Genetic Justice: DNA Data Banks, Criminal Investigations, and Civil Liberties

The purpose of DNA databases is to solve crimes that would otherwise be unsolvable.

—John M. Butler¹

The power to assemble a permanent national DNA database of all offenders who have committed any of the crimes listed [in 18 U.S.C.] has catastrophic potential. If placed in the hands of an administration that chooses to “exalt order at the cost of liberty” . . . the database could be used to repress dissent or, quite literally, to eliminate political opposition.

—Judge Stephen R. Reinhardt in
United States v. Kincade (2004)²

By the new millennium every state law-enforcement agency and many local ones in the United States had become connected through a coordinated and federally managed forensic DNA data bank. At the heart of this system is a computer network overseen by the Federal Bureau of Investigation called the Combined DNA Index System, or CODIS. This network provides police with tools to solve “cold cases,” that is, cases that have been dormant because of lack of leads, to link a current suspect to a crime scene, and to track suspects who may seek to change their identity.

CODIS was initiated in 1990 as a pilot program serving 14 state and local laboratories. The main idea behind the program was to collect, analyze, and store the DNA of individuals convicted of felony sex offenses and other violent crimes on the theory that these offenders were likely to be recidivists and frequently leave biological evidence at the scene of a crime.³ By maintaining their DNA on file in a shared database system, police could develop investigative leads and solve crimes that might have been committed in the past or would be committed in the future by the same individual both within and across jurisdictions.

In 1994 Congress passed the DNA Identification Act as part of the Violent Crime Control and Law Enforcement Act (P.L. 103-322). The law called for the establishment of a forensic laboratory under the authority of the FBI with the capability to analyze DNA for identification purposes. In addition, it authorized the FBI to establish and maintain the CODIS software system, which would allow the sharing of DNA profiles uploaded at local, state, and federal levels.

By June 1998 all 50 states had authorized criminal DNA databases, and by 2004 all 50 state databases were connected through CODIS. The FBI officially launched CODIS on October 13, 1998, three years after England and Wales introduced their national forensic DNA databases (see chapter 9).

CODIS contains separate indexes of DNA profiles generated from four different sources: known persons convicted of crimes (the Convicted Offender Index); DNA samples whose source is unknown and that were recovered from crime scenes (the Forensic Index); DNA samples recovered from unidentified persons who may have been killed in a natural hazard or through criminal activity (the Unidentified Human Remains Index); and DNA samples voluntarily contributed by relatives of missing persons (the Relatives of Missing Persons Index). In this last case, if the remains of someone are found, his or her DNA profile can be submitted to the Relatives of Missing Persons Index in the hope that his or her identity can be ascertained because close relatives share similar DNA alleles. CODIS also includes a population file of anonymous contributors, whose DNA is used to determine the frequency of alleles in the short tandem repeats that are found in the general population or in racial and ethnic subpopulations.

The DNA Identification Act contained a set of privacy provisions applying to federal law-enforcement agencies regarding who has access to the DNA profile information. According to the act, the results of the DNA tests performed for law-enforcement purposes can be disclosed under only three conditions: to criminal justice agencies for law-enforcement identification purposes; in judicial proceedings; and for criminal defense purposes. In the last case defendants can have access to the information for exculpatory purposes. There is also a provision in the act for research on forensic DNA population databases to develop protocols and for quality-control purposes if personally identifiable information is removed.

Once CODIS was under way, state laws began to individuate their criteria for including DNA profiles in their data banks. Those criteria range from sex offenders to all convicted felons, and more recently to those convicted of white-collar crimes, juvenile offenders who are not legally considered felons, and arrestees, whether or not they are convicted. In 2001 the FBI’s official recommendation to the states was that they include “all felony offenders and misdemeanor sex offenders within the scope of their database laws.”⁴

Although states are allowed to set their own laws governing DNA collection, federal law determines the categories of DNA profiles that can be uploaded to the shared database system. In addition, each state has an FBI-approved laboratory that serves as the master site for all local and county laboratories that generate DNA profiles. All State and Local DNA Index Systems (SDIS and LDIS, respectively) are connected through the National DNA Index System (NDIS) (see figure 2.1). The NDIS is a system of DNA profile records compiled by criminal justice agencies (including federal, state, and local law enforcement agencies). CODIS is the automated DNA information processing and telecommunication system that supports NDIS. Sometimes CODIS is used interchangeably with NDIS.

