In 1994 Congress passed the DNA Identification Act as part of the Violent Crime Control and Law Enforcement Act (P.L. 103-322). The law called for the establishment of a forensic laboratory under the authority of the FBI with the capability to analyze DNA for identification purposes. In addition, it authorized the FBI to establish and maintain the CODIS software system, which would allow the sharing of DNA profiles uploaded at local, state, and federal levels.
By June 1998 all 50 states had authorized criminal DNA databases, and by 2004 all 50 state databases were connected through CODIS. The FBI officially launched CODIS on October 13, 1998, three years after England and Wales introduced their national forensic DNA databases (see chapter 9).
CODIS contains separate indexes of DNA profiles generated from four different sources: known persons convicted of crimes (the Convicted Offender Index); DNA samples whose source is unknown and that were recovered from crime scenes (the Forensic Index); DNA samples recovered from unidentified persons who may have been killed in a natural hazard or through criminal activity (the Unidentified Human Remains Index); and DNA samples voluntarily contributed by relatives of missing persons (the Relatives of Missing Persons Index). In this last case, if the remains of someone are found, his or her DNA profile can be submitted to the Relatives of Missing Persons Index in the hope that his or her identity can be ascertained because close relatives share similar DNA alleles. CODIS also includes a population file of anonymous contributors, whose DNA is used to determine the frequency of alleles in the short tandem repeats that are found in the general population or in racial and ethnic subpopulations.
The DNA Identification Act contained a set of privacy provisions applying to federal law-enforcement agencies regarding who has access to the DNA profile information. According to the act, the results of the DNA tests performed for law-enforcement purposes can be disclosed under only three conditions: to criminal justice agencies for law-enforcement identification purposes; in judicial proceedings; and for criminal defense purposes. In the last case defendants can have access to the information for exculpatory purposes. There is also a provision in the act for research on forensic DNA population databases to develop protocols and for quality-control purposes if personally identifiable information is removed.
Once CODIS was under way, state laws began to individuate their criteria for including DNA profiles in their data banks. Those criteria range from sex offenders to all convicted felons, and more recently to those convicted of white-collar crimes, juvenile offenders who are not legally considered felons, and arrestees, whether or not they are convicted. In 2001 the FBI’s official recommendation to the states was that they include “all felony offenders and misdemeanor sex offenders within the scope of their database laws.”4
Although states are allowed to set their own laws governing DNA collection, federal law determines the categories of DNA profiles that can be uploaded to the shared database system. In addition, each state has an FBI-approved laboratory that serves as the master site for all local and county laboratories that generate DNA profiles. All State and Local DNA Index Systems (SDIS and LDIS, respectively) are connected through the National DNA Index System (NDIS) (see figure 2.1). The NDIS is a system of DNA profile records compiled by criminal justice agencies (including federal, state, and local law enforcement agencies). CODIS is the automated DNA information processing and telecommunication system that supports NDIS. Sometimes CODIS is used interchangeably with NDIS.
The FBI also sets the standards that states must follow to upload DNA profiles and to run searches against the NDIS. For a state to upload a DNA profile to NDIS, it must contain at least 10 out of 13 loci. If DNA collected from a crime scene is too badly degraded or if mixtures are too complex to extract 10 readable loci, the NDIS will not accept the profile.
Anticipating a law establishing a national forensic DNA system, in 1991 the FBI issued Legislative Guidelines for DNA Databases as guidance to the states for developing their statutes.5 The guidelines included some limited privacy and civil liberties considerations. For example, the FBI recommended that only DNA records that relate to the identification of individuals, not records about physical characteristics, traits, or predispositions for diseases, should be collected. Personal information stored in the state DNA database, according to the guidelines, should be limited to the data necessary to generate investigative leads and to support a statistical interpretation of any test results. Finally, the guidelines recommended that access to the state DNA database system should be limited to duly constituted federal, state, and local law-enforcement agencies through their forensic laboratories.6
FIGURE 2.1. Three tiers of networks forming CODIS. The four-level structure of the National DNA Index System, federal, state, county, and local police agencies, illustrated by four states. SDIS = State DNA Index System; LDIS = Local DNA Index System. Source: Authors.
Currently the DNA profiles stored in the NDIS contain a specimen identifier, the sponsoring laboratory’s identifier, the initials or names of the DNA personnel associated with the analysis, and the actual DNA profile characteristics. The NDIS does not store criminal history information, case-related information, Social Security numbers, or dates of birth. No personal identifying information other than a specimen identification number is stored in the NDIS. If a match (or association) is identified and later confirmed, a public forensic laboratory must initiate contact with other laboratories involved in the match in order to obtain the name of the offender.7 Unauthorized disclosure of DNA information is subject to criminal penalties not to exceed a fine of $250,000 or imprisonment for up to one year.
