EFF Tells Court Defendants Must Be Allowed To Examine The DNA Software Used To Convict Them

from the rolling-dice-with-more-sides-but-they're-still-just-dice dept

A proper adversarial system means the accused can confront the accuser. But that's rarely the case when crime solving software is involved. The FBI doesn't allow accused child porn downloaders to examine the malicious software it used to identify their computers. Multiple law enforcement agencies have dropped cases rather than discuss Stingray devices in open court.

All DNA analysis is handled by software. Most DNA analysis utilizes proprietary code created by private companies which license it to government agencies. The analysis may be performed by government agencies and employees, but when it comes to giving defense lawyers and their clients a chance to examine the software used to generate evidence, it suddenly becomes a very private matter.

Companies routinely intercede in criminal cases, telling judges that handing over source code or other information about their algorithms would somehow make it impossible for them to compete in the crime solving market. In most cases, judges are sympathetic to claims about trade secrets and proprietary code, allowing the accused to only confront their accuser by proxy, via a government expert or an employee of the software company.

In rare cases, the court actually finds in favor of the defendant. Earlier this year, a case involving third-party DNA software and the EFF's intercession went the defendant's way with a federal judge in Pennsylvania telling the government it couldn't hide behind third-party trade secret assertions to keep this code out of the accused's hands. As the court reasoned then, if DNA evidence is central to the case against the defendant, the defendant should have access to the evidence and the software that created it.

The EFF is hoping for a similar outcome in a case being handled in California. It deals with the possibly wrongful conviction of a 70-year-old man for rape. And it involves a DNA software company whose algorithm was the only one that tied the suspect to the crime.

An elderly woman was sexually assaulted and murdered in her home and two witnesses described seeing a black man in his 50s on the property on the day of the murder. Dozens of people had passed through the victim's home in the few months leading up to the murder, including Mr. Davis and another individual. Mr. Davis is an African American man who was in his 70s at the time of the murder and suffers from Parkinson’s disease. Another individual who met the witnesses’ description had a history of sex crimes including sexual assault with a foreign object.

DNA samples were taken from dozens of locations and items at the crime scene. Mr. Davis’s DNA was not found on many of those, including a cane that was allegedly used to sexually assault the victim. Traditional DNA software was not able to match Mr. Davis to the DNA sample from a shoelace that was likely used to tie up the victim—but STRMix did, and the prosecution relied heavily on the latter before the jury.

As the EFF points out in its brief [PDF], DNA software is anything but infallible. STRMix was caught a half-decade ago when a bug in its code possibly led to dozens of false arrests and convictions. Presumably that bug has been patched, but if no one outside of STRMix is allowed to examine the code, it's impossible to see if it might be leading prosecutors and government experts to overstate the certainty of DNA matches.

The necessity of independent source code review for probabilistic DNA programs was starkly demonstrated when FST (a counterpart to STRmix that was used in New York crime labs) was finally provided to a defense team for analysis. According to a defense expert, the undisclosed portion of the code could incorrectly tip the scales in favor of the prosecution’s hypothesis that a defendant’s DNA was present in a mixture. Reply Mem. of Law in Supp. as to Kevin Johnson at 19-21, United States v. Kevin Johnson, (S.D.N.Y. Feb. 27, 2017) (No. 15-CR-565 (VEC), D.I. 110). In fact, STRmix8 has suffered from programming errors that created false results in 60 cases in Queensland, Australia.

The problems caused by nondisclosure are especially acute in the context of the latest generation of probabilistic DNA analysis because there is no objective baseline truth against which the output from the program may be evaluated—and thus it is impossible to gauge the accuracy of these programs by examining their results.

If there's no objective baseline, every DNA analysis program is allowed to grade on its own curve. DNA matches aren't actually matches. They just reflect the likelihood of a match. With no baseline, the probability of it being an actual match is left to the discernment of prosecutors and their expert witnesses -- all of whom come out looking better if they can secure a conviction.

