DNA has great power to restore names to unidentified bodies and to solve crime. Since the arrest of the Golden State Killer in 2018 garnered international attention, hundreds of cases have been solved in the USA, bringing justice to criminals and closure to families across the country.
This societal good is marred, however, by some very serious problems—both financial and ethical—with forensic genetic genealogy (FGG) in recent years.
Problem #1: Money
FGG has become a big business. GEDmatch, for example, sold for about $15 million in 2019 and was valued at roughly $60 million when it sold again in February, 2023. Not a bad return on user data that was given for free. FamilyTreeDNA also changed hands in recent years, with the terms undisclosed.
Why are these companies so valuable? Most people think they’re letting law-enforcement agencies use their databases for free, but that’s not true. Neither publicly acknowledges what they charge. However, you can find out if you know where to look. The price lists at Intermountain Forensics and Parabon Nanolabs show that both GEDmatch and FamilyTreeDNA charge $700 for each forensic upload. That’s over and above the costs of the DNA analysis and the genealogy work, which can be several thousand dollars.
That’s a lot of money for a financially-strapped law-enforcement agency. But it’s also nowhere near enough to make a company worth $60 million. Assuming no operating expenses at all—no server costs, no programmers, no rent—it would take nearly 86,000 forensic uploads for GEDmatch’s new owners to break even.
Another player in the field, Othram, has received more than $29 million in investments yet asks for donations to fund its for-profit cases. At $7,500 per case and a 20% profit margin, they would have to work more than 19,000 cases to repay their investors. The math doesn’t add up.
I can’t begin to speculate on how these companies are planning to profit from volunteered data. Suffice to say, it makes me very, very uneasy.
Problem #2: Trust
Both GEDmatch and FamilyTreeDNA have engaged in dubious practices since going all-in on FGG. Both have violated their own Terms of Service. Both opt innocent people into forensic matching without their informed consent or even their knowledge. And, as outlined above, both obscure the fact that their genealogy users are a product they sell to law enforcement.
Problem #3: Ethics
The stakes are so high, the promise of fame so compelling, and the interest in FGG as a career so exponential that the pressure to outdo the competition must be overwhelming for some. Publicly, this manifests as catty remarks among practitioners that put middle-school girl dynamics to shame.
Behind the scenes, rumors are rampant of FGG practitioners behaving unethically. So-and-So is using matches who have opted out of law-enforcement cases. YaddaYadda can see real names for people who are using aliases. Thingamabob won’t give the agency access to their own data. Whozit is uploading to MyHeritage (which doesn’t alloww forensic cases in their database). According to one rumor, So-and-So and Whozit both uploaded to MyHeritage and matched one another there!
Unfortunately, the only people who can prove these transgressions are also working FGG cases, and no one has been willing to go public thus far.
A Possible Solution
What FGG needs is a non-profit database, available to all practitioners at no or low cost, that is comprised entirely of people who have given explicit, informed consent to be matched to forensic cases. Such a database would minimize the financial concerns, increase trust, and (one hopes) reduce the temptation for practitioners to cheat.
That database may have finally arrived.
The DNA Justice Foundation (DJF) is a partnership among a tight-knit group of allies with deep experience in FGG. It bills itself as nonprofit, purpose-driven, and transparent. They plan to allow forensic cases to access the database for free or for a nominal cost to cover operating expenses.
Unlike the other FGG databases, DJF has an informed consent document. Informed consent is foundational for the ethical use of someone’s highly personal genomic data for any purpose. Users should be told in clear, concise language precisely how their data will be used, what the risks and benefits are, and that they can withdraw from participating at any time. Affirmative consent should be given without pressure or coercion.
GEDmatch, FamilyTreeDNA, and Othram (which runs its own proprietary database) were all approached in 2020 about implementing informed consent, and all declined. DJF are to be commended for their transparency.
The DJF Informed Consent document is not visible from the public-facing pages of the website; you need to sign up with an email address to see it. I have reproduced it here for commentary and critique.