John Butler describes the operational function of the national forensic DNA network as follows:
When CODIS identifies a potential match, the laboratories responsible for the matching profiles are notified and they contact each other to validate or refuse the match. . . . After the match has been confirmed by qualified DNA analysis, which often involves retesting of the matching convicted offender DNA sample, laboratories may exchange additional information, such as names and phone numbers of criminal investigators and case details. If a match is obtained with the Convicted Offender Index, the identity and the location of the convicted offender is determined and an arrest warrant is procured.8
Federal Expansion of DNA Collection
Federal law stipulates which DNA profiles processed at state and local levels can be uploaded to CODIS. It also determines the categories of individuals from whom DNA can be collected and retained by federal authorities and uploaded to the NDIS (“qualifying Federal offenses”). As explained earlier, CODIS was initially limited to persons convicted of serious, violent crimes (namely, murder and felony sex offenses). Similarly, states only uploaded to CODIS DNA profiles taken from this narrow category of offenders, on the basis of guidelines issued by the FBI, which recommended that “states include all felony offenders and misdemeanor sex offenders within the scope of their database laws.”9
Since CODIS was established in 1994, the federal law has been significantly expanded through the passage of three pieces of legislation (see table 2.1). First, the federal collection program was initiated through the passage of the DNA Analysis Backlog Elimination Act of 2000. This law required that DNA samples be collected from individuals in custody and those on probation, parole, or supervised release after being convicted of a “qualifying Federal offense.”10 Qualifying Federal offenses were limited to violent crimes and included murder, sexual abuse, peonage or slavery, kidnapping, and offenses related to robbery or burglary. Although the federal collection program was limited to violent crimes, it allowed for the collection of DNA from those who had already served their sentences but were still in the system by way of being on probation or parole. The 2000 act also spoke to the conditions state law-enforcement authorities must meet in order to upload a DNA profile to CODIS. Specifically, DNA profiles could be submitted to CODIS when they were “taken from individuals convicted of a qualifying state offense.�
�11 So while federal authorities continued to collect DNA only from those convicted of serious, violent crimes, states were given the go ahead to authorize the collection and uploading to CODIS of other categories of convicted individuals.
TABLE 2.1 U.S. Legislative Authority for the Expansion of the DNA Data Banks
On October 3, 2004, President George W. Bush signed into law the Justice for All Act. Although the main purpose of this law was to provide funding to help states eliminate a substantial backlog of DNA samples collected from crime scenes and offenders, the law also significantly expanded CODIS. “Qualifying Federal offenses” were expanded to allow for the DNA testing of all persons convicted of a felony offense. In addition, the act allowed states to upload to CODIS the DNA profiles of “persons convicted of crimes” or “persons charged in an indictment or information with a crime,” as well as “other persons whose DNA samples are collected under applicable legal authorities, provided that DNA profiles from arrestees who have not been charged in an indictment or information with a crime, and DNA samples that are voluntarily submitted solely for elimination purposes shall not be included in the National DNA Index System.”12
By November 2005 CODIS contained 124,200 forensic profiles and 2.8 million offender profiles. On that date, according to the FBI’s own account, CODIS had produced 27,700 matches and assisted 29,600 investigations.13
On January 5, 2006, President George W. Bush signed into law the Violence Against Women and Department of Justice Reauthorization Act of 2005. Attached to this broadly popular budgetary reauthorization was the DNA Fingerprint Act of 2005. With only 99 lines of text, this amendment, introduced initially by Senator Jon Kyl (R-AZ), marked a quantum leap in the power of police to collect DNA. The act authorized the U.S. attorney general to direct federal agencies to collect DNA from “individuals who are arrested or from non-U.S. persons who are detained under the authority of the United States.”14 In addition, the law allowed states to upload DNA profiles to CODIS from anyone whose DNA samples were collected under applicable legal authorities, so long as they were not voluntarily submitted. Therefore, it removed the requirement that prohibited the uploading of DNA profiles from arrestees who had not been charged. This change opened the floodgates for the states to submit names to CODIS of arrestees or detainees even if they were not charged with a crime. There is an expungement provision in the law that allows people who are arrested or detained but not charged or convicted to have their profiles removed from CODIS. Expungement is not automatic, however, and occurs only where the director of the FBI receives a certified copy of a final court order establishing that the charges were dismissed or resulted in acquittal. Therefore, the burden is on the individual arrested to request removal of his or her DNA from the system. Individuals who were convicted of a crime and later had their conviction overturned can also request that their DNA profiles be removed. Despite proper authorization, if the FBI fails to remove a profile, a subsequent cold match to it has been accepted in the courts so long as the FBI’s failure to remove it was unintentional.
On December 10, 2008, the U.S. Department of Justice (DOJ) issued a final rule to implement the DNA Fingerprint Act of 2005.15 The DOJ interpreted Congress’s loosely framed mandate in the broadest way possible. Under the final rule, any federal agency with authority to take fingerprints ostensibly was given comparable authority to collect DNA. The proposed rule states quite unambiguously: “Agencies of the United States that arrest or detain individuals or supervise individuals facing charges will be required to collect DNA samples, if they collect fingerprints from individuals, subject to any limitations or exceptions the Attorney General may approve.”16 In addition, the regulation appears to allow the forcible taking of DNA even from those arrested for misdemeanors, such as trespassing on federal land during a demonstration.
