At-Home DNA Test Kits Raise Security Questions

At-Home DNA Test Kits Raise Security Questions

Despite the answers a bit of saliva can provide, some are critical of the at-home test services, questioning the level of security they provide for your most sensitive information.

Home DNA test kits such as AncestryDNA or 23andMe are some of the most popular gifts this season, allowing you to send a DNA sample off to be analyzed for information on your ethnic background and genetic health conditions. Despite the answers a bit of saliva can provide, some are critical of the at-home test services, questioning the level of security they provide for your most sensitive information.

In November, Senator Chuck Schumer expressed concern about the at-home testing kits, saying many of their terms-of-service agreements weren’t clear on what the company could do with your genetic information.

"There are no prohibitions, and many companies say that they can still sell your information to other companies," Schumer said. He called for the Federal Trade Commission to “take a serious look at this relatively new kind of service and ensure that these companies can have clear, fair privacy policies”.

The privacy policies of these companies do vary, but typically require customer consent to share personally identifiable data. However, they often allow the sale or sharing of DNA information that has been anonymized as well as aggregate DNA information. There are potential benefits to this information sharing, but a lack of clear security safeguards means dangers loom.

"It all leads to good places for a patient if it's used appropriately, but when there's opportunity for misuse or for monetary gain, criminals are very fast on the uptake," said Peter Pitts, president of the Center for Medicine in the Public Interest.

While companies may anonymize DNA, it’s difficult to truly separate genetic information from identity, as DNA is basically the most personal identifying information anyone has. A 2013 study in the journal Science using two public genealogy databases found that researchers could correctly find people’s surnames from their genetic data alone between 12 and 18 percent of the time.

If DNA information and the genetic databases they’re held in aren’t properly secured and protected, the consequences of leaked data could be serious.

“It’s really inevitable that these databases will be breached” by hackers, said Michelle De Mooy, director of the privacy and data project at the Center for Democracy & Technology. “This is just tempting, tempting data for the government, too,” De Mooy said.

The Genetic Information Nondiscrimination Act of 2008 (GINA) aims to prevent insurance companies from denying coverage to healthy people based on predispositions their DNA may reveal and to prevent employers from using genetic information to make hiring, firing or promotion decisions. However, GINA has loopholes, and House Bill 1313, recently introduced in the U.S. House of Representatives, would reverse some of GINA’s workplace protections by allowing workplace wellness programs to restrict rewards to employees who did not provide genetic data.

Pitts said that the popularity and presence of genetic information means that the law needs to start paying attention.

"It simply means thoughtful regulation and thoughtful consumer education," he said.

About the Author

Jessica Davis is the Associate Content Editor for 1105 Media.

Featured

  • Survey: 54% of Organizations Cite Technical Debt as Top Hurdle to Identity System Modernization

    Modernizing identity systems is proving difficult for organizations due to two key challenges: decades of accumulated Identity and Access Management (IAM) technical debt and the complexity of managing access across multiple identity providers (IDPs). These findings come from the new Strata Identity-commissioned report, State of Multi-Cloud Identity: Insights and Trends for 2025. The report, based on survey data from the Cloud Security Alliance (CSA), highlights trends and challenges in securing cloud environments. The CSA is the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment. Read Now

  • Study: Nearly Half of Companies Exclude Cybersecurity Teams When Developing, Onboarding and Implementing AI Solutions

    Only 35 percent of cybersecurity professionals or teams are involved in the development of policy governing the use of AI technology in their enterprise, and nearly half (45 percent) report no involvement in the development, onboarding, or implementation of AI solutions, according to the recently released 2024 State of Cybersecurity survey report from ISACA, a global professional association advancing trust in technology. Read Now

  • New Report Series Highlights E-Commerce Threats, Fraud Against Retailers

    Trustwave, a cybersecurity and managed security services provider, recently released a series of reports detailing the threats facing the retail sector, marking the second year of its ongoing research into these critical security issues. Read Now

  • Stay Secure in 2024: Updated Cybersecurity Tips for the Office and at Home

    Cyber criminals get more inventive every year. Cybersecurity threats continue to evolve and are a moving target for business owners in 2024. Companies large and small need to employ cybersecurity best practices throughout their organization. That includes security integrators, manufacturers, and end users. Read Now

Featured Cybersecurity

Webinars

New Products

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation. 3

  • Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

    Connect ONE®

    Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation. 3

  • Mobile Safe Shield

    Mobile Safe Shield

    SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame. 3