Wednesday, 21 August 2019

Getting the most from your new Big Y-700 results

The Big Y test changed to a completely new technology earlier this year. It now covers 50% more of the Y chromosome than previously. And so it is anticipated that the new test will discover additional SNP markers that the old technology did not detect. Furthermore, the new SNPs should be able to more accurately date the various branching points on the Tree of Mankind.

It also gives us approximately 700 STR markers whereas the previous test only gave approximately 500 STRs. As a result, the old test is called the Big Y-500 and the new one is called the Big Y-700. Going forward, all new Big Y orders will use this new technology.

For those who did the old test, it is possible to upgrade from the Big Y-500 to the Big Y-700. But for everyone who does the new test, or upgrades from the old version to the new version, it is essential that you upload a copy of your results to the Big Tree so that we can get some essential additional analyses. You will find instructions for doing so on the Big Tree website here and on the Y-DNA Data Warehouse website here but I include a briefer summary below.

What do you get from your Results?

Your results should be analysed within a week or two and you can check them by navigating to your particular portion of the Big Tree. For members of Ryan Group 2 (for example), their Terminal SNP is M756 and you will find this branch on the Big Tree here (see screenshot below). The diagram nicely illustrates their placement on the Tree of Mankind and the surnames of the people sitting on neighbouring branches to their own. This information can be very useful for determining the geographic origins of your particular direct male line and for determining if your name is associated with an Ancient Irish Clan.

Project Administrators can use programmes like the SAPP tool to generate Mutation History Trees and determine the likely branching structure of your particular "genetic family" from the time of surname origins up to the present day. This process can also help identify which Ryan's (for example) are more closely related to each other and which are more distantly related. It is also possible to date the branching points within the Mutation History Tree using SNP data as well as STR data. This process is likely to become more accurate with the advent of the new Big Y-700 data and the identification of new SNPs. It is anticipated that the new data will reduce the number of "years per SNP" from about 130 to about 80 years per SNP. You can read more about this here.

You can also click on your surname above your kit number for an analysis of your Unique / Private SNPs. These may prove useful in the future for defining new downstream branches in the Mutation History Tree and for dating new branching points. But this very much depends on new people joining the project and undertaking Big Y-700 testing (so that we can compare apples with apples). And as this is a new test, it is likely that we will have to wait some time before we begin to see real benefits from it.

Creating a Link to your Big Y results

In order to create a downloadable link to your Big Y results, first log in to your FTDNA account and go to your Big Y Results page ...

Then click on the blue Download Raw Data button ...

Then you need to create a link to two separate files - your VCF file and your BAM file. The VCF file is used for placing you on The Big Tree. The BAM file is used for high-end technical analysis by the folks at the Y-DNA Data Warehouse. You can see some of the results so far on their Coverage Page here (and if you like you can search for kits by surname, including your own).

1) to create a link to your VCF file, right click on the green Download VCF button, and then click on "Copy link" from the drop-down menu. You will later paste this link into the the "Download URL" box on the Submission Form.
Alternatively you can simply (left) click on the green Download VCF button and this downloads a 10 MB file to your computer. This can then be directly uploaded via the Submission Form below. However it is preferable (and less problematic) to generate a link instead.
2) to create a link to your BAM file, click on the green Generate BAM button. You will then get a message that "Your Big Y BAM file is currently being generated" (see below). This generates a very large BAM file ... but it takes several days to prepare so you will have to come back to this page in a few days time! Put a reminder in your diary / calendar!

Uploading your VCF file

Having created the first link (to your VCF file) and copied it, click here to go to the Y-DNA Data Warehouse and fill in the form with your standard information - email, kit number, surname of your paternal MDKA (Most Distant Known Ancestor), and (most importantly) the link to your file - you do this by pasting the link you copied earlier into the "Download URL" box underneath the heading "Raw Data Upload" at the bottom of the page.

If you want to upload the actual file itself (rather than a link), click on the blue Direct tab under "Raw Data Upload" and then click on the "Choose File" button and attach the file from where you downloaded it onto your computer (on my laptop, the "Choose File" button appears to be slightly hidden under some text but it works if you click on the start of the text). 

Don't forget to tick the checkbox to confirm you agree with the Data Policy and then click the blue Submit button.

Uploading your BAM file

Several days later, come back to this same place to get a link to your newly generated BAM file. So, navigate to your Big Y Results page, and after clicking on the blue Download Raw Data button, you will find that the BAM file has been generated. DO NOT DOWNLOAD IT - you don't need to and it is way too big. Instead, click on the green Share BAM button and then the green Copy button in order to copy a link to your BAM file. You will share this link in the next step.

Then go to the Y-DNA Data Warehouse and fill in the same form as before BUT ...

  1. select Other for the Testing Lab
  2. enter your Kit ID Number 
  3. leave everything else on its default setting
  4. paste the link to the BAM file in the "Download URL" box underneath the heading "Raw Data Upload"
  5. tick the checkbox to confirm you agree with the Data Policy and then click the blue Submit button

Maurice Gleeson
Aug 2019

Wednesday, 10 July 2019

Optimising your Anonymity & Privacy with DNA tests

Here are some practical hints and tips to optimise your Privacy if you are thinking of doing a DNA test (or you have already done one).

1) Don’t test!
This is the simplest way to avoid exposing your self to potential online scrutiny and unwanted intrusion from others. If you are not sure whether you should do a DNA test or not, do yourself a favour and don't test. You will only worry about it if you do.

2) Get your brother to do it instead
Some people are less concerned about privacy than others ... so if this is how one of your siblings feels, why not ask them to test instead? One person I know did this and everyone was happy. Win-win.

3) Don't use your Real Name
You are not obliged to use your real name. You can use whatever name you want. I don't recommend using "Clint Eastwood" (unless you want unlimited fan-mail) - much better to use something completely nondescript like John Williams or Jane Jones.

Genealogically it makes sense to use your surname (as this will help with any genealogical research) but again, it's not essential. You can just as easily use an alias, a pseudonym, or a nom de plume. Or even a sequence of letters & numbers … FYL227 has a particular ring to it.

A cunning disguise will fool most people
(this is obviously Groucho Marx in a wig)

4) Disguise your Personal Information

Similar to above, you are under no obligation to use your real date of birth. Now is the perfect opportunity to take 10 years off your age. I did and I feel so much better.

You could also create a bespoke, untraceable email address just for your DNA tests. It's easy to set one up on Gmail and have any messages directed to your inbox. I believe is already taken but something similar would work just as well. It would be extremely difficult to identify you from a seemingly random combination of letters and numbers.

Only give the minimum amount of information necessary. I don't bother with my postal address or telephone number. If they can't reach me by email then I am probably on a retreat to the North Pole and they are unlikely to reach me by snail mail or telephone either.

5) Privatise your DNA account
All the testing companies allow you the option to make your results completely private. For some, this means that your matches cannot see you, but you cannot see them either. And this seems like it might defeat the purpose of doing the test in the first place, but not so! You can de-privatise your results when you want to work on them, and re-privatise them when you have finished. This minimises the amount of time you are "exposed to public view" by your matches.

6) Privatise your Family Tree
Without a family tree attached to them, DNA results are relatively useless. You could show up as a close "2nd cousin match" to someone else but if you haven't supplied any family tree information, it can be very difficult for them to figure out how you fit in to their tree.

Keeping your family tree private is as effective as keeping your DNA results hidden (if not moreso).

7) Delete your DNA account

If you have finished working with them, you could delete your results completely. This works really well if you have transferred your results to a particular website from another company - you can always keep the original results on the website you initially tested with and re-upload them again at any time.

Similarly, you can delete your kit from any website and have your sample destroyed.

So there are ways and means of finding the level of privacy and security that you personally feel comfortable with. Can you think of any others? Leave a comment below. 

Have fun! Play safe!
Maurice Gleeson
July 2019

Tuesday, 9 July 2019

Irish Mother finds her son ... 60 years later

When it came time for her to deliver, she was taken into a room and put to sleep. When she woke up, the large bump of her pregnancy was gone, and so was her child. For the past 60 years she has always wondered if it was a boy or a girl - they wouldn't tell her.

Now, 60 years later, thanks to DNA, she knows. It's a boy.

There are many people in Ireland searching for their birth family. Some are adoptees, some are foundlings, some are people who were raised in industrial schools, some of whom were boarded out. Over the past few years, many of these people have turned to DNA for help, and these numbers are increasing all the time as the success stories of people finding family through DNA are becoming more widespread.

But it's not just the children that are searching for their families, it's the parents too. I have been working with several birth mothers (in their 70s and 80s) who are trying to locate the child that was taken away from them many decades beforehand. Many tell a similar story, like the one at the top of this article. They had little control over what happened to them. Decisions were made for them. And they were left with little or no information about the child they gave birth to, not even what gender it was.

I am delighted to announce that one of my clients (the woman above) has finally reconnected with her son. She gave up her child 60 odd years ago, and it only took 12 months for DNA to find him. She tested with Ancestry and then uploaded her data to FamilyTreeDNA, MyHeritage & Gedmatch (the recommended approach).

Now comes the next step in their journey - getting to know each other, building bridges, putting the past in the past, and moving into the future. This is a slow process that will take a lot of work on both sides.

Any birth parent who wants to find and contact their child should first seek advice from the Adoption Authority of Ireland (AAI). They can help you sign up to the National Adoption Contact Preference Register (application form here, and Frequently Asked Questions here) and help you to contact the Agency who placed your child for adoption. You can email the AAI at This should be your first port of call before turning to DNA.

