- The CEO is effectively the control owner of the company, having 49% of the voting right. She has been trying to take the company private for some time.
- Last August, she proposed to buy all the outstanding shares at $8 per share. The board rejected. She installed a new board, and submitted her proposal again at $2.53 per share. The board rejected. She tried it a third time at $0.4 per share this month, and the board rejected.
- Meanwhile 23andMe was losing $50M every quarter.
So, unable to resolve the issue, the board choosed to enter into the bankruptcy process. I hope this relieves 23andMe from the corporate governance nightmare.
linotype · 37d ago
So rather than $8 a share they get zero? Sounds like the board was the one that messed things up.
cloudbonsai · 37d ago
> So rather than $8 a share they get zero? Sounds like the board was the one that messed things up.
The share was trading at $8-$9 at the time.
The primary reason why the board has been rejecting the offer is that the CEO kept proposing discount prices to the market rate.
messe · 37d ago
By the sounds of it, the board is about to find out what the market rate really is.
JKCalhoun · 37d ago
We're living in a time when it might well be worth the cost to stand up to a bully.
No comments yet
eightman · 37d ago
I mean if it was trading at $8/share isn't the market rate $8/share?
ben_w · 36d ago
Kinda, but it's complicated. The share price is the number that people will buy and sell as many shares are as actually getting traded, but once you get to significant fractions of the whole company, the marginal cost of the next share can diverge wildly — if one party is trying to get all of them, that may drive up the price a bit, and for any given fraction of ownership there's always someone who sees the share price go up and thinks "hey, I can get even more profit if I hold on for a bit longer!"
piyuv · 37d ago
Liquidity matters
ZeroTalent · 37d ago
This. The same thing is happening with Tesla stock. Since it's such a bit part of the S&P500, so half of retail investors buy it in their basket of portfolios and 401ks at trades at 10x it's worth on paper by looking at fundamentals.
lotsofpulp · 37d ago
That reasoning would lead to concluding all the businesses in SP500 are traded at 10x their worth on paper. Or at least all the ones with market caps greater than Tesla.
Edit, since I hit posting limit.
To pooper:
> Since it's such a big part of the S&P500
The conclusion is based on that premise, so any other business that satisfies that premise should also lead to the same conclusion.
To llm:
> I think their point is that businesses at the top of the S&P500 are traded at sentiment and momentum based values that are pretty disconnected from a logical P/E
I have read the same about other businesses many times. There is nothing logical about only using P/E as a factor in determining price (or “worth”). No one knows the future, so even a price derived from an arbitrary standard of P/E is a “sentiment and momentum based” value.
lmm · 37d ago
I think their point is that businesses at the top of the S&P500 are traded at sentiment and momentum based values that are pretty disconnected from a logical P/E, which is valid enough. The multiple happens to be 10x in Tesla's case, it's not 10x for all of them (in the case of Saudi Aramco it's probably less than 1x), but it's much less of an informed valuation than the sheer volume of trading would make you think.
maest · 36d ago
Index adda pop and deletes drop in price.
So index membership does change the stock multiple (but not by 10x).
Also, Tesla is an idiosyncratic stock with very high volatility and very high retail participation. Things can be true of Tedla stock which do not have to be true of the median stock.
pooper · 37d ago
Can you please elaborate on this? I am unable to follow the logic here.
ZeroTalent · 36d ago
I'm claiming this based on fundamental analysis of Tesla's sales/net profits/ROIIC and other metrics, which I take from their 13F fillings (AKA quarterly earning reports) compared to other car manufacturers.
Some stocks are overpriced, and others are undervalued. The inclusion in the S&P500 alone is just 1 of the factors.
In my opinion, Apple and NVIDIA are significantly undervalued based on their fundamentals, even though they make up a gigantic % of the SPX.
lotsofpulp · 36d ago
I understand, and I’m claiming there is no one logical or fundamental way to derive a price.
It could be logical to ascribe some value to a business’s leader having access to a US president known to be “open for business”? And we know a big tax bill is likely to be passed by year’s end.
Perhaps that will lead to good fortunes for Tesla shareholders. Or maybe not.
ZeroTalent · 36d ago
You can derive the "true price" with a certain probability. Of course, unexpected things can happen, like Musk being assassinated, but the stock market is not completely unpredictable.
And the thing is, I don't have to be right about Tesla because I'm not making a single bet on that company. I'm making hundreds of bets using my methodology, and it's enough that I'm right 50-something% of the time (or even less than 50%, if we're talking Options trading).
That's what the whole stock market game is about. Hence, some investment companies, like Berkshire Hathaway, consistently make more than others over the long term.
danso · 37d ago
haven’t had my coffee yet but I assume you meant “big” rather than “bit”
ZeroTalent · 36d ago
yup, i haven't had my coffee yet when I was writing it either :)
jaggs · 36d ago
LOL, serious question. Is coffee to writing really a thing? It sounds a bit weird to me, but maybe it's shorthand? :)
ZeroTalent · 33d ago
It's that we open Hacker News right after we wake up and post comments before our brains are in full power, hence the mistakes. Coffee is not a necessity, but most people drink it. I believe it's not exactly about caffeine but letting the brain 30 minutes or so to "wake up" to stop making mistakes. At least, that's how it works in my case.
jaggs · 33d ago
Aha, thanks very much for the detailed explanation. Absolutely makes sense.
dlcarrier · 36d ago
It takes some time to complete the process, so the price is usually based on the likely future value. For companies increasing in value, the offer is usually higher than the current price, and for campanies decreasing in value, it's usually lower.
Also, corrections aren't instant, so if the change of value was for something that had already happened, not something currently happening, the offer will reflect the expected price that the shares would settle at.
No comments yet
HenryBemis · 37d ago
When the tide goes out you can tell who is skinny dipping.
(apologies for the below crude metaphor.. but...)
I am 1.80. You can kick me in the nuts and I will fold, but I will still be 1.80 a few minutes later.
Let's see after the kick in the nuts if the price will still be $8.
When there is blood in the water the sharks start circling. And some sharks 'short'. And I know little about their operations of 23andMe, but I understand the _value_ of their data!!!!! So they may be sitting on a pile of Latinum and not be able to fully monetize it (sell it to every pharma/insurance/etc.) company on the planet.
SecretDreams · 37d ago
It sounds like the discounted prices were quite justified?
danesparza · 37d ago
If they declare bankruptcy, then the creditors get first pick over assets. Several board members might be creditors.
FuriouslyAdrift · 36d ago
This right here... finance 101
phire · 37d ago
Not zero; In all bankruptcies, the shareholders get whatever is left over after liquidating all company assets and paying back all creditors.
In most high-profile bankruptcies, there aren't enough assets to even finish paying creditors, yet alone creditors. However, this is a voluntary Bankruptcy, so there might actually be assets left over to pay out to shareholders.
addicted · 37d ago
Which is still gonna be significantly worse than the $8/share offered.
If the value of assets after paying off debtors is > $8/share, then that’s the easiest arbitrage opportunity considering it’s currently trading at $1.80.
Just buy the whole thing for $3/share (an irrefutable premium of 67%), shut down operations entirely, pay off the creditors, and pocket the net assets of > $8/share and more than double your money almost instantly.
If the claim is the CEO ran it into the ground then the board messed up even worse by not replacing the CEO.
lazide · 37d ago
For this reason I’ve never heard of a stock which is selling at less than assets minus debts for very long. It’s an easy hostile takeover + fire sale situation.
So I’m doubting that is what is really happening here?
manquer · 37d ago
It does happen for many reasons and not uncommon, uncertainty and risk is typically why.
There isn’t one single value, value derived ( let alone perceived) is subjective
In this case, The stock is worth more(or less) to the 49% shareholder than others who are may value the founder holding defacto controlling stake negatively, thus discount the stock less than its book value .
This is also why sometimes same class of shares held by different people get priced (i.e. valued) differently in a single deal. Recently the paramount one is a good example .
Another famous example Yahoo was valued negatively for a long time before its sale to Verizon, I.e. its market cap was less than the value of its alibaba holdings .
One off events like county cases , drug trials likelyhood of a merger approval from regulators are hard to price accurately and can skew.
hnfong · 34d ago
FWIW, it's very common for stocks listed in the Hong Kong stock exchange to have its share price below assets minus debts..
lazide · 33d ago
Weird - any idea why?
hnfong · 33d ago
People think the property market in Hong Kong and China is going to collapse. And much of the asset price can be attributed to real estate.
oskarkk · 36d ago
> If the claim is the CEO ran it into the ground then the board messed up even worse by not replacing the CEO.
Can the board replace the CEO if the CEO has 49% of voting rights?
HWR_14 · 36d ago
The answer is yes and no. Yes the board can replace the CEO, but then the 49% owner can almost certainly replace the board
LarsDu88 · 36d ago
The answer is no. She pushed out the first board, but the second hand-picked board still wasn't having it with these lowball offers. This is a shitshow
eightman · 37d ago
I assume the value of the remaining assets are worth more than $8/share and she was trying to get them for a discount.
merb · 37d ago
Shares are only worth what somebody wants to pay for them. Selling a ton of shares also often devalues them. Since the company was losing money, it was clear that the shares would drop.
Yeah but he mostly analyzes his he relationship between the board and the ceo. Of course 8 usd was not so good at the time, but the stock was falling rapidly and everybody shorted the shit out of the company, even if the ceo would’ve sold its shares under no circumstances would they have gotten over 10 usd besides that the stock was higher
dtech · 37d ago
That's not true, shares are a share of the companies assets and future dividends.
There are "scavengers" out there who buy a company if its assets are worth more than the market cap, close down the company or otherwise spin out the assets, and thus earn more than they paid for the shares.
marcus_holmes · 37d ago
> That's not true, shares are a share of the companies assets and future dividends.
Possibly true 20 or 30 years ago, but now shares are speculative assets, their worth determined by what the market thinks they might be bought for by a greater fool.
londons_explore · 37d ago
Only for companies who are profitable or might be profitable in the future.
If the company has no chance at future profit, it becomes a simple share of assets. There are plenty of companies with assets only and no revenue or employees.
marcus_holmes · 37d ago
There are tons of examples of unprofitable companies, with no visible prospect of ever becoming profitable, trading at increasingly-higher values. Every tech bubble has their share of these.
merb · 36d ago
yeah but 23andme was already falling when she wanted to buy the shares. It was overvalued and people already lost trust at the site.
n4r9 · 37d ago
Are assets not also worth "what somebody wants to pay for them"?
addicted · 37d ago
If that’s the case then the likelihood of the remaining net assets being worth more than $8/share are even lower.
paulddraper · 36d ago
I can’t 100% say you are wrong but I can 99% say you are wrong.
nextts · 37d ago
What does $8/share value the company at?
shreyshnaccount · 37d ago
board probably thinks the assets remaining after the bankruptcy pays off the creditors is more than the $8/share?
pyrale · 37d ago
Just because your batna is shit doesn’t mean you should sign everything.
dehrmann · 37d ago
Wouldn't be surprised if Wojcicki faces a class action suit over fiduciary responsibility.
xyst · 37d ago
No point in doing this. Just enriches the lawyers. Then Wojicki just flees the country and skirts any responsibility.
jajko · 37d ago
Interpol warrant or similar is a powerful career and life crapper, most people prefer avoiding that and triple that for CEOs and their comfy global lifestyles.
rwmj · 37d ago
Couldn't she just buy 2% of the company at the market price?
robertlagrant · 36d ago
It might not be possible if there are tagalong/dragalong agreements. And from the perspective of a shareholder, the shares might become a bit of a riskier proposition if you allow her to control the company, vs the current status quo.
paulddraper · 36d ago
Yes but she will still have to abide by the covenants.
And those might include things preventing majority owner from buying everything at $0.01 per share.
EGreg · 37d ago
Wait, if they declare bankruptcy can’t they be bought at a fire sale by this CEO’s friends finally?
blerb795 · 35d ago
No need for the friends to be involved -- she resigned prior the the bankruptcy filing so she can participate in the bidding process personally
paulddraper · 36d ago
Yes. And that often happens.
knowitnone · 36d ago
There's a conflict of interest for a CEO to take the company private. They have a incentive to lower the share price as much as possible so they can purchase shares. Looking at you, Dell.
LarsDu88 · 36d ago
This was a handpicked board too. She could've veered harder into picking cronies.
shreezus · 37d ago
Even if you haven't personally used their service, if any close relatives have, they already have a sizable amount of information on your genome. They maintain the equivalent of "shadow profiles" (https://en.wikipedia.org/wiki/Shadow_profile) as part of their data model for "ancestry" modeling purposes - for example inferring a paternal haplogroup based on data uploaded by genetic relatives.
I can only hope at the end of the day their data doesn't end up in the wrong hands. It is their most valuable asset, and this is a way bigger deal than it seems.
Spacecosmonaut · 37d ago
I'm a genetic engineer at a large pharma company. Genetic engineering of human model systems is my specialty. If I were a malicious actor, I could not do anything useful with the genome of any one person.
Most peoples genomes are boring and at best sway the predisposition for disease by a modest degree. Exposing infidelity is honestly the best I can come up with.
marsten · 36d ago
My shocking 23andMe story:
I reached out to a guy on 23andMe that was a DNA relative (2nd cousin) and said hi. Curious how we were related, I gave him some family names going several generations back, and asked if any of them rang a bell in his family history.
He responded quickly and said no, they did not.
Then a few weeks later I get another response. He said that one of the names had faintly rung a bell, and when he dug into it, it turned out that was the name of his mother's boss for much of her career as a secretary. His heart sank when he realized it. He and his siblings did genetic tests and confirmed that he, the youngest, was only a half-sibling. Both of the parents were deceased so there's no way to know what really happened.
After dropping that bomb in the poor guy's lap I stopped using the DNA Relatives feature.
frankish · 35d ago
Personally, I'd prefer to find out the truth in these cases.
CharlieDigital · 37d ago
The problem is you are not a malicious actor so you aren't coming up with good scams or truly malicious ideas.
How about scam emails that open by asking people about their family history of some disease with a genetic marker and promising some miracle treatment?
I can think of even worse outcomes depending on how policy on immigration and naturalization shifts
SecretDreams · 37d ago
You've gotta think bigger.
