Explores how love is constructed and communicated across the four Gospels, comparing theological emphasis, narrative framing, and moral instruction to highlight both shared themes and interpretive differences.
Short textual analysis
Biblical studies, comparative interpretation, and religious narrative
Privacy Concerns with Using DNA Services
In this day and age of constant connectivity, people often overlook what digital privacy truly means. Although it feels like a modern concern, fears about exposure and unwanted access to personal information have existed for more than a century. As historian David Vincent[1] observes, anxieties about privacy tend to shift with each new technological development. The arrival of letters, photography, telephones, and now digital platforms all brought new ways for information to circulate beyond a person’s control. A well known example of these early concerns appears in the 1890 Harvard Law Review[2] essay “The Right to Privacy,” which questioned how far new technology could go before it violated a person’s basic rights. The authors warned that advancements in photography allowed images to be taken without the subject’s awareness or consent:
“While, for instance, the state of the photographic art was such that one's picture could seldom be taken without his consciously "sitting" for the purpose, the law of contract or of trust might afford the prudent man sufficient safeguards against the improper circulation of his portrait; but since the latest advances in photographic art have rendered it possible to take pictures surreptitiously, the doctrines of contract and of trust are inadequate to support the required protection, and the law of tort must be resorted to.”
As Jessica Lake[3] shows, these fears of photographic exposure were not abstract. Women in particular often found their images used without permission, and their legal battles helped shape the early definition of a right to privacy. Even in the nineteenth century, people recognized that new technologies could threaten their autonomy. This longer history raises a central question that connects past and present: where did today’s concerns about genetic privacy come from? Understanding this requires looking back at the moments when Americans first realized that personal information, once surrendered, could be misused in ways they never anticipated. From the invention of the camera, to the rise of eugenics, to the growth of government and medical databases, privacy debates have always reflected fears about who controls knowledge about our bodies and our identities.
This essay examines that history and explores the consequences of allowing corporations or institutions to access, store, or share deeply personal information. It also considers what protections might be necessary to safeguard individuals’ rights in the future. Special attention is given to modern DNA testing and genealogy platforms such as 23andMe, Ancestry, GEDmatch, and FamilySearch. These services may help users learn about their ancestry, relatives, or heritage, but they also raise significant privacy concerns that echo the same anxieties seen throughout the past century.
Modern worries about DNA testing and online data did not appear out of nowhere. People have been worrying about privacy for well over a century, it just looked different back then. Every new technology that made life easier also made people nervous about what it could expose, misinterpret, or take without consent. In the late 1800s, when photography was still fairly new, people were suddenly terrified of being captured without their consent. photography offered a new way to capture and distribute personal images. Cameras got smaller, newspapers started printing more gossip, and for the first time, privacy was treated as something that could be taken from you. Historians like Jessica Lake have written about how women especially were photographed without permission and used in advertisements, sparking early legal fights about image rights and consent. That is where the whole idea of “a right to privacy” really started to take shape, because people realized visibility could be dangerous. Their experiences helped shape early legal arguments about who had the right to control a person’s likeness and what counted as a violation of privacy.
These early debates over photographic exposure laid the groundwork for later twentieth century privacy concerns, which became sharper and more dangerous once scientific and governmental institutions became involved. In the early 1900s, privacy fears shifted toward questions of bodily autonomy with the rise of the eugenics movement. States and scientists claimed that they could identify who was “fit” to reproduce, even though their methods were based on flawed science and discriminatory beliefs. Policies such as forced sterilization treated people’s biological traits as information the state had a right to manage. In Buck v. Bell (1927), the Supreme Court openly approved this idea, with the now-infamous line “three generations of imbeciles are enough.”[4] The ruling made it clear that once the government claimed access to a person’s biological information, that information could be used against them in life altering ways.
