Don't delay: Delete your DNA today

What to do now


Now that a European Court has decided that the retention of the DNA of innocent people is illegal - what should you do now?

Earlier this month, 17 judges on the Grand Chambers of the European Court of Human Rights (ECHR) ruled unanimously that the UK is in violation of the right to respect for private and family life (Article 8) by retaining the fingerprints, DNA samples and profiles of Messrs S and Marper. Mr S was arrested at the age of 11 and charged with attempted robbery. Mr Michael Marper was arrested and charged with harassment of his partner. Both were arrested in 2001, and both had their fingerprints and DNA samples taken. Later that same year Mr S was acquitted and the case of Mr Marper was formally discontinued, as he and his partner had become reconciled and the charge was not pressed.

The court found

that the blanket and indiscriminate nature of the powers of retention of the fingerprints, cellular samples and DNA profiles of persons suspected but not convicted of offences, as applied in the case of the present applicants, fails to strike a fair balance between the competing public and private interests and that the respondent State has overstepped any acceptable margin of appreciation in this regard. Accordingly, the retention at issue constitutes a disproportionate interference with the applicants' right to respect for private life and cannot be regarded as necessary in a democratic society.

Let's look at the consequences of this ruling. What you can you do - as soon as you've finished reading this article - and what is the likely impact on legislation and policies?

Don't delay - delete your DNA today

The ruling clearly affects the retention by England, Wales and Northern Ireland police forces of fingerprints and DNA samples, and derived DNA profiles of both those who have been acquitted and those for which a decision of no further action (NFA) was taken. If you are among the estimated 573,639 to 857,366 innocents whose DNA profile is on the National DNA Database (NDNAD), you should act now. Don't wait until the time the police will have to weed out these records and samples.

Writing to the chief of police

The first step is to write to the chief of police of the force that arrested you. This may seem obvious, but several responses to freedom of information (FOI) requests we sent out as part of the research for this article, before the outcome of the S and Marper UK case was known, reveal that few individuals have gone to the trouble of asking.

At one extreme, the Warwickshire Police force has not received any requests in the last three years even though they contributed 12,263 DNA profiles to the NDNAD in the same period. At the other end of the scale, the Metropolitan Police, which in the past three years has contributed 85,305 DNA profiles, close to a fifth of the DNA profiles added by all English and Welsh forces to the NDNAD, received only 23, 64 and 110 requests for the removal of DNA profiles from the NDNAD, and granted 11, 18 and 21 of these respectively for 2006, 2007 and 2008 (up to the end of November).

Even though the West Midlands Police has in recent years arrested for recorded crimes about a third the number the Met has, it has received a similar number of requests for removal: 58, 49 and 83, and granted 25, 7 and 28 of these respectively for 2006, 2007 and 2008 (to November 21). For forces with fewer arrests such as the Cheshire, Durham or Gwent Constabularies, you can count the number of requests granted, since recording them started, on one hand. Police guidelines (the Retention Guidelines for Nominal Records on the Police National Computer) ensured that received requests to get off the NDNAD were granted only exceptionally. As a consequence of the ruling, the exceptional will have to become the norm.

Several forces do not keep a tally of the requests they receive. For example, the Northamptonshire Police responded to our request for details: "There is no single database holding the information requested. Some information may be held on individual custody records but manual examination would take the request over the cost limit and any results would not be conclusive in any case." One force, the Derbyshire Constabulary decided "As a result of your request [I] have asked the staff who deal with exceptional cases to consider making a record of requests and decisions."

Dr Helen Wallace, Director of GeneWatch UK, a not-for-profit organisation that monitors developments in genetic technologies from a public interest perspective, which provided expert evidence on behalf of Messrs S and Marper to the ECHR, commented on the ruling: "[This] landmark decision vindicates all those innocent people who have struggled to get their DNA destroyed. It means that there must be strict new rules to limit DNA retention and prevent misuse."

How to write a formal request

Having decided to write to request destruction of your fingerprints and DNA samples, deletion of your DNA profile and deletion or updating of any other database records linking to this information, the next step is to figure out what you should write. You need to include enough information so the police can identify you, the circumstances in which you were arrested (and your fingerprints and DNA samples were taken), details of the NFA decision or of your acquittal, and the reason you are requesting your records to be deleted and your samples to be destroyed.

This initial letter doesn't have to be long but it must be precise otherwise the police won't be able to deal with it. In its FOI response, the Cheshire Constabulary explained that it "receives numerous 'requests' for the removal of DNA, [t]he majority of which could not be considered formal request as when asked why we should consider their request, they simply do not respond or they actually mean something different. We would seek to clarify requests to establish the identity of the requestor and the reasons why they are requesting removal of data. This is well before we can actually consider the merits of a request and whether or not it fits the requirements of the Exceptional Cases procedure."

GeneWatch suggests this as a reason to "[a]sk for them to remove your records and destroy your DNA in the light of the judgment of the European Court of Human Rights". You may want to send a copy of the letter to your MP and a copy of any reply to GeneWatch (and let us know how it goes as well).

