Use of genealogy site to trace Golden State Killer raises concerns

May 3, 2018 by Veronique Dupont
Joseph James DeAngelo, the suspected "Golden State Killer", appears in court

The arrest of a suspected serial killer and notorious rapist in California using DNA and a public genealogy website has been hailed as a triumph of ingenuity by law enforcement.

But the method used to hunt down the "Golden State Killer" has also raised privacy issues and some ethical concerns.

"What if you become uninsurable because of a genetic test?" said Joseph Turow, a professor at the Annenberg School for Communication at the University of Pennsylvania.

And, he asked, what about your relatives? Could they also be denied health insurance because of a genetic predisposition to some malady?

"DNA is part of a larger issue of 'How do we profile people in the 21st century?'" Turow said. "Face and voice and genes—they are all part of this idea about parts of the human body as identifiers."

Joseph James DeAngelo, 72, a former policeman, was arrested outside his California home last week after investigators tracked him down by plugging crime scene DNA into an open-source genealogy database.

They found a DNA match with distant ancestors, traced the family tree to DeAngelo and arrested him after collecting his DNA from a "discarded item."

It was the culmination of a 40-year manhunt for the man blamed for 12 murders and more than 50 rapes between 1976 and 1986 in central, northern and southern California.

FBI investigators and sheriff's deputies are seen at DeAngelo's Citrus Heights, California, home

The FBI maintains a database containing the DNA of millions of convicted criminals, but DeAngelo did not have a felony conviction and his DNA was not on file—forcing the police to turn to public genealogy sites to find a match.

Finding a balance

The collection of intimate personal data is by no means restricted to genealogy services such as, 23andMe or GEDmatch, the one used to track down DeAngelo.

Amazon, Facebook, Google and other companies also collect vast amounts of private information about their millions of users.

Michael Copps, who served as a commissioner on the Federal Communications Commission (FCC) from 2001-2011, said a "privacy framework that gives consumers control over their own data" is needed.

"For years, companies have failed to adequately protect our personal data, and our weak privacy laws have paved the way for this to happen," Copps said in an article in USA Today.

"It's high time to put consumer privacy ahead of corporate greed," Copps said. "Companies across the board must be required to get express consent from their users prior to sharing their data."

Many companies require a court order before handing over information about their users to the authorities.

Judge Michael W. Sweet addresses accused 'Golden State Killer" DeAngelo in court

GEDmatch, following the arrest of DeAngelo, said it had not been aware that investigators were using the site to try to track him down.

It also noted that its policy statement says it is "unable to guarantee that users will not find other uses" for the DNA uploaded to the site.

Ken Birman, a professor in the computer science department at Cornell University, said the answer is finding a balance between privacy and the needs of law enforcement.

"On the one hand, we absolutely must defend against criminals and terrorists," Birman said.

"And this means that law enforcement should have legal ways to take full advantage of the technical tools that exist, including DNA databases of all kinds.

"But at the same time, we also need to protect ourselves against abuse by individuals or companies that might seek to misuse personal data in ways that could harm us as individuals, or even through things that can be learned about our relatives," he said.

'Probable cause'

Like Turow, Birman said consequences could include "unfair health insurance pricing, discrimination in the workplace, or other kinds of intrusive behaviors."

Sacramento County Sheriff Scott Jones announces the arrest of DeAngelo, who investigators traced using a public genealogy website
"At the end of the day, what I think we can all see is that there needs to be a balance between the right to privacy," he said, "versus the societal need to protect the social fabric."

"Where threats to safety arise, that has to include a way to give law enforcement the tools to track down violent killers and rapists like the Golden State Killer," he added.

Birman said the way surveillance of telephone calls is handled by law enforcement could provide a model.

"We solved this by appointing judges to keep an eye on the police," he said. "Those judges don't allow law enforcement to violate privacy without a good reason.

"But with 'probable cause,' the police actually can carry out wiretaps, plant bugs, monitor our emails, track us as we move around, or even compare our DNA with DNA from crime victims," he said.

"This is a good model, and one that has worked for decades, and we need to extend it to cover all the new technologies too," Birman said.

Explore further: Genealogy site didn't know it was used to seek serial killer

Related Stories

How DNA led to the elusive 'Golden State Killer'

April 27, 2018

Detectives in California used DNA left at crime scenes, combined with genetic information from a relative who joined an online genealogy service, to catch an alleged rapist and murderer who eluded authorities for four decades.

DNA search for California serial killer led to wrong man

April 28, 2018

Investigators hunting for the so-called Golden State Killer turned to searching genetic websites in 2017 but misidentified an Oregon man as a potential suspect. A year later, after using a similar technique, they are confident ...

Recommended for you


Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.