MENU

Reason.com

Free Minds & Free Markets

VOLOKH CONSPIRACY

Mostly law professors, blogging on whatever we please since 2002 · Hosted by The Washington Post, 2014-2017 · Hosted by Reason 2017 · Sometimes contrarian · Often libertarian · Always independent

Tentative Thoughts on the Use of Genealogy Sites to Solve Crimes

Prompted by the apparent catching of the Golden State Killer.

As many readers know, the Golden State Killer appears to have been finally caught using a genealogy site, GEDmatch.com. This raises some really interesting issues that I haven't thought much about before, and I thought I would explore them more. I'll focus on two questions. First, was this process legal? And second, is it troubling that the police were able to do this? Here are some tentative thoughts.

The Facts. First, here's an overview of the facts to get us all on the same page. The website, GEDmatch.com, allows people who have obtained their DNA profies to upload them and see if they can find a match with others on the site. About 950,000 users have voluntarily posted their profiles there in an apparent effort to find matches with others who have posted profiles. Investigators apparently used the known DNA profile of the Golden State Killer collected long ago from a crime scene, created a profile, and were able to figure out the killer's great-great-great grandparents who lived in the early 1800s. From that point, the Washington Post has reported, "a team of five investigators spent four months building out family trees, name by name. They pored over census records, newspaper obituaries, gravesite locaters, and police and commercial databases to find each relative and, ultimately, DeAngelo" -- Joseph James DeAngelo Jr., a 72-year-old former police officer.

So was it legal? And from a policy standpoint, what should we think of this?

The Law. As far as I can tell, the legal issues are relatively straightfoward. I don't know of any plausible arguments that the investigation (or at least what I have described above as the investigation) was unlawful. There are no Fourth Amendment issues here I can see, as the government was just using a service to check with data that others had voluntarily made publicly available. You can think of this as kind of undercover operation, in that the police were perhaps "posing" as the Golden State Killer looking for family DNA matches. But that's not a Fourth Amendment issue, as the police have always been allowed to do that under the Fourth Amendment. See Hoffa v. United States, 385 U.S. 293 (1966).

Some have wondered if the police using a genealogy site might be criminal if it violated the site's terms of service under the Computer Fraud and Abuse Act. But the answer to that is clearly no, as the statute provides an exception for law enforcement investigations in 18 U.S.C. 1030(f): "This section does not prohibit any lawfully authorized investigative . . . activity of a law enforcement agency of the United States, a State, or a political subdivision of a State[.]" And that's even assuming that violating terms of service can be a crime anyway, an issue on which there is a circuit split and in which the Ninth Circuit (which of course includes California) has said violating terms of service is not a CFAA offense. See United States v. Nosal, 676 F.3d 854 (9th Cir. 2012) (en banc).

Assessing the Privacy Threats. But what about the broader set of privacy questions? The benefit to law enforcement in terms of solved cases involving DNA is weighty, and I think we all get that. Especially in such an incredibly disturbing case as this one. I take the policy question to be how we consider the tradeoffs in more general cases: how do we weigh the benefit to public safety against the privacy harms? In doing that, I would think there are three distinct privacy harms to consider:

  1. The invasion of privacy when the goverment collects a DNA sample and creates a profile of it in order to be able to make a match;
  2. The invasion of privacy when the government uses the genealogy site to obtain information about a person who submitted his or her own DNA profile to the site; and
  3. The invasion of privacy when the government uses the genealogy site to obtain information about a relative of the person who submitted a profile to the site -- when that relative did not submit a profile of his or her own.

Let's consider each in turn, with my apologies if I am not using all of the correct scientific terminology in how I am describing how the different issues might break down.

1. Sample Collection. I think there are serious privacy issues generally raised by the police obtaining DNA samples, although I gather none of those issues are rasied in the use of the genealogy site. In particular, I think there are troubling issues raised by the use of so-called "abandoned DNA," as well as the rules that the government must follow more generally to collect DNA samples. Regular readers may recall that I once wrote a cert petition arguing for greater Fourth Amendment limits on the collection and testing of DNA samples taken from a suspect. It seems to me that those issues still need more attention. DNA evidence can of course be pretty powerful, and it seems to me that the rules on collecting samples need significantly more attention than they have received so far.

With that said, I gather those issues are not raised in the use of the genealogy site, which presupposes that a sample has already been collected. Further, I understand that the Golden State Killer's initial DNA material was collected at the crime scene when the crimes occured, and it's hard to argue that there was a problem with the government collecting the DNA from the crime scene. There's the separate issue of how the government obtained DeAngelo's abandoned DNA at the end of the investigation after the genealogy site was used. But I gather no one is objecting to that at this point, so I'll move on to other issues.

2. Gathering Information on the Person Who Submitted A Profile to the Site. The second issue is the invasion of privacy when the government uses the genealogy site to obtain information about a person who submitted his or her own DNA profile. My tentative thinking is that this isn't particularly problematic. I say "tentative thinking" advisedly, because this is a new issue for me. I'm still working through the questions myself, and I may later decide that my initial thinking was wrong. But at least right now, it seems to me that collecting evidence about a person who voluntarily submitted it to a million or so people -- and who submitted that information with the goal of having others among that million or so people match data with his own -- is pretty unobjectionable. As a result, I tend to think it falls into the category of good policework and not creepy overreach.

