PDA

View Full Version : Genealogy websites and DNA


sitigeltfel
27th Apr 2018, 10:29
It is being reported that accessing DNA info from genealogy websites has helped trap the Golden State Killer.

Golden State Killer suspect traced using genealogy websites - BBC News (http://www.bbc.com/news/world-us-canada-43916830)

Apart from the ethical concerns, do contributors to those sites give their consent for the info they submit to be used in such a manner/

BehindBlueEyes
27th Apr 2018, 10:39
Exactly the same thought crossed my mind when I read the news report this morning.
Brilliant that this scumbag has been caught but initial statements by the US police said he had been identified following DNA picked up from a petty burglary charge. If it is true that it was actually obtained from a genealogy site, it should be made very clear to anyone using these facilities that their info will consequently “be out there” for use by any authority. I guess if it’s for the benefit of law abiding citizens, that’s not so sinister but as we’ve seen only too much in the last few weeks, our
personal online details are bought and sold quite unscrupulously without consent and for totally commercial reasons.

ORAC
27th Apr 2018, 10:49
I don’t believe that the DNA was related to a genealogy website, rather that a partial match was found with a sample from a burglar which indicated the person they sought was a relation within a certain range - e.g. first/second cousin etc - and the police then used genealogy website data to track down the burglars relations and methodically went through them until they had a list of suspects they could focus on - and then obtained search warrants and searched their trash for DNA samples to narrow the field till they found a match.

VP959
27th Apr 2018, 11:06
I've had a feeling that we've been here before, and the connection between some of these DNA testing genealogy services and other organisations that want to build up databases of individuals was highlighted. Some of them are, or were, connected to the Mormons, who I believe have, as an objective, the posthumous baptism of every human being that has ever lived. I can't say that bothers me too much, but I think I'd want to carefully read every single word in the terms and conditions of any DNA testing service, before I'd make the decision as to whether to use one, if I had a mind too.

A quick look shows that one of the bigger services, ancestry.com, has this in their T's &C's:

Please read the Privacy Statement carefully. In particular, you should be aware that we do not share your Genetic Information (as defined in the Privacy Statement) with employers, insurance providers, or third-party marketers without your consent, and will not share your Genetic Information with law enforcement unless compelled by valid legal process as described in our Privacy Statement. Any sharing of Genetic Information for scientific research is governed by our Informed Consent for Research, which only applies if you expressly agree to participate.

So it looks as if a law enforcement body can force them to disclose your DNA data, as long as they follow a valid legal process.

In this case I believe the sequence of events was that the police had freely given access to DNA data that gave them a familial match from the suspect to the DNA from the victim(s), then they used this to collect "found DNA" from outside the suspects house, that they acquired without needing to search the suspect's premises (probably something in "plain sight" that they could, under US law, just pick up and get tested). This then gave them all they needed to arrest the suspect and test his DNA.

lomapaseo
27th Apr 2018, 15:22
some other thoughts

The guy was outed by person very close to him (friend or relative) who wanted it to remain discrete. So the police did a DNA comparison only associated with the suspect and the original crime scene sample. In other words the ruse o bringing in samples from generic data bases was only to protect the original personal source who ratted him out.

Pontius Navigator
27th Apr 2018, 17:14
Associated with the DNA is the Genealogy database. I have been wondering about these databases in relation to the Data Protection Act in UK. Much data can be gathered from public release of records which means you can build up a reasonably accurate tree even into the 21st century. These trees can then be uploaded to public websites though many do conceal details of living people.

Should researchers be registered?

VP959
27th Apr 2018, 18:07
Associated with the DNA is the Genealogy database. I have been wondering about these databases in relation to the Data Protection Act in UK. Much data can be gathered from public release of records which means you can build up a reasonably accurate tree even into the 21st century. These trees can then be uploaded to public websites though many do conceal details of living people.

Should researchers be registered?