By the mid-twentieth century, after years of unethical medical experiments like the Tuskegee Syphilis Study[5], many communities, especially Black Americans, stopped trusting institutions that claimed to “protect public health.” The Tuskegee Syphilis Study is one of the most disturbing examples of the government’s misuse of health data. For decades, Black men were observed without their informed consent, denied treatment, and misled about the true nature of the research. Historians such as Amy Fairchild[6] and Jinbin Park[7] emphasize that the mistrust surrounding public health data was not paranoia, it was learned experience. As Jinbin Park argues, episodes such as the Tuskegee Study created a deep cultural mistrust of medical data collection that continues to inform modern privacy fears. When scientists and governments abuse private health information, that fear does not just go away, it becomes generational. And it still shapes who feels safe sharing DNA data today.
Then in the 1970s and 1980s, privacy debates moved from labs and hospitals to computers and phones. People started realizing that every call, transaction, and keystroke could be tracked or stored. In Smith v. Maryland[8] (1979), the Supreme Court ruled that once you share data with a company, it is no longer private. That idea, called the “third-party doctrine,” opened the door for corporations to treat your data as their property. It is the same logic that DNA companies now use, the second you upload it, it is not yours anymore.
All these moments connect. The fear of being secretly photographed became the fear of being sterilized, which became the fear of being tracked and analyzed. It is the same anxiety, just wearing new technology. That is where modern genetic-privacy fears come from, not just from data breaches or hacking, but from a long, messy history of people realizing too late that once your personal information leaves your hands, you might never get it back. These older fears of exposure, control, and misuse of personal data still echo today, only now they play out through DNA tests and digital databases rather than cameras or case files.
Across the past century, each major technological shift has forced Americans to confront the same unresolved question: how much personal autonomy is lost once private information leaves an individual’s control. From early anxieties over photography and public exposure, to the eugenics movement’s abuse of biological data, to modern surveillance and digital databases, fears about privacy have consistently reflected concerns over consent, ownership, and power. While the tools have changed, the underlying tension has not. New technologies repeatedly promise progress and knowledge while quietly expanding the reach of institutions into people’s lives.
Modern genetic testing does not represent a break from this history but rather its continuation. DNA services inherit the same ethical dilemmas that accompanied earlier innovations, only now the stakes are higher because genetic information is permanent, identifying, and shared across networks far beyond the individual. Understanding contemporary fears surrounding DNA testing therefore requires situating them within this longer historical pattern of exposure, control, and delayed regulation. Genetic privacy concerns did not emerge suddenly in the digital age. They are the predictable result of a century of technological change outpacing meaningful protections for personal autonomy.
Digital privacy refers to the protection of personal information shared or stored online. From a young age, most people are taught not to share personal details such as their full name, birthday, or location with strangers. Yet by 2024, it has become second nature for many to disclose these details across social media, online forms, and digital services. DNA testing platforms take this even further. They not only collect identifying information but also store sensitive genetic data that can reveal health risks, family connections, and ancestry. Services such as 23andMe, Ancestry, and FamilySearch all rely on gathering and storing personal data, and they do so on a massive scale. When a user sends in a cheek swab or uploads raw DNA data, that genetic information does not remain in the user’s possession. It becomes part of a company’s database, often retained indefinitely. Some platforms, like Ancestry and FamilySearch, gather not only genetic data but also personal documents and family histories. This creates large, interconnected systems in which a single person’s information can indirectly expose the private details of dozens of relatives.
One of the most significant concerns arises from how these companies share data with third parties. Many users do not realize that their genetic information may be used for research partnerships, pharmaceutical development, or commercial analysis unless they manually opt out. As Cook-Deegan[9] notes, debates over who “owns” genetic knowledge began during the Human Genome Project, and those debates have only intensified as corporations have assumed greater control over genetic data. Once genetic information leaves a person’s hands, it is often governed by a company’s terms of service rather than by meaningful privacy laws.
