How to use 23andMe without violating your genetic privacy


Written by:

genetic privacy

This article was originally published on VentureBeat.

If you’re like me, the idea of knowing what’s in your genetic profile is both fascinating and scary. Everything from your ancestry to your likelihood of getting Alzheimer’s to how quickly your body processes caffeine is in your genes, just waiting to be uncovered. And the company 23andMe can do just that with only a sample of your spit.

It’s the stuff of science fiction (watched Gattaca recently?), but it’s already here. That’s why I wanted to try out 23andMe as soon as I heard about it…but waited until I had the privacy tools to pull it off pseudonymously.

Let me explain why I didn’t want 23andMe to know who I was. First, there’s the obvious. I admit I care deeply about privacy, but even if you don’t, you have to admit there’s something unsettling about a massive company–and potentially the government–knowing your entire genetic code, especially if you don’t yet know what it contains.

You’ve probably caught at least some of the NSA news this summer. One big takeaway from the surveillance revelations is that private companies have to turn over customer information when the government asks. Customer information is whatever the company collects about you: emails, phone calls…and yes, even your genetic code.  

That’s why today’s prevailing big data business model (“let’s collect every byte of consumer data we can and figure out how to sell it later”) is fundamentally incompatible with privacy. And let’s not forget that Google, one of the biggest suppliers of data to the NSA and a PRISM company, is a lead investor in 23andMe. Note that some companies, like where I work at Abine, minimize that problem by either not collecting data at all, or encrypting data so it looks like nonsense to anyone looking at it without the password.

23andMe collects a whole lot of deeply personal information, the kind of stuff that not just marketers, but also insurers, doctors, potential dates, employers, and arch-nemeses would love to get their hands on. They have key parts of your genome (the sequence of nucleotides that make up your DNA), your browsing activity on their site, the information you provide when registering (like email and name), sex, date of birth, credit card number, the results of any health or behavior-related quizzes on their site (which can include disease conditions, ethnicity, and other health info), and more.genetic privacy

Not only do they collect a lot of personal information, but they share it in five broad situations…including with law enforcement (“Personal Information may be subject to disclosure pursuant to judicial or other government subpoenas, warrants, or orders, or in coordination with regulatory authorities.”)genetic privacy

That’s right: if the NSA comes knocking at 23andMe and wants your genetic code, they’re getting it. There’s a privacy exception–an NIH Confidentiality Certificate–if you’ve opted to participate in 23andMe’s IRB-approved research, but it’s sort of a catch-22: either share your info with the private sector (23andMe and their affiliates) and get more privacy protection from the government, or don’t share your info with the private sector but get less protection from the government.

Even though they offer you during the signup process to destroy your saliva sample, the company still has the digital record of your genome. They also aren’t clear about whether you can ever delete it from their servers: they say you can delete your account by emailing customer support, but also say that they’ll “preserve and disclose any and all Personal Information to law enforcement agencies or others if required to do so by law or in the good faith belief that such preservation or disclosure is reasonably necessary.” They also say they’ll tell you if law enforcement asked for your sample…unless they’re under a gag order, which we now know is pretty common for the NSA.

Let’s summarize: 23andMe has a ton of data about you and they share it in various cases.

Now here’s my strategy for getting my results pseudonymously. Note that the company still gets my genetic code, but they don’t know it’s mine, that it belongs to me specifically and is tied to my name and other data that could be used to link it to me.

First, any time I went to 23andme’s site, I used a few privacy tools, including a Virtual Private Network (VPN) service. I used Private Wifi, but there are lots of good options out there. This VPN service lets you choose the secure server through which to run your web traffic; I chose Virginia. That also makes me IP address appear as though I’m in Virginia, although I’m actually in Boston.

private wifi VPN

Then I opened a new Firefox window in Private Browsing mode while running DoNotTrackMe, a tracker-blocker, and MaskMe, an add-on that creates aliases of your contact and payment information, and went to 23andMe’s website (full disclosure: Abine makes both of these tools).

private browsing and add-ons

I put a kit in my shopping cart and was asked to provide a name for it, so I gave a fake one. When filling out shipping information, I re-entered the same fake name and gave Abine’s address. I was able to do this because A), I actually work there and would get the package; and B), any virtual cards created in MaskMe automatically have Abine’s address as the card’s billing address.

