[If you thought your relatives' gift of a "smart speaker" was the worst way that a family member could compromise your privacy, think again: home genetic tests can opt your whole bloodline into mass-scale state genetic surveillance, and while there has been some progress into bringing the rule of law into the stuff of life, it's been halting — and that's bad news, especially as companies that do genetics for spies and cops merge with consumer genomics companies, something that's just happened, as my EFF colleague Jennifer Lynch discusses below, in this crosspost from EFF's Deeplinks blog -Cory]
This week, GEDmatch, a genetic genealogy company that gained notoriety for giving law enforcement access to its customers' DNA data, quietly informed its users it is now operated by Verogen, Inc., a company expressly formed two years ago to market "next-generation [DNA] sequencing" technology to crime labs.
What this means for GEDmatch's 1.3 million users—and for the 60% of white Americans who share DNA with those users—remains to be seen.
GEDmatch allows users to upload an electronic file containing their raw genotyped DNA data so that they can compare it to other users' data to find biological family relationships. It estimates how close or distant those relationships may be (e.g., a direct connection, like a parent, or a distant connection, like a third cousin), and it enables users to determine where, along each chromosome, their DNA may be similar to another user. It also predicts characteristics like ethnicity.
An estimated 30 million people have used genetic genealogy databases like GEDmatch to identify biological relatives and build a family tree, and law enforcement officers have been capitalizing on all that freely available data in criminal investigations. Estimates are that genetic genealogy sites were used in around 200 cases just last year. For many of those cases, officers never sought a warrant or any legal process at all.
Earlier this year, after public outcry, GEDmatch changed its previous position allowing for warrantless law enforcement searches, opted out all its users from those searches, and required all users to expressly opt in if they wanted to allow access to their genetic data. Only a small percentage did. But opting out has not prevented law enforcement from accessing consumers' genetic data, as long as they can get a warrant, which one Orlando, Florida officer did last summer.
Law enforcement has argued that people using genetic genealogy services have no expectation of privacy in their genetic data because users have willingly shared their data with the genetics company and with other users and have "consented" to a company's terms of service. But the Supreme Court rejected a similar argument in Carpenter v. United States.
In Carpenter, the Court ruled that even though our cell phone location data is shared with or stored by a phone company, we still have a reasonable expectation of privacy in it because of all the sensitive and private information it can reveal about our lives. Similarly, genetic data can reveal a whole host of extremely private and sensitive information about people, from their likelihood to inherit specific diseases to where their ancestors are from to whether they have a sister or brother they never knew about. Researchers have even theorized at one time or another that DNA may predict race, intelligence, criminality, sexual orientation, and political ideology. Even if later disproved, officials may rely on outdated research like this to make judgements about and discriminate against people. Because genetic data is so sensitive, we have an expectation of privacy in it, even if other people can access it.
However, whether individual users of genetic genealogy databases have consented to law enforcement searches is somewhat beside the point. In all cases that we know of so far, law enforcement isn't looking for the person who uploaded their DNA to a consumer site, they are looking for that person's distant relatives—people who never could have consented to this kind of use of their genetic data because they don't have any control over the DNA they happen to share with the site's users.
These are also dragnet searches, conducted under "general warrants," and no different from officers searching every house in a town with a population of 1.3 million on the off chance that one of those houses could contain evidence useful to finding the perpetrator of a crime. With or without a warrant, the Fourth Amendment prohibits searches like this in the physical world, and it should prohibit genetic dragnets like this one as well. That means these searches are nothing more than fishing expeditions through millions of innocent people's DNA. They are not targeted at finding specific users or based on individualized suspicion—a fact the police admit because they don't know who their suspect is. They are supported only by the hope that a crime scene sample might somehow be genetically linked to DNA submitted to a genetic genealogy database by a distant relative, which might give officers a lead in a case. There's a real question whether a warrant that allows this kind of search could ever meet the particularity requirements of the Fourth Amendment.
We need to think long and hard as a society about whether law enforcement should be allowed to access genetic genealogy databases at all—even with a warrant. These searches impact millions of Americans. Although GEDmatch likely only encompasses about 0.5% of the U.S. adult population, research shows 60% of white Americans can already be identified from its 1.3 million users. This same research shows that once GEDmatch's users encompass just 2% of the U.S. population, 90% of white Americans will be identifiable.
Although many authorities once argued these kinds of searches would only be used as a way to solve cold cases involving the most terrible and serious crimes, that is changing; this year, police used genetic genealogy to implicate a teenager for a sexual assault. Next year it could be used to identify political or environmental protestors. Unlike established criminal DNA databases like the FBI's CODIS database, there are currently few rules governing how and when genetic genealogy searching may be used.
We should worry about these searches for another reason: they can implicate people for crimes they didn't commit. Although police used genetic searching to finally identify the man they believe is the "Golden State Killer," an earlier search in the same case identified a different person. In 2015, a similar search in a different case led police to suspect an innocent man. Even without genetic genealogy searches, DNA matches may lead officers to suspect—and jail—the wrong person, as happened in a California case in 2012. That can happen because we shed DNA constantly and because our DNA may be transferred from one location to another, possibly ending up at the scene of a crime, even if we were never there.
All of this is made even more concerning by the recent acquisition of GEDmatch by a company whose main purpose is to help the police solve crimes. The ability to research family history and disease risk shouldn't carry the threat that our data will be accessible to police or others and used in ways we never could have foreseen. Genetic genealogy searches by law enforcement invade our privacy in unique ways—they allow law enforcement to access information about us that we may not even know ourselves, that we have no ability to hide, and that could reveal more about us in the future than scientists know now. These searches should never be allowed—even with a warrant.