667
Bankrupt 23andMe Just Sold Off All Your DNA Data
(futurism.com)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 20 May 2025
667 points (99.0% liked)
Privacy
37953 readers
811 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
Hindsight is 20/20. ITT lots of folks proud of themselves for not falling into this trap, but try to understand, 23andme was named "invention of the year" by Time in 2008. That's ~~before~~ [edit: around the time] google and facebook had begun monetizing private data. Data privacy, or even the power of data itself, was hardly appreciated by private companies let alone in the public consciousness.
Orphans, people with absent parents, decedents of slaves, the list goes on for folks who would understandably go for an affordable way to access their genetic history. Sure, there were plenty of folks since then who had all the information and still went for it, but what about all those who became aware of it too late and when they requested their data be deleted were told it would be kept for 3 years!
I'm saddened to see more victim blaming here than anger at the ToS/privacy policy fuckery and a complete lack of consumer protection.
Don't give me that 'hindsight is 20/20', it was the first thought I had when I heard about this.
'How are they going to monetize this?'
Either they sell your data, or they go under and... sell your data.
There was no other option from the inception.
None of this is new, and private companies gobbling up any data they can hasn't been new since at least 2005.
I'm glad you had the foresight to keep yourself safe, but unfortunately not everybody is as observant or skilled in critical thinking as you are. We all started from ignorance, and no matter how well-learned a person is, they can't possibly know everything. The least we can do is remind ourselves that we're imperfect too, and have some compassion for those that are just discovering things that we have already learned.
The tests weren't free.
So what are they going to do after?
You won't get tested twice, they still need to pay for existing. After they test everyone, how are they going to keep it up?
Unless they take more money from you, they will sell your data to someone else.
Insurance companies? Advertisers? Those things provide value for bad actors more than for you.
I only want to disagree about Facebook not monetizing private data in 2008.
My wife was in politics/campaign management. They were already selling fairly sophisticated targeted ads by then.
I was shocked/terrified by how well they were targeting and it wasn't even close to what they have today.
FUCK CORPORATIONS.
You're right. My mistake. I was going off memory and 2009 came to mind, but now that you mention it I do remember hearing about tech for the 2008 election- but I heard that years later, after cambridge analytica. All's to say, it was emerging around that time and it wasn't a big, public announcement. People around the epicenter knew but most were in the dark. I know i was, till the mid 2010's. Since then I have 0 trust in big tech/most corporations, but I've definitely made my share of mistakes and wish there were more protections/public education.
It shouldn't take hindsight to read the fine print in your 23andme contract. They straight up told folks, that taking their test meant signing over ownership of your DNA samples to them, for whatever future purpose they had in mind.
Anyone who didn't clue in to the fact that meant they were paying that company to own the rights to their DNA, is an idiot.
If i would look for my parents or a lost sibling or whatever, i wouldn't care, take my data i guess. But everyone knows that almost everyone who took that test did it for attention and because it was the cool thing influencers did.
Hardly. It stated that you could request to have the sample destroyed and your data removed. it's also been revised multiple times. You read the contract, no?
You read the privacy policy & ToS fine print of every product, service, software you use? And every revision. Even when it's not broadcasted? The contract / "informed consent" model is totally broken. You really want to build your stance on these issue around the claim it's a reasonable system anyone can and should have to navigate?
Man, when I read the terms of service, it seemed pretty clear who owned your sample...and it wasn't me. That's the biggest reason I have never used one of these services. It seemed like an outright scam. I can't speak to any changes made over the years, but at the time I looked into it, it was a hard nope for me. I have no idea why anyone would voluntarily give their DNA to a company like that, without a full guarantees it wouldn't be used exclusively for their own profit.
If you read terms of service and think anything is clear then you have a gift that not many possess. I hope you can appreciate that. Sure, there are a lot of folks who should know better, but there's also a lot who are bad at navigating these things. It's by design. I think it benefits us to be sympathetic and welcoming, and to direct our anger at companies and laws. We need the privacy mindset to spread and fast. I think I understand where you're coming from though. It's so frustrating to care about privacy more than most people.
I didn't get the choice when my easily fooled parents decided it was a good idea.
We tried the 'delete your 23 and me data' but who the fuck knows if that works.
