Advertisement

False starts in search for Golden State Killer reveal the pitfalls of DNA testing

Share via

Four decades into the hunt for the Golden State Killer, investigators thought they finally had a break.

By comparing DNA found at the crime scene against genealogy websites, they homed in on a 73-year-old man in an Oregon nursing home. The man had a rare genetic mutation found in only 2.3% of Caucasians in the database. They suspected he could be the killer or the killer’s relative.

Early last year, a judge in Clackamas County gave authorities permission to obtain his DNA — by force if necessary.

Advertisement

He was one of two men whose DNA piqued the interest of investigators, but were ruled out as suspects.

The failed leads were overshadowed by last week’s capture of the suspected Golden State Killer, Joseph James DeAngelo Jr., in a Sacramento suburb — an arrest that also hinged on the innovative tactic of comparing crime scene DNA with genealogy site data.

Prosecutors are sure they have the killer, but their earlier probe into the Oregon man illustrates the potential pitfalls of a strategy that relies on a fishing expedition to identify potential suspects in a sea of genetic data. By casting such a wide net, authorities risk compromising the privacy of anyone whose genetic data appears online, along with their relatives, experts say.

Advertisement

“Now everybody is under suspicion until we find the person who did it,” said New York University Professor Erin Murphy, who has written extensively on the legal perils of DNA testing.

The rise of big data, whether it’s publicly searchable DNA databases or records from cellphone towers, has inverted traditional investigative tactics. Previously, law enforcement relied on evidence to build a case around an individual, then sought a warrant from a judge to confirm those suspicions. Modern tactics, enabled by technology, allow law enforcement to trawl a wider — and more indiscriminate — pool before narrowing in on a specific individual.

“This is a really good example of how broad this kind of genetic searching can be when totally unregulated…. It’s just chance that there was a match at all, and really very little support for that match leading to the suspect,” Murphy later wrote in an email.

Advertisement

In a 19-page warrant signed in April 2017, investigators outlined the lengths they’d gone to track down the man suspected of at least 12 slayings, 46 rapes and more than 120 residential burglaries from 1974 to 1986 in California and why they were focusing on a man in Oregon.

The warrant cited the Oregon man’s age and physical characteristics as potential links to the Golden State Killer. But the document mostly leaned on websites that allow genealogy enthusiasts to upload the results of DNA tests and compare their findings in a search for distant relatives.

Their confidence hinged on a rare trait in the killer’s DNA that matched records uploaded to Ysearch.org, an amateur genealogy service with 189,016 genetic profiles, according to the warrant.

One of those profiles was the Oregon man’s daughter. The site outlined a family history dating back to 1842 and, according to the warrant, steered them toward other genealogy sites that led them to the 73-year-old Oregon City man.

“This is the closest match ever seen,” the warrant reads.

“We thought it was worth going to take his DNA and to talk to him,” said forensic criminologist Paul Holes, who spent years on the Golden State Killer investigation and is credited with using genealogy websites to pinpoint DeAngelo.

A judge signed off on investigators taking a swab of the inside of the Oregon man’s mouth. (The Times is not naming the man or his family because he’s never been suspected of a crime. He and his daughter didn’t respond to repeated requests for comment.)

Advertisement

The man provided a DNA sample voluntarily after authorities explained why they wanted it, so the warrant proved unnecessary.

The test results quickly ruled him out.

“It was a very weak connection,” Holes said.

A second person was also tested sometime in the last six to eight weeks, Holes said. That person, a man with ties to California, also fit the criminal profile.

So too does DeAngelo, prosecutors say. In his case, authorities zeroed in after locating a distant relative among GEDmatch.com’s 850,000 genetic profiles. Investigators traced his family tree and surveilled him. They watched him discard his DNA in a public place, allowing them to obtain a sample.

DNA can be obtained from gum, a used cup, skin cells or fallen hair. Officials have not revealed what type of DNA sample they obtained from DeAngelo or how they got it — only that it matches the genetic evidence left behind after at least three rapes in Northern California and three killings in Orange County.

