Millions Trust Ancestry.com With Their Genetic Code: What Could Go Wrong?

Millions of semi-conscious consumers, most of whom were probably outraged and appalled by recent privacy scandal outbreaks involving companies like Facebook and Equifax, have been casually shipping away the most precious keys to their genetic code and helping ancestry.com compile the worlds largest DNA database. More than 5 million people have already "spit into tubes" and mailed it into ancestry.com's database, according a recent report by the Tampa Bay Times.

These 5 million people were the basis of a brand new investigative report published by the Tampa Bay Times, which detailed how ancestry.com, marketing itself as a family friendly and wholesome way to discover ones ethnicity, is actually possibly setting itself up for the largest and most complex security breach of all time.

That’s because ancestry.com is compiling a database, not just of personal information like your Social Security number or date of birth, but also of your DNA. As the report notes, your DNA is arguably the most complex and sensitive form of identification that you can have as a human being.


If Cambridge Analytica would pay top dollar to see what TV shows and books you frequent from your Facebook account, we’re guessing that ancestry.com's database could be targeted for top dollar and potentially used nefariously, if sold.

But even if the database isn’t sold, that doesn’t mean that your data is 100% going to go uncompromised. As the article notes, ancestry.com has already dealt with its share of security breaches in recent history, including a breach of 55,000 Ancestry customers and reports of the company changing the terms of its agreements with customers on the fly:

Unidentified hackers last year accessed an Ancestry website, RootsWeb, compromising the sign-ins of 55,000 Ancestry customers who had the same log-in credentials with RootsWeb. The site has since been shut down. The incident received little attention, but revealed how customers’ personal information could be accessed and exploited through Ancestry’s partnerships and acquisitions.

AncestryDNA, a subsidiary of Ancestry LLC that markets genetic testing, pledges to safeguard people’s private data. But the company has a history of changing the terms of its agreements with customers. In the most high-profile example, Ancestry in 2014 shut down MyFamily.com, a social networking site where more than 1.5 million users had posted family memories, photos and conversations. Numerous customers said they lost treasured family history because of inadequate notification from the company, which decided not to back up the data.

The company assures that the data is being held securely because when it ships to have your DNA processed by a third-party, they use barcodes instead of names. Then, not unlike the NOC list from the first Mission:Impossible movie, it matches the barcodes back up with the names once the genetic testing results are provided back to the company. From there, it delivers the results to the customer. But those results aren't just the customers; they also contain data on the customer's family.

Additionally, customers may not even understand the severity of handing over their DNA to a third party, as opposed to providing an email address or other types of less intense personal information:

Many consumers, he said, have a limited understanding of how DNA is such a unique personal identifier, even more than a fingerprint or social security number. DNA determines the color of a person’s hair and eyes, their skin color and propensity to inherited diseases - information that employers or insurers might want to obtain.

And when someone takes a DNA test, the results not only provide information about that individual, but close relatives as well, said Marcy Darnovsky, director of the Center for Genetics and Society, a biotech watchdog group based in Berkeley, Calif. "You are not just taking the test for you. You are taking it for the whole family," she said.

For this risk, consumers don't even seem to be getting a quality product/analysis in return:

Ancestry claims to beat its competitors in accurate analysis of a person’s ethnicity. But interviews with company officials reveal that Ancestry has wide gaps in its ethnic markers for Asia and other sections of the world. Outside geneticists and anthropologists say that Ancestry and other companies are making misleading claims about the accuracy of their ethnic analyses.

And the rights that consumers may ultimately be giving up could be alarming. Ancestry acknowledges the obvious in one of its disclaimers, that "that customers could face various risks if their DNA data and other personal information is made public or somehow obtained by third parties." The article notes that law enforcement and insurance companies could both theoretically have access to these DNA sample databases:

Law enforcement also has various ways to access people’s DNA data.

To make an arrest in the East Area Rapist case, Sacramento investigators created a bogus account on a open-access DNA database, GEDmatch, and then found a lucky match to DNA taken from a crime scene.

