In April, detectives finally identified Joseph James DeAngelo as the Golden State Killer, the man they think was behind more than a dozen murders and 50 rapes in California in the 1970s and ’80s. Police got a break in the case using a public genealogy website: They uploaded DNA samples from the crime scene to find distant relatives of the suspect. After building a family tree, investigators identified DeAngelo and confirmed the match. But now, many are wondering if the genetic sleuthing went too far. Discover asked Baylor College of Medicine bioethicist Amy McGuire, who wrote about the issue in June in the journal Science, to weigh in.
Q. What ethical and legal questions does this case raise?
A. The biggest question it raises is one of privacy and expectations about privacy. Law enforcement identified a suspect based on matching DNA not to that suspect, but to a potential distant relative, whom they may not even know.
Some legal scholars have questioned if law enforcement is allowed to search those commercial databases without a warrant. Right now, they can. But I think the laws on all kinds of databases are still evolving. Colorado, for example, has passed a law that says how, and for what purposes, police can use the state forensic database.
I suspect a large number of people would be very excited and supportive of law enforcement being able to access these databases to identify violent criminals. But they may not be as enthusiastic about using this information to identify suspects of more petty crime, like car theft or drug trafficking.
Q. Before investigators arrested DeAngelo, they had used the same method to track down someone who ended up not being a match. How big of a problem are these kinds of false leads?
A. There is a risk of there being a false lead with this strategy. You’re basically matching people from these databases to relatives, and the further out you go, genetically, the less of a match it is. This could lead to law enforcement asking for DNA of people who had nothing to do with the crime.
Q. What should consumers be aware of before they spit in a tube and send their DNA to a company?
A. They need to read carefully the privacy policies and the terms of service of these companies. Most of us skim through those very tiny-lettered, legalese types of things when we’re signing up for different products and services. But they’re important. They tell you the extent to which your privacy will be protected, and the mechanisms used.