There are counterarguments to this, I realize, and here's one particularly worth discussing: A person who submits his own profile to a site like GEDmatch.com presumably does so with the hope that others will seek matches with his own for a particular purpose, and that this government use is outside that purpose. That is, the person who posts his profile on a genealogy website is hoping to find out about his genealogy, not help the government gather evidence of his connection to a crime. That raises concerns that the information is being misused, in that people submitted their information for one purpose but then the government is using it for another purpose.

I see the argument. But I confess it doesn't seem particularly weighty to me in this context. The problem, I think, is that when you decide to expose your information to the entire world, with the express purpose of having anyone in the world find an identifying connection to your information, your basis on which to complain about what a particular person is doing with that identifying information seems somewhat limited. Here, the government was doing what anyone else in the world could do on a site open to the world.

Granted, I gather people didn't foresee this sort of use. But if so, I wonder if that's more a story of technological growing pains than government overreach. I see it as sort of like the weev case, where AT&T published information hoping that only certain people would see it. By posting in the information on the web, AT&T assumed the risk that others would pick it up. If you don't want to risk that happening, the lesson would go, it's probably best not to put the information out there.

3. Gathering Information About Non-Submitting Relatives of those Who Posted Profiles to the Site. The final question, and the one that seems to have drawn the most attention, is the potential privacy invasion when the government collects information about the relatives of profile-submitters -- relatives who did not themselves submit a profile. Here the concern is that the person identified did not take any affirmative steps to reveal their identity. The government is learning information about someone who didn't submit their information. As law professor Elizabeth Joh told The New Republic:

Do you realize, for example, that when you upload your DNA, you're potentially becoming a genetic informant on the rest of your family? And then if that's the case, what if you're the person who didn't personally upload the DNA, but you discover that your family member has done that?

I understand this concern, but I find it mitigated, at least in part, by two dynamics. First, I gather that the non-submitting relative here is the person whose sample was collected and profile submitted but whose identity is unknown. If that's right, then it's not clear to me why the privacy protection shouldn't come at the initial evidence-collection stage rather than at the profile-matching stage. As I wrote for Point 1, I think the collection of a DNA sample and its subsequent testing raises serious privacy concerns. But if we assume that those privacy concerns have been addressed, and we're okay with the collection and creation of a profile, I'm not sure I'm all that bothered by the subsequent additional identity information collected using voluntarily-submitted profiles of relatives.

Put another way, when the government uses a genealogy site like this, there are three potential privacy-invading stages -- collection the initial DNA sample to profile; seeking a familial match on the genealogy site to narrow down suspects; and collecting a final DNA sample to get an exact match -- and I'm not sure it's the second stage, as compared to the first or third, that is the one we should be most concerned about.

The second dynamic that mitigates the privacy concern, at least to my tentative thinking, is that the idea that people giving up their own privacy voluntarily also are giving up some privacy as to their family members strikes me as something that's actually pretty common. Think of familiar examples from everyday life. Say you don't want it to be easy for people to know your home address. A family member with the same last name might post their home address on the web or in the phone book. If someone wants to find you, a quick google search of your last name may give people an inkling of where you live because of what your family member posted. Or say you don't want a picture of you to be online. You don't post one, but a friend or colleague might post a public picture of a group of people that includes you without your permission. As a practical matter, maintaining privacy often requires the cooperation of others.

A difference here is that the technological uses here are new. The third-party privacy risk may not have been appreciated. But this goes back to the growing pains idea above. When technologies are new, they often seem like a magic black box. It's easy to miss the privacy implications of its use. But as we understand the techology better, we get better at understanding it. Perhaps the Golden State Killer investigation is a step in warning users about a use of data that many people didn't think about but should be on their radar screen going forward when they make choices (or revisit past ones) about what to do with their data and the data of others.

Thoughts Going Forward. Of course, none of this means that there shouldn't be some sort of regulation of whether or how criminal investigators use genealogy sites. Depending on how you see the balance of privacy and security interests, you could imagine different rules. For example, you could have a rule that legal process is required before the government can use such sites. Perhaps you could require the government to first show probable cause to believe that the DNA profile to be submitted is evidence of a serious crime (such as a homicide or a sexual assault). You could have something like the Electronic Communications Privacy Act for using a genealogy site -- say, a DNA Genealogy Privacy Act -- that would limit how investigators use such sites, require court orders, prohibit voluntary disclosure, and the like. There are a lot of options, depending on what uses you foresee and how you measure the costs and benefits.

Anyway, I really mean it when I said that my views were tentative. I'm new to the issues and just feeling my way, and maybe I'm missing something obvious (or less obvious) that will lead me to reverse course. I look forward to hearing what others have to say and learning from your insights.

Editor's Note: We invite comments and request that they be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of Reason.com or Reason Foundation. We reserve the right to delete any comment for any reason at any time. Report abuses.

  • loveconstitution1789||

    If DNA is going to be used as evidence that can almost convict people on its won then there needs to be safeguards as per the protections set forth in the US Constitution.

    First is that search warrants need to be used more. This is a check to police power. Fingerprints, DNA, and all other samples of persons that requires the person cooperate in giving the samples, needs a warrant. The police need to know who they want samples from and why and then convince a judge to issue a search warrant specifically stating what the 4th Amendment reasonable search is. Fishing expeditions collecting "abandoned DNA' should not be tolerated just like police searching through abandoned property in the trash. The constitution is very clear on this point. Same thing with fingerprints upon arrest should not be used as evidence unless there is a search warrant.

