Ancestory and other genealogy sites used by cops??

[garhkal]

As per the news yesterday, a crook who's been on the run for supposedly 30+ years, finally got caught, after the cops accessed the DNA registries on file with several "Family heritage/genealogy sites, such as Ancestory.com

Now in the past on some of the cop shows, they had similar going on, where they would (if checking via normal sources) check say the organ donation list (those registered), or the bone marrow lists.. Saying "Since you gave consent to use those organizations, then its public knowledge, or something to that effect".

Now, who here feels that Cops/FBI (or other LE) should be able to access the DNA on file with databases like that? Do you feel if they do so, those orgs should be required to inform those who use then "HEY our site will collect your DNA and keep it on file, and give it over to cops when asked for"??

[Mjölnir]

As per the news yesterday, a crook who's been on the run for supposedly 30+ years, finally got caught, after the cops accessed the DNA registries on file with several "Family heritage/genealogy sites, such as Ancestory.com

Now in the past on some of the cop shows, they had similar going on, where they would (if checking via normal sources) check say the organ donation list (those registered), or the bone marrow lists.. Saying "Since you gave consent to use those organizations, then its public knowledge, or something to that effect".

Now, who here feels that Cops/FBI (or other LE) should be able to access the DNA on file with databases like that? Do you feel if they do so, those orgs should be required to inform those who use then "HEY our site will collect your DNA and keep it on file, and give it over to cops when asked for"??

Family heritage / geneaology sites are not medical, therefore not protected under HIPPA guidlelines, so it is subject to a warrant, just like phone records, EasyPass data showing car travel etc., no issue with that at all. Also, if the company that is storing the DNA data reveals in whatever user agreement is signed by the customer, I have no issue with it ... catch is almost noone reads those things in their entirety.

The recent dustup about Facebook / Cambridge Analytica is an example of this ... If you actually read the Facebook user agreement ... Facebook users, by virtue of agreeing to the Facebook Terms of Service authorize Facebook to conduct data collection, aggregration and to sell portions of that data to third parties, but ... no one reads the rules before they start using it, then pitch fits when they didn't understand what they signed up for.

[Mjölnir]

As per the news yesterday, a crook who's been on the run for supposedly 30+ years, finally got caught, after the cops accessed the DNA registries on file with several "Family heritage/genealogy sites, such as Ancestory.com

Now in the past on some of the cop shows, they had similar going on, where they would (if checking via normal sources) check say the organ donation list (those registered), or the bone marrow lists.. Saying "Since you gave consent to use those organizations, then its public knowledge, or something to that effect".

Now, who here feels that Cops/FBI (or other LE) should be able to access the DNA on file with databases like that? Do you feel if they do so, those orgs should be required to inform those who use then "HEY our site will collect your DNA and keep it on file, and give it over to cops when asked for"??

Family heritage / geneaology sites are not medical, therefore not protected under HIPPA guidlelines, so it is subject to a warrant, just like phone records, EasyPass data showing car travel etc., no issue with that at all. Also, if the company that is storing the DNA data reveals in whatever user agreement is signed by the customer, I have no issue with it ... catch is almost noone reads those things in their entirety.

The recent dustup about Facebook / Cambridge Analytica is an example of this ... If you actually read the Facebook user agreement ... Facebook users, by virtue of agreeing to the Facebook Terms of Service authorize Facebook to conduct data collection, aggregration and to sell portions of that data to third parties, but ... no one reads the rules before they start using it, then pitch fits when they didn't understand what they signed up for.

[garhkal]

And if the user agreements FOR those geonoligy sites DID say "Oi we will collect your data, store it even after you might be done using our service, and present it to LE when asked for", and someone said "Go ahead", then that's on them. MY question, though IS DO they?? One of my comrades (gaming, not military) Used it, and after asking him, he doesn't remember seeing anything in his EUA about that.
Checking on Ancestry.com, i see NOTHING in the link that goes over "who can and cannot access your DNA", about LE being allowed..

[Mjölnir]

MY question, though IS DO they??

Do they have to?

An end user agreement must contain what the company intends to use it for, not every possible contingency (theft, compliance with law enforcement etc.) Legal searches by law enforcement are not the intent of ancestry.com, 24&me etc. but they could be required to comply with a legal warrant.

Bottom line: 9.999 times out of 10 a company is not looking out for the "best interests" of anyone / anything but their own profit margin. They aren't here to protect the consumer from their own bad / misinformed decisions; a company is always willing to help ... for a price.

[garhkal]

If they are taking our DNA then IMO Yes they should be required to let you know..
Which is one reason i never understood why cops can access MILITARY DNA registries, when BY constitutional law, they were created for the SOLE purpose of identifying DEAD servicemen..

[Mjölnir]

If they are taking our DNA then IMO Yes they should be required to let you know..
Which is one reason i never understood why cops can access MILITARY DNA registries, when BY constitutional law, they were created for the SOLE purpose of identifying DEAD servicemen..

A couple of points:

1. I think it is a bit unneccessary for them to say that the company intends to comply with the law.

2. While, yes ... they "take" the DNA, no one is compelled to use the services of ancestry.com, 23&me.com etc.

3. Military DNA registries, can be accessed via a search warrant, the same way that your pg2 or other DEERS information could be accessed ... not really different.

Ultimately, the ways that data bases like these are used by law enforcement isn't a surprise to people who have kept up with issues covering the 4th Amendment and actually read EULAs. We can always be more redundant in what is already stated, repackage notices, EULAs etc. but how do you pick what to highlight? The info is already there, sometimes buried but the user bears a responsibility to read the thing. We can bend over backwards to help them with what is already provided ... which falls into the realm of protecting people from their own lack of being informed.

[Bos Mutus]

A couple of points:

1. I think it is a bit unneccessary for them to say that the company intends to comply with the law.

2. While, yes ... they "take" the DNA, no one is compelled to use the services of ancestry.com, 23&me.com etc.

3. Military DNA registries, can be accessed via a search warrant, the same way that your pg2 or other DEERS information could be accessed ... not really different.

Ultimately, the ways that data bases like these are used by law enforcement isn't a surprise to people who have kept up with issues covering the 4th Amendment and actually read EULAs. We can always be more redundant in what is already stated, repackage notices, EULAs etc. but how do you pick what to highlight? The info is already there, sometimes buried but the user bears a responsibility to read the thing. We can bend over backwards to help them with what is already provided ... which falls into the realm of protecting people from their own lack of being informed.

The interesting thing about the California case, from my understanding, is that the suspect/cuprit never did use the service nor give his permission.

The cops had some DNA from the crime scenes and used it through the service to find identify some users that came out as related to him.

From there, they were able to trace it back to the guy himself. They then staked out his house and got some of his trash and performed a match with the crime-scene DNA they already had.

I'm not sure if his relatives gave any kind of release for their data to be used, but that's sort of the point of the service isn't it? Not for LE of course, but to identify family links.

[garhkal]

It sounds wonkey to me..

Almost reminds me of an ep of L&O, where they got the baddie, by badgering a blood donation facility to let them match a DNA test from a crime scene to see if it was one of their donors, then they used that as "Proof he's guilty".