How To Protect Your Privacy When Taking an At-Home DNA Test

Michelle Leonard
How the Top DNA Testing Kits Protect Your Privacy
Direct to consumer DNA testing has exploded in popularity in recent years with up to 35 million people now having tested across different platforms. The emergence of this kind of DNA testing has transformed the world of genealogy and allowed many previously unsolvable mysteries, ranging from adoptions and unknown parentage cases to identification of does and serious crimes, to be solved.

If you’re taking an at-home DNA test, you should always think very carefully before choosing to do so, however, and privacy is one of the most commonly cited concerns by those who are weighing up whether or not to test.  

This article will cover some of the main privacy issues and provide a practical guide to the privacy settings available at the main testing companies. 

As a professional genealogist and DNA detective I love DNA testing and am always hoping for more people to test in order to further both my personal and professional genealogical goals, but I’m very aware that individuals will have absolutely valid concerns about testing and it’s not the right course of action for everybody.  Some legitimate concerns people have include:

  • health insurance companies accessing their results
  • how law enforcement use the databases
  • genetic data being shared with third parties
  • shock results
  • matches identifying and contacting them
  • general concerns about the privacy of their tests and what may happen in the future  

All of these concerns are valid and should not be belittled, but at the end of the day testing is a very singular pursuit and each individual must decide for themselves whether they are comfortable with the testing processes at their chosen company.  

These are all complex issues and I would strongly encourage anyone with any concerns to do their own research on whatever aspects concern them but just to cover a few basics: GINA (the Genetic Information Non-discrimination Act) should prevent health insurance access of consumer DNA tests although it is best to check its scope for your specific employment situation; law enforcement access is currently limited to FTDNA and the third party website GEDMatch (who both have opt-outs) although there is always a chance the other main companies will receive subpoenas which they have all said they would challenge; third party access to your DNA requires your consent at each of the testing companies; you can opt out of matching databases if you choose and there are options you can select in order to maximise the privacy of your tests although I will cover a major caveat to these at the end of this article.

Test With A Major Company

The first and most important step to take is to make sure you test with one of the major reputable testing companies.  Ancestry, 23andMe, MyHeritage and FamilyTreeDNA are the 4 major companies with large databases.  They all provide detailed terms and conditions and privacy policies which you should read and make sure you are comfortable with before taking the plunge.  We are all guilty of happy clicking past T&Cs at times but if you are concerned about privacy issues in relation to DNA testing don’t scroll past the T&Cs and privacy policies of the DNA testing companies: make sure you actually read them so you can make a fully informed decision about testing.  

Sharing of Data with Third Parties

Some companies share anonymised DNA data with third parties such as universities, research institutions and private pharmaceutical companies to aid in medical research and the development of new treatments.  You can choose whether or not you wish to opt into any research projects when you first test and even if you decide you do at that point you can choose to later opt out.  Be aware that any data used in projects while you have been opted in cannot be unshared but you would be omitted from future research.  If you are in any doubt as to whether you should participate in research, simply opt out from the start when you test.

So what practical steps can you take to protect your privacy at the different sites? There are several important facets to consider such as whether you wish to opt into DNA matching, research projects and the sharing of ethnicity estimates.  

Here’s a look at each of the 4 major companies with a deep dive into their privacy settings:

Ancestry

In July 2017 Ancestry made a big change for privacy reasons and instituted a system whereby each new tester has to have their own account.  Prior to that point it was possible to activate multiple tests on one account.  If you bought tests in the early years, you may have some of these older tests that are listed simply under initials with a manager’s name.  Whether you have these older kits or newer ones with their own account, however, each test at Ancestry has its own individual settings page on which you can choose your privacy settings per kit.  

When you take an autosomal DNA test you receive both an ethnicity estimate and a DNA Match list and you have to decide how much of this information you wish to share with your matches: these are the other people who have tested with the same company and match your DNA at some level.  

Firstly go to your DNA homepage and then click on “Settings” in the top right-hand corner of the page and then scroll down to the “Privacy” section.  From there, in “Display Preferences”, you can choose whether or not you wish to participate in the matching database, how much of your ethnicity estimate you wish to share and what name you would like displayed to your matches if you do choose to opt into matching.

You can opt out of the matching database if you don’t want to see or be seen by matches by checking “you can’t see your DNA matches and you’re not listed as a match”:

Accessing matches is one of the main reasons people use DNA testing for genealogy, so this is a drastic step to take.  You have to be aware that the system is reciprocal: if you don’t want people to see you as a match and decide to opt out, you in turn will be unable to see your matches.  This is only fair.  If you would prefer not to be in the database but still want to see your matches occasionally, you could opt in briefly to have a look and then opt back out again.  I would suggest this is not fair on your matches who may not get to see you match them but depending on your reasons, only you can decide if this is the right course of action in your particular situation and in some delicate cases it might well be.  There is no limit to how many times you can opt in or out and it is instant.  

