I work in population genomics (non-human organisms), and myself participated in an early near-whole genome genotyping study back when microarrays were still the predominant technology (academic NOT commercial).
But for nearly 20 years I've been telling my extended family NOT to participate in any large scale genotyping with 23 and Me or similar commercial companies where they retain rights to your data, anticipating that something like the current scenario would likely play out.
Somehow, 23 and Me genotyping became the "gift du jour" for Xmas some years back -- I never personally understood that or why someone would want to turn over so much data to a commercial entity.
This is not to say that large scale sequence information is not appropriate for *some people*. But if that's something you need, make every effort to make sure you own your own data.
cj · 38d ago
> I never personally understood that
It’s a pretty simple cost/benefit equation.
For 90%+ of people, the benefit (or appeal) of seeing an ancestry report is greater than the cost (or risk) of handing over your DNA.
That said, it’s definitely fair to question why more people don’t take their personal privacy seriously. The reality is companies like Google (and 23andme) simply wouldn’t exist if everyone cared as much about privacy as the HN crowd. Google exists because consumers are fine with sharing their data, for better or worse.
theptip · 38d ago
I am extremely skeptical that many people are making an informed cost/benefit here. I would wager most users don’t even know about the license terms.
It’s the same as infosec in general. Most people don’t know about the risks, and anyway are bad at quantifying tail risk.
dkh · 38d ago
I am adopted. I spent most of my life having absolutely no idea whatsoever where I was from, or what biological risk factors I might have. 23andme was valuable to me on many levels, and even with the state the company currently finds itself in, it is not a decision I regret.
My wife also did 23andme some years ago, through which she discovered she had Factor V Leiden—a fact which became extremely important very soon after her discovering it, leading directly to changes in her treatment and how closely they monitored her for blood clots (she had a PFO and some other stuff going on that was already compounding her risk of clotting and stroke), and very possibly may have saved her life.
I’m supposed to go in and delete every trace of it out of fear of what the down-on-their-luck company might, or simply could, do?
While I know that my experience might be rare, I would regardless suggest that you reserve your skepticism, because you aren’t really in a position to assess who did or did not derive a justifiable amount of value from it or how informed of a human being they are
ipaddr · 38d ago
Similar situation, I did a number of tests( ancestry, myheritage, 23andme, etc) the information it provided answered many questions, and introduced people I never would have expected to my family tree (half brother/sister, etc).
23andme had little data on my fathers side so it split my mothers side into my family tree at the great grandfather level. I spent awhile tracing people only to discover my father and mother side seemed to be related. After going on Ancestry I was able to figure the mistake.
Myheritage had European links. 23andme North American links. Ancestry had everything. The genetic time period they match against are different. 23andme matches against 100ad while ancestry 1200ad. So if you are Celtic perhaps your people were in Spain in 100ad but in Ireland or Scotland by 1200. Using different services gives you a fuller picture and understanding of human migration and your migration. The difference from 23andme telling you you are broadly northwestern european vs Cornish/Welsh/Scottish is huge but illustrates what you match against really changes your identity.
krior · 38d ago
I get the medical angle, but I cannot understand why it would matter to know that some distant ancestor may be from scotland. Is that really worth turning over your detailed biological build plan with all its flaws to some shady cooperation?
ipaddr · 37d ago
I worry more about Google, Facebook, mobile apps, cell phones tracking location, interests, activities putting it together for others to buy.
These tests do not do a full detailed analysis if you want that you need to find a clinic and pay thousands of dollars. For what they do tell you I wouldn't be afraid for the entire world to see.
Discovering who you are, where you came from, discovering who your relates are, what your last name is, where people with your genes live now, the backstory on how your wave of immigration came and where they settled and why has been worth it.
The information exposed by 21andme was profile and ethnicity information. I'm okay with any of that becoming public, the public part of a facebook profile shares personal data. Actually I wish more people would ask me about my ethnicity data. I think it would make a great addition as a facebook profile section and if facebook still allowed developers to create profile addons I would create one.
As an aside does anyone remember catbook addon?
homebrewer · 37d ago
> profile and ethnicity information. I'm okay with any of that becoming public
You are probably aware that at least two European countries no longer collect this information, and the reasons for introducing this policy?
ipaddr · 36d ago
Not aware or the reasoning. I looked it up. This article talks about the countries that do and don't.. why black lives matter is protesting in Germany over it.
My guess would be to protect European identity from the reality. Europe has a different level of acceptance of foreigners and a history to protect. I can accept their compromise because of their political situations.
In Canada it's promoted. In the US it gets combined into American identity and promoted in Europe it's hidden.
tiahura · 38d ago
Do you have any examples of people being harmed, or are you just spreading FUD?
anon_e-moose · 37d ago
Try reading some on history from the 1940s, ask yourself if that might happen again, and reevaluate what your parent post says.
No comments yet
amarshall · 38d ago
Genetic testing isn’t the exclusive realm of 23andme, you can get it done through a medical provider as well who doesn’t have such privacy-violating terms.
dkh · 38d ago
Right now, yes. But early in 23andMe's history (I got it done at the very beginning) they were pretty much the only game in town. They were the first to make such a service widely accessible to the public, and they helped establish the market in which better alternatives would eventually emerge.
I don't tell anyone now to use 23andMe specifically, but the warnings and risks being discussed here apply to existing customers, to people who have already done it, and I am just speaking as one of those people.
rafaelmn · 38d ago
How does genetic testing help connect with biological relatives - that only works if there's a database people signed up to ?
kylecazar · 38d ago
If you're talking about finding specific biological ancestors (names) then yes.
But certain general ancestral data can be deduced from variations in your DNA that are observed in some known current/historical population. I.e, I share much in common with people sampled from Scotland -> I must be Scottish.
vintermann · 37d ago
People are warned not to put much trust into the ethnicity estimates, sometimes even by the services themselves. Telling western Europeans apart is hard.
It's either matching to specific people in the service's reference group who have declared that they are Scottish, or it's trying to guess based on the mix of ancestral populations 2000+ years ago ("western hunter gatherer", "early Neolithic farmer" etc.)
jjani · 38d ago
Maybe for those in the US, or at least parts of it. If there's an option for the other 8 billion people that's at least as good as 23andme from a medical perspective, I think a lot of people on HN would be very interested to learn about it.
ashoeafoot · 38d ago
Your descendants are now uninsureable for thrombosis related ailments ?
Another DEI measure inhibiting the free meerkatly goodness soon to go?
Mountain_Skies · 38d ago
Uninsurable where? In the US most people get their insurance through group policies, either through their employer or through the government marketplace. Life insurance companies might be able to make use of your DNA information to alter rates, but I don't see how medical insurance would be able to do so.
The very link you’re sharing says it doesn’t apply to life insurance, disability insurance, and long-term care insurance.
mcculley · 36d ago
Quite right. The comment to which I replied said, "I don't see how medical insurance would be able to do so" and I was adding a data point.
tiahura · 38d ago
Shouldn’t people predisposed to speeding pay more for car insurance?
dkh · 37d ago
Are you actually condoning this practice?
Speeding is a choice, one that's extremely easy to change, and it ultimately an exceedingly trivial matter.
You are born with your genetics, and you can’t change them. You are them. They will likely impact how and you die. All you can do is be aware of them so you can try to be proactive.
So there’s really no comparison between that and voluntarily driving a car too fast
If that’s genuinely how it worked, where the more health problems you are at risk for, the more money you have to pay, this would result in the people who already have the shittiest stuff to deal with in their lives having that compounded by also having to pay more than everybody else.
Not sure what more needs to be said, but if there is anyone out there who is unconvinced, I probably won’t be inviting them to dinner parties anytime soon
tiahura · 37d ago
Is it fair that life insurance for 90 year olds is rather expensive? Yes, because the foremost purpose of insurance is the quantification and management of uncertain risk.
If someone has a higher probability of getting sick / dieing / getting in a wreck then the risk is different and should be priced accordingly. If you don’t, you’re not taking about insurance anymore. You’re talking about a wealth transfer system where good drivers subsidize the bad.
fc417fc802 · 37d ago
Tomato tomato. It's insurance on a societal level - the guarantee that your children, for example, will still be able to afford a medical policy the same as everyone else can even if they lose the genetic or developmental or whatever other lottery.
There's no divine directive that states that risk sharing must be done by voluntarily joining a pool run by a private entity that's priced uniquely per individual. That's merely one way to go about it.
To be fair it's the only sensible way for a private entity to go about it in the absence of legislation that prevents others from being more efficient. In the case of the US specifically, as long as everyone is forced to play by the same "inefficient" rules the free market will continue to work.
BriggyDwiggs42 · 37d ago
No? Speeding tickets I can see the justification for, but to implement this they do this kind of thing.
Speaking of practices which ought to be illegal but somehow aren't.
hn_throwaway_99 · 38d ago
Your experience may be unique but I don't think it's exactly rare.
I'm just another random anecdote, but I also found I had Factor V Leiden through 23 and me. Also, I'm gay, and for a long time was the only gay person I knew in my extended family. Through 23 and me I discovered a 2nd cousin who also is gay, and I met him in real life and it was an incredibly meaningful and important experience in my life.
dkh · 38d ago
One of my good friends discovered her biological half-brother on 23andMe who she had never been told about. They met up, and got along remarkably well, and have actually remained pretty close since! These things do happen. Glad you got something out of it, too.
Yeah, these experiences may or may not be rare. I was positing that they might be rare mostly to try to meet the person I was responded to halfway and because I don't actually have evidence one way or the other
hn_throwaway_99 · 38d ago
While perhaps not as immediately "positive" an experience, there was a bunch of press last year about how consumer DNA tests were uncovering that incest was much more common than previously believed:
That’s definitely interesting to learn you are the great great son of an incest !
vinni2 · 38d ago
Did you find out your cousin was gay through 23 and me or from him?
hn_throwaway_99 · 38d ago
IIRC, his first and last name were visible to me in 23 and me, so I googled him and saw that we was a therapist with a focus on the LGBT community, so then I messaged him through 23 and me, told him a bit of my story and asked him if he was gay.
dkh · 38d ago
This is not the sort of thing a genetic test can determine
BurningFrog · 38d ago
Give it time...
wizzwizz4 · 37d ago
It might not happen. Fingerprints are partly heritable – immigration delay disease, for example, has an identifiable point mutation – but you'd be laughed out of the room if you tried to suggest that given time, we would eventually be able to predict fingerprints from genomes.
Non-heterosexual behaviour can be observed in most social amniotes, even those without fingerprints. Genetically-identical twins do not have identical sexual proclivities. There's no a priori reason to believe there's even a "gay gene" to find.
BurningFrog · 37d ago
I looked it up, and twin studies say sexual orientation is party genetic, but it's far from the only factor.
So at most a perfect genetic test could give a percentage chance of someone being gay/straight.
I guess that's pretty much what you said.
wizzwizz4 · 37d ago
And either gayness is evolutionarily beneficial (kin selection?), or it's so fundamental to amniote psychology that evolution can't get rid of it. (Or both, I guess.)
evrydayhustling · 36d ago
I'm totally with you on the value prop at the time we signed up. I was more surprised that it sounds like you are reluctant to delete now, when the company is going through an unpredictable transition.
Did I get that right? If so, is there an ongoing value you want to maintain, or it more out of respect for the organization that provided you value in the past?
panxyh · 38d ago
GP is not assessing who did or did not, he's expressing valid scepticism about proportion of people that give the issue much though being any high.
You being a sample of one doesn't give you any position either, but I won't be suggesting reserving your enthusiasm.
hn_throwaway_99 · 38d ago
I agree most folks aren't aware of the risks. But I'm guessing for the vast majority of people that are aware of the risks, the thought process is basically along the lines of:
1. I'm simply not that important. There are millions of other people who have given this data to 23 and me and the like, and I'm just some rando peon - nobody is going to be specifically searching for my DNA.
2. The "worst case scenarios", e.g. getting health insurance denied because you have some gene, still seem implausible to me. Granted, there is a ton of stuff I thought would be implausible 5-10 years ago that is now happening, but something like this feels like it would be pushed back against from all sides of the political spectrum, even in our highly polarized world.
3. I haven't murdered anyone, so I'm not worried about getting caught up in a DNA dragnet. Sure, there can be false positives, but to get on in life you pretty much have to ignore events with low statistical probability (or otherwise nobody would even get in a car on the road, and that has a much higher statistical probability of doing you harm).
mschuster91 · 38d ago
> The "worst case scenarios", e.g. getting health insurance denied because you have some gene, still seem implausible to me.
We're halfway there, data mining by insurances already is the norm in car insurance. We should have fought back hard back in the day this was proposed.
> I haven't murdered anyone, so I'm not worried about getting caught up in a DNA dragnet. Sure, there can be false positives, but to get on in life you pretty much have to ignore events with low statistical probability
Even if you haven't murdered anyone or intend to to so - your genetic data is useful in the pig dragnet. Your genetic data may be what provides the pigs with a link to your nephew who moonlights as a graffiti sprayer... and yes, the German pigs are doing DNA checks on graffiti sprayers, they have been doing so for over two decades [1].
Just a suggestion: if your goal is to convince the average Joe why DNA privacy is a concern, and you solely refer to the police multiple times as "pigs", you're not going to persuade many people.
mschuster91 · 38d ago
If the pigs don't want to be referred to as pigs any more, they should push their unions to fight for yeeting the bad apples out of the force for good instead of just hiring those who behaved so utterly braindead that IA had no choice but to yeet them in the next town.
At the moment pigs can break the law and abuse their authority any way they please with barely any chance of getting even a slap on the wrist - and even if they kill someone, chances are high they'll either get off entirely on "reasonable fear" or they'll get pardoned.
hn_throwaway_99 · 37d ago
You're free to call the police whatever you want. But that's not what my comment was about.
Again, if your goal is to convince people (or at least have a constructive dialogue) why they should care about genetic privacy, all you have done for your average person is convince them even more that your opinion should be discounted.
bigpeopleareold · 38d ago
Sure, but the audience for 'being aware of DNA privacy' is not the police, but normal citizens, particularly a good number of people who, despite the abuse, are a general good in society.
generationP · 38d ago
What if someone in your family has done a crime, and the result of your DNA being online is (1) you are the first suspect and (2) the criminal might well learn/suspect that they have been compromised through you?
mustyoshi · 38d ago
Isn't it better for society as a whole if criminals are apprehended?
Even moreso if they're one that would be a physical threat like you're suggesting?
Spooky23 · 38d ago
Mustyosi, your DNA was found on a coffee cup at a Denny’s frequented by terrorists destroying Tesla property. Where were you on Tuesday at 2?
adolph · 38d ago
“Zoom and enhance” forensics aren’t real right? Isn’t it mostly NSA listens in and then they have to parallel construct something to hide the illegal pervasive surveillance?
consteval · 38d ago
Pretty much all of forensics isn't real. Blood splatter analysis, polygraphs, fingerprinting. That doesn't mean it doesn't put people in jail.
trogdor · 37d ago
What, specifically, are you claiming is “not real” about fingerprinting?
adolph · 35d ago
Their use as evidence has been challenged by academics, judges and the
media. There are no uniform standards for point-counting methods, and
academics have argued that the error rate in matching fingerprints has
not been adequately studied and that fingerprint evidence has no secure
statistical foundation. Research has been conducted into whether experts
can objectively focus on feature information in fingerprints without
being misled by extraneous information, such as context.
There's a common belief that fingerprint analysis is objective and reliable, but there's a great deal of subjectivity involved. Additionally, there have been several convictions involving fingerprints as evidence which were eventually overturned.