How about generic profiling by a future malicious government that only wants certain types of genomes to proceed to the next generation?
potato3732842 · 36d ago
Sounds complicated. Why not just figure out which genomes are simply correlated with people who don't support you and then pay off a bunch of scientists to write a bunch of garbage so that the medical industry doesn't care for them properly.
You do that kind of stuff across enough axis and the people who ought to be leaving your supporters dangling from the overpass will be too marginalized and preoccupied to do much of anything.
You don't even need "high tech" to do this sort of stuff. Depostic regimes have been doing it for centuries.
Symmetry · 36d ago
The government can just run the tests themselves in that case. I think people will resist coercive sterilization more than coercive genetic testing.
trollbridge · 36d ago
Blood is drawn from basically every infant born in the US and then genetically tested for various diseases. And the health departments retain these cards with the blood draws, although I’m not sure how usable they are decades later.
If you have a baby at home with a lay midwife, the health departments retain will hound you endlessly to get this done, although legally you can choose to decline as a parent. Barely anyone does, since most parents want to know if their newborn will have a serious genetic disorder that can be easily avoided by (for example) avoiding artificial sweeteners.
AlotOfReading · 36d ago
You'd think so, but the government of California was performing involuntary sterilizations until 2014. An ICE facility in Georgia performed them until at least 2020. It's legal under state law in over half the country.
What's different today that would create a massive outcry that there wasn't 4 years ago?
It's very amusing that the parent comment, or anyone else for that matter, believes their credentials somehow are enough to quell us about any potential horrific implications.
CharlieDigital · 36d ago
Parent comment is coming from an ethical person and ethical people often have a hard time imagining how unethical people operate.
Even I think I'm nowhere near unethical enough to maliciously use this dataset, but who would have thought that a social media platform where you scroll posts from your friends and family could be used as a political tool?
antegamisou · 36d ago
> Parent comment is coming from an ethical person and ethical people often have a hard time imagining how unethical people operate.
This is a trait of delusional people as well as those very deep into some "technocratic" ivory tower without any formed code of ethics, too.
Spacecosmonaut · 36d ago
I added my credentials to address the "malicious scientist" scenario that some people may associate with leaked genetic information. You dont need an individual's genome to create rather dangerous gentic weaponry.
For example, we now have cell-penetrating prime editor ribonucleoproteins, a derivation of the CRISPR system. These are essentially assembled molecular machines that can be loaded install almost any genetic mutation, such as tumor driver mutations. A picogram of this protein complex is potentially enough to riddle your body with cancer a couple of years after delivery.
CharlieDigital · 36d ago
Malicious doesn't just have to be biological in nature just because the data here is biological. That data can be used for a variety of non-biological malicious uses.
johnnyanmac · 37d ago
scam emails are pennies on a dollar, though. it's so easy to just go through any email list ever and blast out thousands at once. It's not really a business that cares about targeted approaches.
>depending on how policy on immigration and naturalization shifts
Birthright citizenship invalidates such profling, but even then: I don't think the government needs DNA to figure out identities of people in the database.
CharlieDigital · 37d ago
> It's not really a business that cares about targeted approaches.
It's called open rate and open rates are heavily driven by titles. Spam filters also use reputation to rank senders and open rates are one indicator of sender "quality". They definitely use targeted approaches if they can get their hands on datasets.
> Birthright citizenship invalidates such profling
Only if you think that matters and the SCOTUS will uphold it. And of course, US isn't the only government; there are lots of other governments around the world.
johnnyanmac · 37d ago
>They definitely use targeted approaches if they can get their hands on datasets.
Even on a firesale, I doubt it would be cheap enough for the margins they work on. These aren't exactly large scale, sophsticated operations being worked with here.
>Only if you think that matters and the SCOTUS will uphold it.
Maybe I'm overly optimistic, but I think they will. If only because it's an absolute nightmare logistically trying to do it any other way. No country is going to accept a deportation flight of peopel who were not born on their land.
Or perhaps we have an underpopulation crisis decades later which does incentivize that. But that would solve the deportation issue in and of itself, right?
mystraline · 36d ago
1. "We found you are the product of infidelity. Pay to find out who." (Paternity tests are banned in France)
2. There is incest in your family. Pay to find out.
3. We have found 4 significant markers of X diseases. Pay to find out. (Against FDA in claims of illness)
4. A lost family member was found in $location. Do you want to identify them and send money? (Likely faked, scam)
5. Surrogate or adopted: we know your birth parents. Pay to find out.
There's just a few unethical and/or illegal business opportunities for malicious actors. And that was just 5 off the top of my head.
If you wanted to be really evil, you combine it with other hacked/leaked/ransomed data sources and turn the screws.
delichon · 36d ago
> Exposing infidelity is honestly the best I can come up with.
I'm concerned with being put on a list of ashkenazi, and sold to people who work for my death on that basis.
I’m much more concerned about Palestinians being targeted since they’ve already been the victims of AI weapons attacking civilians. Imagine if people with Palestinian/semitic DNA were leaked?
delichon · 36d ago
Palestinians do not have distinctive DNA that sets them apart from other populations in the Middle East. I'm not aware of movements that target levantine ancestry in general.
bbqfog · 36d ago
Zionism absolutely targets those with Levantine ancestry. They’ve killed far more people than whoever the op was talking about. Ashkenazis are under no threat.
pavel_lishin · 36d ago
I think that the sort of people who would snatch up a DNA database to put people on a list would be willing to accept some collateral damage.
htek · 37d ago
Once 23andMe gets sold, all of that data belongs to whoever owns it and they can sell it to whoever they want. Perhaps to the government where they can do a warrantless search to find a relative of someone who may have been at a crime scene. Or to other governments. Or to insurance companies who want to play deny, defend and depose. I get that a lot of genetic information isn't predictive, but not all of it is so questionable.
InsomniacL · 36d ago
> Once 23andMe gets sold, all of that data belongs to whoever owns it and they can sell it to whoever they want.
Why would a company being sold mean that the data can be used for a purpose it previously couldn't?
HWR_14 · 36d ago
The data is an asset. The limitations are contractual. The contract is voided by the bankruptcy.
anticensor · 35d ago
Doesn't DNA data have additional statutory limitations on top of that?
HWR_14 · 34d ago
It has statutory limitations, subject to change, in how it can be used to discriminate against you. But those are tightly defined. It couldn't be used to deny you employment or health insurance, but could be used to deny you housing or life insurance.
kube-system · 36d ago
The acquirer could have different policies or legal jurisdictions
hyperbovine · 36d ago
> at best sway the predisposition for disease by a modest degree
If insurance companies use this information to inform coverage decisions, then it's a moot point right? Just because you and I (who am also in this field) understand the limitations of the models and the data, does not mean that powerful entities will not use it to do stupid things.
kimos · 37d ago
Thank you for saying this.
I’ve done some of these saliva samples and I’ve seen the freak outs about what happens if “they” get my genome. But I cannot for the life of me figure out what they would do with it maliciously? It’s not like it can be used to sign up for a credit card or whatever.
ceejayoz · 37d ago
The Genetic Information Nondiscrimination Act gets repealed. Insurers immediately buy their database and drop you because you’re statistically more likely to get an illness.
prolly97 · 37d ago
Luckily most of us live in democracies, where we can just decide whether we want the rules to allow this kind of differentiation.
ceejayoz · 36d ago
Yes, that's the middle-school civics ideal.
Then we learn about the perils of "majority rules" setups, of lobbying, of trying to evaluate thousands of different decisions across hundreds or thousands of legislators, etc. and it becomes a lot less simple.
deadbabe · 37d ago
You live in a democracy until you don’t. It can disappear overnight with the stroke of pen from some populist leader who just ignores laws. Never think you are safe just because you’re in a democracy.
Symmetry · 36d ago
If a future totalitarian government wants to save money on medical treatments then they can just euthanize anyone who gets cancer rather than euthanizing anyone whose genes say that they have a 50%+ greater risk than average of getting cancer. Or collect genetic samples themselves and use that to cull the population rather than just do it for people who were 23andMe customers.
deadbabe · 36d ago
Killing people off after they get cancer saves money but it does nothing for the gene pool if they already reproduced. Individuals who represent high cancer risks can be forced into sterilization and can consider other options for children in the future, such as adoption or raising a genetic alternative child. Totalitarian regimes can take note here.
kelipso · 36d ago
You're going from 0 and 1 but there's a lot of time and politicking during which society is in the transition period.
jokethrowaway · 36d ago
or revert our diets to 1920 - no need to kill anyone :)
(but I get your point and I agree)
No comments yet
DrAwdeOccarim · 37d ago
My favorite thriller story idea comes from knowing a character’s SNPs that are also covered by the standard forensic DNA panel. Then the antagonist in the story buys a bunch of oligos that flank the panel targets and spreads them around the crime scene to “frame” the character for murder!
So once the ‘’’bad guys’’’ purchase the 23andme database, the story is complete! They can then frame our protagonist…
vintermann · 37d ago
It makes entertaining fiction, but in the real world, the ways that can be used to lock you up and discredit you in the public's eye are much more banal. And I doubt they'll get more sophisticated the way things look in the US right now.
navigate8310 · 37d ago
With all those sweeping upgrades to artificial generational technologies, a time will come where no one will trust audio-visual clues and evidence collection will be solely focused on DNA fingerprints.
Metacelsus · 37d ago
Yeah, this is definitely possible (and I'd bet the CIA et al already have this capability)
snovv_crash · 37d ago
...or they just use your Dropbox deamon to dump a bunch of CP on your harddrive and then send in the FBI.
zyanite7 · 37d ago
people back then with the same exact mindset: "what could they possibly do with just my fingerprints?"
im just afraid of the unknown. now its useless but how about after another 5/10 years?
jajko · 37d ago
Also, genes pass down to your kids, compared to fingerprints which are just cca unique for each of us. What a terrible thing to (unknowingly) do to them. Gattaca and all.
When I first heard about them and similar services, the potential for abuse was the first thing that came to my mind. I am not paranoid in any way and those were easy times compared to now. Still, I prefer not knowing my ancestry than this.
And ancestry for Europeans is not such a hot topic, you just need to look at a bit of history of continent and its civilizations and get the idea.
notyourwork · 37d ago
Sorry, what exactly could (a is) someone doing with my fingerprints?
sebastiennight · 36d ago
Without spoilers, there's an entire chapter of the Three-Body Problem revolving around what can happen if you're a sufficiently high-value target whose genome has leaked.
The outcome for this person is not great :-)
gbin · 36d ago
Sell the entire database to a police state.
Identify embarrassing mutations and blackmail people to prevent them from being released publicly.
Corner high value individuals / billionaires, find an out of wedlock child, blackmail.
...
jvanderbot · 37d ago
Faking DNA test results would be sci-fi nightmare come true. You could frame someone before they were arrested which would be ... Frightening. But even worse is invalidation of all DNA evidence because it is now easy to fake.
But that still seems like a minute possibility.
trollbridge · 36d ago
23andme doesn’t check your identity at all, so you could just put in someone else’s name and submit your own saliva, and then.. go on a crime spree?
crtasm · 36d ago
Whose credit card details are being used in this scenario?
trollbridge · 36d ago
A gift card from the gas station? Long ago we bought gifts for parents/grandparents and all they had to do was redeem a code.
belorn · 36d ago
The most malicious behavior I can directly think of is someone searching the data for a targeted purpose and not caring about false positives, like targeted advertisement for health treatments with non-zero risk of side effects. DNA has always had this air of being infallible proof.
amelius · 37d ago
Plus they only have a selective number of SNPs, not the full genome.
But if you were able to somehow combine the information with the medical history of people, then you could use the data for research, and come up with some DL model maybe.
nitwit005 · 36d ago
You don't even need real test results. You can just email customer's family members with fake claims and try to extort money, using names and test dates as evidence.
amelius · 36d ago
Perhaps you can explain a bit more because on the one hand you say that genetic data is worthless, but on the other hand, it provides you with an income ...
pfdietz · 37d ago
The people with the most to lose from widespread access to genetic data are those involved in outright crimes, like rape and child sexual abuse. Did you in a younger day get some underage girl pregnant? You're at risk. Or paternity lawsuits without the age restriction.
I wonder if some of those freaking out about the issue have a reason to be concerned.
On the other hand, once the information is out there, any aggrieved party will have plausible access to it, so it could be argued any statute of limitations would kick in.
shreyshnaccount · 37d ago
i always thought that its valuable when you have enough data from an insurance pov? is that a myth?
Spacecosmonaut · 37d ago
For the vast majority of people lifestyle is much more deterministic than genetics. There are a few exceptions causing relatively deterministic adult onset diseases: Huntington, APOA4 homozygosity, FAP, BRACA mutants. These are rare however.
1dom · 37d ago
> For the vast majority of people lifestyle is much more deterministic than genetics.
How much of lifestyle do you think is determined by genetics, if any, and how much of that link do we currently understand?
I feel the concern around genetic data privacy has normally been the risk of unknown future stuff, rather than any current known vectors. I'm not saying it's a legitimate fear, but I don't know if it's one that is placated with "we can't currently do anything bad".
Spacecosmonaut · 37d ago
The impact of lifestyle is undeniable and large. Good genes will not protect your body from alcoholism. And if I were a betting man, I would bet against determinism emerging from a better understanding of combinatorial genetics.
I do think over time we will get a clearer picture of risk predisposition based on your entire genetic profile. However, I believe that genetic predisposion will remain a relatively small contributor for most disease states.
1dom · 36d ago
That's fair, thanks for the response, appreciated.
I agree that genetic predisposition will remain a small contributor for most disease states. However, I (an idiot who has no authority or experience with anything relating to genetics) feel we're going to learn a lot about how our genetics indirectly influence our behaviour and decision making though.
I think it'll be a boring dystopia: the biggest problem will be that the more complex, distant relationships between genetics and life outcomes are discovered, the more opportunities the bodies responsible for health will have to say "well we have to protect ourselves from the uncertainty, and that's going to cost you/be profitable for us".
lotsofpulp · 37d ago
In the US, health insurers are restricted to using the following for pricing insurance, and genetics is not one:
All the other types of insurance (life/disability/etc) are free to ask you to provide DNA if they think it would be useful for underwriting. The fact that they do not means the DNA is not providing enough signal to be worth considering in the underwriting process.
genewitch · 37d ago
Or they already have it, the same way any insurance company can look up how much coverage my policy has.
