23andMe just sent out an email trying to trick customers into accepting a TOS change that will prevent you from suing them after they literally lost your genome ro thieves.

Do what it says in the email and email arbitrationoptout@23andme.com that you do not agree with the new terms of service and opt out of arbitration.

If you have an account with them, do this right now.

Here’s an email template for what to write: https://www.patreon.com/posts/94164861

  • tty5@lemmy.world
    link
    fedilink
    English
    arrow-up
    227
    arrow-down
    1
    ·
    1 year ago

    I don’t see how an email that has no proof of delivery (could have ended in spam for example) would be legally binding.

    Accepting a ToS update simply by virtue of no action is also questionable unless provisions permitting that were in the ToS you’ve accepted and even then it would not work in the European Union, because that’s listed in the forbidden clauses registry.

    • FurtiveFugitive@lemm.ee
      link
      fedilink
      English
      arrow-up
      107
      arrow-down
      1
      ·
      1 year ago

      I thought the same thing when my Disney+ rate went up a couple months ago and I couldn’t find the email warning about it in my inbox or spam folders.

      Why do we let these companies get away with everything? If the rates are going up, show me in the app/ui. Make it opt in. Disable my ability to watch anything until I approve the increase in spend. It should be illegal to just change the terms of a contract and say “I sent you an email.”

      • SnuggleSnail@ani.social
        link
        fedilink
        English
        arrow-up
        11
        ·
        1 year ago

        You most likely did not officially consent to the changes and have a prolonged right to terminate the contract without the need of upholding the contract duration.

        It’s probably mich cheaper just to deal with the few that complain rather than sending out hundreds of thousands of paper letters or having them confirm the changes electronically and terminating the contracts of those who did not accept.

        • EatYouWell@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          ·
          1 year ago

          I guarantee the original contract said the rates are subject to change without notice. Plus, raising the prices will definitely increase CS call volume more than sending out notices.

    • grue@lemmy.world
      link
      fedilink
      English
      arrow-up
      60
      arrow-down
      3
      ·
      edit-2
      1 year ago

      Accepting a ToS update simply by virtue of no action is also questionable

      Even it being “questionable” is a fucking outrage – it should be so blatantly, obviously, disallowed that a lawyer should lose their license just for proposing it!

      The entire concept is a goddamn farce.

      • gian @lemmy.grys.it
        link
        fedilink
        English
        arrow-up
        6
        arrow-down
        52
        ·
        1 year ago

        Nope. The silent consent concept is a nice thing, it solve a lof of problems both for companies and private citizens. I could offer plenty of examples of the correct use of the concept that solve problems.

        23andMe is just doing a big dick move trying to avoid to be sued for the leak.

          • gian @lemmy.grys.it
            link
            fedilink
            English
            arrow-up
            19
            arrow-down
            1
            ·
            1 year ago

            Replying to you, but it is valid also for @porksoda@lemmy.world.

            If you ask for permission to do certain works in your house, you present the project to your city council, or the required office, and if after a given time (depending on what what you want to do) they don’t object then you have the permission. Before the introduction of the silent consent, you have no idea about how many time you need to wait before you get an answer and it was prone to corruption while now the “yes” is the default unless there are real problems. It is not a perfect solution, but it is way better than before.
            Basically all the interactions with the authorities are on a silent consent base when the authority in question does not need to produce something to give back.

            All the minor changes to the contract with banks, utility companies and so on: they propose the new terms and if you don’t accept in a given time from the moment you read it you accept it. By law in the event I refuse the new terms, I don’t end with the old ones but the contract end and in the case it has penalties for early terminations, these are nullified if the penalties are applied to the other side.
            On the other hand, this way a company has a certain deadline after which the new terms come into effect and as a side bonus the fact that it has to handle only the exceptions (who don’t accept) and not all the ones that are ok.

            Wedding publications, since we have not the whole “if you disagree to this marriage talk now or shut up forever” part of the ceremony, to be sure that there is no hidden problems we put an announce in a designated public place (usually a notice board at the town hall and/or your church) for a given period of time, usually 2 or 3 weeks, and then if nobody object you can marry.
            I agree that this is probably something old that were done back at the time but it work on the same principle. Of course now there are other ways to know if someone is already married (on the civil side) or is divorced (on the religious side) or there are some hindrances.

            And before someone ask, we also have examples where this approach were shoot down: the last of these is when a big back decide to move part of their clients to a virtual back (a different branch of itself) and they were stopped on the basis that this change it too radical to be done this way (even if the notice was about 6 months). Other cases hit utilities companies which in some cases where forced by a judge to pay compensation to the customers because what they done was basically illegal and the silent consent where then void.