If tracing using the first-line method above is unsuccessful, then you can consider DNA testing. The recommended approach is to test with Ancestry, and then upload a copy of the results to MyHeritage, FamilyTreeDNA, LivingDNA and Gedmatch. If this is unsuccessful, you should also test with 23andMe. If this is still unsuccessful, then it becomes a waiting game. You are hoping that some time soon your child or one of their children will do a DNA test and pop up in one of the databases as your closest match.

When they do, the connection may be instantaneous and things may move very quickly indeed so be prepared - think about what you want to tell them, think about the sort of questions they may ask you, write it all down, and put it in a letter (or two) that you can post or email to your child.

For most people, reconnection is an emotional rollercoaster. It is best to have professional help on hand in case you need it. Take things slowly. You will need time to process your feelings. So will the other person and their family. Be kind to yourself and to others.

Further information can be found in an earlier blog post here. For ways of optimising your Privacy with DNA tests, read this post here.

My thanks go to Ancestry who provided free DNA kits to help with this research.

Maurice Gleeson
July 2019

Saturday, 18 May 2019

Civil Liberties vs The Greater Good

It's been a year since Law Enforcement Matching (LEM)* has resulted in the identification of suspects in at least 50 cases of violent crime in the US. [1] The power of genetic genealogy techniques to solve these crimes is truly amazing and is a real game-changer for law enforcement (LE), not just in cold cases but in active cases where the perpetrator is still at large and may offend again. [2,3]

But against this are the growing concerns about infringement of civil liberties, in particular lack of informed consent and intrusive police procedures which may unfairly target innocent people. These are legitimate concerns and need to be addressed. [4,5,6]

Previously I have suggested a very cautious, conservative approach to law enforcement use of the genetic genealogy databases. [7] In this post, I'll take a broader look at the overall Benefit Risk Ratio of Law Enforcement Matching and explore how this can be further improved by appropriate Risk Minimisation.

The potential Benefits of Law Enforcement Matching are many:
  1. It helps solve "cold cases" of violent crime where the victim has been killed or raped or both. This can bring closure to the families involved and save a huge amount of time and money for LE, thus allowing limited police resources to be used more efficiently.
  2. It can help solve "active investigations" where the rapist or killer is still at large, and thus helps remove violent criminals from the streets, potentially preventing further violent crime and loss of life. [2,3]
  3. It is the certainty of being caught rather than the severity of the penalty that stops criminals from committing crimes in the first place. The advent of LEM has created the possibility that many criminals will now think twice before committing a crime because of the very high risk of being caught using LEM.
  4. By reducing the risk from active violent criminals and by serving as a deterrent, it makes the society we live in a safer place.

These are the Benefits. What are the Risks?
  1. LEM is being undertaken without the express Informed Consent of a sizeable number of people within the genetic genealogy databases (possibly the majority). This is because some of them are deceased, some people have not read the revised Terms, and some kits are managed by other people who are making the decisions for them. And there are probably other reasons also.
  2. The recent Utah case [2,3] illustrated that Gedmatch was in breach of its own Terms. [4,5] Gedmatch argued that this action was justified, given the violent circumstances of the case concerned. Others have argued that this is a slippery slope [5] and that soon non-violent crimes will be the target for LEM. This raises fears of inappropriate and intrusive police action and an increased risk of inappropriate or wrongful targeting, and even wrongful conviction.
  3. Some people have moral objections to the death penalty and would not like to see their DNA being used to identify criminals whose punishment would be death.
  4. If LEM is not carried out with appropriate oversight and safeguards, there is a risk that it will be "shut down", thus depriving society of a very powerful tool for crime detection and prevention, and denying future generations the potential benefits that it may provide. Update: as of Sunday 19th May 2019 (the day after this post was written), everyone in the Gedmatch database has been automatically opted-out of LEM. A process will be instituted in the next week or so to allow people to actively opt back in.
  5. LEM does not guarantee anonymity of the "passive genetic informants". Brandy Jennings will always be known as the woman who helped convict her cousin. Her name is out there. Forever. This puts her at risk of revenge attacks, unwanted media intrusion and public scrutiny (like this blog post).

If LEM is to survive and thrive, there needs to be a process of Risk Minimisation in order to optimise the Benefit Risk Ratio. So how do we minimise each of the Risks identified above?

Let's take a look at Informed Consent  The first important point to make is that the requirement for Informed Consent is not absolute. In medicine, if someone arrives unconscious at the Emergency Department and needs an urgent blood transfusion to save their life, the doctor can order for such an infusion to be given without the patient's consent. And in most circumstances the patient will thank them for saving their life. But there are exceptions - if the patient later turns out to be a Jehovah's Witness then they may be very upset by this course of action and may attempt to sue the hospital. However, if it can be shown that the doctor "acted in good faith" and provided a reasonable standard of care, then he should get off the hook.

So this raises the question: is the requirement for Informed Consent absolutely essential in the situation where a murderer may kill someone again unless they are caught quickly? My gut feeling in this case is: go ahead and catch the murderer. The requirement for Informed Consent is not absolute in this case. Not to proceed in this fashion risks another murder ... and how would you explain to the victim's family that you did not catch the killer when you could have, because of concerns over Informed Consent? Would they buy your explanation? Would they agree that "Mum had no option but to lose her life because Informed Consent wasn't obtained?" I don't think they would agree with that line of logic. Rather they would say: you should have found some way around it. You should have made it happen. You should have found some solution.

And that is where we now stand: how do we find a solution to this issue? who determines if the Right to Informed Consent is absolute under these circumstances? 

In the UK, Biometric and Forensic Ethics Group (BFEG) is discussing the application of LEM to policing in Britain, following the receipt of many enquiries. In the minutes of their September meeting, they made the following statement:
The BFEG cautioned against using this approach in the UK. Asides from the issues of incompatibility of testing carried out in an unaccredited environment, the ethical issues of using DNA profiles provided for genealogy purposes were considerable.
Whilst this statement clearly recognises the ethical issues involved, it does not suggest any means by which they might be resolved. One also wonders to what extent the BFEG were sufficiently informed about the way that LEM operates in practice such that a comprehensive evaluation of the Benefit Risk Ratio could be made. There is also the consideration that LEM may not be as urgently required in the UK (for example) as it might be in other jurisdictions due to the relatively lower rate of violent crimes and the relative greater potency of the national forensic database.

The second risk described above is the risk of inappropriate or wrongful targeting. Gedmatch breached their Terms of Service. And they did so for justifiable reasons. And many people will agree with those reasons and the subsequent actions, and many will not. The remedy is quite simple: change the Terms, apologise to the customers, move forward. Most people will be happy with that. Some won't.

However, it does raise some very important questions. First off: who is the Gatekeeper? 

Who decides whether or not LE can use the database? Should it be a single person (as in the case of Gedmatch)? or should it be a group of people, a committee perhaps? But then who decides who sits on such a Committee? Should I be on the Committee? Should I make decisions for what the FBI can and cannot do? Do I have the requisite skills and experience? Who does?

In the UK, should the BFEG decide on which cases can make use of the commercial DTC databases and which cannot? Do they have the requisite skills and experience?

In the US, does the FBI have a Committee that decides what cases can and cannot be progressed? Does Parabon? Does Bode? Are the terms under which such committees operate transparent? If not, how do we know if they are reasonable? And one final question: are the workings of such committees overseen by an appropriate authority? 

Who gatekeeps the Gatekeeper?

Thus there is a need for a clearly defined process with appropriate stops and checks. And there is a need for transparency so that public confidence can be attained and legitimate fears and concerns can be minimised. I would feel a lot safer if there were processes in place that would help minimise the risk of inappropriate use of the databases. It would also take the burden off the CEOs of Gedmatch and FTDNA (and the other commercial companies).

Which brings us to the risk of inappropriate or wrongful targeting. This has always been a problem with police forces everywhere. Often they get it right, but often they get it wrong. And sometimes they plant evidence to get the conviction they desire. We've all seen it in the movies.

There have been several cases where genetic genealogy has been used to target the wrong person. People often say: DNA doesn't lie. But what these cases have shown is that it can certainly be misread, misinterpreted, misunderstood and misconstrued. It can lead you on a wild goose chase, barking up the wrong tree. And that can cause harm. Michael Usry suffered the distress of unnecessary police intrusion, anxiety while waiting for the DNA results that could potentially convict him, and potential damage to his career and reputation despite being exonerated. His name is out there. Forever.

Here's another consideration: if you are a police officer, and you are certain that someone has committed a crime but there isn't enough evidence to convict him, just plant some of his DNA at the crime scene. Or at any appropriate crime scene for that matter. Frame him with his own DNA. Put him behind bars, where he deserves to be. The new technology allows this. [8] It may even have been done in the past when only standard forensic DNA tests were available. Has a movie been made about that?

The Innocence Project has had 350 exonerations to date - 20 of them were on death row. So clearly there is a risk of wrongful conviction and the death penalty. It may be a small risk, but IT IS THERE. And it needs to be minimised. 

But is this more a problem of the criminal justice system than the actual use of LEM itself? Yes, it is. LEM doesn't kill people, people kill people. But the context within which LEM is applied needs to be taken into consideration. In those jurisdictions where the death penalty is not enforced, LEM will not result in deaths due to wrongful conviction (unless the innocent convict is killed in prison). But in those jurisdictions where the death penalty is enforced, then there is a definite risk of wrongful death. How can such a risk be minimised?

