Risking Privacy with Genetic Testing | Avast

There’s big business in genealogy. Whether it’s a family tree that goes straight up and down like a mighty oak, or stretches east and west into dozens of brambles, people want to know their genetic makeup. Family history site Ancestry.com boasts 20 million members. 23andMe has a database of over 5 million members, and MyHeritage has approximately 2.5 million. That’s more than 27.5 million people, and that’s only counting three brands out of 50+ on the market. MIT Technology Review estimates that if the current level of public interest continues, commercial genetic databases will hold the info of 100 million people by 2021.  

Because our genetic codes reveal so much, the associated risks and rewards are tremendous. Discovering our ancestry is only one revelation offered by today’s genealogy services. We can also choose to find family, learn which traits we’ve inherited, and discover if we’re predisposed to Alzheimer’s, gene mutations that can lead to cancer, diabetes, and more. In exchange for $100-$200 and some saliva, we get a more detailed picture of who we are – and open a Pandora’s box of self-discovery.

The risks arise when we look at the security these companies are using. Our genetic data is valuable to organizations including law enforcement, pharmaceutical labs, and app developers.

Law enforcement — Investigative genealogy can solve cases, such as the infamous Golden State Killer case, which went unsolved for decades until the FBI used a public genealogy database in April 2018 to find a distant relative that led to the arrest of the killer.  

Pharmaceutical labs23andMe says 80% of their customers opt in to allow their data to be used for research programs. Some of these genealogy companies have formed partnerships with drug developers, such as the deal 23andMe has with GlaxoSmithKline and the collaboration between Ancestry and Google spin-off Calico.

App developers — With your genetic data, software developers can design more personalized services within their fitness and wellness apps, tailoring their products to target biological needs.

Some may not mind if their personal info is used toward any of these applications, while others might see it as a gross violation of privacy. In all the excitement of learning about ourselves, many of us forget that these are not healthcare services but money-making businesses selling a product. After they’ve provided what we’ve requested and if we don’t want our genetic data to be used by others, it is our right to delete our data from their system. Otherwise, we risk becoming part of a data bank of genetic info. In a Forbes article on the subject, medical privacy  expert Nicole Martin warns,

If leaked, this data could cause people to be genetically discriminated against by employers, insurance companies, banks, etc…. Since there is no real established precedent for DNA data, there are many issues that could come if your data is leaked and no laws to truly protect you at the moment.

Our safety is in our own hands, so let’s get specific. According to a Consumer Reports investigation, here’s how to erase your info from the three biggest genealogy services.

23andMe

According to a 23andMe representative, customers can delete their personal information from their account settings page. Regarding the sample you send in, it is destroyed after it is analyzed unless you consent to having it stored (or “biobanked”). If you consented to have your data used for research, it cannot be removed from active or completed studies, but you can rescind your consent so your info won’t be used in future studies. Even so, 23andMe is legally required to retain the info along with a few identifying stats such as age and gender if it has been used for research.

Ancestry

You can delete your data by first signing in, then clicking Your DNA Results Summary in the DNA tab. Then click on Settings and select Delete Test Results. You can also choose to delete your entire account, which will delete your data at the same time and trigger the destruction of your biological sample. If you’d like to keep your account and data, but still have your sample destroyed, Ancestry requests that you contact their member support department.

MyHeritage

Customers can request their data and test sample be deleted by contacting the support team by phone or email. To delete the data only, customers can select the Manage DNA Kits section in their accounts and click the button to delete the data. If you’d like to withdraw consent to research that you previously gave, you can do that in the Privacy section under My DNA Preferences.

Look before you leap

If you’re interested in taking a deep dive into your genetic makeup, read up on the company you’re choosing. Make sure you’re comfortable with their policies and security procedures. Here are the privacy policies of the big three:

23andMe Privacy Policy

Ancestry Privacy Policy

MyHeritage Privacy Policy

Your safety and privacy are in your own hands. You can weigh the pros and cons of having your genetic data active with one of the testing labs above: You can keep getting updates on your genetic profile for new discoveries, or you can decide that you know enough and would like to return to privacy when it comes to your genetic data. The choice is up to you.



*** This is a Security Bloggers Network syndicated blog from Blog | Avast EN authored by Avast Blog. Read the original post at: https://blog.avast.com/risking-privacy-with-genetic-tests