There Is No Opt-Out

This post has been updated.

Today, The New York Times published a shocking article.  Some time this summer, GEDmatch granted a police detective access to their entire matching database—including people who have opted out of law-enforcement matching—after receiving a warrant from a judge.

Here’s a brief summary for those of you who can’t access the article;

  • In July, a detective working with Parabon asked a Florida judge for a warrant to search all of GEDmatch, not just the users who had opted in to law-enforcement matching.
  • GEDmatch complied within 24 hours of receiving the warrant.
  • This fact was made public at a police convention last week (October).
  • They haven’t solved the case.

GEDmatch has been working to rebuild trust with their users after violating their own Terms of Service back in May.  Part of that effort was an opt-in system for police investigations, whereby only users who explicitly consent are available for matching to criminal cases.  The privacy protections of an opt-in system are meaningless if law enforcement can barge their way in with warrants, and if GEDmatch won’t at least try to stop them.

Why haven’t the cops tried this with the bigger databases?  The cops went after GEDmatch first for two reasons:  the owners of GEDmatch themselves are in favor of law-enforcement uses, and they don’t have the legal resources to resist even if they wanted to.

This is a problem for anyone who trusted GEDmatch to shield them from police investigations.  It’s an even bigger problem for the entire industry.  This successful warrant establishes a precedent that can—and will—be applied to the larger databases.

Don’t believe me?  The New York Times article ends with this paragraph, which I quote in full:

Detective Fields said he would welcome access to the Ancestry.com and 23andMe’s databases. “You would see hundreds and hundreds of unsolved crimes solved overnight,” he said. “I hope I get a case where I get to try.”

Statements from 23andMe and AncestryDNA

On 7 November 2019, 23andMe issued a statement saying that they “would use every legal remedy possible” to challenge a warrant were they to be served one.  A day later, AncestryDNA announced that they would “seek to narrow the scope of any compelled disclosure, or even eliminate it entirely.”  Both companies affirm that they have never handed over customer genetic data to law enforcement.

 

Updates to This Post

  • 11 November 2019 — added links to the statements by 23andMe and AncestryDNA

38 thoughts on “There Is No Opt-Out”

  1. Yeah! A warrant is a warrant. If it said the entire database. When they come into my business I must comply. I cannot just show them what I want to. Good for LE!!!

    1. A warrant of this breadth when there was no reason to think the perpetrator was in the database was a fishing expedition. GEDmatch should have done right by their users and contested the warrant.

      1. Agree with the view of DNAGeek. Combat it and ask your users to help and collect money for legal assistance.

        But what to expect from them.

        This is the nail in the coffin for me, I can’t trust GED March anymore and the fact that only 10% of their users opted in shows that the majority wants their DNA only to be used for genealogy.

        R.I.P. data privacy

        1. I just looked at 23&Me terms of service regarding LE and they state the following: “Further, you acknowledge and agree that 23andMe is free to preserve and disclose any and all Personal Information to law enforcement agencies or others if required to do so by law or in the good faith belief that such preservation or disclosure is reasonably necessary to: (a) comply with legal process (such as a judicial proceeding, court order, or government inquiry) or obligations that 23andMe may owe pursuant to ethical and other professional rules, laws, and regulations; (b) enforce the 23andMe TOS; (c) respond to claims that any content violates the rights of third parties; or (d) protect the rights, property, or personal safety of 23andMe, its employees, its users, its clients, and the public. In such event we will notify you through the contact information you have provided to us in advance, unless doing so would violate the law or a court order. You understand that the technical processing and transmission of the Services, including your Personal Information, may involve (a) transmissions over various networks; and (b) changes to conform and adapt to technical requirements of connecting networks, or devices. Finally, 23andMe may, in its sole discretion, restrict access to the website for any reason.” So it would appear that 23&Me would also have complied with such a court order. Perhaps we haven’t heard about it. Not sure if they have stated a contrary policy regarding data privacy. So it appears that GEDmatch was naive in believing they could protect data from LE by using the opt out option.