Furthermore, we need to think beyond the English-speaking world. Most commercial DNA tests have been done by people in the US, followed by smaller percentages in the UK, Ireland, Canada, Australia and New Zealand. LEM is more likely to be successful in the US, less likely in the other English-speaking countries, and much less likely anywhere else ... with some rare exceptions. Sweden, for example, has had a large proportion of its population tested. Iceland has had practically the entire population tested. Kuwait tried to test the entire population but their efforts were overturned by their Supreme Court. China has surreptitiously tested 50 million people (i.e. no informed consent) and has used the data to send members of the Uighur minority to "Re-education Camps". 

To what extent are we responsible for this?

Who is looking after the planet?

The last Risk identified above is the loss of anonymity for "passive genetic informants". The Brandy Jennings case was cited. Her name appears on a Search Warrant that was obtained by the Press under Freedom of Information legislation and was made public. This exposes her to revenge attacks as well as unwanted Press intrusion and public scrutiny (like this blog post). 

The Take Home Message is: by allowing your DNA to be used for LEM, you risk being named in the newspaper and on TV. Does that give you pause for thought? It does me.

This is definitely a risk and it definitely needs to be minimised. But is this more an issue relating to the nature and culture of how the Press reports than the actual use of LEM itself? Yes, it is. And again, the context within which LEM is practiced is all important. What is a risk in one country may not be a risk in another. And this emphasises the need for a global perspective in relation to LEM and the context in which it is practised.

How could this Risk of loss of anonymity be minimised? Well, it would have been nice if the names of the "passive genetic informants" had been redacted. Should someone have done this? Who is responsible for safeguarding the anonymity of the "passive genetic informant"? Does anyone know? Someone should change the Policies and Procedures of the FBI and other relevant LE authorities such that safeguards are put in place to minimise the risk of loss of anonymity and such that Privacy for those in the commercial database can be optimised.

It is only by minimising the risks associated with LEM that the Benefit Risk Ratio for its continued use remains optimal. And this helps safeguard the future viability of this incredibly powerful tool that holds the promise of making society a safer place for this generation and the ones to follow.

Maurice Gleeson
May 2019

* LEM, Law Enforcement Matching refers to the use of the genetic genealogy databases (e.g. Gedmatch, FTDNA) by law enforcement officials to help identify perpetrators of crimes, usually "cold cases" involving rape or murder.
[7] Maurice Gleeson: My input to FTDNA's Citizen Panel ...
[8] DNA Evidence Can Be Fabricated, Scientists Show (NY Times, 2009) ...

Tuesday, 19 March 2019

My input to FTDNA's Citizen Panel

Recently I was privileged to be invited to be part of FamilyTreeDNA's Citizen Panel to advise on steps to meet the privacy requirements of FTDNA's members and at the same time allowing the FTDNA database to be of service to the wider community.

FTDNA have long been leaders in the field of genetic genealogy - they were the first company to provide DNA tests aimed specifically at the genealogy community and remain the only company to provide their customers with an infrastructure for running their own DNA projects. In fact, it can be argued that without FTDNA there would have been no genetic genealogy - I certainly owe them a debt of gratitude for fostering my own emergence as a genetic genealogist. This active promotion of Citizen Science has resulted in great advances in the field of genetics, such as the ongoing characterisation of the Tree of Mankind (Y-Haplotree) and the Tree of Womankind (mitochondrial Haplotree). They were also the first company to introduce a chromosome browser and many other tools to help with the interpretation of our autosomal DNA results. They have also actively supported the community through sponsorship of scientific meetings and conferences, such as Genetic Genealogy Ireland and the DNA Lectures at Who Do You Think You Are - Live!

So it was an honour to be part of the Citizen's Panel and to help contribute to the continued leadership of this great company.

The use of Genetic Genealogy Techniques by law enforcement is just the latest in the potential applications of these techniques. We as a community have been using these same techniques for many years to help adoptees connect with their birth families, and the use by law enforcement is a further natural extension of the methodology. It also has potential applications in any mass grave situation and in the future we may see its increasing use in such circumstances (e.g. to help identify soldiers who have been killed in the field of battle, to identify victims of natural disasters, such as the California Wild Fires, to identify the children buried at the former Tuam Children's Home, etc). And the availability of public, crowd-sourced databases to help achieve these important objectives will help increase the likelihood of successful identification and positive outcomes. Recent surveys have demonstrated broad public support for the use of public DNA databases to achieve these aims, but have hinted that additional regulation may be necessary.

FTDNA are to be congratulated for their continuing leadership in this regard. They are the first of the commercial companies to recognise the power of crowd-sourced databases to achieve the Greater Good. Their revised Terms of Service and Privacy Statement address a lot of the concerns that have been raised in the ongoing debate about law enforcement access to public DNA databases and they should be commended for this latest revision. No doubt as the debate continues, and different perspectives are aired, the need to revise and refine the approach to privacy and consent will change and the Terms will evolve accordingly. This is only natural. Privacy, Consent & Data Protection are not static topics. They never were. They are ever-evolving and will continue to evolve over the course of time.

In addition, their new Law Enforcement Matching FAQs and Law Enforcement Guide are an important advance toward explaining the current situation, allaying customers concerns, and satisfying the need for information.

So well done to FTDNA on taking the lead in addressing this issue head on and advancing the cause of the Greater Good. Hopefully, as the debate continues, additional safeguards will be identified and introduced such that any potential risks associated with the process of Law Enforcement Matching will be effectively neutralised.

Being part of the Citizen's Panel was of enormous benefit to me personally. It afforded me the opportunity to review all the many blog posts and Facebook comments that have been exchanged over the past year or so since the prime suspect in the Golden State Killer case was identified in April 2018. The advice I provided was based on my assessment and interpretation of the various perspectives and concerns aired in this ongoing debate. I hope I have captured all of them. In addition, I also have to thank my colleagues here in the UK and Ireland for our extremely fruitful ongoing discussions, partially arising out of GDPR, and many of my recommendations are based on these interchanges. In particular, I would like to thank Debbie Kennett, James Irvine, John Cleary, Donna Rutherford and Michelle Leonard whose sage advice and measured commentary have helped form my own opinions.

I found that the recommendations arising from my review incorporated a useful summary of the key issues that we as a community (and as a society) currently face. As such, I think that many people would find this very helpful in educating themselves about the issues involved and formulating their own opinions. As this is merely a summary of issues that have already been aired publicly, and as there was no requirement for a Non-Disclosure Agreement, I have appended my analysis and recommendations in their entirety below (this was an email that I sent on Feb 25th). I also believe that doing so is important as it helps promote the transparency of the Citizen's Panel (which ideally should reflect the broad range of views held by the customer base). I hope people find the advice informative (there are hyperlinks within the text) and that it is a useful contribution to the ongoing debate.

We are in exciting and unchartered territory. We are living in interesting times. The decisions we take today may have huge implications for privacy, consent, data protection, and the Greater Good. The debate is not over and will continue well into the foreseeable future. But it is very encouraging to see that FTDNA took many of my suggestions on board for their revised Terms of Service and no doubt this will be only one of many future revisions of their Terms over the coming years.

Hopefully other companies will follow suit as the situation evolves. People want to contribute to the Greater Good and there is a moral imperative to facilitate that happening. The devil is in the detail - we need to identify all potential risks and introduce sufficient (and not overly-restrictive) safeguards to minimise them. FTDNA's revised Terms of Service are a step in the right direction.

Maurice Gleeson
March 2019
FTDNA have kindly sponsored the Genetic Genealogy Ireland conference that I organise each year in Dublin & Belfast. I am very grateful for this sponsorship. They have occasionally paid part of my travel and accommodation expenses at these events.

My advice to FamilyTreeDNA as a member of the Citizen's Panel:

Feb 25th, 2019

Dear Bennett and Max

Thank you for inviting me to be part of the Citizen’s Panel. It is an honour and a privilege and I am very grateful indeed.

Let me start by saying that if it wasn’t for you both, I would not be the citizen scientist that I am today. None of us would. Without FamilyTreeDNA’s vision and the creation of an infrastructure that allows ordinary citizens to run their own DNA Projects, the genetic genealogy community as we know it today, would never have emerged. And therefore, I am acutely aware of the debt of gratitude that we owe to FTDNA as a company, to all its employees, and to the both of you in particular.

With that in mind, what follows comes from a place of deep respect for you both and I hope my honest and direct assessment serves as a useful addition to the ongoing conversation. Please feel free to pass these comments on to your legal team to help them in their exploration of the various international legal ramifications, and also to your PR consultants to help them in their efforts at damage control. My current thoughts have formed gradually over the past few months (having read the many posts and comments and blogs relating to this issue) and are likely to evolve further as the situation unfolds.

Ever since the news that the FBI were making use of the FTDNA database, I have struggled with the two default options before us for a database that allows LE (Law Enforcement) access:
  1. default opt in database, from which customers can opt out
  2. default opt out database, into which customers can opt in

1. The current situation: default “opt in”, optional “opt out” of all matching
The current situation is a default opt in database from which customers can opt out. But doing so means opting out from all matching, which for many customers was the main reason for joining the database in the first place. Some may claim that their consumer rights have been infringed by this move and may have a legitimate case for compensation. Not only might this impose a financial strain on the company, but it would be extremely bad press.