While they may still be useful, they have an image of infallibility that doesn't line up with reality.
casey2 · 38d ago
Spooky23, the atoms in your heart all quantum tunneled out of your body causing your untimely death. Why didn't you install a backup heart?
lurk2 · 38d ago
There are many instances of people being questioned, harassed, and even framed based on circumstantial evidence. Western judicial systems are specifically engineered to address these problems via the process of discovery and adversarial argument. There has never been any documented instance of a death being caused by quantum tunnelling.
haxxorfreak · 38d ago
Yes, assuming the label of who is a “criminal” is fair.
There is always the risk of a society or government changing that definition after they have the data and it’s too late to go back.
nukem222 · 38d ago
Depends on the crime. They aren't exactly fungible acts. Furthermore the state isn't exactly obligated to manage society, even if this has occurred in various forms throughout history. Many of our laws weren't exactly written with "society's" best interest at heart. Ultimately, the state will look after itself above all else.
I'm just saying I'd like the state to have to work hard to put people away. The law can just as easily be wielded to harm people. I don't see much sign the american public agrees with me, and politicians certainly don't agree. Even mr "it's a witch hunt" trump is only anti-LEO when it comes to his own crimes. But I'd rather have some low background level of crime than the sinking feeling that we're imprisoning a lot of innocent people, as unpopular a sentiment it might be to some in this country.
Besides, if the government doesn't take care of society, higher crime is inevitable.
hn_throwaway_99 · 38d ago
I think your example highlights why most people don't view these as plausible concerns:
1. If I had a family member who was a serial murderer or rapist a la the Golden State Killer, I would want him apprehended.
2. "the criminal might well learn/suspect that they have been compromised through you?" That doesn't seem reasonably plausible enough to me to care. What, cousin Billy Bob is going to come hold me hostage because he knows I used 23 and me at some point? Really??
kortilla · 38d ago
> 1. If I had a family member who was a serial murderer or rapist a la the Golden State Killer, I would want him apprehended.
But you are apprehended instead and are responsible for now coming up with an alibi.
krisoft · 38d ago
That is not how dna evidence works in my understanding. They would know if you are a partial match or a complete match.
BurningFrog · 38d ago
Very unlikely things can happen, sure, but they can just as well be positive:
What if an unknown biological relative of mine happens to be a billionaire and gifts me $10M like he does for all his other relatives?
acdha · 38d ago
Ever make bug because you wrote code thinking about how you wanted it to work and forgot to consider how it could go wrong off of that happy path? I think things like this are basically the same problem: when someone is focused on the good outcome it’s just not the right context for most people to carefully evaluate possible negative events, especially low-probability ones. They’re thinking it’d be cool to get an ancestry report, maybe lifesaving to get notice of genetic problem, perhaps the excitement of a unknown relative, and unless there’s a neutral party involved the positives are probably going to win.
AYBABTME · 38d ago
I think most people do the cost benefit analysis in a much more empirical manner than your theoretical framework. Most everybody has a justifiable reinforced belief that trading data for value is worth it, since the vast majority of people don't feel like they've been on the losing side when they participated in these transactions before.
One can argue that these people may not have understood that a transaction was occurring. I would argue that this is beside the point. Their intuition is hard to discredit in the face of their lived experience. Aside from the marketing spam, most people are probably right in thinking that they've been better off with Google/<alternative> than without.
We can pontificate that people should know more about what they agreed to, and so on, if only they knew better, etc. But this rings hollow and very hypothetical to the vast majority of us. It's worrisome in thought exercises, but not validated in real life.
random3 · 36d ago
I’d say it was a mix of both for me, combined with being younger and having an “uneven” privacy perception. This said, besides being annoyed, I can’t really tell what the impact is because I can’t even quantify the amount of information (e.g. “resolution”) to the possible uses of that information.
Perhaps this could be solved with a class action law suit, that would make it illegal for private entities to own the data post fact, combined with how it was marketed, etc. I’ve seen interest rates for credits reverted this way and credits reduced, for similar reasons. But again, it’s a trade off here too :)
casey2 · 38d ago
Does "infomed cost/benefit" mean "agree with my opinion"? How much information does someone need to show they understand? Do you know the lcense terms to every service you use? certainly not, so applying this standard only when it's your field of expertise is extremely biased.
Most people haven't died or had their bank account drained due to bad opsec, so I'm guessing they are accurately assessing the risk as "could be worse". There are so many things that could kill you day to day that people rightly don't care about your pet issue.
karparov · 38d ago
In my experience, even if people knew, they just don't care.
Most people I talk to about this, tech and non-tech folk have an attitude with a.mix of "you can't escape this anyway, so might as well embrace it" and "misuse scenarios you are describing are pretty far-fetched".
lurk2 · 38d ago
I read a comment on Hacker News which suggested asking these people to provide you with their unlocked phone. The theory went that most people wouldn’t do it because they realize that they do actually have things they would prefer to be kept private or secure. The first time I tried this, the person I was trying it with unlocked her phone and handed it to me. I didn’t even know how to respond.
bonoboTP · 37d ago
People worry about "real people" knowing their private stuff, eg a family member, acquaintance, colleague, neighbor etc peeking into their DMs, because these people can impact one's actual life, social life, reputation, job, marriage, etc. They don't care if some faceless corporation has their data in some database with a billion other peoples similar data, as long as that data can't get into the hands of real flesh-and-bone humans that they see with their two eyes in real life as opposed to theoretically maybe existing and doing something nebulous ly nefarious in some scifi future dystopia.
lurk2 · 37d ago
I’m sure I’m preaching to the choir here, but the data belonging to a faceless corporation (or even a government agency) can be dangerous even if the corporation does not have any nefarious intentions; this is because both the data and the corporation can eventually be compromised by malicious actors.
bonoboTP · 37d ago
I personally am careful like others around here, but I know how normal people think. All anybody can list are vague nebulous future consequences while the benefits are immediate and concrete. You need to point to concrete bad things that happened to real people close to home, eg friends and family, for them to care. Not one anomalous case across the country, but something that has reality in their own real lives. I've tried telling people about privacy issues and it's harder than telling people to stop smoking or eating crap food, or to abstain from sex etc. It's seen as theoretical, abstract moral preaching. Privacy advocates can never point to real things that affect average people in big enough numbers. It's a bit of a catch 22. If the thing is too rare, it seems far fetched. If it's too common, it's seen as "if so many people are affected then I can just blend into the crowd". Meaning, since everyone is careless about privacy around them, at worst they are all going down together. But that in itself seem quite far fetched.
card_zero · 38d ago
I guess open a social media app and post a PM accidentally in public, like:
Hi Laszlo, I'm making the trip on Friday, we can meet at 10 and you can put the stuff in my purse, it should be fine. Don't forget the jewels, that's the only reason I'm doing this.
creato · 38d ago
You don't need to know the license terms to know what is happening. Just observe that you get ads based on browsing and searching behavior. Most people can see that it's happening and don't care. Or at least not enough to give up the value they get in exchange.
smikhanov · 38d ago
It’s not about “the HN crowd”, it’s just that the time has changed so much. Do you remember 2008? Facebook was a swanky way back then to reconnect with your classmates and leave some “Like” things under their wedding photos. Google was seen as a way of organizing the world’s information to make it universally accessible and useful, with their niche ad service being still in limited beta. Twitter was so unknown that it still hasn’t even won a Webby Award.
And 23andMe was already offering a $100 DNA sampling in 2008.
It’s easy to be cynical about this in 2025. Those who didn’t live through the early 2000s, can’t even imagine the amount of optimism surrounding the tech industry at that time. Giving my DNA to a cool new Silicon Valley firm in 2008? Sure, why not, it was like buying a ticket to some utopian future.
cj · 38d ago
Your comment made me think of other companies we view as (mostly) “good” today.
E.g. tons of people take Uber/Lyft with no consideration about how those companies can take your travel history and daily schedule to monetize or sell to 3rd parties.
DoorDash - what if they start selling my order history to insurance companies as a variable to predict obesity/mortality?
HN/Reddit - what if some LLM scrapes all my comments, de-anonymizes me, and sells that info to a data broker?
Visa/Mastercard - what if 100% of my credit card history is sold to data brokers? (Spoiler, it already often is!)
Just trying to illustrate that even in 2025, we pick and choose what to view through rose colored glasses and what to frown upon.
In the example of Uber/Lyft, I willingly give up my home address and even let me know every time I’m out of town! (Trips to airport) yet that seemingly doesn’t cross my mind when requesting a ride.
I don’t disagree with your comment, but IMO what was true in 2000’s is still true today: people overlook risks of things when the benefits are substantial enough. That’s human nature
ryandrake · 38d ago
All of your what-ifs are almost certainly already happening, and probably worse.
cj · 38d ago
Right, but it doesn’t seem to deter us for some reason. At least not yet.
AStonesThrow · 38d ago
So you walked into a French restaurant in the 16th century every week and there was an artist sitting outside and the proprietor took notes on every conversation you had and the artist made portraits from everything you were wearing every week and they all sold it down the river.
The shopkeeper knows your face and every baguette you ever purchased three times a week. Every miller within 300 km knows about that time you complained about the stale bread they sold you.
What is the big diff and nobody needs high tech to compromise your privacy
AlexandrB · 38d ago
I lived through the early 2000s and it was already pretty easy to see how 23andme could go wrong. Unlike data that could leak from a company like Google or Facebook, your DNA is forever associated with you and can't be changed or obfuscated. IIRC, many on HN made the same point at the time.
Elsewhere in this discussion there are people talking about how "the common man" doesn't understand the risks of privacy loss. Well it really doesn't help that when those risks materialize you also have people claiming "well no one could have seen that coming".
roenxi · 38d ago
In fairness the "common man", if they are anything, is unable to think more than about a month or two ahead on a good day. So while anyone with an unusual ability to plan long term could, did and does see problems on the horizon the common man certainly couldn't have picked it.
nine_k · 38d ago
(Nitpick: the "Like" button was invented by FriendFeed, which was acqui-hired by FB, and Facebook implemented the "Like" button in 2009.)
zeroonetwothree · 38d ago
FB had an internal version that predated the FriendFeed one although it wasn’t launched till later. I don’t know what you consider “invented” in the context of silly internet features but that’s the history.
nine_k · 38d ago
The invention I mean is that when user X likes a post of user Y, the liked post of Y is included into the feeds of users who follow user X. I don't remember this mechanic prior to Friendfeed and then FB. Maybe I'm just unaware of prior art.
quantified · 38d ago
I remember 2008. It was the same thing as now. The majority of people just want what they want, useful or shiny, and don't care about the rest. Remember how many signed up for housing loans they couldn't pay back, knew they disn't have the money, but it was cool and everyone else was doing it? Same thing, roughly. Was the case then and will be now.
treyd · 38d ago
> The reality is companies like Google (and 23andme) simply wouldn’t exist if everyone cared as much about privacy as the HN crowd. Google exists because consumers are fine with sharing their data, for better or worse.
This refrain is repeated endlessly but I've never heard a good argument as to why it must be this way and if it was any other way Google simply couldn't exist in any (ideally better) form.
whilenot-dev · 38d ago
Which Google product out of the many[0] do you know that doesn't scrape data?
I think Google profits massively off of the ignorance of its users and is reliant on their unawareness that they're producers of actual relevant data.
Google the search engine could exist without being a privacy pest. But once Google bought DoubleClick in 2002 and made their ad delivery platform their own, going down the panopticon path became inevitable.
nukem222 · 38d ago
I agree generally, but I was under the impression they had explicitly committed to ads over other revenue forms much earlier. Importantly, there was a point in Google's history where they weren't committed to this, and the internet would look a lot different had they not just determined ads would be sufficient for their business model.
Curiously, they had a solution of sorts in a program where you could basically bid for your own ad buys to remove ads from pages. For some reason they shuttered this program down. I didn't even know it existed until after it was gone, frustratingly. I thought it was a neat way to allow the industry bridge to other funding models.
(Or perhaps such a business model relies on tracking that's been deemed invasive. Who knows.)
treyd · 37d ago
> Curiously, they had a solution of sorts in a program where you could basically bid for your own ad buys to remove ads from pages. For some reason they shuttered this program down.
Because in reality this is just an opt in donation to Google. It's always cheaper to just block ads entirely.
eek2121 · 38d ago
Agreed.
nolist_policy · 38d ago
Google makes about $3 per user per month in ad revenue[0]. With VAT and transfer costs that makes a equivalent subscription maybe $5 per month?
(Too much for my taste.)
Then you have to factor in that (far) fewer users are going to use/pay for their products if it's a subscription.
This assumes that privacy-preserving advertising would make Google $0. I doubt this is the case, especially if every other company is also using a similar business model. For purely placement advertising, Google still has more reach than any newspaper or magazine ever produced in the pre-internet era.
Google is making it based on theoretically unlimited searches for everyone. No caps in the number of searches.
You have to to the $10 USD a month tier with Kagi to have the same expectation met, which is unlimited searches
jasonfarnon · 38d ago
How can someone possibly make a cost/benefit analysis when the future uses of public dna data are so speculative? Criminal in the 70s didn't think leaving their dna around could lead to their arrest 30 years down the line, probably didn't factor in their cost/benefit analysis at all. I guess maybe you could figure there's safety in numbers, if loads of people are in the same boat are you there's a ceiling on your risk (legislation eg). Those of us who grew up in the era of smoking a pack a day don't really feel that way.
CamouflagedKiwi · 38d ago
But most people don't want Google to not exist. They derive significant value from it - from Google search, from Maps, from Gmail, whatever. I think that the access they have to my data has cost me basically zero, and I've gained a lot.
Had 23andme had access to my DNA, that might be worse in future. Although today there is not immediately a lot of downside, you can certainly imagine futures (maybe slightly dystopian ones) where that turns out to be pretty bad.
quantified · 38d ago
If your immediate family members or close blood relatives have done it, you're now identifiable in there.
Yeul · 38d ago
And then people wonder why we can't have serial killers anymore.
smallnix · 38d ago
*stupid serial killers
happosai · 38d ago
Eh, Google search has become so useless I caved in and started paying for Kagi. Maps is only barely more useful than competition. Gmail hasn't added anything new for a decade.
CamouflagedKiwi · 37d ago
I haven't tried many alternatives to Maps. The last one I did was a built-in Tesla thing in a car that a family member had rented (he was keen on trying that out), and it was way worse. I'm sure there are other things that are better but honestly directions in Maps seem pretty good to me.
I don't think I even want anything new from Gmail. It's spent that decade (and most of the one before) holding all my email and serving it to me, that seems pretty good given I haven't had to pay them a cent for it.
aucisson_masque · 38d ago
I believe it’s more that people don’t see the potential threat and harm into providing sensible data to commercial entities.
People who have been for instance wrongly jailed because Google gave their location history to law enforcement and they happened to be near a crime scene, these people they understand the value of privacy.
bonoboTP · 37d ago
People who were struck by lightning know not to go out of the house in rain. People who got hit by a falling brick on the sidewalk know to wear a hard hat when out and about.
These horror stories are so rare that the vast majority of people has never personally met anyone who personally knew anyone who had it happen. So it's all entirely theoretical and speculative for people who are busy and have social life goals. It's rightfully seen in similar light as the pepper hobby or extreme zero waste green philosophy. Worrying about it is basically a hobby, an identity, a community, an esthetic. Most people have some other hobby and identity and don't need this one.
aucisson_masque · 37d ago
It's not so much a hoby in countries where being gay for instance gets you into jail...
Or in countries where people criticizing the government policy disappear.
Yet it's a reality for Billions of people in Russia, china, India until not so long ago.
I mean, the world isn't just limited to the west where, at worst, you will get personalized advertisement and in very rare occasion something worst.
bonoboTP · 37d ago
I replied specifically to the Google account thing. I don't think political dissidents need much convincing in these matters.
aucisson_masque · 37d ago
How wide do you think the spectrum is between political dissident and average Joe ?
