Judy Petersen

    I would like it if someone could address issues of DNA privacy.  I have relatives who refuse to test for various reasons, all involving some aspect of privacy.  I can give them an answer as to why testing is important from a genealogical standpoint, but I can't give them good answers as to how their privacy is safeguarded.  They read lots of articles from non-genealogy sources as to how dangerous it is to have your DNA floating around "out there" and I don't know how to refute them. this a legitimate issue that is not currently being addressed sufficiently by the genealogical community?
Randy Schoenberg is the expert here.  He is a lawyer with many years of experience in genealogy.  Last summer, he gave a webinar on this topic and stated that he never heard of any breach of privacy regarding online DNA.  He is the one to answer your question.

In lieu of Randy, let me comment.  I am not expert in DNA privacy but deal with this issue all the time.  As a practical matter, most people have already decided and for whatever informed or uninformed or misinformed reasons they may have, you will not change their minds.  "Don't confuse me with the facts, my mind is made up."  Nonetheless, here is how I discuss it with them.  All websites have security and policies to protect you.  They cannot and do not give your DNA to anyone else.  The law bans insurance companies from using your DNA data.  Although my knowledge is limited, I am unaware of the major websites of ever being hacked successfully.

The next point regards the technology.  The genealogy sites do not sequence the entire genome.  Each site looks for limited portions of the genome for what it thinks is important to determining ethnicity or cousins.  (The websites look at other regions regarding medical questions.)  The only person who can see the actual DNA sequences is you and you have to download the data.  When matches are made, neither person can see the actual sequence but rather only where the match is.  Such information is useless to someone who wants misuse your DNA.

The final issue is identity theft.  Perhaps someone could tell us how knowing a small portion of your genome could then steal your identity.  If they wanted to do so, criminals can buy plenty of your information on the dark web.  And how about lawful government agencies and corporations?  Look at what they already have on us.  I have filled out credit card applications and they found where I lived and the car I drove 40 years ago.  So, tell me about privacy.

As I said before, my mind is made up, do not confuse me with the facts.  I will be glad for someone to present evidence as to why I am wrong but until then, I will not worry about the misuse of my family tree DNA.

Suggest to them that they can do it anonymously.  Instead of using their name, they can make up a name or use initials and you could be the manager of their DNA.  Nobody could possibly know who they are.

Nine years ago Yaniv Erlich, now at MyHeritage, demonstrated what could then be learned  from a combination of DNA information and public data.  As was subsequently reported:
Erlich and his team tested the idea on a man’s full genome that had been published in 2007.  They used lobSTR to determine the STR profile of the man’s Y chromosome, and then searched a consumer genealogy database called Ysearch until they had matches with a few likely surnames. Public records on one of these surnames linked it to a man fitting the geographic location and age listed in the paper: the genomics pioneer J. Craig Venter. 

Nine years on, how much easier is it to break “anonymity”?

Regarding Jeffrey's response, the approach requires the genome to be published, in part or in whole.  As I pointed out earlier, the testing sites do not do this.  When you download your data, you will find SNP's at various locations but no gene sequences.  Whether the donor's name is anonymized or not, I would still like to know how genealogical DNA can break anonymity, especially if you are not famous.

Addressing Robert's suggestion to anonymize, I recommend simply saying "Person 1".  The manager could use an alias email address like "mytree1@...."  Teasing out any identifiable hints becomes impossible.

In the UK, where I live, the 100,000 Genomes project has sequenced the full genomes of 100,000 members of the population.  Researchers are given access to those full sequences, which have been anonymized, for legitimate scientific or medical purposes.  The EU is planning to complete the sequencing of a million genomes by 2022.  An unscrupulous researcher, or anyone who hacked the data downloaded by a scrupulous researcher, could use Erlich‘s methods from 2013 (I incorrectly dated it to 2011 in my original  post) and any newer methods dreamed up in the last seven years to “de-anonymize” those sequenced individuals, using data from genetic genealogy websites.  I am not opining that this is likely to occur, but in my opinion it cannot be ruled out.

