Take an online DNA test and you could be revealing far more than you realise

January 13, 2016 by Andelka Phillips, University Of Oxford, The Conversation
Credit: Shutterstock

Getting your DNA sequenced is now so cheap and easy that you don't need to see a medical professional. A variety of online companies are offering direct-to-consumer (DTC) genetic tests for health or recreational purposes. These tests claim to detect a wide range of characteristics, from the risk of diseases such as breast cancer or Alzheimer's or other conditions such as baldness, to specific talentsor even romantic compatibility. But when you purchase one of these tests there's a good chance you don't know everything you've agreed to.

The DTC industry is new, growing and largely unregulated. As with many online companies, firms rely on contracts to govern relations with their customers. Contracts are everywhere online, appearing as terms and conditions that you agree to with a click of a button or even just by browsing a website – and so they are known as clickwrap or browsewrap contracts.

Whether logging into Facebook or downloading a film, you've probably "signed" one of these contracts, perhaps without even realising. But do you have any idea what you have agreed to? Avoiding the internet completely is now practically impossible for most of us, yet the content of the contracts we enter into is to a large extent unknown. After all, who has the time to read all these documents, which can be many tens of pages long? Amazon's and iTunes' contracts are longer than Hamlet and Macbeth respectively. Even if the contracts are displayed clearly on a website you may not notice them.

It's the same when you purchase a DNA test online. DTC contracts and privacy policies often resemble those of large internet firms, using standard terms that are not tailored to the services they offer. Under UK and EU regulations, some of these contracts may even qualify as containing unfair terms.

Genetic codes. Credit: Shutterstock

Serious privacy risks

Having read and reviewed 71 contracts of DTC companies that provide health tests in the course of my doctoral research, I believe consumers need to be more aware of what they are getting into. Aside from the dubious reliability of some of the claims made by some companies, online genetic testing raises serious privacy and information security issues. When DNA is sequenced and stored, it can serve as a unique way to identify you, and potentially your (known and unknown) relatives.

Your DNA could reveal things that could significantly affect your lifestyle and that you may not want others to know. This could include your potential risks for diseases such as Alzheimer's, cancer and diabetes, or other traits such as how likely you are to become addicted to different substances. In fact, as genomic science is progressing so rapidly, we don't yet know the limits of what your DNA might reveal.

We also increasingly use biometric data in security systems, and your sequenced DNA might one day be used in this context. If your genetic code was linked to your bank account you might not want this stored insecurely or shared widely without safeguards. You can change a password, but you cannot change your genetic sequence in the same way.

At the same time, industry doesn't have a great track record in using and storing sensitive information. Yet companies often acquire significant through their contracts. By entering into these contracts, you will often be effectively relinquishing some of your rights to your DNA sample and sequenced data.

Who can access your data?

So you need to know how companies store your data, how long they store it for, who has access to it, who they will share it with, and what purposes they will use it for. It could be sold on to third party companies for marketing purposes, allowing them to target you based on the highly personal information contained in your DNA.

There are also the questions of what happens if the company is sold or dissolved, or if its servers are hacked and the data stolen? And what happens if you change your mind and want your information deleted? Imagine that in a moment of doubt you purchased a test for infidelity or paternity. You may object to your child's DNA being stored indefinitely so you would need to know for how long the sequenced data will be kept.

Worse still, reading the contract in full may not actually protect you. It is common to include clauses allowing the company to alter terms at any time, often without notice to you. This means that even if the contract seemed acceptable when you clicked "I agree", they could later use your data in ways you might not like. This could even mean sharing it with marketing companies, your employer, your insurer or with law enforcement.

While you may not think you have time, you really should be reading the small print if you're thinking about genetic testing. And given the nature of these services, we really need more effective regulation to protect consumers. I hope that contracts will be improved in the future, but we need to be more aware of terms and conditions online, not just in the DTC context, but in everything we do.

Explore further: USDA awards contracts to two companies for bird flu vaccines

Related Stories

How an end to phone discounts will help customers

January 1, 2016

AT&T will no longer offer discounted phones with two-year contracts starting Jan. 8. Before you rush out to beat the deadline, consider that you might be better off paying full price for the phone.

Uncloaking the secrecy behind large-scale land deals

December 18, 2015

Large-scale investments in agriculture and forestry have far-reaching implications for the lives of affected individuals and communities. They are also an integral part of efforts by national governments to implement the ...

London calling: phone biometrics should be handled with care

December 1, 2014

Current and future uses of biometric data and technologies have been under review in the UK, with the British Parliament hearing views from security experts. Biometric technology identifies individuals automatically by using ...

Swiss govt tightens tech security over NSA spying

February 5, 2014

The Swiss government has ordered tighter security for its own computer and telephone systems that could block foreign companies from key technology and communications contracts.

Recommended for you

Ten months in the air without landing

October 27, 2016

Common swifts are known for their impressive aerial abilities, capturing food and nest material while in flight. Now, by attaching data loggers to the birds, researchers reporting in the Cell Press journal Current Biology ...


Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.