In late October, genetic testing startup 23andMe did something unusual: It issued a transparency report that disclosed how many times law enforcement had requested access to its customers’ data. Transparency reports themselves — regularly updated documents that disclose statistics of government requests for user data, records, or content — aren’t unusual: Google, Facebook, Twitter, and Microsoft all now issue them. What was different was the nature of the requests: Instead of seeking information about someone’s location or communications, the government was asking for people’s DNA.
Ultimately, 23andMe said it didn’t comply with the requests. However, as more health technology companies track ever more discrete data about our bodies — from our genes to our heart rate — law enforcement agencies will increasingly attempt to access this information. But for now, at least, because most health technology companies do not issue transparency reports, those requests remain a black box.
For example, Fitbit, which has a market cap of $8 billion, has sold more than 30 million activity trackers since its 2007 inception. Asked by BuzzFeed News, a spokesperson said... see more