AUTHOR
Lee Gillam and Anna Vartapetiance Salmasi
ABSTRACT
Against a background of UK Government offices losing a variety of personal data, we consider the potential implications for the storage of DNA and its transmission across Europe. It is reported that the UK has the largest DNA database in the world covering 5% of the population, and that is 50% larger than the combination of data in all of the remaining EU member states. In addition, the UK has over 4 million CCTV cameras monitoring the movements of citizens, and producing significant volumes of potential video evidence. Under UK Law, appropriate signage is meant to be used to inform citizens of monitoring and surveillance, but there are a variety of questions regarding informed consent in the collection of DNA.
The intended purpose of data collection on such a scale is crime detection. Projects undertaken at this scale can be viewed to be broadly based on the following inference: criminals are the minority and anybody could be a criminal, therefore we can only know if crime is committed if we are monitoring everybody. Objections to such a line of reasoning can be made along inferential lines that if you object to such a collection, you must have something to hide, and therefore must be a criminal: thus we criminalize objectors with straw men.
DNA has a number of interesting features, from its structure as discovered by Crick and Watson, to figures regarding its uniqueness. But it has one additional feature of interest: it can travel to places its “owner” has never been. Consider, for example, swabs of saliva being taken from buses and used to trace individuals (Ross Lydall, 2007). Aside from the nature of this incident in itself, suppose that a crime were committed on a bus at some distance from where the saliva’s owner had departed the bus. The DNA trace would be uniquely identifying, implicating the owner, but the presumption of innocence of the latter crime would then become difficult to argue. Put another way, our DNA can travel to places we’ve never been, and stay there for a very long time.
This paper will discuss positive and negative consequences of DNA databases with reference to legal and ethical issues, but also in relation to the question for professional software developers: is it right to develop such software? Consideration of potential consequences is important to understand the possibility for harm to EU citizens, every one of whom may become more than merely a stakeholder in the DNA database. We will take account of doubts about the utility of DNA in fighting crimes the ways in which the database is being used and controlled, and how the information contained becomes a target for external attacks due to the high-value of information about health, family relationships, appearance, and associated data related to behavior, not just identity. Our intention is to explore what recommendations could be made for such systems, or whether it is indeed possible to make recommendations.
We will take account of arguments that a DNA database containing samples of acquitted suspects increases the number of samples but does not increase the likelihood of solving crimes (GeneWatch, Feb. 2007) or preventing wrongful convictions (Parliament Publications and Records, Mar. 2007). We consider that people are fighting for their DNA and rights in courts (OUT-LAW, Jul. 2004; OUT-LAW, Apr. 2007 ) while companies in charge of keeping the samples (Forensic Science Service) are fighting to retrieve stolen database information and DNA samples (Gallagher, Ian, Mar. 2007). We will also consider questions over privacy and human rights (Johnston P, Waterfield B, 2007), and broad viewpoints as emerge from the application of ethical theories to the notion of trading for civil liberties for personal protection.
Our main focus, however, will be on the question of whether software developers can follow codes of ethics that may preclude the development of such databases: whether these professionals are being honest and trustworthy about risks of database and providing sufficient protection for fundamental human rights and the privacy of others, unveiling the potential dangers of such systems to users or the public and managing the database to reduce the possible risks. According to the European Data Protection Supervisor (EDPS) there is no specific framework proposed for an EU shared database (OUT-LAW, Jun. 2007). Those in the UK may be able to rely to some extent on the Data Protection Act, however the extent of protection beyond this needs to be considered.
It may be that we can only limit how much we invade privacy, but we have to balance this against intended use & unintended use and consequences.
REFERENCES
Gallagher, Ian (Mar.2007). “Five civil servants suspended over ‘DNA espionage’”. [Online] Daily Mail. (31 March 2007). http://www.dailymail.co.uk/pages/live/articles/news/news.html?in_article_id=445902&in_page_id=1770&in_a_source=&ito=1490 [Access data: January 2008]
GeneWatch (Feb. 2007). “Police Retention of DNA”. [Online] GeneWatch. (February 2007).http://www.genewatch.org/uploads/f03c6d66a9b354535738483c1c3d49e4/Councillorsbrief07_2.pdf [Access data: January 2008]
Johnston P, Waterfield B (2007) “DNA data deal ‘will create Big Brother Europe’”. [online] The Telegraph (18 February 2007) [Access data: January 2008]
OUT-LAW (Jul. 2004) “Police to retain DNA from acquitted suspects.” [Online] OUT-LAW.COM. (26 July 2004) http://www.out-law.com/page-4740 [Access data: January 2008]
OUT-LAW (Apr. 2007). “DNA database ‘will span most of the UK population’”. [Online] OUT-LAW. (11 April 2007). http://www.out-law.com/page-7945 [Access data: January 2008]
OUT-LAW (Jun. 2007). “Police will share data across Europe against privacy chief’s advice” [Online] OUT-LAW.COM (14 June 2007). http://www.out-law.com/default.aspx?page=8148 [Access data: January 2008]
Parliament-Publications-and-Records (Mar. 2007). “Memorandum by the Information Commissioner”. [Online] Parliament.uk. (1 March 2007). http://www.publications.parliament.uk/pa/ld200607/ldselect/ldeucom/90/90we02.htm [Access data: January 2008]
(Ross Lydall, 2007) DNA kits to trace spitting passengers [online] London Lite (31 may 2007) http://www.thisislondon.co.uk/news/article-23398753-details/DNA+kits+to+trace+spitting+passengers/article.do [Access data: January 2008]