How would for instance, Women in the USA having to remove period tracking app because they are afraid it could be used by the government against them, fit in your thought ?
It’s neither black or white, privacy nuthead or political activist. There is a wide spectrum.
bonoboTP · 36d ago
I've never heard of that story (I'm also not American). If it's something that has impacted someone they know, they don't need convincing. I'm talking about the theoretical vague speculative stuff. People will care about privacy if it impacts real life events, not just some news piece about someone somewhere once, one customer from a hundred million but real people in their real lives. If that happens, then they care. If that does not happen, then they don't care about Amazon processing their voice recordings in the cloud or chat control scanning their DMs.
loeg · 38d ago
It's a lot less than 90%. Seems like they've exhausted the TAM and there's no one else to sell tests to.
m463 · 38d ago
But you have to acknowledge these companies started out as something different.
23andme started out as a democratized sequencing company
google started out as a search company. It became an identification and dossier-building company later.
or maybe I'm naive and they were data-grabs from the start.
loa_in_ · 38d ago
Perceived cost and perceived risk. It's an important distinction.
alwa · 38d ago
Or, at least, the benefits are front-loaded and the costs—if you don’t write them off as theoretical—are future-you’s problem…
Made even more opaque by the way the DNA kit folks gave the impression of a straightforward, first-party transaction: you pay a not-insubstantial sum for us to do this service now, you get your report, done!
ekianjo · 38d ago
The cost is not static over time. As data storage, laws and AI evolve, the cost of having your data stored somewhere will increase significantly. So if you are making a cost evaluation based on the present situation you are incredibly naive.
nkrisc · 38d ago
Because they don’t know why they should take it so seriously. They really just don’t know why it’s bad that data about their DNA might be sold to the highest bidder.
AStonesThrow · 38d ago
> consumers are fine with sharing their data
Google is an advertising company. Google exists because businesses advertise and Google became, overnight in geological terms, the sine qua non of advertising.
Consumers aren’t really OK with sharing gobs of private data, but most don’t have a choice, many enjoy the free shit that they get from Google, most don’t notice or realize how much and what kind of data is collected, and none zero zip nada of us can stop Google from doing it.
This is absolutely nothing new in thousands of years. Businesses have sold and hoarded and collected and traded consumer info since time immemorial. Among themselves, with government, with law enforcement, with criminal gangs, who knows. You’re simply deluded if you think any commercial activity is private or confidential for a consumer. Yes even if you pay with $2 from your cleavage.
tiahura · 38d ago
The other 10% being wanted criminals?
why more people don’t take their personal privacy seriously.
Probably because this testing has been happening for almost 20 years at this point, and we’re still waiting to hear about someone being harmed. For the most part, the privacy concerns are FUD.
outer_web · 38d ago
I mean half of us have recklessly give out dna at one time or another.
wenc · 38d ago
I made an informed decision when I signed up.
It's SNP genotyping, which realistically other than telling your ancestry and few health conditions, isn't that predictive of most health conditions. Genotyping only captures a small percentage of total genetic information (it's not a full sequence -- still too expensive for what I paid), and thus the data was actually very limited, so the risk was realistically very small.
Privacy is about risk-reward -- rather than applying the preventative principle to everything (which is overly conservative), we make trade offs in life.
Yeul · 38d ago
You cannot predict technology though.
dkh · 38d ago
Meaning what?
SalmoShalazar · 38d ago
You can get pretty far through imputation. SNPs can reveal plenty about the rest of your genome even if it hasn’t been directly sequenced. Reference populations and linkage disequilibrium go a long way.
derbOac · 38d ago
Meh. I do research in this space and they've sucked it dry, even given everything you're saying.
Progress is going to be elsewhere, like rare variants etc.
catp · 32d ago
Read depth / structural variants as well.
whyenot · 38d ago
> I never personally understood that or why someone would want to turn over so much data to a commercial entity.
I found my half sister and biological father thanks to 23 and Me. Maybe cases like this will help you understand. Some people are willing to "pay" a lot to find out who they are.
No comments yet
nextos · 38d ago
Also, their genetic risk scores and population admixtures are really bad. I can't understand why they are so bad given that they hired pretty good researchers and building these is quite simple. Freely available models run circles around anything they report on their site.
It's a bit like uBiome, they have sold a lot of snake oil and harmed the reputation of B2C tests. It's a shame as something like 23andme, plus a bit of epigenetic testing to capture environmental factors, could be a wonderful way to get an overall health snapshot.
Glyptodon · 38d ago
Well... My experience (having worked as an SWE) w/ medical technology is that if a company is selling something, they will choose the version of advice or analysis that most aligns with selling something. (I got ordered to adjust scoring thresholds in a statistical grouping to have "nicer" groups, for example.)
If your company does treatment X that competes with treatment Y, they'll look to expenand the edge cases that suggest X over Y as much as possible. If a company wants people to feel like they're getting something out of a genetic profile, they'll report the broadest version of risk, and then slow roll more detailed analysis.
Things like this are why I strongly think certain profit motives and business models should be extremely restricted. Just like private prisons create a profit motive for creating crimes, medical services have a profit motive for spreading inaccurate and twisted medical advice, whether it's things like alternative or new age medicine, treatment modality choices, or DNA information.
WalterBright · 38d ago
Government funded research also has perverse incentives:
1. publish or perish, leading to lots of low quality papers
2. funding doesn't continue if one doesn't get results, leading to selection of "safe" research rather than risky research, and results that cannot be replicated
3. no funding for politically unpopular topics
and, of course, the reasons why people publish overtly fraudulent research papers.
robwwilliams · 38d ago
In the case of 23andMe users do own their data. And if they download their data and then request data be deleted then they are the sole owner. But if interested in genealogy, kinship, and some of the more actionable SNPs (e.g. those in drug ADME) then the 23andMe interfaces is informative and even useful medically. I have uncovered two medically useful variants. And some fun ones too: the speed with which I metabolize caffeine.
Their interface is also better than AllofUs.
xyst · 38d ago
It only took a couple of decades of grinding down the public’s perception of privacy.
2000s — PATRIOT Act (and other heinous domestic surveillance acts with no due process) — “wE aRe pUrSuInG tERrOrIsM”
Then the invention of the portable digital camera and subsequent social media between the mid 2000s and 2010s — “selfies” and other aspects of social media made it so much easier for private and public entities to spy on people
Then the introduction of godawful companies like “23andme”. Fortunately never bit the hook and “FOMO’d” into it but rather kept this data between my doctor and myself (and the genetics testing company). Much more expensive, but at least I am covered by HIPAA.
Then last but not least, the introduction of big data companies and broker companies which build profiles on everyone that uses “free” products such as Google search, Facebook, tik tok, and many others that preceded it.
We can’t even escape ads and profiling when we _pay_ for the fucking thing.
I want to say 9/11 changed the game, but in reality I think the erosion of privacy was happening way before that (ie, to serve advertisers)
mildzebrataste · 37d ago
I work in data. I knew what was at stake. But for me, I wanted my son to have the ability to trace his paternal lineage, should he ever be curious. His dad isn’t part of our lives and lives somewhere in Europe. My mom died before he was born. I convinced my dad to take the test (actual quote: “Obama’s going to put me on a list”), and I took the test too — so that my son could someday deduce his paternal side. I think it’s Polish, German, and Danish, but I’m not entirely sure. I didn’t have him take the test, just wanted to leave him the option.
ZeroTalent · 37d ago
They just did this:
"As an added security measure, we’re requiring that all customers choose a new password unique to 23andMe.
To proceed, please reset your password."
I did my test over 10 years ago and lost access to that email.
NICE.
kadushka · 38d ago
I don’t get it – why should I care that they have my DNA info?
quickslowdown · 38d ago
You'll get it when your insurance company bought your profile and automatically added a ton of pre existing conditions to the list of things they won't cover for you. Or when the government decides to start rounding people up based on ancestry or health conditions.
It'll be way too late by then, but at least you'll get it.
BobaFloutist · 38d ago
For what it's worth, the ACA made it illegal to deny or charge more for health insurance for preexisting conditions.
I still largely agree that it's worth keeping your DNA out of the hands of data brokers for several reasons, but as laws exist today that would not be legal.
genter · 38d ago
The political party that hates the ACA with delirious passion is currently in control of the House, Senate, White House, and Supreme Court.
slg · 38d ago
But if this government is willing to allow insurance companies to factor in 23andme type data, what makes you think that will be the extent of this type of genetic data analysis? That is the far-fetched part to me, it relies on a very narrow range of possible dystopias that takes advantage of voluntary genetic testing but stops short of mandatory or coerced testing.
It's reminiscent of some prepper wanting to exclusively horde USD. I just don’t see a doomsday scenario in which that matters compared to hording gold or some other store of value with more intrinsic value. It's behavior suggests a weird cherry-picking of what are likely correlated risks.
jasonfarnon · 38d ago
The ACA forbidding insurers from using DNA data was a much debated point of a very contentious piece of legislation in a very recent congress. Coercing the public to provide samples of their dna outside of criminal proceedings is unconstitutional. Why do you think the risks of those 2 things changing are remotely comparable?
slg · 38d ago
>Coercing the public to provide samples of their dna outside of criminal proceedings is unconstitutional.
Most people in the US are insured through private companies. How would it be unconstitutional for those companies to refuse to insure or jack up prices for people who decline genetic testing?
It just seems strange to believe that this data would be both incredibly valuable to health insurers and that they would have no new ways to gather it outside relying on decade old data from now defunct companies. Modern insurance companies don't identify smokers by buying the old Marlboro Miles database, they make disclosing smoking a part of the application process.
poulsbohemian · 38d ago
The irony being that the whole thing is political theater: the basic outline of the ACA was a Republican bill before Obama ran with it, at which point the Republicans no longer wanted to visibly support it. And, the real net benefit of the ACA has been to further entrench private health insurers, which at this point is not a Democratic goal.
zeroonetwothree · 38d ago
And they have been in the past. Yet the ACA remains.
J_Shelby_J · 38d ago
A single thumbs down was all that saved it.
mafuy · 38d ago
In Germany, preexisting conditions are excluded from total permanent disability insurance. Considering how expensive and life-changing this insurance can be, that's quite an issue.
quickslowdown · 37d ago
The ACA may very well not be long for this world.
kadushka · 38d ago
I considered this when I sent them my sample. For me the benefit outweighed the risk. I'm sure their DNA database have been sold or given to all kind of companies and agencies since then (many years ago). Asking them to delete my record now is pointless. Anyone who cared about it already has it.
robwwilliams · 38d ago
Not sure you are right. 23andMe may exclusively share/sell summarized GWAS data rather than individual level data. That is how genetic data is usually shared even among human geneticists.
throw310822 · 38d ago
It's funny because people are genuinely upset at others who do send their dna around; but assume that their own government might allow such a misuse of personal identifiable information. If your government allows that, the problem is the government, not the people who sent their dna to 23andme.
> Or when the government decides to start rounding people up based on ancestry
And you think that not having sent your dna to 23andme would be a good protection from that? Like, since you are among the smart ones who didn't send the dna, you can keep quietly minding your business while the government "rounds up" people on a racial basis?
BobaFloutist · 38d ago
>And you think that not having sent your dna to 23andme would be a good protection from that? Like, since you are among the smart ones who didn't send the dna, you can keep quietly minding your business while the government "rounds up" people on a racial basis?
I'm going to assume that you're debating in good faith and will accept a powerful but unsympathetic example. The Golden State Killer was caught because his family members used commercial genetic tests, allowing investigators to triangulate him through DNA left at the scene, despite him never linking his DNA to his identity: https://en.wikipedia.org/wiki/Joseph_James_DeAngelo#Arrest,_...
Obviously this was a terrible man, and I certainly don't regret him being in jail. However, it demonstrates that your relatives can expose you to privacy violations without your knowledge or consent, and likely without their knowledge. It's like when an app asks for the list of your phone contacts, it's not just your privacy you're surrendering.
If we ignore that the man in particular was a horrific serial killer, which I know is hard to do, this shows how people can suffer consequences from other people taking these DNA tests, and surely you can see how that kind of sucks? Like, this shows the technical possibility, which is unaffected by the actual reason for doing so.
throw310822 · 38d ago
No, I understand (they caught a killer in Italy in a similar way, though in that case the dna tests were taken after the fact, in a sort of "gradient ascent" pattern).
But your example is that of a licit, even desirable use of those dna tests. They can be used for bad purposes, but that is what you have a government for: to decide what can be done and what can't. Health insurances obtaining your dna sequence from a third party to change your premium? Abso-fucking-lutely unacceptable. (And besides, at that point, what keeps the insurance company from asking your dna directly, unless you want to pay max price?). If you can't keep the government from allowing such things, you should either campaign to change the government or emigrate. This whole "let's keep a profile as low as possible because the government might go against me someday" is both a bit paranoid and fatalistic. If you distrust the government so much then you should put all your energies in changing it, not in keeping a low profile.
untrust · 38d ago
The government in power today is not guaranteed to exist indefinitely. Power structures change, and there is no definitive way to prevent your government changing underneath you as you are a single voter amongst a sea of people with different priorities.
The only power you as an individual truly have is to lower your risk profile if such an adverse event were to happen. History has shown time and time again that governments can change dramatically for the worse in short timespans, and if they have data to use against you then they will definitely use it
BobaFloutist · 37d ago
Sure, but can you at least concede that this technical possibility eliminates the argument that these services can't affect those that don't opt into them? That's the argument I'm trying to make, not necessarily that a particular serial killer had his privacy violated.
emilamlom · 38d ago
It's much easier to convince a family member not to share DNA with a data broker than it is to stop government corruption. Is it ideal, no, but it's realistic.
neuralRiot · 38d ago
>since you are among the smart ones who didn't send the dna, you can keep quietly minding your business while the government "rounds up" people on a racial basis?
Sure it feels better not being a collaborator of your own demise though.
throw310822 · 38d ago
I think that if your government started acting nazi, you should become a collaborator of your own demise by joining an armed resistance. Or emigrate.
Seriously, this attitude sounds like keeping the knives under lock at your home in case your wife decides to murder you. If you think it's a possibility, then I guess this poses harder questions than where to keep the knives.
ben_w · 38d ago
There's a big gap between "powerless" and "sovereign".
Much harder to do that these days, when backups are cheap.
vintermann · 37d ago
DNA testing is extremely popular with Ashkenazi Jews for some reason. And they're, no surprise, very very endogamous, so that's an ancestral component you can identify fairly reliably, unlike, say, Scottishness.
quickslowdown · 37d ago
I think my frustration with the people willing to send their data is that there's the "ideal world" where sequencing your DNA shouldn't lead to things like your government or insurance provider using your genetics against you.
And I'm frustrated because I haven't trusted my government or these companies to be responsible with that data even before it was glaringly obvious they wouldn't. So now here we are in the "I told you so" phase, and it just sucks how much of this data is already out there, ripe for misuse. And now it's just too late.
poulsbohemian · 38d ago
I'm not really disagreeing with you, but it seems to me like the insurance company already has all those blood panels, etc that they paid for - they know what my issues are long before they get around to caring about what 23andMe might tell them. And this government will come after me for being a Democrat and my neighbors for being melanated long before they care about my DNA.
quickslowdown · 37d ago
There are plenty of juicy tidbits of info in your genetics that an insurance company would be very interested in having to not have to pay you when you need them, info that wouldn't be in a blood panel.
This sounds like a great safeguard, for an administration that respects laws & precedent. Which we don't have right now.
guiambros · 38d ago
With all due respect, that's baseless FUD.
Call me naive, but I believe insurance companies have more concrete battles to fight (e.g. confirmed preexisting conditions), than getting in a legal quagmire with insurees just because "you have 2.7% risk of having early onset of X, instead of the 1.35% of the average population".
