DNA Testing Companies Offering Genetic Testing Pledged to Follow Voluntary Guidelines #dna


Jan Meisels Allen
 

In light of the recent familial DNA testing by the public DNA site GEDMatch,
private genetic testing companies pledged on July 31 to follow voluntary
"Privacy Best Practices for Consumer Genetic Testing Services". The
companies pledged to obtain consent >from users before sharing
"individual-level information", including personal information, and genetic
data with other businesses. The concern over privacy of the DNA data,
which resulted in the "Best Practices" pledge stems >from law enforcement
being helped by using the familial DNA matching to find the suspected Golden
State Killer (he has not yet been convicted so I am saying suspected) which
did not require a court-ordered warrant and other potential cold case
criminals.

Issues addressed in the Best Practices are transparency, consent, use and
onward transfer, access, integrity, retention and deletion, accountability,
security, privacy by Design and consumer Education. Ancestry and 23andMe
have committed to "attempt to notify" their customers about law enforcement
requests whenever they can (other companies may also have made a similar
pledge but they were not mentioned in the article.) In 2017, Ancestry
received 34 valid law enforcement requests -related to credit card or
identity theft and provided data on 31 cases. The Washington Post reports
that 23and Me received five requests during the company's entire history but
did not turn over user data on any of them.

The companies will also provide an annual report that will relate the number
of requests received >from the police similar to what social media companies
report.

The companies which released the guide include: 23andMe,Ancestry, Habit,
African Ancestry, FamilyTree DNA, Helix and MyHeritage*. The Future of
Privacy Forum, a Washington DC-based non-profit helped the companies draft
the new privacy guidelines. To read the guide see:
https://fpf.org/wp-content/uploads/2018/07/Privacy-Best-Practices-for-Consumer-Genetic-Testing-Services-FINAL.pdf

* More companies may have pledged to adopt the approach but I was not able
to find one complete list.

To read more about this see:
https://www.washingtonpost.com/technology/2018/07/31/ancestry-andme-others-say-they-will-follow-these-rules-when-giving-dna-data-businesses-or-police/?utm_term=.19218f1c9352

Jan Meisels Allen
Chairperson, IAJGS Public Records Access Monitoring Committee

Join main@groups.jewishgen.org to automatically receive all group messages.