    Get a search warrant!

    As to other family members proving samples of DNA, that seems perfectly fine. Just like other family members speaking to police. The problem is that when people, who the police want to talk to, don't speak with police, police get mad. Police threaten family members or people who choose not to speak to police.

  • ThePublius||

    I disagree. The police searching a publicly accessible database to which people voluntarily submit their own DNA profiles is no different, in my view, than the police searching a phone book (when they existed), or googling for info.

    The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

    Once you've published, you have abandoned the right to be secure. And, incidentally, the thing being searched - the database - is not yours!

  • loveconstitution1789||

    What part do you disagree with? I said that people voluntarily submitting DNA samples is fine.

    Warrants should be required when the person the samples are sought from, don't cooperate and have not published their DNA history.

    You might want to be careful about 3rd party doctrine too. Just because a company has temporary custody of something from you does NOT mean they own it or that police can avoid a search warrant to obtain that something.

  • nonzenze||

    But that's not what happened here. The perp allegedly raped someone and left his DNA at the crime scene. The police collected that DNA as evidence of a crime.

    Warrants should be required when the person the samples are sought from, don't cooperate and have not published their DNA history.

    Agreed, but puzzling in this context since it seems to have nothing to do with the case under discussion.

  • loveconstitution1789||

    So what if the suspect leaves DNA at the scene. The police have to match it someone. DNA by itself means nothing. Its a matching marker to a person. Because DNA is so unique, except twins, its a great matching marker. Like nothing in the history of criminal investigation.

    The police have crime scene DNA. The police need a warrant to get the suspect's DNA. That is the relevant part of this discussion. Not sure why you don't get this.

  • David Bremer||

    Because the whole point of this is that they didn't need to get the "suspect's" DNA. The police had the perpetrator's DNA; he left it at the scene. The only thing the police needed to do was figure out who that DNA belonged to, which GEDmatch.com proved very helpful in doing.

    If this were a situation where police had set up roadblocks and asked everyone coming through to provide a DNA sample, then you'd have an argument. But that's not necessary for these processes to work. [I recognize that the police did surreptitiously obtain DNA from the suspect, which raises its own issues. But, as Orin noted, nobody has objected to that, so it's not part of the analysis.]

    Also, I'm curious why you believe "the constitution is very clear on this point." And how cool is it that the founders explicitly discussed DNA collection 200 years before its first use in criminal cases.

  • loveconstitution1789||

    Oh, you're one of those people that don't read.

    Police had the rapist/murders DNA at the scene. They did not know for sure until they could get a sample from DeAngelo who is the suspect.

    The Constitution discusses protection of people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures.... which includes any new tech that falls under that description, including DNA.

  • David Bremer||

    Quite the opposite in fact. I got that they didn't know "for sure" until they got DeAngelo's DNA. But (a) the police aren't ever required to know if they have someone "for sure"; (b) you're missing the point that they didn't necessarily obtain DeAngelo's DNA through a "search," let alone an unreasonable one (for purposes of 4th Amendment); (c) you seem to confuse technology with searches.

    Let's say I drop something outside my house on the sidewalk. The police can use all the fancy technology on it they'd like, since they obtained the thing without conducting a search. If I don't like the results, I shouldn't have dropped it on the sidewalk.

  • BillyG||

    Because DNA is so unique, except twins, its a great matching marker.
    Well...here's the thing. You're assuming they do a full DNA sequencing when they don't. What they do is look for genetic markers, and typically not all of them, and have some statistics (which I'd like to see some studies on) on what the odds are of two people matching those . So some labs/tests may look at 12 markers while others may use 40 (there's well over 100 total). The more markers you look at the more precise results you'll get. But since when do police care about precision?

  • loveconstitution1789||

    I know they don't test every market but I had no idea it was that few out of ~2300 genes mapped so far.

    I would love an article on non-full DNA sequencing. I personally think police getting sloppy on DNA evidence is telling of what is going on in that field. Potentially that its not as perfect as initially thought. Maybe its perfectly fine to only need a few markers to match to a specific person.

    The sloppier police get the more innocent people get convicted. It happened with fingerprints, ballistics, blood typing, line ups, hair typing, fiber typing, etc.

  • Rossami||

    You need to look up the "prosecutor's fallacy" and maybe some of the technical details about how DNA profiling really works. DNA matching is not nearly as unique as you think it is.

  • loveconstitution1789||

    DNA cannot be that unique since some of the DNA is what makes us all have certain common human features. I meant unique as in being able to pick out a small group of DNA matches from a large group of DNA. Unique is probably not the best word to use.

    I am always skeptical of some magic bullet for finding guilt. Government wants a magic bullet because its makes their job easier, which finding someone guilty should be hard.

  • OldCurmudgeon||

    "Because DNA is so unique"

    Here, the DNA was useful precisely because it is *not* unique. They identified him because the criminal shares DNA markers with his family members.

    So, in some ways, the key evidence against the suspect was obtained via consent from someone else.

  • nonzenze||

    The police have crime scene DNA. The police need a warrant to get the suspect's DNA. That is the relevant part of this discussion.

    I agree.

    The question was about whether police need a warrant to submit his DNA to a publicly accessible genealogy service in the same manner as anyone else could.

  • ThePublius||

    I may have been mistaken in my impression of your post. I thought you were saying that police going to open, online resources need warrants. Was I wrong?

