After 23andMe’s Bankruptcy: A Personal and Privacy Wake-Up Call
As a teen, I watched my mother pour her heart into uncovering our family history. With tireless passion, she made trip after trip from our Chicago suburb to Indiana, where her mother lived, asking questions, gathering documents, connecting dots. She traveled to Washington, D.C. to comb through the National Archives, south to Mississippi to explore old church records, birth and death registries, and even walked through cemeteries — one of them Native American — where many tombstones bore my grandmother's surname. Just last year, she visited the National Museum of African American History and Culture, continuing her sacred mission.
For me, a young African American girl growing up with unanswered questions about her roots, her efforts were inspiring. It gave me hope that one day, through her labor of love, I’d come to know my ancestors and understand the legacy I’ve inherited.
That’s why, like so many others, I was intrigued when genetic testing and ancestry platforms like 23andMe became widely available. They seemed to offer something our family tree research could not — a chance to fill in the blanks, to go beyond names and locations, and into the DNA that bound us across time and space. For many, these tools felt like answered prayers.
But like most answered prayers, there’s often a cost — and not the one you expect.
When DNA Dreams Meet Data Dangers
The recent bankruptcy filing of 23andMe has shaken the trust of millions of users who once eagerly submitted their saliva samples, unaware of the long-term implications. When a company files for bankruptcy, everything it owns becomes an “asset,” including user data — even genetic data. This means your most intimate biological information could be sold to creditors or third parties.
In 23andMe’s case, this includes not just your name or contact details, but your genetic blueprint — traits, health predispositions, ancestral data — and possibly data of your relatives, too.
This is no small matter. In a time when data is currency, our DNA is like gold.
The Federal Trade Commission (FTC) has weighed in, stating that any purchaser of 23andMe’s data must comply with the company’s original privacy promises. But this still leaves users in a vulnerable position, especially given the patchwork of privacy protections across the U.S. There is no overarching federal law specifically protecting genetic data from being sold or misused in bankruptcy scenarios.
How to Protect Yourself Now
If you were a 23andMe user — even if you haven’t logged in for years — here are some steps you should consider immediately:
Delete Your Data: Log into your 23andMe account, navigate to the settings, and request to permanently delete your data. Confirm the request via email.
Request DNA Sample Destruction: If 23andMe still has your physical sample, you can ask for it to be destroyed.
Withdraw from Research Consent: If you previously opted into research participation, withdraw your consent to prevent future use of your data.
Document Your Actions: Take screenshots or save emails as proof of your requests in case disputes arise later.
Some users have faced difficulty accessing the site due to high traffic. If that happens, contact their customer service directly and persist.
A Deeper Reflection on Security and Legacy
The 23andMe story is about more than corporate failure — it’s about trust, legacy, and what we’re willing to trade in the name of connection. For me, the idea of understanding where I come from has always been deeply personal. It was not about novelty, but about healing. I know I’m not alone. Across the world, people seek to know their story — to honor their ancestors, to teach their children, to feel rooted.
Despite the many differences people like to highlight, I choose to focus on what connects us. We all want to know where we come from. What legacy do our ancestors leave behind? And what are we meant to carry forward?
Yet, as we pursue these noble questions, we must also ask: at what cost? When we hand over our data, are we also giving away a piece of our power?
We must begin to see privacy and security not as abstract concepts, but as daily practices — like brushing your teeth or locking your door. It’s not just about protecting our bank accounts or emails; it’s about safeguarding the stories and the biological blueprints that define us.
What the Future Demands of Us
The 23andMe bankruptcy is a reminder that nothing digital is ever “just for fun” or “just personal.” It’s also a call for greater regulatory oversight — for governments to step up and create stronger privacy laws, especially around biometric and genetic data.
But while we push for systemic change, we also need to change our mindset. From now on, every app we download, every form we fill, every test we take, must be viewed through the lens of security and privacy.
Because our stories matter. And so does the data that tells them.