Your Spit Is Not Your Own: The Clandestine Reality Of DNA Privacy
Kimberly Scott / February 13, 2026

Your Spit Is Not Your Own: The Clandestine Reality Of DNA Privacy

My cousin Linda - who once spent four hundred dollars on a psychic to communicate with a deceased tabby cat - decided last Christmas that our entire family needed to spit into plastic tubes. (I am still not sure what the cat said, but I am fairly certain it involved more expensive canned tuna.) My sister-in-law Sarah (who possesses the unique ability to worry about a hangnail until it becomes a tragedy) decided last December that she simply had to know if her chromosomes harbored any unpleasant hereditary surprises. She was hunting for clarity (which is a fine way to spend a Tuesday), yet she totally missed the fact that she was signing off on a massive, permanent transfer of her biological secrets that she can never, ever take back. We are not descended from royalty. We are mostly descended from people who were very good at avoiding taxes in various parts of Western Europe. It is permanent. It is messy. And frankly, it is a bit of a disaster. (I have seen Linda lose her car keys in a locked house, yet she is trusting a massive corporation with the literal blueprint of her existence.)

The Twenty-Six Million Person Buffet

The scale of this biological collection is staggering. According to a 2023 report from the American Medical Association, more than twenty-six million individuals have voluntarily tossed their genetic blueprints into these corporate buckets.¹ That is a lot of saliva. (Imagine the size of the bucket required to hold all that spit; actually, do not imagine that, it is quite revolting.) The actual state of your genetic privacy is a chaotic mess that looks nothing like those heartwarming, soft-focus television commercials. These companies are not just genealogy enthusiasts. They are data brokers. Research from the Journal of Law and the Biosciences indicates that many of these firms reserve the right to hand over your "de-identified" data to third parties, including pharmaceutical giants and massive research institutions.² I checked. They are not doing this out of the goodness of their hearts. (I have made expensive mistakes in my time, but giving away my DNA for the price of a fancy steak dinner is a new level of fiscal irresponsibility.)

What is even more concerning is that "de-identified" does not mean "anonymous." It is a linguistic trick. My friend Bob, who is a software engineer and refuses to own a smart speaker, tells me that re-identifying data is remarkably easy for anyone with a decent algorithm and a bit of time. If a company sells your "anonymous" data to a research lab, that lab can often trace it back to you using public records. It is not just a risk. It is a mathematical certainty. You are essentially paying a company sixty dollars to let them sell your most intimate secrets to the highest bidder. That is the point.

Why This Matters For Women Specifically

There is a specific, rather unpleasant burden placed upon women in this clandestine data market. This biological information is exceptionally prized by corporations, particularly when it touches on the sensitive details of female health such as fertility, how your hormones behave, and those inherited risks. (It is like having your medical history broadcast on a billboard, but the billboard is invisible and everyone else is getting paid for it.) Consider my neighbor Diane (who once tried to return a half-eaten sandwich to the deli) who used one of these kits to check her risk for osteoporosis. She did not realize that the data harvested from her saliva could be used to build a billion-dollar drug without her ever seeing a single cent of that sweet, sweet corporate payment. (Diane is still waiting for her results, but the pharmaceutical companies are likely already taking notes.)

Furthermore, the fallout for women is specifically sharp and immediate. Information concerning your reproductive health and genetic leanings is about as sensitive as it gets. (I am not being dramatic; I am being honest.) This is not just a minor concern. It is a biological footprint that you cannot erase with a strong password or a new credit card. Once it is out there, it stays out there. Forever. It is a profound level of connectivity that I find both strangely beautiful and absolutely terrifying. If you are pregnant or planning to be, that data becomes a predictor for a person who does not even exist yet. You are signing away the privacy of your unborn children before they have even had their first diaper change. It is a heavy thought. It should be.

