23andMe, the genetic testing company, has filed for Chapter 11 bankruptcy, raising concerns among privacy advocates and regulators. The company intends to sell its assets as part of the reorganization process and has announced that CEO Anne Wojcicki is stepping down. Joe Selsavage, the company’s CFO, will act as interim CEO during the bankruptcy proceedings. 23andMe has been struggling financially, with declining interest in its at-home DNA tests and a massive data breach in 2023 that exposed over six million customers’ genetic data.
The company emphasized that it will maintain its policies regarding customer data management, but there are concerns about the future of users’ genetic information.
Legal experts have warned that 23andMe’s valuable data could fall into the wrong hands, especially with the sale of the company. Privacy advocates have raised alarms that the sale could lead to the misuse of sensitive genetic data, which is not protected by HIPAA. The company’s privacy policy states that data may be accessed, sold, or transferred in the event of a bankruptcy, acquisition, or sale.
California’s Attorney General has urged customers to delete their data to protect themselves from potential misuse.
The company has provided instructions on how customers can remove their data and revoke consent for research. Despite these assurances, privacy experts remain concerned about the security of 23andMe’s data, given the lack of federal privacy laws protecting genetic information. Experts also worry about the potential for law enforcement to gain access to genetic data from the company’s database.
23andMe’s financial troubles worsened following a significant data breach in 2023, which exposed the personal data of millions of customers. In response to lawsuits, 23andMe agreed to pay $30 million in a class-action settlement over the breach. However, the company has faced criticism for its amended terms of use, which make it more difficult for customers to take legal action. As 23andMe prepares to sell its assets, the future of its customer data remains uncertain.
Reference:
