The FBI is abusing ancestry genealogy websites by tapping into their DNA data. What’s worse, these companies are giving up users’ data under presumed consent that is buried in their terms and conditions, according to several reports.
FamilyTreeDNA is the first company known to be cooperating directly with the FBI to give its agents access to its genealogy database, according to a BuzzFeed report.
A FamilyTreeDNA spokesperson told BuzzFeed that FamilyTreeDNA’s agreement with the FBI gives the agency the ability to search more than a million genetic profiles — the majority of which were given by their customers without knowledge of the company’s relationship with the FBI. As part of the arrangement, FamilyTreeDNA has further agreed to test DNA evidence and identify the remains of deceased individuals in violent crimes for the FBI in its own laboratory.
In a statement, FamilyTreeDNA said that customers have the ability to opt out of matching features in their account settings. Doing so would prevent law enforcement from accessing their genetic information, but it also means a user would be unable to find potential family members through the service. According to Gizmodo, the company also seems to admonish those who choose to opt out by suggesting that it could be a “moral responsibility” to give up their private health information to the FBI.
However, the fact of genealogy companies are being subpoenaed by law enforcement isn’t a secret. In fact, it’s in the disclosures on their websites — FamilyTreeDNA, AncestryDNA, and 23andMe.
Forensic magazine reports that the FBI had previously had access to FamilyTreeDNA’s database before the partnership with the FBI.
After news broke that the FBI was accessing user data, FamilyTreeDNA announced that it would allow its customers to bar law enforcement from accessing their data, Engadget reported.
As an interesting corporate connection to make, one of the co-founders of 23andMe, Anne Wojcicki, is married to Google’s Sergey Brin. Unsurprisingly, Google Inc. also backs the DNA analysis company.
Last year, Drug giant GlaxoSmithKline invested US$300 million in the DNA-testing company in a deal that should raise eyebrows. A drug company working together with a DNA database company … what could possibly go wrong?
Under the deal, GSK has exclusive rights for four years to use 23andMe’s DNA database to develop new medicines using human genetics.
Activist Post reported last year Houston police launched a pilot program with the company ANDE to test a machine called Rapid DNA that runs DNA tests in under two hours.
Local news station KHOU11 reported,
“This rapid DNA is the future. It comes down to when mathematicians stopped using abacuses and started using calculators. It’s that important to criminal justice,” said Lt. Warren Meeler, Houston Police Department, Homicide Division.
As part of the test program, proper protocol for using the technology has been to swab each piece of evidence twice. First, the Houston Forensic Science Center (HFSC) takes an official sample for the lab, then Houston police take a second sample for the trial machine.
Rapid DNA results can’t be used in court, and the technology is only used for investigations in Houston, according to the news outlet.
The technology has some forensic scientists worried about whether it should be used at crime scenes, warning about the accuracy of the technology.
“I think everybody is comfortable that if there is a high concentration of DNA from a single source, so an oral swab from an individual, we’re confident the instruments produce good data. The questions start to come in circumstances where we’ve got touch DNA — smaller quantities of DNA, more mixtures, there’s more people on that doorknob that I’m swabbing – there I’m not sure anybody knows yet,” said Dr. Peter Stout, President and CEO of the Houston Forensic Science Center.
However, further research shows that Houston isn’t the only city using rapid DNA, police departments across the country—have rolled out their own pilot programs to test these miniature portable DNA lab machines that originate from the DHS.
“Rapid DNA, a newly commercialized technology developed by the Department of Homeland Security (DHS) Science and Technology Directorate (S&T), addresses these challenges by greatly expediting the testing of deoxyribonucleic acid (DNA) that is the only biometric that can accurately verify family relationships. This technology can be used on the scene of mass fatality events, in refugee camps around the world, or at immigration office,” the DHS’s website reads.
Police departments in Maryland, Pennsylvania, South Carolina, Florida, Utah, Arizona, Texas, California and in Delaware are or will be using DHS’s Rapid DNA.
An article in ProPublica warns that “over the last decade, collecting DNA from people who are not charged with — or even suspected of — any particular crime has become an increasingly routine practice for police.”
Congress enacted the “DNA Identification Act of 1994” authorizing the FBI to maintain a centralized, national DNA database and to develop a software system to allow for the sharing of information within and between states for law enforcement. By 2004, the resulting system – the Combined DNA Index System (CODIS) – connected the databases of all fifty states, which at that time were limited to profiles from those convicted of serious, violent crimes. Signed into law by President George W. Bush on October 30, 2004, the “Justice For All Act” greatly expanded the CODIS system, allowing collection of DNA from all federal felons and further enabling states to upload to CODIS profiles from anyone convicted of a crime according to a secret congressional WikiLeaks document entitled: “DNA Evidence: Legislative Initiatives in the 106th Congress.”
On January 5, 2006, a barely noticed piece of legislation entitled the “DNA Fingerprint Act of 2005” was also signed into law by President George W. Bush, that severely expanded the government’s authority to collect and permanently retain DNA samples. The bill slipped through virtually unnoticed because the law was, buried in the back of the Violence Against Women Act (VAWA) reauthorization bill.
Unbeknownst to the public, the bill granted the government authority to obtain and permanently store DNA from anyone who is arrested as well as non-U.S. citizens detained under federal authorities like Border Control and DHS.
In December of 2015 nearly 10 years later, results from a rapid DNA device were submitted as evidence in a successful murder prosecution
for the first time attempted murder case in Richland County, South Carolina. (That article now has been curiously deleted from Reuters and is only available on archive.org)
A bill before Congress, introduced on December 2015 by Sen. Orin Hatch, R-Utah, called for profiles collected by Rapid DNA devices to be connected to the FBI’s Combined DNA Index System, or CODIS, the software and national database that stores DNA profiles from federal, state and local forensic laboratories.
During a Senate committee hearing on the Rapid DNA Act of 2015, disgraced former FBI Director James Comey said that passage of the bill “would help us change the world in a very, very exciting way. It will allow us, in booking stations around the country, if someone’s arrested, to know instantly—or near instantly—whether that person is the rapist who’s been on the loose in a particular community before they’re released on bail and get away or to clear somebody, to show that they’re not the person.”
The Rapid DNA Act of 2017, S.139 and HR.510 passed last year, amended the DNA Identification Act of 1994, allowing previous hurdles to be surpassed by the new technology.
The bill was sponsored by U.S. Senate sponsor Senator Orrin Hatch (R-UT) and lead co-sponsor Senator Dianne Feinstein (D-CA) as well as House sponsor Congressman James Sensenbrenner (R-WI) and lead co-sponsor Congressman Eric Swalwell (D-CA), along with 12 Senate and 24 House co-sponsors for their support, Business Wire reported.
“Today marks a landmark day in more efficiently fighting crime and supporting law enforcement,” stated Robert Schueren, President and CEO of IntegenX. “IntegenX products have already enabled numerous DNA profile uploads to our nation’s DNA database (CODIS). We look forward to the updated FBI guidelines, and subsequent CODIS uploads from the booking environment.”
“Rapid DNA is a promising new technology and an effective tool for law enforcement – I’m thrilled to be seeing it signed into law. This technology will help quickly identify arrestees and offenders, reduce the overwhelming backlog in forensic DNA analysis, and make crime fighting more efficient while helping to prevent future crimes from occurring. It will also save time and taxpayer dollars,” commented Congressman Sensenbrenner, Chairman of the House Judiciary Subcommittee on Crime, Terrorism, Homeland Security and Oversight.
“This bill will help law enforcement agencies solve crimes faster and help those wrongfully accused to be exonerated from crimes they did not commit—almost instantly. The Rapid DNA Act updates the statutory framework in how DNA samples are entered into the FBI’s Combined DNA Index System by allowing the use of this remarkable Rapid DNA technology,” stated Senator Hatch.
In 2017, President Trump signed into law the Rapid DNA Act, which, enables police booking stations in several states to connect their Rapid DNA machines to CODIS, the national DNA database.
But CODIS isn’t only shared by the states. We learn from a Plus D WikiLeaks release, that the DNA information processing and telecommunications system was gifted to Argentina in 2009 by U.
S. Ambassador Earl Wayne, according to a cable. The system was gifted to “help the province solve crimes and exonerate innocent suspects.”
“On the very topical issue of crime and personal security, the Ambassador helped launch the province’s participation in the Combined DNA Indexing System (CODIS). CODIS, an automated DNA information processing and telecommunications system, was donated by the FBI,” the cable reads.
Meanwhile, another WikiLeaks Plus D cable talks about “specialized training and state of the art equipment donations enabling Colombian forensic labs to investigate human rights violations more effectively. These donations included the enhancement of DNA analyzers and the CODIS database; upgrading of the Integrated Ballistics Identification System (IBIS); updating of forensic imaging and document analysis systems; upgrading of the automated fingerprint identification system; and the design and installation of a wireless network providing inter-agency connectivity and information sharing,” according to the cable, entitled: “SUPPORTING HUMAN RIGHTS AND DEMOCRACY: THE U.S. RECORD IN COLOMBIA 2004-2005.”
This leads us to several questions. First, how many more countries were given access to the CODIS system; is this DNA database shared amongst countries in an agreement similar to the Five Eyes spying arrangement, or did the U.S. sell the software similar to the infamous PROMIS software? And, like PROMIS (Inslaw scandal), does this software have a backdoor for U.S. intel agencies to access other countries’ DNA data?
These are all questions we should find ourselves asking.
Even the DHS is looking into using the Rapid DNA technology for immigration purposes to stop adults fleeing with kids and ensure that they are their actual relatives. But later the DHS postponed the technology in 2015 to develop a stricter protocol for its use, Nextgov reported.
DHS documents obtained by the EFF state that the military may be interested in using rapid DNA in the future to reveal information about individuals such as their sex, race, health, and age.
In a 2013 privacy impact assessment for Rapid DNA pilot testing, the DHS stated that the portion of DNA analyzed by the devices does not reveal any “sensitive information about an individual, and will not, under any circumstances, be used for decisions based on those criteria.”
The EFF disagrees with Comey and the DHS, and has previously stated that the test pilot DNA program “may create controversy,” according to internal documents obtained by the Electronic Frontier Foundation civil liberties group. In a high priority e-mail from 2011, a DHS officer wrote to colleagues that “if DHS fails to provide an adequate response to media inquiries regarding RapidDNA quickly, civil rights/civil liberties organizations may attempt to shut down the test program.”
There are already numerous issues with keeping a DNA data bank. Privacy and civil rights advocates and watchdog groups have argued against the practice in California of retaining DNA from legally innocent people, thereby violating constitutional privacy rights, Mercury News reported.
Further, forensic labs (including the FBI) have shown flaws over the last few years exposing shoddy laboratory procedures including – grossly inaccurate testimony by law enforcement, and, in a few cases, outright false documentation or mixing up of results. DNA has been constantly linked to the wrong person similar to facial recognition biometric data.
If that’s not all reason enough for us to be skeptical about these systems, in 2015, the FBI found DNA data errors within its own national CODIS database, The Washington Post reported.
In another case, familial DNA was the culprit responsible for a false positive on a murder in Idaho. This resulted in Michael Usry in a police station with an FBI agent cotton swabbing him as he was completely confused by what was happening, Wired reported in 2015.
While genetics might be able to identify a felon, forensic scientists and lawyers agree that the information gathered can’t be able to gather more than that. As the Supreme Court wrote in its Maryland v King decision to allow DNA collection, this issue is “open to dispute.”
Forensic magazine notes the dangers of a DNA database, stating its a threat to “medical privacy.”
These genetic databases are an absolute gold mine for law enforcement. I am not sure anyone can argue that catching serial killers and rapists, or using CODIS for tracking missing children is bad; however, problems start to arise when these genetic databases are used to target people for deportation or sweep up the completely innocent in its dragnet.
Along with facial recognition, DNA databases are the first step towards an Orwellian society where the government knows your whereabouts, at all times. It’s a nightmarish outlook for our future; but what’s worse in some instances, like in the form of DNA, we are being tricked to give up our freedoms and privacy. As a CRS Congressional “think tank” report warned: “future DNA collection cases might raise graver Fourth Amendment privacy concerns than previous cases.”
The FBI plans to begin rolling out Rapid DNA to more police departments slowly in 2019, according to a Washington Post report.
“Our goal in 2019 is to be able to have a pilot project done where we actually develop a DNA profile in a booking station, with no human review, and have it electronically enrolled and searched in the national database,” Thomas Callaghan, chief biometric scientist for the FBI Laboratory, told the news outlet. “We have to ensure that the quality that’s done in a lab can be done in a booking station.