The FBI also sets the standards that states must follow to upload DNA profiles and to run searches against the NDIS. For a state to upload a DNA profile to NDIS, it must contain at least 10 out of 13 loci. If DNA collected from a crime scene is too badly degraded or if mixtures are too complex to extract 10 readable loci, the NDIS will not accept the profile.

Anticipating a law establishing a national forensic DNA system, in 1991 the FBI issued Legislative Guidelines for DNA Databases as guidance to the states for developing their statutes.⁵ The guidelines included some limited privacy and civil liberties considerations. For example, the FBI recommended that only DNA records that relate to the identification of individuals, not records about physical characteristics, traits, or predispositions for diseases, should be collected. Personal information stored in the state DNA database, according to the guidelines, should be limited to the data necessary to generate investigative leads and to support a statistical interpretation of any test results. Finally, the guidelines recommended that access to the state DNA database system should be limited to duly constituted federal, state, and local law-enforcement agencies through their forensic laboratories.⁶

Currently the DNA profiles stored in the NDIS contain a specimen identifier, the sponsoring laboratory’s identifier, the initials or names of the DNA personnel associated with the analysis, and the actual DNA profile characteristics. The NDIS does not store criminal history information, case-related information, Social Security numbers, or dates of birth. No personal identifying information other than a specimen identification number is stored in the NDIS. If a match (or association) is identified and later confirmed, a public forensic laboratory must initiate contact with other laboratories involved in the match in order to obtain the name of the offender.⁷ Unauthorized disclosure of DNA information is subject to criminal penalties not to exceed a fine of $250,000 or imprisonment for up to one year.

John Butler describes the operational function of the national forensic DNA network as follows:

When CODIS identifies a potential match, the laboratories responsible for the matching profiles are notified and they contact each other to validate or refuse the match. . . . After the match has been confirmed by qualified DNA analysis, which often involves retesting of the matching convicted offender DNA sample, laboratories may exchange additional information, such as names and phone numbers of criminal investigators and case details. If a match is obtained with the Convicted Offender Index, the identity and the location of the convicted offender is determined and an arrest warrant is procured.⁸

Federal law stipulates which DNA profiles processed at state and local levels can be uploaded to CODIS. It also determines the categories of individuals from whom DNA can be collected and retained by federal authorities and uploaded to the NDIS (“qualifying Federal offenses”). As explained earlier, CODIS was initially limited to persons convicted of serious, violent crimes (namely, murder and felony sex offenses). Similarly, states only uploaded to CODIS DNA profiles taken from this narrow category of offenders, on the basis of guidelines issued by the FBI, which recommended that “states include all felony offenders and misdemeanor sex offenders within the scope of their database laws.”⁹

Since CODIS was established in 1994, the federal law has been significantly expanded through the passage of three pieces of legislation (see table 2.1). First, the federal collection program was initiated through the passage of the DNA Analysis Backlog Elimination Act of 2000. This law required that DNA samples be collected from individuals in custody and those on probation, parole, or supervised release after being convicted of a “qualifying Federal offense.”¹⁰ Qualifying Federal offenses were limited to violent crimes and included murder, sexual abuse, peonage or slavery, kidnapping, and offenses related to robbery or burglary. Although the federal collection program was limited to violent crimes, it allowed for the collection of DNA from those who had already served their sentences but were still in the system by way of being on probation or parole. The 2000 act also spoke to the conditions state law-enforcement authorities must meet in order to upload a DNA profile to CODIS. Specifically, DNA profiles could be submitted to CODIS when they were “taken from individuals convicted of a qualifying state offense.”¹¹ So while federal authorities continued to collect DNA only from those convicted of serious, violent crimes, states were given the go ahead to authorize the collection and uploading to CODIS of other categories of convicted individuals.

On October 3, 2004, President George W. Bush signed into law the Justice for All Act. Although the main purpose of this law was to provide funding to help states eliminate a substantial backlog of DNA samples collected from crime scenes and offenders, the law also significantly expanded CODIS. “Qualifying Federal offenses” were expanded to allow for the DNA testing of all persons convicted of a felony offense. In addition, the act allowed states to upload to CODIS the DNA profiles of “persons convicted of crimes” or “persons charged in an indictment or information with a crime,” as well as “other persons whose DNA samples are collected under applicable legal authorities, provided that DNA profiles from arrestees who have not been charged in an indictment or information with a crime, and DNA samples that are voluntarily submitted solely for elimination purposes shall not be included in the National DNA Index System.”¹²

