Thursday, 12 December 2019

Free uploads to MyHeritage and news of the MyHeritage 2020 conference

MyHeritage have announced that their conference will take place in Tel Aviv in October. I went to their conference this year in Amsterdam and had a fantastic time and will be looking forward to a trip to Israel. You can find further information about this conference in this blog post from MyHeritage.


In other news from MyHeritage they have a special offer on this week for free DNA uploads to their autosomal DNA database. If you have taken an autosomal DNA test at 23andMe, AncestryDNA, FamilyTreeDNA or Living DNA you can transfer your data to the MyHeritage database to find new genetic cousins. There are people in the MyHeritage database who have not tested elsewhere. MyHeritage now have over 3.5 million people in their database, and they have particularly good representation in non-English-speaking countries in Europe.

Anyone who uploads between now and 18th December will benefit from free access to all the advanced features which normally require a one-off payment. You can find further details in this blog post from MyHeritage.

Tuesday, 10 December 2019

GEDmatch has been acquired by the forensic genomics company Verogen

GEDmatch has been acquired by the forensic genomics company Verogen. The acquisition was announced today in a press release from Verogen.
SAN DIEGO, CA (December 9, 2019) — GEDmatch, a pioneer in consumer genealogy, today announced that it has joined with forensic genomics firm Verogen, Inc. in a move that allows the company to ensure ongoing privacy protections and enhance the customer experience for users of its website. 
“I am confident that we have found an ideal partner for GEDmatch,” said founder Curtis Rogers. “Verogen understands our philosophy and shares the vision of GEDmatch, which has always been about using science to connect people,” Rogers said. “Verogen is able to support our growth while staying true to our roots.” 
GEDmatch allows users to upload genetic profiles created by other genealogy sites in order to expand the search for familial links. GEDmatch’s database currently has more than 1.3 million customer profiles and is gaining as many as 1,000 new users every day. 
In the coming months, GEDmatch users will begin to see improvements to the website, such as an enhanced homepage that offers increased functionality, Verogen CEO Brett Williams said. Verogen will also bolster the GEDmatch platform, resulting in increased stability and optimal searchability. These back-end changes won’t disrupt the experience for users and, in fact, will make searching the database easier, Williams said. 
GEDmatch’s terms of service will not change, with respect to the use, purposes of processing, and disclosures of user data, Williams confirmed. The website gives users a choice to opt-in to allow law enforcement to search uploaded files as a tool to solve violent crimes. Among the successes of this technology is work by public safety officials who used GEDMatch to apprehend accused Golden State Killer Joseph DeAngelo, a notorious serial killer who terrorized California and evaded police for decades until his arrest in 2018. 
As many as 70 violent crimes have been solved as a result of genealogy searches. “Never before have we as a society had the opportunity to serve as a molecular eyewitness, enabling law enforcement to solve violent crimes efficiently and with certainty,” Williams said. 
“Still, our users have the absolute right to choose whether they want to share their information with law enforcement by opting in,” Williams said. “We are steadfast in our commitment to protecting users’ privacy and will fight any future attempts to access data of those who have not opted in.” 
Added Rogers: “Our number one priority is our customers. We are and always have been a genealogy site whose goal is to help people find answers they’re looking for about themselves and their families. As we grow, we want to enhance the customer experience by making the site more user-friendly and by ensuring data is protected. Verogen can help us do that.” 
Under terms of the deal, Rogers will retain a key role focused on the primary mission of GEDmatch, which is to provide tools to help amateur and professional researchers and genealogists. 
GEDmatch customers who have questions about the partnership or how their privacy is protected are encouraged to contact customer service at gedmatch@verogen.com
If you have an account on GEDmatch you will now see a notice when you log in to the website informing you of the need to sign up to the new Terms of Service and Privacy Policy which have been introduced "in view of recent events in the genealogical community".
The revised Terms of Service clarify that GEDmatch is now operated by Verogen "following the acquisition by Verogen of the GEDmatch website".


Some European Union users are being asked to fill in an extra consent form before they can access their one-to-many matches. However, despite being in the EU, I have not had to fill in this form. There is speculation that the form is only being shown to those who have e-mail addresses that can be readily identified as being from EU countries.


At the end of the new site policy you are given three options: to accept the new terms of service, to reject the policy and delete your kit or to decide later. You will not be able to enter the site unless you accept the new terms of service.
To see the differences between the old and new privacy policies at GEDmatch see this saved link from DiffChecker.

It will be interesting to see how this all plays out. With the investment from Verogen we are likely to see improved functionality at GEDmatch, a better user interface and improved security measures. However, Verogen will also need to recoup their costs. Will genealogists be put off from using a genealogy database that is owned by a forensics company? I've already seen lots of comments from genealogists on Twitter and Facebook who have indicated that they will now be deleting their kits from GEDmatch. Will Verogen be able to attract enough paying subscribers to the Tier 1 tools to make a profit? Will Verogen introduce new subscription features? Will they charge law enforcement agencies for access to the database? How will Verogen react if they are served with a subpoena or search warrant for access to kits which have not opted in?