In terms of the display name your matches see, you can use an alias, your Ancestry username, a nickname or initials; you could call yourself Mickey or Minnie Mouse if you wish!  The first place you can change the name on the account is at the top of the “Settings” page under “Test Details”.

The most important place to check for this setting, however, is under “Display Preferences” followed by “Display Name”:

Be aware that if you use a username/nickname that you also use as a username elsewhere online or as part of an email address some simple googling is likely to unveil your identity to a match.    

Another important section is the “Research Consent” area.  This is where you can choose whether or not you wish to participate in Ancestry’s research projects: detailed information is provided as well as an informed consent document that you should read fully before making up your mind.  Ancestry de-identify data before it is passed for use in research – this means the data is stripped of any information that could identify the owner.  You can add or withdraw consent at any time if you change your mind.

Additionally there is a section entitled “Sharing Preferences” and this is where you can invite others to access your DNA results if you wish:

You may wish to invite relatives or matches to see your DNA match list at some point or you may have tested for a close relative who you would like to manage your results – you can send these invites from this section.

As Ancestry is a major genealogy site, it also gives you the opportunity to build a family tree and link that tree to your DNA results.

In order to get the most out of your DNA results for family history linking a tree is advisable but if you are worried about people identifying you from your family tree, remember uploading any kind of a tree is entirely optional and all living people on Ancestry trees are fully privatised.  You can choose to have no tree at all or to make your tree private or even private and unsearchable via the privacy settings on the tree itself.  If you choose “private and unsearchable”, however, be aware that you will not receive Common Ancestor Hints or Thrulines.  You do receive those with a private and searchable tree though: searchable means basic information can be found by Ancestry members in the search index but they cannot access your tree without a specific invite from you so all they can see would be a deceased ancestor’s name, birth year and birth place.  There are many reasons why people may not want to allow their trees to be public and if you deem that having your tree completely private is more important to you than taking full advantage of the DNA tools then the “private and unsearchable” option is available.  

If instead you are simply worried about your main tree being public and others having access to photographs and documents from it, I would advise you to create a skeleton direct ancestors tree that you can attach publicly to your DNA results: all you need to put on this tree would be the basic names and dates applicable to your direct ancestors as this would be enough to encourage the system to work for you and generate Common Ancestor Hints and Thrulines.

You can also choose whether you wish to receive messages from other members (including your DNA matches) via Ancestry’s messaging system but this setting is not in the DNA area and can instead be found within your “Site Preferences” under the sub-section “Community Preferences”.  “Site Preferences” can be accessed via the dropdown menu underneath your name in the top right hand corner of the Ancestry homepage.

Finally if you decide you would like to delete your Ancestry test, you can do so on the final section of the DNA “Settings” page named “Actions”.  Underneath the sub-section in which you can download your raw data, there is an option to delete your kit.

In order to go through with the deletion you have to enter your password as confirmation.  Once you have deleted the test, there is no way to retrieve your deleted data so this is a very extreme step to take and you have to be 100% sure you will never wish to access your results again before you push that button.  This will only delete the particular kit whose settings you are accessing at that time: if you wish to delete other kits you will need to visit their settings to do so.  It is much less drastic to simply go fully private by turning off matching and I would recommend doing that in most situations.  In terms of sample storage Ancestry stores your sample indefinitely unless you ask for it to be destroyed.  

23andMe

23andMe also offers an autosomal test, which provides an ethnicity estimate and a relative matching list as well as health report information (if purchased) and Y-DNA and MtDNA haplogroups.  To review your settings go to your 23andMe homepage then click on your name in the top right-hand corner and on the dropdown menu click on “Settings”.

If you scroll down the settings page you will find the “Privacy/Sharing” section and this is where you should navigate to in order to review your privacy choices at the site.  You can opt in or out of participating in DNA Relatives (23andMe’s matching facility) at any time.  As is the case with Ancestry if you opt out, you will not see your match list and they will not see you on theirs.  You can opt in and out at any time.

If you do want to participate in DNA Relatives there are further levels of sharing and privacy options you can decide upon.  Firstly you can choose the display name your matches will see from a dropdown list. The initials option is the most private option you can choose. You can also choose whether or not you wish your birth year to be displayed to matches from this section.

Additionally, you can either share your ethnicity and matching DNA segment details freely with all matches (this is known as “Open Sharing”) or you can choose not to share with all and decide whether or not you wish to share on an individual basis if matches send you a connection request.  

