: a framework in which the human genome, biometric identity, biological appearance, and biological duration are governed as aspects of the person rather than assets of the market. The reconstruction is not complete. But its specification is. The question is no longer what biological sovereignty requires. The question is whether the institutions responsible for protecting it will build what the specification demands.