The U.S. Department of Justice (DOJ) released new rules yesterday governing when police can use genetic genealogy to track down suspects in serious crimes—the first-ever policy covering how these databases, popular among amateur genealogists, should be used in law enforcement attempts to balance public safety and privacy concerns.
The value of these websites for law enforcement was highlighted last year when Joseph DeAngelo was charged with a series of rapes and murders that had occurred decades earlier. Investigators tracked down the suspect, dubbed the Golden State Killer, by uploading a DNA profile from a crime scene to a public ancestry website, identifying distant relatives, then using traditional genealogy and other information to narrow their search. The approach has led to arrests in at least 60 cold cases around the country.
But these searches also raise privacy concerns. Relatives of those in the database can fall under suspicion even if they have never uploaded their own DNA. (One study found that 60% of white Americans can now be tracked down using such searches.) And even those who have shared their DNA may not have given informed consent to allow their data to be used for law enforcement searches.
The DOJ interim policy, which takes effect on 1 November, is intended to “balance the Department’s relentless commitment to solving violent crime and protecting public safety against equally important public interests,” such as privacy and civil liberties, a press release states. The policy says “forensic genetic genealogy” should generally be used only for violent crimes such as murder and rape, as well as to identify human remains. (The policy permits broader use if the ancestry database’s policy allows such searches.) Police should first exhaust traditional crime solving methods, including searching their own criminal DNA databases.
Under the new policy, police can’t quietly upload a fake profile to a genealogy website, as some have done in hopes of finding a suspect’s distant relatives, without first identifying themselves. And the site itself must have informed its users that law enforcement agencies may search their data.
The policy also bars police from using a suspect’s DNA profile to look for genes related to disease risks or psychological traits. Another provision attempts to limit situations in which police secretly take a DNA sample from a suspect’s relative—from a discarded cup or tissue, for example—to help home in on a suspect. The policy says the person must give their informed consent unless police have obtained a search warrant.
Legal and ethics experts welcome the new rules, although some don’t feel they go far enough. “This policy is a big step forward in addressing some of the most pressing privacy concerns in this area,” says law professor Natalie Ram of the University of Maryland School of Law in Baltimore. At the same time, Ram thinks police should need a search warrant or other oversight from a judge to conduct a genetic genealogy search.
The new policy only applies to DOJ agencies and state or local agencies with federal funding to use genetic genealogy searches. But bioethicist Amy McGuire of Baylor College of Medicine in Houston, Texas, predicts it will become a national model. “I think people are trying to do this right,” McGuire says.
She also hopes it will make the public more accepting of having its DNA data used in police searches. “[Putting] limitations on use of the technology is a really important step towards building public trust,” McGuire says.
The growing use of genetic genealogy searches—McGuire says she’s heard of 300 active cases using the approach—hit a roadblock in May when GEDmatch, a free database used in most of the cases cracked so far, revised its policy to allow such searches only for customers who had agreed to be included. That “opt in” policy has reduced by 90%, from 1.4 million to 140,000, the number of profiles police can search, according to a recent news report, making it much less useful.