I understand the allure of painting everything with dystopian Orwellian colors and "but-what-if-they-do" thing, but the fact that 23andme is going bankrupt and others are not much better (Ancestry was acquired by a PE firm in 2020, and is increasingly pivoting away from DNA) is a great indicator that DNA data is commercially worthless.
If anything, the biggest risk is your data being used for ads. I bet some pharma companies would love to use your DNA data to enhance their 1PD propensity models.
washadjeffmad · 38d ago
That's quite a failure of creativity. Like Google with their "I'm not touching you" profiling by metadata, you don't have to identify an individual to be able to target them.
There's also an incredible asymmetry of information in these fields and industries. What makes you think you know enough to say that protected data isn't being laundered, legally or illegally, through private companies around the globe to inform the very opaque pricing of medical services and insurance in the US?
Rodeoclash · 38d ago
Governments often round people up based on some criteria. Unless something has changed that I don't know about, I don't see why this won't happen again.
amanaplanacanal · 38d ago
If that happens with your government, your best option is to be somewhere else.
If any of that is happening, society is already a fascist dystopian hellhole and my 23andme DNA is least of my problems
relaxing · 38d ago
This makes a lot of sense if you subscribe to the libertarian view that corporations should have unchecked power and the governments is out to get you.
quickslowdown · 37d ago
I don't know how you're confused enough to read this as some kind of libertarian bend, but I'm not interested in the genre of political fantasy libertarianism exists in. I'm talking about the reality of the current administration, & how it's never been a good idea to send this trove of highly personal data to a private corporation with a profit motive.
It's kind of the opposite of a libertarian dream.
rchaud · 38d ago
I'd imagine you'd care at least a little bit considering you're paying them for the privilege.
noname120 · 38d ago
If a company offered to pay you $119 for sending them sample cells from your body so that they can sequence your DNA and do whatever they want with it. Would you take up on the offer? I would not.
kadushka · 38d ago
I paid them a lot more than $119 to have my DNA sample.
brookst · 38d ago
I am also fortunate enough to just not care about $120. That’s not true of everyone though.
Yeul · 38d ago
Do homeless people in America still sell their blood?
washadjeffmad · 38d ago
We have employees who sell their plasma because they've been losing money every year and are afraid to also lose their jobs. Wages are stagnant for the working class.
duiker101 · 38d ago
"We have identified that you are at an increased risk of cancer. To ensure we give you the best care your insurance premium has now gone up 20x, you are welcome."
unyttigfjelltol · 38d ago
The scenario is not occurring, and anyway... if you had information about an increased risk, you can use that information to mitigate the risk and avoid the harm. Even if you think insurance and doctors are good for you, efficient and help you feel better... they are much more effective if you as the patient have a pretty good idea of what might be going wrong.
polski-g · 37d ago
This has been illegal in America for almost two decades.
486sx33 · 38d ago
Merry Christmas! Your dad isn’t your dad, your biological father is actually mommy’s old “friend” from work - Bill!
billy99k · 38d ago
On top of this, it ruined many families when they found out person X had a different father..
djohnston · 38d ago
Most people value truth and I don't think revealing affairs is a valid criticism of this product.
callc · 38d ago
I wish most people valued truth. But I see an overwhelming amount of cognitive dissonance and disdain for seeking truth.
Many people would rather keep family secrets secret for a myriad of reasons (with different justifiability)
Animats · 38d ago
The problem, not stated, is that a bankruptcy can wipe out the obligations of a company to its customers. This includes privacy obligations.[1] Especially if the assets are sold to a company outside California or outside the US.
Yes.
We need obligations to be able to follow personal data, by analogy with real estate (if you agree an obligation with your neighbour, for example access rights, it can be effected in such a way as to be binding against future owners. Otherwise you could get stuck without access each time they sell up. This is often set up at the point when the land is subdivided)
hypercube33 · 37d ago
Personal data should be owned by us and a license given limiting it to the original company in its original form read entitlement only.
That's the only thing I can come up with to stop this and maybe have a side benefit of killing credit companies at 7am before I've had my cup of Joe.
Animats · 37d ago
24 hours later, the bankruptcy.
huitzitziltzin · 38d ago
The fact that 23andme is at risk as a going concern tells you what you need to know about the potential of monetizing large amounts of generic data. It turns out you can’t get much value from it. If you could, they would have.
And no I don’t think all of that DNA data would be valuable to the likes of a large health insurer like Humana or Aetna either.
The medical records you are imagining an insurer can link to genetic data are worth even less than these DNA sequences turned out to be worth.
Sincerely,
A former health economist who has worked both with tens of millions of inpatient discharge records, and (separately) a detailed survey which is complemented by genetic data.
unyttigfjelltol · 38d ago
Candidly, given existing law in the US, the highest use an insurer could make of the data is to opt families into specialized preventative care using the DNA profiles in the database. They might make pretty decent profits taking that angle, and possibly generate significant goodwill.
s1artibartfast · 38d ago
How would that make them money? Every dollar saved in preventative care is $0.15 less profit, because insurers have a fixed profit margin as a percent of total care provided, due to the ACA's 85/15 rule .
The only reason to to do it would be to compete with a peer insurance company that is already doing it, resulting in less profit for both parties. The optimal strategy from the insurance profit perspective is to ban any DNA based cost saving measures for all insurance companies.
unyttigfjelltol · 38d ago
Setting aside for a moment whether this is feasible, an effective preventative care program would make the insurance program more competitive, in cost or quality. You're assuming employers and patients are just along for whatever anticompetitive ride insurers take them on. That would be a departure from marketplace fundamentals. The ACA also has safe harbors for process improvements .
On the feasibility point, if this use case is entirely infeasible I don't know what all the hand-wringing on this board is about!
huitzitziltzin · 38d ago
No.
(Slightly longer answer: I don’t have the funds to match what someone is likely to pay for this data, but if I bought it and gave it to you for free, and also gave you all the inpatient hospital discharge abstracts in the US in a matchable form, plus whatever health data you want, plus family relationships, plus a budget for 100 PhDs, product managers, and marketing people for 5 years you couldn’t turn it into a viable product. (Indeed that is literally what 23andme tried to do for years!))
Calvin02 · 38d ago
Thank you for sharing.
I have long suspected that the sequencing data isn't valuable except to law enforcement.
If it were as easy to link sequencing to diseases, we would have seen a rapid advances in our ability to address those diseases. The genetic data alone isn't enough of a predictor.
steelframe · 38d ago
Whenever I start feeling smug about how cagey I've been about data brokers in the past, I remind myself that enough of my relatives have handed over their DNA to operations like 23andMe so as to render my efforts futile.
thomassmith65 · 38d ago
Most likely, they're also sharing photos, videos and intimate details of you on social media.
beng-nl · 38d ago
And have corresponded by email to/from GP using a hosted email provider..
globular-toast · 38d ago
Yeah, and by not participating directly yourself you just earned a tag of "non-conformist", "weirdo" or perhaps "entity that has something to hide".
swyx · 38d ago
respectfully, privacy is important, but what exactly are the attack vectors if, say, I had your DNA? what happens?
1659447091 · 38d ago
Health insurance first, is my guess. A way to discriminate; like car companies (GM) sharing data with insurance companies. But on a whole other level.
swyx · 37d ago
ok sure, make that illegal, the way redlining for mortgages is illegal. next?
BriggyDwiggs42 · 37d ago
Phew, good thing that things many people think are problems but that benefit large businesses always get made illegal. We’d be in a real pickle if that weren’t the case.
grumple · 38d ago
The administration could decide to detain, deport, or kill everyone who has certain traits - say, Jewish, or Arab, or Mexican, or maybe just has undesirable traits. The db of millions of users makes this very easy.
The US admin is already at the stage of mass deportations. Detention camps (beyond those we already have at the border) are probably not far behind.
chii · 38d ago
None of those actions require the use of dna sequencing to happen.
mulmen · 37d ago
Not required. Also not the point. Genetic data allows bulk identification of traits that may not be outwardly visible. Or even invention of new traits.
This information can be easily used to target large groups of individuals.
What happens when an ambitious young data analyst correlates a gene with criminal activity?
The point is you don’t want an admin that carries out malicious discrimination to have genetic data. We have already seen that movie. It doesn’t end well.
chii · 37d ago
> What happens when an ambitious young data analyst correlates a gene with criminal activity?
Then such would be a great scientific study to examine, peer review, and replicate to assert if true or not.
If true, wouldnt it make sense to monitor them? May be not go full minority report, but certainly makes it easier to catch.
mulmen · 36d ago
> If true, wouldn't it make sense to monitor them?
My point is that there's no reason to believe criminal tendencies are genetic in nature. If they are or aren't it is still easy to identify correlation. To even embark on this dangerous path of research we would need robust guardrails to ensure it doesn't devolve to genocide again.
> May be not go full minority report, but certainly makes it easier to catch.
Makes what easier to catch? How close do you think we should get to Minority Report? My opinion is that we should strive to be as far from Minority Report as possible at all times.
Racism comes from a place of ignorance. It's literally stupid. Genetic data is very easy to misinterpret and human history has no lack of examples of how it can be misused to cause harm to innocent people. Stupid people will misinterpret genetic data the same way they misinterpret skin color or any other physical characteristic.
shadowgovt · 34d ago
Ask yourself, honestly, how comfortable you'd be with the idea of the government monitoring you (regardless of how you act, think, or feel) because you have a gene sequence correlated with antisocial activity.
... if, in your deepest heart, you'd be comfortable with that...
... I'd humbly suggest that you may have a genetic condition that makes you a lot more trusting of under-constrained authority surveilling you than the average human being, and you should be sensitive to their genetically-predisposed needs for privacy.
xp84 · 38d ago
If the US is 'at the stage of mass deportation' [of people here illegally in the first place] it's only because we've been wildly generous to that set of people for so long that there's a backlog of them. In most countries, doing crimes while there illegally is something you don't dare do, or deportation could be the least of your worries.
AlecSchueler · 38d ago
They're now revoking residence permits[0] of people who arrived and stayed by legal means so you can't play the "illegals" card anymore.
Okay, but almost no other countries ever accepted people on this vague basis in the first place -- since "The country I'm from is poorly run" isn't a recognized reason for seeking asylum. They got 2 years free out of generosity, and now they want a green card on what grounds again?
Would you advocate for the US to invite every citizen of Haiti, Cuba, and Venezuela to move here? If not, why these particular 532,000 people?
IBM and the Holocaust, Japanese Internment, Stasi. Sibling mentions a worrying current development.
kristiandupont · 38d ago
Most people here seem concerned about insurance companies misusing personal data or a full-on totalitarian government takeover. However, my concern is about becoming susceptible to manipulation and coercion. A significant aspect the last election was the use of "Super PACs" like Elon's which targeted individuals on social media to influence their decision.
I think this trend will continue, not just in politics but across all sectors. The internet you experience will be tailored to your personality completely, but it will also be shaped to steer you in directions decided by who pay the most. The more data they collect about you, the more effective this manipulation will be.
This doesn't even account for the risks posed by malicious actors who might target you using this information.
1659447091 · 38d ago
You don't need DNA for that though. Just hand out money and buy people.
Similar to November, a Musk funded group is currently offering $100 to registered voters in Wisconsin to sign a petition against “activist judges” with a not so subtle nudge to vote for the judge that will be favorable to the lawsuit he(musk) and Tesla are involved in within the state and who happens to be be part of the Trump gang having campaigned with junior.
kristiandupont · 38d ago
Sure. I just think that we will be looking back at that as a horribly inefficient and expensive way to accomplish something that will be much more advanced soon.
swyx · 37d ago
yeah you're just projecting your personal concerns on to this thread. i have FAR more info about you from your social media activity than your DNA. learn to compartmentalize.
kristiandupont · 37d ago
lol
lelandfe · 38d ago
Did Facebook ever create a way for someone to delete the “shadow profiles” it builds for non-users?
I have a suspicion it will entail making an account.
r00fus · 38d ago
I hear the tried and true approach is to make an account and poison their well with fake but somewhat realistic data and don't close it.
dustyharddrive · 38d ago
Why sign their limitation of liability?
arjie · 38d ago
The practice of how this does damage isn't clear to me. But I'm going to test this in the very skin-in-the-game sense. My genome (sequenced by Nebula Genomics) is available to anyone who would like it. I have raw FASTQ files which you will have to pay a nominal fee to access.
Once upon a time, a friend and I decided we should launch a site where people can submit their genomes and health information so that broad population scale studies can be done. I did submit my stuff to All Of Us and so on, but I think the fact that you need to be special-cased to access the data is probably a loss.
So I think it's time to revisit this whole thing. Perhaps I should make VCFs available instead. They're much smaller and may be more accessible for people. In any case, if you want my FASTQs, just email me.
(I had this done when I was launching Google Cloud Genomics so I had some data that I could work with without any restrictions. Illumina's genetic counselors told me "you have no genetic risk factors that we can detect" which is more or less what I expected (not that I don't have any- just that Illumina's genetic counselors weren't very good).
FASTQs are much larger (being raw reads) so I'll leave them available via personal contact but this is a good place to host the VCFs. I'll answer the questions etc. as time goes by. Quite a few screenings have revealed a GJB2 variant in my genome, but I don't know if the Nebula sequencing was good enough to detect.
excellent, i was giong to ask if you're going to test it anyway why not make it free. and now you have. nice. i'm really curious what the attack vector is here. i try to take privacy guys seriously but sometimes theres definitely just fearmongering
arjie · 38d ago
Yeah, it's just 100 GiB for the FASTQs. I just don't want to have my personal Cloudflare account upgraded to Pro just to host a bunch of DNA reads. If you'd like I'll give them to you and you can host them, though. I'm not charging for access so much as making sure not to get whacked with a bill myself. The VCFs are much smaller but if you think you have a better variant-calling flow you'll want the FASTQs.
I guess I could upload the FASTQs to PGP too, but it doesn't seem right you know (it's going to cost them to store it).
vl · 38d ago
What service did you use/would recommend for sequencing?
Manfred · 38d ago
A government could decide they don't like a particular phenotype and decide to visit people based on a database. Something similar happened with the harmless "what's your religion" question on census forms in the late 1930's early 1940's.
BugsJustFindMe · 38d ago
The public already has enough information to substantially harm large groups if they want. A simple example being property ownership databases, which are often publicly available on the internet, can be referenced against culturally-suggestive first and last names to find the domestic whereabouts of large numbers of pick-your-group.
thomassmith65 · 38d ago
That's just today. We might live to see targeted diseases.
My fear, in the current era, is to be included in countless virtual 'police lineups'. The higher the availability of my DNA, the higher the chance of a false positive affecting me.
pests · 38d ago
I read a book years ago that I can't remember the name that your comment reminded me of, although achieved a little differently.
In the book a global pandemic broke out but didn't effect Muslims. How was this possible? A in-world marketing campaign promoted "Mecca Water", in which the antidote / preventative was delivered and the Muslim world was made to believe it was holy / blessed / a pilgrimage experience to consume it.
I feel it might have been a product of the post-911 world but I did find it interesting and also fear the future as it seems possible today, I'm sure some are trying.
asperous · 38d ago
No singular person, it's more the value of having a large database. You visit a coffee shop, a stalker collects your dna from a fingerprint and uses the a leaked or sold database from 23andme to tie it to your identity or home address, etc.
Interestingly this also works if a direct relative has used it as well.
dullcrisp · 38d ago
Couldn’t they find you on facebook instead of sequencing your genome?
Larrikin · 38d ago
Does anyone under 40 have a non locked down or an undeleted Facebook account?
lentil_soup · 37d ago
If a stalker already followed you into a coffee shop surely they have your name and address
vl · 38d ago
I'm interested in sequencing my genome (I don't consider this data private - really any determined entity can collect it with just a bit of effort). How was your experience with Nebula Genomics?