        2. Both 23andMe and AncestryDNA have issued statements on their official blogs saying they would “would use every legal remedy possible” to challenge a warrant (23andMe) and “seek to narrow the scope of any compelled disclosure, or even eliminate it entirely” (AncestryDNA).

          https://blog.23andme.com/news/our-stance-on-protecting-customers-data/?fbclid=IwAR2T67Q8QVkAbC2wMTdz6AWKYKblDMB1JGHdqDevgng0XFRtb7PN2bDR_mw
          https://blogs.ancestry.com/ancestry/2019/11/08/your-privacy-is-our-top-priority/?fbclid=IwAR0qCFx7dipq3sCbH0hLcE_rqEYXAIpiTbypJNrmHsYa9MZtfMiTdvLHs-Q

  2. In regards to the last paragraph, I think it says a great deal about that detective, that he hopes to get a case where he can try. It sounds like he is hoping for someone to be murdered or otherwise victimized. 🙁

  3. Thanks for keeping us updated on these issue. I wonder what kits exactly it gave access to. Did it give access to research kits and private kits?

    From a validity point of view I would be really worried about them accessing research kits and private kits where they aren’t a real person.

    Plus this has to be a GDPR issue for those of us who are international that had tried to prevent LE from accessing our kits.

    As a genealogist I wanted to see LE act ethically so people would continue to test. To me the deliberate undermining of people’s intent is one step closer to regulation that may not help anyone.

    1. I emailed GEDmatch to ask if research and private kits were covered by the warrant. I have not received a reply.

    2. If you are concerned about the Orlando Police Department having access to your data I suggest to write to them, as I have done, and ask them to delete your data from their records. I’m still waiting for a response from the police but I intend to follow up with the Information Commissioner’s Office (the data protection regulator in the UK) because there are important principles at stake here. See my blog post here:

      https://cruwys.blogspot.com/2019/11/search-warrant-granted-for-access-to.html

  4. Absolutely.

    Searches requires probable cause and must be limited accordingly. Searching a million records is by definition a fishing expedition that lacks probable cause. the ponderings about how many cases could be solved by accessing the millions of records in the commercial databases is precisely the effect that the Supreme Court has disallowed. It similar to allowing LE to review tax and bank records of millions of citizens to discover how many are committing fraud.

    GEDMatch is for all purposes dead. Who is going to put their DNA data there knowing that it’s wide open for view? Fortunately, this is a Florida Court, and a lower level court. The big guys will fight it hopefully to the Supreme Court if necessary. But I doubt the case will progress that far.

    1. It’s too late anyway. The data of all DNA tests (1.3million according to the article) is now with the law enforcements.

      Even if there is some legal actions taken by data privacy advocates, will they ever delete all copies of the data?

      1. There is no evidence that LE has access to our raw data nor that kits we delete are secretly being retained.

      2. I don’t think they have anyone’s raw data and the NY Times said that they had a “warrant to penetrate GEDmatch and search its full database of nearly one million users”. It’s unlikley they would have the resources and know how to develop and analyze raw DNA data. That said unless they resist more warrants law enforcement will have future search access. Gedmatch needs someone with deep pockets to pay for legal representation to resist.

  5. I agree that offering the option of opt-out has inadvertently mislead users. However, I also agree with law enforcement being able to subpoena use of all the records. I agree because I trust in the accuracy of DNA results. And I agree with due process of the law to prevent mis-use of those results. Is there a difference between opting out to protect possible criminal relatives vs hiding the culprit in other ways? It is obstruction of justice either way in my opinion.

    1. Warrants are not meant to be fishing licenses. The cop had no idea what he’d find in GEDmatch, and clearly he didn’t find what he was hoping for because the case remains unsolved. On the other hand, the entire genetic genealogy industry just got gut punched.

