Congressional Investigation into 23andMe Data Security Concerns
Mihran Maldjian
Tech Writer
March 23rd of this year marked the devastating bankruptcy of 23andMe, and with it came the risk of exposing millions of Americans’ DNA data.
23andMe is a direct-to-consumer genetic testing service that analyses customers’ DNA, primarily through saliva DNA samples, to provide health predisposition, genetic health, and ancestry information. Their analysis includes a qualitive genotyping of the DNA, and 23andMe keeps this data and safeguards it from any unwanted use or sharing. The test subjects can always control what parties have accessibility to their DNA data, and they can even delete their data if they wanted to. Many choose to keep their data with 23andMe trusting that the company will maintain their private policy and data security.
However, now that the business has filed for bankruptcy, their policy and security is being called into questioning. This comes after the revealing of 23andMe’s privacy statement saying that during bankruptcy, “Personal Information may be accessed, sold or transferred as part of that transaction and this Privacy Statement will apply to [customer] Personal Information as transferred to the new entity.” A recent ruling that 23andMe has the right to sell the medical and genetic information of its 15 million customers has also put the data of millions of customers in jeopardy.
Because of this, many customers have realized the potential release of their DNA information and have been racing to delete their data as soon as possible. The severe volume of customers rushing to delete their data has hit 23andMe’s computer systems with severe traffic causing IT difficulties. This has caused more issues for the company and customers. Customers are now having problems accessing and deleting their information due to the company’s technological problems, further causing more widespread anxiety and worry.
The alarming news of 23andMe’s complications and potential effects from bankruptcy is now bringing in national attention. On April 15th, the House Committee on Oversight and Government Reform launched an investigation into the national security and data privacy concerns of 23andMe. The investigation is being run by Chairman James Comer, who is requesting documents and information regarding the bankruptcy filing and is seeking testimony from the co-founder and board member of 23andMe, Anne Wojcicki. Comer will be inquiring about the release of customer data and possible misuse of this data from foreign parties. Only two days after the investigation started, the House Committee on Energy and Commerce also initiated an investigation concerning the company’s ability to protect the personal data of their customers. The chairmen and lawmakers demand thorough answers on how 23andMe plans to maintain security of user data during its reorganization process.
Congress’s main motivation behind these investigations is the possibility of foreign countries such as Russia, China, or other countries getting hands on 23andMe’s customer information. A foreign organization buying this bankrupt company could be a national security threat to the United States, as these countries may use the health and biological data of American citizens to compromise their security. Comer emphasizes China’s role in attempting to dominate these types of industries, which they do through legal and illegal means, and he points out China’s track record of misusing genetic data for malicious intent and personal benefit. There is no doubt that US Lawmakers will place scrutiny on potential foreign buyers for the company. Congress, investors, and Americans are now keeping an eye on the company and its every move, and with the government prepared to step in at any moment and prevent tampering of 23andMe’s customer data, people worried about the company’s actions can find some relief amongst the troubles.
Contact Mihran at mihran.maldjian@student.shu.edu