U.S. troops are being advised to steer clear of popular genetic-testing kits over what Pentagon leaders say is a growing concern that the personal information could be exploited or tracked.
Top military brass received a memo last week warning them that some genetic testing companies are encouraging Defense Department personnel to buy genetic-ancestry or health-information products by offering military discounts.
But the direct-to-consumer DNA tests are "largely unregulated," the memo states, potentially leaving their personal data or genetic information at risk. That, the memo adds, could "create unintended security consequences and increased risk to the joint force and mission."
The memo was signed by Joseph Kernan, the undersecretary of defense for intelligence, and James Stewart, the assistant secretary of defense for manpower and Reserve affairs. Military.com obtained a copy of the memo, which Yahoo News first reported on this week.
"Until notified otherwise, DoD military personnel are advised to refrain from the purchase and/or use of [direct-to-consumer] genetic services," Kernan and Stewart wrote.
Military.com first reported in July that at least one top military leader was concerned about the mail-in kits. Former Chief of Naval Operations Adm. John Richardson said in July that troops need to "be careful who they send your DNA to."
"There's a number of those companies where you can go and find out what your makeup is. That's a lot of information," Richardson said. "You learn a lot about yourself, and so does the company who's doing it."
Defense Department officials did not respond to a question about whether Richardson's warning led to a review of the Pentagon's policy on mail-in ancestry and genetics kits.
The new memo doesn't specify how military readiness could be at risk if troops use off-the-shelf genetic-testing kits, citing only "increased concern in the scientific community that outside parties are exploiting the use of the genetic data for questionable purposes."
That includes "mass surveillance and the ability to track individuals without their authorization or awareness," the memo adds.
Elissa Smith, a Defense Department spokeswoman, said the memo was sent to ensure all service members are aware of the risks that could come with the tests.
"The unintentional discovery of markers that may affect readiness could affect a service member's career, and the information from [direct-to-consumer] genetic testing may disclose this information," she said. "Testing performed by DTC companies may or may not provide reliable, accurate results. Because of this, until further assessment, it is advised that service members receive this information from a licensed professional rather than a consumer product."
Two popular companies that offer mail-in DNA tests -- Ancestry and 23andMe -- say protecting consumers' data is a top priority. And neither, according to company officials, are currently offering military discounts.
Gina Spatafore, a spokeswoman for Ancestry, said the company doesn't share customer data with insurers, employers or third-party marketers. The company also protects personal information from law enforcement unless it is compelled to share the data "by valid legal process, such as a court order or search warrant."
Katie Watson, vice president of communications at 23andMe, said no customer information is shared with third parties without separate, explicit consent from its customers.
"Customers are in control of how their data is shared, and how their data is stored," she said. "They can choose to have their sample stored at our lab, or have it destroyed. They can also download their information and close their account at any time."
Ancestry.com, Spatafore said, was the first in the industry to set a self-governed policy framework for the collection, protection, sharing and use of data collected by consumer genomics companies.
"Ancestry recognizes our responsibility to lead by example and set the bar for industry innovation," she said. "For that reason, we partnered with the Future of Privacy Forum (FPF), and other personal genomic testing companies to release the Privacy Best Practices for Consumer Genetic Testing Services."
Sensitive data from 23andMe is encrypted, Watson said, and only essential company personnel have access to the information.
Steven Block, a biology and applied physics professor at Stanford University, told Military.com this summer that while people should be mindful that any database that stores their personal data could be hacked, companies such as Ancestry or 23andMe tend to store only a limited amount of data -- about 1/1,000th of a person's full DNA.
"If you have the physical swab, then you have a sample of the complete DNA information for the individual, and the potential to do much more with that than, say, the sort of limited information that ancestry-kit companies collect and store," he said.