By November 2005 CODIS contained 124,200 forensic profiles and 2.8 million offender profiles. On that date, according to the FBI’s own account, CODIS had produced 27,700 matches and assisted 29,600 investigations.¹³

On January 5, 2006, President George W. Bush signed into law the Violence Against Women and Department of Justice Reauthorization Act of 2005. Attached to this broadly popular budgetary reauthorization was the DNA Fingerprint Act of 2005. With only 99 lines of text, this amendment, introduced initially by Senator Jon Kyl (R-AZ), marked a quantum leap in the power of police to collect DNA. The act authorized the U.S. attorney general to direct federal agencies to collect DNA from “individuals who are arrested or from non-U.S. persons who are detained under the authority of the United States.”¹⁴ In addition, the law allowed states to upload DNA profiles to CODIS from anyone whose DNA samples were collected under applicable legal authorities, so long as they were not voluntarily submitted. Therefore, it removed the requirement that prohibited the uploading of DNA profiles from arrestees who had not been charged. This change opened the floodgates for the states to submit names to CODIS of arrestees or detainees even if they were not charged with a crime. There is an expungement provision in the law that allows people who are arrested or detained but not charged or convicted to have their profiles removed from CODIS. Expungement is not automatic, however, and occurs only where the director of the FBI receives a certified copy of a final court order establishing that the charges were dismissed or resulted in acquittal. Therefore, the burden is on the individual arrested to request removal of his or her DNA from the system. Individuals who were convicted of a crime and later had their conviction overturned can also request that their DNA profiles be removed. Despite proper authorization, if the FBI fails to remove a profile, a subsequent cold match to it has been accepted in the courts so long as the FBI’s failure to remove it was unintentional.

On December 10, 2008, the U.S. Department of Justice (DOJ) issued a final rule to implement the DNA Fingerprint Act of 2005.¹⁵ The DOJ interpreted Congress’s loosely framed mandate in the broadest way possible. Under the final rule, any federal agency with authority to take fingerprints ostensibly was given comparable authority to collect DNA. The proposed rule states quite unambiguously: “Agencies of the United States that arrest or detain individuals or supervise individuals facing charges will be required to collect DNA samples, if they collect fingerprints from individuals, subject to any limitations or exceptions the Attorney General may approve.”¹⁶ In addition, the regulation appears to allow the forcible taking of DNA even from those arrested for misdemeanors, such as trespassing on federal land during a demonstration.

The DOJ laid out a three-part justification for its broad interpretation of the law. First, by collecting DNA samples at the time of arrest or at some other early stage in the criminal justice process, the DOJ stated, it can deter subsequent criminal behavior. This deterrence function could be lost if law enforcement waits for conviction to collect DNA.¹⁷ Second, the expanded database of arrestees “may show that the arrestee’s DNA matches DNA in crime scene evidence” in crimes for which they were not arrested.¹⁸ Third, the DNA sample may provide “an alternative means of directly ascertaining or verifying an arrestee’s identity, where fingerprint records are unavailable, incomplete or inconclusive.”¹⁹ This so-called triple benefit, namely, criminal deterrence, crime solving, and true identity, provided the DOJ its justification for broadening the reach of federal authorities into the privacy of individuals who were not convicted of a felony crime.

The 2008 rule went into effect in January 2009 and applies to any federal agency that arrests or detains individuals or supervises individuals facing charges. The adoption of the final rule served as a signal to state legislatures that, like the federal government, they too could expand the criteria for inclusion in their DNA data banks by including arrestees, whether or not they were charged with or convicted of a crime. Before this ruling 13 states had expanded their DNA collection to arrestees. With a trend toward forensic DNA harmonization, a number of states, such as Missouri, Washington, New York, Oregon, and Vermont, which had chosen not to pass legislation expanding DNA collection to arrestees, have started to consider otherwise.

The DOJ estimates that under its new rule more than 1.2 million additional individuals will have their DNA involuntarily collected by multiple federal agencies, profiled, and maintained in CODIS each year. This represents a fifteenfold increase in the number of DNA samples that have been collected from federal offenders.²⁰ The full privacy and racial justice implications of the expansion of DNA databases to arrestees, as well as the question whether expanding databases to arrestees helps solve crimes, are discussed at length in part III of this book.

