Why I regret using 23andMe: I gave up my DNA just to find out I’m British; The Guardian, November 30, 2024

Kari Paul, The Guardian; Why I regret using 23andMe: I gave up my DNA just to find out I’m British

"With the future of 23andMe in peril, the overarching question among previous customers now is what will happen to the data that has already been collected. Leuenberger noted that by entering DNA into a database, users sacrifice not only their own privacy but that of blood relatives. Because an individual’s DNA is similar in structure to that of their relatives, information about others can be gleaned from one person’s sample. This is especially pronounced with the rise of open-access DNA sites like GEDMatch, on which users can upload genetic data that can be compared to other samples. A consumer genealogy test contributed to the identification of serial killer Joseph James DeAngelo.

“What is ethically tricky with genetic data is that it’s not just about self-knowledge – it’s also knowledge about all of your relatives,” Leuenberger said. “Morally speaking, it is not necessarily information that is yours to give – and this risk is exacerbated if this company goes down and the fate of the data becomes more perilous.”"

THE GREAT SCRAPE: THE CLASH BETWEEN SCRAPING AND PRIVACY; SSRN, July 3, 2024

Daniel J. Solove, George Washington University Law School; Woodrow Hartzog, Boston University School of Law; Stanford Law School Center for Internet and Society; THE GREAT SCRAPE: THE CLASH BETWEEN SCRAPING AND PRIVACY

"ABSTRACT

Artificial intelligence (AI) systems depend on massive quantities of data, often gathered by “scraping” – the automated extraction of large amounts of data from the internet. A great deal of scraped data is about people. This personal data provides the grist for AI tools such as facial recognition, deep fakes, and generative AI. Although scraping enables web searching, archival, and meaningful scientific research, scraping for AI can also be objectionable or even harmful to individuals and society.

Organizations are scraping at an escalating pace and scale, even though many privacy laws are seemingly incongruous with the practice. In this Article, we contend that scraping must undergo a serious reckoning with privacy law. Scraping violates nearly all of the key principles in privacy laws, including fairness; individual rights and control; transparency; consent; purpose specification and secondary use restrictions; data minimization; onward transfer; and data security. With scraping, data protection laws built around

these requirements are ignored.

Scraping has evaded a reckoning with privacy law largely because scrapers act as if all publicly available data were free for the taking. But the public availability of scraped data shouldn’t give scrapers a free pass. Privacy law regularly protects publicly available data, and privacy principles are implicated even when personal data is accessible to others.

This Article explores the fundamental tension between scraping and privacy law. With the zealous pursuit and astronomical growth of AI, we are in the midst of what we call the “great scrape.” There must now be a great reconciliation."