Investigation raises questions about privacy on sites that help reconstruct family trees through genetic data
Sacramento investigators tracked down the Golden State Killer by comparing the suspect’s DNA to the genetic profiles available online through genealogy websites, the district attorney’s office revealed on Thursday.
Joseph James DeAngelo Jr, 72, a former police officer, was arrested on Tuesday evening at his home in Citrus Heights, following a DNA breakthrough. He is accused of 12 murders and at least 45 rapes from 1976 to 1986.
Law enforcement used a DNA sample from one of the crime scenes and matched it to distant relatives who had used a genealogy website to find out about their family background, the chief deputy district attorney, Steve Grippi, told the Sacramento Bee.
From the relatives they were able to chart the family tree until they found someone the right age who lived in the area. After that, investigators obtained more recent “abandoned” DNA samples from DeAngelo.
“You leave your DNA in a place that is a public domain,” district attorney Anne Marie Schubert told the New York Times.
The district attorney’s office would not give any more information about the mechanism through which investigators made the initial match, citing the “ongoing investigation”. However, the development raises questions about the privacy of individuals who use these DNA database.
People typically sign up to service such as 23andMe or AncestryDNA to find out about their health and family trees. By sending off a DNA sample to be tested and uploaded to the platform, individuals can identify other users of the service who might be related. They probably don’t expect police to screen their profile to see if they might be linked to a crime.
23andMe said the company was not involved in the case and that it had never given customer information to law enforcement officials. The platform does not support the comparison of genetic data processed by any third party to genetic profiles in its own database.
An Ancestry.com spokeswoman said: “We have not been in contact with law enforcement regarding the Joseph James DeAngelo case. Ancestry advocates for its members’ privacy and will not share any information with law enforcement unless compelled to by valid legal process.”
It is possible that law enforcement may have signed up as customers to these services and submitted an old DNA sample to be tested. Under these circumstances, it would be accurate to say that the services did not give customer information to law enforcement.
The Golden State Killer, also known as the East Area Rapist, remained free for decades after a homicidal spree. He wore a mask and gloves and would break into homes to attack his victims.
DeAngelo was as a police officer with the Exeter and Auburn police departments, but was fired in 1979 on suspicion of shoplifting a can of dog repellant and a hammer.
It is not the first time police have tried to identify suspects for cold cases by searching genealogy databases. In 2014, Idaho investigators used a publicly searchable Ancestry.com database to identify an unknown suspect in a murder case because the suspect’s father had donated his DNA sample years before.
The suspect, Michael Usry, was interrogated and a DNA sample was taken, but it turned out that his DNA was not a match to the crime scene DNA.
“This case highlights the extreme threats posed to privacy and civil liberties by familial DNA searches and by private, unregulated DNA databases,” the EFF’s Jennifer Lynch wrote at the time. “People should be able to learn about their ancestors and relatives and about possible risks for genetic diseases without fear that their data will be shared with the cops without their consent.”