KnowYourDNA is reader-supported. This means we may receive a commission when you buy something from one of the links on this page.
Should you be concerned about the sale of your DNA by testing companies? Maybe.
Genetic testing to learn more about one’s ethnic heritage and health concerns has soared in popularity over the last few years. People submit their DNA samples using home DNA tests to a company that evaluates the sample and provides a variety of results. People use personal information to track relatives, learn where their ancestors lived, and assess what genetic health concerns were passed to them by their parents.
But could anyone negatively use your genetic data? Do DNA testing companies sell your data and is it a concern if they do?
Millions of Americans have submitted their DNA to testing companies. The vast majority of those submitting their samples opt-in to an informed consent clause when doing so, which means you agree to the release of their DNA and the use of their DNA for a variety of reasons. This ranges from scientific research to assisting law enforcement with solving crimes.
On its surface, it might seem as if you don’t need to be concerned. As long as you aren’t a criminal and you don’t believe conspiracy theories, there’s no reason to worry.
But this might not be the case.
Law enforcement can obtain your DNA or the DNA of any of your family members from testing sites with a search warrant. This is how law enforcement identified the Golden State Killer. But just because you aren’t an infamous murderer doesn’t mean you don’t need to be concerned. Your privacy could be at risk and no matter who you are, you should be aware of the risks of submitting your DNA to a testing company.
Another concern related to DNA testing companies selling your DNA affects far more people than the other issues. Could a DNA company sell your data to an insurance company? And if they do, is the insurance company allowed to use any of the information against you or allow it to affect your rates?
At-home DNA testing is relatively new and laws are still evolving to govern the use of DNA. The law is behind the technology, so companies are working on their own to create best practices. The Future of Privacy forum developed an independent think tank focused on creating public policy for leaders in the DNA research industry. The forum also encourages transparency and clear communication with consumers.
A lot of people are curious if you own your own data when it comes to DNA. You do, even if you submit it to a DNA testing company, but that doesn’t mean you have complete control over it once you’ve submitted it. This is why it’s so important to delete your data after you’ve downloaded it.
Despite claims that your data is protected, the bottom line is there’s only so much a DNA testing company can do to protect your information.
Many of the most popular DNA testing companies are working together to create a standard security policy to protect customer data. They store genetic data in physically separate computing environments. They encrypt data while it’s in transit and when it’s at rest. Personal data is assigned randomized customer ID numbers and genetic information is only identifiable via a barcode. Many of these tools mean that even if data is stolen, there isn’t much that criminals can do to interpret or use it in any way.
However, if the data is sold and the buyer is given the tools to make sense of it, that’s another issue.
Nonetheless, companies are doing what they can to protect your data. Security controls are in place and regularly audited to ensure the highest level of protection. And access is restricted to authorized personnel only.
If you’re someone who wants to submit your sample to a DNA testing company or you’ve already done so and you aren’t concerned about privacy, it might be time to take another look at the situation. Too many people assume everything will be fine and they don’t dig deeper into the risks of sharing personal information with companies.
Nobody should automatically check the box when submitting their DNA information or test kits. You should never release the company to do as they please with the data. Before sending off your sample, consider what’s important to you regarding privacy and understand that just because something isn’t a risk right now doesn’t mean it won’t be a few years from now. There’s no way to fully understand the long-term consequences of someone stealing your genetic code.
Most companies make the majority of their money from selling your genetic information to other DNA testing companies. The goal is to expand their databases so they can provide the most accurate results possible. About half of the companies selling ancestry information are selling to more than just one company.
This is one of the reasons why, if you submit your information to one company and choose to delete your raw data after you’ve downloaded the results, you should check other companies to see if you can find your results. It’s not always necessary and your data might not be identifiable, but it’s important to check just in case.
Martin, Nicole. “How DNA Companies Like Ancestry And 23andMe Are Using Your Genetic Data.” Forbes, www.forbes.com/sites/nicolemartin1/2018/12/05/how-dna-companies-like-ancestry-and-23andme-are-using-your-genetic-data/#5cd0f5d06189