    • PersnickityPenguin@lemm.ee
      link
      fedilink
      English
      arrow-up
      29
      ·
      edit-2
      1 year ago

      It’s not, and TOS are not legally binding either

      By viewing this post, you agree to gift 50% of all after tax future earnings to PersnickityPenguin. Additionally, your entire Steam Library of games is hereby under sole ownership of PersnickityPenguin. All games and/or steam account login and password must be provided to PersnickityPenguin.

      Failure to transfer all financial and virtual property within (30) days is considered a breach of contract. Each incident of a breach of contract will result in a $500,000 penalty per incident. Viewer agrees to these terms of service. Any dispute or breach of contract will result in additional legal fees to be paid by the viewer entering into this contract pursuant to paragraph (A).

    • Hamartiogonic@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      10
      ·
      edit-2
      1 year ago

      My ISP, phone company, bank, insurance company and everyone else send me TOS related messages from time to time. Usually, the message is something along the lines of: “We’re altering the deal. Pray we don’t alter it any further”

      It doesn’t seem fair to me, but since everyone is doing it, there probably isn’t a law against it.

      • EatYouWell@lemmy.world
        link
        fedilink
        English
        arrow-up
        6
        ·
        1 year ago

        You’d think that, but you know those “don’t remove or warranty is void” stickers on stuff? They’re illegal.

      • tty5@lemmy.world
        link
        fedilink
        English
        arrow-up
        6
        ·
        1 year ago

        Every time an ISP does that around here they send you a notification via certified mail with a prepaid return envelope and a service cancellation form included - you can decide to not continue using the service without any early cancellations fees etc.

        If they fail to do that they get fined by consumer protection agency, are required to return any fees they charged based on the change and they get to start over - send a notification that follows the rules resetting the clock for those who opt to cancel

    • Kbobabob@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      60
      ·
      1 year ago

      Why would you need proof of delivery? The original email gives instructions. You follow those instructions and can prove you did so with date and timestamps. I don’t see the issue.

      • NAK@lemmy.world
        link
        fedilink
        English
        arrow-up
        82
        ·
        1 year ago

        https://en.m.wikipedia.org/wiki/Non-repudiation

        Legally you have to be able to prove someone received a thing. It’s why you get served when you’re sued. An agent physically hands you the complaint (or whatever they’re called). If the papers were put in the mail the person being sued could say they never received them.

        • DeadlineX@lemm.ee
          link
          fedilink
          English
          arrow-up
          3
          ·
          1 year ago

          Couldn’t the same be said about the TOS updates though? Would they not need to prove it was delivered?

          • Uncle_Bagel@midwest.social
            link
            fedilink
            English
            arrow-up
            22
            ·
            1 year ago

            Exactly. That’s why an email saying you are losing your rights unless you opt out is invalid. You cant prove that i ever saw/received that email

          • NAK@lemmy.world
            link
            fedilink
            English
            arrow-up
            7
            ·
            1 year ago

            That’s the whole point. They can force you to agree to updated TOS before they allow you to access their app.

        • Kbobabob@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          Can’t you trace an email and prove it was delivered? Even mail you sign for only proves you received it, not that you opened it.

          • NAK@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            No. You can confirm the server received it. That’s different from a user opening it and reading it

    • Tier 1 Build-A-Bear 🧸@lemmy.world
      link
      fedilink
      English
      arrow-up
      118
      arrow-down
      5
      ·
      1 year ago

      This just blows my fucking mind. Same thing happened with Crunchyroll, apparently I could have been part of a class action lawsuit when it was found out that they were selling users data. But I didn’t hear about it, didn’t get any letters and didn’t see the email. The date came and went. Because I didn’t “take action” in time I apparently forfeit my right to my piece of the settlement AND to sue.

      HOW THE FUCK IS THAT LEGAL. How can you make the least amount of effort to notify someone after illegally fucking up their life, then when they don’t respond (because they didn’t see the notification or whatever), say, “well legally that means they’re ok with it, and can’t do anything in the future”

      What the fuck

      • cyberic
        link
        fedilink
        English
        arrow-up
        29
        ·
        1 year ago

        It depends, it may not be. TOS are not as ironclad as they appear.

      • Buttons@programming.dev
        link
        fedilink
        English
        arrow-up
        21
        arrow-down
        2
        ·
        edit-2
        1 year ago

        Send their legal team an email telling them you’re going to update the terms unless you hear from them.