Fomite · 37d ago
If you're worried about this, you also need to be worried about them knowing what zip code you were born in.
vintermann · 37d ago
That's what 23andMe thought too.
antegamisou · 37d ago
You are not speaking from a position of a grifter though. I don't think it's a stretch that some YC funded startup could emerge and claim that they can map and predict everyone's entire actions/personalities/characteristics through their genome, heavily misinterpreting PGS/GWAS.
I don't think they would care much for scientific validity in this case. It won't matter to them if the methods used are reliable. All they'll get is appraisal from mainstream media for their revolutionary approach, further ingraining social darwinism.
johnnyanmac · 37d ago
>It won't matter to them if the methods used are reliable.
the method of being a fortune-teller? I don't see how that would ever be reliable unless we figure out voodoo kinds of tricks attacking the nervous system.
antegamisou · 37d ago
Phrenology thrived and was heavily celebrated only one century ago as well.
In the case of PRS assessment where it's already an established discipline, and not at all as unreliable as fortune-telling, it wouldn't be so hard to weaponize it.
johnnyanmac · 36d ago
Astrology isn't much farther off, and some still like to believe it to this day. Yes, even some very smart people can fall into absolutely baseless conjecture without peers to course correct.
But there's a difference between forming a cult and trying to convince the minds en masse of something.
antegamisou · 36d ago
Your info is off if you believe PRS assessments are anywhere close to pseudoscience.
And ok, let's agree for the sake of it that it is like astrology. Astrology is unnervingly popular, there are columns of big newspapers HN reveres dedicated to zodiac signs.
A cult consisted of people buying into something very close to eugenics masked as science doesn't sound it would have trouble gaining mainstream appeal in today's American society.
In fact, there's a great example of such discipline having already gained significant traction, even on this website, and it is none other than the field of evolutionary psychology. This field has provided close to zero replicable hypotheses yet it has been successfully weaponized into justifying prejudice and antisocial behavior, especially in the context of racial differences and dating.
Something like advertising reliable prediction of behaviors based on DNA would be cherry on top.
balamatom · 36d ago
>voodoo kinds of tricks attacking the nervous system.
You mean like the art of advertisement, or more like what the extant system of social conditioning does in general?
Akasazh · 37d ago
Isn't there possibility of very in depth racial profiling?
I mean ancestry.com data van be used similarly, but genetical info is inobfuscable.
trollbridge · 36d ago
It depends. Credible people claim that 23andme’s racial / ethnic compositions are highly inaccurate.
kube-system · 36d ago
Even more reason to be concerned
vintermann · 37d ago
If 23andMe makes "shadow profiles", it would necessarily be for common ancestors, probably long dead. They can't see "down" into the genetic tree at all - whether great-grandma had 1 child or 13 they'll never know until the descendants take tests.
But also, if 23andMe does this, they are short-changing their genealogy customers. One of the main things a genealogy customer would like to know about a match is if they're on the maternal side, paternal, or both (more common than you'd think, and mostly not because your parents are related). 23andMe, from what I read, does not do this - and that suggests that they're not getting much out of those shadow profiles.
tmalsburg2 · 37d ago
What would even be the right hands in this case? Seems like almost any hands would be the wrong hands.
mrweasel · 37d ago
There basically aren't any. Almost any entity that would want to buy the company should by definition not be allowed to do so.
The ideal solution would be for all data to be deleted before a sale. If anyone would want to buy 23andMe without the collected data then that's perfectly fine.
smegger001 · 37d ago
My ideal would be customers given the option to have it delete sold and profit split with between themselves and 23&me, or anonymised and donated to the human genome project.
michaelt · 37d ago
I don't like 23andme, but don't the shadow profiles sorta implicitly exist whenever you're working with DNA data?
If their DNA test can recognise first cousins, then they've got a recognisable DNA profile for each user's parents, grandparents, children and so on.
nomdep · 37d ago
So does the government and probably ancestors.com … what’s the big problem here?
bryanmgreen · 37d ago
New adoption perk is ability to avoid DNA based shadow profiling (given no voluntary self sharing of DNA and current ID, of course)
SecretDreams · 37d ago
> I can only hope at the end of the day their data doesn't end up in the wrong hands.
Narrator: it ended up in the wrong hands
__alexs · 37d ago
Your genome can be scavenged from the air. It is not information we are capable of keeping private.
MrMcCall · 37d ago
But can it be isolated from the myriad of life floating around?
I doubt that specificity would be economically profitable.
The police did catch the Golden State Killer by scavenging a used coffee cup or somesuch, however.
johnnyanmac · 37d ago
>I doubt that specificity would be economically profitable.
It's be much easiser to setup a DNA catfish from a Tinder date if someone is that determined to get a decent sample from you. If it's not targeted, a door-to-door salesman can collect dozens over a day for use.
There's so many social engineering tricks to take advanadge of that you'd paralyze yourself trying to keep your DNA to yourself. Better to just petition for regulation at that point.
windward · 37d ago
>The police did catch the Golden State Killer by scavenging a used coffee cup or somesuch, however.
And it required detectives to follow him around until he left whatever it was that was adequately isolated. It's a little different from a database of 7 million.
kimos · 37d ago
Anything that can be obtained from your discarded tissue or Starbucks cup isn’t really something you can hope to keep secret.
__alexs · 37d ago
Often it can. And even in cases where currently it can't the technology will improve, costs will come down.
MrMcCall · 37d ago
Yeah, eventually, but it may be a while.
__alexs · 37d ago
DNA sequencing costs for a full human genome have outpaced Moore's law. I wouldn't bet on it.
dekhn · 36d ago
Sequencing costs dropped dramatically in a window that started when sequencing was done highly inefficiently. That gave folks the false impression that DNA sequencing would continue to halve in price every ~X years.
The NIH occasionally updates this chart (note: Y axis is log scale)
You can see there was a dramatic reduction in costs from 2008 to 2015, as several vendors released several substantial technology improvements, and a slow improvement from 2015 to now, but it's roughly flatlined, and there isn't much investment in developing new technologies now.
To the surprise of many, having enormous amounts of genomic data hasn't been the clear-cut improvement to human health, although there are some exceptions (especially cancer identification and personalized treatment). If we truly wanted to, we could spend capital and build out the sequencing, compute, and storage infrastructure to sequence every person on the planet at least once at 50X coverage, and store the data in perpetuity.
I think there are negative externalities if the data is sold to insurance firms — who can use the genomic information in litigation and policy rejections — or if the data is sold to some sort of powerful, pro-eugenics political organization. The insurance externalities likely can be mitigated with minimal legislation (protecting consumers in a similar manner to how we protect those with pre-existing conditions) and it is reasonable to assume pro-eugenics political groups wouldn’t be any less dangerous without this genomic data available.
Thus, I struggle to see how this data changing hands would be especially detrimental to society. One could contend a moral dilemma will arise from future developments in cloning, but would it? We already have clones in the form of identical twins, and their existence does not seem to create many, if any, especially problematic moral dilemmas. Maybe people are worried that society will start cloning celebrities and famous intellectuals instead of having babies more naturally — creating a world of designer babies where the diversity of thought and talent shrinks in a “tragedy of the commons”-esque dilemma — but I don’t think this is people’s issue because most people frame their qualms as more of a personal privacy issue. Moreover, designer babies issue I describe would likely become an issue with or without cloning.
There are issues that come to mind regarding genomics in commerce — such as the ethics and market incentives of patenting certain genomic patterns — but again I don’t see how this 23andMe data changing hands make this issue any more pressing than before.
On the other hand, my instinct (which I have learned to never blindly trust) is that making the data more widely available may make it cheaper and easier for researchers to make impactful discoveries. Therefore, my biggest worry with the change of ownership is that the new owners may keep the data behind a bigger wall.
mort96 · 37d ago
Look at the current political situation in the US. Do you think there's a lot of legislation protecting consumers from insurance firms any time soon?
johnnyanmac · 37d ago
Fortuantely my state is still pretty good about this, despite the federal administration throwing consumers by the wayside.
citadel_melon · 36d ago
I agree with this point to some extent, but insurance before protections for preexisting conditions used acne as a reason to reject cancer treatment claims: obviously fraudulent behavior. If insurance is deregulated and any regulations aren’t going to be enforced regardless — a path we are going down — insurance firms will weasel out of claims with or without this genomic data
> The California-based company has publicly reported that it is in financial distress and stated in securities filings that there is substantial doubt about its ability to continue as a going concern.
xyst · 37d ago
Given such a late warning, is there any staff left to do the data deletion requests before it heads off into bankruptcy courts
flockonus · 37d ago
Either way, for the company customers under this circumstance I'd absolutely recommend sending all possible means of requesting data deletion, at least there should be a paper trail that such thing was requested.
vesinisa · 37d ago
Looks like the company expects to remain operational during the bankruptcy/restructuring, so I would say yes.
dudus · 37d ago
Just requested my data deletion. Seems like it worked.
noja · 37d ago
Does a deletion request delete your data, or unlink it from you? Because they use shadow profiles.
navigate8310 · 37d ago
I always think of such mandates and laws assumes good faith from the company it is targeting which then leads to "trust me bro" vibes.
hoc · 37d ago
Gov sites issueing warnings about citizen data security seems a bit funny these days.
Elon: "Comedy!"
ks2048 · 37d ago
There are troubling privacy issues, but it was able to tell me: "Toe Length Ratio : Likely second toe longer". I didn't even have to look down!
Maybe it was a bad idea. But, I figured if we enter a dystopian future, evil health care companies or governments could easily get my DNA if they want to and/or simply require that information to get care. When you get blood drawn, do you see what they do with it?
Hopefully, what matters is the laws we all fight for and not whether I sent my spit to an internet company in 2022.
Anyways, will delete my data.
midtake · 37d ago
> But, I figured if we enter a dystopian future, evil health care companies or governments could easily get my DNA if they want to and/or simply require that information to get care.
Yes, because you gave it to them. Nihilism undermines any sort of resistance movement against evil.
vintermann · 37d ago
I think it's a mistake to think that the tyrannical governments of the future will be sophisticated. The way the trend is going, they will be ever more banal. They're not going to target a virus for you, they're going to knock down your door, shout at you, lock you up or shoot you. They likely won't even bother with having chatgpt write up a pretext for it.
That doesn't mean we can do nothing, but it means withholding information won't matter as much as some people think.
johnnyanmac · 37d ago
There's not much resistance to someone wanting your DNA. It's so trivial to get that you'd basically need to become a hermit to try and prevent it. A hermit that shaves themselves and burns their trash, one that lives with gloves on dyrung every waking hour and disinfects their chair and bed daily.
It's not really something the mass population can physically prevent from a determined actor. Like data, you need to regulate it instead of take excessive preventative measures.
jajko · 37d ago
This is a wrong mindset. Just because its technically possible to obtain DNA we should all give it up easily since its already a lost cause? Its one thing if you are specifically targeted for whatever reasons, then yes one is screwed.
Another is to have all info and weaknesses automatically available to 'the man' or more 'the men', no need to make things too easy for them and jump ahead in queue.
johnnyanmac · 36d ago
>Just because its technically possible to obtain DNA we should all give it up easily since its already a lost cause?
Yes. I'm lazy, and at thaat level of compromised data: it is much easier to disincentivize theft than to worry about theft at every corner. You need to change your approach away from the immediate instincts.
>Another is to have all info and weaknesses automatically available to 'the man' or more 'the men'
They already have it. Fortuately, we made laws disincentivizing them using that stuff without big reprecussions.
masfuerte · 36d ago
It's completely different. Sure, someone can specifically target me and get my DNA, but they can't trawl for me in an existing database.
johnnyanmac · 36d ago
>but they can't trawl for me in an existing database.
Sure they can. The government obviously can. Otherwise they just buy data from the decade of tracking data left behind. That's the relatively easier part in comparison to targeted DNA gathering.
masfuerte · 36d ago
They can't trawl my DNA in an existing database, because I'm not in it and, AFAIK, neither are my relatives.
brikym · 37d ago
No he didn't but his overly curious aunt Janice gave it to them.
harvey9 · 37d ago
He really did - the post indicates he got an analysis back from 23andme.
abracadaniel · 37d ago
You can request your data from a section in the site first if you like. Some of the downloads say they can take a few days to generate, but all were available within a day of my requests.
k__ · 37d ago
They told me I have an average to lower risk for Alzheimer's and Parkinson's disease.
All I wanted to know, since my grandpa died of Parkinson's.
1oooqooq · 37d ago
you could have asked you primary care doctor for a test, instead of paying a company for the privilege of creating a dna map to sell to law enforcement.
lotsofpulp · 37d ago
23andme sells this for a set price, advertised on their website.
A clinic usually asks you to sign a form that says you are responsible for paying whatever they and an unaffiliated laboratory end up saying you owe. Minimum being $250, and maximum being unknown.
johnnyanmac · 37d ago
That may sadly be more expensive in the US. Even if you're insured, the copay + coinsurance may still cost you more out of pocket for such tests, depending on the specialists needed.
xbmcuser · 37d ago
Looking at how the current administration is following laws and court orders I think you might have too much trust in laws
arduanika · 37d ago
> I didn't even have to look down!
Hilarious, I love it.
Next you're gonna say they told you that you'll probably die of something that you can forestall a bit with good diet and exercise.
ks2048 · 36d ago
Looking at my "Reports Summary", it's all mundane stuff like the toe thing I mentioned. It seems all the medically relevant stuff require premium subscription.
raverbashing · 37d ago
This could actually be a plot point on a dystopian sci-fi movie (identifying people by weird metrics like toe size and such)
vihren · 37d ago
You might like Gattaca if you haven't seen it.
longtimelistnr · 37d ago
One of my favorite movies
fc417fc802 · 37d ago
That sort of thing is already in widespread usage. For example palm geometry readers as a biometric factor to go along with a key card at a building entrance.