Now some corpos own my DNA probably.
Thanks mom.
Wasn’t 23 and me already a corpo that owned it though
People are too trusting
Degrading minds are very trustful. It's why telemarketers target retirement homes.
This is probably the worst thing that will ever happen to you in your life
Nah man I was born over 3 decades ago
Which "once in a lifetime" market crash is your favorite so far?
You're probably affected by this even if you didn't participate.
The thing about genetics is you can make reasonable predictions about individuals if you have data on their relatives. Heck, you can reasonably make regional predictions with genetic data that will be fairly accurate.
If any of your parents, grandparents, aunts, uncles, cousins, siblings, etc took this test, then you are now at least a little exposed.
By 2008 we were well into the "you should know better than give up personal data" era. That is no excuse. People are just stupid and don't care.
There were all sorts of publications telling people to protect their personal information, online and in the meat world by 2001, let alone 2008.
I don't want to victim blame, but going right into this with all the warnings seems pretty stupid to me.
Now what does suck, and horribly so, is that there should be nothing of value gained from that data: there should be laws against nearly everything they could use for corporate advantage, exploitation, identity, etc. With severe consequences.
That is the failure.
They used to tell us never tell anyone your name on the internet. This was in the 90s.
Well, yes, the sad reality is that very many people are rather stupid. This won't change and we should treat it as a fact - people are always going to fall for schemes. I think the fact that they're stupid doesn't mean they deserve to be exploited, though. This is a failure of laws and regulations.
Agreed. And basically that is exactly what I said.
https://content.time.com/time/specials/packages/article/0,28804,2019712_2019694_2019588,00.html
Yes, I know. As I mentioned in another reply, I was mentioning it only to give a sense of timeline and hype. Not a justification. Nice gotcha, but misses the broader points.
perfect, I am now openly pro Trump, Zuckerberg and also Putin, all of whom have been named Time Person of the year from 2007 onwards. This is because I don't even bother to understand what Time nominates, but also entirely willing to base very important political or life decisions around this. If you call this out as being incredibly fucking stupid you are victim blaming me. Just because I do not have ever read the magazines nominations of awards that I base my being around does not mean you can attack me for this.
This is slightly more sympathetic but also 23andme would help you zilch in this scenario because this is not what they do. But I do understand how coming from a vulnerable emotionial position might lead you there.
Having said beforementioned, there is 0 consumer protection that would prevent this scenario. This bullshit has to rank among the largest DNA Databse in the world, and, as such, would be the target and has probably been leaked to every major and minor intelligence service in the world since years, even before they just openly sold it off to god knows who. The crux of data security is that while it is a society wide issue, it is also a personal issue. You can't outregulate some idiot just handing over all their data for funsies or SECURITY to whatever entity, to point out the big ones. This holds true regardless of socioeconomic system in place, because the entire point is that it is your data, not anybody elses.
Also, and I do agree I am malding over this, I want to point out that people have been warning about 23andme for a decade for obvious reasons and largely got ignored as being doomer nerds
I take your point and I don't disagree about personal responsibility or that there are a lot of people who ignored all the warnings. And it's all the more frustrating to be ignored, or labeled as paranoid, by those same people. I was mostly reacting to the pervading unsympathetic response I was seeing.
A lot of people in the privacy community are seeing this as an established professional or someone with the experience/insight/know-how, and from that vantage point it seems so obvious. But it's a journey. I can think of a few moments that woke me up to privacy and it's importance. Most of those were just tinkering on personal projects. There's no general education on this stuff and I really don't think many folks have had the fortune to encounter this info in a way that they grasp, but maybe I'm kidding myself - i'll leave room for that. I mentioned Time for a sense of the timeline and sentiment, not as a meaningful endorsement. I know I was ignorant about most of this stuff as late as 2014 and I still have so many gaps.
Maybe this 23andme BS is an experience that turns many more towards privacy, in which case i hope they're met with a welcoming message like, "that sucks, this is why we have to educate and protect ourselves" instead of an alienating "no shit, idiot."
If this is considered a problem of individual personnal responsibility then I will trigger stateccollapse because we don't need it if it can't send goon to those duckers and stop the transfer then we don't need those ducking statist vampire to go on living for one more microsecond
fucking go for it, king.