        Also, send a bunch of irrelevant shit about what your doing and thinking about and video games you’re playing first, they’ll probably block your email address and then wont see the legally important email.

      • essteeyou@lemmy.world
        link
        fedilink
        English
        arrow-up
        17
        ·
        1 year ago

        The class actions I’ve been part of have said that if I want to retain the right to sue then I have to opt out of the class action. I don’t think it’s possible to be force-opted in, and in that case you should retain the ability to sue.

        I’ve only been in 3 or 4 though, so I don’t know if that’s representative of all class actions.

        • brianorca@lemmy.world
          link
          fedilink
          English
          arrow-up
          6
          ·
          1 year ago

          Right, but you have to be in the class to do that. If they didn’t notify you because they don’t think you were in the class, then that shouldn’t reduce you legal options. And if they do think you’re in the class and don’t notify you or send you the settlement, that’s just straight malicious.

      • Eezyville@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        8
        ·
        1 year ago

        Damn I forgot about that Crunchyroll class action. Thanks for reminding me. I got those emails too but I have until the 12th. It’s only $30 but that’s like two Five Guys meals so…

      • SirEDCaLot@lemmy.today
        link
        fedilink
        English
        arrow-up
        5
        ·
        1 year ago

        Technically a contract can have anything in it that both parties agree to, unless some are all of those provisions are actively illegal. I would agree that assumed agreement should be illegal. You could probably fight this in court, make the argument that this is a material change to the contract what you did not agree to and would not have agreed to had you been aware of it. But that costs money and lawyers and time.

        • r3df0x ✡️✝☪️@7.62x54r.ru
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          1
          ·
          1 year ago

          This feels like the weirdo that Muta covered who was sending out legal notices telling people that if they didn’t take action, he would consider them to be entered into contracts that he wrote.

  • Hubi@feddit.de
    link
    fedilink
    English
    arrow-up
    82
    arrow-down
    1
    ·
    1 year ago

    “They lost my genome” is certainly a 2023 phrase.

  • Thteven@lemmy.world
    link
    fedilink
    English
    arrow-up
    83
    arrow-down
    3
    ·
    1 year ago

    If anyone wants my genetic information just come to my door and I’ll supply it to you directly 😏

  • chemical_cutthroat@lemmy.world
    link
    fedilink
    English
    arrow-up
    76
    ·
    1 year ago

    I feel like the TOS you are subject to is the one you signed when you first used the service. Unless you have been constantly using their service, I can’t see how a new TOS would affect you. I could be WAAY off here because IANAL, but a company can’t just retroactively change the TOS for customers without some kind of action taken by the customers under the new TOS.

    • Siddhartha-Aurelius@kbin.social
      link
      fedilink
      arrow-up
      69
      ·
      1 year ago

      I once successfully defended myself from a lawsuit by invoking a previous TOS. The court allowed me to choose any version of the TOS that benefited me the most. It was akin the doctrine in contract law that ambiguity is always found to be detrimental to the drafter of the contract.

        • Corkyskog@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          21
          ·
          edit-2
          1 year ago

          Contracts are way less enforceable in courts then the writers would hope. Basically the enforceable parts are payment and performance and anything directly related to that. Once you start adding clauses that are outside of that realm they become more and more of a waste of ink.

          • RooPappy@kbin.social
            link
            fedilink
            arrow-up
            10
            ·
            1 year ago

            I’m not sure if lawyers think their words are magic sometimes, or if they’d just really like them to be magic.

            I live in a state that prohibits most non-competes from employers, and any effort to try to get employees to sign overly restrictive agreements can actually result in a fine and penalty. My company sent me a legal agreement saying that by signing the doc and continuing to be employed, I agree to waive my state’s protections against non-competes. As if… that would hold up in any court, ever.

            It’s a blatantly illegal clause and I could have fought it at the time… but in the end I knew it was totally unenforceable at worst. I’ll go after them for the penalty if they ever try to enforce it, or if I leave under bad circumstances. It was more valuable to me to have this document than it is for them to have it.

            • Patches@sh.itjust.works
              link
              fedilink
              English
              arrow-up
              9
              ·
              edit-2
              1 year ago

              They want us to believe their words are magic for 2 reasons:

              1. They make a lot of money and they want that gravy train to keep chugging

              2. The average person is scared by lots of big sounding words, and the evidence of that is everywhere.

          • Siddhartha-Aurelius@kbin.social
            link
            fedilink
            arrow-up
            3
            ·
            1 year ago

            You’re right. I just want to add the proper terms for people to search for in case this information helps them. The main matters considered in contract law are “consideration and performance”. Happy hunting y’all. Take down these corporations that do not care for you.

