NEW YORK (GenomeWeb) – Ancestry.com has decided to suspend access to a public database of genetic information after the resource was used by law enforcement authorities to identify a suspect in a decades-old murder case.
The move came after multiple media outlets reported this month that Ancestry.com had divulged the identity of a donor in the Sorenson Molecular Genealogy Foundation's database to the Idaho Falls Police Department.
Ancestry.com has maintained the database since it acquired SMGF's assets in 2012.
Though the suspect in the case was never arrested and was later cleared of any wrongdoing, various news and opinion websites reported erroneously that Ancestry.com had released the identity of the donor without a warrant, when in fact it released the name of the donor only after it was served with a warrant, as it is legally obligated to do. Nevertheless, the company decided to end access to the database because of its use in a law enforcement case, rather than genealogical purposes.
AncestryDNA, the consumer genomics wing of Ancestry.com, purchased the DNA assets from SMGF "to further its mission and support the intentions on which it was founded," the company said in a statement. "Unfortunately, it has come to our attention the site has been used for purposes other than that which it was intended, forcing us to cease operations of the site."
A company spokesperson confirmed that AncestryDNA shuttered the database last week, though did not elaborate on its reasons for doing so.
AncestryDNA said that while it doesn't plan to destroy the 100,000 DNA samples in the SMGF collection or the data connected with them, it also has no plans to make the service available in the future.
The roots of Ancestry.com's decision date back to this March, when The New Orleans Advocate published a story about Michael Usry, Jr., a 36-year-old filmmaker who became a suspect in the 1996 fatal stabbing of an 18-year-old Idaho Falls woman named Angie Dodge after the Idaho Falls Police Department found a partial match between DNA found in a semen sample at the crime scene and de-identified Y chromosome genotype results in the public SMGF database.
The newspaper reported that Ancestry.com was served last summer with a court order to release the identity of the donor — Usry's father, Michael Usry, Sr. — and the company complied. According to the article, Usry's father had submitted a sample to the SMGF through a project run by the Mormon church. While Usry, Sr., did not fit the profile of the murder suspect, circumstantial evidence led the police to his son. Idaho Falls police subsequently obtained a warrant, interrogated Usry, Jr., and collected a DNA sample from him, a sample that was later shown to not match the DNA collected from the crime scene.
After the article in The New Orleans Advocate appeared, another article published by The Electronic Frontier Foundation, based on the original report, suggested that Ancestry.com had run the crime scene DNA against the Sorenson collection, but provided the identity of a close match — including additional information associated with that match — all without a warrant or a court order.
While both assertions were false, it led to a host of other online stories referencing EFF's report and portraying ancestry testing as a potential risk to one's civil liberties.
AllGov, for instance, ran a summary of the story with the headline, "Ancestry.com's promise of privacy isn't real." And Nuviun, a blog devoted to "important issues in global digital health" ran a piece entitled, "Donor beware: ancestry DNA samples may be used against you."
An Ancestry.com spokesperson refuted this take on the company's cooperation with law enforcement authorities.
"The genetic information provided by our DNA customers is personal and we have strict standards in place to protect their identities and the integrity of their data," the spokesperson said. "On occasion when required by law to do so, we have cooperated with law enforcement and the courts to provide only the specific information requested but we don't comment on the specifics of cases."
The spokesperson also noted that, while the case in question relied on the public SMGF database and not AncestryDNA's private database of autosomal DNA testing results, the company does address the risk of a customer DNA sample being made available to law enforcement authorities in its privacy statement.
"AncestryDNA will not disclose any of your personal information to third parties except in very limited circumstances as may be required by law, regulatory authorities, or legal process," the company notes in the statement.
It's a standard that other consumer genomics companies also maintain. Bennett Greenspan, president of Family Tree DNA, said that while the Houston-based firm has not been contacted by police or any law enforcement agency in connection with a similar case, "as law-abiding citizens we will respond to any legal warrant."
Likewise, a 23andMe spokesperson underscored that the Mountain View, California-based company is committed to protecting its customers' information and ensuring its customers make informed choices about how that information is stored and shared.
"When a customer joins 23andMe they make the decision whether or not they want to have their saliva sample stored by our lab," the spokesperson said. "They can choose to have their saliva sample discarded at any time."
Customers can also choose to download or export their results, shut down their account, and have all of their personal information deleted from 23andMe's database and lab at anytime, the 23andMe spokesperson noted. "These choices allow individuals to comprehensively shield their DNA sample and personal information from law enforcement enquiries to 23andMe."
The company spokesperson added that the company treats law enforcement enquiries with the "utmost seriousness," and will only release customer information to law enforcement as the result of a valid subpoena or court order.
"At this time, we have not received a valid subpoena or court order requesting customer information and have not released customer information to law enforcement," the spokesperson said. "We are not able to speculate about unrealized future scenarios," he added. "In the event we are required by law to make a disclosure, we will notify the affected customer through the contact information provided to us in advance, unless doing so would violate the law or a court order."
According to Judy Russell, author of the blog The Legal Genealogist, Ancestry.com acted only as it was legally obligated to do.
"Only certain genealogically relevant markers put into a public database were accessible" to law enforcement authorities, Russell, who has a law degree, noted. "All other information, and all identifying information, was only available after the police obtained a search warrant from a judge," she said. "In this respect, the data is no different from bank account data, cell phone data, and a whole host of other information about our daily lives that is far more likely to tie an individual to a crime."
Russell also pointed out that every consumer genomics company informs clients that it may be required to disclose information in response to a court order. "This is better than your bank or cell phone company does: when was the last time your bank told you that every single one of your financial transactions would be disclosed to a law enforcement agent with a subpoena or a search warrant?" she asked.
According to Russell, one "major takeaway" for police departments is that the kind of information done for genealogy is designed to show how people are alike, while the kind of genetic testing done for police investigations is designed to show how people are unique.
"Plugging markers into public databases hoping for a match is generally going to be a waste, and police departments should be loathe to get into this except in the truly extraordinary cases where it is a very serious crime and the genetic evidence is exceptional," said Russell. Due to this, "I don't think everyday consumers need to be more concerned about this," she added. "Unless of course they have in fact committed a murder in the past."
While Ancestry.com acted as it was legally obligated to do in the case, Russell said that it still was a "public relations disaster" for the company which has emerged as a leader in the consumer genomics arena since it launched its autosomal testing service three years ago, noting the "numerous utterly inaccurate reports" that accused Ancestry.com of handing over its customers' DNA data without a court order with "headlines that were inflammatory at best."
It was the publishing of these inaccurate stories that led to Ancestry.com's decision to close the SMGF database, according to Russell.
"Since the Sorenson database has no profit potential for Ancestry ... taking it offline was the easiest way to ease the PR nightmare," Russell said. "So the only ones who've paid a price here are the genealogical community, which has lost a useful tool." In particular, she added, –"families that tested with Sorenson … now have no way of using the data they helped to create."
CeCe Moore, author of the blog Your Genetic Genealogist, had a similar opinion.
"I think that the misinformation that was spread by unethical and irresponsible journalism in this case led to a huge loss for the genetic genealogy community," Moore said. "AncestryDNA did nothing wrong and were forced to endure a public relations nightmare simply for following the law," she said.
Moore added that while she was "extremely disappointed" by Ancestry.com's decision, she said that she could not blame them for taking the SMGF's website down.
"There is simply no upside for AncestryDNA, as a commercial company, to continue to allow public access to that database and a huge potential downside, as evidenced by the recent media storm surrounding their involvement in this case," said Moore.