Discovering information about your ancestors who lived thousands of years ago has never been easier. After receiving a small amount of your saliva, DNA genetic testing websites like 23andMe and Ancestry.com provide you with detailed results about your lineage. The emailed results from 23andMe give users a percentage breakdown of their ancestry composition and information on users who share similar DNA. 23andMe even provides an additional health screening service that informs users about certain health risks and their susceptibility to certain traits.

Recently, law enforcement officers discovered another use for these results: solving murders. In April 2018, California law enforcement officials arrested the infamous Golden State Killer after submitting his DNA to an online DNA database, GEDmatch. Between 1976 and 1986, the killer allegedly committed twelve murders and fifty rapes. Despite having his DNA for many years, the California police were unable to find a match and, therefore, were unable to identify the killer.

The police finally found a match after submitting a recently discovered, well-preserved DNA sample to GEDmatch. GEDmatch works differently than websites like 23andMe and Ancestry.com. Instead of submitting saliva for testing, users submit genealogy profiles that they receive from these websites and others, and the GEDmatch platform matches this DNA to other profiles in the system. The GEDmatch software “enables users to see the precise genetic segments where cousins overlap. From the site’s one million or so profiles, a skilled genetic detective can often puzzle out an individual identity from a single third cousin match.” This information is then used by genetic genealogists to create family trees and learn about family members who are not in the platform. Significantly, GEDmatch offers its services to users free of charge and will accept DNA gathered at crime scenes.

After uploading the DNA and certifying either that it was their DNA or that they had permission to do so, the California police received matches for members of the Golden State Killer’s family and used the family tree to find those who were not on the site, like the killer himself. He had not actually uploaded his DNA to the platform.

This case and several others that have been solved using GEDmatch pose important questions about data privacy as it relates to online DNA profiles, especially in cases where the DNA used to convict was not actually uploaded by the suspect. Do those who upload their data consent for its use in criminal investigations? Should police be permitted to create fake profiles and upload this data without prior authorization?

In the wake of the Carpenter v. United States decision, which held that law enforcement must have a warrant before searching cellular records, many are left wondering whether this will continue to be permitted.

Given the increasing importance of online privacy in today’s world, this practice promises to spark much debate and will likely be the subject of numerous lawsuits in the near future.

 

Rebecca Lund

 

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>