The DOJ laid out a three-part justification for its broad interpretation of the law. First, by collecting DNA samples at the time of arrest or at some other early stage in the criminal justice process, the DOJ stated, it can deter subsequent criminal behavior. This deterrence function could be lost if law enforcement waits for conviction to collect DNA.17 Second, the expanded database of arrestees “may show that the arrestee’s DNA matches DNA in crime scene evidence” in crimes for which they were not arrested.18 Third, the DNA sample may provide “an alternative means of directly ascertaining or verifying an arrestee’s identity, where fingerprint records are unavailable, incomplete or inconclusive.”19 This so-called triple benefit, namely, criminal deterrence, crime solving, and true identity, provided the DOJ its justification for broadening the reach of federal authorities into the privacy of individuals who were not convicted of a felony crime.
The 2008 rule went into effect in January 2009 and applies to any federal agency that arrests or detains individuals or supervises individuals facing charges. The adoption of the final rule served as a signal to state legislatures that, like the federal government, they too could expand the criteria for inclusion in their DNA data banks by including arrestees, whether or not they were charged with or convicted of a crime. Before this ruling 13 states had expanded their DNA collection to arrestees. With a trend toward forensic DNA harmonization, a number of states, such as Missouri, Washington, New York, Oregon, and Vermont, which had chosen not to pass legislation expanding DNA collection to arrestees, have started to consider otherwise.
The DOJ estimates that under its new rule more than 1.2 million additional individuals will have their DNA involuntarily collected by multiple federal agencies, profiled, and maintained in CODIS each year. This represents a fifteenfold increase in the number of DNA samples that have been collected from federal offenders.20 The full privacy and racial justice implications of the expansion of DNA databases to arrestees, as well as the question whether expanding databases to arrestees helps solve crimes, are discussed at length in part III of this book.
The 2008 federal rule on DNA collection by federal law-enforcement agencies is the first official government document to assert the exact analogy and the synergy between fingerprints and DNA profiles. It states that “the uses of DNA for law enforcement identification purposes are similar in general character to the uses of fingerprints, and those uses will be greatly enhanced as a practical matter if DNA is collected regularly in addition to fingerprints.”21 The government’s decision to make DNA collection and fingerprints an exact analogy obviates any need to include any provisions for removing samples from the database that may have been obtained without court warrant, or without reasonable suspicion of a crime or illegal entry into the country, because fingerprints are viewed as a means of identification. Moreover, the rule permits agencies to use “such means as are reasonably necessary to detain, restrain, and collect a DNA sample from an individual . . . who refuses to cooperate in the collection of the sample.”22 In its comments on the proposed rule, the American Civil Liberties Union (ACLU) noted:
The fingerprint analogy is misleading, because perhaps the most significant privacy concerns with DNA data banking are associated not with the DNA profiles that are retained electronically, but instead with the original biological samples that are stored indefinitely by forensic laboratories. Unlike fingerprints—two-dimensional representations of the physical attributes of our fingertips that can be used only for identification—DNA samples can provide insights into disease predisposition, physical attributes and ancestry.23
The full privacy implications of DNA testing for law-enforcement purposes are discussed in chapter 14.
Another significant change in the DNA database system occurred in 2006 and without congressional authorization. Until July 2006 the federal overseer of NDIS would not release any identifier information about a profile unless the match between the source DNA profile and the profile in NDIS was exact, except in cases where any discrepancy between the two profiles could be explained by degradation or mixtures that could compromise the crime-scene profile. On July 20, 2006, the FBI issued an interim plan for the release
of information in the event of a “partial match” of a DNA profile. The memorandum stating this interim plan defined a partial match as “a moderate stringency candidate match between two single source profiles having at each locus [there are 13 loci] at least one allele in common.”24 This means that a match of 13 out of 26 alleles (one at each locus) can trigger an investigation of the partially matched individual. The purpose of this policy was for state law-enforcement officials to follow DNA leads to the family members of suspects whose DNA profile did not match exactly but had some common properties with the crime-scene evidence. The interim plan stated:
With the documented concurrence of the prosecutor, the Casework Laboratory that identifies a “partial match” shall provide the NDIS Custodian with a written request for the release of the offender’s identifying information. Such written request should include the statistical analysis used to conclude that there may be a potential limited relationship between the suspected perpetrator and the offender. Each request will be reviewed by the F.B.I.’s Office of the General Counsel and the NDIS Custodian for approval.25
This change in FBI policy has encouraged a number of states to consider opening their databases to varying degrees of “familial searching.” Proposals to conduct full-scale searches in the database for possible relatives of the crime-scene source represent an entirely new use of forensic DNA database and a de facto expansion of the database to all close relatives (e.g., parents, children, and siblings) of the individuals in the database. Familial searching is discussed in detail in chapter 4.
State DNA Database Expansion
Genetic Justice Page 5