23andme pseudonymous checkout

I used MaskMe to create a new alias email address and auto-fill with my Masked Phone number. Both of these aliases forward to my real information, so I knew I’d still get email confirmations and phone calls.

23andme masked email

For billing, I again gave my fake name and Abine’s address, then generated a Masked Card in the amount of the testing kit. Masked Cards are like virtual prepaid credit cards, so the merchant doesn’t get your real credit card number and your bank doesn’t see where you spent it. Also, most online merchants don’t check for a match on your name when you use a credit card; they only check for billing address, credit card number, CVV, and expiration date, so you can use pseudonyms when online shopping more often than you may have realized.

23andme checkout masked cardsUsing the alias email I’d just created and MaskMe’s password generator, I made a new 23andMe account. MaskMe stored and encrypted this automatically. Because I had a unique email address and password, no person or system can identify me by cross-referencing anywhere else I’d re-used the same information, which is what happens after hacks and data breaches and in big data marketing.

Once I checked out, I went to my real, personal inbox to complete the 23andMe registration by clicking the confirmation email, which was forwarded to me from the alias email address.

A few days later, I got my testing kit, essentially a box with a spit tube in it. I had to register it, so I fired up my privacy tools again, logged into my 23andme account, and registered the kit’s bar code. They asked whether I wanted my sample to be used anonymously for their research; I said no. They asked whether I wanted my sample destroyed after testing; I said yes. However, I know the digital record of my genome is different than my saliva sample, and they’ll still have that potentially forever.

23andme spit kit

After awkwardly filling up the tube with spit in the middle of the office, I sealed it back in the box and dropped the pre-paid shipping box into a mailbox. And then…I waited.

It probably took 3 weeks for my first batch of results to come in, which I was notified about through my alias email address. With my VPN + private browsing window + DNTMe + MaskMe combo, I went back to 23andMe and logged in.

Before I could actually see my results, however, the site pestered me to fill in a lot more personal information. Again, their privacy policy says they make a profile of you that includes your answers to these voluntary questions. I had to hit “skip” probably 6 times to finally reach my results. They really push this aspect of the service, even putting a “to do” list on your home page that you see every time you log in that begs you to “complete your health profile.”

23andme optional questions

You get 2 broad categories of results: health and ancestry. Health results include health risks, drug responses, traits, and inherited conditions. For example, you could find out that you carry the BMCA mutation that causes significantly higher rates of breast cancer (when Angelina Jolie found out, she opted for a double mastectomy), that you’re likelier than most to have Bipolar Disorder, or that you’re a carrier for Cystic Fibrosis. Here are some of my decreased risks:

decreased risks

More sensitive risks, like Alzheimer’s and Parkinson’s, require you to explicitly give your consent to view them by opting in and confirming. Some health providers and insurers have policies that require you to disclose what you know about your genetic health, so staying willfully ignorant is actually a tactic to avoid disclosing things to them. Plus you never know if future laws will be enacted that affect disclosure duties.

23andme’s “traits” section is less serious than health conditions but still interesting. I learned that I’m built for sprinting (true–I was captain of my college track team) and that I have a “tendency to overeat” (also true: if it’s in front of me, I will eat it…so don’t put it in front of me).

A week or so later, I got my second, and final, set of results, which dealt with my ancestry. Without providing your father’s sample, they can only analyze your mother’s side, on which I’m 100% Eastern European. They gave me a rundown of which countries they think I’m from. Apparently I’m also 2.7% Neanderthal, which is average.

23andme country results

The end result of my experiment was that I got to find out a lot of interesting things about myself in exchange for giving 23andMe my genome. Because they don’t know it belongs to me personally, it’s of little use to them or any secret agents who come looking for it…although nothing is guaranteed, of course.

Privacy has become something we have to work for rather than something we expect by default, but I’m willing to put in the effort like I did with 23andMe for the peace of mind.

