PHOENIX — DNA test services are becoming a popular way to gain clues about your family history and health. But you may not realize who has access to your genetic data.
Valley attorney John Wittwer with the Cavanagh Law Firm deals with cases involving privacy and cyber security.
He said the data gathered by these online services can be a "minefield" or "goldmine" depending on one's intentions.
"These are truly your crown jewels of identifying who you are as a person," he told ABC15. "People need to be aware that it's not just the site that you're sharing with [that has access] but potentially their business partners that you may or may not know about."
If users opt-in, typically through a check-box when signing up or viewing results, the services may sell anonymous data to third-party companies.
According to 23andMe's website, the company may share "de-identified individual-level genetic & self-reported information" with researchers, including academic institutions and pharmaceutical companies.
Last year, 23andMe formed an exclusive, four-year partnership with pharmaceutical giant GlaxoSmithKline. Ancestry DNA and other services have similar disclosures and partnerships.
On 23andMe's "Research Consent Document," the company admits "there is a very small chance that someone with access to the research data or results could expose personal information about you."
Still, another and perhaps even larger threat to your privacy, according to Wittwer, are hackers. Last year, a breach of testing service MyHeritage exposed emails and passwords of more than 90-million customers.