            • Corkyskog@sh.itjust.works
              link
              fedilink
              English
              arrow-up
              3
              ·
              1 year ago

              Yes, payment isn’t necessary, it’s just that consideration is payment 99% of the time for the average Joe, to the point where the first definition of consideration is “payment or money” but there are certainly contracts out there where it isn’t money.

              • Siddhartha-Aurelius@kbin.social
                link
                fedilink
                arrow-up
                1
                ·
                1 year ago

                You’re right. I only wanted to include the search term for anyone wanting to pursue this on their own. I think it is better to search the proper term and build knowledge from there than to summarize it and hope laymen understand the underlying principles.

      • HarkMahlberg@kbin.social
        link
        fedilink
        arrow-up
        3
        ·
        1 year ago

        the doctrine in contract law that ambiguity is always found to be detrimental to the drafter of the contract.

        Anywhere to read more about this?

        • Siddhartha-Aurelius@kbin.social
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          I wish I could give you a source but I recall this from college almost 20 years ago. If you read into “contract law” you will arrive there pretty quickly. It’s one of the main principles

      • Viking_Hippie@lemmy.world
        link
        fedilink
        English
        arrow-up
        10
        ·
        1 year ago

        I just LOVE that the standard acronym for a lack of legal license sounds like an Isaac Asimov porn parody 😆

          • Viking_Hippie@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            arrow-down
            1
            ·
            edit-2
            1 year ago

            I’m pretty sure iAnal is what the executives at Apple call the accounting department when they don’t get to expense their third pound of beluga kaviar.

    • brygphilomena@lemmy.world
      link
      fedilink
      English
      arrow-up
      18
      ·
      1 year ago

      Even that’s rather iffy too. If it’s been made so long that a reasonable person cannot be expected to read or understand it, it likely won’t hold up.

      Of the courts decide to say, fuck it then it won’t hold up.

      If this goes to a class action suit, I expect the judge to not let this change of TOS affect who is covered under the class action suit.

      This is just a way to make the customer THINK they can’t sue.

  • SocialMediaRefugee@lemmy.world
    link
    fedilink
    English
    arrow-up
    46
    arrow-down
    6
    ·
    1 year ago

    The real question is why would you put your genome into the hands of a company without a compelling reason beyond “This sounds cool”

  • Artyom@lemm.ee
    link
    fedilink
    English
    arrow-up
    43
    arrow-down
    3
    ·
    1 year ago

    I had them destroy my sample and delete my data the week they went public, so I’m glad we’ve finally reached the “I told you so” phase of this.

      • Karyoplasma
        link
        fedilink
        English
        arrow-up
        30
        ·
        1 year ago

        If I was that guy I would dig for the leak and search through it. If I would find even a shred of my data, that’s a lawsuit.

        • Tangent5280@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          yeah, and I assume only the pool of people who has requested deletion of their data is in a position to do this. @Artyom you should consider doing this.

  • jordanlund@lemmy.world
    link
    fedilink
    English
    arrow-up
    56
    arrow-down
    17
    ·
    1 year ago

    Nobody’s genome was lost. What happened was, users with weak passwords had their accounts compromised, something like less than 2,000 of them, and from those accounts, bad actors were able to access and download family tree data for something like 6.5 million accounts.

    I don’t really see how the data lost is actionable in any way except for the spoofed “Hey gramma! It’s me! I’m in jail and I need bail money!” phone calls.

    • IzzyScissor@kbin.social
      link
      fedilink
      arrow-up
      42
      arrow-down
      4
      ·
      1 year ago

      From what I understand - the first action the bad actors are taking are releasing the family trees to “out” anyone with Jewish relatives.

      So, just hate crimes to start.

    • dQw4w9WgXcQ@lemm.ee
      link
      fedilink
      English
      arrow-up
      25
      arrow-down
      1
      ·
      1 year ago

      One of the typical arguments is selling ancestry history to insurance companies, effectively handing them health data which could lead to up-pricing or rejections for customers with bad health history.

    • JonEFive@midwest.social
      link
      fedilink
      English
      arrow-up
      7
      ·
      1 year ago

      I don’t really see how the data lost is actionable in any way

      Agreed unfortunately. An important thing in US law that people often don’t know is that in most cases, you need to prove that you were damaged in some way. Unless the company broke a specific law, you probably just have to accept it until you have problems relating to identity theft. And even when that happens, you’d still need to prove that the the attacker used the lost 23andMe data.

