The popular online service for autosomal DNA matching and comparison, GEDmatch.com, has been facing not just pressure from the impending GDPR regulations, but also an unfortunate media backlash over how law enforcement are using the tools it offers to focus on investigating cold-case violent crimes.
Interest in and concern about the European Union's General Data Protection Regulation (GDPR), taking effect May 25, has rapidly escalated over the past several weeks, even for U.S.-based organizations, commercial or not. Small genealogy organizations and websites are feeling the pressure, so much so that some, notably Ysearch.org, Mitosearch.org, and WorldFamilies.net, are closing permanently.
The popular online service for autosomal DNA matching and comparison, GEDmatch.com, has been facing not just pressure from the impending GDPR regulations, but also an unfortunate media backlash over how law enforcement are using the tools to focus on investigating cold-case violent crimes. The now month-long media blitz began April 27 when Paul Holes, a retired investigator with the Contra Costa County District Attorney's Office, told the Sacramento Bee that he used DNA samples collected from crime scenes to create a genetic profile of the suspected Golden State Killer and used it to search genealogy websites. The genealogy website that proved effective was GEDmatch.
Parabon NanoLabs, a company best known for its Parabon Snapshot DNA Phenotyping Service that creates composite facial based upon DNA profiles, on May 8 unveiled its new forensic genealogy service, to be headed by well-known genetic genealogist CeCe Moore. This is a for-fee service to be sold to law enforcement; the price tag for a single analysis is $3,750. The results of the new service's first case came a scant 10 days later. On May 18 an arrest was announced in the 1987 murder in Washington State of a young Canadian couple. DNA from the case was tested and run against the data in GEDmatch. Close matches were made to two of the suspect's relatives.
One thing we can take away from this is that the GEDmatch utilities—most of which are free—are effective and accurate. But GEDmatch's Curtis Rogers made it very clear that the company was never approached by law enforcement, and that they did nothing knowingly to aid any investigation. In truth, GEDmatch was used in the investigations precisely the same way hundreds of us use it every day for genealogy. The only difference is that, instead of me sending in a sample to AncestryDNA or 23andMe or Family Tree DNA for testing and then uploading the results to GEDmatch, a law enforcement agency used an old sample collected at a crime scene, sequenced it, and created a pseudo-profile on GEDmatch with which to upload the results.
Beyond the anticipated verbiage to satisfy GDPR strictures, there is interesting new language dealing with the raw data files provided to GEDmatch:
Raw DNA Data Provided to GEDmatch
When you upload Raw Data to GEDmatch, you agree that the Raw Data is one of the following:
- Your DNA;
- DNA of a person for whom you are a legal guardian;
- DNA of a person who has granted you specific authorization to upload their DNA to GEDmatch;
- DNA of a person known by you to be deceased;
- DNA obtained and authorized by law enforcement to either: (1) identify a perpetrator of a violent crime against another individual; or (2) identify remains of a deceased individual;
- An artificial DNA kit (if and only if: (1) it is intended for research purposes; and (2) it is not used to identify anyone in the GEDmatch database); or
- DNA obtained from an artifact (if and only if: (1) you have a reasonable belief that the Raw Data is DNA from a previous owner or user of the artifact rather than from a living individual; and (2) that previous owner or user of the artifact is known to you to be deceased).
'Violent crime' is defined as homicide or sexual assault.
Quite explicit now, addressing not only "DNA obtained and authorized by law enforcement," but also the contingency of artificially created DNA information. The current state of our technology looks at approximately 700,000 SNPs, Single Nucleotide Polymorphisms, at each position consisting of one of the four nitrogenous bases, the "letters" of DNA: A, G, C, and T. The raw data we get from the major testing companies is a plain text file which can be edited by someone with the know-how. It's difficult to imagine what purpose that could serve because the SNPs comprise only about 0.023% of the total base pairs in the human genome...insightful for making assumptions about a chromosomal segment potentially shared between second cousins, but not really for any other use. Regardless, GEDmatch has addressed it.
Beginning May 21, your next visit to GEDmatch, after you enter your log-on credentials, will present you with this message:
When you scroll down through the new terms of service, you will have three options to choose from:
- Option #1—Accept the Terms of Service; you will proceed to the familiar GEDmatch screen allowing you to use the utilities.
- Option #2—Reject the Terms of Service; this will remove your account and delete all data you have uploaded to the site. This cannot be reversed; be extremely cautious.
- Option #3—Decide Later; you will return to the log-in screen and be presented with the acceptance options the next time you attempt to log-on.
GEDmatch has been one of the best new additions to genetic genealogy. The utilities they offer are extremely valuable to researchers, and the majority of them are free. I'll continue to be a Tier 1 subscriber, and sincerely hope that, if anything, these past and future weeks do not damage GEDmatch's viability as a company; that, if anything, it is strengthened by recognition of the validity and effectiveness of its toolset.