In this final post of their three-part series, lawyers Daniel Vorhaus and Lawrence Moore of the superb blog Genomics Law Report analyse the legal repercussions of a personal genomics company going bankrupt. In part one of the series Vorhaus and Moore analysed the privacy policies of two representative personal genomics companies, while part two was a detailed examination of the complex legal issues surrounding the treatment of customer genetic data in the event of company bankruptcy.
Part III: What Does It All
In part one, we discussed the importance of Privacy Policies and other legal agreements in determining how DTC genomics companies will treat their customers’ information, including in the case of a bankruptcy sale. Unfortunately, but not surprisingly, we failed to find much in the way of concrete answers. In part two, we dug into the law to investigate how a bankruptcy court would be likely to evaluate the proposed sale of a company’s genomic database, including in what scenarios it might be willing to set aside the company’s own agreed upon Privacy Policies. In this final part, the threads come together as we ask–and attempt to answer–the only question that really matters for most readers: what does it all mean for the average DTC genomics customer?
If you’re concerned that your DTC genomics provider of choice might be a candidate for bankruptcy the very first thing to do, of course,
is to consider whether the privacy of your genomic data is even important
to you. If you’re applying for (or already enrolled in) the Personal Genome
Project, for example,
chances are that you wouldn’t much care if 23andMe went bankrupt and
decided to sell your information to a competitor, to a pharmaceutical
company or to anybody else.
But for the many customers
who, at least at present, consider the privacy and security of their
genomic data to be an important factor in choosing whether to purchase
the services offered by DTC genomic companies, there is simply no substitute
for reading to the bottom of the page. When you purchase a product
and utilize the corresponding services, including the website where
you view your genomic information, you are agreeing to the terms supplied
by that company.
As for what those terms say,
while it varies on a case-by-case basis and the terms are always subject
to change (and they do, in fact, change, often in response to developments
in either the law, the company’s business model or both), the prediction
here is that if your DTC genomic company of choice goes belly up there
is a good chance that its assets, including its database of genomic
information, will be up for sale.
The good news is that, in all
likelihood, the sale would be restricted to another company that would
use the data for substantially the same purposes as the original company
and generally agree to abide by the same privacy protections as the
now-bankrupt company. Again, those provisions vary by company
but generally provide individuals with an ability to terminate their
involvement with the company and withdraw their information (to the
extent that it has not already been made available to third parties
for allowable research or other purposes) from the company’s database.
Finally, as with just about
every aspect of genomics law, the most complete and accurate answer
is that time will tell. When the first DTC genomics bankruptcy
inevitably arrives it will help answer more definitively a host of important
questions, including whether and how a government agency might take
an interest in commercially acquired genomic data, whether genomic data
will be considered personally identifiably information under bankruptcy
law and how debtors, creditors, consumers and regulators will react
to the sale of large-scale genomic databases.