  • loveconstitution1789||

    Yes. I said that the stuff they did online was probably fine.

    Its matching the actual killer's DNA to the crime scene samples that they needed a warrant for and evidently, police went through his trash to get a DNA sample for him.

    Then they arrested DeAngelo.

  • nonzenze||

    Can you clarify exactly at which step in the GSK case you believe should have had a warrant?

    -- Collecting DNA evidence from the crime scene of a rape or murder
    -- Archiving that evidence while the case was open
    -- Submitting that sample to a publicly available website

  • loveconstitution1789||

    The three things you mentioned were perfectly constitutional.

    How did they match the suspect's DNA inside the family? My understanding is that police used the suspect's 'abandoned DNA' to match. Police limited the DNA profile to a family based on the website based on the suspect's great-great-great grandfather. Not sure how someone gets their great-great-great grandfather's DNA since they have been dead for probably over 100 years.

    The police fucked on this one. They should not have gotten his DNA sample from the trash. They should have been required to get a warrant. The problem is that this genie cannot be returned to the bottle. Police didn't know for sure who the suspect was until they collected the suspect's DNA. Police can never go back to having millions of potential suspects.

    The only remedy is to use fruit of he poisonous tree doctrine and prohibit that DNA evidence. A jury would still convict him because everyone knows who the suspect is now. The suspect's greatest thing to avoid conviction was anonymity. That is 100% gone now.

    There is no way to give this guy a fair trial and he is 99.999999% guilty.

  • Bored Lawyer||

    So if I understand you correctly, you have no issue with taking samples from the scene of the crime.

    Your issue is, which often happens, is the police have a suspect. They cannot force him to give a DNA sample without a warrant or court order. So they follow him, and when he drinks a bottle of water or smokes a cigarette, they gather the bottle or cigarette and take a sample from that. So-called abandoned DNA.

    I am having a hard time seeing why they would need a warrant to do that. You trashed something -- an empty bottle, a used cigarette -- and abandoned it. It is now ownerless. A beggar could pick it up and use it or sell it. (I have seen homeless people gather used cans to make money by turning them in for recycling.)

    So I fail to see how this practice violates the persons right "to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures" as provided in the Fourth Amendment.

  • Lastseer||

    >So they follow him, and when he drinks a bottle of water or smokes a cigarette, they gather the bottle or cigarette and take a sample from that. So-called abandoned DNA.

    Since a warrant isn't required in this case (i.e. abandoned DNA). How would you feel if the government did this to everybody (collected discarded DNA - e.g. your roadside trash) and just kept a national DNA database? It may sound like a huge daunting task, but if Google can get a picture of almost everyone's house, I'm sure the government can manage.

  • Bored Lawyer||

    The question is whether there is a Fourth Amendment violation, not how I feel. I may not like the Big Brother implications of what you suggested, but that does not make a Constitutional violation.

    (And BTW, my understanding is that the Govt. already has a substantial database of DNA from a wide variety of sources. Not searching through garbage cans, but hospital records, etc.)

    And remember, part of the problem with your suggestion is that you need a pretty rigorous chain of custody to link the collected sample to the person. That's easy when you are following one rape/murder suspect. A lot harder when you are trying to collect data on millions of people.

  • Lastseer||

    >I may not like the Big Brother implications of what you suggested, but that does not make a Constitutional violation.

    I agree that it's not currently a violation. But it's not a constitutional violation, solely because SCOTUS has interpreted the 4th that way. I don't like the implications of their interpretation. I'd prefer for them to have to seek a warrant rather than used "discarded" DNA. What happens when science becomes advanced/sensitive enough to collect DNA from an exhale or other similar thing that people take for granted (i.e. it becomes literally impossible to keep your DNA secret).

    I much prefer a ruling along the lines of "Kyllo v. United States", where the court ruled that that "[w]here, as here, the Government uses a device that is not in general public use, to explore details of the home that would previously have been unknowable without physical intrusion, the surveillance is a 'search' and is presumptively unreasonable without a warrant." - in this case infrared scanning.

    I'd only tend to say the DNA can be used without if the owner had "published" it himself, in a way not meant to be private (e.g. 23 and me in a non-anonymous way to find relatives).

    >And remember, part of the problem with your suggestion is that you need a pretty rigorous chain of custody to link the collected sample to the person.

    You only need that to introduce it as evidence in court. You don't need that level of control to maintain a database.

  • OldCurmudgeon||

    "I'd only tend to say the DNA can be used without if the owner had "published" it himself, in a way not meant to be private (e.g. 23 and me in a non-anonymous way to find relatives)."

    I asked below, but... wouldn't such as case be covered by the 3rd party doctrine i.e., little-to-no practical protection? Arguably, it's not covered by any medical info privilege.

  • Ridgeway||

    If you've ever touched a penny, the government has your DNA. Why do you think they keep them in circulation?

  • loveconstitution1789||

    The samples of crime scene DNA being collected is fine.

    Its the 'abandoned DNA' to circumvent the constitution that I have a problem with.

    It is trash and a bum could pick it up and use it for whatever purpose they want. People who collect a person's trash are not restricted in the constitution relating to criminal prosecutions of presumed innocent people. Government are though.

    The Constitution and BoR specifically, were designed to articulate those protected rights that some Founders felt would be most abused by government.

    Another reason not to allow trash evidence is lack of controlling the sample. Are we 100% sure that DNA will not be altered to look like other DNA because of chemical contact or other environmental factors?

