Family Ties: The Familial Privacy Implications of Direct-to-Consumer Genetic Testing
Over the last fifteen years, direct-to-consumer genetic testing has evolved from an amusing consumer service to a legitimate source of health information. Modern genetic testing services collect and interpret a vast amount of personal health information, with results ranging from an individual’s sweet versus salty taste preference to his or her genetic predisposition to develop certain diseases. However, not only do these services reveal the personal health information of the individual who provided his or her genetic sample, but it also implicitly reveals the personal health information of that individual’s genetic family members, who may share up to fifty percent of the same genetic makeup. Even anonymous genetic information is potentially retraceable to its original owner using publicly accessible genetic testing services and databases. This Article addresses the lack of protections afforded to the family members of individuals who use direct-to-consumer genetic services in the event that their personal health information is implicitly disclosed by a genetic testing service through adhesion contracts, mergers, or a data breach. This Article specifically discusses common law causes of action available to third-party family members, including intrusion upon seclusion, rights as third-party beneficiaries to a contract, negligent infliction of emotional distress, and class action suits. In addition to these common law causes of action, the federal government should also address potential third-party privacy violations resulting from the implicit disclosure of a family member’s genetic information. Specifically, direct-to-consumer genetic testing services should be regulated as a covered entity under the Health Information Portability and Accountability Act and the public disclosure of genetic information should be strictly prohibited, regardless of whether such information is considered “anonymous” or not.