The direct-to-consumer genetic testing company 23andMe was widely discussed in the news recently after it announced it would resume providing health information to customers. Less widely reported was another important announcement: for what appears to be the first time, 23andMe has released a public report about the number of requests it has received from law enforcement seeking its customers’ genetic information. According to the Transparency Report, 23andMe has received four requests for user data from law enforcement, with five different affected users.
Although 23andMe has thus far successfully fought off all of the law enforcement requests for its users’ data, there has long been concern about the potential release of 23andMe’s customers’ information to law enforcement. The 23andMe Privacy Statement states, “23andMe will preserve and disclose any and all information to law enforcement agencies” when it believes it is required to do so. Even though 23andMe has not yet disclosed any of its users’ information, the day may soon come when it is required to do so. That disclosure could have significant impacts for not only users who consented to the use of their data, but for users’ families, who may be implicated through familial DNA searches.