I’m really sorry about the click-bate headline, I promise not to do it again. I was also rather hoping that I didn’t need to write a post about privacy issues at familytreedna.com. However, last week, a story broke in Buzzfeednews that FamilyTreeDNA had been “working with the FBI and allowing agents to search its vast genealogy database”. In addition they had “changed its terms of service to allow law enforcement to use the database to identify suspects of “a violent crime,” such as homicide or sexual assault, and to identify the remains of a victim”. The previous (May 2018) version of the the Terms of Service stated:
“You agree to not use the Services for any law enforcement purposes, forensic examinations, criminal investigations, and/or similar purposes without the required legal documentation and written permission from FamilyTreeDNA.”
This was changed, at some unspecified point in December 2018 to state:
“DNA Sample submitted or Genetic Information supplied (that) was obtained and authorized by law enforcement to either: (1) identify a perpetrator of a violent crime, as defined in 18 U.S. Code § (924)(e)(2)(B), against another individual, including sexual assault, rape, and homicide; or (2) identify the remains of a deceased individual.”
(These details was mostly taken from the blog posting of “The Legal Genealogist“, who has been providing excellent and thoughtful coverage of the whole issue)
In addition they announced a plan to “create a panel of citizen genealogist advisors who will work with us as we focus on how to make your FamilyTreeDNA experience the best one available“.
This move has been justified by FamilyTreeDNA President and Founder, Bennett Greenspan, as “crowd-source the catching of criminals” (see this video). This idea was re-iterated in a letter FamilyTreeDNA sent to their customers which stated that this was “an opportunity for honest, law-abiding citizens to help catch bad guys“.
Personally, I find this a disappointing move by FamilyTreeDNA. They are, after all, an early pioneer in the field of genetic genealogy and are one of the main reasons this technology exists today. Reaction within the genetic genealogy community has, predictably fallen into for and against camps.
I have long been concerned about the potential conflicts genetic genealogy brings to our privacy, but I think it’s worth covering five reasons why I think it is dangerous to mix genetic genealogy and law-enforcement issues.
It will stop people testing
Reporting of the issues at FamilyTreeDNA has already spread beyond the genealogy community into both tech websites such as nakedsecurity and theregister as well as mainstream news organisations such the UK’s Independent newspaper and the New York Times. As this information becomes available to the public it’s going to make people more reluctant to try a DNA test. The fine differences between identifying serious criminals via long-range familial searching and the more direct idea that police will “have your DNA on file” will be lost to many. In addition those “Cousin, would you mind doing a DNA test for my research” conversations that genealogists like to have are now going to be much more difficult.
This is going to significantly impact genetic genealogy within those communities that have strained relationships with law-enforcement agencies. These communities are often already under-represented in DNA databases as well as being over-targetted by law-enforcement agencies.
This is also an international issue. whilst many people will have confidence in the transparency and rule of law in their own country the same may not be true for relatives in other countries. Most North American genetic genealogists will have ancestors that came from other countries. Relatives in those countries may both have information on shared ancestors and a less-open and fair legal system. The concept of police use of DNA databases for familial matching is not going to help connect new-world researchers with their relatives in such countries.
Not all criminal activity is criminal
There is an old adage that “One man’s terrorist is another Man’s Freedom Fighter”. Last October I attended the genealogy show “Back to Our Past” in Ireland. Among the presentations was one presenting the results of an informal survey of genealogists. This asked a number of questions within the genealogy community regarding the use of their DNA by law-enforcement agencies. These questions were being asked as a follow-up to the news that the Golden-State Killer had been identified by a genealogist working the police agencies and using the gedmatch.com database. One of the questions (see below) showed that 85% of respondents were “reasonably comfortable” with the law-enforcement agencies using genealogy databases to identify criminals.
The problem with this type of questioning is that it uses the most extreme example of criminal activity to bias the result. More importantly, travelling through Dublin to this show reminded me that it is less than 100 years since Ireland obtained her independence. This was in part due to the violent struggle in Ireland, including the Easter Rising. Many of the people involved in the fight for independence would have been classified as violent criminals by the British authorities. I doubt that most of those people, or indeed their relatives, would consider themselves criminals, or want their relatives identified via their DNA.
This is not just an historical issue. In China, the DNA from millions of ethnic Uyghurs has been collected as part of a program to control dissent within that community. Further, it is estimated that up to one million Uyghurs are in being held in internment camps.
It will encourage countries to create mandatory DNA databases
As genealogists and many adoptees have found, DNA is a powerful tool in connecting families. This is not rocket-science. As law-enforcement agencies world-wide discover and use this technology, there will be calls for it to be made mandatory. I am not convinced that it is good for a society to gather such data.
DNA database searching will be open to abuse
Any police database is open to abuse, as reported in the United States and United Kingdom. Without oversight the same thing will happen with DNA databases. The normal means to limit abuse (as I understand it) is through a judge examining the need.
It erodes our Privacy
We now live in a world where our Privacy is continually being eroded. Social-media companies, such as Facebook, continue to over-reach in their attempts to gather information from us. Our location (and much more) can be identified via our mobile phones and car license–plate readers. Facial recognition technology is being deployed by both law-enforcement agencies and commercially. In most cases regulation and citizen consent is way behind usage. The same thing will happen with genetic genealogy databases unless the genealogy community take steps to stop it.
how to solve the problem with DNA databases ?
I am no expert on the issues, however it would be seem appropriate for FamilyTreeDNA to make a clear decision, are they working for genealogists or are they wanting to catch the “bad guys”. If it’s the former they should work to restrict all access by law-enforcement agencies, and their proxies, unless the requirement has been validated by due process.
At an individual level I am withdrawing the DNA kits I manage at FamilyTreeDNA from their “Family Finder” cousin-matching process until it’s clear which direction the company is headed in.
Finally, there is a reasonable suggestion from genealogist and legal expert Judy G. Russell that FamilyTreeDNA build-in an opt-in DNA database that law-enforcement agencies can us. The only problem with this is the fact that when an individual opt-in to this they also bring along all their relatives. That has always been an ethical issue with DNA.