Although in the future I imagine it's more likely to be things like arm to torso ratio or gait recognition or similar, done via machine vision.
raverbashing · 37d ago
It's different
Biometric comparison is commonplace, once you give your biometric info
What I'm saying is that people would be id'd by a biometric measure derived from a genetic measure
(and yes of course I watched Gattaca already)
dehrmann · 37d ago
Like browser fingerprinting.
Dibby053 · 37d ago
Like fingerprint fingerprinting?
1oooqooq · 37d ago
no. fingerprinting is like denying a kid at a carnival ride with a height check.
what this thread is about is denying a kid a kindergarten spot because the dna shows their height will never get them a basketball college scholarship.
nomdep · 37d ago
Your example doesn’t make any sense, because they could do it right now: most of the kids are never going to get a basketball college scholarship, everyone knows it, including schools, and they don’t care
balamatom · 36d ago
It's an example of a thing that doesn't make any sense.
And people are made to care about things that don't actually make any sense all the time, you just gotta set up the incentives just right.
windward · 37d ago
I'm very glad this wasn't productised before my in-laws were my in-laws
alexfromapex · 37d ago
Already downloaded and deleted my data. It’s so wild that some new buyer could just buy peoples’ genetic data at a fire sale.
transcriptase · 37d ago
I do wonder whether the data is actually deleted or they just do like every other large tech company and set a “deleted = true” flag that hides it from the user, since actually deleting it and all of its replicates across data centres, backup images, and tape storage is from what I’ve been told, virtually impossible even if the will was there.
Unroasted6154 · 37d ago
It possible with crypto shredding.
You store everything encrypted with one key by customer. When you want to delete you erase the key.
The data becomes unusable everywhere (backups included).
Then a job periodically garbage collects data without a key, but that's more for cost saving.
Big companies do this but it requires some technical maturity. If you operate in Europe you have to implement proper data deletion. I would be more worried about small companies that large ones tombe honest.
Quekid5 · 37d ago
You still have to backup those keys somewhere... and if you don't do it the same way as for the data then your backups are effectively worthless.
muti · 37d ago
Much less data to back up so it can be stored in a way that is replicated for redundancy but still mutable. Separating the key and data is what allows for sending data to tape backup etc
Quekid5 · 35d ago
If your (backup-via-redundancy) keys are mutable, you do not have a backup. What happens in the case of a ransomware attack, for example?
You've also added (possibly substantial) latency to every single operation that operates on user data.
muti · 34d ago
The specifics of how the keys are backed against different failure modes/attacks is orthogonal to the splitting of data/key.
Yes you would need to carefully design the system that allows deletion of keys while minimizing chances of data loss, but it can be done, and it's going to be cheaper and less complex to do so on a tiny subset of the data.
Latency considerations are also down to design, it's not a given that there will be significant overhead imposed.
Unroasted6154 · 33d ago
One simple way is to keep only a few days / weeks of (immutable) keys backups.
You can always stop the deletion of you have a big issue.
If the law says you have 14 days to delete all data, you keep only that much backups.
ripped_britches · 37d ago
Yea was going to say this. I would be surprised if any major company does this for normal uses.
Unroasted6154 · 33d ago
That's how GAFAMs size companies do it. They need to comply with European regulations for data deletion, and there are very few other options.
It's absurd to me how soft deletion took over the entire industry and 'DELETE FROM' became taboo.
goosejuice · 37d ago
For every customer that legitimately wants their data deleted there's a hundred that complain their data is gone after confirming deletion. The same customers that mark your transactional email as spam then complain about not being able to get into their account.
Exaggerating here, but I do think soft deletion practices can be partially blamed on real business problems. I'm not sure why anyone would think that using soft deletion on an actual burn account function would be sensible though.
zmgsabst · 37d ago
A few reasons:
- you have legal obligations no matter what the customer wants, eg, Amazon and storing transactions for tax reasons
- you do actively delete most of their data, eg profiles, but “deleted=true” on their central account record is needed to propagate the deletion to other systems, eg, customer analytics
- you tombstone it for efficiency reasons and only periodically delete the records as part of your checkpoint/backup procedure; similarly CDN deployments
- you delete all the live copies, but tell customers “retained up to 90 days” because you need backups to age out
I’m not saying companies are all innocent — but there are some legitimate reasons that deletions aren’t fully instant.
goosejuice · 36d ago
Yes, but if you have a legitimate need, then you should just inform the user when the data will be removed and why.
silisili · 37d ago
I get that a little from the company perspective, but it leads to its own issues of perhaps more important magnitude.
If you have data for a user, who wants to delete it, you can soft delete to allow recovery to prevent complaints.
On the other hand, 5 years from now your system gets hacked, and now you have to email some person you haven't done business with in 5 years to tell them their data that you claimed was deleted was leaked.
Sure you can do soft deletions with some hacky actual delete schedule but it doesn't really solve the problem, only reduces the timeline.
johnisgood · 37d ago
Why not educate the customer? "If you request deletion, do not expect your data back, because it truly will be deleted!". Sad state of world that this has to be said, however.
Discord (and many other places) allow you to recover your account within a specific period of time, but they do not delete anything, you just simply lose access and your name gets changed (and avatar and status removed), but all your DMs are there, all your messages are there (although I understand why, especially in servers (guilds)).
There is a way to bulk save and delete messages from Discord, however.
johnisgood · 36d ago
Correction: "unofficial way [to ...]".
speff · 36d ago
People in general simply do not read warnings like that. It’s a form of autopilot that everyone utilizes to function/cope in an age where they’re being bombarded with too much information
goosejuice · 36d ago
Precisely. I'm specifically talking about cases where such a warning was present. Customers will claim they never saw it or any other excuse.
johnisgood · 36d ago
Cannot you point them to the warning and be done with it after a complaint, or is the amount of the complaints and its handling is the issue?
goosejuice · 36d ago
When I say warning, I'm talking about a prompt after attempting to delete that asks if they are sure and clearly states that the action is permanent. This would display on every attempt to delete a record.
johnisgood · 36d ago
Yeah, but why care if they did not see the warning and they actively clicked on it? It is their fault.
TeMPOraL · 37d ago
> The same customers that mark your transactional email as spam then complain about not being able to get into their account.
That's on you though - shouldn't have sent spam pretending to be transactional email.
goosejuice · 36d ago
Many users don't understand what happens when they press the spam button on a password change request or similar email.
I'm not talking about unsolicited email, but legitimate transactional email related to the account that only triggers off a user action.
account42 · 36d ago
Many more spammers think their special and their crap doesn't actually smell.
miyuru · 37d ago
I have seen people report confirmation emails, they themself requested.
Internet is not what we used to have years ago, currently the majority of users are not tech literate and that creates new problems now.
randomNumber7 · 37d ago
> I'm not sure why anyone would think that using soft deletion on an actual burn account function would be sensible though.
When the data has value to the company and it is legal to keep it it seems very sensible to keep it (out of the perspective of s.o. acting in the interest of the company).
goosejuice · 36d ago
By burn I mean legitimate deletion, as in remove all of my data from your service. If you offer deletion of that sort then it's misleading to retain.
randomNumber7 · 36d ago
I understand what you mean but you don't want to understand what I wrote.
nikanj · 36d ago
To be fair, tons of companies flag their promotional newsletters as transactional urgent act immediately. It's not hard to see why users don't really react to emails anymore
friendzis · 37d ago
To `DELETE FROM` you have to have at least a relatively vague idea what you are doing. Go and find an organization that has their data and component dependency maps ready and up to date :)
One hard delete can expose months worth of bugs.
silisili · 37d ago
'Our data design is too bad to allow anyone to delete anything' is not, to me, a valid reason to prevent actual deletion.
groestl · 37d ago
Enter Git. (FTR, I don't think it's bad data design. It's a tradeoff. Sometimes it's even a feature.)
MrMcCall · 37d ago
Can't delete from backups, though.
friendzis · 37d ago
If you really cannot (although, most probably just burdensome), you can always render the data unreadable. E.g. by destroying the keys.
beejiu · 37d ago
Don't forget to backup those keys, though :)
groestl · 37d ago
Not deleting something you should have: a fine. In some countries.
Deleting something you should not have: potentially a business extinction event. And a fine as well.
raverbashing · 37d ago
Too many fat fingers, too many relations that were not suppose to break (or were supposed to be disjoint but weren't), too much regulatory uncertainty, both for deleting and keeping the data, etc etc
silisili · 37d ago
The regulatory aspect is one I get.
The problem is that it infected the mindset of almost every company. Those that worked at companies who needed it brought the mindset everywhere. And like many technologies, people who study what big companies do mimic it everywhere, even where it's not needed.
So your simple stupid SaaS company has some simple object that a user wants to delete that ends up living in a db somewhere... forever.
timeon · 37d ago
Seems risky to put your data on non-EU servers. It is still risk, but at least there is legal framework.
nickm12 · 37d ago
Says someone who has never experienced a data loss bug.
silisili · 37d ago
Was the data really important? Is it worth holding people's data hostage because of subpar developers?
I'm not at all saying that soft deletion shouldn't exist. I'm arguing that hard deletion should be the default, and then soft deletion practices should have some justification.
Instead the industry chose to just soft delete everywhere, which is good for the industry, and bad for users.
nickm12 · 27d ago
The industry chose the default of "data that is stored in durable storage is probably important". Sorry, I just don't see how that is bad for users when compared to the alternative default of "data that is stored in durable storage should be irretrievably deleted immediately".
fc417fc802 · 37d ago
Soft delete is a sensible default to prevent all sorts of problems. It's almost always good for a human to be able to get into the system and revert things if something bad happened.
It should just be followed up by hard delete several days or weeks later. The general policy should never be to hold things indefinitely.
As a practical example I have soft deletion for more or less everything on my desktop. There are periodic filesystem level snapshots and those stick around until I manually GC them. It has saved me more than once.
msie · 37d ago
Not really, soft deletion has saved many people's bacon.
al_borland · 37d ago
That doesn’t mean soft delete should be the only option. With some of our processes, we soft delete for a period of time (2-4 weeks) to account for mistakes. Then, if on one tries to recover it after that time, it does the actual delete.
This seems like a reasonable compromise to me. It offers a safety net, while still getting the job done.
With as many data breaches as we see these days, I want my data gone. If someone gets a dump of the DB, a delete flag doesn’t matter.
This was the primary reason I never got a DNA test, even though I want to see what my results would be. I never trusted the companies to store that data long term. If I could get a test where a company didn’t store the results after they were provided to me, I’d get one tomorrow.
johnisgood · 37d ago
The AT&T leak was huge. :D There was also a leak in either 23andMe or some other company handling DNAs not too long ago (months, maybe 2 years >.>).
kshacker · 37d ago
Our industry's dark secrets getting exposed like this ... yeah you are right, we don't even need a whistleblower for this :)
tdeck · 37d ago
Soft deletion doesn't satisfy the company's obligation under the CCPA.
bbor · 37d ago
It is the law in California, and it is certainly possible at scale, just not cheap or trivial. Presumably, given the intense focus of the state government on their company in particular, they have long since implemented a compliant deletion mechanism!
The question, of course, is whether that same functionality is applied to residents of other states wishing to delete their data…
carimura · 37d ago
it very likely may not be per their own words. They are "bound by various legal and regulatory obligations that may necessitate retention of certain information". This came straight from their privacy team.
sofixa · 37d ago
It was wild to send your genetic data to a private company that could do whatever it wanted with it for a gimmick (3% Irish? who cares, if you're interested go look up archival records of your ancestors).
dplgk · 37d ago
My half aunt who never knew who her father (my grandfather) was found my family through 23 and me relative matching. That's life changing, not gimmicky.
greggsy · 37d ago
Interested to know whether the collection statements can persist, or if they can just send a generic ‘we’ve updated our privacy policy’ email.
1oooqooq · 37d ago
deleting your data just change "for alexfromapex, sibling of x, son of y and z" to "maybe belong to owner of email alexfromapex@gmail, sibling of x, son of y and z"... that's the beauty of soft deletion plus shadow/inferred profiles.
andy_ppp · 37d ago
As an aside I actually regret signing up for 23andMe, not because this isn't a great idea but more because I find the idea that the future having copies of your DNA around we might end up in some weird sci-fi universe where people can be specifically targeted with viruses or profiled in some other way. Not that I'll ever be important enough for that to happen but it feels like an invasion of privacy having such personal data lying around in a small text file. To some degree it's a copy of who you are.
Who knows who will buy all this data after bankruptcy...
Does anyone at 23andMe know if when DNA data and account is deleted by them that it is really deleted/purged from all backups and systems? Anonymous accounts are available, thanks!
aucisson_masque · 37d ago
> Who knows who will buy all this data after bankruptcy...
People who think having millions of people dna is worth something. I could think of company working with private investigators or even governments.
Your dna sample is part of 23andMe valuation right now, I wouldn’t have hope even if it says your data is removed on their website, there are still backup.
KineticLensman · 37d ago
Or health insurers looking for markers of disease / chronic illness
lotsofpulp · 37d ago
In the US, they wouldn’t be allowed to use that data to underwrite policies:
Define "easily". As I understand, it would require amending the Affordable Care Act. Assuming some rules are still being followed at the federal level.
ceejayoz · 36d ago
That is well within "easily". One party controls Congress, the White House, and SCOTUS right now, and they're quite notably not showing much restraint right now.
zeroonetwothree · 36d ago
And how many laws have they passed? Apparently it's not so easy, is it...
Congress hasn't really been functional in decades
dragonwriter · 35d ago
> And how many laws have they passed?
Few, intentionally: a strategic decision has been made to use control of Congress as a shield for executive dictatorship, rather than using it to pass laws, with the attendant public debate and recorded votes.
ceejayoz · 35d ago
They’re busy dismantling entire departments by executive fiat. When they’re done with that, we’ll see.
mentalgear · 37d ago
The famous US data delete that is just a "soft delete". Maybe different in California. In the EU with GDPR, companies are required by law to have all your data deleted after a month from user deletion request.
genewitch · 37d ago
How is this done in practice? Do you all just do backups different? What percentage of deleted data still exists, obfuscated as user1029387 in the tables? With "deleted" boolean column obviously set to true.
The very idea that it's possible to delete all your data from any service not running everything on tmpfs is funny to me.
jajko · 37d ago
Its not even funny, its just dangerously naïve, on hacker news from all. I can bet half of my salary that absolutely none of those records are deleted forever, and even anonymization is probably very soft and reversible, if done at all.