Equally, you can send matches connection requests if you wish but, again, if you would prefer not to receive connection requests you can also opt out of these as well as block individuals from whom you don’t want to receive messages.  In terms of connection requests there are 2 sharing levels: you can share ancestry information only or health + ancestry reports if you have purchased the health portion of the test.  Generally I would recommend only sharing your health reports with close relatives.

Other important aspects you have to decide on are sample storage and whether or not you wish to participate in 23andMe’s research projects.  You can choose to allow sample storage or have your sample discarded:

23andMe has a major focus on health and, therefore, the research aspect of their site is quite prominent.  If you purchase the health test, you will be asked to fill in survey questions and whether you test solely for ancestry or for health and ancestry you will be asked if you wish to participate in their research projects.  As with Ancestry you can choose to opt out of this if you wish.  You will be asked to read very comprehensive consent documents for both pooled data research and anonymised individual data research.  Please read these documents carefully before coming to your decision.

If at any point you decide you would like to delete your test from 23andMe simply go to “Settings” and scroll down to “23andMe Data” under which you can access the deletion page:

Deleting an account and associated data will permanently delete the data for all profiles within the account so think carefully before pressing this button and be especially careful if you have more than one test attached to the same account.  If you do not wish to delete data for all profiles do not click the ‘Permanently Delete Data’ button. You can transfer a profile into another account before deleting the test you wish to if that is the case.

MyHeritage

MyHeritage also provides autosomal DNA tests and health tests. Privacy settings on MyHeritage can be accessed by logging into your account then clicking on your name in the upper right corner of the homepage followed by clicking on “My Privacy”. Once on this page, click “My DNA preferences” and a list of options will appear:

Many of the privacy settings we’ve already covered in the Ancestry and 23andMe sections are equally available here starting with the opportunity to opt out of DNA matching altogether.  In common with the others if you opt out you will not have access to your match list and your matches will not see you as a match on theirs.  Equally you can choose to allow matches to see your Ethnicity estimate or not and to view shared DNA segments or not just as you can on 23andMe (Ancestry does not provide DNA segment data hence that setting is not applicable to their test).  If you choose to opt out of sharing segments, matches will not be able to see the exact segments shared via the chromosome browser.  Be aware if you have more than one DNA test attached to a single MyHeritage account that these settings are not per individual test and will be applied to all tests attached to the same MyHeritage site.  This means if you want to just opt one test out of DNA matching but would like the others on the same site to remain visible, you will have to migrate the test you would like opted out to its own MyHeritage account.

If you have uploaded another person’s test to your account (with their express permission) you can now give them access to this test.  In order to do so hover over “DNA” on the top bar and then click on “Manage DNA kits”:

On the “Manage DNA kits” page you will see a list of all kits attached to your account and any kit that is not assigned to you will have the option to invite the tester to view their own DNA results.

MyHeritage, like Ancestry, is primarily a genealogy site and, as such, provides a platform for the building and sharing of family trees.  You can attach a tree to your results but equally you can keep your tree private if you wish via your site’s “Access” settings in the “My Privacy” area.

If you decide not to allow your site to be findable, then it will be completely private.  If you decide not to allow guests to see limited information then they will not be able to access your tree without sending you a membership request at which point you can decide on an individual basis.

If you decide you wish to entirely delete your MyHeritage DNA test, you can also do this from the “Manage DNA kits” page by clicking on the 3 dots on the right-hand side and then pressing “Delete kit”.

Be aware, like the others, that this is permanent and you will not be able to retrieve your data if you decide to delete a test.

FamilyTreeDNA

In order to access your privacy settings on FamilyTreeDNA (FTDNA) click on your name in the top right-hand corner of the DNA homepage and then navigate to “Account Settings”.

From there click on “Privacy & Sharing”:

The first important setting you need to decide on, as with the other companies, is whether or not you wish to participate in DNA matching: you can easily opt in or out via the “Matching Preferences” setting.  As with the others if you opt out you will not have access to your matches and they will not see you on their match lists.

FTDNA, however, has a secondary database you can opt in or out of and that is a Law Enforcement database.  Law enforcement use of genetic genealogy techniques and databases has become a very prominent talking point in the community and in general over the past 20 months since the third party site GEDMatch was used to help identify the Golden State Killer and many subsequent criminal cold cases have also been solved using this methodology.  FTDNA is the only major company that allows law enforcement usage of their database and only for those that have opted in to law enforcement matching.  Be aware if you have provided a European address in the “Account Information” section you will be automatically opted out as per GDPR regulations but if you have provided a US-based address you may be automatically opted in if you took a test prior to the establishment of this separate database (if you test now you will be asked if you wish to opt in or not).  If you have tested at FTDNA and you’re not sure if you’re opted in or out of the law enforcement database, visit the settings page to check and make your choice on the matter.