The risks of inadequate protection are not hypothetical. In 2023, 23andMe experienced a major data breach in which profile information was accessed through credential-stuffing attacks and scraped from the DNA Relatives feature. Millions of users were affected.[10] The breach revealed how vulnerable genetic data can be when stored on commercial servers that may not have the capacity to prevent large scale cyberattacks. While any online activity carries some level of risk, the exposure of genetic information is particularly serious because it cannot be changed or replaced.
These platforms can also reveal information that individuals never intended to discover or share. A user might accidentally expose a relative’s adoption status, medical history, or biological parentage. Even if no one has done anything wrong, the consequences can be emotionally devastating. The more these companies grow without strict oversight, the more likely it becomes that genetic information will be used or revealed without consent.
All of this echoes older patterns seen throughout history. Just as early photography made people fear being captured without their knowledge, and just as the eugenics movement turned biological traits into tools of state control, modern DNA services raise questions about what rights individuals retain once their information enters a larger system. The difference today is the scale. A single spreadsheet error, policy change, or security breach can affect millions at once.
As genetic databases grow, the fear remains the same as it was in earlier eras: once private information becomes accessible, it can be used in ways that individuals never predicted or agreed to. Unless stronger protections are implemented, modern DNA services risk repeating the historical cycle of technological innovation outpacing privacy safeguards, leaving users to face consequences they did not consent to.
A central concern in current debates is the lack of meaningful informed consent. DNA testing companies frequently present their services as recreational or educational, often minimizing the long-term implications of genetic data submission. These implications are often insufficiently communicated to users. They rely on people not reading the fine print or not understanding how far this information can spread.
One of the clearest examples is what law enforcement now does with genetic data. While there is broad public support for solving violent crimes, the methods used to do so raise significant ethical questions. While there is broad public support for solving cold cases, the use of genetic data in criminal investigations raises significant ethical concerns regarding consent and scope. Police departments openly encourage people to upload their data to free genetic sites, specifically so they can use the information for investigations. This raises questions about the limits of acceptable data use. Not every tool given to authorities has been used responsibly in history, and we should learn from those patterns instead of repeating them.
Take the Golden State Killer[11] case. Police used GEDmatch, a free genealogy site, to track down the suspect. Solving that case mattered. But the people whose DNA helped identify him did not agree to their information being used for police work. They uploaded for family history, not criminal investigations. It illustrates how genetic data can be repurposed without the explicit consent of those who submitted it.
Genetic testing also creates deeply personal situations that no one is prepared for. A person might discover biological relatives who do not want contact, and that can lead to heartbreak on both sides. Such as in this case for a woman named Shona Hendley[12], who found her father and he rejected her:
“My biological father refused to have a relationship with me. He deleted his email address and cut off all avenues of communication without any explanation. This rejection was utterly devastating for me because it was rejection of the most personal kind. From the man who helped create me, whose blood I share, who my identity is linked to, who I desperately wanted to be accepted by.”
No one in this situation is wrong, nor should any of them feel guilty. The daughter is not wrong for wanting answers. The father is not wrong for feeling overwhelmed or choosing privacy. But genetic testing forces both parties into a situation neither asked for. And this article is not even from the United States. It highlights a worldwide issue.
And this is not the only example. It happens constantly. Take this post from Reddit user[13] throwitaway93274, for instance:
“I recently found my birth mother and her side of my family through DNA testing and research. I contacted her a total of two times over several months, each message introducing myself and making note that if she didn't want communication, to go ahead and let me know. I received no response from those two messages. I decided to go ahead and contact siblings. My birth mother then contacted me, furious, demanding that I never speak to her children again.”
Again, no one is “the villain” here. No one is doing something malicious. Both biological parents and biological children can have complex, valid emotional responses. These situations do not create heroes or villains; they simply reveal how genetic testing can force deeply personal decisions into the open without warning. But the technology puts everyone into emotionally loaded situations they did not consent to and cannot control.