The 2008 federal rule on DNA collection by federal law-enforcement agencies is the first official government document to assert the exact analogy and the synergy between fingerprints and DNA profiles. It states that “the uses of DNA for law enforcement identification purposes are similar in general character to the uses of fingerprints, and those uses will be greatly enhanced as a practical matter if DNA is collected regularly in addition to fingerprints.”²¹ The government’s decision to make DNA collection and fingerprints an exact analogy obviates any need to include any provisions for removing samples from the database that may have been obtained without court warrant, or without reasonable suspicion of a crime or illegal entry into the country, because fingerprints are viewed as a means of identification. Moreover, the rule permits agencies to use “such means as are reasonably necessary to detain, restrain, and collect a DNA sample from an individual . . . who refuses to cooperate in the collection of the sample.”²² In its comments on the proposed rule, the American Civil Liberties Union (ACLU) noted:

The fingerprint analogy is misleading, because perhaps the most significant privacy concerns with DNA data banking are associated not with the DNA profiles that are retained electronically, but instead with the original biological samples that are stored indefinitely by forensic laboratories. Unlike fingerprints—two-dimensional representations of the physical attributes of our fingertips that can be used only for identification—DNA samples can provide insights into disease predisposition, physical attributes and ancestry.²³

Another significant change in the DNA database system occurred in 2006 and without congressional authorization. Until July 2006 the federal overseer of NDIS would not release any identifier information about a profile unless the match between the source DNA profile and the profile in NDIS was exact, except in cases where any discrepancy between the two profiles could be explained by degradation or mixtures that could compromise the crime-scene profile. On July 20, 2006, the FBI issued an interim plan for the release of information in the event of a “partial match” of a DNA profile. The memorandum stating this interim plan defined a partial match as “a moderate stringency candidate match between two single source profiles having at each locus [there are 13 loci] at least one allele in common.”²⁴ This means that a match of 13 out of 26 alleles (one at each locus) can trigger an investigation of the partially matched individual. The purpose of this policy was for state law-enforcement officials to follow DNA leads to the family members of suspects whose DNA profile did not match exactly but had some common properties with the crime-scene evidence. The interim plan stated:

With the documented concurrence of the prosecutor, the Casework Laboratory that identifies a “partial match” shall provide the NDIS Custodian with a written request for the release of the offender’s identifying information. Such written request should include the statistical analysis used to conclude that there may be a potential limited relationship between the suspected perpetrator and the offender. Each request will be reviewed by the F.B.I.’s Office of the General Counsel and the NDIS Custodian for approval.²⁵

This change in FBI policy has encouraged a number of states to consider opening their databases to varying degrees of “familial searching.” Proposals to conduct full-scale searches in the database for possible relatives of the crime-scene source represent an entirely new use of forensic DNA database and a de facto expansion of the database to all close relatives (e.g., parents, children, and siblings) of the individuals in the database. Familial searching is discussed in detail in chapter 4.

The Commonwealth of Virginia was the first state in the United States to develop a forensic DNA data bank in 1989. By the close of the next decade all 50 states had statutes authorizing the creation of DNA data banks. Initially, as with the federal data bank, state data banks included samples from felony offenders with allegedly high recidivism rates, such as sex offenders and violent felons. But state legislators, riding the wave of DNA-philia and taking advantage of the silent encouragement offered by changes in federal law, began to expand the criteria for inclusion soon after their database systems were up and running. Some justified the expansion by arguing that persons who commit lesser crimes have high recidivist rates and graduate to more violent offenses.

Table 2.2 shows how the qualifying offenses for which DNA can be collected and retained vary among the states. As of June 2009, 47 states had authorized DNA collection from all felons (all states except for Idaho, Nebraska, and New Hampshire); 37 from at least some categories of individuals who have been convicted of a misdemeanor; 4 from numerous non-sex-crime misdemeanors; and 32 from juvenile offenders. Included under “misdemeanors” in many states are voyeurism (Florida), failure to register as a convicted person (Nevada), many types of sexual offenses (Arkansas, Illinois), and controlled-substance offenses (New York, Nevada, and Kansas). According to one survey, burglary by itself was a justification for DNA collection in 40 states, and drug offenses authorize DNA collection in 28.²⁶

