The genetic revolution has delivered extraordinary advances in how we understand, diagnose, and treat disease. With a simple saliva test, we can trace ancestry, assess inherited risk factors, or contribute to large-scale research. But as access to our DNA becomes easier, the question of who actually owns our genetic information becomes more urgent—and more complicated.
DNA, the molecular blueprint of life, isn’t just a static sequence of letters—it holds predictive insight, familial ties, and deep personal meaning. It also holds commercial value, with biotech firms, insurers, researchers, and governments vying for access. As genetic testing becomes more widespread, we are forced to grapple with a tension between personal autonomy and the broader public, legal, and corporate interests surrounding genetic data.
Answering the question “who owns your DNA?” is not as straightforward as it might appear. Scientists, lawyers, ethicists, and policymakers define DNA in different ways, each with their own goals and priorities. For some, it is biological material; for others, intellectual property, private health data, or even a shared family resource. This conceptual fragmentation shapes how laws are written, how consent is obtained, and how risks and benefits are distributed.
To understand this tangled web, we must move beyond the idea of genetic ownership as a simple matter of property. Instead, we must explore the intersecting realities of science, law, ethics, and commerce, and how they frame access to something as intimate and powerful as the human genome.
The Legal Maze: What the Courts, Congress, and Contracts Say
In the legal arena, the question of who owns or controls genetic material has evolved through a patchwork of case law, federal statutes, and international frameworks. While strong intuitions about bodily autonomy persist, courts and legislatures often rule differently, guided by precedent, policy, and the limits of existing legal categories.
Moore v. Regents: Once It’s Removed, It’s Not Yours
The case of Moore v. Regents of the University of California remains one of the most cited legal touchstones in this space. In the 1980s, John Moore underwent treatment for leukaemia, during which doctors removed his spleen and developed a lucrative cell line—named “Mo”—without informing him. Moore sued, claiming property rights over the cell line and the profits it generated.
The California Supreme Court ruled that Moore had no property interest in his removed tissue. The court reasoned that biological materials, once separated from the body, could be used for research and commercial purposes without the patient retaining ownership. However, the court did uphold Moore’s right to informed consent, ruling that his doctors had a fiduciary duty to disclose their commercial interests.
This ruling created a sharp legal divide: while patients retain control over their bodies in clinical contexts, they do not own their tissues once removed, nor are they entitled to financial participation in downstream discoveries.
Patents on Genes? The Myriad Genetics Ruling
In the landmark 2013 case Association for Molecular Pathology v. Myriad Genetics, the U.S. Supreme Court tackled a different but related issue: can companies patent isolated human genes?
Myriad Genetics had patented the BRCA1 and BRCA2 genes, which are linked to breast and ovarian cancer risk. These patents gave the company exclusive rights to test for mutations, effectively creating a monopoly on a critical health service.
The Court ruled that naturally occurring DNA sequences cannot be patented. While Myriad had isolated the genes, the genetic information itself was not considered an invention. However, the Court did permit patents on cDNA, or complementary DNA, a synthetic form lacking non-coding sequences. This decision drew a legal line between what is discovered in nature and what is manufactured through human intervention.
Together, Moore and Myriad illustrate the judiciary’s reluctance to treat genetic material as personal property. Instead, courts tend to grant control and value to those who analyse, modify, or commercialise DNA—rather than those from whom the DNA originates.
GINA: Protection With Major Loopholes
Passed in 2008, the Genetic Information Nondiscrimination Act (GINA) was the first major U.S. law designed to protect people from genetic discrimination. It prohibits health insurers and employers from using genetic data to make decisions about coverage or employment.
However, GINA’s protections are far from comprehensive. It does not apply to life insurance, disability insurance, or long-term care insurance—three areas where genetic risk could significantly affect underwriting. Nor does it apply to military personnel or companies with fewer than 15 employees. GINA also focuses on predictive genetic information, meaning that once a disease manifests, its protections no longer apply.
These limitations leave many people vulnerable, and surveys show that fear of discrimination deters participation in genetic testing and research, even when potential health benefits exist.
HIPAA: Protecting Health Data—Sort Of
The Health Insurance Portability and Accountability Act (HIPAA) also governs genetic information—but only when held by covered entities such as healthcare providers and insurance companies. It defines genetic test results as part of Protected Health Information (PHI), meaning it cannot be shared without consent.