I work at a bank, one of major ones. We have various regulations stating to keep client records for 5 years. We have trainings that specifically say that we shouldn't keep client records longer than 5 years (additional costs, generally just a risk without any reward).
Guess what - main core banking system's DB holding all client data and transactions is ever-growing, no data were ever purged from it in past 30 years. Nor will it ever happen in future. Too complex, nobody owns removal process, nobody rally cares about those data.
This is situation with 0 good reasons to keep data. 23 has massive valuation reasons to keep them. Its not what it can be used for now but the vast unknown potential in future, of data that are inheritable and thus useful for hundreds/thousands of years. Don't hold your/parent's breath, be reasonable in current climate.
genewitch · 36d ago
someone elsewhere mentioned they use a key (encryption key) per user and just change the key, but A) i don't buy that, how do you prove you deleted a key? and if the user maintains the key and can revoke both their and the service's access to their data, lots of users will do this accidentally. Look at, say, matrix from a few years back, it'd constantly hose your keys and you'd have to attempt to restore from a backup key, but not that key, that's the first key - and apparently you accidentally clicked "backup key" again at some point and now all your stuff is that new key, even though you didn't specify you wanted a new key, you just clicked "back up key" to see what it did.
Also i "permanently" deleted a facebook account 2 years ago, and through a quirk on a cellphone facebook immediately brought the account back like it had never been deleted. I issued another "permanent delete" for that account a week ago, but i bet dollars to doughnuts in 5 weeks i will still be able to "oops i forgot my password, send me an SMS" will reactivate the account again.
If facebook can't or won't do it, i don't really think anyone handles this correctly.
Except people like me that store everything that users upload in tmpfs, and whenever i feel like it, i bounce the box. Good luck recovering any PII from that system. Unfortunately it doesn't have access control (there is no access to the system - that is, ssh, login, shell, whatever - from outside.), so i can't claim hipaa compliance. That and it doesn't log, so after a bounce i can't even verify who did what.
Most users won't stand for this kind of thing, but the users that can, depend on my random reboots if they forget a delete key (usually reloading the tab will "forget" the delete key.)
zeroonetwothree · 36d ago
I'm sure the fact that it's "required by law" has them quaking in their boots.
mentalgear · 37d ago
> Not that I'll ever be important enough for that to happen
Once cheap enough, be sure DNA analysis is used for better ad-targeting at scale, just as users' web traffic is analysed.
All is done once economically feasible and grey-legal enough.
johnnyanmac · 37d ago
Sure hope GDRP would cover that since it's involving "general data"/
mathgeek · 37d ago
> Not that I'll ever be important enough for that to happen
Not that it keeps me up at night, but it’s fascinating to me that if we ever get to the point where a machine is in a position to care about your DNA, it probably will have enough resources to not need to rank anyone by importance.
ornornor · 37d ago
There was a US government entity (can’t remember which one) post on here a couple days ago warning that 23&me was about to file and showing how to delete your data and opt out of ever selling it to anyone. Look it up on hn.algolia.com there weren’t very many steps.
andy_ppp · 37d ago
I deleted my account and data (in theory) maybe several years ago.
dragonwriter · 37d ago
It was actually the California State Attorney General.
ndsipa_pomu · 37d ago
As we constantly leave bits of our DNA around the environment, I wonder if it would be worthwhile for an unscrupulous company to just collect DNA for nefarious purposes. I'd guess that they'd need the DNA linked to a person for it to be worthwhile, so maybe an easy collection device would be to send out a return addresses envelope for entering a prize draw or something, and then collect the saliva used to seal the envelope (i.e. not a self-sealing one, but one that you have to wet/lick).
No comments yet
TechDebtDevin · 37d ago
Download your raw data. You have to request it from them so people should do that asap
napolux · 37d ago
exact same reason why I never fell for their scam ads.
rendall · 37d ago
For what it's worth, this is on their Data page:
> What happens to my data if the company is sold or otherwise changes ownership?
> If the company does change ownership in the future, your data will remain protected under the current 23andMe Privacy Policy unless and until you are presented with materially new terms, with appropriate advanced notice to review those material changes as required by law.
Advanced notice to review the changes ... but can you reject them? I've yet to be presented with the option to reject a change to a privacy policy or ToS.
rendall · 37d ago
You can reject the change by deleting your data. But your district's data protection laws might be different than mine.
Naru41 · 37d ago
Successful Math/CS people have a hard time applying it in biotechnology.
> Successful Math/CS people have a hard time applying it in biotechnology.
No surprise given that biotechnology has a lot more stakeholders. Ethics aren't just an afterthought because unlike VC/the stock market, academia has lots of ethics review gates in place. And for those that think they can sidestep ethics by going private (be it Theranos, 23andMe or various other such services), they'll all find out one day that it will catch up to them.
johnnyanmac · 37d ago
they are all very different worlds. math works purely in theory and simply explains phenomenon. Likewise, much of software is ephemeral and gets its ethic indirectly once people are involved.
to work with life is to work in factors that directly affect others, Unless you're doing something like pure biology where you simply observe. Even then, the art of observing sentient beings has its hundreds of quirks.
cwbriscoe · 37d ago
I have never participated in any of these DNA sites but I have an aunt that pretty much put in our full family tree. Is there anything I can do to remove myself without making an account?
sandos · 37d ago
How do you propose deleting you family tree? That info is obviously not very private.
BrandoElFollito · 36d ago
Well to us Europeans it is. This is PII so its handling is documented.
You can requires all your data to be deleted and tastiest none is added.
This deletes the "family tree" to be seen by everyone
bsza · 37d ago
How many second cousins does Mark Zuckerberg have?
DonHopkins · 37d ago
It was an extremely large egg sack.
wodenokoto · 37d ago
I don't know if filing for bankruptcy has immediate effect of being bankrupt, but if they are still operating normally, you can apparently remove "your data", like this:
Seems like they struggled to turn a one-off purchase model into recurring revenue. At some point everyone in the world who cares enough about their DNA has already bought your product.
and the point of going private is likely to not have to publish all the revenue sources from the data.
xeromal · 37d ago
I hope ancestry just buys them. They've floated a ton of bad markets and come out unscathed
username135 · 36d ago
I take full responsibility, I deleted my data yesterday and now the company has filed for bankruptcy.
theogravity · 37d ago
Just deleted my data. Who knows who will own it after this?
carimura · 37d ago
their own privacy team told me they are bound by regulatory obligations to retain data even after you request deletion. I've notified our attorney general's office to see if anything can be done but it might be too late. I'd love for someone who knows these "regulatory obligations" to chime in.....
kelnos · 37d ago
Interesting, as that would be a violation of the CCPA/CPRA for customers who are California residents, at least.
The "regulatory obligations" sounds like a fake excuse. Is 23andme even regulated beyond how your regular average business might be?
adastra22 · 37d ago
Federal regulations trump state codes.
nostromo · 37d ago
Yes, they have been regulated by the FDA for a decade now.
llm_nerd · 36d ago
>their own privacy team told me they are bound by regulatory obligations to retain data even after you request deletion
They have to retain data about the person who requested the deletion which seems eminently reasonable. In the future if you sue them because you can't access your account that you paid for, they have a record that you requested said account's deletion.
Similarly they obviously can't withdraw your data from the anonymized research projects they pursued.
sollewitt · 37d ago
Well, purely going on who it is of value to, probably life insurance providers or pharmaceutical companies.
nielsbot · 37d ago
Still waiting for my "deletion confirmation e-mail". Hopefully it arrives.
avs733 · 37d ago
The immediate reaction here is customer data but I think it’s worth a reminder that this data has significant implications for non customers as well.
I nearly cut contact with my mother over he wanting to use 23andme for genealogy purposes. The threat was ugly but as far as I know got her to not do it.
There are a lot of people who have now made major choices for others personal data who had little meaningful informed consent. Now it’s up for the highest bidder. I have some small hope the EFF will say something on behalf of consumers and a court will listen. I it pure hopium but it’s all I’ve got.
Scoundreller · 37d ago
if enough of your relatives did, you're already toast
source: I'm already toast
comrade1234 · 37d ago
Plot twist: you’re adopted.
timeon · 37d ago
Silver lining?
Mengkudulangsat · 37d ago
So how does this work in the US?
I thought companies in bankruptcy will be broken apart and its assets sold piecemeal. Can anyone who buy this out of auction get in one piece and debt-free?
nico · 37d ago
There are two types of corporate bankruptcy, chapter 7 and 11. Chapter 7 is what you are probably thinking about. Chapter 11 allows for “rehabilitation”, ie. negotiating debt, discharging some, and setting up a plan to get out of bankruptcy
Most of the times when you see the news reporting about prominent/public US companies filing for bankruptcy, it’s chapter 11. Which is also the case here with 23andme
In chapter 7, there is no rehabilitation, the whole company is handed over to a trustee, who is in charge of selling the assets (or abandoning them), and paying back the stakeholders
friendzis · 37d ago
Yeah, rest of the world calls one bankruptcy and the other restructuring, adding to confusion.
llm_nerd · 36d ago
Both types are forms of bankruptcy in much of the world, exactly like the US. It usually isn't differentiated which because many companies that go down the restructuring route end up at the insolvency end when debtors aren't onboard with their plans.
Suppafly · 37d ago
It really depends on how the people in charge of the bankruptcy, I'd assume preference is to sell the whole business unless it's not viable to do so, then it'd be broken into parts. Breaking into parts makes more sense when the company has several lines of unrelated business, in this case, it's basically one business so breaking it up wouldn't garner more money.
sitharus · 37d ago
This is chapter 11 bankruptcy, which is basically a way to say "We can't afford to pay our debts, but perhaps we can all come to an arrangement". It puts the courts in a position of oversight so any unreasonable parties can be worked with.
In other countries this may be referred to as voluntary administration, though the exact details of what it all means varies from country to country and I'm not a bankruptcy lawyer.
mentalgear · 37d ago
I recall when 23andMe was featured on the cover of a popular tech magazine. At the time, I had concerns about the risks of sharing DNA with a company.
However, the article highlighted that one of the co-founders was the wife of Google's co-founder Sergey Brin, and the company's association with (and investment of) Google provided a sense of data security and stability. .... now it might be sold for (data) parts to whoever.
hardlyfun · 37d ago
I remember reading an article about how these companies were big bad conglomerates who had complete ownership over valuable personal data. Not really downplaying the potential harm that can come with these "assets" in the wrong hands, but nice to know corporate is so inefficient they couldn't even avoid bankruptcy... it will be a long time before they can even hope to orchestrate complex nefarious schemes.
gkoberger · 37d ago
...who do you think is gonna buy 23andMe when they go bankrupt?
cess11 · 37d ago
I would expect bin Salman or emirati royal to buy it.
arjie · 37d ago
It’s a pity I didn’t upload my sequence here. I imagine in the end the most comprehensive databases win. But @dekhn mentioned PGP and I’m there. Here I am https://my.pgp-hms.org/profile/hu81A8CC
Let’s see if anything worthwhile comes of it. Feel free to ask me for more. I have the raw reads as well. Email in profile.
flobosg · 37d ago
Just to clarify: In this case PGP stands for “Personal Genome Project”.
JohnTHaller · 36d ago
Which is dumb as it already stands for Pretty Good Privacy
basisword · 36d ago
I just don’t understand why anyone would ever have used this. I’m not a very private person but this always seemed like giving up so much in return for so little. Not to mention the people that found out negative things like great grandad had three families.
I imagine if you try to delete your data now it’s conveniently too late/no staff around.
This is unfortunate news for anyone whose data is now one of the assets to be sold to the highest bidder.
kibibu · 37d ago
Honestly it's always seemed completely insane to me that people signed up for these services.
Possible Pros: You find out you are 20% Norwegian! Fun!
Possible Cons: Grandma is going to prison for an unsolved crime. Assume a non-threatening position and comply with all orders of the new Department of Racial Purity. Also, that's not your real Dad.
whyenot · 37d ago
> Possible Pros: You find out you are 20% Norwegian! Fun!
It's kind of irritating the way you are minimizing the "pros" here (and you aren't the only one at HN who has done this recently). There are people who found their parents and siblings thanks to 23 and Me. I found my father and my half sister. Maybe it's not important to you, but there are people out there who are willing to "pay" a lot to find out who they are. I appreciate that to you it may not feel like a good trade, but please have the empathy to understand that for others, it is.
rvnx · 37d ago
The other pro is that with the 23andme file you can use Promethease, which helps you to figure out health risks and preventively adopt lifestyle or schedule appointments to discuss them with a health provider.
sofixa · 37d ago
You aren't your sperm donor, or your grandmother.
You are who you are, based on the genetics you got from all of them, and importantly, all the nurture you've received and learning you've done since that moment.
Reconnecting with lost siblings is a legitimate thing one can want and which can bring closure, etc etc but definitely doesn't have anything to do with who you are.
julianeon · 37d ago
I guess I'm in the camp that considers your con a pro. If my Dad wasn't or isn't my biological dad, I would want to know. And I'd be grateful to any service that informed me.
davely · 37d ago
This exact scenario happened to my wife. Grew up thinking her dad was her dad and that she was of some certain ancestry.
I remember her and I both spitting into a tube in our SF apartment in San Francisco in 2012 and mailing them off.
A few years later, we look at the ancestry data and there is a big surprise (she was ~50% something that she was sure 0% before that).
Turns out her dad wasn’t her dad and she was donor conceived — this has potentially huge health implications if you don’t know this.
By some fortunate circumstance, she ultimately found the donor… and 27 (and counting) siblings! Turns out the clinic where this all went down at in the early 1980s was sketchy and lied to a whole bunch of people and misused samples.
linotype · 37d ago
How did this impact her relationship with her dad?
No comments yet
Larrikin · 37d ago
I should have access to the data about me, it shouldn't be for sale ever. It's gross that we have access to this technology but only if we give away all our rights to a company even for a paid service.
The murder one is a little more nuanced but ideally it should be a legal matter where it can only be used with a warrant or your explicit single time consent and not buried in a TOS. If you don't want to help the police convict your grandma it could not legally be used.
mrweasel · 37d ago
The murder one scares me. The police and legal system are way to comfortable with using DNA evidence, not understanding the insecurities of it.