Juveniles in America have increasingly become part of the DNA-collection system. By June 2009, 32 states had laws permitting police to obtain biological specimens from juveniles for DNA profiles, including those who had committed nonviolent crimes. Some legal scholars argue that juveniles should be treated differently than adults with respect to DNA collection. Juveniles are often protected by sealing their criminal records. There is a greater emphasis on rehabilitation and less on punishment for youthful offenders. Steven Messner writes in the Journal of Juvenile Law: “A national criminal DNA database, which does not distinguish between adult and juvenile, could undermine the purpose of the separate juvenile justice system,” for example, if the DNA profile were maintained after the juvenile records were sealed. “In order to preserve the purposes and integrity of the juvenile justice system, additional protections need to be afforded juveniles whose DNA profiles are obtained. . . . A juvenile’s DNA profile should be expunged from the database if the juvenile’s record is sealed.”²⁷

In 2003 only 4 states took DNA from arrestees whether or not they were convicted of a crime. Six years later an additional 17 states had passed legislation that authorized the collection of DNA from arrestees. Some states have authorized collection of DNA from all felons, while others have authorized more limited arrestee collection, such as from individuals arrested for murder or rape. One of these, Minnesota’s statute, was declared unconstitutional by the Minnesota Court of Appeals (see table 2.3). Although the FBI continues to refer to its “Convicted Offender Index,” this is no longer accurate, since this index necessarily includes individuals who have not been convicted of crimes.

Virginia was the first state to authorize DNA collection from arrestees. In 2002 the Virginia state legislature enacted an amendment to its state data bank law allowing the seizure and analysis of DNA samples from “every person arrested for the commission of a violent felony.” Arrestees are not necessarily charged with or convicted of a crime. False arrests or charges dropped are commonplace in police work, sometimes because of lack of evidence, because of mistaken identities, or because the police simply get it wrong. For example, arrests are made during the tumult of mass demonstrations because people find themselves in the middle of a rowdy crowd or in the sight line of overzealous police.

Louisiana was also among the first states to broaden DNA collection to arrestees. In 2003 Louisiana enacted legislation that expanded its DNA data-bank criteria to include simple assault, stalking, prostitution, and Peeping Tom offenses. Under this law juveniles arrested for these offenses, as well as adults soliciting prostitution, are subject to having their DNA included in the state data bank.

In 2004 California became the fourth state to authorize DNA collection from arrestees through passage of Proposition 69, also known as the DNA Fingerprint, Unsolved Crime, and Innocence Protection Act. This ballot proposition mandated the collection of DNA samples from adults and juveniles convicted of felonies, sex offenses, and arson. In addition, it set January 2009 as the date for requiring a DNA sample from every adult arrested for or charged with a felony. At the time of its passage, California’s DNA law contained the most sweeping DNA collection requirements in the country. Its DNA database is currently the third largest in the world, and, with more than 330,000 individuals arrested for a felony offense every year in California,²⁸ it promises to continue to retain that position so long as the arrestee provisions remain in effect. In October 2009 the ACLU of Northern California filed a class-action lawsuit, challenging the arrestee provisions of the law.²⁹ The case is ongoing at the time of this writing.

As of June 2009, 21 states had provisions for collecting DNA from some categories of arrestees. Eleven states followed California’s lead by enacting provisions for taking DNA from all felony arrestees, while the other 10 states adopted a more limited approach (for example, allowing arrestee DNA collection only for those arrested for murder and sex crimes, and in some cases burglary).

The extraordinary expansion of DNA collection has resulted in a near doubling of the number of so-called offender profiles in CODIS every two years, as can be seen in figure 2.2. The impetus for expanding the scope of contributors to DNA data banks is coming almost exclusively from law enforcement. The assumption has been that the larger the data banks, the more crimes will be solved. Rarely, however, is a crime solved by DNA alone. At any crime scene there may be multiple DNA fragments left on the scene by passersby. Also, the fact that some suspect’s DNA was not found at a crime scene does not mean that the suspect was not at the scene or did not commit the crime. Nevertheless, the successes of some highly publicized coldhit cases of DNA collected from a crime scene have inspired lawmakers to broaden the inclusion criteria for taking DNA samples.

Not all attempts to expand DNA databases have been successful, especially in the highly contested arena of arrestee testing. In 2007 both houses of the South Carolina legislature passed a bill requiring that law-enforcement authorities collect DNA samples from anyone arrested or indicted for any crime that is punishable by a prison sentence of five years or more.³⁰ Governor Mark Sanford vetoed the bill on June 18, 2007. In his veto Governor Sanford argued that this bill to expand the state’s DNA data bank was an overreach by government and an erosion of personal privacy. In explaining his veto, Sanford wrote:³¹

Though American society values personal liberties, we are the first to recognize that persons convicted of a crime must give up some of those liberties, including the protection against search and seizure. By limiting DNA collection to those who have been convicted of a crime, we ensure that no DNA is collected unless that person has been granted due process of rights and has experienced a full vetting by the judicial system. If DNA collection were expanded to include custodial arrest for felonies, why stop there? Law enforcement could inevitably stop other crimes as well with an even further expanded database. We think the clear divide created with conviction has served us well because one of the central tenets of American law is that one is presumed innocent until proven guilty.

