Valerie Bauman | The Daily Mail | Source URL
Scientists are expanding the methods by which law enforcement can use DNA information gathered through sites like Ancestry.com and 23andMe to solve crimes – and they’re raising ethical questions along the way.
California detectives have already used DNA obtained through public databases to track down and arrest Joseph James DeAngelo, suspected of being the Golden State Killer, who police say committed at least 13 murders, more than 50 rapes, and more than 100 burglaries in California from 1974 to 1986.
But now, according to a study published Thursday in the scientific journal Cell, researchers say they have developed a new computational method that expands the way commercial and public gene databases can be cross-referenced with those used by law enforcement.
The result: More crimes solved and countless ethical concerns raised, as many people could be linked to crimes simply because a relative submitted DNA to find out more about their family’s ancestry. Warrants are required to obtain such information from private companies like Ancestry.com and 23andMe.
‘We think when we upload DNA that it’s our information, but it’s not. It’s the information of everyone who is biologically related to us,’ said Julia Creet, a Toronto-based researcher focused on the family history industry, in an interview with DailyMail.com.
The goal of using public and commercial databases to solve crimes is more technically challenging than it may seem, as they tend to rely on completely different genetic markers than those used by law enforcement to identify potential criminals.
‘There’s a legacy problem in that so many DNA profiles have been collected with this older genetic marker system that’s been used by law enforcement since the 1990s,’ said senior author Noah Rosenberg, of Stanford University. ‘The system is not designed for the more challenging queries that are currently of interest, such as identifying people represented in a DNA mixture or identifying relatives of the contributor of a DNA sample.’
Researchers set out to see if they could use the newer, more modern system of genetic markers used in commercial methods and test those against the older law enforcement system to obtain matches and find relatives.
The FBI and police departments across the U.S. use a DNA database known as the Combined DNA Index System, or CODIS. It relies on 20 DNA markers, which are different from those used in common ancestry databases – which scan across hundreds of thousands of sites in the genome.
Rosenberg and his team previously found that software could match people found in both databases even when there were no overlapping, or shared, markers between the two sets of data.
In their new research, the team found that the same approach could be applied to track down close family members – roughly 31 percent of the time in cases of parent-offspring pairs and 36 percent were linked among sibling pairs.
‘We wanted to examine to what extent these different types of databases can communicate with each other,’ Rosenberg said. ‘It’s important for the public to be aware that information between these two types of genetic data can be connected, often in unexpected ways.’
This means that law enforcement can more easily track down criminals even when the actual perpetrator has not submitted any DNA, as was the case in the Golden State Killer investigation.
In that instance, detectives submitted DNA collected from a crime scene for the traditional law enforcement genotyping, then used an open-source ancestry database called GEDmatch to link that profile to people who had voluntarily submitted their information into the database.
Many people who obtain their genetic data through commercial sites like Ancestry.com and 23andMe later upload that information into GEDmatch in an effort to connect with other family members around the globe.
Police found relatives who had overlapping DNA markers and through a process of elimination tracked down DeAngelo.
Police were able to access the information on GEDmatch because it was a public database, but law enforcement has successfully used warrants to obtain similar data directly from sites like 23andMe and Ancestry.com. Ancestry.com has 10 million customers, while 23andMe has more than 5 million.
A spokesman for 23andMe said the company uses strong security and privacy protocols to protect customer data – and that it warns customers that those guarantees don’t extend to any third-party sites where they choose to share their personal information.
For those who have sought to learn more about their own background, the news could raise serious privacy concerns, said Creet, who directed and produced Data Mining the Deceased, a documentary about the industry of DNA and geneology.
‘Once your results have been uploaded into a collective database there is no way to extract them because other people have picked up on them,’ she said.
Creet said anytime a person submits their DNA to a company to learn more about their heritage, it’s worth considering that they are also submitting 50 percent of their parents’ and children’s DNA, and 25 percent of their grandparents’ or grandchildren’s DNA.
‘Your results aren’t just about you,’ Creet added. ‘They’re about everyone you’re related to, which is how the police can use your results to track down a criminal who is distantly related to you. We’re not just talking about personal privacy; we’re talking about relational privacy.’
Experts are also concerned about how private companies are using genetic information they obtain. Ancestry.com is partnered with Calico, which is a Google spinoff, in an effort to analyze anonymized data from more than 1 million genetic samples.
Creet said that – given data breaches at other types of tech companies – there is significant cause for concern that even anonymized data could fall into the wrong hands and be re-identified.
Other issues could arise if health insurance companies were ever able to obtain genetic data on their customers and use that to discriminate against those with predispositions for certain diseases, she added.
‘This is a kind of Wild West of privacy protection and we’re dealing with the most personal type of information,’ Creet said.
Ultimately, society will have to decide if it’s worth losing a great deal of genetic privacy to solve violent crimes, said Dr. Ellen Clayton, a professor at Vanderbilt University’s Center for Biomedical Ethics and Society.
‘The question is: How do you control the downstream users?’ Clayton told DailyMail.com. ‘Do you want to say that law enforcement should only use these kinds of data to find people who you suspect are perpetrators of very heinous violent crimes: rape, murder, etc.?’
Society can reach an answer to that question through legislation that prohibits the use of genetic data for other purposes, such as immigration enforcement, employment discrimination, or to solve minor, nonviolent crimes, she said.
‘These are decisions that society can make. We need to have a robust conversation about that,’ she said.
Clayton also noted that the vast majority of DNA data in law enforcement’s CODIS is disproportionately representative of racial and ethnic minorities. At the same time, the majority of people using private companies to find out their genetic identities are predominately white and of Northern European descent, she said.
‘One reason that really matters is that they couldn’t find the Golden State Killer in CODIS because he was a police man. He was a white police man,’ Clayton said.
Key Ethical Questions When Using DNA in Law Enforcement
DNA isn’t just personal: Do I want to share my sister’s DNA? Anyone who submits their own DNA for testing is also providing genetic info about any of their family members, which could later be accessed by law enforcement or for other unforeseen purposes.
Who owns the data: Who will get access to my DNA? A Google-spinoff company is partnering with Ancestry.com to analyze anonymized genetic data, which many users did not know at the time they submitted their DNA samples. Hacking is also a concern.
Regulation: How should lawmakers limit the usage of genetic data in solving crimes? Should health insurers have access to the information and be allowed to use it to charge more for people with predispositions to expensive health problems? Very little regulation currently exists defining how this data can be used.