The Insurance Sieve

Here is the part that actually makes me want to scream into a pillow. You probably think you are protected. You are not. (Well, you are partially protected, but in the way a screen door protects you from a hurricane.) While the Genetic Information Nondiscrimination Act prevents health insurers from using your DNA as a weapon against you, that legal shield is useless when it comes to life insurance, disability coverage, or long-term care.⁵ I am serious. Read that again. (Ponder the sheer idiocy of being rejected for elder care because you spent fifty dollars to learn that you are five percent Scandinavian.) I am six percent Scandinavian, and I can tell you right now, it is not worth the risk of losing my insurance coverage.

It is a level of connectivity that is both beautiful and terrifying. My neighbor Gary - who thinks the government is tracking him through his toaster - actually has a point this time. (Though I still think his toaster is perfectly innocent.) Furthermore, if you happen to work for a tiny company with fewer than fifteen employees, those employment protections might not even apply to you. That is a massive hole in the safety net. It is not just a pitfall; it is a canyon. It is a safety net with holes large enough to drive a pharmaceutical truck through. You are basically walking a tightrope over a pit of hungry lawyers, and the rope is made of dental floss. It is not enough. Not even close.

Myth vs. Fact

Myth: De-identified DNA data is completely anonymous and cannot be traced back to me.

Fact: A study in the journal Science found that researchers could identify nearly 60 percent of Americans of European descent using only a DNA database and basic genealogical records.⁴

The Genetic Panopticon

We must also discuss the investigative aspect of this industry. You have likely seen the headlines about cold cases being solved decades later because a distant relative uploaded their spit to a website. While catching criminals is objectively good, the collateral damage is that we have all been entered into a permanent digital lineup. It is a potent tool for law enforcement, certainly, but it also means your biological blueprint is now part of a permanent digital lineup.⁴ (I am genuinely waiting for the day when my own DNA sends me a cease-and-desist order regarding my poor dietary choices.) This is not a choice you make for yourself; it is a choice your second cousin twice-removed makes for you.

According to the Federal Trade Commission in 2020, consumers should be extremely wary of the privacy implications before licking that envelope. These are the massive red flags that ought to make you hesitate before you ever lick that envelope.³ We absolutely must demand higher standards from these firms that claim they are merely helping us "discover ourselves." It is a remarkably high bar to set, but when the stakes involve your literal biological identity, "good enough" is an insult. We deserve to be the sole owners of our physical stories, from the very first chromosome to the absolute last. This is not just about you. It is about everyone you are related to. (My sister Sarah, for example, is probably thrilled that my genetic data is now floating around in a cloud owned by a company that might not exist in ten years.)

The Path Forward: How To Protect Your Biological Future

If you have already mailed your spit to a lab in some suburban office park, please do not start hyperventilating just yet. (Panicking rarely helps, and it usually makes your heart rate monitor go off, which is just more data for someone to collect.) It has already happened. You cannot unspeak the words, and you cannot unspit the spit. But you can change how you interact with these platforms moving forward. Go into your settings. Delete your data. Request that your physical sample be destroyed. If you do not want your biological material sitting in a corporate freezer until the end of time, you must explicitly demand that the lab incinerate the sample once the sequencing is done. This is a critical step that almost everyone misses because they are too excited to find out if they are related to a Duke. (They are not.)

You must hunt for phrases like "third-party sharing," "research partners," or "perpetual license" in that mountain of legalese. You must be the bureaucratic nightmare you wish to see in the world. Call them. Email them. Demand to know who has seen your sequences. It is your biology. It is your story. Do not let a corporation write the final chapter without your permission. (And tell your cousin Linda to keep her plastic tubes to herself next year.) You should take charge of your genetic legacy by making sure you are the most informed person in the room (or at least the most skeptical). If you choose to go forward with the test, do it with your eyes wide open and your privacy settings cranked up to the maximum. The specific data that makes you "you" is the most precious thing you will ever own. Your future self (and your kids, who never asked for this) will thank you for being the one who actually bothered to read the fine print.

Pro Tip

Before you upload your DNA, download the company's full privacy policy and use a search tool to find the word "transfer" or "sale." If they reserve the right to transfer assets in the event of a merger, your data could end up anywhere.