From what I've read on this, with relation to the soon-to-be-introduced GPDR (for those of us bound by EU laws and regulations), then it all seems to be a bit of a minefield. If you host data on an EU based server, that falls within the bounds of personal data, as defined in the GDPR, then you have an obligation to get specific consent from every individual whose data you hold. Prior to this, implied consent, or just having the defaults set on a web form to have boxes that allowed the use of your data to be pre-ticked, so you had to actively opt-out of any data collection, under the GDPR, you now have to actively opt-in, as no EU based organisation, individual or whatever can gather data without your explicit consent.

The reality is that probably 80 or 90% of personal data isn't affected by this, as the really big data gathering and collation companies have shifted their businesses outside the EU. For example, FaceBook had their EU HQ in Ireland, but they've shifted it back to the US, so they don't have to comply with the GDPR. It makes the whole GDPR thing look like a total fiasco, as it's going to hit small companies based in the EU pretty hard, in terms of having to contact every individual they hold data on and getting consent, but it's going to have no impact on the big data collectors at all as they've just shifted their businesses outside the EU, as a largely paper exercise, it seems.

The result is that the majority of people living within the EU will still have masses of personal data collected, in apparent contravention of the GPDR, just because the service they happen to be using is notionally "outside" the EU. This forum is the same, I think - if it were hosted in the EU it would be required to contact every registered member and ask for their specific consent to hold personal data. However, as it's not an EU based business that runs this forum it can just ignore the GDPR.

I host a website in the UK, and have had to send an email to everyone who's name, email address, address, phone number etc that I hold on it, asking them to confirm to me that they consent to me holding that data. If anyone either doesn't reply, or decides to say no, then I'm obliged to permanently delete any data I hold about them that falls within the provisions of the GDPR. There's a bit of guidance on the BBC website that explains, in pretty basic terms, what needs to be done before the regulations come into force in May: GDPR: Your data protection questions answered - BBC News (http://www.bbc.com/news/av/43921814/gdpr-your-data-protection-questions-answered) and also here: How to handle the flood of GDPR privacy updates - BBC News (http://www.bbc.co.uk/news/technology-43907689)

DON T
27th Apr 2018, 18:31
It doesn’t even have to be DNA, I believe a number of years ago a suspected murderer was convicted on evidence that he had used his Tesco Clubcard at a Branch which was near the murder.

You cannot escape from it, your phone, debit/credit card, cctv, etc etc will make you a suspect. It will put you in the area of the crime. If you think you are innocent prove it.

By the way I don’t disapprove of these methods but it is going too much in the favour of one side at the moment IMHO.

Rossian
27th Apr 2018, 23:04
Mormons
The Mormons want to baptise everyone posthumously?? So what? What will that do to me, an atheist? If I'm dead will I notice??

visibility3miles
27th Apr 2018, 23:10
Keep in mind that companies like 23andme (founded by the then girlfriend of Google CEO, not a match I expect to respect privacy) and Ancestory.com OWN rights to license your DNA once you've submitted it.
Google's Sergey Brin and 23andMe's Anne Wojcicki Have Split - Liz Gannes - News - AllThingsD

https://www.snopes.com/fact-check/ancestry-dna-steal-own/ (http://allthingsd.com/20130828/google-co-founder-sergey-brin-and-23andme-co-founder-anne-wojcicki-have-split/)

Raises the same questions of privacy that Facebook faces now.

Who will they sell the information to and who wants to buy it?

Insurance companies? Potential employers?

Police catching a serial killer and rapist is fine by me, but I don't know of any bloody skeletons in my closet.

G-CPTN
27th Apr 2018, 23:10
What will that do to me, an atheist? If I'm dead will I notice??
You will be forced to rise from your grave and perform a billion Hail Marys - or whatever is the Mormon equivalent penitence.

llondel
28th Apr 2018, 05:25
Mormons
The Mormons want to baptise everyone posthumously?? So what? What will that do to me, an atheist? If I'm dead will I notice??

That depends. You may find that whichever afterlife you've chosen (or was chosen for you) gets rudely interrupted when they get around to doing you.

ExSp33db1rd
28th Apr 2018, 06:18
What's to stop some low life obtaining your DNA, by fair means, foul, or commercial, then spreading it around his crime scene ?

racedo
28th Apr 2018, 11:37
What's to stop some low life obtaining your DNA, by fair means, foul, or commercial, then spreading it around his crime scene ?