2. The new proposal: default “opt in”, optional “opt out” of LE matching
The new proposal to have a separate “opt out” option such that "Users can opt-out of Law Enforcement Matching at any time, while retaining the ability to see all of their matches” is a step toward remedying the current situation and no doubt will satisfy a lot of your customer base. But there are several major risks associated with this approach that could substantially damage the business:
  1. It will be easy to apply the revised consent process to new customers, but much more difficult to apply it to existing customers. Emails could be sent out to all customers telling them they can opt out if they want to, but many customers do not read their emails and others do not bother replying. Lack of objection to the default “opt in” cannot be interpreted as express or explicit consent. FTDNA could lock people out of their accounts until such time as they had acknowledged they are happy being opted in automatically, but a lot of people haven’t accessed their account for years so this too is not a foolproof method of confirming that people are consenting to the default opt in. 
  2. In addition, dead people will obviously not be able to re-consent, and many have not appointed beneficiaries … so do dead people have rights in this regard? Do their families? It is important that FTDNA does not to appear to walk over the (perceived) rights of dead people. And in addition, this will be a particularly sensitive issue for some people with indigenous status both within the US and outside (such as the Havasupai tribe).
  3. Many Users manage kits for other people - there is no guarantee that they will consult with those people and therefore there is a real risk that some customers will be opted in for something they did not consent to. This is a major flaw in the proposed new system and FTDNA will be heavily criticised for it.
  4. The FBI only have jurisdiction in the US. They don’t have jurisdiction in Europe, the Middle East, Australia, etc. So all customers falling outside of the FBIs jurisdiction should automatically be opted out of the "LE-only" database.
  5. there is a convincing argument that access to matches' personal data (e.g. names, email addresses, matching segment data) by LE is beyond the intention for which the database was set up and requires separate optional “opt in” consent in a similar way to consent for scientific research (see the dedicated consent processes at Ancestry & MyHeritage)
  6. this specific point is made in the Future of Privacy Forum’s Best Practice Guidelines (see section IIb on page 4). LE access clearly falls under the “incompatible secondary use” category and this would therefore require "separate express consent". (Incidentally, the fact that FTDNA has been expelled from the forum raises serious concerns in people’s minds and FTDNA will be branded in the media as "the company that does not follow Best Practice Guidelines”.)
  7. Under GDPR, there is a specific requirement to collect “freely given, specific, informed and unambiguous consent” from customers before sending them marketing emails (Article 32). The same GDPR requirements also apply when allowing LE to access the personal data (name, email, family tree) of any matches that any of the kits uploaded by LE may have. Consent must be explicitly “opt in” and cannot be “opt in” by default. This is covered in the section on consent in the Guide to GDPR and falls under section 3 of the UK’s Data Protection Act 2018  Your legal team should offer specific advice not just on the GDPR requirements in this regard, but also the requirements of the DPA 2018. Further specific information on the use of personal data by LE is available from the Information Commissioner’s Office.
  8. in the UK, the Information Commissioner's Office (ICO) is particularly sensitised to LE use of personal data following a recent investigation into the UK Police’s use of a “Gang Matrix” (consisting of suspected gang members) which was shared by the police with several different government organisations. The ICO found this to be in breach of GDPR and an Enforcement Notice was instituted against the police. If a company (such as FTDNA) were to be perceived as doing something similar, a hefty fine (of up to 20 million euro or 4% of company annual turnover) might be levied as well as an Enforcement Order. The largest fine to date is 50 million euro (against Google last month).
  9. From the discussions on Facebook, it would appear that at least one person has instituted a GDPR complaint (there may be others). There is also talk of a class action law suit. Furthermore, there are dedicated groups whose sole objective is to aggressively fight against perceived breaches of privacy and “forced consent". NOYB is one such group and they have brought successful GDPR actions against Google and Facebook … so there is a real risk that they could take similar action against FTDNA, particularly if alerted by an aggrieved customer or a competitor. Any such legal activity will tie up FTDNA in terms of time, money & resources, not to mention the damage to its public image and the opportunity cost resulting from the consequent loss of business. Thus such possible consequences are to be avoided at all costs.
  10. FTDNA is in danger of losing its EU/US Privacy Shield status by converting a genealogy database into an LE database. One of the basic principles of the Privacy Shield is data integrity and purpose limitation  The revocation of the Privacy Shield is likely to hit European recruitment hard.
  11. FTDNA relies greatly on the support of volunteer project administrators to promote the company both online and offline at various genealogy events. Those admins who disagree with the proposed opt out policy are likely to become disillusioned and withdraw their support for the company or post damaging negative comments which could impact on the company’s sales and reputation.

For these reasons the optional "opt out” system will not work. It has to be changed to an optional “opt in” with “opt out” being the default position. This move is likely to severely compromise the ability of the “LE-only” database to catch killers & rapists (something we all want to do), but we cannot set up a database for US law enforcement that is in breach of international data protection laws even if the benefits for the greater good are plainly evident to all. In fact, if the "LE-only” database is built in the wrong way, with undue haste and lack of forethought, the public will lose trust in the process and ultimately more harm than good will be done by this precipitous action. 

And FTDNA’s public image will suffer hugely. Despite the best intentions of FTDNA, it will be seen as the company that ultimately destroyed the possibility of a voluntary database that helps LE catch killers & rapists.

3. The alternative solution: default “opt out”, optional “opt in” to LE matching
If FTDNA copied the same process introduced by Gedmatch, this would be a significant advance. Consent is explicitly obtained from all new Users to “opt in” to a database that is clearly described as allowing LE access. Gedmatch has a second option for their Users, namely that those who choose to can additionally “opt out” of having LE (or anyone else for that matter) see their kit (the “Research kit only” option). Thus there is an initial informed consent obtained from each User followed by an "escape route" should they so desire. This two-step process goes a long way toward reassuring customers and building trust in the system. 

And this 2-step process could also be introduced by FTDNA. Copying the Gedmatch approach would allay a lot of fears and help restore public confidence in FTDNA. It would also potentially allow FTDNA to collaborate with Gedmatch on resolving the exact same legal issues. 

This optional “opt in” LE-only database will take a lot longer to build than a default “opt in” database, but it will be more robust and less vulnerable to attack, thus helping to ensure its survival and making it more likely that it will achieve its goals of catching violent criminals and bringing closure to victim’s families.

However, even with the alternative default “opt out” / optional “opt in” LE-only database, there remain several very significant problems: 
  1. the ongoing legal action by Maryland (and potentially other states) arguing that LE access is a breach of the 4th Amendment. The publicity of the case may be even more damaging to FTDNA (and Gedmatch) than any eventual legal decision.
  2. the inherent vulnerability of the database to exploitation by undesirable forces (see below)

4. Vulnerability of the database 
Even if a separate optional "opt in" database is created for LE use, what is to stop them from continuing to use the general database surreptitiously, in the same way the FBI were using it before FTDNA discovered them? Conceivably, the FBI (or any LE agency) could say that they will comply with the revised Terms of Service but thereafter could simply upload DNA profiles “undercover”, just like they did previously. FTDNA might not be any the wiser of this surreptitious activity. And some customers would have their personal data (name, email, etc) exposed to the FBI if any of them were a match to the undercover FBI kits. 

So this scenario begs several questions: 
  1. how can FTDNA monitor the database to ensure that any such undercover kits are either prevented from being uploaded, or are quickly identified and removed?
  2. what is the penalty for breach of the Terms of Service? Would FTDNA refuse to work with the FBI if it did not observe these Terms?

It doesn’t stop there. Any organisation could potentially gain access to the database as long as they were able to upload somebody’s DNA. The Mafia or organised crime could potentially use it to identify the families of specific individuals, perpetrate revenge attacks, or even disrupt witness protection programmes. I know this is far-fetched but you can imagine the damage to FTDNA’s reputation if it ever came to pass.

But most importantly what this demonstrates is that, in the absence of a method to prevent rogue kits from entering the database, FTDNA will never be able to 100% guarantee the confidentiality of their customer’s personal data. This would be catastrophic both legally (GDPR, etc) and from the perspective of FTDNA’s public image. This is why involving a legal team and a PR consultant is so vital. In addition, the legal team will need to consider implications not just in the US but across a variety of different legal systems across the world.

So how then can FTDNA protect itself against this type of undercover activity? One possible solution is to require that all DNA transfers from other companies have to have a cryptographic signature as proposed by Yaniv Erlich. This would clearly identify where the original DNA results had been generated and “non-permissible" kits could be rejected.

This does not address the possibility of some people trying to create a “fake” or “spoof” DNA sample, although this is more of a problem with saliva-based DNA kits. Nevertheless, in order to sustain a good reputation, FTDNA will need to take (and be very publicly seen to take) the appropriate and proportionate action to protect its customers' data. It will also need to prepare for a possible external audit, either by the relevant US authority or GDPR representative or both. 

5. Some additional suggestions

You could also add the LE access opt in / opt out feature to the Family Tree Sharing section under the Privacy & Sharing tab. This would allow people to specifically opt out of sharing their family tree with LE. And this action on your part would provide further reassurance regarding the protection of customer's data.

It will be important to add a new FAQ about Law Enforcement Matching that addresses the following questions (I am very happy to help with this):
  1. How does the process work? 
  2. Does LE need a search warrant to upload a kit? 
  3. What documentation does LE need to provide to FTDNA?
  4. Who decides whether or not to allow the LE kit into the database?
  5. What cases are allowed in?
  6. Are there plans to allow kits to be uploaded by LE agencies in other countries (e.g. UK, China, Russia)?
  7. Will customers be informed if their DNA kit comes up as a match to an LE kit?
  8. Could some FTDNA customers end up in a Witness Protection Programme? (e.g. if there is a match to a gang member, Mafia, etc)

It would be very reassuring for customers if further data protection measures could be undertaken. For example, could an internal messaging system be used rather than sharing customers' email addresses? These can easily be used to identify people and track down their home addresses (we do this with adoptees all the time). There may be other actions that could be undertaken to optimise customers’ data protection and privacy. All such actions will help reduce the risk of a GDPR complaint or a time-consuming law suit … and will maximise the public perception that FTDNA is “doing the right thing” by its customers.