Officials for Ancestry, 23andMe and other leading DNA-testing companies say it would be impossible for law enforcement to use similar surreptitious methods to find suspects on their sites, which only allow customers to send in saliva, not DNA results from an outside testing service. But DNA-testing companies could be forced to hand over genetic data in response to a court warrant or subpoena, as they generally disclose.

...

"It may be used to identify you, and may negatively impact your ability to obtain certain types of insurance coverage, or used by law enforcement agencies to identify you if they have additional DNA data to compare to your Data," the company notes its informed consent clause, which testing companies use to shield themselves from future liability.

But you have to hand it to the marketing team at ancestry.com - they've done a tremendous job. As the article notes, it has basically convinced consumers to entertain its DNA testing services as a fun and safe way to learn about your ethnic history. Surely, you have met someone or are related to somebody who has used such a service and willingly share the results with you, excited to learn about their potential background.

However the other side to the story needs to be looked at very closely. Not only should it be alarming that ancestry.com is creating a database of people's most sensitive genetic information, but the company’s history of security breaches should leave investors cautious about who and why they willingly provide their DNA to.

All the while outrage about privacy has been the mainstream media's focus for the better part of the last couple of months. However, ancestry.com has slipped slipped through the cracks and could arguably be setting itself up to set a new standard - not only for willing invasion of privacy, but the potential for a serious identity breach on a scale of severity we have yet to see.

Comments

HerpaDerp Stuck on Zero Tue, 06/05/2018 - 15:27 Permalink

The government and industry already have everything needed to make my life miserable.

Yup this is more fake news. I found family and ancestors I never knew I had. Zerohedge likes some doom porn better than other.

For some reason people like to whinge about my dna when my smart phone keeps track of my movments, never stops listening to me as it hits me with relevent ads, and my government continues to protect itself from the public knowledge of its zionazi tyrannical warmongnering with my tax dollars and in my name as it poisons the water, food, sky, and air.

 

In reply to by Stuck on Zero

HerpaDerp CingRed Tue, 06/05/2018 - 15:43 Permalink

And what did you do with those family members and ancestors you found?  Was it worth the risk?  Do you swim in shark infested waters in order to bask in warm sea water? 

 

I found out that I am not Scottish because my grandfather changed his name, and that I am half irish and have a cousin in Norway. 

 

And what risk? Sharks attack less than 100 people a year and humans are hunting them to extinction. Crossing the street is more dangerous than shark infested waters.

 

I also have hundreds of hours diving in shark infested waters. Its called “the ocean”.

 

Go take your midol or something.

In reply to by CingRed

HerpaDerp ejmoosa Tue, 06/05/2018 - 16:05 Permalink

It is quite eye opening to learn that your family history isn't quite as it was advertised.  

Most peoples histories aren’t what they think they are. Names mean nothing. A lot of people are named after their families profession or the city they came from and have no idea where their ancestors are from.

 

I am still waiting to see if Fauxahontas is related to me, however.   I guess she never spits...

I learned I am Not closely related to any of the royal family, nor do I have nigger, arab, indian, or any other race in any concentration. I do have dna from areas that predate modern countries though. Its a very interesting study.

In reply to by ejmoosa

BrownCoat HerpaDerp Tue, 06/05/2018 - 17:11 Permalink

IF, if, if the tests are accurate.

Results are a fun conversation piece, like a coffee table book. Ever get blood work from 2 different labs? Always variations. Have fun. It's your great great grand children that will be required to submit a sample.

Suppose a DNA testing facility gets a little money on the side from law enforcement... they could drug test part of the sample.

In reply to by HerpaDerp

HerpaDerp Zerogenous_Zone Tue, 06/05/2018 - 16:02 Permalink

so...why even feel the need to even respond to anything?

I shouldnt respond because you disagree with me?

you're cozy in the status quo because you already have been conquered and are a slave to society...zionazi's be damned...since they own you

I never said I was cozy in the status quo. Just that this is a non issue.

so good for you!  but realize, you're part of the problem...

And you aren’t. You rebel you.

