We need to close the loopholes that allow law enforcement to take advantage of consumer genetics.
Imagine the federal government enacted a law requiring all U.S. residents to provide law enforcement with their DNA profile so police could solve more crimes. Would you be OK with such a system?
Imagine instead that the federal government established a database for which people could volunteer genetic profiles—but that the decision about whether to volunteer your DNA belonged not to you, but to your third cousin. Would you be OK with that?
Whether you like it or not, the United States has effectively already adopted this second system. Since April 2018, law enforcement investigations stemming from DNA searches in consumer genetics databases have led to nearly three dozen arrests. In every case, those ultimately arrested did not actually upload their own genetic profiles to any database. Rather, they were identified through partial matches between crime scene DNA samples and the genetic profiles of often-distant relatives shared on consumer platforms like GEDmatch or FamilyTreeDNA. By one estimate, more than 60 percent of Americans of European descent are already identifiable through the DNA of a third cousin or closer on one of these platforms, and nearly all such Americans may be findable soon. Meanwhile, Parabon Nanolabs, the leading private company selling genetic genealogy services to law enforcement, claims that it can identify criminal suspects out to ninth-degree relatives (e.g., fourth cousins)—widening the genetic web of indirect database inclusion still further.
Law enforcement use of consumer genetics platforms in this way amounts to a massive failure of democratic accountability. While resolving cold cases and bringing wrongdoers to justice is laudable, forensic genealogy’s reliance on matches between genetic relatives should prompt serious questions about whose identifying genetic data is included in law enforcement searches and with what justification. Unless we change course, the United States will soon be home to a de facto national DNA database—something that no U.S. jurisdiction has suggested would be appropriate.
Existing genetic databases typically come in one of two types. One is traditional law enforcement DNA databases: Every state and the federal government has enacted legislation identifying whose DNA is subject to government collection and search for crime detection purposes, and each has limited its database to some subset of individuals arrested or convicted of crimes. While these databases have grown in size and scope over time, no state has proposed using DNA from most or all of its residents for law enforcement purposes. Rather, each jurisdiction has affirmatively chosen to limit who can be included, even requiring expungement of DNA profiles in certain instances.
The second type of DNA database used for law enforcement is a new entrant—the consumer genetics platform. To date, at least two consumer genetics platforms, GEDmatch and FamilyTreeDNA, have publicly acknowledged or embraced working with law enforcement to identify criminal suspects. Proponents of government use of these databases have emphasized that genetic profiles are voluntarily shared on these sites. In other words, because people have volunteered their genetic data, it is OK for law enforcement to use it too.
But the identification of individuals who are not directly included in a genetic database runs afoul of any given reason law enforcement use of such databases is legally and ethically acceptable. These individuals have not previously been arrested or convicted of a crime. Nor have they “volunteered” their DNA on a consumer genetics platform. Instead, like millions of ordinary Americans, these individuals are identifiable to police through the genetic data of their kin. Few genetic relationships, however, are voluntary. Even if parents can be said to voluntarily choose to have children, children plainly do not choose their parents. Nor do we choose our siblings, cousins, or more distant relatives—if we even know who they are.
And the reach of these genetic databases, combined with identifiability-by-relatedness, is rapidly growing. Law enforcement will soon have access to enough genetic profiles to reach nearly all Americans of European descent, if they don’t already. As one expert has explained, law enforcement would need access to DNA profiles for as little as 2 percent of the U.S. population (about 4 million profiles) to reach nearly any of us with European ancestry through a third cousin or closer. Meanwhile, as many as 26 million individuals have already used an at-home genetics test.
That is a problem. A comprehensive genetic database is unlikely to be a viable policy proposal, and with good reason. For one thing, despite apparent public support for investigations like the Golden State Killer case, Americans are very concerned about genetic privacy. A recently proposed bill in Arizona that would have radically expanded the state’s official DNA database lasted mere weeks, before being substantially amended twice in a 72-hour period. The legislation would have required that DNA be collected from “anyone who has to be fingerprinted by the state for a job, to volunteer in certain positions or for a myriad of other reasons.” (The text of the original bill can be found here.) It had ignited widespread opposition, including from the Arizona Police Association. The bill was quickly amended twice, ultimately focusing on advancing the use of Rapid DNA technology to test rape kits. Having been hollowed out and replaced with different, less objectionable content, the bill passed out of committee. In other words, a bill that appeared to approach the model of a comprehensive DNA database available for law enforcement use met a swift and ignominious death, abandoned even by its sponsor. More broadly, no state to date has proposed storing the DNA of all its residents in a law enforcement database.
Moreover, such a database might not even be legal. As I have argued elsewhere, identifiable genetic information is precisely the sort of sensitive data in which individuals ought to have a reasonable expectation of privacy. That means that a comprehensive DNA database for law enforcement use may well run afoul of the Fourth Amendment of the U.S. Constitution.
If Americans are unwilling to accept a formal national DNA database, they should not accept what amounts to the same thing by happenstance.
Yet that is where we are headed.
There is another way forward: Prohibit law enforcement searches of DNA databases that seek to implicate individuals whose genetic information is not directly included. Doing so would limit law enforcement access to those who really do fit the rules for database inclusion, whether by virtue of an arrest or conviction or by their voluntary sharing of genetic data. To be sure, such a solution would make crime solving more difficult. But it would also prevent millions of ordinary Americans from involuntarily and unjustifiably coming within the scope of the state’s genetic surveillance, while ensuring greater public accountability about the means and ends of law enforcement.
In Maryland, such a law has already been proposed. Maryland has long been a leader in including meaningful limitations to protect ordinary individuals against routine DNA searches for crime detection purposes. Most significantly, in 2008 Maryland prohibited familial searches in the state’s own database. In January 2019, Del. Charles E. Sydnor III introduced a bill that would extend that prohibition to reach any DNA database, including those hosted by consumer genetics platforms. Although this bill has not advanced, Sydnor has not abandoned its intent. He hopes to educate his fellow House of Delegates committee members on the topic, as part of a conversation about appropriate law enforcement use of genetic technology. It’s a conversation that needs to take place nationwide.
Do you like this page?