    Police are fishing through trash to find a suspect not verify the suspect they already have based on good evidence.

  • Bored Lawyer||

    BTW, how is abandoned DNA different than abandoned fingerprints. Police follow the suspect to a restaurant, and when he is done with his coffee cup, retrieve it and take his prints (which they might then match to prints taken at the crime scene)?

  • loveconstitution1789||

    DNA and abandoned fingerprints are not different in that context. Fingerprints have been written off as something the government can get without a warrant because the courts have lost their way.

  • jdgalt1||

    The government has at least a thumbprint from just about everybody because they've made giving that print a condition of getting a driver's license. I'm surprised they haven't thought of requiring a DNA swab as well.

  • loveconstitution1789||

    Part of the problem with these cold cases is they tend to be ignored unless there is publicity. When there is publicity, the media wants results. When those results are sloppy and point to the wrong person or give a guilty person an unfair trial, then that is a major problem.

    I would rather let the GSK go free than let the police get away with sloppy police work.

    The police finally got a break by finding the family the DNA belonged to. They could have taken as long as necessary to get the correct suspect and all the evidence they need to convict.

    Police chose the sloppy route and collect 'abandoned DNA' from the suspect. That should be a violation of the 4th Amendment but it currently is not according to the courts.

    If I was on a jury, I would acquit the guy based on the 'abandoned DNA' collection alone.

  • David Bremer||

    You evidently didn't read the story. Or the full post for that matter.

    Once they uploaded the profile, they got a name, but had to do lots of additional police work to find the right person. The LA Times explains that they had worked on this for months to find someone who was even on the west coast. Then, this guy wasn't even the top suspect. But as they did more investigation on timelines and interviewed people who knew DeAngelo, they finally pinned him as the culprit.

    Yes, they did obtain DNA elsewhere, and that might raise issues (depending on how police obtained it). But nobody's challenged that process (yet anyway), and the police probably had sufficient cause to get a warrant had they thought it necessary.

  • loveconstitution1789||

    You have zero idea what you are talking about.

    GEDMatch results did NOT get police the name of the killer. They got the name of a relative via that DNA partial match.

    They then needed a DNA sample from DeAngelo to match him to the DNA evidence at the crime scene(s). How they obtained that sample is the problem.

  • MatthewSlyfield||

    1. You are missing a step. After Identifying the family, a considerable amount of investigation was done to compare locations of various members of the family to various locations and dates of individual murders in this serial killer case. That is how they identified DeAngelo as the prime suspect.

    2.US courts have long held that the police do not need a warrant to collect evidence from your trash, once put out for collection. Why should DNA be different? What reason would the cops have had to think DNA was different?

  • OldCurmudgeon||

    It's not crystal clear that one intended to abandon the DNA (as opposed to the soda bottle in the trash).

  • David Nieporent||

    It's not crystal clear that one intended to abandon the DNA (as opposed to the soda bottle in the trash).

    Well, obviously one does not say, "I am going to get rid of some DNA right now," so in that sense, you're right. But in law, one generally intends the necessary consequences of one's actions. One intended to throw away the bottle, and the bottle contains whatever it contains.

  • OldCurmudgeon||

    Yes, they could have washed everything they ever toss away with bleach. OTOH, we don't normally require people take extraordinary actions, just reasonable ones, to protect privacy.

    As a rough analogy, in the infrared surveillance case, the homeowners could have heavily insulated their home, installed radiant panels, etc to hide their thermal signatures. The fact they didn't do so doesn't imply they consented to infrared surveillance under the open window doctrine.

  • OldCurmudgeon||

    err, plain view doctrine

  • loveconstitution1789||

    Plain view doctrine is a made up means to circumvent the 4th Amendment.

    If police are fishing for evidence, then they are violating the constitution [period]. Just get a warrant. The Constitution gave government a means to do investigations legally.

  • David Bremer||

    If police are fishing for evidence, then they are violating the constitution [period]. Just get a warrant. The Constitution gave government a means to do investigations legally.

    I was going to point out that this is an over-simplistic, uninformed position contrary to lots of case law saying otherwise. But since you added "period" to it, I'm now thinking you ought to be hired to a law faculty somewhere.

  • David Nieporent||

    As a rough analogy, in the infrared surveillance case, the homeowners could have heavily insulated their home, installed radiant panels, etc to hide their thermal signatures. The fact they didn't do so doesn't imply they consented to infrared surveillance under the open window doctrine.

    But note that Kyllo -- the case you're talking about -- turned on the fact that the equipment being used was not in general public use. As such, the idea was that the homeowner hadn't implicitly consented by failing to thermally insulate his house. But if it were common for the general public to walk around with thermal imaging equipment, then it would likely mean that the homeowner had implicitly consented by not insulating his house.

  • Rip Murdock||

    i guess you would then lie during voir dire to follow the judge's instructions on the law, even if you disagreed with them.

  • Don Nico||

    No. Why would he know that such evidence the prosecutor would introduce. And if he did know, wouldn't that be grounds to disqualify him regardless of what opinion he might have about the legality of the evidence.

  • David Nieporent||

    Fishing expeditions collecting "abandoned DNA' should not be tolerated just like police searching through abandoned property in the trash. The constitution is very clear on this point.

    The perennial link: Area Man Passionate Defender Of What He Imagines Constitution To Be.

