Genetic testing company 23andMe revealed that its data breach was much worse than previously reported, hitting about half of its total customers.
23andMe confirms hackers stole ancestry data on 6.9 million users::Genetic testing company 23andMe revealed that its data breach was much worse than previously reported, hitting about half of its total customers.
So I got an email today telling me that I would automatically accept their new ToS (which included barring me from class action lawsuits without 1-2 months of arbitration), but I could email them to refuse the change and keep the old ToS. I emailed them to refuse the change, was that a mistake?
I find it hard to believe "not responding to an email" is consent. I mean they can write that in an email but there's no way they could hold you to that in court.
If the original contract has provisions for changing it in this manner then it might hold up in court. But of they didn't have the foresight to include mandatory arbitration to begin with that's unlikely the lawyers who drafted it thought that far ahead.
What I'm curious about is if my brother's DNA was stolen. Do I have the right to sue for negligent handling of data that's as much his as mine?
I hadn't considered HIPAA. IANAL either but I have taken business law 101 as well as human services classes that both covered it.
If I remember right though, HIPAA isn't a personal lawsuit. It's the feds suing corporations for violations. I can't like, personally sue the health industry for a violation (as far as I remember).