A similar strategy is now being mirrored by other agencies, including the Vallejo Police Department, which is reportedly comparing DNA from the Zodiac Killer case to public databases in hopes of finding a relative that can point them to the perpetrator.

Advertisement

The tactic could prove revelatory in cold case investigations, but invasive for those pulled into the DNA dragnet. When a person uploads his genealogical profile, he’s surrendering not only his privacy, but that of his extended family.

Yaniv Erlich, the chief science officer of MyHeritage.com and an assistant professor at Columbia University, recently created from open source genealogy data a 13-million-person family tree. Shared DNA extends to distant relations — meaning “we are able to identify many more individuals in the population,” he said.

“You are a beacon who illuminates 300 people around you,” Erlich said.

At question is whether an individual should have a say in whether his or her privacy is compromised by a relative seeking a long-lost cousin.

“It’s not just my relative whose privacy is at stake, it’s my privacy because we share those genes,” said Murphy, the NYU professor.

“I have not knowingly exposed my DNA to the public.”

The rise of genealogy websites has given law enforcement access to heaps of genetic data otherwise inaccessible.

For decades, law enforcement agencies have gathered DNA from individuals who have been arrested — contributing to a federal database that has approximately 16 million profiles. Though sites like Ysearch.org and GEDmatch are far smaller, they provide a back door into the genome of the law-abiding public.

Advertisement

The goal of the federal database is to find exact matches or close relatives, shaping the type of genetic data it holds. Some consumer databases store DNA with the goal of linking distant relatives and revealing hereditary traits, allowing law enforcement to more easily trace a family tree.

In some ways, those in the federal database have more privacy protections than those whose relatives have uploaded information to genealogy sites.

Authorities can run a sample found at a crime scene against the federal database only once per year. They can run that same sample against genealogy sites as frequently as they wish.

Some states limit familial searches on the federal database.

DNA is not the only investigative tool being reinvented by technology, nor is it the only one raising privacy concerns.

Investigators have grown increasingly reliant on cellphone data to place a suspect at the scene of a crime.

A pending Supreme Court case could rein in their ability to cast such a wide net without a warrant. The case of Carpenter vs. U.S. concerns police use of celltower data, which can reveal the approximate location of any cellphone user — not just a criminal suspect.

Advertisement

The case, expected to be decided by June, could set the stage for more legal challenges and have huge consequences for how police plumb data held by third parties, whether they are genealogy sites or phone companies.

“If law enforcement wants to get access to either set of data, the only protections we have are the company’s policies and the basic protections of the 4th Amendment” against unlawful search and seizure, said ACLU staff attorney Nate Wessler, who argued the case before the court.

Leading commercial genealogy sites such as Ancestry.com and 23andme say they require a court order to hand over user information. But sites such as Ysearch.org and GEDmatch, where users voluntarily share their genetic profiles, are searchable by anyone with an internet connection.

Privacy advocates applaud the combination of DNA-savvy and classic police work that led investigators to DeAngelo. Their concerns are that innocent people will be roped into investigations when law enforcement leans too heavily on DNA alone.

Several years ago, investigators in Idaho used similar methods in an attempt to find a new suspect in the 1996 killing of Angie Dodge. They focused on a New Orleans filmmaker whose DNA showed similarities to the genetic profile found at the crime scene. He was later cleared.

On Thursday, DeAngelo appeared in a Sacramento County courtroom, shackled to a wheelchair.

Prosecutors were pressing the judge to obtain more DNA from the 72-year-old former police officer, along with fingerprints and photographs of his body.

Advertisement

DeAngelo’s defense argued that law enforcement must go through the court and follow discovery rules to collect such evidence — otherwise it infringes on his rights.

“The government’s right to unfettered investigation is substantially curtailed by constitutional concerns which attend the right to a fair trial and a right to counsel,” defense attorney Diane Howard argued in a filing.

The judge sided with prosecutors.

    benjamin.oreskes@latimes.com

    joseph.serna@latimes.com

    richard.winton@latimes.com

    Advertisement