DNA and Crime Fighting

It’s been a week since Buzzfeed broke the story that Family Tree DNA (FTDNA) has been working with the FBI. As you can imagine this has caused quite the uproar of opinions and discussion both inside and outside the genealogy community. In fact, it’s been hard to keep up with everything that has happened since.

I first learned about it all on a Facebook page I follow run by Blaine Bettinger called; Genetic Genealogy Tips & Techniques.

FTDNA is a Houston based company, a pioneer in the DNA industry and was the first company to offer a direct to consumer DNA kit. In the Buzzfeed article we are told that a spokesperson advised that; “while Family Tree does not have a contract with the FBI, the firm has agreed to test DNA samples and upload the profiles to its database on a case-by-case basis since last fall.” The spokesperson went on to say that since then FTDA had worked on less than 10 cases.

The article went on to say that officials at Family Tree said customers could decide to opt out of any familial matching, which would prevent their profiles from being searchable by the FBI.

Therein lies the first problem. Why should I opt out when the reason I purchased the DNA kit in the first place was to find DNA cousins?

The second problem is how FTDNA told it’s customers. Or didn’t tell their customers actually. In December 2018 FTDNA had changed their terms of service to ” allow law enforcement to use the database to identify suspects of “a violent crime,” such as homicide or sexual assault, and to identify the remains of a victim”.

The problem with that is that they didn’t tell their customers.

We came to the conclusion that if law enforcement created accounts, with the same level of access to the database as the standard FamilyTreeDNA user, they would not be violating user privacy and confidentiality,” said company founder; Bennett Greenspan.

Don’t get me wrong I’m all for catching criminals using DNA, in fact, I’ve left my kit and kits that I manage at GEDmatch when it was announced that GEDmatch was used to catch the Golden State Killer. Using matches to catch murders is the same technique I use to break brick walls and work on unknown parentage cases so I’m familiar with how it’s done. But the difference between GEDmatch and FTDNA is that GEDmatch is a third-party site. I knowingly give up my privacy when I upload to GEDmatch.

My biggest concern is how FTDNA handle the whole implementation of the program. They didn’t let their customers know that that’s what they were going to do. It was like trying to close the door after the horse had already run off. You see FTDNA had made a change to their terms in May to
address the European Union’s General Data Protection Regulation (GDPR) and then had made this small change in December.

But the question is… did you read the terms of service in May? You may not have because if you lived outside the European Union what did it have to do with you?

I wasn’t the only person that didn’t like how FTDNA handled it. The debate continues even now on the posts at Genetic Genealogy Tips & Techniques. As well there have been numerous blogs written about the whole situation.

Judy Russell, The Legal Genealogist has already posted three blogs about it. The first called; Opening the DNA Flood Gates, a follow up with regard to Choice and another giving her take on Bennett Greenspan’s letter to his customers. In his letter he apologies for the fact that something wasn’t sent out when they made the change to the Terms of Service in December and for not doing a better job of communicating to us.

Lea Larkin, The DNA Geek (quoted in the Buzzfeed article) wrote about this as soon as Buzzfeed broke the story and has since updated her blog. You can read it HERE. She notes the same thing I said when I saw this on the FB page. I thought that this has to be financially motivated. My thought is that FTDNA kit sales haven’t been increasing like Ancestry or 23andMe. At least not the numbers I’ve been seeing.

Just so you are aware, FTDNA has now been removed from the Privacy Best Practices for Consumer Genetic Testing Services list.

What about the other companies? Science News reported in their recent article dated February 6th 2019

that 23andMe and AncestryDNA have both said that they will not allow similar searches of their much larger databases.  
“We have clear policies stating we will not voluntarily work with law enforcement, and use all legal means to safeguard our customers’ data,” Kathy Hibbs, 23andMe’s chief legal and regulatory officer, said in a statement. “We have never shared customer information with law enforcement.” As of October 15, 2018, the company had received five such requests for user data, none of which were granted.

I also know that in the comments on Genetic Genealogy Tips & Techniques that Gilad Japhet; CEO of MyHeritage assured us that MyHeritage had changed their terms of service to prevent law enforcement from using its database and law enforcement will not be given access.

