Experts Outline Ethics Issues With Use of Genealogy DNA to Solve Crimes

I recently wrote about two different “cold cases” where murderers allegedly have been identified and arrested by using information found on the publicly-available genealogy DNA site at

(See and for my past articles.)

Privacy advocates and many others have since questioned the legality of using the information for law enforcement purposes. Admittedly, the information is publicly available for all to see. The genealogists who contributed the information did so willingly and presumably gave permission for the family DNA to be available to all. However, the relatives of the uploading genealogists may or may not have given permission for THEIR personal DNA information to be made available to the public. After all, it isn’t the DNA of any one individual; it is indeed the family’s DNA information. Not all family members have agreed to having that information made available to genealogists, law enforcement personnel, insurance companies, and worldwide hackers alike.

In the past, a court order was required for law enforcement personnel to legitimately invade the privacy of an individual or a family. The public information made available on GEDmatch seems to circumvent the legal protections of having a judge review the intent of law enforcement personnel. Are we giving up some of our liberties and privacy protections by making such information available?

There is also an issue of having law enforcement personnel use the information only for legitimate criminal investigations. One of the alleged murderers, commonly referred to as the Golden State Killer, reportedly was a uniformed police officer at the time he allegedly committed the rapes and murders. If GEDmatch had been available, would he have used the information on the web site to avoid identification and arrest? Indeed, GEDmatch theoretically could be used by murderers and others to evade capture.

You can find dozens of online article questioning the wisdom of making such information public. I’ll point to one such article by Carolyn Crist on the Reuters News Service web site at as one that describes the pros and cons of the issue. However, you can find many more articles about this issue by starting at any general-purpose Web search engine.

Perhaps the best quote of the article is, “‘Think carefully before uploading your genealogy data,’” said Benjamin Berkman, who heads the section on the ethics of genetics and new technologies at the National Institutes of Health’s Department of Bioethics in Bethesda, Maryland. ‘We’re not saying it’s unduly risky or a bad idea, but be comfortable with the idea that police may use your information to solve crimes before you sign up for these services.'”

My thanks to the many newsletter readers who sent me links to articles about these issues.


“Indeed, GEDmatch theoretically could be used by murderers and others to evade capture.”

Ok help me here. How could this be done? Even theoretically?


    —> Ok help me here. How could this be done? Even theoretically?

    Easily. First, any criminal who has some knowledge of DNA probably knows his own DNA information. He then could monitor GEDmatch to see if close matches are ever added, meaning that law enforcement could close in on him. It would be easy for him to decide when it was time to get out of town and go into hiding.

    Next, the criminal could monitor GEDmatch and any possible future services with similar publicly-identifiable data to see if a relative, even a distant relative, uploaded similar DNA information. It would then be easy for the criminal to contact the relative and convince him to remove the DNA information uploaded because of the risks associated with putting family DNA information visible to the public. The criminal might cite real risks (and there are several) or he might make up some story, inventing some plausible-sounding risks, and convince the relative to remove the listing. That would help the criminal to remain invisible to law enforcement.

    Are these risks probable? I doubt it. But they certainly are theoretically possible. I am sure there are other scenarios that I haven’t yet thought of.

    Next, there was an earlier story of a year or so ago where police used a publicly-available DNA database and they identified the wrong person! See for the details. The innocent man eventually was determined to not be the killer and was freed.

    There was a somewhat similar, even earlier, case in New Orleans where police did a DNA match on a publicly-available DNA database and then identified the wrong man. The “wrong man” apparently was a relative of the real murderer, not the culprit.

    All that is described at

    Law enforcement is never 100% accurate. Like most other human endeavors, occasional mistakes are made. Is that enough to prohibit the use of certain investigative tools? I don’t know. I’ll leave that to the lawyers and judges to decide.

    Liked by 1 person

    Please can you post a reliable source that says that the Oregon man was actually arrested. I am not aware of any such arrest, only that he and his daughter volunteered to help that police with the case.


    Dick, I don’t spot anything about a man being incarcerated in the links you provided. Do you have another link?


OK. I thought you were theoretically suggesting a criminal could manipulate the data at Gedmatch to avoid identification. I was having a hard time swallowing that idea.


I am not at all convinced that the arguments advanced so far are particularly cogent or well-considered. The discovery of relatives of criminals on GEDmatch is not evidence. The actual evidence that provides probable cause for an arrest is the genetic match detected between a sample from a crime scene and a sample recovered from an individual whose identity was suggested by GEDmatch. After probable cause is established and an arrest is made, there is still no “evidence” admissible in criminal proceedings unless the crime scene sample matches (by expert testimony) a sample obtained from the person who was arrested, under appropriate judicial approval. All of the safeguards for evidence and due process still apply, and will be determined by law and precedent.

The more important consideration, I think, has to do with the ethics of keeping and revealing secrets. The secrets of the criminal, when discovered, should clearly be revealed in the interest of society as a whole. The classic little book by Sissela Bok, Secrets: On the Ethics of Concealment and Revelation (1983) still applies, and is still required reading for any genealogist interested in contemporary families.


    nigelhuffingwaysmythe June 2, 2018 at 1:02 am

    Indeed. There are people who feel compelled to object to anything that law enforcement does on principle; that doesn’t mean they have logic to back up their gut feelings. I agree that objections presented so far fall short of “cogent and well-considered.”

    This, in particular, seems wrong: “it isn’t the DNA of any one individual; it is indeed the family’s DNA information.”

