Insurance companies and employers are prohibited from using 23andMe's services, and the service cannot be used for forensic genealogy investigations.
This analysis describes what 23andMe's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This restriction is intended to prevent genetic data derived from 23andMe's services from being used to make insurance or employment decisions, which aligns with the Genetic Information Nondiscrimination Act's protections, though enforcement of this contractual restriction depends on user representation at account creation.
The updated Terms now apply only to users who live outside the United States, Canada, EEA, UK, and Switzerland, or who access the Services from outside those regions. US, Canadian, EEA, UK, and Swiss…
The updated Terms of Service now apply exclusively to users in the United States, narrowing the geographic scope from the prior version that addressed users in multiple regions. The terms now contain…
The updated terms now apply only to users who live outside or access services outside the United States, Canada, EEA, UK, and Switzerland. Previously, the terms applied to US-based users. The terms a…
By prohibiting insurance companies and employers from accessing the service, the Terms assert a contractual barrier against the use of 23andMe genetic data for underwriting or employment screening purposes, though the practical enforceability of this restriction depends on how the company verifies user identity at registration.
How other platforms handle this
Customer will not, and will not permit any other person (including any End User) to: ... (d) attempt to reverse engineer, decompile, or otherwise attempt to discover the source code or underlying components (e.g., algorithms, weights, or systems) of the Mistral AI Products, including using the Outpu...
All content on this Internet site ("the delta.com website") is owned or controlled by Delta Air Lines and is protected by worldwide copyright laws.
You shall not (and shall not permit any third party to) either (a) take any action or (b) Make Available any Content on or through the Services that: [...] (viii) directly or indirectly uses the Services (including, but not limited to, Outputs) to create, train, develop, or improve similar or compet...
Monitoring
23andMe has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"You are not an insurance company or an employer; and You will not use the Services for any investigative forensic genealogy uses.— Excerpt from 23andMe's 23andMe Terms of Service
REGULATORY LANDSCAPE: The Genetic Information Nondiscrimination Act prohibits health insurers and employers from using genetic information for underwriting or employment decisions. The contractual prohibition in the Terms mirrors these statutory protections but operates as a contract-based restriction rather than a regulatory compliance mechanism. The FTC and relevant state attorneys general may be relevant enforcement actors if the prohibition is found to be inadequately implemented or circumvented. GOVERNANCE EXPOSURE: Medium. The prohibition is stated as a user representation at account creation, meaning enforcement depends on the accuracy of user-provided information. There is no described verification mechanism in the visible document text, which means the restriction may be difficult to operationalize. For corporate compliance teams, this provision signals that 23andMe has not authorized enterprise use by insurers or employers, and any such use would constitute a breach of the Terms. JURISDICTION FLAGS: Several states, including California, New York, and Florida, have state-level genetic privacy statutes that extend protections beyond GINA. Organizations in these states should evaluate whether their interactions with genetic testing services require specific compliance measures. The prohibition on forensic genealogy use is also relevant in jurisdictions where law enforcement genealogy databases are an active legal and policy issue. CONTRACT AND VENDOR IMPLICATIONS: HR and benefits vendors who might contemplate integrating genetic data into wellness programs should note that 23andMe's Terms explicitly prohibit employer use. Any procurement arrangement that involves 23andMe data in an employment context would conflict with the Terms as stated. COMPLIANCE CONSIDERATIONS: Compliance teams at insurance companies or employers who encounter 23andMe data in any context should confirm that their use does not violate GINA, applicable state genetic privacy laws, or these Terms. Organizations conducting genealogy research for any investigative purpose should review the forensic use prohibition before engaging 23andMe services.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This restriction is intended to prevent genetic data derived from 23andMe's services from being used to make insurance or employment decisions, which aligns with the Genetic Information Nondiscrimination Act's protections, though enforcement of this contractual restriction depends on user representation at account creation.
By prohibiting insurance companies and employers from accessing the service, the Terms assert a contractual barrier against the use of 23andMe genetic data for underwriting or employment screening purposes, though the practical enforceability of this restriction depends on how the company verifies user identity at registration.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by 23andMe.