Call me paranoid but I do believe that some people who have their DNA tested are not aware of all the privacy issues. Quoting from an article by Victoria Mcintosh, a Certified Information Privacy Technologist, as published in the CompariTech web site at http://bit.ly/3csasuC:
“Since DNA is health information, many users may expect the data is protected by privacy legislation. HIPAA, for example, is the well-known health privacy legislation in the United States and in Canada health privacy laws exist in most provinces. If a doctor requests genetic testing, safeguards and limitations on use are enforced by law.
“However, HIPAA only applies to genetic information when under the authority of ‘health care providers’. Hospitals, individual clinics and private medical practices must uphold HIPAA privacy practices, as do insurers. Other private companies do not unless they are performing a service for a HIPAA health care entity. To give a clear example, a business that provides X-ray technology for hospitals typically complies with HIPAA. This is because their hospital clients are responsible for business associate privacy practices. HIPAA does not apply, however, if the x-ray company never works with health care providers. “
You can read a lot more about this issue at http://bit.ly/3csasuC.