And then we come to the companies themselves, which is its own problem entirely. They are not transparent about how they handle your genetic data. For example, The Atlantic[14] reported on the potential sale of 23andMe and explained that the company’s privacy policy clearly states that if the business is sold or merges, all customer data can be treated as a salable asset:
“... the company’s privacy policies make clear that in the event of a merger or an acquisition, customer information is a salable asset. 23andMe promises to ask its customers’ permission before using their data for research or targeted advertising, but that doesn’t mean the next boss will do the same. It says so right there in the fine print: The company reserves the right to update its policies at any time.”
Your privacy on these servers is never guaranteed. And people assume HIPAA[15] protects them, but it doesn’t. HIPAA does not apply to consumer DNA companies. They are not held to the same standards as medical professionals, even though they store incredibly sensitive health and identity data. This gap in protection raises significant concerns about how genetic data is currently regulated.
If consent is hidden inside confusing language or fine print, then it is not real consent. Yet that is exactly how these companies operate. And based on history, once institutions gain easy access to personal information, they tend to push boundaries until someone forces them to stop. DNA companies are no different. Without strict regulation, people will keep getting blindsided by the consequences of data they never meant to expose.
This is not to say that we do not have supposed “protections.” We do, in a way. The Genetic Information Nondiscrimination Act (GINA[16]) was passed in 2008 to prevent employers and health insurers from discriminating based on genetic information. It sounds reassuring on paper. It is framed as a major step forward. But once you look at it more closely, its usefulness ends almost as soon as it begins. GINA does not apply to life insurance, disability insurance, or long term care insurance. It does not meaningfully limit how companies can store or share genetic data. And it does not address the deeper issues about ownership, consent, or long term retention of your DNA. For a law that was supposed to reassure people, it leaves an awful lot of gaps.
And this is not the first time genetic information has been handled poorly. Before GINA, there were decades of debate over eugenics, forced sterilization, and the idea that certain biological traits gave the government the right to intervene in people’s lives. Buck v. Bell (1927), the same case in which the Supreme Court declared “three generations of imbeciles are enough”, is one of the clearest examples. It shows exactly what can happen when the state decides that your biology is not yours to control. That history still hangs over current conversations about genetic privacy, no matter how modern the technology becomes.
Looking at how the United States handles disability rights adds another layer to the problem. People with disabilities are routinely left unprotected or excluded from policy-making that directly affects them. GINA does little to address those gaps. And when DNA companies are handling the most intimate information possible, health risks, genetic markers, family connections, their lack of obligation to follow medical privacy laws creates a dangerous vacuum. These companies do not fall under HIPAA at all, even though they store data that is far more personal than a blood test or a doctor’s visit. Many people assume they do, and that false sense of security is part of the problem.
Historians have repeatedly shown that institutions rarely impose limits on their own power without external pressure, a pattern that remains visible in the current DNA testing industry. Whether it is DNA testing sites, corporate storage, or government agencies, Americans deserve better than this patchwork of weak protections and corporate loopholes. At a minimum, scholars and policymakers have increasingly argued for guaranteed rights over genetic information. Companies should not be allowed to sell it without explicit, informed consent. If individuals submit their DNA, ownership and control over that information should remain with them. Otherwise, the entire system starts to resemble other debates about bodily autonomy, such as whether organ donation should be required, and the idea that the body can be used as a public resource.
Historically, weak penalties have rarely deterred large institutions from repeating privacy violations. The persistence of data misuse suggests that financial fines alone are insufficient. Public reactions to high-profile cases involving data misuse reflect a growing frustration with regulatory frameworks perceived as insufficient to constrain corporate behavior. Historically, periods of weak enforcement have often coincided with escalating public distrust. A more meaningful framework of accountability, one that includes enforceable standards and executive responsibility, would better align with the lessons drawn from past abuse of personal data.
Financial penalties alone will not fix this. We need strict laws requiring companies to delete stored genetic data after a set period of time unless users give clear, renewed consent. We need federal standards for how DNA is stored, encrypted, and eventually erased. The longer companies keep this information, the larger the risk becomes. Genetic data should not sit on a server indefinitely like a future time bomb.
