Why DNA Tests Might be a Terrible Idea
Our Tech Column was made possible by the fine folks at Mozilla Firefox. The nonprofit Mozilla Foundation believes the Internet must always remain a global public resource that is open and accessible to all. And that’s why we love Firefox as our browser, and you should too.
GUEST POST BY DAVID RUIZ
We just took a DNA test, turns out it’s 100 percent not worth it.
DNA tests—like those offered by companies 23andMe, Ancestry, and FamilyTreeDNA—come with a simple promise. In exchange for cash and some spit in a tube, you can learn your deepest, most ancestral secrets.
Was your mother telling the truth last Thanksgivings when she said, for the first time ever, that you’re one-sixteenth French? Can you prove that you have a long-lost cousin that no one wants to talk about at the dinner table? Will you stumble into years of emotional trauma when you learn that?
If digging up the tangled roots of your family tree doesn’t sound fun, don’t forget, DNA tests can also offer detailed health information about your genetic propensity to certain diseases. Are you worried about breast cancer? No? Maybe you should be!
But for reals, we understand the appeal of these products. Learning about where we came from, who we are, and who we could be connected to—like, really connected to, and not just on Instagram—is both comforting and exciting; an Antiques Roadshow in which we are the signed, first edition “Moby Dick,” the passed-down railroad tycoon’s pocket watch, the stolen Navajo Ute blanket.
Not only that, but DNA testing has legitimately helped a lot of folks. It helped a kidnapped womanand it helped finally provide closure to several families .
But for most people, the value of DNA testing nosedives as soon as their sensitive data gets logged. For starters, sometimes the results don’t match up. Second, the privacy policies of these companies often allow for blatant sale for outside access. And even when companies try to push back against brazen external searches, they can still be steamrolled by government orders.
This month, a Florida police officer said he’d obtained a warrant to. With the warrant signed off by a judge, the officer had gained the ability to look at 1.3 million users’ profiles, sometimes explicitly going against those users’ wishes.
Look, we get it. Search warrants are a necessary component to police investigations, but since the literal inception of our country, warrants were meant to be specific and non-generalized. There is simply no valid argument that should allow dragnet-level access to a company’s 1.3 million users. To put those numbers into perspective, imagine a cop getting a search warrant for the DNA information of literally every single San Francisco and Oakland resident.
That is wrong.
Somehow, it gets worse. The search warrant applies to the only DNA testing company that actually gives a shit about user privacy in the face of law enforcement investigations. Earlier this year, GEDmatch changed its policies to require law enforcement agents to identify themselves when searching the company’s database. The company also changed its policies so that law enforcement agents could only look at the profiles of users who had explicitly consented to having their information viewable in those types of searches.
When the warrant was announced, The New York Times reported that, with the potential, court-approved searches representing an invasion of privacy for more than 1.1 million users.
Turning away from law enforcement, DNA testing companies suffer the same vulnerabilities as every massive, data-amassing company today—they look attractive to hackers. Just last week, the DNA testing company, but not DNA test results or health records.
If at this point, you’re still not concerned with your data privacy, other problems remain.
For instance, because many DNA testing companies allow their users to share their DNA data for research purposes, there could come a day when a company, relying in part on your data, helps develop a life-saving drug for a rare disease. That’s good! But let’s be real about today’s pharmaceutical industry: There’s a high probability that the company would offer the drug for thousands of dollars a pop, even jacking up the price whenever it feels like. That’s bad.
Further, the companies themselves have already admitted to selling access to user profiles. Starting in 2015, 23andMe announced that it had successfully sold access to its data to 13 drug companies, one of which was Genentech, which paid $10 million to peer into the data of users with Parkinson’s disease.
When you think about it, this setup sounds an awful lot like Facebook—hand your sensitive data over to a company only to watch it get monetized. That said, results remain inconclusive as to whether DNA testing companies will be as successful as Facebook in destabilizing democracy and neglecting human rights abuses—the two most coveted squares in our nation’s never-ending game of “Mark Zuckerberg Sociopath Bingo.”
Finally, there’s the issue of accuracy—you know, the reason you’re buying these testing kits to begin with.
Over the years, several reporters and researchers have sent their DNA to different testing companies,. That might not be a huge issue if all you care about is learning some of the basics of your ethnicity, but it becomes a much scarier issue when you are getting conflicting information on your health, like the 32-year-old who received two test results that .
With all the downsides—differing results, conflicting information, sold access, and disregarded privacy wishes—what’s not to love?
This holiday season, save your money (and your spit).