Update 18 March 2019

FamilyTreeDNA emailed users last week to let them know that they can now opt out of DNA matching that will be used to help police identify the remains of deceased people or to help them track down violent criminals.

It’s now calling that type of investigative DNA research Law Enforcement Matching (LEM). The gene-matching company also set up a separate process for police to upload genetic files to the database. Police-uploaded files must now be used for the purpose of identifying a dead person or the perpetrator of a homicide or sexual assault.

Those EU residents who created accounts before 12 March 2019 have been automatically opted out of LEM. They still have the option of adjusting their Matching Profiles to opt back into LEM, however. To do so, users should visit the Privacy & Sharing section within their Account Settings.

Original article, published 5 February 2019

Home DNA kit company says it’s working with the FBI

FamilyTreeDNA – one of the larger makers of at-home genealogy test kits – has disclosed that it’s been giving the FBI access to DNA profiles to help solve violent crime.

Investigators’ use of public genealogy databases is nothing new: law enforcement agencies have been using them for years. But the power of online genealogy databases to help track down and identify people became clear in April 2018, when police arrested Joseph James DeAngelo on suspicion of being the Golden State Killer: the man allegedly responsible for more than 50 rapes, 12 murders and more than 120 burglaries across the state of California during the 70s and 80s.

What’s new about FamilyTreeDNA’s cooperation with the FBI – as reported by BuzzFeed News on Thursday – is that it’s the first time that a private genealogy company has publicly admitted to voluntarily letting a law enforcement agency access its database.

A spokesperson for FamilyTreeDNA told BuzzFeed that the company hasn’t signed a contract with the FBI. But it has agreed to use its private lab to test DNA samples at the bureau’s request, and to upload the profiles to its database, on a case-by-case basis. It’s been doing so since this past autumn, according to BuzzFeed.

The spokesperson said that working with the FBI is “a very new development” that started with one case last year and “morphed.” At this point, she said, the company has cooperated with the FBI on fewer than 10 cases.

Privacy implications

The more people who submit DNA samples to these databases, the more likely it is that any of us can be identified. Over the course of years of searching for the Golden State Killer, investigators had collected and stored DNA samples from the crime scenes. In that and other cases that have hinged on DNA searches, they ran the genetic profile they derived from the DNA samples through an online genealogy database and found it matched with what turned out to be distant relatives – third and fourth cousins – of whoever left their DNA at the crime scenes.

Getting a match with the database’s records helped investigators to first locate DeAngelo’s third and fourth cousins. The DNA matches eventually led to DeAngelo himself, who was arrested on six counts of first-degree murder.

It wasn’t that DeAngelo submitted a DNA sample to any one of numerous online genealogy sites, such as FamilyTreeDNA, 23andMe or AncestryDNA. Rather, it was relatives with genetic makeups similar enough to whoever left their DNA sample on something at a crime scene who made the search possible.

According to research published in October, the US is on track to have so much DNA data on these databases that we’re getting to the point that you don’t even have to submit a saliva sample in order to be identifiable via your DNA.

Researchers from Columbia University found that 60% of searches for individuals of European descent will result in a third cousin or closer match, which can allow their identification using demographic identifiers.

As time goes by, given the rate of individuals uploading genetic samples to sites that analyze their DNA, “nearly any US individual of European descent” will be able to be identified in the near future, they said.

Many, if not most, of these databases are free for the public to search, and law enforcement have gone that route, accessing genetic profiles that people have willingly uploaded.

Now, given its cooperation with FamilyTreeDNA, the FBI has gained access to more than a million DNA profiles, “most of which were uploaded before the company’s customers had any knowledge of its relationship with the FBI,” BuzzFeed notes.

You can opt out, with caveats

In December, FamilyTreeDNA changed its terms of service to allow law enforcement to use the database to identify suspects of violent crimes, such as homicide or sexual assault, and to identify victims’ remains. But FamilyTreeDNA says that investigators won’t be able to do so without the proper legal documents, such as a subpoena or search warrant.

In other words, FamilyTreeDNA is giving the FBI the same level of access to its records that the public now has, according to the company’s founder and CEO Bennett Greenspan:

We came to the conclusion that if law enforcement created accounts, with the same level of access to the database as the standard FamilyTreeDNA user, they would not be violating user privacy and confidentiality.

FamilyTreeDNA has been lauded for its strict protection of consumer privacy, and Greenspan said that the company has no intention of shedding that reputation to become a data broker:

Working with law enforcement to process DNA samples from the scene of a violent crime or identifying an unknown victim does not change our policy never to sell or barter our customers’ private information with a third party. Our policy remains fully intact and in force.

FamilyTreeDNA told BuzzFeed that to keep their profiles from being searched by the FBI, customers can opt of having their familial relationships mapped out. But it would also mean that people couldn’t use the service for finding possible relatives, which is one of the key attractions of such a database.

‘I feel violated’

Regardless of FamilyTreeDNA’s promise to not share information with the FBI that exceeds what other consumers can access – at least, not without a valid court order – multiple FamilyTreeDNA users are pondering whether they want to opt out of DNA matching or even have their previously submitted DNA kits destroyed. One such whom BuzzFeed talked to was Leah Larkin, a genetic genealogist based in Livermore, California:

All in all, I feel violated, I feel they have violated my trust as a customer.

Overall, however, it looks like most genealogy enthusiasts have no problem with helping to track down violent criminals. BuzzFeed cited an informal survey conducted by genealogist Maurice Gleeson that found that 85% of respondents – all of them involved in genealogy in the US or Europe – said they were comfortable with their DNA being used to catch a serial killer or rapist.

How well is this data being protected?

It’s easy to agree with wanting to help catch violent criminals by using DNA matching – what’s known as “enhanced forensic capabilities.” But we need to keep in mind that these databases and services are open to everyone, and not everyone will use them with good intentions.

For example, research subjects can be re-identified from their genetic data. However, rules that, starting this year, will regulate federally funded human subject research fail to define genome-wide genetic datasets as “identifiable” information.

The Columbia University researchers said that their work shows that such datasets are indeed capable of identifying individuals. That’s why they’re encouraging US Health and Human Services (HHS) to rethink that classification.

To better protect our genomes, the researchers proposed that the text files of raw genetic data be cryptographically signed:

Third-party services will be able to authenticate that a raw genotyping file was created by a valid [direct-to-consumer] provider and not further modified. If adopted, our approach has the potential to prevent the exploitation of long-range familial searches to identify research subjects from genomic data. Moreover, it will complicate the ability to conduct unilaterally long-range familial searches from DNA evidence. As such, it can complement previous proposals regarding the regulation of long-range familial searches by law enforcement and offers better protection in cases where the law cannot deter misuse.