Danish police had to reopen over 12,000 cases where DNA evidence was used and redo everything because neither the police nor the judges understood that the tests used an insufficient numbers of DNA markers to uniquely identify a person. Most of the incorrectly identified people was exactly innocent, but people went to jail over drug charges that should have been a warning or a fine.
2muchcoffeeman · 37d ago
I can go and get DNA tests for somewhere between 200-1000 AUD right now. So it’s not crazy if you have a medical reason to do so.
What 23andMe did was try and build a startup around this with the intention of monetising that data in other ways later. That’s why it was so cheap that people gave them away for Xmas. Had this just been a private data base of people and connections, it would have cost many times more to get the test.
Nothing has gone wrong, except for those who handed over DNA.
jart · 37d ago
You hand over your DNA when you sit down, when you stand up, when you breathe.
sandos · 37d ago
Why was this downvoted? Your close family also shares your DNA, to 100%! Suppose your parents both test..
Your DNA is not something that you can 100% keep from others.
2muchcoffeeman · 37d ago
I think because it was unnecessarily conspiratorial. I can’t just sequence DNA can you? Do you think government agencies are collecting your tissues?
dekhn · 36d ago
Sure, people can sequence DNA in their garage if they want. You need to know how to do it and how to not mess up all the details if you want to get reliable data.
As for government collecting samples from the environment, they (researchers funded by the government) already do that- it was used in COVID and many other places.
jart · 36d ago
They have USB thumb drives for sequencing DNA nowadays: https://nanoporetech.com/products/sequence/minion You can use that toy to find out pretty much everything about anybody. This is just a technological paradigm shift that's happening. What made 23andMe different is that (a) they got YOUR consent, (b) they made the information useful to YOU. So no one here should blame the people trying to help. It's always the people trying to help who face the backlash of reactionary fear and anger. Since reactionaries never ask themselves what they're not seeing.
dekhn · 36d ago
I think you probably meant to reply to somebody else. I was thinking of the minion when I said "you can sequence in your garage". I was agreeing that things like airborne detection exist. I'm not blaming anybody, except Anne, who was woefully naive about the business and the science. I did try to point out that most people who try to sequence things on their own mess things up because sequencing and sequence analysis is quite tricky. Svante Paabo, who helped establish that we can sequence ancient humans, acknowledged that his first few people were really just analyzing his own sequences, as he contaminated the samples while handling them.
The minion is really quite limited- it's a convenient tool to have in the field, but nearly everybody who is doing serious sequencing is using larger, more expensive desktop machines in a lab.
jart · 37d ago
It's not a conspiracy. That's what we call a startup. You've never heard of airborne dna data collection? Go cry into your pillow :)
Reality is always so much more extreme than the conspiracies. Conspiracy theorists lack the minds to imagine half this stuff.
bhaney · 37d ago
I discovered I had around 20 half-siblings I never knew about and got connected with most of them.
> Also, that's not your real Dad
Yeah, that part was less fun
davely · 37d ago
I just commented about the same exact thing relating to my wife. Even down to 20+ siblings!
Like, it’s so common that I’m not even shocked to hear others with this experience.
As it turns out, there were a lot of sketchy clinics preying upon desperate parents in the early 1980s.
fc417fc802 · 37d ago
Why do you say they were preying on them? The donor either matched the stated criteria or didn't.
vintermann · 37d ago
There is no honour among eugenicists. There's even an own Wikipedia page for fertility doctors who used their own sperm - with a long list of cases.
jart · 37d ago
A lot of us trusted and supported her because she was married to Sergey.
No one was expecting that once she had the data she'd divorce him and go full Marissa Mayer.
benjaminwootton · 37d ago
When I saw the headline, I wondered why Sergey hadn't bought it for his spare change. I guess this is why.
lotsofpulp · 37d ago
He also married (and divorced) the woman that bankrolled RFK Jr. I would guess his office affairs have caused a lot of drama at Alphabet.
DonHopkins · 37d ago
> Also, that's not your real Dad.
But meet your new Big Brother!
theshackleford · 37d ago
I didn’t fuse this service, but I used another after experiencing life changing health circumstances in an attempt to identify the half of the family I don’t know.
Fuck me right?
kibibu · 37d ago
Ok,i was hasty in listing fun as the only pro (although that's certainly the only reason I can think of for giving these out as Xmas presents)
Only you can decide if it's worth it. I hope it was for you.
theshackleford · 36d ago
> I hope it was for you.
Ironically no, because all I got out of it at best was at best your list of pros. I already knew I was likely a european mongrel because i'm white as snow, so largely useless sadly.
dyauspitr · 37d ago
I signed up with a fake name and a prepaid debit card. They’re going to have to work hard to get mine.
vasco · 37d ago
This combination of being aware enough to use two fake data points while giving away your whole DNA is making me chuckle.
dyauspitr · 37d ago
I really wanted to know what’s in my DNA. I did the best I could.
sitkack · 37d ago
Not with any relatives by k-hops they won't.
dyauspitr · 37d ago
Yeah but they would need to be looking for me specifically. I think it would offer some form of anonymity in blanket sweeps.
mkl · 37d ago
> they would need to be looking for me specifically
I don't think so. They probably automatically determine how closely related all their customers are, so it just takes one of your (possibly distant) relatives putting in enough family tree.
LZ_Khan · 37d ago
How does a company like that go bankrupt? They sell kits for freaking $200. How is that unprofitable?
Mistletoe · 37d ago
You buy a kit one time in your life. I'm more amazed that people thought it could be a profitable business once everyone that was going to had purchased their one kit per lifetime. And it wasn't even $200, it was more around $100 or even less if you didn't want ancestry + health. I wonder if I can still get the locked away health part haha?
dyauspitr · 37d ago
What do you need though? One lab and software they already have?
TheDong · 37d ago
They took on VC funding.
A normal "small business" doing this could run with 3 software gals, 2 genetics guys, and a CEO that handles finances and management responsibilities. A "small lifestyle business" like that could make an okay profit for all involved.
A startup, however, took $XXMM in VC funding, which included strong encouragement that "you have to hire this many people, we want at least 10x growth".
Once you hire a team of 30 people to manage your servers and a team of 180 software engineers to write your webpage, it's super hard to scale back down to a scrappy 3-5 person software team.
Mistletoe · 37d ago
I assume they were doing the genotyping service at a loss. I had my entire genome genotyped for almost nothing and now I have the data forever. 23andme service was like a store having the milk in the back selling as a loss leader, but they have no other products to make up for it that you buy on the way out of the store. I see they have now added subscriptions, but who would pay for that crap when it's nonsense like if you will have a widow's peak or freckles and it isn't even right most of the time? I assume they thought they would sell all this data to someone like drug companies, but if they had buyers they wouldn't be going bankrupt.
xeromal · 37d ago
Pay employees and their wages?
xyst · 37d ago
Good. One awful company that was trying very hard to sell off our genetic data.
Wonder what happens to the treasure trove of data they have collected though. Hopefully the data is just 'sudo rm -rf —-no-preserve-root' and not included as part of bankruptcy proceedings.
wodenokoto · 37d ago
My girlfriend really want to do one of these DNA analysis package from one of 23andMe's competitors, and she cannot for the life of her understand why I don't want to.
How do I explain that I don't want my DNA analysed and sold around to all sorts of companies?
Ey7NFZ3P0nzAe · 37d ago
There is a consensus that there is still a tremendous amount of information in someone's dna to be extracted. She wants to know what we can learn from her dna today but the cost is giving to probably[0] anyone everything we'll be able to learn from her dna in the future. That includes dna about her family and potential children with you.
10-15 years ago she wouldn't have predicted trump, what can't she predict about 10-15 years or more from now?
[0]: data can't be erased but can be leaked.
mrweasel · 37d ago
> How do I explain that I don't want my DNA analysed and sold
Honestly you can't. I've come to realise that unless someone personally is hurt from the lose of private information, then there's no way to convince to the risks.
People either comes down on the side of privacy and caution, or they completely fail to see if issue and believe that the risks are vastly overblown. Very rarely do you see anyone go from the latter to the first, unless they suffer personally.
webspinner · 36d ago
Well... I'm an untested person! I never bought into the hype, because I don't ever do so. In fact, I told friends of mine in 2021 not to do so either. They said they had the test kit on their counter, and were debating on spitting.
drakonka · 37d ago
Does initiating deletion through your 23andme profile settings effectively invoke right to be forgotten/ensure data will be deleted in 30 days? Or is that effectively a soft delete that requires additional followup for a RTBF request?
Popeyes · 37d ago
Guess we are about to find out how valuable your DNA is.
asdffdasy · 37d ago
anyone remember when one of those dna testing companies was offering free dna testings in some atlanta(?) neighborhood, but then someone found out it was being paid by the local PD to try to find dna that matched someone they were looking for?
I'm certain i read about it from HN but i can't find any reference to that new anymore.
bananapub · 36d ago
please go and delete your data, immediately.
it's not just for you, but for anyone related to you - this database is hugely dangerous thing to have exist, and always has been, but at least notionally was a semi-serious medical business, but is now going to be sold for scrap in an extremely poisonous environment in the US.
dtquad · 37d ago
Can some billionaire please buy 23andMe's corpse and delete all data and physical samples they have?
Even if you have never used 23andMe several people you are related to already have so they have a partial genetic profile of you.
mrguyorama · 36d ago
The kind of people who become billionaires don't become billionaires by doing the right thing with no kickbacks.
People who do the right thing are usually satisfied by the time they hit only 50 million.
leakyfilter · 37d ago
Why should it matter? They can't link it to me since they don't have my genetic profile.
ascorbic · 37d ago
If they have enough of your relatives then yes they absolutely can.
timeon · 37d ago
> Can some billionaire please
Are we back to feudalism?
Traubenfuchs · 37d ago
Is there any useful dna sequencing offering left on the european market?
rchaud · 36d ago
SPAC IPO = not long for this earth.
sidcool · 37d ago
All your chromosomes belong to us.
MrMcCall · 37d ago
All your base pairs?
b800h · 37d ago
Well I'd downloaded our family genomes a while back, and had been attempting to get 23andme to respond in what I consider to be a proper way to GDPR disclosure requests. I've now just used their internal tool to delete our data.
I suppose that I'm fortunate to live in an area covered by GDPR and fairly strong medical data regulations.
yapyap · 37d ago
yikes, thats all your dna, sold
aaronbrethorst · 37d ago
Some billionaire should be an absolute hero: buy this thing and just shut it down. Delete all the data. Salt the earth. Move on.
jmount · 37d ago
Not how billionaires work.
MrMcCall · 37d ago
Precisely.
That's what we would do if we were billionaires.
And that's precisely why we're not billionaires.
I'm happy with my choices, though. They're merely confident and callous, but happiness will ever elude them.
aaronbrethorst · 35d ago
Fair point. I was a billionaire until I bought once-promising institutions and shut them down.
kelnos · 37d ago
Given that 23andme's market cap is under $50M right now, it wouldn't even take a billionaire.
rvnx · 37d ago
The Googley husband of the CEO maybe ?
seydor · 37d ago
millionaire
c16 · 37d ago
Your DNA, now available to the highest bidder.
uptownfunk · 37d ago
They really shit the bed on what was probably one of the greatest things in a decade.
- The CEO is effectively the control owner of the company, having 49% of the voting right. She has been trying to take the company private for some time.
- Last August, she proposed to buy all the outstanding shares at $8 per share. The board rejected. She installed a new board, and submitted her proposal again at $2.53 per share. The board rejected. She tried it a third time at $0.4 per share this month, and the board rejected.
- Meanwhile 23andMe was losing $50M every quarter.
So, unable to resolve the issue, the board choosed to enter into the bankruptcy process. I hope this relieves 23andMe from the corporate governance nightmare.
The share was trading at $8-$9 at the time.
The primary reason why the board has been rejecting the offer is that the CEO kept proposing discount prices to the market rate.
No comments yet
Edit, since I hit posting limit.
To pooper:
> Since it's such a big part of the S&P500
The conclusion is based on that premise, so any other business that satisfies that premise should also lead to the same conclusion.
To llm:
> I think their point is that businesses at the top of the S&P500 are traded at sentiment and momentum based values that are pretty disconnected from a logical P/E
I have read the same about other businesses many times. There is nothing logical about only using P/E as a factor in determining price (or “worth”). No one knows the future, so even a price derived from an arbitrary standard of P/E is a “sentiment and momentum based” value.
So index membership does change the stock multiple (but not by 10x).
Also, Tesla is an idiosyncratic stock with very high volatility and very high retail participation. Things can be true of Tedla stock which do not have to be true of the median stock.
Some stocks are overpriced, and others are undervalued. The inclusion in the S&P500 alone is just 1 of the factors.
In my opinion, Apple and NVIDIA are significantly undervalued based on their fundamentals, even though they make up a gigantic % of the SPX.
It could be logical to ascribe some value to a business’s leader having access to a US president known to be “open for business”? And we know a big tax bill is likely to be passed by year’s end.
Perhaps that will lead to good fortunes for Tesla shareholders. Or maybe not.
And the thing is, I don't have to be right about Tesla because I'm not making a single bet on that company. I'm making hundreds of bets using my methodology, and it's enough that I'm right 50-something% of the time (or even less than 50%, if we're talking Options trading).
That's what the whole stock market game is about. Hence, some investment companies, like Berkshire Hathaway, consistently make more than others over the long term.
Also, corrections aren't instant, so if the change of value was for something that had already happened, not something currently happening, the offer will reflect the expected price that the shares would settle at.
No comments yet
(apologies for the below crude metaphor.. but...)
I am 1.80. You can kick me in the nuts and I will fold, but I will still be 1.80 a few minutes later.
Let's see after the kick in the nuts if the price will still be $8.
When there is blood in the water the sharks start circling. And some sharks 'short'. And I know little about their operations of 23andMe, but I understand the _value_ of their data!!!!! So they may be sitting on a pile of Latinum and not be able to fully monetize it (sell it to every pharma/insurance/etc.) company on the planet.
In most high-profile bankruptcies, there aren't enough assets to even finish paying creditors, yet alone creditors. However, this is a voluntary Bankruptcy, so there might actually be assets left over to pay out to shareholders.