Additionally you can choose which level of Family Finder (autosomal), Y-DNA and Mitochondrial DNA matches you wish to see:

FTDNA is the only site that offers Y-DNA and mtDNA testing.

Like the other sites you can choose whether or not you wish to share ethnicity estimate details (FTDNA’s ethnicity estimate is called “MyOrigins”) with your matches or not via the “Origins Sharing” option.

You can upload or create a Family Tree at FTDNA that you can share with your matches if you wish.  On the same page you will find a “Family Tree Sharing” preferences option.

You can choose to share your tree with all FTDNA users, just your matches or keep it private to yourself to use solely as a reference.

There are further options if you navigate to the “Genealogy” section of the “Account Settings”:

You can add both a list of ancestral surnames and details on your earliest paternal and maternal ancestors.  If you would prefer not to provide matches with this information, you can leave this section blank.

FTDNA does not offer a messaging system of their own – instead they provide the primary email address you added to your “Account Information” section to matches.  If you don’t want your regular email address to be listed on your profile, I recommend creating a new dedicated email address for DNA match queries and adding this to your account instead.

FTDNA also provides a platform for many thousands of volunteer Y-DNA Surname, mtDNA, Haplogroup and Geographic projects.  You can join any applicable project and there are several options for those who have joined projects in the “Project Preferences” section of the “Account Settings”.  Be sure to check you are happy with the access you are providing to your project administrators if you have joined projects and be aware that without the right level of access administrators are unlikely to be able to provide appropriate advice.

FTDNA does not provide an instant option in the account settings to delete your DNA data.  Instead you are required to contact their customer service department to request the deletion at which point they will comply with the request and delete your DNA results and all related information.  You also have to contact customer services if you wish for your sample to be destroyed or your account to be deleted.  FTDNA store samples for up to 25 years unless otherwise asked to discard them.  For genealogical purposes this storage could be very useful e.g. in the case of an elderly relative who passes away future advancements in testing could allow the deceased person’s sample to be reused.  Of course that brings up other ethical questions and you should discuss such future testing with relatives to get their opinion in case of such an eventuality.

Conclusion

Overall, the options at each of the testing sites are very clear and customisable.  There is a lot you can do to maintain certain levels of privacy if you so wish i.e. if you wish to be extremely private and not visible in the database this is possible and equally if you wish to be in the database, share ethnicity information and provide a public tree to matches you can do that too.  It’s best to decide on each privacy setting on a personal basis as individuals will have different levels of privacy that they are comfortable with.  The more open you are, the more success you are likely to attain from testing if you are doing it in order to further your genealogical endeavours.  Not everyone will be testing for that reason, however, and some will have their own reasons for being as private as possible so it’s important to know these settings exist.

Always be aware, however, that no matter how many steps you take to maintain your own privacy, your DNA does not belong solely to you.  Your test affects your relatives in the same way their testing can affect you.  We share a lot of DNA with relatives: we share the most with parents, siblings and other close family members but we also share significant amounts with cousins (first and second especially) and less significant amounts with more distant cousins who will be complete strangers to us.  If a close relative or cousin tests then you could be identifiable via their DNA no matter how private you keep your own test.  The only way to be 100% private is to not appear in match lists at all but doing that can negate the point of testing in the first place: for most people interested in genealogy the point of testing is to use the DNA matches to help with building, confirming and extending their family trees and to connect with new cousins.  If that is not your goal or you are only interested in the ethnicity estimate or health information and don’t want to see matches or correspond with them then it might be worth thinking about opting out of matching although I would suggest that staying opted in can help other researchers even if you are not personally open to corresponding or creating a tree.  

Finally I would urge anyone worried about privacy to think about exactly who is going to have access to their information: putting third party access aside, the only people who will see that you’ve DNA-tested are your matches.  Most of us provide much more information about ourselves to relatives, friends and the world via our social media profiles than we ever will via our DNA test match lists.  At the same time anyone who tests needs to understand that there could be a shock waiting for them such as a parent not being their biological parent or an unknown close relative they didn’t know existed being at the top of their match list.  These are serious considerations and you have to understand the possibilities before testing.  At the end of the day each individual will have a different attitude to testing and privacy and it is incumbent upon us all to inform ourselves before testing and make personal decisions about our privacy settings from a knowledgeable position.  DNA testing is an amazing tool for genealogy but it’s also a very personal undertaking so you must be sure it’s suitable for you before spitting or swabbing.

Michelle Leonard
Michelle Leonard is a Scottish professional genealogist, DNA detective, speaker, author and historian. She runs her own genealogy business, Genes & Genealogy, and specializes in DNA Detective work solving adoption, unknown parentage and all manner of unknown ancestor mysteries with a combination of DNA testing and conventional research methods.