The decision by a prominent consumer DNA-testing company to share data with federal law enforcement means investigators have access to genetic information linked to hundreds of millions of people.
FamilyTreeDNA, an early pioneer of the rapidly growing market for consumer genetic testing, confirmed late Thursday that it has granted the FBI access to its vast trove of nearly 2 million genetic profiles. The arrangement was first reported by BuzzFeed News.
Concerns about unfettered access to genetic information gathered by testing companies have swelled since April, when police used a genealogy website to ensnare a suspect in the decades-old case of the Golden State Killer. But that site, GEDmatch, was open-source, meaning police were able to upload crime-scene DNA data to the site without permission. The latest arrangement marks the first time a commercial testing company has voluntarily given law enforcement access to user data.
The move is of concern to more than just privacy-minded FamilyTreeDNA customers. One person sharing genetic information also exposes those to whom they are closely related. That’s how police caught the alleged Golden State Killer. A study last year estimated that only 2 percent of the population needs to have done a DNA test for virtually everyone’s genetic information to be represented in that data.
FamilyTreeDNA’s cooperation with the FBI more than doubles the amount of genetic data law enforcement already had access to through GEDmatch. On a case-by-case basis, the company has agreed to test DNA samples for the FBI and upload profiles to its database, allowing law enforcement to see familial matches to crime-scene samples. FamilyTreeDNA said law enforcement may not freely browse genetic data but rather has access only to the same information any user might.
The genealogy community expressed dismay. Last summer, FamilyTreeDNA was among a list of consumer genetic testing companies that agreed to a suite of voluntary privacy guidelines, but as of Friday morning, it had been crossed off the list.
“The deal between FamilyTreeDNA and the FBI is deeply flawed,” said John Verdi, vice president of policy at the Future of Privacy Forum, which maintains the list. “It’s out of line with industry best practices, it’s out of line with what leaders in the space do and it’s out of line with consumer expectations.”
Some in the field have begun arguing that a universal, government-controlled database may be better for privacy than allowing law enforcement to gain access to consumer information.
FamilyTreeDNA said its lab has received “less than 10 samples” from the FBI.
“The genealogy community, their privacy and confidentiality has always been our top priority,” the company said in an e-mail.