In recent months, a growing concern has emerged regarding the privacy of personal genetic information, particularly in light of 23andMe’s recent filing for Chapter 11 bankruptcy protection. Many users of this popular genetic testing service initially signed up to uncover intriguing insights about their ancestry or health. However, as consumer advocates are now urging these users to reconsider their engagement with the platform, the focus has shifted to protecting their genetic data from potential misuse. The call to action is straightforward: users should request the deletion of their accounts and any associated data to mitigate the risk of their sensitive information falling into unexpected or undesirable hands.
The San Francisco-based company, 23andMe, has faced significant challenges in establishing a sustainable business model over the years, culminating in its recent bankruptcy filing. This move not only jeopardizes its financial future but also raises concerns about the security of the genetic information belonging to approximately 15 million customers. In light of this uncertainty, the potential sale of the company could result in the highest bidder acquiring not only the business but also the vast repository of genetic data that users willingly submitted. Given the possibility of a new ownership structure, the ramifications for how user data is handled post-sale are unclear and could lead to significant changes in data management policies.
As the sale process begins, the company has assured customers that it will maintain its current practices regarding the protection and management of user data. Mark Jensen, chair of the board at 23andMe, emphasized that “data privacy will be an important consideration in any potential transaction.” Despite these assurances, experts warn that a new owner may not adhere to the same data protection ethos that consumers expect from the current management. This speculation is concerning, especially given the interest expressed by health insurance and life insurance companies in acquiring genetic information for their own purposes.
California Attorney General Rob Bonta has been vocal about these concerns and recently issued a consumer alert encouraging 23andMe’s customers to evaluate the merits of deleting their accounts. He highlighted the potential threats posed by the sale of user data to entities that may not prioritize privacy in the same way that 23andMe has claimed in its privacy policy. While the current policy guards against the sale of identifiable genetic information without explicit consent, it does indicate that such policies can be amended at any time, raising eyebrows among privacy advocates and users alike.
Moreover, other factors complicate the landscape of genetic data privacy. Although laws such as the Genetic Information Nondiscrimination Act (GINA) exist to protect individuals from discrimination based on their genetic information in the context of employment and health insurance, these protections are not comprehensive. Life insurance companies and other types of financial services are not bound by the same rules, which leaves the door open for potential misuse of genetic data in those contexts. Anya Prince, a law professor at the University of Iowa, noted that even with regulations in place, their effectiveness is under question.
Deleting data from 23andMe requires users to navigate to their account’s “Settings” section, where they can choose to permanently remove their information. Users may also wish to withdraw consent for their data to be used in third-party research, underscoring the importance of understanding how to manage personal genetic data in light of privacy concerns. Prince’s observations on the variability in corporate ethos further emphasize that users may not be able to trust that a new owner would adhere to ethical practices regarding their genetic information.
Given the current situation, it is essential for users to be proactive about their digital footprint. Reports of website glitches and increased traffic to 23andMe’s platform underline the urgency of this issue, as many customers rush to delete their accounts in response to these privacy concerns. As Bonta herself experienced difficulties while attempting to delete her data, she reminded others to persist and navigate the challenges of a busy website. The future of genetic data privacy thus hinges on the actions taken today, and it remains to be seen how these developments unfold in the ever-evolving landscape of genetic testing and personal information management.