At a family history event in mid-August, a company employee let slip that AncestryDNA was considering allowing DNA files created by other companies to be uploaded into their database. This report was confirmed to me directly by three independent sources.
If this were to happen, it would rock the genetic genealogy world, in more ways than one. Let’s think this through.
Genetic genealogy is a numbers game, and AncestryDNA has—by far—the largest genealogical DNA database out there. It’s about as large as the other direct-to-consumer databases combined. Almost everyone will benefit by having their family members in the AncestryDNA database.
That is not always possible, however. There are thousands of people in the smaller databases who have since passed away. Many of them tested at the request of avid genealogists who would dearly love to leverage AncestryDNA for their research but can’t.
These genealogists have often invested thousands of dollars to test extended family and would be willing to pay a little more to get those DNA kits into AncestryDNA’s database. It would be a win-win: a new revenue stream for AncestryDNA and a new life for legacy kits that are now stranded.
Uploads at AncestryDNA would upend the genetic genealogy industry. Genealogists managing legacy kits would no longer need to cajole their AncestryDNA matches to transfer to the smaller databases to evaluate matches; they could simply transfer their own family kits the other way.
Smaller companies would falter, because there would be little incentive to upload there anymore. I’d hazard that 40% of the kits at MyHeritage and FamilyTreeDNA tested elsewhere, so growth at both places would be seriously impacted. MyHeritage has a solid foothold in Europe, so I think they’d adapt and survive. I’m not so sure about FamilyTreeDNA’s autosomal database.
As much as I’ve questioned FamilyTreeDNA’s actions over the past few years, I don’t want them to go under. A strong market needs competition, and genealogists need the Y-DNA and mitochondrial DNA offerings that only FamilyTreeDNA offers.
Sites like GEDmatch that are 100% uploads might well collapse.
There is a more sinister side to the possibility that AncestryDNA might accept uploaded files: law enforcement and bad actors could, nay would, invade the database, regardless of Ancestry’s terms of service or what consumers want.
We’ve already seen that some law enforcement agents are uploading to sites forbidden to them by both Department of Justice policy and the databases themselves.
We also recently learned that prominent forensic genetic genealogists—some of whom have spoken eloquently about ethics and trust—had been using a privacy hole at GEDmatch to see people who had not consented to law-enforcement matching.
It only takes a few bad apples to spoil everything. If leaders in forensic genetic genealogy cannot be trusted to play by the rules, why should anyone else? Ethical practitioners can’t compete with people who cheat to solve cases and draw fawning press coverage.
If AncestryDNA starts taking unvetted uploads, law enforcement will be there in a heartbeat. The entire industry will suffer like it did in the wake of the Golden State Killer’s arrest. You can see the damage in the graph below.
The long straight lines represent the growth rates at AncestryDNA (green) and 23andMe (purple) in the year prior to the arrest (thicker lines) and since then (thinner lines). Sales took a huge hit when the public learned that law enforcement had infiltrated some databases. The industry still hasn’t recovered.
There is a solution, though.
In 2018, Yaniv Erlich, then the Chief Science Officer at MyHeritage, proposed that DNA testing companies cryptographically sign their raw data files. (See the last paragraph of this scientific article.) The cryptosignatures could then be used by other sites to authenticate a file’s origin before accepting it.
Such a system requires collaboration, though. If AncestryDNA wants to accept uploads from 23andMe, or vice versa, both companies would have to agree to use cryptosignatures. Each would have to negotiate its own arrangement with MyHeritage.
Back in 2018, there wasn’t much incentive for the big companies to agree to all that. But now that AncestryDNA is considering uploads, the calculus has changed. (Calculus does that. 😉)
FamilyTreeDNA and GEDmatch, which both collaborate with law enforcement, would also benefit from cryptosignatures. They charge $700 per kit for forensic uploads, so law enforcement has a dual incentive to skirt the rules and upload as “normal” kits: the agents avoid a hefty fee and get to see kits that have not consented to forensic matching. Cryptsignatures would protect both the regular users at FamilyTreeDNA and GEDmatch as well as their bottom lines.
Yaniv was right! It’s time for the DNA testing companies to adopt cryptographic signatures to protect the entire industry.