If the value of assets after paying off debtors is > $8/share, then that’s the easiest arbitrage opportunity considering it’s currently trading at $1.80.
Just buy the whole thing for $3/share (an irrefutable premium of 67%), shut down operations entirely, pay off the creditors, and pocket the net assets of > $8/share and more than double your money almost instantly.
If the claim is the CEO ran it into the ground then the board messed up even worse by not replacing the CEO.
So I’m doubting that is what is really happening here?
There isn’t one single value, value derived ( let alone perceived) is subjective
In this case, The stock is worth more(or less) to the 49% shareholder than others who are may value the founder holding defacto controlling stake negatively, thus discount the stock less than its book value .
This is also why sometimes same class of shares held by different people get priced (i.e. valued) differently in a single deal. Recently the paramount one is a good example .
Another famous example Yahoo was valued negatively for a long time before its sale to Verizon, I.e. its market cap was less than the value of its alibaba holdings .
One off events like county cases , drug trials likelyhood of a merger approval from regulators are hard to price accurately and can skew.
Can the board replace the CEO if the CEO has 49% of voting rights?
https://archive.is/zXqnB
There are "scavengers" out there who buy a company if its assets are worth more than the market cap, close down the company or otherwise spin out the assets, and thus earn more than they paid for the shares.
Possibly true 20 or 30 years ago, but now shares are speculative assets, their worth determined by what the market thinks they might be bought for by a greater fool.
If the company has no chance at future profit, it becomes a simple share of assets. There are plenty of companies with assets only and no revenue or employees.
And those might include things preventing majority owner from buying everything at $0.01 per share.
I can only hope at the end of the day their data doesn't end up in the wrong hands. It is their most valuable asset, and this is a way bigger deal than it seems.
Most peoples genomes are boring and at best sway the predisposition for disease by a modest degree. Exposing infidelity is honestly the best I can come up with.
I reached out to a guy on 23andMe that was a DNA relative (2nd cousin) and said hi. Curious how we were related, I gave him some family names going several generations back, and asked if any of them rang a bell in his family history.
He responded quickly and said no, they did not.
Then a few weeks later I get another response. He said that one of the names had faintly rung a bell, and when he dug into it, it turned out that was the name of his mother's boss for much of her career as a secretary. His heart sank when he realized it. He and his siblings did genetic tests and confirmed that he, the youngest, was only a half-sibling. Both of the parents were deceased so there's no way to know what really happened.
After dropping that bomb in the poor guy's lap I stopped using the DNA Relatives feature.
How about scam emails that open by asking people about their family history of some disease with a genetic marker and promising some miracle treatment?
I can think of even worse outcomes depending on how policy on immigration and naturalization shifts
How about generic profiling by a future malicious government that only wants certain types of genomes to proceed to the next generation?
You do that kind of stuff across enough axis and the people who ought to be leaving your supporters dangling from the overpass will be too marginalized and preoccupied to do much of anything.
You don't even need "high tech" to do this sort of stuff. Depostic regimes have been doing it for centuries.
If you have a baby at home with a lay midwife, the health departments retain will hound you endlessly to get this done, although legally you can choose to decline as a parent. Barely anyone does, since most parents want to know if their newborn will have a serious genetic disorder that can be easily avoided by (for example) avoiding artificial sweeteners.
What's different today that would create a massive outcry that there wasn't 4 years ago?
Even I think I'm nowhere near unethical enough to maliciously use this dataset, but who would have thought that a social media platform where you scroll posts from your friends and family could be used as a political tool?
This is a trait of delusional people as well as those very deep into some "technocratic" ivory tower without any formed code of ethics, too.
For example, we now have cell-penetrating prime editor ribonucleoproteins, a derivation of the CRISPR system. These are essentially assembled molecular machines that can be loaded install almost any genetic mutation, such as tumor driver mutations. A picogram of this protein complex is potentially enough to riddle your body with cancer a couple of years after delivery.
>depending on how policy on immigration and naturalization shifts
Birthright citizenship invalidates such profling, but even then: I don't think the government needs DNA to figure out identities of people in the database.
Even on a firesale, I doubt it would be cheap enough for the margins they work on. These aren't exactly large scale, sophsticated operations being worked with here.
>Only if you think that matters and the SCOTUS will uphold it.
Maybe I'm overly optimistic, but I think they will. If only because it's an absolute nightmare logistically trying to do it any other way. No country is going to accept a deportation flight of peopel who were not born on their land.
Or perhaps we have an underpopulation crisis decades later which does incentivize that. But that would solve the deportation issue in and of itself, right?
2. There is incest in your family. Pay to find out.
3. We have found 4 significant markers of X diseases. Pay to find out. (Against FDA in claims of illness)
4. A lost family member was found in $location. Do you want to identify them and send money? (Likely faked, scam)
5. Surrogate or adopted: we know your birth parents. Pay to find out.
There's just a few unethical and/or illegal business opportunities for malicious actors. And that was just 5 off the top of my head.
If you wanted to be really evil, you combine it with other hacked/leaked/ransomed data sources and turn the screws.
I'm concerned with being put on a list of ashkenazi, and sold to people who work for my death on that basis.
https://www.wired.com/story/23andme-credential-stuffing-data...
Why would a company being sold mean that the data can be used for a purpose it previously couldn't?
If insurance companies use this information to inform coverage decisions, then it's a moot point right? Just because you and I (who am also in this field) understand the limitations of the models and the data, does not mean that powerful entities will not use it to do stupid things.
I’ve done some of these saliva samples and I’ve seen the freak outs about what happens if “they” get my genome. But I cannot for the life of me figure out what they would do with it maliciously? It’s not like it can be used to sign up for a credit card or whatever.
Then we learn about the perils of "majority rules" setups, of lobbying, of trying to evaluate thousands of different decisions across hundreds or thousands of legislators, etc. and it becomes a lot less simple.
(but I get your point and I agree)
No comments yet
So once the ‘’’bad guys’’’ purchase the 23andme database, the story is complete! They can then frame our protagonist…
im just afraid of the unknown. now its useless but how about after another 5/10 years?
When I first heard about them and similar services, the potential for abuse was the first thing that came to my mind. I am not paranoid in any way and those were easy times compared to now. Still, I prefer not knowing my ancestry than this.
And ancestry for Europeans is not such a hot topic, you just need to look at a bit of history of continent and its civilizations and get the idea.
The outcome for this person is not great :-)
But that still seems like a minute possibility.
But if you were able to somehow combine the information with the medical history of people, then you could use the data for research, and come up with some DL model maybe.
I wonder if some of those freaking out about the issue have a reason to be concerned.
On the other hand, once the information is out there, any aggrieved party will have plausible access to it, so it could be argued any statute of limitations would kick in.
How much of lifestyle do you think is determined by genetics, if any, and how much of that link do we currently understand?
I feel the concern around genetic data privacy has normally been the risk of unknown future stuff, rather than any current known vectors. I'm not saying it's a legitimate fear, but I don't know if it's one that is placated with "we can't currently do anything bad".
I do think over time we will get a clearer picture of risk predisposition based on your entire genetic profile. However, I believe that genetic predisposion will remain a relatively small contributor for most disease states.
I agree that genetic predisposition will remain a small contributor for most disease states. However, I (an idiot who has no authority or experience with anything relating to genetics) feel we're going to learn a lot about how our genetics indirectly influence our behaviour and decision making though.
I think it'll be a boring dystopia: the biggest problem will be that the more complex, distant relationships between genetics and life outcomes are discovered, the more opportunities the bodies responsible for health will have to say "well we have to protect ourselves from the uncertainty, and that's going to cost you/be profitable for us".
https://www.healthcare.gov/how-plans-set-your-premiums/
All the other types of insurance (life/disability/etc) are free to ask you to provide DNA if they think it would be useful for underwriting. The fact that they do not means the DNA is not providing enough signal to be worth considering in the underwriting process.
I don't think they would care much for scientific validity in this case. It won't matter to them if the methods used are reliable. All they'll get is appraisal from mainstream media for their revolutionary approach, further ingraining social darwinism.
the method of being a fortune-teller? I don't see how that would ever be reliable unless we figure out voodoo kinds of tricks attacking the nervous system.
In the case of PRS assessment where it's already an established discipline, and not at all as unreliable as fortune-telling, it wouldn't be so hard to weaponize it.
But there's a difference between forming a cult and trying to convince the minds en masse of something.
And ok, let's agree for the sake of it that it is like astrology. Astrology is unnervingly popular, there are columns of big newspapers HN reveres dedicated to zodiac signs.
A cult consisted of people buying into something very close to eugenics masked as science doesn't sound it would have trouble gaining mainstream appeal in today's American society.
In fact, there's a great example of such discipline having already gained significant traction, even on this website, and it is none other than the field of evolutionary psychology. This field has provided close to zero replicable hypotheses yet it has been successfully weaponized into justifying prejudice and antisocial behavior, especially in the context of racial differences and dating.
Something like advertising reliable prediction of behaviors based on DNA would be cherry on top.
You mean like the art of advertisement, or more like what the extant system of social conditioning does in general?
I mean ancestry.com data van be used similarly, but genetical info is inobfuscable.
The ideal solution would be for all data to be deleted before a sale. If anyone would want to buy 23andMe without the collected data then that's perfectly fine.
If their DNA test can recognise first cousins, then they've got a recognisable DNA profile for each user's parents, grandparents, children and so on.
Narrator: it ended up in the wrong hands
I doubt that specificity would be economically profitable.
The police did catch the Golden State Killer by scavenging a used coffee cup or somesuch, however.
It's be much easiser to setup a DNA catfish from a Tinder date if someone is that determined to get a decent sample from you. If it's not targeted, a door-to-door salesman can collect dozens over a day for use.
There's so many social engineering tricks to take advanadge of that you'd paralyze yourself trying to keep your DNA to yourself. Better to just petition for regulation at that point.
And it required detectives to follow him around until he left whatever it was that was adequately isolated. It's a little different from a database of 7 million.
The NIH occasionally updates this chart (note: Y axis is log scale)
https://www.genome.gov/about-genomics/fact-sheets/DNA-Sequen...
You can see there was a dramatic reduction in costs from 2008 to 2015, as several vendors released several substantial technology improvements, and a slow improvement from 2015 to now, but it's roughly flatlined, and there isn't much investment in developing new technologies now.
To the surprise of many, having enormous amounts of genomic data hasn't been the clear-cut improvement to human health, although there are some exceptions (especially cancer identification and personalized treatment). If we truly wanted to, we could spend capital and build out the sequencing, compute, and storage infrastructure to sequence every person on the planet at least once at 50X coverage, and store the data in perpetuity.
I think there are negative externalities if the data is sold to insurance firms — who can use the genomic information in litigation and policy rejections — or if the data is sold to some sort of powerful, pro-eugenics political organization. The insurance externalities likely can be mitigated with minimal legislation (protecting consumers in a similar manner to how we protect those with pre-existing conditions) and it is reasonable to assume pro-eugenics political groups wouldn’t be any less dangerous without this genomic data available.
Thus, I struggle to see how this data changing hands would be especially detrimental to society. One could contend a moral dilemma will arise from future developments in cloning, but would it? We already have clones in the form of identical twins, and their existence does not seem to create many, if any, especially problematic moral dilemmas. Maybe people are worried that society will start cloning celebrities and famous intellectuals instead of having babies more naturally — creating a world of designer babies where the diversity of thought and talent shrinks in a “tragedy of the commons”-esque dilemma — but I don’t think this is people’s issue because most people frame their qualms as more of a personal privacy issue. Moreover, designer babies issue I describe would likely become an issue with or without cloning.
There are issues that come to mind regarding genomics in commerce — such as the ethics and market incentives of patenting certain genomic patterns — but again I don’t see how this 23andMe data changing hands make this issue any more pressing than before.
On the other hand, my instinct (which I have learned to never blindly trust) is that making the data more widely available may make it cheaper and easier for researchers to make impactful discoveries. Therefore, my biggest worry with the change of ownership is that the new owners may keep the data behind a bigger wall.
This should've been a giveaway that the company was imminently going to go under.
> The California-based company has publicly reported that it is in financial distress and stated in securities filings that there is substantial doubt about its ability to continue as a going concern.
Elon: "Comedy!"
Maybe it was a bad idea. But, I figured if we enter a dystopian future, evil health care companies or governments could easily get my DNA if they want to and/or simply require that information to get care. When you get blood drawn, do you see what they do with it?
Hopefully, what matters is the laws we all fight for and not whether I sent my spit to an internet company in 2022.
Anyways, will delete my data.
Yes, because you gave it to them. Nihilism undermines any sort of resistance movement against evil.
That doesn't mean we can do nothing, but it means withholding information won't matter as much as some people think.
It's not really something the mass population can physically prevent from a determined actor. Like data, you need to regulate it instead of take excessive preventative measures.
Another is to have all info and weaknesses automatically available to 'the man' or more 'the men', no need to make things too easy for them and jump ahead in queue.
Yes. I'm lazy, and at thaat level of compromised data: it is much easier to disincentivize theft than to worry about theft at every corner. You need to change your approach away from the immediate instincts.
>Another is to have all info and weaknesses automatically available to 'the man' or more 'the men'
They already have it. Fortuately, we made laws disincentivizing them using that stuff without big reprecussions.
Sure they can. The government obviously can. Otherwise they just buy data from the decade of tracking data left behind. That's the relatively easier part in comparison to targeted DNA gathering.
All I wanted to know, since my grandpa died of Parkinson's.
A clinic usually asks you to sign a form that says you are responsible for paying whatever they and an unaffiliated laboratory end up saying you owe. Minimum being $250, and maximum being unknown.
Hilarious, I love it.
Next you're gonna say they told you that you'll probably die of something that you can forestall a bit with good diet and exercise.
Although in the future I imagine it's more likely to be things like arm to torso ratio or gait recognition or similar, done via machine vision.
Biometric comparison is commonplace, once you give your biometric info
What I'm saying is that people would be id'd by a biometric measure derived from a genetic measure
(and yes of course I watched Gattaca already)
what this thread is about is denying a kid a kindergarten spot because the dna shows their height will never get them a basketball college scholarship.