  6. Well I have nothing to hide or fear from LE probes into the GEDmatch database. However, as a matter of principal I had opted-out of LE access. I have now deleted my DNA file and closed my account, which I had hardly used anyway. Ancestry, FTDNA and Living DNA, who I am also registered with would offer more resistance to LE requests and fight against any warrant, I hope. I’m in UK and covered by European privacy laws, which I believe are a lot stronger than those in US. The day any of the big names comply with LE will be the day their business takes a decline in popularity, and they know it.

    1. FTDNA gave the FBI access to their database at the mere threat of a warrant, much less an actual warrant. They have since welcomed LE into their database—for a price—and even opened their own forensics division.

    1. Each of us has our own level of comfort with privacy and government intrusion. You are welcome to opt in your own DNA to LE searches. Those who choose differently should be respected, as well.

  7. Thank you for sharing this. I’m so done with GedMatch. They continually betray their customers’ trust — and, yes, WE with the DNA are the customers (as well as the product, I know.) Just deleted my Tier One payments after 5 years. AND my 30 kits. Let GedMatch do thi on their own dime, not mine.

  8. It seems that the whole database was given access to. Like DNAGeek said, it’s giving access to the whole lake to maybe find a fish.

    So we’re not protected by GDPR or any other country specific privacy law as the owner of GEDmatch once again violated his own T&C (which is a binding two-way contract) and privacy laws all over the world!

    Time to delete all my 10+ accounts because I promised to do genealogy with my relatives DNA and not solve crimes.

  9. Law enforcement has been salivating over the DNA databases for a very long time. With the privacy being violated of individuals who never signed up for anyone in law enforcement to access their DNA – it is only a matter of time before no one will take a voluntary test for these databases as well as others being deleted (are they really deleted though?). As with most things, when the government gets involved – it all goes south for everyone. I hate that this is being allowed to happen. Especially for fishing activities. Nothing like a kill-joy for my favorite past-time. (Since 1990).

    1. Ironically, I think the best path forward is for more government involvement. Clearly, some of the databases are not willing to self-regulate to protect their customers. We need legislation.

  10. This detective has blinders on, that is, he is not seeing the big picture. The detective may be an upstanding citizen with pure intent, but surely not all LE is.

    There are so many bad actors in our society and LE is no exception. Our DNA must be protected.

    My greatest fear (in 5, 10, even 20 years from now) is another holocaust using DNA to track victims down. Do you think that’s crazy? Imagine what Hitler would have done with this technology.

    There has to be a better way to assist law enforcement, because I truly do believe DNA can be incredibly helpful in solving murders/rapes. I’m not sure how that would work (a company go-between perhaps) but I would love to read some suggestions.

  11. Does a Raw DNA file contain tester identity information?

    Is it possible to anonymize a DNA file upload to GEDmatch so that the kit provides no information other than an email address for matches to contact?

    1. If someone can view your DNA matches, they can figure out who you are. After all, that’s exactly what the cops are doing with their crime-scene samples.

      1. I understand your reply, but it isn’t answering what I am asking.

        I am asking about what identifying information is contained within a Raw DNA file and can that information be anonymized before an upload.

        For example I know that the Raw DNA file filename contains the name of the tester as provided to the DNA company, can the filename be changed to something generic such as “RawDNAfile” before upload?

        Is there similar information hidden within the file itself?

      2. Also… does the Raw DNA file contain a number or sequence that identifies the test – and the source DNA held – with the original testing company

        1. i suggest you download your raw data files to check. Anonymizing the file before upload will not anonymize you, though.

  12. Hello thednageek,

    Today I went to go in and delete some of the kits that I had on gedmatch and I am not allowed to enter the site until I agree to accept the new Terms of Service. Option #1
    It appears that if I click Option #2, it does not send me to the website so I can delete specific kits, but that it deletes my registration only. I am afraid that it will not delete all of the kits that I have on my account. I have approximately 15. From what I understood previously, each kit had to be deleted individually from inside the account.
    Do you have any information on what happens if I select Option #2 in the Terms of Service agreement?
    Thanks for your help.

    1. If you choose Option 2, you account is deleted along with all of your kits. If you’re not comfortable with that, pick Option 1 so you can log in, then delete the kits individually.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.