Genealogy Data Privacy and Security: Protecting Your Family Tree

Why genealogy privacy matters

Family tree data is more sensitive than most people realise:

• Living person information: Dates of birth, addresses, and family relationships can enable identity theft
• Health information: Causes of death and genetic conditions reveal private health data about living descendants
• Adoption and NPE: DNA testing and detailed trees can reveal adoption, non-paternity events, or other sensitive family secrets
• Cultural sensitivity: Some family histories involve persecution, slavery, or other sensitive topics that descendants may wish to keep private

As a genealogist, you have an ethical responsibility to handle this data carefully - especially information about living people.

Risks of online genealogy platforms

Popular online genealogy platforms offer convenience but come with trade-offs:

• Data ownership: Read the terms of service carefully. Some platforms claim broad rights to use your data.
• Third-party access: DNA testing data may be shared with law enforcement, insurers, or researchers
• Data breaches: Any online service can be hacked. Genealogy databases are high-value targets because they contain personal identifying information.
• Permanence: Once shared online, data is difficult to fully remove
• Algorithmic matching: Automated "hints" may share your tree information with others without your explicit consent

Best practices for protecting your tree

Protect your genealogy data with these practices:

• Privatise living people: Never share full dates of birth, addresses, or identifying details for living individuals in public trees
• Use privacy settings: Set your online trees to "private" unless you have a specific reason to share
• Export regularly: Keep local GEDCOM backups so you're not dependent on any single service
• Review DNA sharing: Understand and adjust your DNA sharing settings on each platform
• Be selective: Only share what's necessary for collaboration
• Use strong passwords: Enable two-factor authentication on all genealogy accounts

How GEDminer handles your data

GEDminer takes a local-first approach to privacy:

• Local by default: without an account, your GEDCOM is parsed in your browser and nothing is saved after the session ends.
• Optional saved analyses: if you create an account and choose to save a tree, GEDminer stores parsed analysis data in your private account so you can reopen it later. This may include names, dates, places and family relationships extracted from your GEDCOM.
• Original file never uploaded: GEDminer does not upload or store your original .ged file.
• No third-party sharing: Your data is never shared with advertisers, researchers, or other users.
• Anonymised analytics: Usage analytics never include personal names or identifying family information.

This approach means you get powerful analysis tools while keeping full control over your data.

GDPR and genealogy

The General Data Protection Regulation (GDPR) applies to genealogy data about living European individuals:

• Consent: You should have a legitimate basis for processing living people's data
• Right to erasure: Living people can request removal of their data from your tree (if shared publicly)
• Data minimisation: Only collect what you need
• Personal use exemption: GDPR has a "household exemption" for purely personal activities, which may cover private genealogy research

While private research is generally exempt, sharing trees publicly or online may bring you into GDPR scope. When in doubt, privatise living individuals.

Teaching digital literacy to your family

Help your family understand the implications:

• Explain before sharing: Tell relatives what information you'll include about them and get their consent
• DNA testing consent: Never test someone's DNA without their knowledge and agreement
• Sensitive discoveries: Handle unexpected findings (adoption, NPE, etc.) with compassion and discretion
• Legacy planning: Consider what happens to your genealogy data after you're gone. Leave instructions and access details for a trusted family member.