“Your Personal Information is Being Requested”: Ancestry Testing, Stunt Coding, and Synthetic DNA
In July 2015, an app posted to the repository hosting service GitHub claimed to use genetic data culled from the ancestry testing company 23andMe to potentially limit a user’s access to particular segments of the Internet. Called Genetic Access Control, this app utilized the “open” nature of 23andMe’s application programming interface (API) to generate a third-party authentication application that the developer promised could restrict access to certain websites “based on traits including sex, ancestry, disease susceptability [sic], and arbitrary characteristics associated with single-nucleotide polymorphisms (SNPs) in a person’s genotype.”[1] This app would enable websites to request access to a user’s 23andMe profile for verification purposes upon login. Once permission to share the data with this third-party app was approved, the app would then allow or disallow the user access to the site. Or, as the app developer put it in a list of possible uses, the app could create “‘safe spaces’ online where frequently attacked and trolled victim groups can congregate, such as a female-only community” and “[g]roups defined by ethnic background, e.g. Black Panthers or NAACP members.”[2] Posted to GitHub under the username “offensive-computing,” this anonymous developer also suggested that “[e]thnoreligious sects” that “wish to limit membership, e.g. Hasidic Jewish groups restricting access to Ashkenazi or Sephardic maternal haplogroups with the ‘Cohen’ gene” might employ the application.[3] Within days of Genetic Access Control’s appearance on GitHub, 23andMe restricted the app’s access to its APIs. It cited non-compliance with 23andMe’s Terms of Service agreement, which forbids the use of its APIs in applications that promote “hate materials.