Comment by marcell

Comment by marcell 3 days ago

Not directly, afaik they never transferred the data.

However they sold access to the data to a bug pharma company (GSK). This was widely publicized. Not sure if that counts: GSK had some ability to look at the data but didn’t have an on premise copy of it.

Also, I worked on the GDPR deletion project. I can attest that they do best effort to delete your data when your request that. At least when I was there, this was the case. One caveat is for coding errors, oversights and bugs.

LarsDu88 3 days ago

I had direct knowledge of this. To clarify I believe 23andMe did not give direct access to individual's DNA data.

What 23andMe was selling to GSK was the results of GWAS (Genome Wide Association Study) results, which could be used to generate therapeutic candidates.

GWAS is a sort of rudimentary machine learning algorithm that basically maps a phenotype (like propensity for a particular disease) to a region of DNA. From there the drug company can narrow down candidate genes to attempt to develop specific drugs for.

Reply View 0 replies

filchermcurr 3 days ago

Is the data actually deleted in non-GDPR countries as well?

Reply View 2 replies

marcell 2 days ago

Yes, the same code runs for all customers

Reply View | 0 replies
cryptonector 2 days ago

How do they confirm where the requestor is?

Reply View | 0 replies

TheKarateKid a day ago

What data is left behind even after GDPR deletion?

For example, data that is merely disassociated with your account but will forever live in their system.

Reply View 0 replies