So what does all this mean and where do we go from here? I’m far from an expert but I think all the DNA companies have learned that you don’t change the rules until you’ve advised all the players. I also know that it may be much harder to convince one of my cousins to take a DNA test.

We now all know that we better be reading the terms of service when they are offered to us and if you are responsible for someone else’s DNA you better be getting their signed permission as to what information is available on which site.

Will genetic DNA continue to be used to solve crimes? I’m sure it will. Since the Golden State Killer case was cracked and the announcement was made on DNA Day 2018, many more killers have been put behind bars and are awaiting trial, and that’s a good thing.

What have I learned? Well, I use to tell everyone that they needed to have their DNA test done at Ancestry and then download and uploaded to FTDNA, MyHeritage and GEDmatch (GEDmatch as long as you understood it was an open source database and open to other uses) Then if you still want more matches and want to learn about your health then test at 23andMe. Now at this point, I don’t think I’ll be recommending FTDNA until I feel more comfortable that they have learned from this experience. I think I’ll just be tell you to test at Ancestry, 23andMe and MyHeritage.

Again I’m not against FTDNA because they are “fighting crime”, because I’m ok with that. It’s because I feel that they didn’t understand that I am their customer and that I paid money to test at their company so I had a right to know what they were doing with it. They forgot that it is “my DNA” and not theirs.

Affiliate Link Disclaimer  (There are no FTDNA affiliate links)

Note: The post above contains affiliate links. This means I make a percentage on sales via these links. This does not INCREASE the price you pay as a consumer. It’s  simply a supplement to my income so I can continue  to support The DNA Angel Project and to make donations to the Alzheimer’s’ Society

9 Comments

  • Lori Smith says:

    I have not tested with FTDNA, though my uncle has had 3 markers done for a n organization he belongs to (Clan Matheson). I can see why you would be upset that you were not notified properly.
    In the same respect, I feel this way about MyHeritage. I started a family tree on there for free (and then stopped adding when I realized I could not see anyone else’s as I am not a paid subscriber and so it would do me no good). I got an email from them saying I could upload my raw dna from other companies so I could compare and find dna cousins, but again, I get dna cousin ‘bait’, as I cannot contact them as I am not a paid subscriber. I am going to remove my dna from their database as it does not do me any good.
    I am already a paid subscriber to Ancestry and cannot afford to join them all. I am also a free subscriber to Wikitree and Gedmatch Genesis and have had dna cousin contact from these sites, as well as Ancestry and 23andme,

  • Tess Elliott says:

    Thank you for your blog. today I had decided to do my first DNA test with FTDNA – but not so sure now!!!
    The power of the DNA companies leaves a lot to be desired anyway.
    one pays ( a lot) to do our DNA and they hold your DNA in their data base. AND now they don’t tell you what they have decided to do with your DNA Sample first !!!………………. NOT nice………

    I am all for catching criminals but ………….

    • Tess, I would still consider testing with either Ancestry or MyHeritage. Both companies have promised to not work with law enforcement. MyHeritage CEO was adamant that they would not work with law enforcement and I have met him and I totally believe this to be true. Truth be told I believe the same of Ancestry and 23andMe. My having your DNA processed through Ancestry you can still download and upload to MyHeritage. MyHeritage charges for the ethnicity report but no for cousin matching.

  • Great article. You can be for law enforcement and still want your privacy and rights respected.

  • Char says:

    What about the recent news that 23andMe now has a contract to sell DNA data for medical research???

    • I need to check into that. But what I’ve done with my DNA is that I have always opted out of any scientific research. That’s not what I’m testing my DNA for.

  • Actually FTDNA DID tell everyone about the changes. We all got emails concerning updates to the Terms of Service/User terms….we just didn’t bother to read them.

    You can’t be mad and claim you weren’t notified just because you didn’t bother to read the updates from a company. Should every company we deal with the genealogy send us an audio file to listen to instead of telling us they have updated TOS? Or do we expect companies to tell us everything in an updated TOS in the emailed notice? Are we really to that point?

    • I can be mad because the change was made sometime in December and Bennett Greenspan admitted as such in his letter. On February 3rd, Bennett Greenspan issued an open letter to his customers acknowledging that the Terms of Service had been changed without proper notification and that the Terms would revert back to the GDPR-compliant version from May 2018. (as noted in Lea Larkin’s blog)