After California detectives used a popular online DNA database to track down a suspect in the decades-old Golden State Killer slayings, other police agencies quickly adopted the same technique.
Since that case was cracked last year, at least 50 other killings and rapes have been solved nationwide by using partial DNA matches to find suspects' relatives, whose identities can lead to arrests. But complaints about invasion of privacy have produced a backlash, leading the Florida-based database known as GEDmatch to change its policies.
The nonprofit website's previous practice was to permit police to use its database only to solve homicides and sexual assaults. But its operators granted a Utah police department an exception to find the assailant who choked unconscious a 71-year-old woman practicing the organ alone in church. The assailant's DNA profile led detectives to the great-uncle of a 17-year-old boy. The teen's DNA matched the attacker's, and he was arrested.
GEDmatch soon updated its policy to establish that law enforcement only gets matches from the DNA profiles of users who have given permission. That closed off more than a million profiles. More than 50,000 users agreed to share their information — a figure that the company says is growing.
The 95% reduction in GEDmatch profiles available to police will dramatically reduce the number of hits detectives get and make it more difficult to solve crimes, said David Foran, a forensics biology professor at Michigan State University.
"Law enforcement needs these big databases for the chance that someone might be in there," Foran said. "Now that they are requiring people to opt in, my guess is that database is going to become very small."
Site co-founder Curtis Rogers said the change was being discussed before the Utah case. He said users received emails about the May decision, encouraging them to opt-in to police searches.
"We strongly support law enforcement," Rogers wrote in an email. "The use of genetic genealogy for providing leads in violent crimes has been called the biggest crime-fighting breakthrough in decades. Its incredible success to date has been due almost entirely to the GEDmatch database."
Such websites are popular with people researching their family trees. They upload DNA profiles obtained from genetic testing companies. Then GEDmatch's computers compare the results and identify possible long-lost cousins, aunts and others. Adoptees have found their birth families.
Police use the databases in hopes of identifying the relative of a killer or rapist. They upload a profile taken from DNA left by a possible perpetrator. If they get a partial hit, they examine that person's relatives to find potential suspects. In a serial rape case, for example, detectives look for a male relative who lived near the attacks at the time. If they find someone, they surreptitiously obtain DNA samples from the suspect's trash or something he touched.
The American Civil Liberties Union and other critics say granting law enforcement exceptions that violate a website's policies is a slippery slope. They also believe broad genetic searches violate suspects' constitutional rights.
While many people instinctively support the technique if used to catch serial killers or rapists, they might feel differently about their DNA profiles being analyzed to pursue burglars and shoplifters. The ACLU wants Congress and state legislatures to impose restrictions.
A poll conducted last year by The Associated Press and the NORC Center for Public Affairs Research found that most Americans do not want law enforcement blindly searching genetic databases. Half of those polled said such data should be shared with law enforcement only with the consent of the person tested. Thirteen percent said law enforcement should not use that information at all. About 30% said it should be shared without consent.
Carol Dodge waited more than two decades before a suspect was arrested last month in the 1996 slaying of her 18-year-old daughter, Angie, in Idaho Falls, Idaho. Detectives identified him using GEDmatch. Dodge said the suspect, who police say confessed, was not on investigators' radar and would never have been identified otherwise.
"People who are opposed to this have never lost someone," Dodge said. "People who have a clean conscience shouldn't have a problem with it."
Detectives also used GEDmatch to solve the 1992 rape and slaying of Christy Mirack, a 25-year-old teacher who was killed in her Lancaster County, Pennsylvania, home. A suspect was arrested last June and pleaded guilty in January.
Her brother, Vince Mirack, is upset about the policy change and is working with others to reverse it.
"It seems the laws are made more for the criminals," he said.
The DNA database technique received national attention after the April 2018 arrest in the Golden State Killer case. The attacker broke into dozens of homes throughout California in the 1970s and 1980s, raping and often killing. Police uploaded a DNA profile to GEDmatch and identified a possible third cousin.
Detectives searched the cousin's family tree and discovered Joseph DeAngelo, a 73-year-old former police officer, who they say lived near attacks and matched the suspect's description. They obtained DeAngelo's DNA from his car door and a discarded tissue and say it matched the killer's. He is charged with 13 killings and has been linked to more than four dozen rapes.
Because of the acclaim DeAngelo's arrest received, other agencies soon used GEDmatch searches to solve their own cold homicide and rape cases. An alleged serial rapist who attacked Northern California women from 1991 to 2006 was arrested. So was a suspect in the 1986 rape and murder of a 12-year-old Tacoma, Washington, girl. The killer and rapist of an 8-year-old Fort Wayne, Indiana, girl in 1988 pleaded guilty. There are many more.
But those results have done little to assuage concerns about privacy.
"Blockbuster investigations, as gratifying as they are, shouldn't obscure the very real dangers of government access to sensitive information," ACLU attorney Vera Eidelman wrote.