  • nonzenze||

    Man, right after the VC adopts a Reddit-style commenting technology (threading, notification of responses, voting) they should adopt Reddit-style stickies. This should be the first post stickied.

  • Jerry B.||

    Not sure how 'abandoned DNA' left at a crime scene would be any different than, say, a drivers' license dropped at a crime scene.

  • loveconstitution1789||

    'Abandoned DNA' is when the police follow behind you at a restaurant and grab your cup and utensils to get DNA samples off them.

    Crime scene evidence is crime scene evidence. If you drop your license at the scene, that can be used against you. Also, technically, dirver's licenses belong tot he state of issue not the person.

  • Danlel||

    If I drop my Driver's License, anyone who can read is able to pick it up, interpret it, and identify me. If I leave my fingerprints, they can be seen and analyzed with common technology, although it would take the right database to identify me. If I leave my DNA somewhere, that can be analyzed only with fairly specialized technology. I think the question is whether abandoned DNA is like the smell of cannabis which is detectable only with the help of a trained dog or is it like grow lights in my apartment detectable with a special heat detector.

    None of these apply when the DNA is posted publicly. There are some interesting public policy arguments, but I don't see a Fourth Amendment issue there

  • Rossami||

    Interesting, insightful and well-balanced. Thank you, Prof Kerr.

    My own initial take on the matter is that the Europeans might (for a change) have the better approach. If we gave people explicit ownership of their own data and erase the fiction that mere collection of data turns it into the property of the collector, then as a society we could encourage the use of more explicit terms and conditions such that you or I could specify uses to which our data could be put.

    Presumably, some sites would allow or even encourage the sharing of data with researchers, the police, etc. Others would forbid it. And those restrictive terms of use would be enforceable (outside compulsory cooperation under all the protections of a warrant).

    That still doesn't solve the problem of a family member "consenting" for me but as you say, that may be as much growing pains as legal challenge.

    All that said, I remain unconvinced that the police rules about posing as another person are the right social policy. If it is a crime for you or I to use pretexting to impersonate another person, the police should be held to the same standards.

  • rsteinmetz||

    I agree that the police should be held to high standard when assuming an identity or when misrepresenting information to any person. I am particularly taken by the FBI tactic of interviewing a person finding a discrepancy and charging the subject with lying to the FBI, while at the same time the FBI is permitted to lie to the subject including claiming to have information they don't have or even making up information.

  • David Nieporent||

    My own initial take on the matter is that the Europeans might (for a change) have the better approach. If we gave people explicit ownership of their own data and erase the fiction that mere collection of data turns it into the property of the collector, then as a society we could encourage the use of more explicit terms and conditions such that you or I could specify uses to which our data could be put.

    The Europeans don't have a first amendment. "Data" is another way of saying "information." The fiction is the European approach that you own information just because it's about you. The fact that someone did something is just that: a fact. It's not owned by anyone.

  • Martinned||

    We don't? That would be news to the drafters of the French declaration of the rights of man and of the citizen, to the drafters of every constitution in Europe, to the drafters of the European Convention on Human Rights, the drafters of the European Charter of Fundamental Rights and any number of other legally binding documents.

  • Rev. Arthur Ꮮ. Kirkland||

    The English Bill of Rights explicitly includes a right for subjects to have arms for their defence, but people still get convicted of a crime and punished for having a gun or knife anyway.

    And all those "legally binding documents" can have all sorts of provisions explicitly protecting free expression, but people in Europe still get convicted of a crime and punished for having a dog make a Nazi salute anyway.

  • Martinned||

    That's the thing about Parliamentary Sovereignty, it means that civil liberties aren't worth the paper they're written on. (Nor are other rules, like the right of Protestants - not all subjects - to own arms.)

    Not sure why you brought it up, though, since I didn't include the English Bill of Rights, or any other British enactment, in my list.

  • Burkhard||

    Thanks for this thoughtful post which restored my trust in the Conspiracy after Steward "Learning from China means learning to be victorious" Baker on the same topic had me as usually spitting acid.

    2 issues here, "familial searches" and the use of genealogy databases. On the first, in the UK the Nuffield council had a discussion on the privacy impact that you might find useful: http://nuffieldbioethics.org/w.....h-uses.pdf
    with the recommendations, since implemented, that they require particularly sensitive handling and communication practices (e.g. if during the investigation it transpires that people who thought they were related aren't) and therefore also a higher level of authorisation and scrutiny.

  • Burkhard||

    As to the issue of using data voluntarily supplied to a genealogy database, in the discussion on the way forward, I'd say you miss an important point (and in that sense are similar to Baker) We do not (just) protect privacy to be nice to individuals. We protect privacy because it enables other important behaviour that is central for a democracy. The case at hand would make me e.g. very reluctant to use a genealogy database - I don't want to expose my grandchildren to the danger that a hypothetical authoritarian government some decades down the line uses my DNA to find out it was them who participated at a demonstration, say.

    So self-censorship might make us stop doing otherwise desirable things. One might say that genealogy databases are purely for the entertainment and don't serve a social purpose, so no harm done. While debatable (historical research?) your analysis works as well for other voluntary DNA sharing initiatives, including medical projects. Which is why in the UK again, a decision was made to not use DNA that was given voluntarily and not in a targeted investigation (e.g. during an exercise to exclude almost all male inhabitants of a village from the list of suspects). The same argument I think ought to be made for other forms of "DNA donation" to enable socially beneficial and voluntary DNA data sharing.