Yet HIPAA doesn’t cover the booming Direct-to-Consumer (DTC) genetic testing industry. Companies like 23andMe or Ancestry typically fall outside HIPAA’s purview unless they partner with a covered entity. This means that millions of people’s genetic data is stored, used, or sold without the robust protections HIPAA provides, leaving major privacy gaps.
GDPR: Europe’s More Stringent Approach
Across the Atlantic, the EU’s General Data Protection Regulation (GDPR) treats genetic data as “special category data”, requiring explicit consent and strong justification for its collection or processing. Genetic data must be used only for specified, legitimate purposes and cannot be repurposed without further consent.
GDPR also grants individuals a right to access, correct, and erase their genetic information. It places the burden on companies and researchers to minimise data collection, implement privacy by design, and ensure secure handling.
While enforcement varies across EU states, GDPR sets a strong legal baseline for privacy and reframes genetic data as personal property that requires individual control—a stark contrast to the U.S. system.
UNESCO and Oviedo: Ethical Anchors for the Global Genome
International norms have also shaped the discourse. UNESCO’s Universal Declaration on the Human Genome and Human Rights frames the genome as the heritage of humanity, calling for respect, informed consent, and nondiscrimination. Meanwhile, the Oviedo Convention (Council of Europe) embeds genetic protections within human rights law, limiting testing to health-related purposes and restricting germline modification.
These frameworks are not legally binding in many jurisdictions, but they provide ethical guardrails for countries crafting national laws and international collaborations.
Ethical Crossroads: Autonomy, Justice, and the Limits of Consent
While laws set the boundaries, ethics shapes the conversation about what should be done with genetic data—not just what’s legal. In the age of genomic research, where vast datasets and biobanks fuel innovation, the key ethical pillars of autonomy, justice, privacy, and benefit-sharing are increasingly under pressure.
Autonomy and the Trouble with Consent
In theory, genetic testing is voluntary. In practice, consent is rarely as informed or meaningful as it should be. Modern biobanking and big-data research often rely on broad consent, where participants agree to future, unspecified uses of their DNA. While this model streamlines research, it also dilutes individual control.
Emerging models like dynamic consent—where participants can adjust their preferences over time—offer more transparency. But implementation remains limited. Many people still have no idea what happens to their samples or who profits from them.
Moreover, because your DNA is shared with your family, one person’s decision to test or share data can expose relatives to unwanted revelations or privacy risks. Current consent frameworks largely ignore these relational complexities.
Privacy and the Problem of Re-Identification
Anonymisation is often presented as a privacy safeguard, but genetic data is inherently identifiable. Studies have shown that even “de-identified” DNA can be traced back to individuals using genealogical databases, voter records, or metadata.
This means that promises of anonymity in research or DTC settings are increasingly unreliable. As datasets grow and AI enhances inference capabilities, the risk of re-identification becomes not a possibility, but a certainty.
The idea that a person’s DNA can be separated from their identity is a legal fiction, and it no longer holds up to technological scrutiny. Yet many consent and data-sharing frameworks still rely on it.
Justice and the Shadow of Discrimination
The ethical principle of justice demands fairness. Yet GINA’s narrow scope leaves many people exposed to genetic discrimination in life insurance, disability insurance, and long-term care. These gaps have a chilling effect on testing and disproportionately affect marginalised groups who already face healthcare inequities.
Moreover, genomic databases are overwhelmingly white, leading to biased research outcomes and less effective tools for people of colour. If precision medicine is built on skewed data, it risks reinforcing structural inequalities.
Justice also demands that benefits be shared, not hoarded. When research generates profitable drugs or patents, contributors—especially from historically exploited communities—often receive nothing.
DNA in the Marketplace: Tests, Brokers, and Biobanks
Your DNA may be unique, but it’s also a hot commodity. A growing commercial ecosystem—spanning DTC testing kits, pharmaceutical partnerships, and shadowy data brokers—is reshaping how genetic data is collected, sold, and stored.
Direct-to-Consumer Testing: Convenience or Compromise?
Companies like 23andMe and Ancestry have democratised access to genetic testing. However, their business model depends on data. Users are often asked to opt in to research or data sharing in complex, jargon-heavy consent forms. Once given, that consent is hard to revoke, and rarely includes any share in future profits.