GEDmatch is now one of three genetic genealogy databases that can be used by law enforcement agencies. Gene By Gene, the parent company of FamilyTreeDNA, has its own lab where it provides forensic testing. They allow law enforcement agencies access to their genetic genealogy databases but charge a substantial fee to cover the costs of registering the users and processing the paperwork. Controversially, FTDNA now automatically opt in all their customers to law enforcement matching regardless of where they live. Few people read through all the terms and conditions when signing up for a genealogy test and so they will not have given fully informed consent to have their data shared with law enforcement. EU customers were automatically opted out of law enforcement matching prior to March 2019, but customers in all other countries were opted in.

DNA Solves is a new website set up by David Mittelman of Othram. Mittelman was previously the Chief Scientific Officer at Gene by Gene. DNA Solves has not yet been officially launched but is intended as a law enforcement-only database. Few details are currently available about how the site will operate.

It remains to be seen how this will all work out. Time will tell.

Update 10 December 2019
Verogen have sent out the following e-mail to their customers.
To Our Valued Customers:

We are pleased to share news that has far-reaching benefits for our company, our customers, and our scientific and law enforcement partners. Today, Verogen announced its acquisition of GEDmatch, an online genetic genealogy service that has been central to law enforcement solving over 70 cold cases in the U.S.

What this means for you

On a day-to-day basis it is business as usual. Verogen will continue to provide NGS instrumentation, software, reagents and consumables to a global customer base for forensic and biometric based human identification. Meanwhile, we will bring significant technical and scientific resources to build a more expansive GEDmatch platform that will exhibit increased security and ease of use. In the coming months, we will engage you in a conversation about the future of genetic genealogy, and how Verogen will enable the operational forensic laboratory to participate in the exciting revolution.

For more information, you can read the full press release here. 

The Verogen story continues…

Verogen was spun out from Illumina in August 2017 and is the only company solely focused on providing NGS instrumentation, software, reagents and consumables for forensic and biometric based human identification.

Verogen is building an NGS-based forensic ecosystem that is focused on a single platform multi-application strategy with common workflows between the applications. We are developing a compact but powerful range of applications that work in combination to improve and extend forensic analysis of biological traces that will enhance your ability to obtain an individual’s identification.

Today we offer solutions that utilize genomic and mitochondrial DNA that address the most common challenges for casework and missing persons sample analysis. Soon, we will be rolling out new applications as part of our “single platform multi-application strategy” that will enhance and expand your ability to provide a comprehensive human ID.
Update 10th December 2019
The following message to GEDmatch users has been posted by Curtis Rogers. It is visible when you log into your GEDmatch. The full message can also be seen here: https://www.gedmatch.com/curt_msg.htm


Update 11 December 2019
There is now a new Facebook page for the new GEDmatch:

https://www.facebook.com/officialGEDmatch

Further reading

Wednesday, 6 November 2019

Search warrant granted for access to GEDmatch database

A troubling story has been published in the New York Times about a security breach at GEDmatch. Detective Michael Fields from the Orlando Police Department was able to obtain a search warrant which allowed him to over-ride the privacy settings of individual customers at GEDmatch and search for matches in the entire database rather than in the subset of the database which had opted in to law enforcement matching. Fields had previously been able to use GEDmatch in collaboration with Parabon Nanolabs to identify a suspect in the 2001 murder of Christine Franke. He was disappointed when GEDmatch changed their terms of service in May this year which resulted in all users being required to actively opt in to law enforcement matching. This change effectively reset the number of profiles available for law enforcement matching to zero, including many people who had transferred their results to GEDmatch specifically to help with law enforcement cases. Since then a steady trickle of people have opted back in to law enforcement matching but, according to the New York Times article, just 185,000 of GEDmatch's 1.3 million users have done so at the present time. The cold case which resulted in the search warrant relates to a serial rapist who assaulted a number of women several decades ago, though the full details have not been made public. The New York Times reports as follows:
In July, he [Fields] asked a judge in the Ninth Judicial Circuit Court of Florida to approve a warrant that would let him override the privacy settings of GEDmatch’s users and search the site’s full database of 1.2 million users. After Judge Patricia Strowbridge agreed, Detective Fields said in an interview, the site complied within 24 hours. He said that some leads had emerged, but that he had yet to make an arrest. He declined to share the warrant or say how it was worded. 
Detective Fields described his methods at the International Association of Chiefs of Police conference in Chicago last week. Logan Koepke, a policy analyst at Upturn, a nonprofit in Washington that studies how technology affects social issues, was in the audience. After the talk, “multiple other detectives and officers approached him asking for a copy of the warrant,” Mr. Koepke said.
It is difficult to comment on this case without having the full facts available. As this is an active investigation it is not possible to get a copy of the search warrant to find out why the police thought it necessary to over-ride the consents and we don't know the grounds on which the judge granted the warrant. GEDmatch could potentially have resisted the warrant but they are unlikely to have the resources to fight a lengthy legal battle. They are also likely to be sworn to confidentiality so they would not be able to discuss the case and would not have been in a position to warn their users. But if GEDmatch were sworn to confidentiality I wonder why Detective Fields was boasting about his actions at a police conference.