  • MatthewSlyfield||

    The particular genealogy database in question was up front and clear that they make the data submitted available for purposes other than genealogical research.

    Perhaps the problem lies there rather than with the actions of the police? Perhaps your posited avoidance on privacy grounds is broader than necessary. Perhaps avoiding genealogy databases like this one in favor of others that are more restrictive about how the data is used and by whom would be in the long run a good thing?

  • OldCurmudgeon||

    "was up front and clear that they make the data submitted available for purposes other than genealogical research."

    I disagree that it's up front or clear. The most they seem to say is a lawyerly "While the results presented on this site are intended solely for genealogical research, we are unable to guarantee that users will not find other uses. If you find the possibility unacceptable, please remove your data from this site." https://www.gedmatch.com/policy.php

    And, either way, this precedent is likely to cause self censorship.

  • rsteinmetz||

    It has always seemed to me that since DNA is such powerful evidence and can identify a person with accuracy to either exclude them or convict them it is a step forward in the search for actual justice.

    Traditionally many forms of evidence used have been problematic especially eye witness testimony. The use of scientifically valid evidence greatly reduces the possibility of wrongful conviction and increases the probability of finding the actual criminal.

    It seems to me the greatest area for potential mischief is in the gathering (or planting) of DNA by overzealous law enforcement.

    Surely a warrant is required to gather a sample from a person's body but beyond that I can't see any issue.

    Sometimes I wonder if some some of the rules we put into place are based on the idea of giving the defendant a "sporting chance" rather than to insure an actual fair trial that objectively weighs the evidence.

    In this instance gathering of discarded DNA would seem to be in the former category. If the DNA had not been positive then the suspect would have been cleared and the investigation moved on to other avenues. Since the DNA was a match the suspect was arrested on solid grounds. Surely an accurate and highly controlled DNA test while the suspect is in custody will either confirm the identification or not. The defense will have the opportunity to review that testing or conduct it's own.

    I don't really see the problem, perhaps I should go back and read the previous post on the subject.

  • Harry M Johnston||

    I think you're overestimating how accurate DNA evidence is. There's some discussion of this upthread.

  • KermitTFrog||

    There is something like a parallel here with Georgia v. Randolph. Of course, everyone's DNA is unique to him or her, but the family markers are shared -- there is joint ownership. Thus, if Aunt Betty wants to share her DNA, by all means... However, the shared portion -- the family markers -- are not entirely hers to give away. Of course, she can consent to let that part be searched, but if Cousin Eddy affirmatively denies (?) consent to the shared markers, like Randolph denying entry to the home even when his wife had consented, then there is no consent.

    Of course, this would matter little in this case, since the GSK never denied access to those familial markers. I suspect, however, that many people feel uneasy precisely because they would like to do just that, but are unable to. What if I contacted GEDmatch.com and stated that no familial markers of mine can be shared?

  • DavidTaylor||

    As a physician and not a lawyer I'm intrigued by this question, and my first thought was that a photograph of a an individual typically or often reveals physical features that are "familiar markers" -- in some cases (the Hapsburg chin, for example) markers that are very distinctive, and in other cases (hair or eye color, shape of the face) markers that might be more subtle but recognizable. I have twin sisters, and could it be argued that one could object to her twin sister's photo being display publicly because it revealed 'family markers' ? After all, eye witness seems to be a powerful form of identification in legal settings.... Just a quick thought on your intriguing question.

  • KermitTFrog||

    Great example. I think there may be a distinction based on one's expectation of privacy. One's DNA is inherently concealed, much like the interior contents of one's house, whereas one's countenance is essential public, like the front lawn. That is to say, I reasonably expect that people will know what I look like when I go out in public, I do not expect that anyone will access the more intimate knowledge of my DNA profile.

  • DavidTaylor||

    Good point -- the public/private issue certainly captures an essential difference.

  • loveconstitution1789||

    I hope this gets discussed more. It will be happening in the future more and more, so might as well resolve it soon.

    In the USA we have a sense of privacy and DNA is one of our most private things. Yet we can leave it everywhere. We don't have the current technology but even our breath contains DNA which could be tracked as tiny particle of our DNA land around us when we exhale.

    I think the Constitution clearly wants to make government jump through hoops to prosecute people. its really doesn't matter what the new tech is, just make it as difficult for government as possible. Its already is because even getting rubber stamped warrants really pisses off police.

  • Ridgeway||

    Wait a second.

    I thought GEDmatch was a dating site for underachievers.

    They are not going to like the DNA sample I sent in.....

  • David Nieporent||

    Wish we could still upvote comments.

  • nonzenze||

    :+1:

  • jdgalt1||

    And downvote too.

  • OldCurmudgeon||

    "A person who submits his own profile to a site like GEDmatch.com"

    What about an entity like 23andMe? Customers voluntarily submit the DNA, but many/most don't intend that it be 'public.' Can the police access that info? Using just the third-party doctrine? IIRC, 23andMe isn't licensed as a medical service provider...

    Does it change if, embedded somewhere in the end user agreement, the customer agreed to let it be used for research purposes?

