The recent data breach and full board resignation at 23andMe, a genetic-testing and ancestry-tracing company, has left many customers questioning the security of their sensitive DNA data. While the company has assured customers that their information is safe, some remain apprehensive, particularly in light of CEO Anne Wojcicki’s initial consideration of a potential takeover.
Concerns Over Data Privacy
The data breach and subsequent board resignations have understandably heightened concerns among 23andMe customers. The nature of the data collected by 23andMe makes it incredibly personal and sensitive. Many users are anxious about how their DNA information might be handled, especially in the context of a potential sale of the company. This anxiety is fueled by the company’s past sharing practices, which involved de-identified data being shared with third parties for research purposes. Although the company assures that this practice remains within its current privacy policy, many customers feel uneasy about this policy given recent events.
Data Sharing for Research
23andMe boasts that their research program has generated more than 270 peer-reviewed publications on genetic insights into disease. However, many users feel uneasy about the potential for their data being utilized for research, especially if it could be linked to their identity. Even with de-identification, some experts believe that genetic data is unique enough to be potentially traceable.
Protecting Your Genetic Information
While some experts assert that user data is no more vulnerable today than it was before the recent turmoil, others advise users to review the company’s privacy policies and take steps to protect their genetic information. This can involve deleting your 23andMe account entirely.
The Risks of Data Leaks
The EFF’s director of cybersecurity, Eva Galperin, recommends that 23andMe account holders delete their accounts as a precaution. She expresses concern not about the immediate security of the data but rather the potential for its misuse in the future. This data could be used to develop targeted advertising, discriminate in insurance policies, or even worse, be leaked onto the internet.
Navigating 23andMe’s Privacy Settings
While deleting your account offers the most comprehensive protection, there are other ways to minimize the risk of data misuse. You can modify your data sharing settings, for instance, by revoking your consent to de-identified data being used for research purposes. However, it’s crucial to understand that any data already shared cannot be retracted, as it no longer contains personal identifiers.
Taking Away Points
The recent events at 23andMe have highlighted the potential dangers of sharing sensitive personal information, particularly genetic data. While existing laws do offer some protection, the threat of data misuse in the future is a genuine concern. It’s essential to consider the potential risks and take steps to protect your information, including being aware of the company’s privacy policy and utilizing their data deletion options. It’s wise to remember that once you’ve shared your data, you may not have full control over its future use.