One premise of the notion of “personalized medicine” is that an individual's unique genetic makeup provides key information to guide prevention, diagnosis, and treatment of disease. Indeed, it is highly probable that no one besides you has ever been born, or ever will be again, with your precise DNA base sequence (except, perhaps, if you are an identical twin, and even then maybe not). Hence, in principle, your complete DNA sequence precisely identifies you, and anyone with access to even partial information about your genotype could, in theory, identify you as the source of your DNA sequence. This risk of breach of privacy is frequently included in consent forms for DNA sequencing or genotyping, whether for medical reasons, research, or recreation (such as searching for ancestors). To date, the risk has been theoretical, but a recent report by Gymrek et al. (1) shows that real breach of privacy is feasible with access to limited genomic data, bare-bones demographic information, and publicly available Internet tools. Now that we know it can be done, how should this potential for breach of privacy change our approach to collection of genomic data? Gymrek et al. focused on identification of male surnames from Y chromosome short tandem repeat (Y-STR)2 genotypes (2) (Fig. 1). These repeats are stretches of 3–5 DNA bases (usually 4), repeated multiple times (in the range of 10–20), that are located at multiple sites along the Y chromosome. The exact number of repeats of any particular sequence differs from one Y chromosome to another, but it is a stable heritable trait. Genotyping or sequencing can easily identify specific alleles at dozens of these loci, providing a kind of “fingerprint” of a specific Y chromosome. Indeed, a major use of Y-STR genotyping is forensic, for example in identifying the source of DNA …