      I personally don’t understand why people use these services in the first place. Let’s all let some private company that we know nothing about build an absolutely massive database of people’s DNA. And let’s voluntarily do it and even pay them for that “service”. Sure, that sounds like a good idea. What could possibly go wrong? Hope your minor curiosity was worth the massive privacy invasion.

      • jordanlund@lemmy.world
        link
        fedilink
        English
        arrow-up
        7
        ·
        1 year ago

        I personally don’t understand why people use these services in the first place.

        In my case, I went through 23 and Me because 75% of my DNA comes from sources unknown. No idea who my father was or my maternal grandfather. So being able to fill in those gaps as well as helping to determine medical risk has been very useful.

        • givesomefucks@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          ·
          edit-2
          1 year ago

          helping to determine medical risk has been very useful.

          Thank to the American healthcare system’s lobbyists, if a company sequences your DNA, they can’t give you information related to health.

          Which is why 23andme has a fraction of the stuff they used to.

          I paid $5 to a third party to take my raw 23andme data and output a very nice html file (not online, in a zip file) that checks against common mutations for all types of shit. Not sure if they’re still around, but they automatically delete your data once the HTML is sent out, if I want it again I don’t have to pay again, but I do have to send them the raw data because they don’t have it anymore.

          Because they didn’t sequence it, they can give me all the information without having to be a “healthcare provider” like 23andme would need to be to tell me the same info

      • EatYouWell@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        ·
        1 year ago

        Building a massive collection of DNA is a really good thing from a research standpoint. Plus, it’s helping solve a bunch of murder cold cases.

          • mightyfoolish@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            I guess what I meant:

            1. What exactly are “Zionist war participants?”
            2. Who is trying to profile these people?
            3. How does this establish “racial segregation?”

            I’m not trying to be annoying. I genuinely believe you are trying to say something important but I just don’t understand what you mean.

    • Blue_Morpho@lemmy.world
      link
      fedilink
      English
      arrow-up
      11
      arrow-down
      1
      ·
      1 year ago

      Piracy is theft in the eyes of the law. So because the hackers copied it, your data was lost and you should be compensated for the loss.

  • Buttons@programming.dev
    link
    fedilink
    English
    arrow-up
    17
    arrow-down
    1
    ·
    edit-2
    1 year ago

    So, our main interactions happened in the past, your fault and abuse of me happened in the past, and now, in the present, you can slip a little “go out of your way or the legal terms governing our interactions in the past will be altered” clause in an email, and it’s all legal?

    (Hold on, let me try applying a rule of thumb that helps me answer legal questions like this: Would this help the rich and powerful maintain riches and power?… Yes. I think the answer to my question above is yes.)

    I’d argue the the interactions and faults of the past should be governed by the agreement we had in the past.

  • nymwit@lemm.ee
    link
    fedilink
    English
    arrow-up
    14
    arrow-down
    1
    ·
    1 year ago

    Did they lose anyone’s genome? That’s not what’s been reported. They certainly lost customer information and this is definitely a super shitty move to trick you into waiving some rights, but I’ve seen no reporting that says they lost full DNA information.

    • frogfruit@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      13
      arrow-down
      1
      ·
      1 year ago

      They have disabled the download data button and refuse to provide customers with a copy of their own data. I have been trying to get a copy of my data for over a month and they just tell me they’ll consider re-enabling the button in the future.

    • ghostdoggtv@lemmy.world
      link
      fedilink
      English
      arrow-up
      8
      arrow-down
      2
      ·
      1 year ago

      I would bet money (not much, relax) that they got their shit hacked and locked down by ransomware at least, if not also extracted for sale by the same black hat.

      • Takumidesh@lemmy.world
        link
        fedilink
        English
        arrow-up
        9
        ·
        1 year ago

        I was under the impression that it was compromised logins of users that were used to get into accounts, afaik they weren’t actually hacked.

        • Blackmist@feddit.uk
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          That and they link all the genealogy data so the “hackers” got some info on a bunch of people they didn’t hack.

          Probably not as much info as you can scrape from Facebook about any one of them, but some.

  • em2@lemmy.ml
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    Wow, that’s dirty. The email you need to opt out at is different from what they link. If you don’t respond, you automatically agree to their new TOS which bars you from taking class action against them. Shady af.