Frequently Asked Questions (That You Probably Should Have Asked Sooner)

❓ What actually happens to my spit once the test is finished?

In many cases, the laboratory retains your physical sample for years unless you specifically ask them to incinerate it. They claim this is for "future testing" or "verification," but it also means they have a physical backup of your genetic code. If you do not want your biological material sitting in a corporate freezer until the end of time, you must explicitly demand that the lab incinerate the sample once the sequencing is done. This is a critical step that almost everyone misses because they are too excited to find out if they are related to a Duke. It is a vital step that is often buried in the menus.

❓ Is it possible for my boss or my health insurance company to see these results?

The Genetic Information Nondiscrimination Act (GINA) offers some protection by making it illegal for most employers and health insurers to use your DNA as a weapon against you.⁵ However, GINA is completely silent when it comes to life, disability, or long-term care insurance. Furthermore, if you happen to work for a tiny company with fewer than fifteen employees, those employment protections might not even apply to you. It is a safety net with holes large enough to drive a pharmaceutical truck through.

❓ Can I ever truly delete my genetic data once it is out there?

This is the part where things get messy, because "deletion" is a very slippery word in the digital world. While you can certainly close your account, any data that has already been handed to research partners or tossed into a massive dataset is basically impossible to claw back. Think of it like a regrettable photo you posted on social media; even if you delete it, if someone else already saved it, that image lives on forever. The smartest move is to be incredibly picky about what you choose to share in the first place.

❓ Why are tests for women specifically labeled as a higher privacy risk?

The data from these tests is incredibly detailed and touches on things like your fertility, your hormone levels, and your risk for specific cancers. This information is a goldmine for pharmaceutical companies looking to target specific demographics for drug trials or marketing. Because women often undergo more genetic screening for reproductive purposes, they generate a larger and more valuable trail of biological data that can be exploited.

❓ Are there any international laws that protect my DNA better than U.S. law?

The GDPR in Europe provides much stronger protections regarding how data can be used and the "right to be forgotten." However, if you are a citizen of the United States using a company based in the United States, those European protections will not help you much. It is a sobering thought that I hope makes you hesitate the next time a "buy one, get one" offer for a DNA kit pops up in your social media feed. The temptation to unlock your biological secrets is powerful, I know, but it carries an invisible price tag that your grandchildren might end up paying.

References

  • American Medical Association (2023). The Expansion of Direct-to-Consumer Genetic Testing and Clinical Implications. AMA Journal of Ethics.¹
  • Oxford University Press (2021). Privacy Policies of Direct-to-Consumer Genetic Testing Companies. Journal of Law and the Biosciences.²
  • Federal Trade Commission (2020). DNA Test Kits: Consider the Privacy Implications. FTC Consumer Advice.³
  • Erlich et al. (2018). Identity inference of genomic data using consumer genealogy databases. Science.⁴
  • National Human Genome Research Institute (2022). Genetic Information Nondiscrimination Act of 2008 (GINA).⁵

    • Disclaimer: This article is for informational purposes only and does not constitute professional advice. Genetic privacy laws vary by jurisdiction and are subject to change. Genetic testing has significant implications for your privacy and future insurance eligibility. You should consult with a qualified professional, a privacy expert, or a genetic counselor before making decisions regarding your genetic data or insurance coverage.

    Prev Post
    Next Post
    Womens BioEthics

    Lifestyle magazine - Womens BioEthics

    Recent post

    The Coldest Storage: Why I Am Terrified of the Embryo Limbo

    The Coldest Storage: Why I Am Terrified of the Embryo Limbo

    March 2, 2026
    Why Your Ovaries Are Now Proprietary Corporate Data

    Why Your Ovaries Are Now Proprietary Corporate Data

    March 1, 2026
    The Invisible Tax of Being the Office Adult

    The Invisible Tax of Being the Office Adult

    March 1, 2026

    Useful links

    Copyright © 2026 Womens BioEthics. All Rights Reserved.