However, the use of a search warrant in this case does provide cause for concern as it potentially sets a precedent. What is to stop the police issuing search warrants to search for matches at the other testing companies? Would these companies be able to defy the warrant and refuse access? It is also troubling from an international perspective. An American judge has made a unilateral decision which affects the privacy and rights of all of GEDmatch's many international users who do not have any legal or governmental representation in the US. Granting access to the opted out profiles of international customers is not only a disproportionate measure, as their family trees are much less likely to be used to solve the crime, but it is also a gross over-reach by the judge who has passed a judgement which affects individuals who live in countries which are outside her jurisdiction.

If you think you might have been affected I suggest that you write to the Orlando Police Department to find out if your name is included in the match lists they are using. If you are an EU citizen you should be protected by the General Data Protection Regulation (GDPR) and you will have the right to have your information removed. If the police refuse to do so you should complain to your data protection regulator in the EU. If you are in the UK you should write to the Information Commissioner's Office. If you are in Ireland you should write to the Data Protection Commission. The ICO have a handy template on their website which you can use if you wish to submit a complaint. I have now written to the Orlando Police Department and I await their response with interest.

If you feel strongly about this judgement you might also like to write to Judge Patricia Strowbridge. She can be contacted via her judicial assistant. I have sent her an e-mail because I think it's important that she understands the international implications of her decision though I am not expecting a response.

Update 7th  November 2019
I have received the following response from Judge Strowbridge's office:

"Judge Strowbridge’s office is in receipt of the email you sent yesterday, November 6, 2019. Unfortunately, the Florida Code of Judicial Conduct strictly prohibits judges from commenting on any pending cases. As such, Judge Strowbridge is unable to respond to your email."

Update 13th November 2019
Someone was able to get a redacted version of the GEDmatch search warrant and they've shared it on Twitter. You can access it here:

https://twitter.com/rot13x2/status/1194325134653435904

I will comment on this in due course.

Further reading
Related blog posts

Sunday, 3 November 2019

Genotype extraction and false relative attacks: potential security risks at third-party genetic genealogy sites

Hot on the heels of a paper published the other week by Michael "Doc" Edge and Graham Coop on the possibility of attacks on genetic privacy via uploads to genealogy databases comes another paper by an independent team of researchers warning of another potential security risk.

The latest paper is written by Peter Ney, Luis Ceze and Tadayoshi Kohno, three researchers at the Paul G. Allen School of Computer Science & Engineering at the University of Washington. They caution about the risks of genotype theft and falsified genetic relations in the GEDmatch database.

I do not feel qualified to comment on the security risks they have identified so I will provide some links and let you make your own judgement.

The authors have provided some FAQs which provide a good starting point:

https://dnasec.cs.washington.edu/genetic-genealogy/

If you want read the full paper you can find it here:

The possible implications are also discussed in this article by Antonio Regalado in MIT Technology Review:


See also this report in the University of Washington News:


GEDmatch were given advance notice of the publication of the paper to allow them time to implement any necessary fixes. I understand that GEDmatch currently have measures in place that would thwart the method described in this paper but, understandably, they are not sharing the specifics. Further measures are also being investigated.

Note that this loophole affects GEDmatch only. The method won't work at AncestryDNA, 23andMe, FamilyTreeDNA, MyHeritage and Living DNA.

Update 4th November 2019
This research was also covered in New Scientist. You need a subscription to access the full article but here are some quotes from the end of the article:
"The study identifies a “clear risk” to the GEDmatch database, according to Graham Coop at the University of California, Davis, who wasn’t involved in the work. “I do worry that [GEDmatch are] not taking these concerns seriously enough. They have over a million people’s genetic data and they have placed these data at risk, which is incredibly concerning.” 
The risks could be easily solved by limiting genetic data uploads to DNA test results that are authenticated or digitally signed, says Ney. Better checks on uploads to detect anomalies, and restrictions on one-to-one comparison searches would help too, he says. His team alerted GEDmatch to the vulnerabilities before publishing and took measures to avoid exposing anyone’s identity. 
Curtis Rogers at GEDmatch says: “We are concerned about security and appreciate they have pointed out vulnerabilities.” He says the site has made several changes to address the vulnerability and is working on others, but didn’t specify what measures.
The article can be found here:

 https://www.newscientist.com/article/2221972-privacy-attack-on-dna-website-reveals-93-per-cent-of-a-persons-data/