If you would do it today, would your recommend them or somebody else?
robwwilliams · 38d ago
In the George Church crowd. Me too.
A high resolution image of a face contains as much or more functionally useful personal data than a vcf.
Hard to be optimistic about US trend lines now but I trust GINA to stay the law if the land.
And if I am wrong then my DNA security is about the least of my/our problems.
yborg · 38d ago
Insurance company sees you have a marker for some chronic illness or cancer or whatever and suddenly you can't get life insurance anywhere or have a massive premium. They could even deduce this if only your parents' DNA is available.
Current statute in the US only restricts using this data for health insurance as far as I know; and even if it's straight illegal, the playbook now is just break the rule of law and do whatever you want. I admire your altruism, but our society will not reward you for it.
robwwilliams · 38d ago
And life insurance.
themagician · 38d ago
The main risk is denial of insurance due to genetics. Insurance company buys database and uses it in the future to deny claims or terminate policies.
Sure you can delete your data, but guess what, they'll retain it anyways under "regulatory obligations". I've gone back and forth with their privacy team and this is the last response:
"This is a follow-up from the 23andMe Team. To clarify, we and our laboratory vendors are bound by various legal and regulatory obligations that may necessitate retention of certain information. We want to assure you that our data retention program adheres to applicable legal requirements which can vary depending on what country or state a customer lives in, the state a contracted laboratory is located in, and any applicable federal or state licensing obligations related to the ancestry and health products we sell. We can confirm that samples and genetic testing results are deleted in accordance with applicable law and any legal retention obligation serves as a proper exception related to a data deletion request under data privacy laws."
partygirl69 · 37d ago
What did you ask them to get this response? E.g. did you request to delete your data, then followed up over email to confirm it was deleted? Also, are you based in California?
carimura · 37d ago
Yes California. I've been asking what data is being retained per their privacy policy and here is the much longer response:
"Your Genetic Information, date of birth, and sex will be retained by 23andMe and our third party genotyping laboratory as required for compliance with applicable legal obligations, including the U.S. Federal Clinical Laboratory Improvement Amendments of 1988 (CLIA), California Business and Professional Code Section 1265, and College of American Pathologists accreditation requirements.
It is important to understand that the information stored is distinct from the raw genotype data available within your account. The raw data we receive from the lab has not been processed by our interpretation software to produce your individual-level genotype data (in your account).
You can read more about our retention requirements in the retention of personal information section of our Privacy Statement."
thebytefairy · 36d ago
I'm unclear - so what does get deleted? Just unlinks your name from the genetic data?
beacon294 · 38d ago
It seems like you can sue them. This is purely legal's domain.
ronnier · 38d ago
> The California-based company has publicly reported that it is in financial distress and stated in securities filings that there is substantial doubt about its ability to continue as a going concern
This is one reason I use signal over other texting apps -- I don't want my private messages sitting in a database waiting to be sold during a fire sale when the company goes under. Also why I try to locally host my apps such as security cameras, password manager, home automation, storage, wiki, among others
Glyptodon · 38d ago
What do you use for home hosting security cams, storage, and PW management? Does your storage solution work for automated phone data backups?
nijave · 38d ago
I use Home Assistant and Frigate for security cams. I have a rack mount server with Ubuntu that acts as a NAS with NFS for ipcam video and SFTP for SwiftBackup from my phone.
I don't host my own password manager but iirc you can self host Bitwarden (I use the hosted version). You can also setup Resilio or Syncthing to sync files from your phone like photos.
ronnier · 38d ago
WireGuard with a domain that only has private ip addresses. Caddy to handle domain certs. I use a split tunnel so my phone is always connected to my local network at home. Everything is http even with private ip addresses
I use frigate and home assistant. I have unraid for storage. I use a small x86 box with openwrt for my router.
I use vault warden (open source version of Bitwarden) for passwords. It’s amazing. And you can use the native Bitwarden client
Guvante · 38d ago
If 23andme has an agreement with its consumers on how it will handle the data it should not matter whether they are bought that agreement should be maintained in perpetuity unless those consumers actively choose to change their agreement.
After all we wouldn't talk about Dropbox being sold resulting in ransacking of your personal data why is that in the conversation with 23andme?
(I am not being critical of the AG here but instead pointing out how lax consumer protections have gotten that we even need to have this be a talking point)
karaterobot · 38d ago
You're right that it should not matter. That would be a great world to live in! It's not this one, though. Companies ignore these agreements all the time. Sometimes they're even caught and their wrists get slapped.
More often (I believe) we just never learn the agreements have been broken in the first place.
But it is a rule—almost approaching a law of nature—that companies facing financial distress will begin putting a price tag on private data they've promised never to sell. It's like the cartoon with the starving people in the life raft: they look at your data, and suddenly they don't see a legal agreement to protect it, they see a juicy drumstick.
> After all we wouldn't talk about Dropbox being sold resulting in ransacking of your personal data why is that in the conversation with 23andme?
Well, opinions differ on that one too!
JonathonW · 38d ago
> After all we wouldn't talk about Dropbox being sold resulting in ransacking of your personal data why is that in the conversation with 23andme?
Both 23andme and Dropbox's privacy policies only require them to notify users if the privacy policy changes (no restriction on scope of those changes), so maybe we should (if Dropbox were to be sold)?
Guvante · 38d ago
Not legally, they can only do that if you implicitly agree by continuing to use the product.
If you don't interact in a meaningful way you cannot change a contract from one side you need a new agreement.
Now whether this is enforced is a different manner.
jrm4 · 38d ago
A simple rule.
When a company promises to never do a thing (e.g. be careless or sell off important data like this,) but there is no legal consequence or assurance, that company -- or some different company related to it -- is definitely, absolutely, going to do that thing.
IncreasePosts · 38d ago
23andme stock is down 99.12% from 5 years ago. Sheesh. What happened? Is it just not a viable business model or was it extremely mismanaged?
janetmissed · 38d ago
There was a pretty great article a few years ago about the downfall of 23andMe (I think it was in The Atlantic), but basically they ran through all of their potential customers within a few years. It turns out that when your entire business is sequencing someone’s dna it’s hard to get repeat customers. They tried to pivot to a subscription model where they would give health advice based on your genetic sequence, but it turns out that most health information you can glean from a dna is suspect at best and next to useless most of the time.
geor9e · 38d ago
Well, think about it: it was a novelty in 2013. I paid them $99, and I still have access to all of the website's features, showing my ancestry and health trivia. People who are into this sort of thing have already done it. What future revenue do they have?
dehrmann · 38d ago
Genetic testing might be one of the most durable goods out there.
rchaud · 38d ago
Why would a B2C blood test company need to be publicly traded?
The answer is simple: going public is a cheat code that unlocks millions in cash for deeply unprofitable companies that can sell tall tales to pension funds that need things to toss money at. Coat it in some "we're a tech company" pixie dust to seal the deal.
tacker2000 · 38d ago
Any “deeply unprofitable” company that goes public without at least any bright future forecast will get their share price hammered right after the IPO, or would probably cancel the IPO since the underwritten target IPO price would be too low. This has happened.
There is no “conspiracy” cheat code here, the reason they went public is to satisfy their pre IPO VC investors. The snowball just continues roll at that point.
They had over $1B of total investments prior to their IPO so the pressure to go public was clear.
If SPACs aren't a money cheat code, what are they? A real company puts out an S-1 to gauge market sentiment, and doesn't hide them behind a Richard Branson investment vehicle.
> 23andMe isn’t doing a traditional IPO, but rather following the popular trend of using a SPAC (Special Purpose Acquisition Company), a blank-check company formed solely for the purpose of raising capital through an initial public offering, in this case run by Virgin founder and billionaire Richard Branson.
I have been wanting to get my genome sequenced for years, and had been thinking 23andme might be one of the better options because of the possibility of invoking the CCPA to get my data deleted after sequencing. Never did it because I wonder if they sell your info to some third party the second it comes off the sequencer, and also because I'm skeptical that they would fully comply with a deletion request.
For people who would like to get their DNA sequenced but are actually concerned about privacy, are there any better options?
EGreg · 38d ago
I guess it's just my programming instincts, but I just immediately think of the possible worst case scenarios and how strong are the guarantees they're prevented.
Dividing by X? I immediately think what if X is zero. Dereferencing X.Y ? I think what if X is null / nil. And so on.
So when it came to the DNA, I was hesitant to do it, since your DNA can wind up in all kinds of databases. And it turns out I was probably right.
What you could have done is sent in the information anonymously, or under a fictitious name. You can still use an email address and log in and see the results. Or you could use someone else's name from another country (with their permission), but then if that person ever gets in trouble, the DNA evidence might somehow implicate you (such as the guy with the last name NULL who got a lot of parking tickets LOL). A couple months ago I actually did submit with heritage.com and 23andme for a friend, so I think there was no place where you had to provide ID or something.
sandos · 37d ago
"Sequencing" make it sound like you want 100% of your SNPs scanned, that is not something that 23andme does afaik.
This is a "shotgun" chip approach which sparsely samples your genes in an economic way. They will concentrate on areas of more interest and so on, in a way that is useful for genealogy for example.
ekianjo · 38d ago
Until you can do it with a kit at home, probably none
teeray · 38d ago
This sucks the most for everyone that never consented to genetic data collection, but they have it all anyway. If you were the only holdout in your family to not use 23andme, it doesn’t really matter since they know a lot about you anyway. Genetic information is fundamentally shared among a group, so you shouldn’t really be able to consent to disclose it in a way that allows a company to do whatever it wants with it. They haven’t obtained all of the consent.
robwwilliams · 38d ago
I do not understand the purpose of this alert. There are no explicit warnings, just a premonition. The alert merely says what all users should know that their genetic and survey data can be deleted if they request it to be deleted.
That obligation to delete user data is persistent and will apply to any buyer of 23andMe. Or am I wrong?
What is the AG of California intimating that the data is now at risk of being released into the wild or worse? That is how some will respond to this alert.
What many customers may not know is that they can also download these valuable genotype data and store locally if they wish. Using these data is not easy, but it is possible with a but of research and help.
Those who have used 23andMe should and can expect the security of their data to be maintained by the company, and that obligation would apply to any purchaser.
timewizard · 38d ago
"Why would you spit into a tube then mail it to the internet?"
-- Bill Burr
hayst4ck · 38d ago
With regulations, it really is the type of thing that would benefit a lot of people as well as biological science as a whole in America.
themagician · 38d ago
It's actually wild to imagine what could be done, with current compute power, if you had the full genome of every person in the US in addition to their healthcare records. I would bet that you'd be able to determine, with high confidence, the probability of many serious health conditions years or even decades before symptoms appear. And it would completely change the manufacture and administration of medicines. It would change the course of human history.
Of course, we'd totally !@#$ it up and use it to put group X, Y, and Z in camps or try to breed super soldiers.
hayst4ck · 38d ago
There is a lot of academic talk about how focusing on democracy rather than constitutionality (rule of law) has done us a great disservice.
It turns out voting is much less important than limits on arbitrary executions of power.
Everything that's good comes out of their being "just" rules for the most powerful members of society, democracy can facilitate it, but does not guarantee Rule of Law.
Richard Fenyman on "cargo cult science": I think the educational and psychological studies I mentioned are examples of what I would like to call Cargo Cult Science. In the South Seas there is a Cargo Cult of people. During the war they saw airplanes land with lots of good materials, and they want the same thing to happen now. So they’ve arranged to make things like runways, to put fires along the sides of the runways, to make a wooden hut for a man to sit in, with two wooden pieces on his head like headphones and bars of bamboo sticking out like antennas—he’s the controller—and they wait for the airplanes to land. They’re doing everything right. The form is perfect. It looks exactly the way it looked before. But it doesn’t work. No airplanes land. So I call these things Cargo Cult Science, because they follow all the apparent precepts and forms of scientific investigation, but they’re missing something essential, because the planes don’t land.
Democracy without Rule of Law is a cargo cult democracy. It is form without substance. It seems like it should produce good outcomes but doesn't.
The planes aren't landing...
pmags · 38d ago
All of Us -- https://allofus.nih.gov/ -- and similar efforts benefit biological science as a whole.
23 and Me not so much...
rchaud · 38d ago
If it's so valuable, companies can pay you for it, just as blood banks do for plasma donations. 23andme are double dipping by charging for these tests and turning around to sell the data for drug discovery research or wherever it goes.
gosub100 · 38d ago
I did this for bone marrow donation. God knows what they did with my DNA sequence but if they match it, it's quite likely I'd be the only one who could help (due to the uniqueness required). It'd be an honor.
toomuchtodo · 38d ago
Because I was curious.
(submitted a data deletion request)
qqqult · 38d ago
is_deleted = True update is in progress
toomuchtodo · 38d ago
And if it turns out that’s the case, I’ll file suit and establish a class action on my own dime. That’s how the gears turn and recourse made available. Actions have consequences.
dandrew5 · 38d ago
How would you know? I also submitted a deletion request to that airport identity service Clear to avoid missing a flight one time. I received an email "Your request has been received" and nothing else. Is there a way we can validate our information is actually deleted?
toomuchtodo · 38d ago
It will either be disclosed in bankruptcy proceedings, and failing that, finding a whistleblower who has access to the data and can/will attest to the fraud.
scoofy · 38d ago
If only we had any actual privacy laws in the United States.
I hate that I'm having my samples destroyed and removed from research. It feels wrong. But the idea that some company can quietly change the privacy terms on me is unacceptable. I would happily share my genetic data with researchers if I knew that the privacy agreement we had was irrevocable.
zeroonetwothree · 38d ago
The linked article is literally about a privacy law that protects your data.
We use fully homomorphic encryption to ensure only you can see your data and your results.
The app will be live in a few weeks.
dopa42365 · 38d ago
you do not redeem today, saar
quantified · 38d ago
After you go through the steps to request deletion and physical destruction of the sample, you still need to trust them, a dying concern with the desire to monetize anything remaining, to actually carry it out.
zeroonetwothree · 38d ago
Yes well how else would it work? Are they supposed to give you root access to their servers so you can check? At some point you do have to trust someone else.
ashoeafoot · 38d ago
Thank you to everyone who sold out their families genetics, you are uninsureable for all found so far genetic diseases , sign here, here and here.
fnord77 · 38d ago
Bonta himself is about to be indicted by the feds in relation to the Duong family/Sheng Thao corruption probe.
svanschalkwyk · 37d ago
Trying to delete and no date matches my birthday. How convenient.
sudoshred · 38d ago
Reminiscent of the movie Gattaca.
sMarsIntruder · 37d ago
Early user. IIRC it was kind of early ‘10.
Never gave consent for studies and asked for GDPR complete data removal I guess 5/6 yrs ago.
Meanwhile I learned about privacy and promised myself to never get into this “things” again.
levocardia · 38d ago
So, what rich billionaire wants to buy the company, anonymize the data, then release it open-source? Would be a genuine boon to biohackers everywhere, privacy be damned.
Y_Y · 38d ago
Anonymise DNA?
With due respect to Poe's law, I spend a lot of talk hearing about how data can be made "anonymous" and somehow you could use it without running into problems with PII. And it's usually wishful or naive. This really takes the cake though. You could certainly aggregate the data in way that preserves some (differential) privacy. But DNA is the the least impersonal data I could imagine.
nukem222 · 38d ago
> But DNA is the the least impersonal data I could imagine.
I imagine there are far more devastating bits of PII to publish than genes, like your porn-watching habits. I don't think this is a strong rhetorical stance to defend genetic data.
Contract law is kind of diseased. I don't think it's a good idea to build a society around letting people sign basic protection from corporations away.
