TABLE 1.
Examples of different lengthy privacy policy used by DTC genetic testing companies.
| Word counts | Number of providers (number of providers whose privacy policy covers the content required by the Personal Information Security Specification) | Summary of the main content |
| Less than 200 words | 9 (0) | Service providers will protect the genetic privacy of consumers, but no specific protection measures are mentioned. |
| 200–500 words | 12 (0) | Privacy clauses focus on privacy protection in the collection and process of personal data, the use and disclosure of personal data, and privacy security. However, the specific contents and measures are not mentioned and explained. |
| 500 – 100 words | 4 (0) | Privacy clauses clarify the rights and obligations of users and providers. The exemption clause is included. |
| 1,000–2,000 words | 7 (0) | The privacy policy is in the format of an agreement. In general, it includes: definitions of terms used in the agreement, the rights and obligations of users and providers, and applicable and governed laws. |
| More than 2,000 words | 5 (5) | The privacy policy is comprehensive and meets all the requirements of the Personal Information Security Specification on the content of privacy policy, including the collection and use of users’ personal information, the use of cookies and similar technologies, the sharing, transfer, and disclosure of users’ personal information, the measures for protecting user’s personal information, the rights of users, and the methods for dealing with children’s information, etc. |