Thank you all for your responses.  They are much appreciated!  They will definitely help me frame a response to my reluctant cousins!

Referencing Randy's talk--I saw his presentation on privacy and genealogy at the last conference in Israel, so I don't know if he's updated it or not.  But my takeaway at the time was that "dead people don't have an expectation of privacy".  At the time, much of the discussion in the Q & A had to do with exposing family secrets and based on "dead people don't have an expectation of privacy" you could, but whether you should or not is another issue.  :-)  I don't recall anything specific about DNA, but at the time I wasn't as interested in the topic, so I might have missed it.

I think some of the issue for my family members was also about being denied health coverage if insurance companies got your DNA.  But I would assume that a) you would have to test with a company that provides health testing in the first place, b) that insurance companies couldn't do anything with raw data anyway and c) there's a law prohibiting insurance companies charging higher premiums based on DNA results, so it shouldn't matter.

The other issue was providing DNA to law enforcement.  But I also assume the hows and whys of that would be covered by an testing company's privacy policy, in which case it would behoove the purchaser of a kit to read the policy.

But generally, I agree with Bob.  Our privacy is so compromised already and there are so many other easier ways to gather information that could lead to identity theft, that DNA testing should not be a major worry for people in that regard.

People should keep in mind that laws, guarantees, attitudes, procedures, techniques, etc. can all change with time.  What is done now, or what can be done now, is no guide to what may be done in the future.  Even if you discount data theft, there are ways that profiles can come into the open.  Can a DNA-testing company sell its collection of data to an entity with different ideas about privacy?  What if the company is bought by someone interested in accessing its DNA files?  Can data, or even the company, be seized under a court order? 
Once you have had your DNA profiled, that cannot be undone.  What will happen to that data, and to what uses it might be put, cease to be under your control.  
I didn't notice if anyone has mentioned the Golden State Killer, whose
identity was inferred via DNA from distant cousins. The fact is that
it's too late for privacy in that regard. The DNA is out there, and
governments have DNA databases, though your DTC testing company
information is relatively safe -- until the vendor is hacked! Most of us
have been fingerprinted more than once; few of us are concerned about that.

So my first argument to anyone reluctant to test is "the FBI/CIA/NSA may
already know what your DNA says -- don't you want to know what they know?"

For relatives who are privacy obsessed, and I totally get that, I have
ordered kits in my name, entered them into the vendor's system,
repackaged and sent to the relative who can take the test and drop it,
postage-paid,  in the mailbox. The kit has a pseudonym so the relative's
identity is protected. Could a DNA sleuth figure out the likely identity
of the kit? Sure, but who's going to bother? Personally, I have no
illusions about privacy, and think it's funny when banks etc ask for
info like date of birth, hometown,  or mother's birth surname as "proof"
of identity when all that information is readily accessible online.

JoAnne Goldberg



Sorry to disagree with everyone but you might want to check this article in NYT about GED Match. .They bought out the founding company in December and then proceeded to release info of abt a million people to law enforcement without users permission.  I closed my account when I found this out.
You are absolutely right.
DNA is a wonderful way to find relatives. I have.
What do I have to hide.
I am not a murderer I am just me.

To be honest, there is no guarantee of absolute privacy with a DNA test. All you can do is add levels of anonymity to your test results. Examples: Do not use an identifiable name. Do not attach your DNA results to a tree. Do not make your ethnicity results publicly available. Beyond those simple actions there is not much you can do.

If someone shows up as a DNA relative to me, even with all the above in place, there are enough of my relatives who have taken tests for me use the "genetic distances" of the unknown person to them and me, to allow me to calculate with relative accuracy who they are.

In fact, recently second cousin took a test. They pretty much had done all of the above. Within an hour I was looking at their Facebook profile and pictures of their family. Coincidentally, their Facebook page had a post where they said they had just taken an ancestry DNA test and they posted their ethnicity results.

Probably the best approach is to share with the individual you want to take the test what you have done and discovered already through your test. Perhaps you can convince them to take a leap of faith and try to discover more about your shared family history.

