This post has been updated.
In the midst of political turmoil in the USA, two major changes took place in the world of genetic genealogy that may have escaped attention. The first is that FamilyTreeDNA has a new owner. The second is that the Terms of Service at GEDmatch/Verogen are changing.
As of 7 January 2021, FamilyTreeDNA has merged with a relatively unknown pharmacogenetics company in Australia called myDNA. Bennett Greenspan, the former CEO of FamilyTreeDNA, has stepped back into an advisory role.
What this means for genealogists is unclear. myDNA has no background in family history, haplogroup analysis, or relative matching. Their business until now has focused on using DNA to devise fitness, nutrition, and skin-care plans.
This news comes hot on the heels of a stunning revelation: Greenspan and his company’s spokespeople had actively misrepresented the company’s involvement in the Golden State Killer case for 3 years.
Recall that Joseph James DeAngelo was arrested in April 2018 for a spree of brutal murders and rapes in California in the 1970s and 1980s. He was identified using genetic genealogy techniques reportedly done at GEDmatch and eventually convicted.
Greenspan initially denied involvement, claiming he “was not contacted formally, by any law enforcement agency, regarding the Golden State Killer case” (27 April 2018). He later said of the FBI in the database, “When they first started using it? I don’t know” (19 Mar 2019). By the end of January 2019, FamilyTreeDNA’s parent company had surreptitiously changed their Terms of Service to allow their new for-profit arm to work on criminal cases. The ensuing controversy led to FamilyTreeDNA introducing an opt-out system for law-enforcement cases, but they opted in most of their customers by default.
Greenspan’s claims are disappointing, because they were not true. As the Los Angeles Times reported recently in a shocking story, not only had Greenspan been cooperating with the FBI on the Golden State Killer case since 2017, his lab had analyzed the DNA.
Perhaps it’s not surprising that Greenspan’s company changed ownership a month after that article was published.
The press release announcing the transition assures us that FamilyTreeDNA will keep “intact their privacy rules and all terms of service.” One would hope for better. As a pharmacogenetics company staffed by medical doctors and PhDs, myDNA should be highly attuned to the imperative for consent, for both biomedical research and for law enforcement investigations.
Another hope is that myDNA will invest in genealogical tools and website upgrades at FamilyTreeDNA, which has lagged far behind its competitors in recent years.
However, the example of GEDmatch gives me reason to doubt.
GEDmatch, the once beloved commons for genetic genealogy, was also caught up in the Golden State Killer story, albeit without their initial knowledge or consent. They quickly warmed to the idea and within a month had changed their Terms of Service explicitly to allow law enforcement to investigate homicides and sexual assaults and to identify human remains (Does).
After GEDmatch granted a controversial exception to those Terms, they expanded their coverage to “murder, nonnegligent manslaughter, aggravated rape, robbery, or aggravated assault” and implemented an opt-in system for law enforcement matching. Yet another controversy in November 2019—complying with a warrant for opted-out kits—led to the sale of GEDmatch a month later to a relatively unknown company with no prior genealogy interests. Sound familiar?
At the time, there was hope that the new owner, a forensics equipment manufacturer called Verogen, would enhance privacy protections and improve the genealogical offerings at GEDmatch.
Apologies for all that backstory, but there’s a point here. First, GEDmatch hasn’t improved much on Verogen’s watch. New functionality has not materialized as promised, and a pair of back-to-back security breaches in July 2020 exposed the entire database to law enforcement, even kits that should not have been visible to anyone.
The website still looks like it was designed 20 years ago. Meanwhile, Verogen has launched a GEDmatch Pro portal “to support police and forensic teams” that has a slick new interface and an undisclosed fee structure. It’s clear where their development budget is going.
The Terms of Service are changing again, too, as of 11 January 2021. The new Terms include a lot of valuable information about privacy rights in different political units (e.g., the European Union) and a promise that “Your opt-in and opt-out settings remain unchanged.”
And while that’s technically true, there’s an important caveat: they’re not changing your settings, but they are changing what the settings mean. Bear with me.
Previously, opt-out kits were not visible to “DNA kits identified as being uploaded for Law Enforcement purposes,” which included Does. Under the new terms, opt-out kits are not visible to “DNA kits identified as being uploaded for Law Enforcement investigation of a Violent Crime.” Here’s the catch: Does are not considered violent crime cases.
That ‘or’ means Doe cases will be able to see everyone in the public database, whether they’ve opted out of law-enforcement matching or not. That’s new. Until now, Doe kits have been treated like other forensic cases.
This is not the time to debate whether any individual should or should not want to help solve crimes or identify Does. This isn’t about that. This is about whether Verogen can be trusted. And it’s not looking good.
This also informs our expectations for the new regime at FamilyTreeDNA, which had a similarly turbulent history before its sale to a company with no prior interest in genealogy.
To paraphrase Maya Angelou, hope for the best, prepare for the worst, and expect anything in between.