While these companies promise to protect privacy, their terms often grant them broad, perpetual rights to use, sell, or license data. Many also reserve the right to transfer user data in the event of a merger, acquisition, or bankruptcy.
Though users can request deletion, data already shared with partners or embedded in research may remain—leaving consumers with less control than they realise.
Data Brokers: The Silent Traders of Health Profiles
Outside the spotlight, data brokers harvest and package personal information—including health-related behaviours, app usage, and inferred conditions—into detailed profiles sold to marketers, insurers, and sometimes governments.
Even if DTC companies claim not to sell genetic data, brokers can infer health risks and genetic traits indirectly, using purchase history, online activity, and family details. This creates a shadow profile—one that you can’t see, correct, or delete.
Recent US regulations have begun to target brokers, but the industry remains loosely regulated and highly opaque, especially compared to hospitals or healthcare providers.
Biobanks: Research Goldmines or Ethical Quagmires?
Academic and commercial biobanks are essential to genetic research. They house millions of DNA samples, often linked to health records and lifestyle data. But the longer these banks exist, the more likely their data will be used in ways never imagined by original donors.
Few legal protections exist for participants if biobanked data leads to a patent or product. And while many institutions claim samples are held “in trust,” the question of ownership remains murky. In most cases, the institution—not the individual—retains control.
Governance reforms are emerging, but without global norms or harmonised laws, cross-border research continues to raise complex consent, oversight, and equity challenges.
The Frontiers of Genetic Ethics: CRISPR, Surveillance, and the Personalised Future
As genomic science advances, it pushes ethical boundaries, forcing us to consider not just how we manage data, but how we shape life itself.
Gene Editing: Promise and Peril
CRISPR-Cas9 allows precise edits to DNA. It holds hope for curing genetic diseases but also poses existential ethical questions.
Editing somatic cells (non-reproductive) for therapeutic purposes is widely accepted. But editing germline cells, which pass changes to future generations, crosses into fraught territory. Who decides what traits should be altered? Who bears the risk of unintended consequences?
Even beyond therapy, gene editing opens the door to enhancement—designer babies, IQ boosts, or athletic performance. Such possibilities raise serious questions about fairness, access, and consent.
And with patents and legal battles already surrounding CRISPR technologies, ownership of the edited genome itself becomes a live debate. Are you still the owner of your DNA if a portion is patented?
Genomic Surveillance: Safety vs. Civil Liberties
Governments have begun using genomic tools for public health tracking, forensic databases, and even ethnic profiling. While some applications serve legitimate goals—like tracking viral variants—others drift into authoritarian territory.
The use of familial searching in criminal databases, the retention of genetic data by law enforcement, and reports of genomic monitoring of minority groups all signal a disturbing trend: DNA as a surveillance tool.
With little global consensus and minimal oversight, genomic surveillance is a slippery slope—one that demands immediate ethical and legal scrutiny.
Personalised Medicine: Opportunity or Inequality?
The promise of tailored medicine—treatments based on your unique genetic makeup—is alluring. But without structural reform, it risks creating a two-tiered system where only the wealthy benefit.
Precision medicine requires data, but if that data is skewed toward affluent, white populations, the resulting models and treatments will be biased, leaving out those who need them most. And as insurers gain access to predictive tools, the fear of discrimination only deepens.
The challenge is clear: ensuring that the benefits of the genetic age do not become its burdens, especially for vulnerable or underserved groups.
Conclusion: Toward Collective Stewardship of Our Genetic Future
The human genome is not just a collection of letters. It is an evolving record of ancestry, risk, identity, and potential. It belongs not only to individuals, but to families, communities, and arguably, all of humanity.
Attempting to shoehorn genetic data into outdated property law frameworks does not serve the public interest. Nor does handing over control to corporations without safeguards. What’s needed is a new model of shared stewardship—one that acknowledges multiple stakeholders, promotes equity, and places human dignity at the centre.
This means rethinking consent, improving legal protections, enforcing ethical standards, and ensuring that benefits are distributed, not concentrated. It means recognising the right to know, and the right not to know. It also requires governments, scientists, companies, and citizens to collaborate, not compete, in shaping the future of genomics.
In this labyrinth of DNA, identity, power, and privacy, there are no easy answers. But if we listen to the voices of those most affected—and prioritise transparency, respect, and justice—we can build a path forward that honours both science and self.