On top of this, individuals must be empowered to understand what they are agreeing to when they submit genetic data. Public education is essential. Users should be made fully aware of how their DNA may be stored, shared, or repurposed, and what legal protections do and do not apply. Informed consent must be meaningful, not buried in fine print or disguised through reassuring marketing language.
These concerns are not limited to the United States. The case of Shona Hendley alone demonstrates that genetic privacy issues cross national boundaries. As genetic databases expand globally, an international standard for genetic privacy is increasingly necessary. Without such standards, companies can exploit regulatory gaps between countries, leaving individuals unprotected regardless of where their data is stored.
Genetic testing services should not be so widely available without regulation. The long history of privacy concerns in the United States shows that every new technology brings new ways for personal information to be taken, shared, or misused. Photography raised those fears in the 1890s. Eugenics and forced sterilization weaponized biological data in the early twentieth century. Mid century public health surveillance damaged trust in medical institutions, especially for marginalized communities. And with the rise of digital databases in the 1970s and beyond, people learned that once information leaves their hands, it can be copied, stored, and passed around without their knowledge.
Genetic testing companies have inherited the same privacy problems that accompanied earlier technological innovations, only now the stakes are significantly higher. DNA is permanent, uniquely identifying, and irreversible once exposed. Modern genetic privacy fears did not emerge suddenly; they are the predictable result of more than a century of repeated lessons showing that personal information, once surrendered, is difficult to control. History demonstrates that institutions rarely limit their own power voluntarily, which is why transparency, enforceable consent, and external regulation are essential. As genetic technologies continue to advance, legal and ethical protections must evolve alongside them. Privacy should not be something individuals lose simply by seeking knowledge about their ancestry or health. A system that values scientific progress must also protect autonomy, historical memory, and the right to control one’s own biological information.
[1] David Vincent, Privacy: A Short History (Cambridge: Polity Press, 2016).
[2] Samuel D. Warren and Louis D. Brandeis, “The Right to Privacy,” Harvard Law Review 4, no. 5 (1890): 193–220.
[3] Jessica Lake, The Face That Launched a Thousand Lawsuits: The American Women Who Forged a Right to Privacy (New Haven: Yale University Press, 2016).
[4] Buck v. Bell, 274 U.S. 200 (1927).
[5] Amy L. Fairchild, Ronald Bayer, and James Colgrove, Searching Eyes: Privacy, the State, and Disease Surveillance in America (Berkeley: University of California Press, 2007).
[6] Fairchild, Bayer, and Colgrove, Searching Eyes.
[7] Jinbin Park, “Historical Origins of the Tuskegee Experiment: The Dilemma of Public Health in the United States,” Journal of Black Studies 48, no. 6 (2017): 495–517.
[8] Smith v. Maryland, 442 U.S. 735 (1979).
[9] Robert Cook-Deegan, The Gene Wars: Science, Politics, and the Human Genome (New York: W. W. Norton, 1994).
[10] Associated Press, “Genetic testing company 23andMe says hackers stole data on ‘millions’ of customers,” AP News, October 9, 2023.
[11] Shona Hendley, “Shona Hendley: What it's like being the secret child from an affair,” New Zealand Herald, October 13, 2021.
[12] Reddit user throwitaway93274, “I recently found my birth mother and her side of my family through DNA testing…,” comment posted to r/Adoption, September 26, 2022, https://www.reddit.com/r/Adoption/s/FgJelJfTRL.
[13] Sarah Zhang, “The Messy Business of DNA Testing Is Coming to an End,” The Atlantic, October 2023.
[14] Genetic Information Nondiscrimination Act of 2008, Pub. L. No. 110–233, 122 Stat. 881 (2008).
[15] Health Insurance Portability and Accountability Act of 1996 (HIPAA), Pub. L. No. 104–191.
[16] Justin Jouvenal, “To Catch the Golden State Killer, Investigators First Found His Great-Great-Great-Grandparents,” Washington Post, May 2018.
