Which regulatory agencies enforce this type of clause?

{'agency': 'HHS_OCR', 'reason': 'HHS OCR enforces HIPAA genetic information provisions and has jurisdiction over health data practices relevant to employer and insurer use of genetic information.', 'complaint_url': 'https://www.hhs.gov/ocr/complaints/index.html'}, {'agency': 'FTC', 'reason': 'FTC has authority to investigate whether inadequate enforcement of the employer and insurer prohibition constitutes an unfair or deceptive practice under FTC Act Section 5.', 'complaint_url': 'https://reportfraud.ftc.gov/'}

What is the severity of this clause?

ConductAtlas classifies this Employer and Insurer Use Prohibition clause as medium severity. Severity reflects the magnitude of rights affected, the breadth of users impacted, and the degree of discretion the platform retains.

Employer and Insurer Use Prohibition — 23andMe

Share 𝕏 Share in Share 🔒 PDF

What it is

Insurance companies and employers are expressly banned from using 23andMe's services, and no one may use the services for forensic genealogy investigations.

Consumer impact (what this means for users)

While this provision nominally protects users from employer and insurer misuse of their genetic data, it is a contractual self-certification with no disclosed enforcement or verification mechanism, meaning the practical protective value depends entirely on 23andMe's ability to identify and exclude bad actors.

Cross-platform context

See how other platforms handle Employer and Insurer Use Prohibition and similar clauses.

Compare across platforms →

Need full compliance memos? See Professional →

Why it matters (compliance & risk perspective)

This restriction is designed to prevent genetic discrimination in employment and insurance contexts, reflecting the protections of GINA, but enforcement relies entirely on user self-representation with no verification mechanism disclosed.

View original clause language

You are not an insurance company or an employer; and You will not use the Services for any investigative forensic genealogy uses.

Institutional analysis (Compliance & legal intelligence)

REGULATORY FRAMEWORK: This provision directly engages GINA (Genetic Information Nondiscrimination Act, 29 U.S.C. §2101 et seq.), which prohibits use of genetic information in employment and health insurance decisions. The ADA (42 U.S.C. §12101) and HIPAA's genetic information provisions (45 CFR §164.502(a)(5)) are also implicated. EEOC and HHS OCR are the primary enforcement authorities for GINA violations.

🔒

Compliance intelligence locked

Regulatory citations, enforcement risk, and due diligence action items.

Watcher $9.99/mo Professional $149/mo

Watcher: regulatory citations. Professional: full compliance memo.

Applicable agencies

Hhs Ocr

HHS OCR enforces HIPAA genetic information provisions and has jurisdiction over health data practices relevant to employer and insurer use of genetic information.
File a complaint →
FTC

FTC has authority to investigate whether inadequate enforcement of the employer and insurer prohibition constitutes an unfair or deceptive practice under FTC Act Section 5.
File a complaint →

Provision details

Document information

Document

23andMe Terms of Service

Entity

23andMe

Document last updated

April 29, 2026

Tracking information

First tracked

April 27, 2026

Last verified

April 27, 2026

Record ID

CA-P-003457

Document ID

CA-D-00147

Evidence Provenance

Source URL

https://www.23andme.com/legal/tos/

Wayback Machine

View archived versions →

SHA-256

16a44b36aa17e55ddf47ae29310c84ef467de0a10b43cf99d04895259b10a9f1

Verified

✓ Snapshot stored ✓ Change verified

How to Cite

ConductAtlas Policy Archive
Entity: 23andMe | Document: 23andMe Terms of Service | Record: CA-P-003457
Captured: 2026-04-27 13:25:11 UTC | SHA-256: 16a44b36aa17e55d…
URL: https://conductatlas.com/platform/23andme/23andme-terms-of-service/employer-and-insurer-use-prohibition/
Accessed: May 2, 2026

Classification

Severity

Medium

Employer and Insurer Use Prohibition