And people are made to care about things that don't actually make any sense all the time, you just gotta set up the incentives just right.
Big companies do this but it requires some technical maturity. If you operate in Europe you have to implement proper data deletion. I would be more worried about small companies that large ones tombe honest.
You've also added (possibly substantial) latency to every single operation that operates on user data.
Yes you would need to carefully design the system that allows deletion of keys while minimizing chances of data loss, but it can be done, and it's going to be cheaper and less complex to do so on a tiny subset of the data.
Latency considerations are also down to design, it's not a given that there will be significant overhead imposed.
Exaggerating here, but I do think soft deletion practices can be partially blamed on real business problems. I'm not sure why anyone would think that using soft deletion on an actual burn account function would be sensible though.
- you have legal obligations no matter what the customer wants, eg, Amazon and storing transactions for tax reasons
- you do actively delete most of their data, eg profiles, but “deleted=true” on their central account record is needed to propagate the deletion to other systems, eg, customer analytics
- you tombstone it for efficiency reasons and only periodically delete the records as part of your checkpoint/backup procedure; similarly CDN deployments
- you delete all the live copies, but tell customers “retained up to 90 days” because you need backups to age out
I’m not saying companies are all innocent — but there are some legitimate reasons that deletions aren’t fully instant.
If you have data for a user, who wants to delete it, you can soft delete to allow recovery to prevent complaints.
On the other hand, 5 years from now your system gets hacked, and now you have to email some person you haven't done business with in 5 years to tell them their data that you claimed was deleted was leaked.
Sure you can do soft deletions with some hacky actual delete schedule but it doesn't really solve the problem, only reduces the timeline.
Discord (and many other places) allow you to recover your account within a specific period of time, but they do not delete anything, you just simply lose access and your name gets changed (and avatar and status removed), but all your DMs are there, all your messages are there (although I understand why, especially in servers (guilds)).
There is a way to bulk save and delete messages from Discord, however.
That's on you though - shouldn't have sent spam pretending to be transactional email.
I'm not talking about unsolicited email, but legitimate transactional email related to the account that only triggers off a user action.
Internet is not what we used to have years ago, currently the majority of users are not tech literate and that creates new problems now.
When the data has value to the company and it is legal to keep it it seems very sensible to keep it (out of the perspective of s.o. acting in the interest of the company).
One hard delete can expose months worth of bugs.
Deleting something you should not have: potentially a business extinction event. And a fine as well.
The problem is that it infected the mindset of almost every company. Those that worked at companies who needed it brought the mindset everywhere. And like many technologies, people who study what big companies do mimic it everywhere, even where it's not needed.
So your simple stupid SaaS company has some simple object that a user wants to delete that ends up living in a db somewhere... forever.
I'm not at all saying that soft deletion shouldn't exist. I'm arguing that hard deletion should be the default, and then soft deletion practices should have some justification.
Instead the industry chose to just soft delete everywhere, which is good for the industry, and bad for users.
It should just be followed up by hard delete several days or weeks later. The general policy should never be to hold things indefinitely.
As a practical example I have soft deletion for more or less everything on my desktop. There are periodic filesystem level snapshots and those stick around until I manually GC them. It has saved me more than once.
This seems like a reasonable compromise to me. It offers a safety net, while still getting the job done.
With as many data breaches as we see these days, I want my data gone. If someone gets a dump of the DB, a delete flag doesn’t matter.
This was the primary reason I never got a DNA test, even though I want to see what my results would be. I never trusted the companies to store that data long term. If I could get a test where a company didn’t store the results after they were provided to me, I’d get one tomorrow.
The question, of course, is whether that same functionality is applied to residents of other states wishing to delete their data…
Who knows who will buy all this data after bankruptcy...
Does anyone at 23andMe know if when DNA data and account is deleted by them that it is really deleted/purged from all backups and systems? Anonymous accounts are available, thanks!
People who think having millions of people dna is worth something. I could think of company working with private investigators or even governments.
Your dna sample is part of 23andMe valuation right now, I wouldn’t have hope even if it says your data is removed on their website, there are still backup.
https://www.healthcare.gov/how-plans-set-your-premiums/
Congress hasn't really been functional in decades
Few, intentionally: a strategic decision has been made to use control of Congress as a shield for executive dictatorship, rather than using it to pass laws, with the attendant public debate and recorded votes.
The very idea that it's possible to delete all your data from any service not running everything on tmpfs is funny to me.
I work at a bank, one of major ones. We have various regulations stating to keep client records for 5 years. We have trainings that specifically say that we shouldn't keep client records longer than 5 years (additional costs, generally just a risk without any reward).
Guess what - main core banking system's DB holding all client data and transactions is ever-growing, no data were ever purged from it in past 30 years. Nor will it ever happen in future. Too complex, nobody owns removal process, nobody rally cares about those data.
This is situation with 0 good reasons to keep data. 23 has massive valuation reasons to keep them. Its not what it can be used for now but the vast unknown potential in future, of data that are inheritable and thus useful for hundreds/thousands of years. Don't hold your/parent's breath, be reasonable in current climate.
Also i "permanently" deleted a facebook account 2 years ago, and through a quirk on a cellphone facebook immediately brought the account back like it had never been deleted. I issued another "permanent delete" for that account a week ago, but i bet dollars to doughnuts in 5 weeks i will still be able to "oops i forgot my password, send me an SMS" will reactivate the account again.
If facebook can't or won't do it, i don't really think anyone handles this correctly.
Except people like me that store everything that users upload in tmpfs, and whenever i feel like it, i bounce the box. Good luck recovering any PII from that system. Unfortunately it doesn't have access control (there is no access to the system - that is, ssh, login, shell, whatever - from outside.), so i can't claim hipaa compliance. That and it doesn't log, so after a bounce i can't even verify who did what.
Most users won't stand for this kind of thing, but the users that can, depend on my random reboots if they forget a delete key (usually reloading the tab will "forget" the delete key.)
Once cheap enough, be sure DNA analysis is used for better ad-targeting at scale, just as users' web traffic is analysed.
All is done once economically feasible and grey-legal enough.
Not that it keeps me up at night, but it’s fascinating to me that if we ever get to the point where a machine is in a position to care about your DNA, it probably will have enough resources to not need to rank anyone by importance.
No comments yet
> What happens to my data if the company is sold or otherwise changes ownership?
> If the company does change ownership in the future, your data will remain protected under the current 23andMe Privacy Policy unless and until you are presented with materially new terms, with appropriate advanced notice to review those material changes as required by law.
https://you.23andme.com/user/edit/records/
https://x.com/iskander/status/1903077361152610374 -- about a dozen of us with math/CS backgrounds ditched tech for biomedicine. And we got humbled hard: most of what we did flopped & techies
No surprise given that biotechnology has a lot more stakeholders. Ethics aren't just an afterthought because unlike VC/the stock market, academia has lots of ethics review gates in place. And for those that think they can sidestep ethics by going private (be it Theranos, 23andMe or various other such services), they'll all find out one day that it will catch up to them.
to work with life is to work in factors that directly affect others, Unless you're doing something like pure biology where you simply observe. Even then, the art of observing sentient beings has its hundreds of quirks.
You can requires all your data to be deleted and tastiest none is added.
This deletes the "family tree" to be seen by everyone
https://oag.ca.gov/news/press-releases/attorney-general-bont...
However, that's 2 big if's: Are they still operating normally, and do they consider "your data" data you upload or genetic data pertaining to you.
https://freakonomics.com/podcast/why-is-23andme-going-under-...
Seems like they struggled to turn a one-off purchase model into recurring revenue. At some point everyone in the world who cares enough about their DNA has already bought your product.
The "regulatory obligations" sounds like a fake excuse. Is 23andme even regulated beyond how your regular average business might be?
They have to retain data about the person who requested the deletion which seems eminently reasonable. In the future if you sue them because you can't access your account that you paid for, they have a record that you requested said account's deletion.
Similarly they obviously can't withdraw your data from the anonymized research projects they pursued.
I nearly cut contact with my mother over he wanting to use 23andme for genealogy purposes. The threat was ugly but as far as I know got her to not do it.
There are a lot of people who have now made major choices for others personal data who had little meaningful informed consent. Now it’s up for the highest bidder. I have some small hope the EFF will say something on behalf of consumers and a court will listen. I it pure hopium but it’s all I’ve got.
source: I'm already toast
I thought companies in bankruptcy will be broken apart and its assets sold piecemeal. Can anyone who buy this out of auction get in one piece and debt-free?
Most of the times when you see the news reporting about prominent/public US companies filing for bankruptcy, it’s chapter 11. Which is also the case here with 23andme
In chapter 7, there is no rehabilitation, the whole company is handed over to a trustee, who is in charge of selling the assets (or abandoning them), and paying back the stakeholders
In other countries this may be referred to as voluntary administration, though the exact details of what it all means varies from country to country and I'm not a bankruptcy lawyer.
However, the article highlighted that one of the co-founders was the wife of Google's co-founder Sergey Brin, and the company's association with (and investment of) Google provided a sense of data security and stability. .... now it might be sold for (data) parts to whoever.
Let’s see if anything worthwhile comes of it. Feel free to ask me for more. I have the raw reads as well. Email in profile.
I imagine if you try to delete your data now it’s conveniently too late/no staff around.
Possible Pros: You find out you are 20% Norwegian! Fun!
Possible Cons: Grandma is going to prison for an unsolved crime. Assume a non-threatening position and comply with all orders of the new Department of Racial Purity. Also, that's not your real Dad.
It's kind of irritating the way you are minimizing the "pros" here (and you aren't the only one at HN who has done this recently). There are people who found their parents and siblings thanks to 23 and Me. I found my father and my half sister. Maybe it's not important to you, but there are people out there who are willing to "pay" a lot to find out who they are. I appreciate that to you it may not feel like a good trade, but please have the empathy to understand that for others, it is.
You are who you are, based on the genetics you got from all of them, and importantly, all the nurture you've received and learning you've done since that moment.
Reconnecting with lost siblings is a legitimate thing one can want and which can bring closure, etc etc but definitely doesn't have anything to do with who you are.
I remember her and I both spitting into a tube in our SF apartment in San Francisco in 2012 and mailing them off.
A few years later, we look at the ancestry data and there is a big surprise (she was ~50% something that she was sure 0% before that).
Turns out her dad wasn’t her dad and she was donor conceived — this has potentially huge health implications if you don’t know this.
By some fortunate circumstance, she ultimately found the donor… and 27 (and counting) siblings! Turns out the clinic where this all went down at in the early 1980s was sketchy and lied to a whole bunch of people and misused samples.
No comments yet
The murder one is a little more nuanced but ideally it should be a legal matter where it can only be used with a warrant or your explicit single time consent and not buried in a TOS. If you don't want to help the police convict your grandma it could not legally be used.
Danish police had to reopen over 12,000 cases where DNA evidence was used and redo everything because neither the police nor the judges understood that the tests used an insufficient numbers of DNA markers to uniquely identify a person. Most of the incorrectly identified people was exactly innocent, but people went to jail over drug charges that should have been a warning or a fine.
What 23andMe did was try and build a startup around this with the intention of monetising that data in other ways later. That’s why it was so cheap that people gave them away for Xmas. Had this just been a private data base of people and connections, it would have cost many times more to get the test.
Nothing has gone wrong, except for those who handed over DNA.
Your DNA is not something that you can 100% keep from others.
As for government collecting samples from the environment, they (researchers funded by the government) already do that- it was used in COVID and many other places.
The minion is really quite limited- it's a convenient tool to have in the field, but nearly everybody who is doing serious sequencing is using larger, more expensive desktop machines in a lab.
Reality is always so much more extreme than the conspiracies. Conspiracy theorists lack the minds to imagine half this stuff.
> Also, that's not your real Dad
Yeah, that part was less fun
Like, it’s so common that I’m not even shocked to hear others with this experience.
As it turns out, there were a lot of sketchy clinics preying upon desperate parents in the early 1980s.
No one was expecting that once she had the data she'd divorce him and go full Marissa Mayer.
But meet your new Big Brother!
Fuck me right?
Only you can decide if it's worth it. I hope it was for you.
Ironically no, because all I got out of it at best was at best your list of pros. I already knew I was likely a european mongrel because i'm white as snow, so largely useless sadly.
I don't think so. They probably automatically determine how closely related all their customers are, so it just takes one of your (possibly distant) relatives putting in enough family tree.
A normal "small business" doing this could run with 3 software gals, 2 genetics guys, and a CEO that handles finances and management responsibilities. A "small lifestyle business" like that could make an okay profit for all involved.
A startup, however, took $XXMM in VC funding, which included strong encouragement that "you have to hire this many people, we want at least 10x growth".
Once you hire a team of 30 people to manage your servers and a team of 180 software engineers to write your webpage, it's super hard to scale back down to a scrappy 3-5 person software team.
Wonder what happens to the treasure trove of data they have collected though. Hopefully the data is just 'sudo rm -rf —-no-preserve-root' and not included as part of bankruptcy proceedings.
How do I explain that I don't want my DNA analysed and sold around to all sorts of companies?
10-15 years ago she wouldn't have predicted trump, what can't she predict about 10-15 years or more from now?
[0]: data can't be erased but can be leaked.
Honestly you can't. I've come to realise that unless someone personally is hurt from the lose of private information, then there's no way to convince to the risks.
People either comes down on the side of privacy and caution, or they completely fail to see if issue and believe that the risks are vastly overblown. Very rarely do you see anyone go from the latter to the first, unless they suffer personally.
I'm certain i read about it from HN but i can't find any reference to that new anymore.
it's not just for you, but for anyone related to you - this database is hugely dangerous thing to have exist, and always has been, but at least notionally was a semi-serious medical business, but is now going to be sold for scrap in an extremely poisonous environment in the US.
Even if you have never used 23andMe several people you are related to already have so they have a partial genetic profile of you.
People who do the right thing are usually satisfied by the time they hit only 50 million.
Are we back to feudalism?
I suppose that I'm fortunate to live in an area covered by GDPR and fairly strong medical data regulations.
That's what we would do if we were billionaires.
And that's precisely why we're not billionaires.
I'm happy with my choices, though. They're merely confident and callous, but happiness will ever elude them.