    No. It is the DNA of one individual, and none of my family members have a right to oblige me not to reveal my own DNA. Suggesting that because their DNA sequence might be revealed by my revealing my own it is wrong to reveal my own is like suggesting I not use my address—or, indeed, surname—because someone might guess they live there too or have a similar name.


Think about WWII Germany, when ALL Germans were required to carry books showing their genealogy back several generations to show that they had no Jewish blood. Imagine that today with your DNA or your relatives DNA database showing you did have Jewish blood, no hiding it, even if you didn’t know about it. Catching old murder suspects this way is fine, even a wonderful thing, but it is a slippery slope that could eventually lead to the Germany scenario. When you voluntarily give your DNA to Gedmatch or even the paid sites you are also giving your relatives DNA, even relatives you do not even know, and you are giving it without their permission, clearly an invasion of their privacy. This is definitely an ethics question the courts will have to answer in the near future.


    All the argument about DNA and Germany applies almost as much to my family tree. Should that be forbidden because it reveals my cousin’s ancestry? If we reject the DNA load because it’s not just my DNA but my cousin’s as well, then we should surely reject the family tree also, as it goes close enough to my cousins that any competent genealogists could identify them and therefore their ancestry.


Paranoia has set in. How long do we live on this plant? History does teach us a few good things but the future is yet to be told. Where will we be when biometrics may be used on identification or passports? I for one am glad the police may have solved some old cold case files. As suggested by others, I would expect the investigation would now collect more evidence to clearing indicate the culprit is the correct person.
I am more concerned about the media and how someone is painted as a criminal even before all the facts are in or someone has their day in court. Once the media convicts you, even if you are proven as innocent the damage may be done and the individual’s life will likely never be the same.
Genealogy has similar issues. When researching an individual we often find bits and pieces. We might try to come to a conclusion about the individual but we really don’t have all the facts or history. The time period we all live in past/present can affect what individuals may do.


The theory about criminals using GEDMatch sounds like a great premise for a mystery story/thriller. I wish I was a writer.


All sorts of people, businesses and the Government make statements about how our privacy and personal information are to be kept safe and confidential. There are, after all, laws about that. And yet, it is not safe. HIPPA regulations are supposed to make sure all of your medical information and records are confidential (and you have to go through some interesting things to get your own information) and yet…the Dr.’s office managed to mail out my compleat set of records which vanished into the US Mail (no tracking just addressed a packet and “poof” gone- so sorry, too bad, you have to ask for another set- but our computers are down it will take a while). Ah, yes, all of this stuff is now being either entered directly into formats for reports on computers or imaged and stored rather than held in a “locked filing storage vault” somewhere. And, businesses or professional’s are being hacked all the time, often with no information about the theft of sensitive data for months or more. Same thing with Government files
In my work experience I have had to provide fingerprints several times (you know, for Security and Background Check) and so those are are on file with both State Police and the FBI. If you have been in the military, your fingerprints are also on file, more recently also your DNA. Photo recognition is widely in use….don’t beleive that, don’t have to look crime drama shows, just use Facebook or a program like i-Photo. What happens when people put their photos in the Cloud?
Is it possible that Law Enforcement could make a mistake and arrest the wrong person and ruin their life even if they are quickly released? Happens all the time. And the comment about the Media and chewing a person’s life to bits just for becoming known as a suspect in an investigation….again, happens all the time for the profit and circulation boost of the various media outlets.
Government and other entities misuse information all the time. So all this hand wringing and moaning about sensitive data does’t do a lot as the ability to get at most of you personal data is almost the most trivial of the problems you face. It’s what they do with it that is the problem.
This horse left the barn years ago. Now it’s just the ranting and raving, particularly by politicians who want to “do something” about it for their own benefit, not for any actual protection of individuals.


That article just about sums up all the problems and opportunities for both the potential advantages of DNA testing and abuse of information and power in all of this. Collecting discarded items to get DNA (and other things) from people. Trying people in the media. Criminals in public service positions. Politicians making statements about protecting the public…and not (apparently) actualy doing anything substantive but get their name and high sounding words in the media (remember…”do it for the children”) and police not having the right suspect. And for those who would prefer not to acknowledge it, there are plenty of Judges who make some decisions based on political or ideological reasons for which there is little recourse or accountability under the Judicial System.


As a genealogist, I was thrilled, if not a little appalled to discover a true villain in my background not long ago. My DNA is unique to me. I live in a society govern by laws. As a citizen of that society, I live within those laws. If law enforcement officers use my choice to reveal my DNA sequence on line to determine that one of my cousins may have broken the law, then that is suitable. Law enforcement should be using every opportunity to uphold the laws of the society I live in. If my cousins choose to break those laws, why should I protect them? They broke the law and there are consequences. If my published DNA could help determine who the murderer of my neighbor is, my society becomes safer. My only question is; what took the police so long to explore this avenue?


My biggest concern is that law enforcement will use genetic genealogist without the needed training, background and understanding to determine possible matches. There is no certification process. The folks at DNAAdoption have a proven protocol to use when determining possible relatives for an adoptee. Several genetic genealogy bloggers also have detailed methods and checks that they use. I would hope that genealogist working with law enforcement would use similar proven methodologies rather than seat-of-the-pants guesses.


Leave a Reply

Name and email address are required. Your email address will not be published.

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <pre> <q cite=""> <s> <strike> <strong> 

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: