More Privacy Concerns at Family Tree DNA

On 31 January, 2019, we learned from Buzzfeed that Family Tree DNA had allowed the FBI to use their customer database for criminal investigations.  In fact, they had even changed their Terms of Service in December, without notifying said customers as those very same Terms obligated them to do.

Two days ago, Buzzfeed published yet another remarkable story:  Family Tree DNA has partnered with Bode Technology, the largest forensic DNA testing company in the United States, to expose their 1 million or so autosomal DNA customers to even more law enforcement searches.

All without informing their customers beforehand or getting their consent.

Currently, the only way to opt out of police searches at Family Tree DNA is to remove your DNA tests from the matching system, meaning you sacrifice the service for which you paid.

As Usual, I Have Questions

  • After the recent FBI controversy, the president of Family Tree DNA emailed a Letter to Our Customers in which he said—in all capital letters and bold-face print—”WE WILL DO A BETTER JOB OF COMMUNICATING WITH YOU.”  I received that email on February 3rd.  Less than 2 weeks later, we learned about the Bode Technology agreement from the media.  When Bennett Greenspan promised his customers to do a better job of communicating, did he mean it?
  • The same Letter to Our Customers ends with “Our plan is to create a panel of citizen genealogist advisors who will work with us as we focus on how to make your FamilyTreeDNA experience the best one available.”  Has this panel been created?  Who is on it?  What financial ties do they have to the company?  Will they have any authority to protect customer privacy?
  • How much is Family Tree DNA charging Bode Technology for access?
  • If Family Tree DNA partners with Parabon’s forensic unit, as expected, how much will Parabon pay them?
  • What other corporate entities have access to Family Tree DNA’s database, or might have in the future?  For what purposes?  Will the company tell us?
  • Judy Russell writes, “This latest disclosure — that a commercial firm is getting access to this information without customer consent — makes it all the more imperative that Family Tree DNA act immediately and responsibly to change its access-by-police system to opt-in.” An opt-in database would be a fraction of the current size and, therefore, less effective for criminal searches.  How would Family Tree DNA ensure that investigators were not using the main database as well?
  • Will all law enforcement agents (and civilian genealogists working with them) openly pledge to only use genetic databases in which each individual has knowingly and explicitly opted in to that use?

No such database currently exists.

20 thoughts on “More Privacy Concerns at Family Tree DNA”

  1. Deleting your DNA won’t help all that much from a realistic standpoint. ftDNA will have backups of backups of backups. Your DNA will remain on their servers. Just sayin’

      1. I can’t believe he could care.
        He’ll Pocket the Profits. If push
        comes to shove, he’ll talk his way
        out of it. If he is sued he will portray
        himself as being victimized while
        attempting to make the world a
        “Safer Place”.

  2. I assume this is a rhetorical question!
    Will all law enforcement agents (and civilian genealogists working with them) openly pledge to only use genetic databases in which each individual has knowingly and explicitly opted in to that use?

    FTDNA has us over a barrel. If we want Y and mt we have to use them. We need a chromosome browser so if we can’t use FTDNA or GEDMatch for obvious reasons …?

    1. It’s not rhetorical at all. I would very much like an answer.

      You don’t need a chromosome browser, but if you think you do, both 23andMe and MyHeritage offer them.

  3. It seems Mr. Greenspan has a good business sense, and
    realizes he is perfectly positioned for self enrichment.
    Should I be so silly to believe that if I demanded he remove
    my DNA from his Catalog, would he really do so?
    Would he just remove it from the Public Listing, and offer it
    to the Police at a Premium, as being the DNA from someone
    with “Something to Hide”???
    I am not personally worried, but I am utterly disgusted with the
    Man’s Greed.

  4. Maybe the USA needs something along the EU privacy rules, since the 1st Amendment prohibition against warrantless searches by govt entities is toothless!!

    1. I agree that legislation is needed in the US to protect privacy. The Fourth Amendment may well prevail in the end, but the cases will take years to make it through the courts. Justice is slow.

  5. I do not understand why people are so afraid that their DNA is being used to find murderers. Would you prefer that these scumbags never get caught and just walk amongst us?

    1. I would prefer that law enforcement conduct their investigations without violating my right to be free of unreasonable searches. And I would prefer that the testing companies put the interests of their customers first.

  6. Since other DNA testing companies use outside labs, the chain of custody of the DNA sample is broken. The DNA testing company may not have any type of agreement with law enforcement but what about the lab?

    1. Chain of custody only comes into play after they have identified a suspect and collect a sample to obtain the arrest warrant.

  7. Has any of the other DNA companies commented on whether or not they are or would allow the same thing? The privacy language is very similar with all of them. If one thinks they can maybe all of them are allowing it. I may be deleting all of my kits from all companies.

    1. None of the other companies allow this. 23andMe’s Terms of Service explicitly forbid forensic use. AncestryDNA’s terms only allow samples from yourself or your child/legal ward. MyHeritage has explicitly said they will not give permission for law enforcement to use their database. An unanswered question is whether LE’s researchers are using the databases anyway, in violation of the Terms of Service. One would hope such unethical use would not stand up in court.

      1. This the response that I received from Ancestry on law enforcement submitting samples to them.

        Hello L,

        Thank you for contacting Ancestry in regards to your DNA sample. We only accept saliva samples through the post for our DNA test services. There are many other companies who test other items (cups, fabrics) or fluids for DNA which may allow law enforcement to use their services but we do not do this. All of our DNA kits are sent out to individuals who purchase them in the same way you did and are tested in the same way.

        If you need additional assistance, please feel free to reply to this message or call us at 1-800-ANCESTRY (1-800-262-3787) between the hours of 9am to 11pm EST, seven days a week.

        Sincerely,

        Kim

  8. Thank you for your insights. As much as I hope they might find a link to my estranged brother… I would like to know and be asked before they access my DNA.

  9. I purchased the Family Tree app but only used the My Heritage and Ancestry DNA kits. I also added my results to the GEDMatch site. Would you say it is safe to use the Family Tree app as long as I don’t add my DNA results? Do you suggest removing DNA results from GEDMatch? Thank you in advance.

    1. If you are concerned about privacy and law enforcement, either remove your data entirely from GEDmatch or change the public access for your kit(s) to either “research” or “no”. Research kits still work but won’t show up in one-to-many reports (match lists). If you set public access to “no”, the kit is non-functional, but the data is still there.

      As for the app, I assume you’re talking about Family Tree Maker. Family Tree Maker is a genealogy tree-building program and a separate company entirely from Family Tree DNA.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.