Y_Y · 38d ago
For clarity, I agree completely. I don't think DNA is likely to be damaging of its own accord (unless they find your blood at a crime scene or something). What I'm getting is more that it's very identifying.
SequoiaHope · 38d ago
I’m not well versed in issues with genetics to discuss the merits but one thing I will say is that billionaires tend not to do things like this because, I think, in order to become a billionaire you necessarily have to have a view of the world which seems to filter out a desire to give away large amounts of value. There are SO MANY social problems which billionaires are at least financially capable of solving which they do not in fact solve simply because they do not seem to think this way. One example - Bill Gates could have made sure the Covid vaccine was open source and he could have helped factories around the world tool up to make it, saving potentially millions of lives. But the way he thinks he can’t seem to imagine doing that and instead believes proprietary medicine is somehow the way. Which even if one believed it was in general, I strongly disagree that was the right solution for the acute global tragedy that was the onset of Covid around the world.
gosub100 · 38d ago
Rich billionaire? As opposed to a poor one?
rvnx · 38d ago
Like the husband of the founder ?
slevis · 38d ago
It would be imo worse if the information just gets lost once 23andMe shuts down. Make genome and health information open access.
ripped_britches · 38d ago
Why is it his prerogative to suggest this? Doesn’t he have better things to do?
epistasis · 38d ago
AG stands for Attorney General. Seems like an excellent use of the position's time to me.
hayst4ck · 38d ago
It's worth pointing out that this is a pro-corporate attack by the US/california government against citizens who have their data in 23andme. This is one more item of clear evidence that it is not the citizens government, but corporations government. This is also why democrats lose. They can't even wrangle corporate power in their own stronghold states.
Politicians have the responsibility of creating legislation to protect citizens, but by abandoning that responsibility and creating an "opt-out" system, those without knowledge or who aren't paying active attention lose, and companies win. The company loses almost nothing if a handful of people opt out, and only a handful of people at most will opt out, so corporations win, the politicians continue to have the support of corporations so they win, and citizens who have things being done with their data, that they absolutely would not consent to, lose.
*edit: If you did 23andMe for health information or ancestry purposes, would you consent to that data being sold to an insurance company who might raise your rates, or in a crazy world, to a background check company that would inform a potential employer of any medical conditions that might be relevant to your stability as a worker?
Of course not. You would absolutely not consent to that.
This policy of warning people to delete their data instead of stopping action that no informed citizen would consent to not only doesn't scale, but it is an abandonment of responsibility in order to retain corporate support (such as donations to run a campaign).
toomuchtodo · 38d ago
The notice is pro consumer, informing citizens of their rights to delete their data from a private company database.
hayst4ck · 38d ago
It's not. It is a pro-consumer Trojan horse. It appears to be pro-consumer, but the vast majority of 23andMe customers will be harmed by the AG abandoning their responsibility to protect the public through direct action against 23andMe.
It's not even your own data. If family members used 23andMe and don't see this notice, then your genetic data is still part of 23andMe whether you like it or not.
armada651 · 38d ago
You're assuming it is within the AG's power to force 23andMe to destroy their data, however they can only enforce existing laws. The only law that can force 23andMe to destroy their data requires a request from the consumer. Thus this is less an abandoning of responsibility and more like a desperate cry for action.
hayst4ck · 38d ago
As we've discovered with the current federal administration, there is what's in your power (what you can actually do) and there is what's in your power (a convenient excuse not to take decisive action).
The AG isn't "playing the game" because many of these people who hold office are participants in a system of patronage by people who want de-regulation or regulatory capture.
edit: "Norms" is a word that has started to be commonly used to describe situations in which someone was allowed to do something but it was generally considered against the unwritten rules.
Norms is a word that is used to defend inaction even though action is possible, and you'll notice one side dis-empowers themselves by conflating the idea of against norms with being against the rules.
dboreham · 38d ago
AG could have chosen to inform the public about this and suggest they in future vote for candidates offering privacy enforcing platforms.
Henchman21 · 38d ago
Perhaps said AG has come to the conclusion that litigation would be fruitless and that warning the public has the most upside for the public?
Also it seems you’ve made this political because Democrats and California exist I guess? They are Big Scary Monsters for conservatives I suppose? I don’t really get it and the point you’re attempting to make seems based on a misreading.
hayst4ck · 38d ago
I vote democrat. I really do, but I am upset with democrats because they aren't crafting a world we want to live in and they will take any excuse they can to do nothing or something close to nothing instead of actually doing something.
One of the reasons democrat don't get voted for is because they are incapable of governance even in their own strongholds because they engage in the conflict of interest of taking corporate donations. When a politician acts against a citizen, there is no consequence. When a politician acts against a corporation, donations are reduced or transferred to their opponents.
Before a general election is a primary, and before a primary is fundraising. During fundraising, which acts as a filter for candidates, and is therefore a form of election, money votes first, which is why we have a country that feels like politicians represent corporations (they do, corporations vote first by voting with money), rather than people.
Henchman21 · 38d ago
Well said, and I agree generally. I’m not happy with the political situation in the US either. But this still seems like a very pro-consumer action taken by the AG. Perhaps not as pro-consumer as suing them into non-existence and destroying their (our?) data.
But honestly the Dems have been out-played at every level. I suspect we’re going to have to leave them behind if we wish to fix what ails us in this country.
But also as people constantly remind me when I am upset: the thing you’re upset about is only tangentially relevant. :)
hayst4ck · 38d ago
My core point is that this has the appearance of action taken against 23andMe, but not the substance of action.
zeroonetwothree · 38d ago
Why would I want the government forcing companies to delete my own data? Shouldn’t I be able to choose myself?
Glyptodon · 38d ago
I'm not sure I know enough to about CA AG's options to strongly agree or disagree with your point, but I think the way you've written about it is going to be confusing/misunderstood by the average person just reading through comments.
hayst4ck · 38d ago
> CA AG's options
That's a framing that contains its own defeat.
Republicans and corporations don't cage themselves by their options, they give themselves options. They work towards and achieve their goals despite "resistance."
A government that doesn't function de-legitimizes itself.
derektank · 38d ago
A government that doesn't adhere to a consistent framework of rules and laws ultimately devolves into some fashion of personalist dictatorship. Now, laws should not be set in stone and governance can be made more permissive to afford a lot of personal discretion to elected leaders, and maybe they should be, but ignoring the legal constraints that exist today is basically arguing that might makes right.
gosub100 · 38d ago
> They can't even wrangle corporate power in their own stronghold states.
Or even darker: they never represented the people (demos) in the first place?
hayst4ck · 38d ago
They don't and they can't as long as corporate backing is their major source of funding.
Not to say republicans represent people either, republicans unapologetically back unchecked corporate power. Democrats try to serve two masters.
derektank · 38d ago
Individual contributions, both large and small, are together by far the largest source of funding for campaign spending at the federal level. It's certainly possible that this is different at the level of the California state legislature but I see no reason to think it is without evidence to the contrary.
Summary: It feels like we have a government that governs on behalf of those with money because those with money vote first in the fundraising "election" that happens even before a primary election. More money is more votes in the "election" that mattes the most. Those with money get to filter candidates first.
edit: Just because money comes from an individual and not directly from a corporation doesn't mean it isn't a pro-corporate/"corporate" contribution.
hhh · 38d ago
What?
hayst4ck · 38d ago
Who should stop a company from doing things that are unethical, in this case selling genetic data to companies to use for their own ends, rather than to use data to benefit customers.
The attorney general for a state as well as the legislative body passing laws that help the AG do their job has a responsibility to prevent this.
So this person in a position of power, who should be stopping a blatant abuse of people's data, has abandoned that responsibility and instead told every individual, in a public statement that would be very easy to miss, to prevent the abuse of data themselves.
This style of handling data is a policy like recycling, or telling people to turn off their lights to protect the planet. It distributes responsibility to individuals, for a problem that can only be meaningfully addressed through regulation.
derektank · 38d ago
You said it yourself, the AG can only enforce laws that the legislature and governor pass. Calling the AG's statement a corporate attack seems needlessly inflammatory when he doesn't have the authority to change the law himself.
hayst4ck · 38d ago
AG exists as part of a system. An AG should be working with a legislative body to give the AG the tools the AG office needs to do their job.
This is abandonment of responsibility because challenging corporate power results in reduced corporate backing. This is corporate <-> political alignment against citizens manifested.
Dylan16807 · 37d ago
General consumer protection is not the AG's job. You're demanding action out of the wrong person.
But for nearly 20 years I've been telling my extended family NOT to participate in any large scale genotyping with 23 and Me or similar commercial companies where they retain rights to your data, anticipating that something like the current scenario would likely play out.
Somehow, 23 and Me genotyping became the "gift du jour" for Xmas some years back -- I never personally understood that or why someone would want to turn over so much data to a commercial entity.
This is not to say that large scale sequence information is not appropriate for *some people*. But if that's something you need, make every effort to make sure you own your own data.
It’s a pretty simple cost/benefit equation.
For 90%+ of people, the benefit (or appeal) of seeing an ancestry report is greater than the cost (or risk) of handing over your DNA.
That said, it’s definitely fair to question why more people don’t take their personal privacy seriously. The reality is companies like Google (and 23andme) simply wouldn’t exist if everyone cared as much about privacy as the HN crowd. Google exists because consumers are fine with sharing their data, for better or worse.
It’s the same as infosec in general. Most people don’t know about the risks, and anyway are bad at quantifying tail risk.
My wife also did 23andme some years ago, through which she discovered she had Factor V Leiden—a fact which became extremely important very soon after her discovering it, leading directly to changes in her treatment and how closely they monitored her for blood clots (she had a PFO and some other stuff going on that was already compounding her risk of clotting and stroke), and very possibly may have saved her life.
I’m supposed to go in and delete every trace of it out of fear of what the down-on-their-luck company might, or simply could, do?
While I know that my experience might be rare, I would regardless suggest that you reserve your skepticism, because you aren’t really in a position to assess who did or did not derive a justifiable amount of value from it or how informed of a human being they are
23andme had little data on my fathers side so it split my mothers side into my family tree at the great grandfather level. I spent awhile tracing people only to discover my father and mother side seemed to be related. After going on Ancestry I was able to figure the mistake.
Myheritage had European links. 23andme North American links. Ancestry had everything. The genetic time period they match against are different. 23andme matches against 100ad while ancestry 1200ad. So if you are Celtic perhaps your people were in Spain in 100ad but in Ireland or Scotland by 1200. Using different services gives you a fuller picture and understanding of human migration and your migration. The difference from 23andme telling you you are broadly northwestern european vs Cornish/Welsh/Scottish is huge but illustrates what you match against really changes your identity.
These tests do not do a full detailed analysis if you want that you need to find a clinic and pay thousands of dollars. For what they do tell you I wouldn't be afraid for the entire world to see.
Discovering who you are, where you came from, discovering who your relates are, what your last name is, where people with your genes live now, the backstory on how your wave of immigration came and where they settled and why has been worth it.
The information exposed by 21andme was profile and ethnicity information. I'm okay with any of that becoming public, the public part of a facebook profile shares personal data. Actually I wish more people would ask me about my ethnicity data. I think it would make a great addition as a facebook profile section and if facebook still allowed developers to create profile addons I would create one.
As an aside does anyone remember catbook addon?
You are probably aware that at least two European countries no longer collect this information, and the reasons for introducing this policy?
https://qz.com/2029525/the-20-countries-that-dont-collect-ra...
My guess would be to protect European identity from the reality. Europe has a different level of acceptance of foreigners and a history to protect. I can accept their compromise because of their political situations.
In Canada it's promoted. In the US it gets combined into American identity and promoted in Europe it's hidden.
No comments yet
I don't tell anyone now to use 23andMe specifically, but the warnings and risks being discussed here apply to existing customers, to people who have already done it, and I am just speaking as one of those people.
But certain general ancestral data can be deduced from variations in your DNA that are observed in some known current/historical population. I.e, I share much in common with people sampled from Scotland -> I must be Scottish.
It's either matching to specific people in the service's reference group who have declared that they are Scottish, or it's trying to guess based on the mix of ancestral populations 2000+ years ago ("western hunter gatherer", "early Neolithic farmer" etc.)
Speeding is a choice, one that's extremely easy to change, and it ultimately an exceedingly trivial matter.
You are born with your genetics, and you can’t change them. You are them. They will likely impact how and you die. All you can do is be aware of them so you can try to be proactive.
So there’s really no comparison between that and voluntarily driving a car too fast
If that’s genuinely how it worked, where the more health problems you are at risk for, the more money you have to pay, this would result in the people who already have the shittiest stuff to deal with in their lives having that compounded by also having to pay more than everybody else.
Not sure what more needs to be said, but if there is anyone out there who is unconvinced, I probably won’t be inviting them to dinner parties anytime soon
If someone has a higher probability of getting sick / dieing / getting in a wreck then the risk is different and should be priced accordingly. If you don’t, you’re not taking about insurance anymore. You’re talking about a wealth transfer system where good drivers subsidize the bad.
There's no divine directive that states that risk sharing must be done by voluntarily joining a pool run by a private entity that's priced uniquely per individual. That's merely one way to go about it.
To be fair it's the only sensible way for a private entity to go about it in the absence of legislation that prevents others from being more efficient. In the case of the US specifically, as long as everyone is forced to play by the same "inefficient" rules the free market will continue to work.
https://www.nytimes.com/2024/03/11/technology/carmakers-driv...
I'm just another random anecdote, but I also found I had Factor V Leiden through 23 and me. Also, I'm gay, and for a long time was the only gay person I knew in my extended family. Through 23 and me I discovered a 2nd cousin who also is gay, and I met him in real life and it was an incredibly meaningful and important experience in my life.
Yeah, these experiences may or may not be rare. I was positing that they might be rare mostly to try to meet the person I was responded to halfway and because I don't actually have evidence one way or the other
https://www.theatlantic.com/health/archive/2024/03/dna-tests...
Non-heterosexual behaviour can be observed in most social amniotes, even those without fingerprints. Genetically-identical twins do not have identical sexual proclivities. There's no a priori reason to believe there's even a "gay gene" to find.
So at most a perfect genetic test could give a percentage chance of someone being gay/straight.
I guess that's pretty much what you said.
Did I get that right? If so, is there an ongoing value you want to maintain, or it more out of respect for the organization that provided you value in the past?
You being a sample of one doesn't give you any position either, but I won't be suggesting reserving your enthusiasm.
1. I'm simply not that important. There are millions of other people who have given this data to 23 and me and the like, and I'm just some rando peon - nobody is going to be specifically searching for my DNA.
2. The "worst case scenarios", e.g. getting health insurance denied because you have some gene, still seem implausible to me. Granted, there is a ton of stuff I thought would be implausible 5-10 years ago that is now happening, but something like this feels like it would be pushed back against from all sides of the political spectrum, even in our highly polarized world.
3. I haven't murdered anyone, so I'm not worried about getting caught up in a DNA dragnet. Sure, there can be false positives, but to get on in life you pretty much have to ignore events with low statistical probability (or otherwise nobody would even get in a car on the road, and that has a much higher statistical probability of doing you harm).
We're halfway there, data mining by insurances already is the norm in car insurance. We should have fought back hard back in the day this was proposed.
> I haven't murdered anyone, so I'm not worried about getting caught up in a DNA dragnet. Sure, there can be false positives, but to get on in life you pretty much have to ignore events with low statistical probability
Even if you haven't murdered anyone or intend to to so - your genetic data is useful in the pig dragnet. Your genetic data may be what provides the pigs with a link to your nephew who moonlights as a graffiti sprayer... and yes, the German pigs are doing DNA checks on graffiti sprayers, they have been doing so for over two decades [1].
[1] https://www.welt.de/print-welt/article398332/Graffiti-Erstma...
