The Privacy Risks of Direct-to-Consumer Genetic Testing: A Case Study of 23andMe and Ancestry
Washington University Law Review, Vol. 96, 2019
2019
- 2Citations
- 2,764Usage
- 4Captures
Metric Options: CountsSelecting the 1-year or 3-year option will change the metrics count to percentiles, illustrating how an article or review compares to other articles or reviews within the selected time period in the same journal. Selecting the 1-year option compares the metrics against other articles/reviews that were also published in the same calendar year. Selecting the 3-year option compares the metrics against other articles/reviews that were also published in the same calendar year plus the two years prior.
Example: if you select the 1-year option for an article published in 2019 and a metric category shows 90%, that means that the article or review is performing better than 90% of the other articles/reviews published in that journal in 2019. If you select the 3-year option for the same article published in 2019 and the metric category shows 90%, that means that the article or review is performing better than 90% of the other articles/reviews published in that journal in 2019, 2018 and 2017.
Citation Benchmarking is provided by Scopus and SciVal and is different from the metrics context provided by PlumX Metrics.
Example: if you select the 1-year option for an article published in 2019 and a metric category shows 90%, that means that the article or review is performing better than 90% of the other articles/reviews published in that journal in 2019. If you select the 3-year option for the same article published in 2019 and the metric category shows 90%, that means that the article or review is performing better than 90% of the other articles/reviews published in that journal in 2019, 2018 and 2017.
Citation Benchmarking is provided by Scopus and SciVal and is different from the metrics context provided by PlumX Metrics.
Paper Description
Direct-to-consumer genetic testing (DTC-GT) companies have proliferated and expanded in recent years. Using biospecimens directly submitted by consumers, these companies sequence and analyze the individual’s genetic information to provide a wide range of services including information on health and ancestry without the guidance of a healthcare provider. Given the sensitive nature of genetic information, however, there are growing privacy concerns regarding DTC-GT company data practices. We conduct a rigorous analysis, both descriptive and normative, of the privacy policies and associated privacy risks and harms of the DTC-GT services of two major companies, 23andMe and Ancestry, and evaluate to what extent consumers’ genetic privacy is protected by the policies and practices of these two companies. Despite the exceptional nature of genetic information, the laws and agency regulation surrounding genetic privacy and DTC-GT services are fragmented and insufficient. In this analysis, we propose three categories of privacy harms specific to DTC-GT— knowledge harms, autonomy and trust-based harms, and data misuse harms. Then, through the normative lens of exploitation, we argue that 23andMe and Ancestry’s data practices and privacy policies provide consumers with insufficient protection against these harms. Greater efforts from both the industry and legal system are necessary to protect DTC-GT consumers’ genetic privacy as we advance through the era of genomics and precision medicine.
Bibliographic Details
Provide Feedback
Have ideas for a new metric? Would you like to see something else here?Let us know