Whether in search of relatives, a family’s country of origin, or to understand personal disease risk, 15 million people have shared their DNA with 23andMe since the genetic test site launched in 2006. However, many who gave their saliva in exchange for genetic information and family history now wonder where that data will go, and how it will be used given that the future of the company is unclear. Last year, 23andMe came under fire following a massive data breach affecting 7 million customers that led to a class action lawsuit and a $30 million settlement.

To make matters worse, last month, all seven independent board members of the biotech company, whose shares have plummeted, resigned, citing hesitancy over CEO Anne Wojcicki’s strategy for the company. With an uncertain path forward for the at-home testing giant, it’s understandable that the genetic information of millions of people also feels at stake. And more, HIPAA, which protects Americans’ sensitive health information, does not apply to direct-to-consumer genetic tests, experts warn.

“In the United States, if you’re talking about genetic data that’s generated outside of the health care setting, there’s a relatively low baseline of protection,” Dr. James Hazel, a postdoctoral fellow at the Center for Genetic Privacy and Identity in Community Settings, told the New York Times . “And that’s provided generally by the Federal Trade Commission.

So the Federal Trade Commission, although it’s not speci.