Staff Columnist

DNA is the next frontier in personal privacy

Iowa investigators used genealogy database in cold case murder


A technological revolution is taking place, almost unnoticed.

Cedar Rapids police used DNA analysis to bring charges last year in a nearly 40-year-old murder case. Jerry Burns of Manchester was charged in the 1979 murder of Michelle Martinko after police compared DNA found at the scene to a public DNA database to identify a distant cousins of the suspect, according to a recently released search warrant affidavit.

Investigators collected DNA samples from other members of the same family to narrow down the search to Burns and his two brothers, as Gazette journalist Trish Mehaffey reported last week. They then surveilled all three brothers and covertly gathered DNA samples.

Last October, an officer reportedly saw Burns use a drinking straw at a restaurant and collected the article after Burns left. In December, he was arrested and charged with third-degree murder.

The Martinko killing is only one of the cold case investigations assisted through a powerful strategy of matching genetic evidence with huge consumer DNA databases. Genetic analysis is not new, but the rise of do-it-yourself DNA testing for amateur genealogical research has made many millions of unique profiles available to investigators.

Cedar Rapids police used the same genomics vendor, Florida-based GEDmatch, as California authorities used to identify a suspect last year in the notorious Golden State Killer case of the 1970s and ’80s. Investigators reportedly used the database to identify possible suspects, and then tested DNA from a personal item found in the garbage of James DeAngelo, the man they arrested and charged.

No doubt, these cases represent a commendable application of this technology. If the suspects are proved guilty, no reasonable person will object to the way they were identified.

But you can be sure catching rapists and murders will not be the final frontier. The privacy concerns presented by the advent of mass DNA collection demand thoughtful consideration.


Much of the data police investigators use is available to the public, and in other cases, companies have voluntarily complied with search requests. Customers technically agree to share their personal data when they submit their materials for processing, but many probably don’t understand what they’re signing up for.

For all the hand-wringing we do about the security of our emails and Facebook messages, Americans are surprisingly cavalier about offering up our most personal information, the code that literally makes us who we are. But since it’s all voluntary to this point, it’s being adopted as a law enforcement tool with almost no special regulation or oversight.

The home test company Family Tree DNA changed its terms of service late last year to make customers aware its database could be used by law enforcement to identify suspects of violent crimes, but only after the company had worked with the FBI on several investigations, BuzzFeed News reported in January. The company also has tested DNA evidence for the government in its own lab.

A paper published last year in the Public Library of Science’s Biology journal presented survey data about the use of DNA by law enforcement. More than 90 percent of respondents said agencies should be allowed to search genealogical databases for evidence about violent crimes and missing people. A minority, 46 percent, said the tools should be used for nonviolent crimes.

So serial killers are acceptable targets for advanced DNA analysis. But there is little to stop government entities from using this data for other purposes, such as investigating drug users, immigrants or hate-speech suspects.

Besides law enforcement, there are huge ramifications for the health care industry.

Another DNA test kit provider, 23andMe, recently announced a partnership with top pharmaceutical company GlaxoSmithKline to develop new medicines with the help of about 5 million user entries customers have submitted to 23andMe.

The potential benefits are enormous, but so are the risks.

Combining genetic data with the other information corporations have about us — from our consumer habits and social media profiles, for example — could offer enormous power to predict individual outcomes. Some health insurance companies reportedly are piloting the use of DNA testing to calculate risk scores.

With that analysis, some companies might someday be tempted to charge higher rates or deny business to people who they deem too risky. Again, most consumers probably don’t consider that possibility when they’re doing family tree research.


Even if corporations and governments can devise effective safeguards against abusive use of data, there are no assurances about what data thieves might do. Any data that exists anywhere is at risk of being compromised, especially when tools are specifically designed to be shared between users.

Perhaps these concerns seem overly paranoid. After all, only a small portion of Americans have logged their genetic data with genomics companies. And so far, it’s being used only to track down heinous criminals.

But once you put your DNA in the database, remember, you can’t get it back. Scrutinize the risks before you swab your cheek.

• Comments: (319) 339-3156;

Give us feedback

We value your trust and work hard to provide fair, accurate coverage. If you have found an error or omission in our reporting, tell us here.

Or if you have a story idea we should look into? Tell us here.

Give us feedback

We value your trust and work hard to provide fair, accurate coverage. If you have found an error or omission in our reporting, tell us here.

Or if you have a story idea we should look into? Tell us here.