At the moment pigs can break the law and abuse their authority any way they please with barely any chance of getting even a slap on the wrist - and even if they kill someone, chances are high they'll either get off entirely on "reasonable fear" or they'll get pardoned.
Again, if your goal is to convince people (or at least have a constructive dialogue) why they should care about genetic privacy, all you have done for your average person is convince them even more that your opinion should be discounted.
Even moreso if they're one that would be a physical threat like you're suggesting?
While they may still be useful, they have an image of infallibility that doesn't line up with reality.
There is always the risk of a society or government changing that definition after they have the data and it’s too late to go back.
I'm just saying I'd like the state to have to work hard to put people away. The law can just as easily be wielded to harm people. I don't see much sign the american public agrees with me, and politicians certainly don't agree. Even mr "it's a witch hunt" trump is only anti-LEO when it comes to his own crimes. But I'd rather have some low background level of crime than the sinking feeling that we're imprisoning a lot of innocent people, as unpopular a sentiment it might be to some in this country.
Besides, if the government doesn't take care of society, higher crime is inevitable.
1. If I had a family member who was a serial murderer or rapist a la the Golden State Killer, I would want him apprehended.
2. "the criminal might well learn/suspect that they have been compromised through you?" That doesn't seem reasonably plausible enough to me to care. What, cousin Billy Bob is going to come hold me hostage because he knows I used 23 and me at some point? Really??
But you are apprehended instead and are responsible for now coming up with an alibi.
What if an unknown biological relative of mine happens to be a billionaire and gifts me $10M like he does for all his other relatives?
One can argue that these people may not have understood that a transaction was occurring. I would argue that this is beside the point. Their intuition is hard to discredit in the face of their lived experience. Aside from the marketing spam, most people are probably right in thinking that they've been better off with Google/<alternative> than without.
We can pontificate that people should know more about what they agreed to, and so on, if only they knew better, etc. But this rings hollow and very hypothetical to the vast majority of us. It's worrisome in thought exercises, but not validated in real life.
Perhaps this could be solved with a class action law suit, that would make it illegal for private entities to own the data post fact, combined with how it was marketed, etc. I’ve seen interest rates for credits reverted this way and credits reduced, for similar reasons. But again, it’s a trade off here too :)
Most people haven't died or had their bank account drained due to bad opsec, so I'm guessing they are accurately assessing the risk as "could be worse". There are so many things that could kill you day to day that people rightly don't care about your pet issue.
Most people I talk to about this, tech and non-tech folk have an attitude with a.mix of "you can't escape this anyway, so might as well embrace it" and "misuse scenarios you are describing are pretty far-fetched".
Hi Laszlo, I'm making the trip on Friday, we can meet at 10 and you can put the stuff in my purse, it should be fine. Don't forget the jewels, that's the only reason I'm doing this.
And 23andMe was already offering a $100 DNA sampling in 2008.
It’s easy to be cynical about this in 2025. Those who didn’t live through the early 2000s, can’t even imagine the amount of optimism surrounding the tech industry at that time. Giving my DNA to a cool new Silicon Valley firm in 2008? Sure, why not, it was like buying a ticket to some utopian future.
E.g. tons of people take Uber/Lyft with no consideration about how those companies can take your travel history and daily schedule to monetize or sell to 3rd parties.
DoorDash - what if they start selling my order history to insurance companies as a variable to predict obesity/mortality?
HN/Reddit - what if some LLM scrapes all my comments, de-anonymizes me, and sells that info to a data broker?
Visa/Mastercard - what if 100% of my credit card history is sold to data brokers? (Spoiler, it already often is!)
Just trying to illustrate that even in 2025, we pick and choose what to view through rose colored glasses and what to frown upon.
In the example of Uber/Lyft, I willingly give up my home address and even let me know every time I’m out of town! (Trips to airport) yet that seemingly doesn’t cross my mind when requesting a ride.
I don’t disagree with your comment, but IMO what was true in 2000’s is still true today: people overlook risks of things when the benefits are substantial enough. That’s human nature
The shopkeeper knows your face and every baguette you ever purchased three times a week. Every miller within 300 km knows about that time you complained about the stale bread they sold you.
What is the big diff and nobody needs high tech to compromise your privacy
Elsewhere in this discussion there are people talking about how "the common man" doesn't understand the risks of privacy loss. Well it really doesn't help that when those risks materialize you also have people claiming "well no one could have seen that coming".
This refrain is repeated endlessly but I've never heard a good argument as to why it must be this way and if it was any other way Google simply couldn't exist in any (ideally better) form.
I think Google profits massively off of the ignorance of its users and is reliant on their unawareness that they're producers of actual relevant data.
[0]: https://en.wikipedia.org/wiki/List_of_Google_products
Curiously, they had a solution of sorts in a program where you could basically bid for your own ad buys to remove ads from pages. For some reason they shuttered this program down. I didn't even know it existed until after it was gone, frustratingly. I thought it was a neat way to allow the industry bridge to other funding models.
(Or perhaps such a business model relies on tracking that's been deemed invasive. Who knows.)
Because in reality this is just an opt in donation to Google. It's always cheaper to just block ads entirely.
(Too much for my taste.)
Then you have to factor in that (far) fewer users are going to use/pay for their products if it's a subscription.
It's a though calculation for sure.
[0] https://thenextweb.com/news/heres-how-much-money-you-made-go...
https://kagi.com/pricing?plan=individual
Google is making it based on theoretically unlimited searches for everyone. No caps in the number of searches.
You have to to the $10 USD a month tier with Kagi to have the same expectation met, which is unlimited searches
Had 23andme had access to my DNA, that might be worse in future. Although today there is not immediately a lot of downside, you can certainly imagine futures (maybe slightly dystopian ones) where that turns out to be pretty bad.
I don't think I even want anything new from Gmail. It's spent that decade (and most of the one before) holding all my email and serving it to me, that seems pretty good given I haven't had to pay them a cent for it.
People who have been for instance wrongly jailed because Google gave their location history to law enforcement and they happened to be near a crime scene, these people they understand the value of privacy.
These horror stories are so rare that the vast majority of people has never personally met anyone who personally knew anyone who had it happen. So it's all entirely theoretical and speculative for people who are busy and have social life goals. It's rightfully seen in similar light as the pepper hobby or extreme zero waste green philosophy. Worrying about it is basically a hobby, an identity, a community, an esthetic. Most people have some other hobby and identity and don't need this one.
Or in countries where people criticizing the government policy disappear.
Yet it's a reality for Billions of people in Russia, china, India until not so long ago.
I mean, the world isn't just limited to the west where, at worst, you will get personalized advertisement and in very rare occasion something worst.
How would for instance, Women in the USA having to remove period tracking app because they are afraid it could be used by the government against them, fit in your thought ?
It’s neither black or white, privacy nuthead or political activist. There is a wide spectrum.
23andme started out as a democratized sequencing company
google started out as a search company. It became an identification and dossier-building company later.
or maybe I'm naive and they were data-grabs from the start.
Made even more opaque by the way the DNA kit folks gave the impression of a straightforward, first-party transaction: you pay a not-insubstantial sum for us to do this service now, you get your report, done!
Google is an advertising company. Google exists because businesses advertise and Google became, overnight in geological terms, the sine qua non of advertising.
Consumers aren’t really OK with sharing gobs of private data, but most don’t have a choice, many enjoy the free shit that they get from Google, most don’t notice or realize how much and what kind of data is collected, and none zero zip nada of us can stop Google from doing it.
This is absolutely nothing new in thousands of years. Businesses have sold and hoarded and collected and traded consumer info since time immemorial. Among themselves, with government, with law enforcement, with criminal gangs, who knows. You’re simply deluded if you think any commercial activity is private or confidential for a consumer. Yes even if you pay with $2 from your cleavage.
why more people don’t take their personal privacy seriously.
Probably because this testing has been happening for almost 20 years at this point, and we’re still waiting to hear about someone being harmed. For the most part, the privacy concerns are FUD.
It's SNP genotyping, which realistically other than telling your ancestry and few health conditions, isn't that predictive of most health conditions. Genotyping only captures a small percentage of total genetic information (it's not a full sequence -- still too expensive for what I paid), and thus the data was actually very limited, so the risk was realistically very small.
Privacy is about risk-reward -- rather than applying the preventative principle to everything (which is overly conservative), we make trade offs in life.
Progress is going to be elsewhere, like rare variants etc.
I found my half sister and biological father thanks to 23 and Me. Maybe cases like this will help you understand. Some people are willing to "pay" a lot to find out who they are.
No comments yet
It's a bit like uBiome, they have sold a lot of snake oil and harmed the reputation of B2C tests. It's a shame as something like 23andme, plus a bit of epigenetic testing to capture environmental factors, could be a wonderful way to get an overall health snapshot.
If your company does treatment X that competes with treatment Y, they'll look to expenand the edge cases that suggest X over Y as much as possible. If a company wants people to feel like they're getting something out of a genetic profile, they'll report the broadest version of risk, and then slow roll more detailed analysis.
Things like this are why I strongly think certain profit motives and business models should be extremely restricted. Just like private prisons create a profit motive for creating crimes, medical services have a profit motive for spreading inaccurate and twisted medical advice, whether it's things like alternative or new age medicine, treatment modality choices, or DNA information.
1. publish or perish, leading to lots of low quality papers
2. funding doesn't continue if one doesn't get results, leading to selection of "safe" research rather than risky research, and results that cannot be replicated
3. no funding for politically unpopular topics
and, of course, the reasons why people publish overtly fraudulent research papers.
Their interface is also better than AllofUs.
2000s — PATRIOT Act (and other heinous domestic surveillance acts with no due process) — “wE aRe pUrSuInG tERrOrIsM”
Then the invention of the portable digital camera and subsequent social media between the mid 2000s and 2010s — “selfies” and other aspects of social media made it so much easier for private and public entities to spy on people
Then the introduction of godawful companies like “23andme”. Fortunately never bit the hook and “FOMO’d” into it but rather kept this data between my doctor and myself (and the genetics testing company). Much more expensive, but at least I am covered by HIPAA.
Then last but not least, the introduction of big data companies and broker companies which build profiles on everyone that uses “free” products such as Google search, Facebook, tik tok, and many others that preceded it.
We can’t even escape ads and profiling when we _pay_ for the fucking thing.
I want to say 9/11 changed the game, but in reality I think the erosion of privacy was happening way before that (ie, to serve advertisers)
"As an added security measure, we’re requiring that all customers choose a new password unique to 23andMe. To proceed, please reset your password."
I did my test over 10 years ago and lost access to that email.
NICE.
It'll be way too late by then, but at least you'll get it.
I still largely agree that it's worth keeping your DNA out of the hands of data brokers for several reasons, but as laws exist today that would not be legal.
It's reminiscent of some prepper wanting to exclusively horde USD. I just don’t see a doomsday scenario in which that matters compared to hording gold or some other store of value with more intrinsic value. It's behavior suggests a weird cherry-picking of what are likely correlated risks.
Most people in the US are insured through private companies. How would it be unconstitutional for those companies to refuse to insure or jack up prices for people who decline genetic testing?
It just seems strange to believe that this data would be both incredibly valuable to health insurers and that they would have no new ways to gather it outside relying on decade old data from now defunct companies. Modern insurance companies don't identify smokers by buying the old Marlboro Miles database, they make disclosing smoking a part of the application process.
> Or when the government decides to start rounding people up based on ancestry
And you think that not having sent your dna to 23andme would be a good protection from that? Like, since you are among the smart ones who didn't send the dna, you can keep quietly minding your business while the government "rounds up" people on a racial basis?
I'm going to assume that you're debating in good faith and will accept a powerful but unsympathetic example. The Golden State Killer was caught because his family members used commercial genetic tests, allowing investigators to triangulate him through DNA left at the scene, despite him never linking his DNA to his identity: https://en.wikipedia.org/wiki/Joseph_James_DeAngelo#Arrest,_...
Obviously this was a terrible man, and I certainly don't regret him being in jail. However, it demonstrates that your relatives can expose you to privacy violations without your knowledge or consent, and likely without their knowledge. It's like when an app asks for the list of your phone contacts, it's not just your privacy you're surrendering.
If we ignore that the man in particular was a horrific serial killer, which I know is hard to do, this shows how people can suffer consequences from other people taking these DNA tests, and surely you can see how that kind of sucks? Like, this shows the technical possibility, which is unaffected by the actual reason for doing so.
But your example is that of a licit, even desirable use of those dna tests. They can be used for bad purposes, but that is what you have a government for: to decide what can be done and what can't. Health insurances obtaining your dna sequence from a third party to change your premium? Abso-fucking-lutely unacceptable. (And besides, at that point, what keeps the insurance company from asking your dna directly, unless you want to pay max price?). If you can't keep the government from allowing such things, you should either campaign to change the government or emigrate. This whole "let's keep a profile as low as possible because the government might go against me someday" is both a bit paranoid and fatalistic. If you distrust the government so much then you should put all your energies in changing it, not in keeping a low profile.
The only power you as an individual truly have is to lower your risk profile if such an adverse event were to happen. History has shown time and time again that governments can change dramatically for the worse in short timespans, and if they have data to use against you then they will definitely use it
Sure it feels better not being a collaborator of your own demise though.
Seriously, this attitude sounds like keeping the knives under lock at your home in case your wife decides to murder you. If you think it's a possibility, then I guess this poses harder questions than where to keep the knives.
When the literal Nazis took over Belgium and the Netherlands, the actions taken by the resistance in each included attempting to destroy official records of who all the Jewish people were: https://en.wikipedia.org/wiki/1943_Amsterdam_civil_registry_... and https://en.wikipedia.org/wiki/Jewish_resistance_in_German-oc...
Much harder to do that these days, when backups are cheap.
And I'm frustrated because I haven't trusted my government or these companies to be responsible with that data even before it was glaringly obvious they wouldn't. So now here we are in the "I told you so" phase, and it just sucks how much of this data is already out there, ripe for misuse. And now it's just too late.
Call me naive, but I believe insurance companies have more concrete battles to fight (e.g. confirmed preexisting conditions), than getting in a legal quagmire with insurees just because "you have 2.7% risk of having early onset of X, instead of the 1.35% of the average population".
I understand the allure of painting everything with dystopian Orwellian colors and "but-what-if-they-do" thing, but the fact that 23andme is going bankrupt and others are not much better (Ancestry was acquired by a PE firm in 2020, and is increasingly pivoting away from DNA) is a great indicator that DNA data is commercially worthless.
If anything, the biggest risk is your data being used for ads. I bet some pharma companies would love to use your DNA data to enhance their 1PD propensity models.
There's also an incredible asymmetry of information in these fields and industries. What makes you think you know enough to say that protected data isn't being laundered, legally or illegally, through private companies around the globe to inform the very opaque pricing of medical services and insurance in the US?
It's kind of the opposite of a libertarian dream.
Many people would rather keep family secrets secret for a myriad of reasons (with different justifiability)
[1] https://harvardlawreview.org/print/vol-138/data-privacy-in-b...
That's the only thing I can come up with to stop this and maybe have a side benefit of killing credit companies at 7am before I've had my cup of Joe.
And no I don’t think all of that DNA data would be valuable to the likes of a large health insurer like Humana or Aetna either.
The medical records you are imagining an insurer can link to genetic data are worth even less than these DNA sequences turned out to be worth.
Sincerely,
A former health economist who has worked both with tens of millions of inpatient discharge records, and (separately) a detailed survey which is complemented by genetic data.
The only reason to to do it would be to compete with a peer insurance company that is already doing it, resulting in less profit for both parties. The optimal strategy from the insurance profit perspective is to ban any DNA based cost saving measures for all insurance companies.
On the feasibility point, if this use case is entirely infeasible I don't know what all the hand-wringing on this board is about!