The first portion of the Informed Consent document outlines how the database can be used. The allowable cases are broader than both GEDmatch and FamilyTreeDNA, which will alarm people worried about the “slippery slope” of government intrusion into privacy. While it’s possible they will broaden the allowable cases at some point, DJF promises to provide 30 days notice “before any substantive changes take place.”
As is standard for informed consent documents, this one enumerates both benefits and risks of participating. The benefits are all societal in nature: arresting criminals, restoring names to unidentified remains, and exonerating the innocent. Participants are unlikely to benefit directly.
Some of the key risks are also listed. These, again, are clear and transparent, with one glaring omission. Many people who would gladly volunteer their data for forensic cases consider capital punishment immoral and do not wish to contribute to someone else’s death. Although this concern was brought to the attention of DJF months ago, they have declined to include it in their Informed Consent document. One wonders why.
As the saying goes, Fool me once, shame on you. Fool me twice, shame on me. The genetic genealogy world has been fooled over and over by databases working with forensic practitioners. It remains to be seen whether the DNA Justice Foundation will be better than other databases, but I don’t see how it can be worse.
Color me cautiously optimistic.
Edited to Add
One provision I’d like to see is that data for minors be automatically deleted when that child turns 18. They may not be aware that their parent uploaded their data, and once they are legally an adult, they should have full control of their genomic data.
GEDMatch also has a subscription model for normal, ie non law enforcement, users. So it does not depend totally on the $700 fees as the article suggests.
The GEDmatch subscription model was intended to cover their operating expenses when they were a tool for hobbyists. It’s true, though, that GEDmatch’s new owners are trying to monetize the genealogy side of things, too.
If a loved one is recovered, I don’t give a damn…
If a serial rapist is identified, I don’t give a damn….
If my brother turns out to be the bad guy, may he rot in hell.
I don’t give a damn…
I don’t believe in conspiracy theories and believe the use of DNA will happen no matter what I think or say and I don’t give a damn!
Um. Okay.
Wow. I bet you would scream from the rooftops if someone could find out what meds you’re on, yet you clearly have no problem with sharing your biological anomalies with businesses. And, God forbid that you get on the wrong side of any new legislation dictating social norms of the day.
It’s very frustrating how some folks swoop in and make loads of $$$ from something that was donated through goodwill. I removed most of the kits I managed at Gedmatch when the Golden State killer was identified, as seeking further informed consent from the test takers may have prompted them to withdraw consent at all sites, and I had brick walls to knock down. I don’t think I’m missing anything by not using Gedmatch. Several of the matches to my kit don’t have a tree and don’t respond to email. Back in the 18th and early 19th centuries I’ve found considerable endogamy in my extended families, so segment data isn’t overly helpful. If they’re more closely related, I’m pretty good at working out who they are without any segment data.
This may be a question for the Legal Genealogist, but it seems to me that law enforcement access of any DNA kit should be required by law to be accompanied by a formal notification, just as search warrants are required to be presented before searches of physical property and smartphones. Also, platform owners should be required to maintain a per-user record of all such accesses that users can inspect. If the penalties for failing to do so were severe enough, it might prevent bad actors among the platform owners. I could make the case that they should maintain such an user-accessible log for ALL accesses, not just law enforcement, which might help address the bad actor FGG problem.
The Legal Genealogist will certainly have more insight. As I understand it, LE is accessing genealogy databases under the “third-party doctrine,” which holds that if we share information to a third party (e.g., a genealogy database), we have no expectation of privacy in that information. Counter to that is Carpenter v. US (2017), in which the Supreme Court ruled that cell-phone location data, which cell companies constantly monitor, is constitutionally protected.
Basically, we have competing precedents, and LE is taking advantage of the uncertainty.
While I realize that DNA is critical in identifying the starting point, aren’t the family trees at sites such as Ancestry providing significant information to solve these cases?
Yes, building trees is an integral part of the process, just as with unknown parentage searches.
Seems like Ancestry and 23andMe are the best ones to use if you want to avoid the law enforcement stuff since they don’t allow uploads.
Yes, in that respect those are the two safest options.