Customers will need reassurance that all potential risks have been considered, that the probability of each risk is low, and that (nevertheless) steps have been taken to minimise each of them. Separate FAQs will need to be developed for each one and I am very happy to help with the wording for these. Here are a few examples of the sort of concerns that customers have expressed on Facebook and other social media:
  1. What is the risk of wrongful targeting, arrest, conviction, imprisonment, and the death penalty? This is a particular concern among the African American community where the historical relationship with law enforcement has not been good. The Innocence Project has helped exonerate 350 people, 20 of whom were on death row, so the risk of wrongful targeting is very real and needs to be comprehensively addressed in order to regain customer confidence.
  2. Concerns have also been raised about the possible misuse of customer’s data if it fell into the wrong hands. Traditionally the main fear was insurance companies, but more recently people are discussing what would happen if totalitarian regimes or dictators got hold of our DNA? This is one of the reasons why DNA testing never took off in Germany. People have also raised concerns about the fact that China has surreptitiously tested 50 million people, and Middle Eastern customers have been concerned about the situation in Kuwait where (in 2017) the Supreme Court had to overturn legislation introduced by the government requiring all citizens and visitors to undergo DNA testing. The public needs to be reassured about the safeguards that are in place to prevent this type of misuse in the future.
  3. Will LE kits be easy to recognise by other customers? Is there a risk that a match to these kits will expose it publicly, or start “working the case”, alert potential perpetrators, put the genetic informant at risk, etc? How could such risks be mitigated, minimised, or neutralised? Ideally LE kits should be hidden from public view (like the "Research kit only option" at Gedmatch).

I hope you find these suggestions helpful. I’m sure other thoughts will emerge in due course. 

And thank you once again for allowing me the opportunity to share these thoughts with you both. FTDNA has a very strong presence in the UK and Ireland and I would not want to see this significant British & Irish database compromised. We recently returned from a very successful meeting in Belfast where Martin McDowell (Admin of the North of Ireland Project) presented on how most of his close matches are in the FTDNA database, thanks to the tenacious efforts that have been made to recruit Irish people, at both the Dublin & Belfast conferences, but also by the many Irish DNA projects and via the DNA Outreach Ireland network of volunteers that have worked hard on FTDNA’s behalf these past 6 years. We have built incredible momentum for FTDNA in Britain & Ireland and it would be a great shame to see this damaged in any way.

Looking forward to helping out in any way I can.

Warm regards

Dr Maurice Gleeson MB 
Genetic Genealogist
Education Ambassador, ISOGG

Wednesday, 14 November 2018

How do you feel about your DNA being used by the police? - the results of a survey


In April 2018, US police finally identified a murder victim (known as "Buckskin Girl") whose identity had remained a mystery for 37 years. Despite everything that they threw at the case, Forensic Science could not come up with the answer. But Genetic Genealogy did, and in doing so, made history.

The Buckskin Girl case was solved in 4 hours
once the kit had been processed by Gedmatch

The excitement generated by the case did not have a chance to die down because two weeks later, the prime suspect in the Golden State Killer case was arrested, causing a media storm. Once again, genetic genealogy techniques had helped identify the most likely candidates for the killer, and (using routine police work) officers had followed these leads and gathered the evidence necessary to bring charges against a single individual.

Since then over 11 people have been arrested and charged with rape or murder, thanks to the application of the new technique by Law Enforcement agencies across the US. This new development seems to be in the process of changing forever the way that law enforcement solves "cold cases".

Some of the suspects arrested over the past 7 months

But in fact, the technique is not that new at all. The genetic genealogy community have been using the powerful marriage of DNA combined with genealogy to solve cases of unknown persons for almost 10 years. This use began shortly after the first DTC (direct to consumer) autosomal DNA tests were introduced in 2007. It is the same technique that has been used to help adoptees & foundlings identify and locate their birth families, to help donor-conceived children find their genetic father, and to solve illegitimacy mysteries in our family trees. The methodology is exactly the same (a person's DNA matches point to specific family trees that are likely to contain that person's ancestors, and consequently, one of the descendants of those ancestors will be the person's birth parent) and the outcomes are similar: a candidate is identified, and further DNA testing helps to confirm, refute or bolster the probability that we have found the right person.

The technique is simple (relatively) but labour intensive - finding the answer can take hundreds or thousands of hours to achieve.

And this is particularly true of Law Enforcement cases because legally they only have access to Gedmatch (database size 1 million) whereas the rest of us are using the combined database power of Ancestry, 23andMe, MyHeritage, FamilyTreeDNA and (most recently) LivingDNA - a total database size of over 20 million people. On a simplistic level, this potentially makes our ability to find an adoptee's family 20 times easier than Law Enforcement finding a killer.

But all these recent developments (and the now regular revelations that yet another serial killer suspect has been arrested) has sparked fierce debate about the use of DNA for a purpose other than what was initially intended. (1) Is it right to use our DNA in this way? Was adequate consent obtained from all the customers on Gedmatch? Is the use of Gedmatch an invasion of privacy? Will innocent people be inadvertently targeted? Have such concerns been overstated? What are the risk involved with this new use and how do we safeguard against them?

In early Oct 2018 a paper was published in the journal PLOS Biology entitled: Should Police have access to genetic genealogy databases? (Guerrini et al, 2018). They conducted a 20-item survey of 1587 people. Participants were aged 18 years or older and were recruited from the general US population. Overall, in relation to violent crime, missing persons, and crimes involving children, most responders felt that law enforcement should be allowed to search genealogical websites that match DNA to relatives (89-91%) and to create fake profiles of individuals on these sites (72-75%). (2)

Most responders were quite liberal in their attitudes to police access
Guerrini et al, 2018
(click to enlarge)
The authors concluded that there appears to be a general lack of concern among the public regarding police access to their DNA data in cases where the purpose is considered justified. They also make the point that the combined use of DNA & genealogy is "quickly on its way to becoming routine procedure". They also call for "robust input from the public" in any discussions regarding what limits (if any) are to be placed on police access to genetic genealogy databases.

However, this survey was not representative of the general genealogical community. Most participants were under 37 years old (63%) whereas genealogists tend to be older. Also, the majority had not researched relatives on genealogy websites (63%) and had not done a DNA test (88%).

So in order to garner further public opinion, I conducted a survey of the genealogy community - a community which might better understand the processes involved in doing genealogical research and how DNA can be applied to help in that research.

The Survey: Non-genealogical use of DNA to identify unknown persons

The objective of the survey was to assess people's attitudes to the use of their DNA by Law Enforcement agencies. It was conducted between 10th Oct 2018 and 12th Nov 2018 (although most of the recruitment occurred between Oct 10-18). QuestionPro (a platform to create online surveys) was used to collect and analyse the data. The survey was advertised widely on various genealogy groups on Facebook during the period 10-18 Oct 2018. A list of the groups is included in the footnotes. (3)

The following questions were asked:
  1. Are you reasonably comfortable with law enforcement agencies using your DNA data on Gedmatch to help identify serial rapists and serial killers?
    • Answer choices: yes, no, undecided
  2. In general, would you be comfortable with your DNA being used to help identify other unknown persons? Please check all the items you would feel comfortable with:
    • Adoptees
    • Donor-conceived individuals
    • John / Jane Doe
    • Murder victims
    • Non-violent criminals
    • Soldiers
    • None
  3. Does the use of DNA & Genealogy Combined by law enforcement agencies require additional regulation? Please check one of the following (and add a comment in the Comments section if you wish):
    • Answer choices: no, yes, not sure
  4. Which country do you live in?
  5. Please select your age group from the drop down menu.
  6. Are you male or female?
  7. Have you been a victim of violent crime?
  8. Have you done a DNA test for genealogical purposes?
At GGI2018 (Genetic Genealogy Ireland 2018, Dublin), near-final results were presented (n=617) at the start of a Panel Discussion on the use of genetic genealogy by law enforcement. The video of the presentation is below ...

The Results

An interim analysis was conducted on 12th Oct 2018 and at that stage 187 responders had completed the survey. Of these, 41% of responses came from the US, 19% from Canada, 20% from Australia and New Zealand, 17% from the UK and Ireland, and 4% "other". This all changed by the end of the survey with 42% of all responses coming from Sweden!

This late surge in Swedish responders illustrates several important points:
  • you never know what kind of response you are going to get from Facebook
  • the genealogy community in Sweden is extremely well organised (I know this from working with them) and clearly is great at recruiting. How this was achieved we are not sure but we know who he is and would like to extend our thanks and gratitude toward him! (You know who you are, Peter)

So, the results were analysed for the group as a whole followed by various subgroup analyses, breaking down the data by demographic features - gender, age, country of residence, etc - to see if there were any major differences between subgroups.

Figure 1: survey overview
(click to enlarge)

Over 3000 people viewed the survey and 767 started to complete it. Of these, 83% completed at least one question of the survey, giving a total of 640 full or partial responses and 127 non-responses (i.e. no questions answered despite "starting" the survey).

The country of origin of the responses is detailed in the diagram above and is based on the 767 total responders. The equivalent numbers are as follows: Sweden 314, US 166, Great Britain 90, Canada 50, Australia 44, Ireland 33, New Zealand 32, Spain 15, Norway 6; 2 each from Netherlands, Costa Rica & Germany; and 1 each from Morocco, South Africa, Switzerland, Denmark, Japan, Portugal, South Korea, Puerto Rico, Finland, Argentina, and the Aland Islands (give yourself a free cupcake if you know where this is). Some of these people were clearly on vacation (or on business trips) because the country where they lived was different to the country where the response came from. Typical genealogists - sneaking in a bit of research when no one is looking!

The analysis below is based on the 640 full or partial responses. Not everyone responded to every question so the numbers in the analyses for each question range from 621 to 640. This explains why the numbers for Q4 (in Figure 2 below) differ slightly (but not substantially) from the numbers in Figure 1 above.

Figure 2: Country of current residence (n = 637)
(click to enlarge)

The majority of responses came from Sweden (40%, 252), followed by the US (23%, 144), the UK & Ireland (16%), Australia & New Zealand (11%) and Canada (7%) with other countries making up 4% altogether. The proportion of response from "non-other" countries was as follows: US 40%, UK & Ireland 29%, Australia & New Zealand 19% and Canada 12%.

So, all in all, the survey had a very international flavour and there was good representation from predominantly English-speaking countries ... and Sweden.

Figure 3: age of responders
(click to enlarge)

The spread of ages across the sample was in keeping with what we already know about genealogists - most are older and most are female (see this survey of 4109 genealogists here - Drake 2001). In fact, only 10% of Drake's sample was under 40 years old. In contrast, 63% of responders in Guerrini's survey were under the age of 37. So there is a large age difference between the two surveys. Will the older age of the responders in this survey result in a more conservative attitude toward police use of their DNA?

There was no substantial difference in the spread of age groups between Sweden, the US and all other countries combined (i.e. all three subgroups had similar percentages for each age group).

Figure 4: gender of responders
(click to enlarge)

Almost two thirds of the responders were female, again in keeping with what we know of the demographics of genealogists (see Drake 2001). In Guerrini's survey, the male-female ratio was 48% to 52%.

There were some differences in the male-female ratio between countries: Sweden 43% vs 57%; US 31% vs 69%; other countries 33% vs 67%. So it would seem that there may be a greater proportion of men practicing genealogy in Sweden than in the US.

Figure 5: victims of violent crime
(click to enlarge)

Ten per cent of responders had been victims of violent crime. And here there was a difference between countries - Sweden 9.6%, other countries 8.3% and the US 15.8%. So there was about 75% more responders who had been victims of violent crime in the US than elsewhere. Would this influence how people responded?

Figure 6: DTC (direct to consumer) DNA testing
(click to enlarge)

A whopping 96% of people had done a DNA test. This was in stark contrast to Geurrini's survey where only 12% of people had taken a DNA test. So it may be that the current sample knew more about DNA testing than the participants in the earlier survey and thus might be better placed to make a judgement about whether or not police should have access to our DNA results.

In the end, however, it made little difference, because the results of this survey were very similar to what was found in Geurrini's earlier survey. Read on ...

Figure 7: attitude to use of Gedmatch by law enforcement
(click to enlarge)

The top line result is that 85% of people were "reasonably comfortable" with the use of their DNA results by law enforcement agencies (for catching serial rapists and killers).

This high response rate was relatively consistent across countries, with the notable exception of Ireland (64%) although the sample here was relatively small (n=25). Nevertheless this does raise an issue specific to Ireland that will be discussed further below.

Figure 8: percentage in favour of police use, by country
(click to enlarge)

There were no substantial differences between men and women (83% vs 86%), between victims of violent crime and non-victims (77% vs 86%), and between those who had DNA tested and those who had not (85% vs 84%).

There may have been a trend in responses across age groups. Fewer people (73%) in the under 40s age group answered positively compared to those in their 70s (92%). Thus, perhaps contrary to expectations, the younger age groups appeared to be more reticent than the older ones.

Figure 9: percentage in favour of police use, by age
(click to enlarge)

These results are largely consistent with Guerrini's findings although the questions asked by both surveys were slightly different. In Guerrini's survey, 91% felt law enforcement should be allowed to search genealogical databases, and 75% felt it was acceptable to create fake profiles for upload to genealogical websites.

So overall, there seems to be broad support for the police use of genealogical databases, and this is independent of gender, age, country of residence, whether or not people have taken a DNA test, and whether or not people have been victims of violent crime.

Figure 10: support for use of DNA to help identify other unknown persons
(click to enlarge)

A similarly high percentage of people were "comfortable" for their DNA to be used in other situations to help identify unknown persons, including adoptees, unidentified human remains, murder victims, and soldier's remains (90-92%).

Slightly fewer people (76%) were comfortable with the idea of their DNA being used to help identify the father's of donor-conceived children. There could be several reasons for this:
  1. some people have greater concerns about privacy and anonymity in this particular instance compared to the other situations
  2. some of the responders may have been sperm donors themselves
  3. some of the responders may have had children who did not know that they were donor-conceived
Only 47% of people felt comfortable with their DNA being used to help solve non-violent crimes. And this is in keeping with Guerrini's survey where the percentage was 38-46%.

Of particular interest is the fact that a small but significant number of people did not feel comfortable with their DNA being used for any of the above purposes (3.4%). It may be that these people would never upload their data to Gedmatch or might even delete their DNA results.

Were there differences between the various subgroups? Gender did not substantially influence the percentage of positive responders in each category. In fact, the differences between men and women never exceeded 3.2%.

Responses by country were also broadly similar, with some minor differences. Support for helping adoptees ranged from 85-100%. The least support for helping donor-conceived individuals was in the UK (70%), and highest in Australia (92%). Ireland was the lowest-scoring country overall, with the lowest scores in 4 of the 6 categories (although once again, we need to be cautious about over-interpreting the data given the small sample sizes).

Figure 11: support for use of DNA to help identify other unknown persons, by country
(click to enlarge)

The final question explored attitudes toward the need for additional regulation and produced the most interesting results. The choices started with "No - existing regulations that govern law enforcement activities are sufficient" and 23.5% of people agreed with this. But they were outnumbered by the 40.4% of people who felt that additional regulation was essential.

Figure 12: attitude to additional regulation
(click to enlarge)

But perhaps most surprising of all was the 36% of responders who were not sure if additional regulation was needed. And this is a very large percentage. It suggests that many people are not aware of the regulations that currently govern police activities and whether or not they are adequate. If this is the case, and it seems likely that it is, it points to a huge need for public education in this regard. This degree of uncertainty is likely to cause much stress within and beyond the genealogy community and may impact on the numbers of people doing DNA tests in the future.

There was a substantial difference between men and women in their responses. Although similar proportions felt that existing regulations were sufficient (25% vs 23%), more men than women felt additional regulation was essential (51% vs 34%). This was counter-balanced by the higher proportion of women who were not sure (24% vs 43%).

Only 6% of victims of violent crime felt that existing regulations were sufficient, whereas 52% felt additional regulation was essential and 42% were unsure. Although the number of victims was relatively small (n=65), the result is quite striking as it is counterintuitive. One would imagine that victims of violent crime might be more supportive of no additional regulations but this was not observed in this sample.

There were no major differences across age groups in the nature of their responses. A "No" response ranged from 17% to 28%, a "yes" from 30-50%, and a "not sure" from 33-43%.

Figure 13: attitude to additional regulation, by age
(click to enlarge)

However, the differences between countries were particularly interesting. Only 3% of responders from New Zealand and 4% from Ireland felt that existing regulations were sufficient. This contrasts sharply with a 36% response in the US. Although we have to be wary of the small samples from New Zealand (n=29) and Ireland (n=25), these results do give pause for thought.

Similarly, the countries with the highest response rate in favour of additional regulation were Other (67%), Ireland (64%), and Canada (61%). And the countries with the greatest numbers of uncertain responders were New Zealand (48%), Sweden (43%) and Australia (41%).

Overall this paints a picture of considerable diversity of opinion, and a high degree of uncertainty, that varies from country to country.

Figure 14: attitude to additional regulation, by country
(click to enlarge)

I was drawn to the unusual results for Ireland, which I can partially attribute to my own Irish bias as an Irishman. Only 64% of responders were "reasonably comfortable" with the use of their DNA results by law enforcement agencies, and only 4% felt that existing regulations were sufficient. In fact, 64% felt that additional regulation was essential. But why this stark contrast to other countries?

I am mindful of the 1200 unsolved murders in Northern Ireland that could potentially be resolved through the use of these Genetic Genealogy techniques. But is that going to open a can of worms? Might old animosities be rekindled? Might it spark a resurgence of the violence? Is it better to let the dead rest?

These are difficult questions, that I do not know the answer to, but they are questions that need to be addressed.

Comments from Responders

The survey included a free text field where responders could write clarifications or general comments. These fell into several broad categories and a selection of these are included in the Footnotes section below. (4)

The broad categories were:
  • Privacy & Consent
  • Police Procedures
  • Wrongful Targetting
  • Possible Abuses
  • Regulation
  • Miscellaneous

Many important points are made in these comments and it is worthwhile reading them in their entirety. Here is a brief selection of some of the comments:

  • Several people suggested that police should be required to obtain a court order or search warrant before accessing Gedmatch
  • There was concern expressed about targeting the wrong suspect and the risk of harm to that individual (in terms of his career, social standings etc)
  • Possible abuses of the system included the following examples: corrupt police manipulating evidence, authoritarian regimes discriminating against ethnic minorities or "enemies of the state", and misuse of the DNA by health insurance companies, telemarketers, and criminal elements (e.g. to disrupt witness protection programmes)
  • The largest number of comments concerned the perceived need for additional regulation of police (and government) use of publicly available genetic genealogy websites. Several responders stated that they were not sure which regulations were in operation nor how effective they were.
  • It is important to appreciate that law enforcement will never have access to your raw DNA data but rather to your list of matches


Firstly, the limitations of the sample have to be recognised. The sample size (640) is a decent number but as with any sample, the opinions expressed are a good reflection of the opinions of the sample. Does it have more widespread applicability? Can the results be extrapolated to a more general population?

Most of the respondents were genealogists and most had undertaken a DNA test, so these results better reflect the genealogy community (and more specifically, the genetic genealogy community) rather than the general population. Nevertheless, the similarity between the results of this survey and Guerrini's survey is striking. Most people are comfortable with police use of their DNA results on Gedmatch, whether you are a man or a woman, old or young, Swedish, Yank or Kiwi.

And most people are reasonably comfortable with the use of their DNA to help in other situations - helping adoptees and donor-conceived people to connect with genetic family, helping police identify murder victims, and helping identify soldier's remains from the field of battle. It seems that the potential for the Greater Good is appreciated by the genealogy community and the general public.

But despite this support, there is a burgeoning need to explore what additional regulations (if any) need to be introduced to control the way that DNA is used in the various law enforcement agencies around the world, and to safeguard people who may be wrongfully targeted, as well as those who have contributed the DNA.

In short, there is a need to explore the pros and cons of additional regulation, and the pros and cons of no additional regulation ... country by country.

Maurice Gleeson
November 2018


(1) We should bear in mind that what we consider to be "genealogical records" (i.e. census data; birth, marriage & death records, etc) were never intended to be put to genealogical use when they were first introduced. But we now consider their genealogical use "a normal part of the process". This normalisation may also occur with use of DTC DNA results by law enforcement.

(2) The citation for the journal article is as follows: Guerrini CJ, Robinson JO, Petersen D, McGuire AL (2018) Should police have access to genetic genealogy databases? Capturing the Golden State Killer and other criminals using a controversial new forensic technique. PLoS Biol 16(10): e2006906.
Published: October 2, 2018

(3) An invitation to take part in the survey was posted on a variety of Facebook groups. These groups (and their then membership totals) included ISOGG (17,018), Genetic Genealogy Ireland (5138), Irish Ancestry (23,032), Ancestry UK (33,668), Irish Surname Registry (14,845), New Zealand DNA Users Group (432), User group (26,871), Discussion group (6199), DNA Detectives (99,647), Genetic Genealogy Tips & Techniques (47,547), DNA Help for Genealogy (UK) (6361), GOONS (Guild of One Name Studies) (665), and GOONS (Ireland) (47). In addition, an unknown number of people (Peter included) shared the invitation on an unknown number of other Facebook groups and perhaps used other media to disseminate the invitation. Thus the true reach of the invitation is unknown, but potentially reached an audience of well over 100,000 people.

(4) selected comments from the Comments section included the following:

Privacy & Consent

119As anearly user of GEDCOM I was very distressed to find they had allowed law enforcement access to database for crime solving.  This was not our primary purpose when we joined GEDMATCH.  Whilst I wish them to solve crime I feel we should have been asked if happy about it.
260Informed consent is important 
Happy to share data in a controlled environment with agreed parameters, to which I have signed up.
92What I object to is the fact that when the samples were uploaded the question of their being used for anything other than genealogical research was not made clear, or not sufficiently clear. 
25Additional to No. 3. Concerned that Australia has yet to introduce privacy protections like most of 1st world countries have.
210As long as the person who'se DNA is linked to a criminal/crime is given automatic rights of anonymity during any legal proceedings & media publications then I can not see why this should not be utilised. I also feel that each participant must only be selected to participate if they have formally agreed to allow their DNA to be analysed in such a way
343I personally have nothing to hide. I think that there should be a disclosure and an option for people to keep their DNA private. Some situations could call for privacy.
23I understand the use of DNA by law enforcement agencies and approve as long as the identity of myself or others is assured and we are not subject to some ramification (i.e. lawsuit) further down the tract.

Police Procedures

116A search warrant should be applied for , the same as required to search any place/material/property. Should be necessary with carefully researched details/ criteria as conditions of any search warrant.
129Am concerned that government agencies may not use qualified analysts to resolve their cases and hence mis-identify indivuals for a crime. Also concerned as to the future access of various agencies and what limitations they may put upon those who fit 'certain' criteria which is evidenced from the DNA aka racial bias of some sort based on genetics.
293Law enforcement should need to obtain a warrant before using GEDmatch or ANY other public database. That warrant should be provided to the website before going this route.
There are way too many bad, corrupt, lazy, incompetent, and overzealous law enforcement, prosecutors, and DNA forensics experts who have no problem with going after the wrong suspect because they believe they have the correct suspect. It doesn't matter if you are a victim of the judicial system because it was a corrupt or overzealous cop or prosecutor. Saw a case where a person was found not guilty, rightfully so, but the cop's response: 'We picked the wrong jury.' Better response should have been 'We arrested the wrong man.'
336Needs to avoid possible problems with illegal search and seizure 
26police should have to get a court order if researching a perpertrator of a crime.  
328My only concern is the planting of DNA by corrupt law enforcement official.

Wrongful Targeting

178As I understand it, the US did have a man on death row, but if they used DNA properly it they would see it was evident that his twin brother was as likely to be culpable and so could the use of DNA could save an innocent person's life. (I remember this from a television programme many years ago, so I think the use of DNA could be a positive in ensuring innocent people are not charged.)
304Concerned that some law enforcement officers may not respect the rights of innocent relatives of the unknown target they are seeking, may arrest a person on suspicion who later turns out to be innocent, but meanwhile has career and reputstion ruined..  also concerned that insurance companies will use dna to discriminate against people with genetic risk of certain expensive diseases.  Also concern that g ovt. In the wrong hands could use dna for ethnic discrimination.
156DNA doesn't identify killers and rapists. It can be used to identify SUSPECTS who might then go through the judicial system to face trial which might result in them being found guilty. Don't join the bandwagon that apparently wants to skip the trial bit.
168Is there enough safe-guarding to protect innocent  individuals genetically related to scene-of-crime DNA samples which may have come from the perpetrators of the crime?
255Law enforcement use of Gedmatch is equivalent to a ' warantless search'and we fought too hard over time for an effective prohibition against unreasonable search and seizure, including numerous U.S. Supreme Court decisions that are constantly under seige.  As an African American, I don't trust law enforcement to be fair, honest, transparent--if you think I'm overstating my case, look at the history of law enforcement misconduct in Chicago and how it has affected ppl of color and the poor for generations.  I removed all of my family's data from Gedmatch and caution against use of the site which I have formerly used with enthusiasm for 7 years.
169On the face of it, it seems reasonable to use any means to catch a rapist or murderer etc but I don't trust law enforcement completely and worry about targeting the innocent. Also I am concerned about families going DIY to find blood relatives. Not all birth relatives or adoptees want to be approached. There are specialist agencies who can deal with this more sensitively and carefully. It's one thing to get in touch with distant cousins in order to find out about shared ancestors and quite another to use DNA to find and possibly harrass living people.

Possible Abuses

584Yes, some concerns of non democratic countries misusing our DNAtests.
282Same usage by criminal element, telemarketers, scam artists 
721. Regulation is needed to ensure confidentiality of the DNA info
2. Concerned that if this information got into the wrong hands it could threaten people in witness protection programs.
3. Authoritarian regimes could use this info to persecute certain groups
180Concern the rise of a group like Nazis in Germany could use  DNA to identify enemies of the state ie the particular ethnic group they do not little.
285I am concerned about rising authoritarianism in the U.S. and around the world.  If a government redefines non-violent crime to include peaceful political protest, and my DNA matches are co-opted into helping government suppress peaceful political protest, I'm against that.  I guess the problem is: what's crime?
54If there was an authoritarian regime in power, I would be worried by a lot more than just being discriminated against.  just look at laws the equivalent of the Patriot Act.
30My only concern is the use of DNA in restrictive regimes for acts that would not be crimes elsewhere - for example sex outside marriage is a punishable crime in countries.
43The question not asked is regarding the danger of refusal of insurance for health susceptibilities, and possible use of ethnicity results in the hands of authoritarian regimes.
65It's absolutely scary how DNA testing could be used by fanatical authoritarian governments to identify and target individuals for terror purposes. Given what we see happening in the US right now, that is not far away .....


