Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
With the 23andme genetic testing company depositing for bidders of bankruptcy and courtyards of chapter 11, the DNA data of millions of users are on sale.
A Faith of Silicon Valley since 2006, 23andme has regularly amassed a basic genetic information database of people under the promise to help them understand their disposition to diseases and potentially connect with loved ones.
But the deposit of the bankruptcy of the company on Sunday means that the information should be sold, which arouses massive concern among experts and defenders in terms of confidentiality.
“People have absolutely no word to say where their data will go,” said Tazin Kahn, CEO of non -profit collective cyber, who advocates privacy and cybersecurity for marginalized people.
“How can we be so sure that the impact downstream of those who buy this data will not be catastrophic?” She said.
California prosecutor Rob Bonta warned people in a statement on Friday that their data could be sold. In the declaration, Bonta User instructions offered On how to delete genetic data from 23andme, how to ask the company to delete their test samples and how to revoke access from their data used in third -party research.
DNA data is extraordinarily sensitive.
Its main use at 23andm – mapping the potential predisposed genetic conditions of a person – are data that many people would prefer to keep deprived. In Some criminal casesGenetic test data has been assigned by police and used to help criminal surveys against those close to people.
Security experts warn that if a bad actor can access a person’s biometric data such as DNA information, there is no real remedy: unlike passwords or even addresses or social security numbers, people cannot change their DNA.
A 23andme spokesman said in a statement sent by e-mail that there would be no change in the way the company stores customers data and that it planned to follow all relevant American laws.
But Andrew Crawford, a lawyer for the non -profit center for democracy and technology, said that the genetic data acquired and held by a technological company have almost no federal regulations to start.
Not only does the United States have no significant general confidentiality law, he said, but the medical data of Americans are faced with less legal examination if he is held by a technological company rather than a health professional.
The Portability and Health Insurance Act (HIPAA), which regulates certain ways whose health data can be shared and stored in the United States, only applies only “when this data is held by your doctor, your insurance company, people associated with health care provision,” said Crawford.
“HIPAA protections are not generally attached to entities that have IoT (Internet of Objects) devices such as fitness trackers and, in many cases, genetic test societies like 23andme,” he said.
There is a precedent for the loss of control of 23andme of user data.
In 2023, a pirate had access to data from what the company admitted later was around 6.9 million peopleAlmost half of its user base at the time.
That led to Articles on a dark web pirate forumConfirmed by NBC News as at least partially authentic, which shared a database which appointed and identified people with Jewish inheritance ashkénaze. The company then declared in a press release that user data protection had remained “an absolute priority” and promised to continue to invest in the protection of its systems and its data.
Emily Tucker, executive director of the Center for Privacy and Technology of Georgetown Law, said that the sale of 23andm should be an alarm clock for the Americans on the ease with which their personal information can be purchased and sold without their contribution.
“People must understand that when they give their DNA to a company, they put their genetic privacy at the mercy of the internal data policies and practices of this company, which the company can change at any time,” said Tucker in a statement sent by email.
“This implies significant risks not only for the individual who subjects their DNA, but for all those to whom he is biologically linked,” she said.