You really didn't think that through did you ?

Why contaminate the crime scene when you just change the samples in the lab.

Same difference just a shed load less work.

MG23
29th Apr 2018, 00:43
What's to stop some low life obtaining your DNA, by fair means, foul, or commercial, then spreading it around his crime scene ?
I'm pretty sure that's already been done. I'm sure I remember a news story about some crook collecting hair and suchlike and spreading it around his crime scenes.

DNA, like fingerprints and faces, is just another thing that's going to become not very useful for solving crimes in the next few decades.

IBMJunkman
29th Apr 2018, 04:04
A relatively unknown database was used. Data is voluntarily uploaded.

https://www.technologyreview.com/s/611038/investigators-searched-a-million-peoples-dna-to-find-golden-state-serial-killer/

Bob Viking
29th Apr 2018, 06:47
So, I am a law abiding citizen. What if I were to submit my DNA to a secure (I know secure is a dangerous word) database that we were all compelled to submit to? If I donít commit crime what do I have to be afraid of? Would it perhaps deter nefarious characters from committing serious crime if they knew their DNA was on record?

Itís the same with national ID cards. If I donít do anything wrong, whatís the issue?

Just my thoughts.

BV

Pontius Navigator
29th Apr 2018, 07:56
BV, I would guess you would be at risk of planted evidence.

For instance, something belonging to you, or any random person, could be dropped at a crime scene. Only if there was a cast iron alibi could you be sure of acquittal.

OTOH, today, the same evidence from a random person would probably not register. Years later, if that person had a DNA swab they might be falsely accused and have difficulty proving innocence.

Even a totally innocent person can have their DNA recorded for elimination purposes and then be linked with that random crime - a mine field.

VP959
29th Apr 2018, 09:09
I'm with @Pontius Navigator on this. Because juries are inclined to place great weight on DNA evidence, your DNA at a crime scene, even if it was there by accident, from some previous visit, could end up with your being charged and convicted, even though innocent. One significant risk is that more and more criminals are forensically aware, thanks to the widespread depiction of forensics in crime stories and the media. That makes it less likely that a criminal's DNA may be found at a crime scene, making it more likely that innocent people could become suspects, particularly if they cannot provide an alibi as to their whereabouts.

Given the fact that the police are even more short staffed, and under increasing pressure to solve more crimes, using a big DNA database has to look like an attractive way to take a short cut and see if they can find likely perpetrators without having to spend hundreds, or thousands, of hours on investigations.

I also suspect that the planting of DNA from innocent people is likely to become a part of the normal "toolkit" for the forensically aware criminals out there, as they are beginning to understand that the lack of any forensic evidence is, itself, a useful indicator to the investigators. How many people now know of Locard's Exchange Principle, for example? I wouldn't mind betting that, thanks to TV dramas like CSI, the majority of forensically aware criminals know all about it, and some almost certainly use it to their advantage to try and implicate another person, or just throw the investigating team off their own scent.

clareprop
29th Apr 2018, 10:03
By a horrible coincidence, I posted my DNA kit to the States the morning before all this kicked-off. I'm now worried sick that they'll be able to trace me for the Mar's bar I nicked for a dare from the sweet shop outside our school in 1962...

racedo
29th Apr 2018, 10:36
So, I am a law abiding citizen. What if I were to submit my DNA to a secure (I know secure is a dangerous word) database that we were all compelled to submit to? If I donít commit crime what do I have to be afraid of? Would it perhaps deter nefarious characters from committing serious crime if they knew their DNA was on record?

Itís the same with national ID cards. If I donít do anything wrong, whatís the issue?

Just my thoughts.

BV

Strange that holding details of all people and knowing all about them was what the west railed correctly about Communism.
The claim was it was all about "Control" of the population.
Now the wets had bought into it but done a PR exercise and called it social media so they can easily keep tabs on most.
Then its DNA as you have nothing to woryy about.
Only difference between USSR communism and the West way of working is the West has better PR and the Sheeple are
falling for it.