(Slightly longer answer: I don’t have the funds to match what someone is likely to pay for this data, but if I bought it and gave it to you for free, and also gave you all the inpatient hospital discharge abstracts in the US in a matchable form, plus whatever health data you want, plus family relationships, plus a budget for 100 PhDs, product managers, and marketing people for 5 years you couldn’t turn it into a viable product. (Indeed that is literally what 23andme tried to do for years!))
I have long suspected that the sequencing data isn't valuable except to law enforcement.
If it were as easy to link sequencing to diseases, we would have seen a rapid advances in our ability to address those diseases. The genetic data alone isn't enough of a predictor.
The US admin is already at the stage of mass deportations. Detention camps (beyond those we already have at the border) are probably not far behind.
This information can be easily used to target large groups of individuals.
What happens when an ambitious young data analyst correlates a gene with criminal activity?
The point is you don’t want an admin that carries out malicious discrimination to have genetic data. We have already seen that movie. It doesn’t end well.
Then such would be a great scientific study to examine, peer review, and replicate to assert if true or not.
If true, wouldnt it make sense to monitor them? May be not go full minority report, but certainly makes it easier to catch.
My point is that there's no reason to believe criminal tendencies are genetic in nature. If they are or aren't it is still easy to identify correlation. To even embark on this dangerous path of research we would need robust guardrails to ensure it doesn't devolve to genocide again.
> May be not go full minority report, but certainly makes it easier to catch.
Makes what easier to catch? How close do you think we should get to Minority Report? My opinion is that we should strive to be as far from Minority Report as possible at all times.
Racism comes from a place of ignorance. It's literally stupid. Genetic data is very easy to misinterpret and human history has no lack of examples of how it can be misused to cause harm to innocent people. Stupid people will misinterpret genetic data the same way they misinterpret skin color or any other physical characteristic.
... if, in your deepest heart, you'd be comfortable with that...
... I'd humbly suggest that you may have a genetic condition that makes you a lot more trusting of under-constrained authority surveilling you than the average human being, and you should be sensitive to their genetically-predisposed needs for privacy.
0: https://apnews.com/article/immigration-humanitarian-parole-c...
Would you advocate for the US to invite every citizen of Haiti, Cuba, and Venezuela to move here? If not, why these particular 532,000 people?
One drop rule. https://en.m.wikipedia.org/wiki/One-drop_rule
IBM and the Holocaust, Japanese Internment, Stasi. Sibling mentions a worrying current development.
I think this trend will continue, not just in politics but across all sectors. The internet you experience will be tailored to your personality completely, but it will also be shaped to steer you in directions decided by who pay the most. The more data they collect about you, the more effective this manipulation will be.
This doesn't even account for the risks posed by malicious actors who might target you using this information.
Similar to November, a Musk funded group is currently offering $100 to registered voters in Wisconsin to sign a petition against “activist judges” with a not so subtle nudge to vote for the judge that will be favorable to the lawsuit he(musk) and Tesla are involved in within the state and who happens to be be part of the Trump gang having campaigned with junior.
I have a suspicion it will entail making an account.
Once upon a time, a friend and I decided we should launch a site where people can submit their genomes and health information so that broad population scale studies can be done. I did submit my stuff to All Of Us and so on, but I think the fact that you need to be special-cased to access the data is probably a loss.
So I think it's time to revisit this whole thing. Perhaps I should make VCFs available instead. They're much smaller and may be more accessible for people. In any case, if you want my FASTQs, just email me.
(I had this done when I was launching Google Cloud Genomics so I had some data that I could work with without any restrictions. Illumina's genetic counselors told me "you have no genetic risk factors that we can detect" which is more or less what I expected (not that I don't have any- just that Illumina's genetic counselors weren't very good).
FASTQs are much larger (being raw reads) so I'll leave them available via personal contact but this is a good place to host the VCFs. I'll answer the questions etc. as time goes by. Quite a few screenings have revealed a GJB2 variant in my genome, but I don't know if the Nebula sequencing was good enough to detect.
Also TIL about Google Cloud's stuff for this. Seems like it's been subsumed into a more general SKU for now https://cloud.google.com/life-sciences/docs/process-genomic-...
I guess I could upload the FASTQs to PGP too, but it doesn't seem right you know (it's going to cost them to store it).
My fear, in the current era, is to be included in countless virtual 'police lineups'. The higher the availability of my DNA, the higher the chance of a false positive affecting me.
In the book a global pandemic broke out but didn't effect Muslims. How was this possible? A in-world marketing campaign promoted "Mecca Water", in which the antidote / preventative was delivered and the Muslim world was made to believe it was holy / blessed / a pilgrimage experience to consume it.
I feel it might have been a product of the post-911 world but I did find it interesting and also fear the future as it seems possible today, I'm sure some are trying.
Interestingly this also works if a direct relative has used it as well.
If you would do it today, would your recommend them or somebody else?
A high resolution image of a face contains as much or more functionally useful personal data than a vcf.
Hard to be optimistic about US trend lines now but I trust GINA to stay the law if the land.
https://en.wikipedia.org/wiki/Genetic_Information_Nondiscrim...
And if I am wrong then my DNA security is about the least of my/our problems.
Current statute in the US only restricts using this data for health insurance as far as I know; and even if it's straight illegal, the playbook now is just break the rule of law and do whatever you want. I admire your altruism, but our society will not reward you for it.
https://en.wikipedia.org/wiki/Genetic_Information_Nondiscrim...
"Your Genetic Information, date of birth, and sex will be retained by 23andMe and our third party genotyping laboratory as required for compliance with applicable legal obligations, including the U.S. Federal Clinical Laboratory Improvement Amendments of 1988 (CLIA), California Business and Professional Code Section 1265, and College of American Pathologists accreditation requirements.
It is important to understand that the information stored is distinct from the raw genotype data available within your account. The raw data we receive from the lab has not been processed by our interpretation software to produce your individual-level genotype data (in your account).
You can read more about our retention requirements in the retention of personal information section of our Privacy Statement."
This is one reason I use signal over other texting apps -- I don't want my private messages sitting in a database waiting to be sold during a fire sale when the company goes under. Also why I try to locally host my apps such as security cameras, password manager, home automation, storage, wiki, among others
I don't host my own password manager but iirc you can self host Bitwarden (I use the hosted version). You can also setup Resilio or Syncthing to sync files from your phone like photos.
I use frigate and home assistant. I have unraid for storage. I use a small x86 box with openwrt for my router.
I use vault warden (open source version of Bitwarden) for passwords. It’s amazing. And you can use the native Bitwarden client
After all we wouldn't talk about Dropbox being sold resulting in ransacking of your personal data why is that in the conversation with 23andme?
(I am not being critical of the AG here but instead pointing out how lax consumer protections have gotten that we even need to have this be a talking point)
More often (I believe) we just never learn the agreements have been broken in the first place.
But it is a rule—almost approaching a law of nature—that companies facing financial distress will begin putting a price tag on private data they've promised never to sell. It's like the cartoon with the starving people in the life raft: they look at your data, and suddenly they don't see a legal agreement to protect it, they see a juicy drumstick.
> After all we wouldn't talk about Dropbox being sold resulting in ransacking of your personal data why is that in the conversation with 23andme?
Well, opinions differ on that one too!
Both 23andme and Dropbox's privacy policies only require them to notify users if the privacy policy changes (no restriction on scope of those changes), so maybe we should (if Dropbox were to be sold)?
If you don't interact in a meaningful way you cannot change a contract from one side you need a new agreement.
Now whether this is enforced is a different manner.
When a company promises to never do a thing (e.g. be careless or sell off important data like this,) but there is no legal consequence or assurance, that company -- or some different company related to it -- is definitely, absolutely, going to do that thing.
The answer is simple: going public is a cheat code that unlocks millions in cash for deeply unprofitable companies that can sell tall tales to pension funds that need things to toss money at. Coat it in some "we're a tech company" pixie dust to seal the deal.
There is no “conspiracy” cheat code here, the reason they went public is to satisfy their pre IPO VC investors. The snowball just continues roll at that point.
They had over $1B of total investments prior to their IPO so the pressure to go public was clear.
If you look at their share price, they held at around $40 for about 4 months, after which there was a sharp drop, see: https://www.fool.com/investing/2023/08/09/why-23andme-holdin...
> 23andMe isn’t doing a traditional IPO, but rather following the popular trend of using a SPAC (Special Purpose Acquisition Company), a blank-check company formed solely for the purpose of raising capital through an initial public offering, in this case run by Virgin founder and billionaire Richard Branson.
https://finance.yahoo.com/news/23-and-me-to-go-public-at-35-...
For people who would like to get their DNA sequenced but are actually concerned about privacy, are there any better options?
Dividing by X? I immediately think what if X is zero. Dereferencing X.Y ? I think what if X is null / nil. And so on.
So when it came to the DNA, I was hesitant to do it, since your DNA can wind up in all kinds of databases. And it turns out I was probably right.
What you could have done is sent in the information anonymously, or under a fictitious name. You can still use an email address and log in and see the results. Or you could use someone else's name from another country (with their permission), but then if that person ever gets in trouble, the DNA evidence might somehow implicate you (such as the guy with the last name NULL who got a lot of parking tickets LOL). A couple months ago I actually did submit with heritage.com and 23andme for a friend, so I think there was no place where you had to provide ID or something.
This is a "shotgun" chip approach which sparsely samples your genes in an economic way. They will concentrate on areas of more interest and so on, in a way that is useful for genealogy for example.
That obligation to delete user data is persistent and will apply to any buyer of 23andMe. Or am I wrong?
What is the AG of California intimating that the data is now at risk of being released into the wild or worse? That is how some will respond to this alert.
What many customers may not know is that they can also download these valuable genotype data and store locally if they wish. Using these data is not easy, but it is possible with a but of research and help.
Those who have used 23andMe should and can expect the security of their data to be maintained by the company, and that obligation would apply to any purchaser.
-- Bill Burr
Of course, we'd totally !@#$ it up and use it to put group X, Y, and Z in camps or try to breed super soldiers.
It turns out voting is much less important than limits on arbitrary executions of power.
Everything that's good comes out of their being "just" rules for the most powerful members of society, democracy can facilitate it, but does not guarantee Rule of Law.
Richard Fenyman on "cargo cult science": I think the educational and psychological studies I mentioned are examples of what I would like to call Cargo Cult Science. In the South Seas there is a Cargo Cult of people. During the war they saw airplanes land with lots of good materials, and they want the same thing to happen now. So they’ve arranged to make things like runways, to put fires along the sides of the runways, to make a wooden hut for a man to sit in, with two wooden pieces on his head like headphones and bars of bamboo sticking out like antennas—he’s the controller—and they wait for the airplanes to land. They’re doing everything right. The form is perfect. It looks exactly the way it looked before. But it doesn’t work. No airplanes land. So I call these things Cargo Cult Science, because they follow all the apparent precepts and forms of scientific investigation, but they’re missing something essential, because the planes don’t land.
Democracy without Rule of Law is a cargo cult democracy. It is form without substance. It seems like it should produce good outcomes but doesn't.
The planes aren't landing...
23 and Me not so much...
(submitted a data deletion request)
I hate that I'm having my samples destroyed and removed from research. It feels wrong. But the idea that some company can quietly change the privacy terms on me is unacceptable. I would happily share my genetic data with researchers if I knew that the privacy agreement we had was irrevocable.
https://monadicdna.com/
We use fully homomorphic encryption to ensure only you can see your data and your results.
The app will be live in a few weeks.
Never gave consent for studies and asked for GDPR complete data removal I guess 5/6 yrs ago.
Meanwhile I learned about privacy and promised myself to never get into this “things” again.
With due respect to Poe's law, I spend a lot of talk hearing about how data can be made "anonymous" and somehow you could use it without running into problems with PII. And it's usually wishful or naive. This really takes the cake though. You could certainly aggregate the data in way that preserves some (differential) privacy. But DNA is the the least impersonal data I could imagine.
I imagine there are far more devastating bits of PII to publish than genes, like your porn-watching habits. I don't think this is a strong rhetorical stance to defend genetic data.
Contract law is kind of diseased. I don't think it's a good idea to build a society around letting people sign basic protection from corporations away.
Politicians have the responsibility of creating legislation to protect citizens, but by abandoning that responsibility and creating an "opt-out" system, those without knowledge or who aren't paying active attention lose, and companies win. The company loses almost nothing if a handful of people opt out, and only a handful of people at most will opt out, so corporations win, the politicians continue to have the support of corporations so they win, and citizens who have things being done with their data, that they absolutely would not consent to, lose.
*edit: If you did 23andMe for health information or ancestry purposes, would you consent to that data being sold to an insurance company who might raise your rates, or in a crazy world, to a background check company that would inform a potential employer of any medical conditions that might be relevant to your stability as a worker?
Of course not. You would absolutely not consent to that.
This policy of warning people to delete their data instead of stopping action that no informed citizen would consent to not only doesn't scale, but it is an abandonment of responsibility in order to retain corporate support (such as donations to run a campaign).
It's not even your own data. If family members used 23andMe and don't see this notice, then your genetic data is still part of 23andMe whether you like it or not.
The AG isn't "playing the game" because many of these people who hold office are participants in a system of patronage by people who want de-regulation or regulatory capture.
edit: "Norms" is a word that has started to be commonly used to describe situations in which someone was allowed to do something but it was generally considered against the unwritten rules.
Norms is a word that is used to defend inaction even though action is possible, and you'll notice one side dis-empowers themselves by conflating the idea of against norms with being against the rules.
Also it seems you’ve made this political because Democrats and California exist I guess? They are Big Scary Monsters for conservatives I suppose? I don’t really get it and the point you’re attempting to make seems based on a misreading.
One of the reasons democrat don't get voted for is because they are incapable of governance even in their own strongholds because they engage in the conflict of interest of taking corporate donations. When a politician acts against a citizen, there is no consequence. When a politician acts against a corporation, donations are reduced or transferred to their opponents.
Before a general election is a primary, and before a primary is fundraising. During fundraising, which acts as a filter for candidates, and is therefore a form of election, money votes first, which is why we have a country that feels like politicians represent corporations (they do, corporations vote first by voting with money), rather than people.
But honestly the Dems have been out-played at every level. I suspect we’re going to have to leave them behind if we wish to fix what ails us in this country.
But also as people constantly remind me when I am upset: the thing you’re upset about is only tangentially relevant. :)
That's a framing that contains its own defeat.
Republicans and corporations don't cage themselves by their options, they give themselves options. They work towards and achieve their goals despite "resistance."
A government that doesn't function de-legitimizes itself.
Or even darker: they never represented the people (demos) in the first place?
Not to say republicans represent people either, republicans unapologetically back unchecked corporate power. Democrats try to serve two masters.
https://www.opensecrets.org/elections-overview/where-the-mon...
https://www.youtube.com/watch?v=mw2z9lV3W1g
Summary: It feels like we have a government that governs on behalf of those with money because those with money vote first in the fundraising "election" that happens even before a primary election. More money is more votes in the "election" that mattes the most. Those with money get to filter candidates first.
edit: Just because money comes from an individual and not directly from a corporation doesn't mean it isn't a pro-corporate/"corporate" contribution.
The attorney general for a state as well as the legislative body passing laws that help the AG do their job has a responsibility to prevent this.
So this person in a position of power, who should be stopping a blatant abuse of people's data, has abandoned that responsibility and instead told every individual, in a public statement that would be very easy to miss, to prevent the abuse of data themselves.
This style of handling data is a policy like recycling, or telling people to turn off their lights to protect the planet. It distributes responsibility to individuals, for a problem that can only be meaningfully addressed through regulation.
This is abandonment of responsibility because challenging corporate power results in reduced corporate backing. This is corporate <-> political alignment against citizens manifested.
No comments yet