Another suggestion is that you may also want to argue for the police to remove your records and destroy your DNA samples in "other cases (e.g. cautions, final warnings, spent minor convictions)". Although the ECHR decision only covers people who have not been convicted, it makes clear that an interference with personal informational privacy such as the retention and use of profiles and samples must be indispensable and proportionate with the legitimate aim of the criminal justice system (i.e., the seriousness of the offence).

The Court cannot, however, disregard the fact that, notwithstanding the advantages provided by comprehensive extension of the DNA database, other Contracting States have chosen to set limits on the retention and use of such data with a view to achieving a proper balance with the competing interests of preserving respect for private life... The Court considers that any State claiming a pioneer role [as the UK is] in the development of new technologies bears special responsibility for striking the right balance in this regard.

If you're in a situation where you find this balance has not been achieved, for example the indefinite retention for children given reprimands, then you may also benefit from this ruling.

Taking into account the ECHR ruling, the police are now likely to accept all legitimate requests as they would be in a very weak position if an innocent person were to seek a judicial review in case of refusal. Due to the small number of requests granted prior to the ruling, the actual deletions from the NDNAD and the Police National Computer (PNC) and destruction of samples is a very ad-hoc process. The Met promised a process last year and eventually did publish one (pdf), but it was not worth the wait.

Here's the process they go through: "If the decision to delete has been made, the Exceptional Cases Unit will contact the respective departments and agencies to ensure that the DNA, fingerprints and PNC records are deleted/destroyed accordingly."

The National Police Improvement Agency (NPIA) realises that "following the judgement last week in the S & Marper case heard at the European Court of Human Rights the DNA sample retention and destruction requirements are being reviewed." At least, once a DNA profile has been deleted from the database, it would appear that these transactions are propagated to all backups in short time:

The NDNAD has both a regular internal and a regular off-site back-up procedure. All transactions carried out on the NDNAD are backed up each working day. The deletion of profiles from the NDNAD would be treated the same as any other NDNAD transaction within this back-up procedure. Any record of a DNA profile will also be removed from all back-up media within 10 days of its deletion from NDNAD.

Until a comprehensive process is published giving stronger confidence in the deletion process, once you get confirmation that your request has been granted you may want to ask to be present when the physical samples are destroyed and electronic data is deleted and updated. If you go for this, ask speedily or possibly even with your request letter, as in my case the deletion process was started before informing me of the decision!

Observing the process by a large number of individuals would be costly in time and money; an easier alternative would be for the labs used by the police to generate DNA profiles from the samples taken from individuals to systemically destroy the DNA samples once a DNA profile has been derived. The DNA samples are not used for identification.

Next: What does the ECHR ruling change for the government and police?


Other stories you might like

  • Biden considers removal of Trump-era China tariffs to ease inflation
    But US administration split on loss of leverage, according to reports

    US president Joe Biden is debating whether to end or cut Trump-era tariffs imposed on Chinese imports into the United States, according to reports.

    Introduced in 2018 during the Trump administration, tariffs on more than $300 billion in imports from China — including products and components vital in consumer and business technologies — were inherited by the Biden administration.

    According to Bloomberg, president Biden and his cabinet have discussed the inflationary impact of these levies with Treasury Secretary Janet Yellen. The cabinet was looking at all of the possible ways to curb inflation and to provide some relief on cost of living for Americans, the report said.

    Continue reading
  • Semiconductor market to be hit by fresh wave of rising component costs
    Chemicals supplier warns it expects to raise prices, may cut some product lines

    More red flags about the semiconductor market are being raised with the news that a key supplier to chipmakers such as TSMC is planning to hike prices, which will likely have a knock-on effect on chip prices.

    Japan-based chemicals company Showa Denko has warned it expects to raise prices and may have to cut back some of its unprofitable product lines. The company is a major supplier of chemicals and gases that are used in the semiconductor manufacturing industry for the creation of silicon wafers and in the etching process to create chips.

    In an interview with Bloomberg, Showa Denko chief financial officer Hideki Somemiya said the company had already raised prices at least a dozen times this year, citing issues such as COVID-19 lockdowns, increasing energy costs and other factors. However, he confirmed "the current market moves require us to ask twice the amount we had previously calculated."

    Continue reading
  • Germany unveils plan to tackle cyberattacks on satellites
    Vendors get checklist on what to do when crooks inevitably turn up in space

    The German Federal Office for Information Security (BSI) has put out an IT baseline protection profile for space infrastructure amid concerns that attackers could turn their gaze skywards.

    The document, published last week, is the result of a year of work by Airbus Defence and Space, the German Space Agency at the German Aerospace Center (DLR), and BSI, among others. It is focused on defining minimum requirements for cyber security for satellites and, a cynic might say, is a little late to the party considering how rapidly companies such as SpaceX are slinging spacecraft into orbit.

    The guide categorizes the protection requirements of various satellite missions from "Normal" to "Very High" with the goal of covering as many missions as possible. It is also intended to cover information security from manufacture through to operation of satellites.

    Continue reading

Biting the hand that feeds IT © 1998–2022