Select Page

Why its implications are unclear

The genetic genealogy community has been in a tizzy since the disclosure by the New York Times on Tuesday that a Florida judge had issued a search warrant for the GEDmatch DNA database.

That warrant — disclosed by a police officer involved in the investigation at a law enforcement conference — overrode the privacy settings of GEDmatch users and opened information to police scrutiny even if the users had chosen not to allow police access to the data.1


The Legal Genealogist would love to be able to help folks understand just what this means for privacy for DNA data created for genealogical purposes, but there are just a few problems — and a quick Q&A will show just what they are.

Q. What crime was committed that gave rise to this investigation?
A. We don’t know.

Q. When did the crime occur?
A. We don’t know.

Q. What traditional police methods were used before turning to the private data of people who tested solely for genealogical research?
A. We don’t know.

Q. Had the police accessed the GEDmatch database before its users were allowed to choose whether to opt in or opt out?
A. We don’t know.

Q. What was the basis for the warrant issued by the Florida judge?
A. We don’t know.

Q. What facts were given to the judge to decide whether to issue the warrant?
A. We don’t know.

Q. Was the judge aware of the privacy settings of the users impacted?
A. We don’t know.

Q. Was the warrant specific, asking for information as to specific users? Or general, asking for access to all kits no matter what?
A. We don’t know.

Q. What exactly did the warrant require GEDmatch to disclose to the police?
A. We don’t know.

Q. Did the warrant extend to research kits, or only to kits that were public but opted out of police access?
A. We don’t know. (There was a hearsay report on a private mail list that research kits were not included, but no official confirmation by GEDmatch.2)

Q. How many opted-out kits were exposed as a result of the warrant?
A. We don’t know.

Q. Did GEDmatch make any effort to resist the scope of the warrant?
A. We don’t know for sure, but two facts suggest that it didn’t. First, the GEDmatch operators are very much in favor of police use of their database and have actively encouraged their users to allow it. Second, the police officer said the site complied with the warrant within 24 hours.

Q. Is this going to set a precedent, to open up all genealogical test data whenever one judge in one county of one state says so?
A. We don’t know. We know the police want access to all genealogical data — the detective who got the Florida warrant was chomping at the bit to get a chance to access the larger databases like Ancestry and 23andMe. But while GEDmatch data is clearly at risk because the site operators approve of police use of their customer data, and Family Tree DNA data likely at risk for the same reason, other testing platforms have clearly stated they will fight efforts to access their data. A public statement from Ancestry shortly after the Times article pledges to resist if possible: “Not only will we not share customer information with law enforcement unless compelled to by valid legal process, such as a court order or search warrant, we will also always advocate for our customers’ privacy and seek to narrow the scope of any compelled disclosure, or even eliminate it entirely.”3 MyHeritage’s chief executive officer Gilad Japhet has long taken the position that his company would: “…resist to the best of our ability. That means that anything that we can legally challenge or contest, we’ll do so to the max until we prevail or are forced by court to comply.”4 And the Times article quoted a spokesman for 23andMe, Christine Pai, as saying, “We never share customer data with law enforcement unless we receive a legally valid request such as a search warrant or written court order. Upon receipt of an inquiry from law enforcement, we use all practical legal measures to challenge such requests in order to protect our customers’ privacy.”5

So… until more information comes out… the reality is, we just don’t know.

We do know that the Fourth Amendment to the Constitution protects against unreasonable searches and seizures. That language is generally interpreted to mean that a court can issue a search warrant only when the police show probable cause to believe that evidence specific to a crime can be found in a specific location. Police are not allowed to fish for evidence — they can’t, for example, ask for a warrant to search every home in a town for evidence of a crime committed in that town. They have to show a specific reason why this home is likely to have evidence about that crime.

If the warrant application said “we already saw data about persons A and B, who have a relationship to C, our bad guy, and we want to see opted-out matches to A and B who also match C,” the warrant may well be within the proper scope of the Fourth Amendment. If the warrant application said “we already saw data about persons A and B, and we want to see all of A’s and B’s matches,” it may be stretching the limits of what’s allowed. And if the warrant application said “somebody in the database may possibly be related to C, our bad guy, so open the gates,” then the warrant likely was broader than the Constitution allows — and should have been challenged.

But we just don’t know… not yet.

Cite/link to this post: Judy G. Russell, “About that warrant…,” The Legal Genealogist ( : posted 10 Nov 2019).


  1. See Kashmir Hill and Heather Murphy, “Your DNA Profile is Private? A Florida Judge Just Said Otherwise,” The New York Times, posted 5 Nov 2019 ( : accessed 10 Nov 2019).
  2. Because the hearsay was reported on a private mail list, I am not comfortable citing to it, identifying the poster or quoting the post.
  3. Eric Heath, “Your Privacy is our Top Priority,” Ancestry Blog, posted 8 Nov 2019 ( : accessed 10 Nov 2019).
  4. Gilad Japhet, email, 4 Feb 2019.
  5. Hill and Murphy, “Your DNA Profile is Private? A Florida Judge Just Said Otherwise,” The New York Times.
Print Friendly, PDF & Email