457A biobank permission can be elaborated like the One for donation of organs for us using dna for genealogy purposes. 
83Civil rights must still take precedence in the use of DNA for non-felony crimes. 
385From Sweden. Before saying yes to use DNA for new purposes, there has to be clear rules made by lawers, etic experts and other persons who understand the consequenses of opening up DNA databases for new purposes. It is impotant that DNA data does not fall into the hands of wrong powerful persons/organoisations (dictators, terrorist, hackers, evil persons etc.)
47I have only put one Ancestry test on gedmatch because of law enforcement's use without permission of that site. I don't regret that the killer was found but I do think that there should be restrictions to their use and that one should be able to decline having their Data used by law enforcement.   The test I offered on gedmatch was my own. I will never upload a test there or anywhere else until there are restrictions, permissions and the ability to. opt out which often cannot be trusted. 
1153. Not sure because of variance between the laws in the country holding the database and the countries that are looking at the crimes.
478Additional regulations are needed worldwide. Who should have access to your DNA and the analyses? The doctor in order to prescribe pharmacogenetic drugs? The insurance company? The employer? The ethics goes beyond just Gedmatch and the work by the police. 
211Debate is needed, but so is education on privacy issues from all sides so a *reasoned and rational* decision can be made on regulation and acceptable uses
140Definitely the time is right for discussions.  Many genealogists have no knowledge of law enforcement regulations, so even if they agree that non-genealogical DNA could/should be used, do they really know what they are agreeing to?  
141I am only comfortable with the use of genetic genealogy databases by law enforcement if there is proper oversight limiting the ways in which the technology is used. Law enforcement currently have no way of verifying the credentials of genetic genealogists. My fear is that unethical or unqualified genealogists could potentially misidentify a suspect or a Doe which could cause significant harm. I am also distinctly uncomfortable with the lack of regulation in most US states over the use of discarded DNA. Because of the lack of regulation, anyone's DNA could effectively be taken without consent and uploaded to a DNA database, not just by law enforcement but for any other purpose (eg paternity cases).
388I live in South South. I have no problem with my DNA being used to put criminals away but I think that the use of DNA by Law enforcement agencies should be regulated so that it cannot be abused.
69Laws need to be enacted stating that use of DNA to solve crimes is acceptable but not for insurance companies or religious groups to discriminate.
512Live in Sweden
Would like clarification on when these methods can be used, which type of crimes etc. Also what will happen with the family tree the police is building to identify candidates for suspects or victims (J Doe) etc. It seems appropriate that these trees are not made public at the time of trial. It would involve persons who may not want their identity revealed. 
266Minimum experience, certification, and/or ethics for person doing research a must.  Double check quality control.  Rights of matches need to be established.  No fishing in scientific or medical databases.  No more getting swabs of a suspect's kids DNA from their medical lab.  Also, slippery slope with non violent crimes, could be used against protestors and other unpopular movements.  I have no problem with serial crimes, but desire a clarification on what crime scene dna sources can and cannot be used to generate a suspect list or dna facial profile.
314My answers are based on the present state of Consumer DNA testing. With the addition of new regulations and with new procedures to protect the privacy of consumer DNA testers, I might be open to LE access for resolving very serious crimes and identifying unknown human remains.
110People doing these tests aren't often fully aware of what their data may be used for. Clearer info should be made available to t hem as well as more stringent regulation on law enforcement.
91Testing companies should remind people before they test that law enforcement agencies check public databases.  To obtain the details of a test result that is by choice private should only be through application to the courts
81The only worry I have is that can be a slippery slope and we need to ensure that DNA is used for the greater good.  I would not want to see insurance companies use it for denying health coverage - so regulation is really important.
139There needs to be control over who can do this, and the powers they have to use the information.  No one should have the powere to make unreasonable demands on the person who was tested
71I don't know what the current regulations are in any jurisdictions.
232I have been very conflicted about this.  I think I would feel better if there were regulations in place.

For & Against

17Adoptees and donor conceived are already using the information, violent crime, murder victims I believe can be beneficial for our community. 
299Perhaps the advent of DNA tests will make people think before they commit crimes. I am all for using results to prosecute any criminals. While I have helped adoptees find their birth families I do have concerns about the invasion of birth parents’ privacy. Adoptees have a right to know but not necessarily the right to a relationship. By giving them life parents have done the most loving thing possible, and I feel that adoptees should respect that decision. I strongly feel sperm donors should be protected—they did this willingly, not to have a child of their own, but to give others the possibility of having children.
389Q3. I'm not sure what legislation is in force in different countries - DNA tests for genealogical purposes is a global thing with global relatives. The police/LE clearly needs to understand what rules apply and equally important  how genetic genealogy and genealogy works. They can't hire any 'facebook genealogist' that volunteers.
Q4 Swwden
Q8 - multiple companies, multiple test types, mutliple relatives - started in December 2010.
I have anonymized  several family members alrady (as some people gladly take whatever they find i match lists and put on Geni and WikiTree and Ancestry 'as you match my friend'), after the Golden State Killer-case I anonymize my American relatives that I manage at Gedmatch. I would firmly resist a free global use by LE.
I firmly disagree with the saying 'if you have nothing to hide you'll welcome it' . they say the same about the legislation on 'LE listening to phone conversations and reading emails of everyone to prevent terrorism'. 
249I think that the concerns about Gedmatch, specifically, are overblown. The proverbial 'cat' is out of the bag with respect to DNA research.
70DNA test results have been used for years for purposes other than genealogy if you count adoption. Adoptees aren't really doing genealogy in the way that genealogists are as their search is basically limited to identifying very close relatives and they have no family trees. I totally support their right to find their birth families. As an active genealogist, I find it annoying when they don't identify themselves upfront as adoptees. It would save me a lot of time writing about the 3rd great-grandparents that I think we share and are obviously of no interest to them. I would like all kits labelled as to their purpose: serious genealogy, vague curiosity about ethnicity, adoption search, law enforcement search etc. We're using the same tools for different purposes..
246Fabulous new tool for fighting crime!
213Given that my cousin’s wife was at school with the victim of the criminal mentioned and the relief of the year that he has now been caught it would be worthwhile to give relatives and associates peace.
39I haven't been a victim of a violent crime, but we were robbed 3 times in one house we lived in and no one was caught, so I'm happy for the police to have the ability to use DNA to identify criminals. And for identifying unidentified bodies. 
212I would be concerned if insurance companies used dna databases, but not law enforcement if a serious crime is committed or for identification purposes. Perhaps for people who are contemplating serious crimes the knowledge that this is a line of enquiry may act as a deterrent. The golden state killer may have stopped because as a police officer he was aware of advances in dna technology. In my work I once partnered a college to run a CSI course for young people with criminal records and it was effective in making them think about what they were doing, how likely it was they would be caught. So not only should genealogy dna databases be used, they should shout it from the rooftops. 
308I've taken all 5 major tests (23andMe, Ancestry, Family Tree DNA, MyHeritage, LivingDNA) and have put my DNA on GEDMATCH, and OpenSNP. I am also  active contributor to WikiTree. I'm adopted and I feel like all adoptees have the right to know about their heritage. For violent crime, I welcome any use of my DNA if it helps bring a victim or their family some peace. 
113If a person has something to hide then I guess that person would be against Law enforcement people using theirs or family members DNA. I have nothing to hide and if a family member was to commit a violent crime I would hope they would be caught and dealt with the consequences of their actions
175If I was murdered I would want all resources to be available to law enforcement, including DNA test results even if specific consent for that use had not been given.
274If people put their GEDMatch data online for the World to see, then it is reasonable for law enforcement to use it. Very different than having genetic data held by a private concern where the data is protected. 
144If you are a law abiding person, you have nothing to fear.  I am against sperm donors finding their offspring as the 'real' father is the person who brought them up & loved them. Adoption is different as the birth parent may have been forced to give up the child.
135If you have nothing to hide then why worry. 
32In regards to regulations, Gedmatch’s disclaimers and warning etc and their upload options (self, guardian of DNA owner, etc) seem sufficient and comprehensive.
DNA used to catch criminals of non-violent crimes is also as important. Victims of non-violent crimes have still been violated in some way and the perpetrators should be caught.
I would like to see more time, effort and $ invested in identifying Jane and John Doe’s. Giving closure to relatives.
Thx for the opportunity to comment. I hope the survey results reach people who can change laws and make a difference. :)
273Information is power. Are street cameras a violation of privacy. It depends on who has access to the pictures. They could be used to suppress movement of citizens if only the government has access. They could be valuable to individuals to determine weather conditions or congestion or disorder or .... before one ventures out. It depends on who controls or shares access to the pictures.  Same with DNA databases. It depends on access to the results. If it is to be restricted, to whom, by whom and for what purposes? Free flow has the can empower us all. Controlled access can enslave us all. Balance points????
184It is likely that we are just at the start of the DNA Journey.  There is an inevitability about us finding more and different ways of capturing, analysing and using human DNA for all sorts of purposes. Law Enforcement will be just another albeit important use alongside Medical (including research), Authentication/ verification,  dietary identification/help, and of course new genealogy uses. 
205Thanks Maurice for asking these questions, especially through the many Facebook groups I’ve seen it on. I am a NZ’er though currently living in Scotland.
I will be very interested to see the results which I hope you will also share.
I am very happy to see my DNA and other family members if it helps anyone find answers to finding their genetic family. If it also helps resolve unsolved murders, restores people to their family after war and other violent crime that’s fantastic. 
325The use of the gedmatch site does not bother me - people must understand that there is no access to the DNA, just the match list - the rest must be the hard work of old fashioned genealogical family research.
193This is a must if it helps to catch criminals and to identify people.
189This issue will run and run - as it is like Rowe vs Wade and is a societal question. Use of DNA in medicine will help change the public's perception, but it is just a question of continual media exposure and repetition until folk realise that they can be de-anonymised.
288When you put your DNA in Gedmatch it becomes public, so in my opinion anyone should be able to use it for crime or genealogy. If you have testing done with a company the results shouldn’t become public without the person’s consent. We need to be wary of abuse from people where medical results may determine who gets hired or what? It is a shame that some of this may limit families from finding each other and tracing more genealogical information so accurately.
84With the use of any technology there are pluses and minuses. Each technology needs to have the shortcomings identified and safegurads developed around those shortcomings. This is the same situation with DNA results being aailable in the public domain (information and explicit agreement on how the data may be used) and the test limitations and any shortcomings becoming fully transparent.
4If a previously unidentified rapist or murderer was in my family and it was only my DNA which helped identify them then I would be extremely happy about that.  I would however, prefer that my consent to use my DNA was sought prior to it having been used for this purpose.  All DNA testers should have the right to 'opt out' of their DNA being used for this purpose. Informed consent is vital.
253If Law enforcement is going to use my DNA I would like to be notified. But if they are going to put a violent criminal in jail or bring closure to a family of a missing family member I am okay with them using my DNA.


344Get notified/paid when my DNA is returned in a search result done by for profit firm (Ceci Moore) or law enforcement
243I deleted all my accounts at Gedmatch because of the misuse of the data by people who are profiting from the use of genealogical data for other purposes.