3 Replies to “How to use 23andMe without violating your genetic privacy”

  1. Andrew Schwartz says:

    I want to thank you for publishing this article…I have been a DNT+ user from the very start and was initially more shocked at all the various tracking methods used by Google! But now to learn that the Federal Government can walk into a company like 23andMe and walk out with one’s genetic profile? And for what purpose? Only to be used against you with Health Care providers, Medicare, financial institutions, automobile insurance…and the average consumer is bewildereed and in disbelief that “the” United States, which was founded under the premise of every freedom imaginable (some, “the right to bear arms,” may have been applicable back in 1776) is in fact worse than all the surveillance that went on in back in the days of the Soviet Union and the “Red Curtain.” But now it’s worse….it’s a worldwide problem! Just imagine thinking that you have freedom of speech to post anything you want that’s on your mind on Facebook, for example….frightening to think of the ramifictions of Mr. Zuckerberg’s “social network.” It would be extremely gratifying to have Facebook’s Zuckerberg forced by the Supreme Court to open all his files…all the contractual agreements made with state governments, the Federal government, Health Organizations, Medicare, etc….I believe it’s all there just by having every single folder and file and computer forced to be open for scrutiny..

    This may be out of “thinking” order but now Google is trying force their version of “MY YAHOO” on me and all “MY YAHOO” users by throwing up a splash screen every time I want to check my customized pages that I spent years setting up for news, entertainment etc….

    And based on what DNT+ alerts me to about Google’s privacy invasion tactics, I’m forced to manually go back to my original “MY YAHOO” pages….No way do I want Google opening up another door to the entertainment I enjoy, the publications I receive news feeds from, etc….

    Like you mentioned, with 23andMe’s profiling tactics…I have “fibbed” for many years knowing full well that the “we don’t need detailed health information about you, except for 3 questions.” And of course, if one is naive enough to click “Yes, I have renal failure,” or “Yes, I have HIV or Hepatitis C, etc.), that it will have an immediate effect on applications for life insurance, health insurance, banking loans, etc…..

    And as an additional safety guard, i make it a point of clearing Internet History not only from the non-Microsoft browser of my choice, but…have a shortcut on my desktop which I also run, once I realized that Internet Explorer is still alive and well in my machine … the first time I hit delete all history, passwords, autofills, etc., cookies, I could not believe that Microsoft’s IE was not only collecting the same data as my current browser, but in fact, it takes 3x the amount of time for all the “stuff” they’re collecting to be deleted.

    AOL users need to remember that they are using a version of Internet Explorer, only designed to look like their own browser; that information is all being collected by Microsoft Internet Explorer!

    Albine’s dedication to preserving “my privacy” just continues to increase 125% fold.

    I am going to post this on Facebook but be certain that the headline will not contain “23andme” in it. You use a fantastic example, and that is my responsibility after I finish to alert everyone “publicly” on FB of how all of our privacies are being monitored and the trickery used to invade my privacy.

    i have continually alerted everyone I know on Facebook….”be sure to use DNT+ and Mask Me.” And finally, as convenient as it is to login to all the sites on Facebook rather than to manually register on these sites, I strongly discourage them to follow suit.

    it’s truly amazing the number of emails I have received thanking me for this information. And some people have reported back some shocking stories … all because they never believed that Mr. Zuckerberg has simply made it even easier to collect more personal data.

    And to you Sarah and to Albine, once I again my sincere thank yous. Every day when I check out of curiousity the number of “blocks,” i’m still in shocked at the number of companies that are out there tracking my personal information….

    What a sad state of affairs knowing that my freedoms guaranteed by the “Bill of Rights” are violated are constantly ever-changing. Perhaps it is time for a new “Constitutional Convention,”

    I don’t believe John Hancock,, Thomas Jefferson, Benjamin Franklin would ever imagine the tactics that our government and the companies that are working in conjunction to bring Orwell’s “1984′ to fruition. I’m constantly amazed at men like H.G. Wells and Orwell, had the vision of being able to understand human behavior so well that they predict exactly what is happening now and in the future.

    I have just begun to use MASK ME, but you also showed me how I can even better use it. Thank you!

    With the sincerest of thank yous and gratitude…

    Andrew Schwartz

  2. Bob Smith says:

    Do you believe if I use my home address but follow the rest of your advise i.e. creating an alias that I would be potentially identified.


  3. Sean says:

    These are great suggestions to build on. Has anyone had success buying a prepaid debit card using cash and sending the 23&me kit to a friend of a friends home or distant church friends home?

Leave a Reply