  • Steelerfan||

    I am not sure where the issue of the warrant for the sample from the suspect is coming from. It has been the rule since the 1980s that there is no expectation of privacy with respect to items discarded in the trash. California v. Greenwood, 486 U.S. 35 (1988). That rule has been consistently applied to testing of DNA left on discarded items. Williamson v. State, 993 A.2d 626, 635-36 (Md. 2010); State v. Athan, 158 P.3d 27, 33-34 (Wash. 2007) , even when those items are obtained by deceit. And if they could have found probable cause to arrest him on this or another charge, no warrant would have been required to obtain his DNA. Maryland v. King, 133 S. Ct. 1958 (2012).

    I understand if people think the rule should be different (I am not a fan of the decision in King, and the paper cited by Professor Kerr goes into the issues about abandoned DNA) but the current state of the law is pretty clear on this.

  • loveconstitution1789||

    The courts are wrong [period] That is where the abandoned trash issue is coming from. The courts were wrong then and wrong now.

    The courts have assisted police in circumventing the Constitution for too long.

    Get a warrant! Its that simple. The Founders gave police a legal work around for total privacy and total property rights.

  • David Nieporent||

    The courts are wrong [period] That is where the abandoned trash issue is coming from. The courts were wrong then and wrong now.

    The courts have assisted police in circumventing the Constitution for too long.

    Get a warrant! Its that simple. The Founders gave police a legal work around for total privacy and total property rights.

    Could you remind me where in the Federalist Papers it discusses whether going through someone's trash is a search for fourth amendment purposes?

  • Longtobefree||

    Article nineteen. Right after the part where things manufactured in a single state, sold only in that same state, and prohibited from going to another state are 'in interstate commerce'. That is the same one that says common sense gun control does not infringe.

  • Longtobefree||

    Is DNA still considered admissible evidence? I thought it was conclusively wrong now that it sometimes incorrectly identifies as male someone who thinks they are female.

  • loveconstitution1789||

    Nice touch.

  • ||

    OK, let's leave out the matter of DNA. A genealogy web site can be - probably often is - used for nefarious purposes. Many web sites - far TOO many - such as banks use terrible security verification questions such as "Mother's maiden name" or "First name of your eldest sibling". I posted my genealogy to Ancestry.com long ago, before these problems became apparent. Therefore, my mother's maiden name, and the names of all my siblings, cousins, etc, are "public record" - and would be even if I had NOT posted my genealogy, because other relatives have posted theirs.

    When all of society becomes a Panopticon, then the very concept of "privacy" becomes something of a charade.

  • Longtobefree||

    Wait, what? you actually use the true answer to those security questions?

    You are supposed to use an unrelated set of characters. The computer does not care that 'cmdjrspps' is NOT the name of your high school, it just needs it to match what is entered for the answer. If the question is "what is your favorite color?", answer "elephant".

  • Stumble||

    Frankly this case scares the heck out of me, but I am really not sure that there is a clear Constitutional resolution to my concerns.

    The problem as I see it is that it has now become technologically possible and becoming probable for the Government to maintain a data base of everyone in the countries DNA. Because DNA can be correlated across generations and distant relatives this means even if you have never been swabbed nor have any of your immediate relatives, it still won't matter, with just a bit of computation it is (or will become) possible to identify any particular person's DNA quickly and easily.

    Given the government already collects DNA from every service person, everyone with a security clearance, every rape victim and perpetrator, many people arrested for minor crimes and certainly major crimes... In short order the government will be able to look at any specific DNA sample and at a minimum determine that it is likely from the offspring of X and Y, then do a minimal amount of effort to identify who that is. Functionally this means that the Government will have a working database of everyone in the countries DNA, without ever violating anyones individual privacy.

    The issue I have is that I don't think there is any Constitutional limit to this so either Congress must act, we need a Constitutional amendment to address it, or we will have to become resigned to the idea that the Government will be able to track us permanently from our shed DNA.

  • nonzenze||

    But what precisely can they "track" permanently? That is, let's march forwards in the parade of horribles of "look at a DNA sample and figure out whose it is" to the objectionable end.

    As far as I can see, it's no different than having a camera in a public place* that takes pictures of people's faces as they come and go.

    * Interestingly, the 1A would protect your right to do this even as a private citizen. No coercive government powers are needed to execute this.

  • OldCurmudgeon||

    One difference is that you can reasonably protect yourself from those cameras using a mask, beard/sunglasses/hoodie, etc. You leave DNA everywhere you go, all the time.

  • Stumble||

    Today the power of this tool is just emerging, but in just a few years time it will be functionally the same as every person having their DNA on file with the government. Even if you never submitted yours phenotype matching to your cousin, or sibling, or nephew will allow the government to basically identify anyone immediately from any scrap of DNA.

    I have the same issue with police cameras by the way. While I don't see a Constitutional issue with their use, combined with the face recognition China is rolling out Government tracking of people is now just a forgone conclusion. The technology is already here, it is just the cost that is too high.

  • Bill R||

    This doesn't seem much different from the Facebook / Cambridge Analytica issue, as I understand it: People shared info about their friends with a company, which used it in ways they didn't expect. The friends who were exposed indirectly didn't get a say in the process.

    Both seem creepy, but ... is it creepy because it's wrong, or because it's unexpected?

  • Dave W.||

    "But I gather no one is objecting to that at this point, so I'll move on to other issues."

    I am objecting to that at this point.

  • thomaspaine||

    I know you primarily focus on fourth amendment issues, but does this evidence also raise 6th amendment confrontation clause issues as well?

GET REASON MAGAZINE

Get Reason's print or digital edition before it’s posted online