An arrest in connection with a series of rapes and murders in California by a perpetrator known variously as the Golden State Killer, the East Area Rapist, and the Original Night Stalker promises to bring closure for victims and victims’ families who have been waiting since the 1970s and 1980s. The accused, Joseph DeAngelo, was found through an unconventional method. As millions in recent months sent their DNA to be tested to trace their genealogy “just for fun,” law enforcement officers went to an open-source genealogical platform to find first DeAngelo’s family and then DeAngelo. (They used “discarded” DNA from DeAngelo to make the final match with DNA from victims.) Advances in DNA testing have made thousands of convictions possible and have freed innocent men and women who were convicted before today’s testing methods were developed.
Use of a genealogical site to catch a criminal elicited a perhaps unexpected criticism. Those who submitted their DNA for testing hardly thought that it could be used for that purpose. Is it legitimate—is it legal, even—for the DNA samples to be used as they were used in the DeAngelo case?
There is an interesting parallel between the questions raised about the use of DNA samples submitted for one purpose being used for another and the whole Turnitin.com controversy from a few years ago. Many universities and a smaller number of high schools use Turnitin.com to locate plagiarism in student papers. One reason for the site’s effectiveness is that every paper submitted to be checked becomes part of the database that is checked, and so on and so on and so on. Several lawsuits grew out of students’ anger at how their work was being used without their permission. They could not pass the course the paper was written for without submitting it to Turnitin, but once they submitted it, their original work was then used by Turnitin to make profit. Some students argued that they were coerced into signing away permission to the use of their work under threat of a failing grade in the course. The fact that some even wrote their protestations into the permission form did not change the outcome of at least one court case that was decided in favor of the defendant.
Students are warned constantly, as are we all, to be cautious about what they post on the Internet. Pictures taken at a drunken Spring Break party can come back to haunt them when they apply for a job. Intimate photos shared with the love of their life can become “revenge porn” when the relationship sours. The Turnitin.com lawsuits were an interesting reversal in which students did not want their work to become part of a huge digital database.
The difference between Turnitin and the site used by police in the DeAngelo case, GEDmatch is that, rather than being required to use it by schools (who pay for access to the Turnitin database), users of the genealogy site chose to use it, for free. An article from the Los Angeles Times tellingly called “Cracking the Golden State Killer case: Clever detective work or a violation of privacy?” explains that with GEDmatch, “consenting users upload test results from a variety of genealogy websites and cross-reference their findings to discover relatives who might have tested with different companies.” In response to the DeAngelo case, GEDmatch made this statement: “While the database was created for genealogical research, it is important that GEDmatch participants understand the possible uses of their DNA, including identification of relatives that have committed crimes or were victims of crimes. If you are concerned about non-genealogical uses of your DNA, you should not upload your DNA to the database and/or you should remove your DNA that has already been uploaded.”
Clever detective work or a violation of privacy? Maybe both. The Times article warns, “Ruth Dickover, director of UC Davis' forensic science program, described law enforcement's approach as a glimpse into a future in which virtually all genetic information is accessible to the government.” The larger genealogical sites, 23andMe and Ancestry.com, try to shield the privacy of their customers. Neither has given law enforcement access to customers’ DNA, and both state their intent to resist doing so in the absence of a search warrant or court order. The danger comes when the customers themselves share their DNA results online, which is what they do with GEDmatch. We can applaud the success of law enforcement in catching a killer and rapist, and most of us do not have to worry about our DNA revealing a skeleton in our closet, but we have to remember that once we make the decision to make our results public, we are doing so not just for ourselves, but for all of those who share our DNA as well.