'%3e%3crect opacity='0.2' width='32' height='32' fill='%2312306C'/%3e%3cpath d='M24.2885 25.0767C24.8494 24.964 25.1815 24.3707 24.8951 23.8718C24.2439 22.7376 23.2141 21.7409 21.8952 20.9822C20.2039 20.0094 18.1317 19.4821 16 19.4821C13.8683 19.4821 11.7961 20.0094 10.1049 20.9822C8.78587 21.7409 7.75609 22.7376 7.10495 23.8718C6.8185 24.3707 7.15063 24.964 7.71154 25.0767L8.68725 25.2727C13.5149 26.2424 18.4851 26.2424 23.3128 25.2727L24.2885 25.0767Z' fill='%2312306C'/%3e%3cpath d='M22.2359 12.2225C22.2359 15.659 19.444 18.4449 16 18.4449C12.556 18.4449 9.76407 15.659 9.76407 12.2225C9.76407 8.78589 12.556 6 16 6C19.444 6 22.2359 8.78589 22.2359 12.2225Z' fill='%2312306C'/%3e%3c/g%3e%3cdefs%3e%3cclipPath id='clip0_2531_12631'%3e%3crect width='32' height='32' rx='16' fill='white'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e)
For four decades, the Golden State Killer instilled fear across California after killing 12, raping more than 50, and committing over 100 burglaries during the 1970s and 1980s. He was also known as the East Area Rapist, Original Nightstalker, Diamond Knot Killer, and Visalia Ransacker.
After 1986, he mysteriously went into retirement. Investigators spent years trying to find out who this serial killer was. They had no luck with criminal DNA databases or crime scene sweeps in hopes of finding fingerprints. The Golden State Killer was always one step ahead of the police.
Using Genetic Genealogy to Catch a Killer
Back in April of 2018, the Washington Post reported that investigator and DNA expert Paul Holes turned to genetic genealogy in hopes of finding the killer. He used DNA recovered from past crime scenes and uploaded it to GEDmatch, a free genealogy database where people upload their raw DNA data to find relatives.
Using that data, Paul Holes was able to identify distant relatives of the killer and began building family trees. Joseph James DeAngelo was arrested in Citrus Heights on April 24th, 2018.
From there, investigators created family trees that eventually led them to DeAngelo. After this case, several other murderers and rapists have been identified using similar genetic genealogy methods.
Although many cheered when they read the news, the report also triggered a new fear: does taking a DNA test mean a person is inadvertently allowing law enforcement and other third parties to access and probe their DNA?
What Does This Mean for Your Privacy?
At the time of law enforcement catching the Golden State Killer, GEDmatch was a fairly obscure site home to nearly 1 million DNA enthusiasts. The site was free to use and open to the public. If you had taken a consumer DNA test through companies such as 23andMe or Ancestry, you could upload your raw DNA data to GEDmatch to search for relatives. However, users never anticipated how their private genetic information could be accessed by investigators.
Shortly after the breaking news story, Wired reported on privacy experts raising concerns about this sudden access to people's personal data.
Back in 2019, Wired reported that GEDmatch had been acquired by Verogen, a forensic genomics company sometimes called the "Google of genetic testing" in law enforcement circles. Originally, users had to opt-in to allow law enforcement to match their DNA. But after a hacker got a match to a profile on GEDmatch during a major security breach, the platform's opt-in setting was briefly changed to opt-out, meaning users had to actively choose to restrict law enforcement access. The hacker's data appears to have been stolen and used to target MyHeritage users in a phishing scam.
FamilyTreeDNA apologized after reporting to the New York Times that it had shared customer data with law enforcement without a subpoena or warrant. Unlike GEDmatch, which was an open-source site free for law enforcement to use, the FamilyTreeDNA situation was the first time a commercial consumer genetic testing site provided services to police without a legal order.
Other major consumer DNA testing sites have published policies on how they handle law enforcement requests. 23andMe's policy states that they will closely scrutinize all law enforcement requests and only comply with court orders, subpoenas, search warrants, or other requests determined to be legally valid. They have also stated that to date they have not released any customer information to law enforcement, though privacy experts note that maintaining the privacy of sensitive data is becoming increasingly difficult.
Ancestry's privacy policy states they do not voluntarily share customer information with law enforcement and maintain a table of information on how they respond to different types of legal requests. According to privacy experts and bioethicists, genetic data may not remain private forever. These companies also have a history of sharing anonymized customer data with third parties. In 2018, 23andMe announced a partnership with pharmaceutical company GlaxoSmithKline to help develop new drugs. Dr. Arthur Caplan, head of the division of medical ethics at New York University School of Medicine, told TIME that he's not sure they really understood what the company meant when users consented to their information being used for medical research.
How Sequencing Differs When It Comes to Privacy
Never before has genetic testing been so accessible to the everyday consumer. DNA testing opens up your world to understanding your ancestry and determining your risk for conditions like cancer, heart disease, and Alzheimer's disease.
Sequencing operates to allow customers to use their data however they choose, which means no one but you will have access to your information. Sequencing prioritizes user privacy and security, putting the user first and foremost. Founder and CEO Dr. Brandon Colby, MD stated that due to Sequencing's extensive security protocols, the company has never had a single security breach.
Learn more about how your privacy is protected by exploring the different DNA analysis reports available through the Partner Marketplace at Sequencing, or read more about privacy and GEDmatch on our blog.