Sanford emphasized that DNA samples contain sensitive personal information such as disease predisposition, physical attributes, ancestry, and familial relationships. Only when there is a court order or conviction, he argued, should people be required to submit their DNA to a state database. Moreover, by weakening the standard under which DNA is collected, the state would be crossing the threshold from using personal information for criminal investigation to surveillance of its citizenry.

There have also been voluntary submissions of DNA to state data banks. These have come about through law-enforcement dragnets. When DNA left at a scene of a violent crime does not match any profile in the state or federal data bank, law-enforcement officers have on occasion asked local residents to submit their DNA voluntarily to eliminate themselves as suspects. Their DNA can remain in the data bank unless the state has a provision for removal of the profile and the contributors avail themselves of that right.

In what surely will be seen as an ironic state of affairs, on the one hand, states are expanding their DNA collections by broadening criteria to include innocent people; on the other hand, they are destroying crime-scene DNA evidence of those currently serving prison sentences. According to a report in USA Today, half the states do not have requirements for retaining crime-scene DNA evidence that either played a role in convicting or could play a role in exonerating an incarcerated felon.³² States incur heavy costs in laboratory sequencing and in storage facilities for preserving biological samples when they expand their databases to include arrestees. The expansion of the databases is purportedly to catch future criminals. Law enforcement is dubious about the social benefits over costs for retaining crime-scene DNA for as long as a felon is in prison. The focus is on resources for obtaining new convictions rather than on protecting and preserving evidence that could be used to exonerate falsely convicted individuals. Bucking this trend is the state of Virginia. In the summer of 2008 the Virginia Forensic Science Board planned to send out letters to about 1,000 felons convicted in the 1970s and 1980s before DNA evidence was used in criminal cases to notify them that physical evidence pertaining to their case existed. On November 1, 556 letters went out, and by December another 528 were mailed. A little over 200 of those on the notification list were deceased. By late 2009 there was no confirmation that 545 of those individuals had been notified.³³ The letters inform the felons that biological evidence in their cases exists and that they qualify to have the DNA evidence tested. It was reported in 2008 that there were eight cases in which the defendant’s DNA profile did not match the profile of the crime-scene samples.³⁴ While locating individuals and fulfilling postconviction testing are expected to continue for years, there has thus far been one posthumous exoneration, that of Curtis Jasper Moore, who was convicted on rape-murder charges.³⁵

The Internet, consisting of tens of millions of personal computers linked seamlessly through thousands of transfer stations, has revolutionized human communication. Nothing since the creation of an international postal system has afforded so many individuals the power and opportunity to share information with people in distant places. Computer networks also provide new instruments for government bureaucracies whose mission is to maintain public records and keep public order. For both inter- and intragovernmental law-enforcement agencies, digital information in the form of photos and data has created new methods of surveillance. Centralized digital DNA profiles that provide a highly reliable means of establishing personal identification have made forensic DNA the most talked-about tool of forensic investigation since the development of the thumbprint more than 100 years ago.

The network of forensic DNA data banks is fast maturing in the modern industrial state, while debates continue over whether innocent people and juveniles or those convicted of minor offenses should be forced to have their personal identity held in a centralized computer that is linked to a biological specimen stored in some law-enforcement outpost. Efforts are currently under way to link the forensic DNA data banks of nation-states with Interpol, the international police agency. Currently there are some rules in place in the United States about what information can be drawn from biological specimens for entry into criminal justice data banks, and what linkages can be made with other national data banks such as Social Security, Medicare, and the Internal Revenue Service. Nonetheless, the possibilities for abuse in combining criminal justice data banks with private databases, such as health records, credit accounts, books that people borrow from public libraries, phone calls, or shopping profiles held by national chains, are daunting. Whether for commercial interests or bureaucratic goals, there is a tendency for centralized digital information to expand and for cross talk to take place among databases. If personal privacy is to be protected as a constitutional right, then the current trend of rapid DNA database expansion will have to be reexamined in terms of the long-term and systemic trends toward greater governmental surveillance of law-abiding citizens.