In reply to by Zerogenous_Zone

samsara HerpaDerp Tue, 06/05/2018 - 20:23 Permalink

Your cell phone and on line data won't cause your life and disability coverage to up, But when life insurance companies buy your DNA ala cambride/Facebook, You AND other family members see that happen. .

"Sir, you have a susceptibility to heart disease(or something else). And we have to place you on the exclude list. We cross checked your online transactions and we found; you smoke, eat a Very unhealthy diet, and are an above average drinker, and you do not have a Heath club membership. So we cannot cover you good day"

The future will be far different. And Nothing is going to rein it in. It's more valuable than gold or oil.

Real simple.

Select XYZ from DNA as a , join online data on abcKey as b , where ...

In reply to by HerpaDerp

Faeriedust Stuck on Zero Tue, 06/05/2018 - 20:22 Permalink

Except a warrant for your arrest.  Let me make it simple: ANY court or law enforcement agency IN THE WORLD can subpoena your DNA from Ancestry.com and use it to match you and any member of your family by extension against samples taken at a crime scene.  You know what else?  The accuracy of crime-lab DNA testing is about 1 in a million.  Which seems like a lot, except . . . there are 350 million people in the country.  And when law enforcement starts trolling the internet for blind samples, that means they can turn up 350 innocent people for every crime sample.

Learn to say "no".  I bet you don't even turn your phone off to save the batteries, let alone to limit tracking.  Learn.

 

In reply to by Stuck on Zero

Bigly DosZap Tue, 06/05/2018 - 15:21 Permalink

My family did 23 and me. Same diff.

Ridiculous as now they have their code. And mine to a degree even though I did not do it.

Write and call and tell them you want your sample destroyed, not kept in perpetuity to clone organs to harvest for some matched corrupt billionaire.

In reply to by DosZap

Faeriedust HerpaDerp Tue, 06/05/2018 - 20:28 Permalink

Your character is what you make it.  And while your ancestors are an important part of who and why you are what and where you are . . . the spirits honor a blind call.  You can invoke, remember, and call on their assistance whether you know their names or not, because they are within you.

Well, try to use the knowledge wisely at least.  You paid more for it than you understand.

In reply to by HerpaDerp

bowie28 HerpaDerp Tue, 06/05/2018 - 15:43 Permalink

If you see value in that and choose to use their service it's your right.

The concern most people here have is how your DNA info may be used against you at some future date, given that our gov is beyond corrupt and the big tech companies are being exposed every day as having zero respect for the privacy of their customers and being in bed with the dirtiest deep state players in our intel agencies. 

Just like people buy an Alexa and put it in their home while Amazon is hosting the CIA on their Amazon cloud service.  Is it really a stretch to assume Bezos would give CIA a backdoor into every Alexa for a nice deposit into one of his offshore accounts?

 

 

 

In reply to by HerpaDerp

Chupacabra-322 bowie28 Tue, 06/05/2018 - 16:38 Permalink

@ Bowie,

“The concern most people here have is how your DNA info may be used against you at some future date,.....”

Exactly.  And, it should be Chilling to those familiar with what “Parallel Construction” is.

If the statements below are correct a lot of people have gone to jail using illegal evidence and parallel construction. I would guess many defense attorneys would like to know more about type of behavior and how to stop it.

 

"Question: And is that what Snowden was complaining about?"

 

"William Binney: Yes. Now, it even gets worse, because once NSA has all this data, they have to have a customer for it, and it's now turned out to be law enforcement... It's the FBI and DEA and they're going directly into these databases and querying them and looking for criminal activity and then they use this data to go arrest people... when they do that, they can't take it into court, because it wasn't acquired with a warrant, so it's not admissible in court. And, these are the rules for the-- this is the-- in the DEA is this SOD, or the "Special Operations Division". It's specifically tasked to look at NSA data for criminal activity. In the SOD is FBI, CIA, DEA, of course, DHS and the IRS."

 

[IRS involvement in spying and harassment]

 

"Question: Is that just your hypothesis?"

