DNA Testing Regulations

Advocates are concerned about the lack of privacy protections when it comes to DNA testing kits, so they are advocating for legislation to safeguard customer data.

DNA testing companies like Ancestry and 23andMe have become hugely popular in recent years. People have a growing interest in understanding their heritage as well as traits they share with family members, as well as learning about potential health issues that run in their families. Many are looking at gaining a more complete picture of who they are, and some have even found siblings and other family members they weren’t aware of in the process.

But one of the dangers of using DNA testing services is the potential breach of privacy – especially when it comes to something as personal as DNA, consumer advocates warn. For example, it was recently reported that Family Tree DNA gave the FBI access to its genetic database. Other DNA testing companies have allowed third parties to access this information too, because privacy policies are written to protect the company, not the consumers entrusting them with their DNA. Often consumers don’t realize they are giving permission for their genetic information to be shared because the wording is so vague, according to a report from The Washington Post.

The Post interviewed Sally Greenberg, the executive director of the National Consumers League.

Greenberg is looking at the long-term picture. If privacy guidelines aren’t put in place now, there are potential abuses that could take place down the road for customers. One practice the National Consumer League advises companies to adopt is an opt-in policy for consumers. If a research company or other third party wants access to your genetic information, you have the ability to agree and opt-in or turn them down. This would make what’s happening behind-the-scenes more transparent for consumers, and they have some control over what happens to their DNA.

Advocates are also pressing that DNA testing be part of the privacy conversation for new Congressional legislation. In light of consumer concerns about where and how their data is being used, and especially considering the data breaches that have taken place with so many companies from Facebook to Target, Greenberg says there must be some regulation to get a handle on what’s happening.

The group is also calling for more privacy surrounding the handling of genetic data, saying the data should be treated like medical records and protected as such. They point out that if a DNA test determines the likelihood of a future health condition, “it has serious implications in the hands of an insurer,” according to the Washington Post report.

“We need a strengthened HIPAA for DNA testing companies,” Greenberg told the Post.