The entire concept of data privacy is antithetical to the modern nation state. Motherfucker you live in the hole. You are in the oubliette. What fucking governmeant bureau, under trump, do you see taking up the fight here, much less winning? You can't unleak data. That shit's out there, forever - and, again, probably has been for years considering what a goldmine the DNA databse of the USA is.
Lobby your state all your want, IT-Security and Data Protection starts at you. All the encryption in the world doesn't save you from being spear-phished. You can encode this in law, but unless anybody starts executing legal entities and building the great firewall á la china, that shit's out there in a real "can't unlick that asshole" situation. It sucks! It is bad! The average person should not have to grapple with the realities of IT-Security and Data Protection much in the same way I don't have the first fucking clue about how to keep an NPP from exploding. But unless we reinvent the whole thing from scratch that shit's on you, me, and everybody else. Never give them anything. I own 18 bicycles.
I am going to laser off the optics from all russian eks early launch warning satellites at the next moment of tension between the empires.
It's not about blaming the victims, but correctly identifying what caused the situation and give society at large a better chance of avoiding it from happening again. From not trusting magazines about how secure the new wondertech is, all the way to not reading and understanding the legal paper and agreements they've agreed to.
I don't believe people should be robbed of their agency - You even bring up many good reasons for using 23AM despite being aware of the potential privacy issues. Rather, people should have the information to make a concious choice.
The blame for the situation is with the company. The crucial choice was always in the hand of the users.
Yeah it’s weird seeing so many people dump on 23andMe users. My grandmother got to meet her biological daughter that she was forced to give up for adoption. 23andMe as a service is amazing and has been life changing for some people. And all things considered Regeneron buying them is a good thing. They’re already set up to protect sensitive patient data.
It would be an amazing thing if the people who controlled it and the rest of the world weren't complete fucking ghouls.
i feel saddened that people focus entirely on hindsight but take the current situation as inevitable result of the past, and regard it as unchangeable.
no, this does not have to be treated like any other capitalist asset. if there's a shred of belief that the privacy and dignity of us humans matters to us now in 2025, just get together and disown 23andme, nuke the data, and turn the page.
unfortunately we have to stick harder to the principle of capitalism than any crusader in the middle ages had to stick to the Bible... helpless powerful species
It's not a individual problem of personnal responsibility
Anyone trusting anyone else in a capitalist society is signing up to be the sucker. Has been this way for 200 years.
Historically illiterate populace.
And you went straight into doing it again! Amazing
I’ve publicly uploaded mine to anywhere that’s take it anyway who cares. Unless you’re American there’s no huge risk. If they use the anonymised data to discover new drugs and treatment then I’m glad to contribute. It’s only <0.1% of your genome.
99.9% of your genome is exactly identical to every other human on Earth. <0.1% just means they aren't storing things that don't change between people, because why would they?
The 99.9% similarity refers to humans having nearly identical DNA sequences, but that doesn’t mean we express our genes the same way. Gene expression varies widely due to regulatory sequences, environmental factors, epigenetics, methylation, and more.
23andMe only analyzes a small, curated set of common SNPs, covering maybe 5 - 10 percent of the known functional and trait-associated genome. It doesn’t sequence most rare variants, the full exome, or structural elements.
Recent research is also starting to highlight the growing importance of the dark genome, revealing that non-coding regions we’ve dismissed as junk DNA play significant roles in regulation and disease.
That's all true, but also completely irrelevant to the point I was making. Gene expression isn't in that 99.9% of the DNA that is the same. All of the individually identifiable genetic information in the genome is in the other 0.1%. This is a privacy community. A complete understanding of how genetics works is neat and all, but it's not relevant to the conversation we're having. I didn't say that all humans 99.9% identical to each other. That's obviously not true. I said that there's no point in storing duplicate copies of identical genetic sequences, and that saying they store less than 0.1% of your genome only says they're not doing that.
For the record, 5-10% is way plenty to narrow things down to a very tiny number of people. Probably one in most cases, and it contains a lot of important medical information. That's not some trivial unimportant thing.
No huge risk at the minute. While I'm all for you doing whatever you want with your DNA it doesn't make uploading it to everywhere that will take it a particularly good idea.