By: Leslie E. Wolf, JD, MPH, Georgia State University College of Law, Interim Dean and Distinguished University Professor and Laura M. Beskow, MPH, PhD, Ann Geddes Stahlman Chair in Medical Ethics, Center for Biomedical Ethics and Society, Vanderbilt University Medical Center
In our article, Genomic databases, subpoenas, and Certificates of Confidentiality, published in Genetics in Medicine, the official journal of the American College of Medical Genetics and Genomics (ACMG), we considered the protections available to research genomic databases in light of law enforcement’s use of ancestry databases to help solve crimes.
The arrest of the notorious Golden State Killer, who allegedly is responsible for dozens of rapes and a dozen murders over decades, brought law enforcement’s use of ancestry databases to public attention. In that case, law enforcement uploaded crime scene DNA to identify relatives of the suspect. This information ultimately helped them to identify and gather evidence against the suspect, Joseph James DeAngelo. Since then, numerous cold cases have since been solved using similar techniques.
Law enforcement’s use of commercial ancestry databases for solving crimes has not been without controversy. Individual decisions to obtain and share DNA profiles have implications for relatives; research has suggested that a majority of Americans of European descent can be identified through such sites, even if they have not submitted their own DNA. As concerns have arisen, some ancestry databases are seeking to assure consumers that they will not share their DNA with law enforcement unless they agree. In addition, the U.S. Department of Justice recently adopted an interim policy that limits use of ancestry databases by its agencies or those it funds.
Company attempts to protect users’ confidentiality may be unsuccessful. In July, a Florida judge issued a warrant enabling a police officer to access GEDMatch’s genomic profiles, regardless of individuals’ stated preferences. The impact of this case is, as yet, unclear, but suggests law enforcement will continue to seek access to such data. Accordingly, those running large-scale genomic research studies should pay attention to these cases and be prepared to use the Certificates of Confidentiality that are now automatically issued to NIH-funded research databases – and may be granted upon application to other research databases – to protect participants’ data. Although, as we outlined in our article, there are some uncertainties about the Certificates’ protections, research databases at least have this option; non-research databases do not have these kinds of legal protections.