 

"William Binney: The only key point I have is the-- I can't remember her name, but I have it at home. She was testifying to the House Judiciary Committee. This was one of the people targeted by the IRS. And she mentioned some of the questions they were asking, she said, "They asked me a question about-- what's my relationship with this specific other person?" ...my question now is (not what her relationship is) but how did the IRS know that she had it? The only way they [IRS] would know is looking right into SOD at the graphing in NSA. They would know that from that."

 

[Parallel criminal case reconstruction]

 

"William Binney: ...they participate in the parallel reconstruction... when you [Law enforcement] can't use the data, you [Law enforcement] have to go out and do a parallel construction, means you use what you would normally consider to be investigative techniques, go find the data. You have a little hint... NSA is telling you where the data is, it makes you look really good. If you have it quickly. So then you can justify, taking it into court and use that in court...I call that perjury... I call this a 'Planned Program Perjury Policy' run by the Department of Justice of the United States... it's not just affecting our democracy, it's subverting our entire court system. It's not only subverting ours, it's subverting everybody's in the world that has a relationship with the FBI or the DEA. So this is infecting entire democracies, all of the world."

 

[USA has better domestic spy system than the Russians]

 

"William Binney: ...they've [NSA] started-- they've instituted a Stasi type system. Where workers in NSA are to look at and watch, "See something, say something" on other employees. So this is Stasi... I refer to N-S-A as the 'New Stasi Agency'... I... reference Wolfgang Schmidt, who used to be a lieutenant colonel in the East German Stasi, he commented on the NSA's surveillance program. He said, "For us, this would have been a dream come true." And the reason they're saying it... this is straight out of the KGB, like Gestapo, SS, Stasi playbook."

 

"Question: So the Russians have the same program?"

 

"William Binney: No, we do much better than they did."

 

And Binney notes: "NSA knows that.. I mean, NSA gets five billion records of GPS data on cell phones every day, so according to the Snowden material."

[That is a lot personal information gathered per day!]

 

https://theintercept.com/2018/01/09/dark-side-fbi-dea-illegal-searches-secret-evidence/

 

Coincidentally, the owner of the Post also has a major stake in letting Mueller do his work to preserve America’s surveillance and spying complex. In 2013, the same year that Amazon founder and CEO Jeff Bezos bought the paper that broke Watergate for $250 million, Amazon Web Services landed a $600 million deal with the US intelligence community. According to a 2017 Washington Post story, AWS created a “cloud storage service designed to handle classified information for U.S. spy agencies,” including the CIA. The cloud technology  was to “usher in a new era of cooperation and coordination, allowing agencies to share information and services much more easily.”

 

And now some intelligence and data experts believe that the CIA cloud is how the Obama administration could have minimized its trail after unmasking US persons. “The NSA database, with its large and ongoing collection of electronic communications, can be accessed through the NSA’s cloud,” says one former senior intelligence official. The NSA can audit it and find out if analysts are violating rules. The NSA does not audit the CIA’s cloud, which is audited by the CIA’s IT people and Amazon Web Services employees who are given security clearances. Says the former official: “There are people in the CIA, the Office of the Director of National Intelligence, and the National Security Council staff who can move information from the NSA cloud into the CIA cloud. That seems the likeliest scenario to explain how Obama officials first unmasked US persons and then shared information without leaving a trail that could be audited independently, or immediately, at every step. Since unmasking, by itself, is authorized for lawful purposes, it’s the processing and sharing, as with Susan Rice’s spreadsheets, that tell us if the information was being misused.”

Presumably, the owner of Amazon is not eager to have Amazon customers see that the company with their credit card data and buying and viewing habits on file may have facilitated the US government’s spying on American citizens to advance a campaign of political warfare.

 

Mueller’s assembled constituents—from spies to political operatives, and from the press to big data/big business—must look something like what some on the left as well as the right have called the “Deep State,” a sinister-sounding phrase conjuring up dark images of cutthroat Turkish paramilitary operatives. But that’s not really what happened here—even the top spooks involved in Russiagate, like former CIA director John Brennan, have spent most of their careers inside Washington mastering nothing darker than the bureaucratic arts of ass-covering and blame-mongering.

 

http://www.tabletmag.com/scroll/257335/robert-muellers-beltway-cover-up

In reply to by bowie28