Unlike breathalyzers, the latest generation of complex DNA analysis tools cannot be measured against an objective truth. Instead, these DNA programs are more akin to probabilistic election forecasting models, such as those designed by FiveThirtyEight and The Economist. The outputted results are based on the calculation of the probability of events—that the defendant, rather than a random person, contributed to the DNA mixture or that person X will win an election—a value that is not an objectively measurable fact. This is why different DNA programs, and even different laboratories using the same program, will generate substantially different results for the same sample.

This is why courts should allow defendants to examine the software that has, for the most part, accused them of committing crimes. If different algorithms produce different outcomes using the same inputs, none are to be trusted until they're independently examined. And DNA software companies aren't interested in that happening -- not solely because of any trade secrets but because any defendant who successfully casts doubt on the accuracy of test results undermines their business model.

But protecting a business model isn't the court's business. The courts are there to serve justice, which means protecting the rights of the accused from accusers utilizing proprietary tech while waving around signed NDAs.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: dna, due process, evidence, software


Reader Comments

Subscribe: RSS

View by: Thread


  • icon
    Bluegrass Geek (profile), 26 May 2021 @ 12:27pm

    Government egislation & regulation have dropped the ball on this matter. If DNA evidence can be used to convict a person, there should be a clear burden of proof levied on the companies performing this test to show they are accurate & reliable. Any company that fails to demonstrate their tests are reliable should be barred from evidence in a court of law.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 26 May 2021 @ 4:58pm

      Re:

      Government egislation & regulation have dropped the ball on this matter.

      That's neither a job for [l]egislation or regulation. A conviction is already supposed to involve proof beyond reasonable doubt. Courts just need to enforce it.

      reply to this | link to this | view in chronology ]

  • icon
    That Anonymous Coward (profile), 26 May 2021 @ 12:28pm

    "This is why different DNA programs, and even different laboratories using the same program, will generate substantially different results for the same sample."

    So these newest bestest tests are the latest in field test kits?
    Like that recent story about the cop claiming the ashes of a child were drugs because the test said so.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 26 May 2021 @ 12:36pm

      Re:

      Well, the technology evolves. At one time, you could see any visual matches in an electrophoretic gel. Now half-assed coding and methodology can make up whatever it wants, either on purpose or just by being sloppy.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 26 May 2021 @ 12:49pm

    I have a secret magic box into which I can place my hand and pull out names on slips of paper that are guaranteed to be the names of pedophiles. The prosecutor of this case is one of those names. No, you can't see the box. If you see it, the box stops working. Also the pedophiles will win. Don't let that happen!

    reply to this | link to this | view in chronology ]

  • icon
    That One Guy (profile), 26 May 2021 @ 1:15pm

    Refusing to let the defense examine the evidence and method of gathering and confirming it should be seen as no different than the prosecution presenting an assertion by an unnamed individual that swears the defendant is guilty, without allowing the defense to know who they are or cross-examine them.

    If the defense can't examine and/or challenge evidence then it should be ruled inadmissible and thrown out with no amount of 'proprietary concern' able to overrule that, arguing otherwise is basically an admission that corporate profits have priority over the freedom and potentially lives of people.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 26 May 2021 @ 4:38pm

    I know this blog covers the tech aspect, but...

    Faulty DNA analysis software is only one way that DNA evidence in a case may be utter rubbish. Contamination is a big problem. "Itinerant DNA" (DNA traveling from one person to another through incidental means) is another. And there are all sorts of conclusions you can leap to about the presence of DNA that are utterly unjustified.

    Simple Justice had an essay on just this thing.

    reply to this | link to this | view in chronology ]

  • icon
    BG (profile), 27 May 2021 @ 1:45am

    Show me you're reliable

    Fine, if you want to stop me looking at the source code, processes used, etc. then so be it. If you used machine learning and the whole process is effectively a black box process, even to the developers of the software, then so be it.

    Show me the independently verified test results behind your claims of 100%/99% accuracy. Show me the sample size for your testing, and it had better be at least 100K of samples of verifiable origin. Show me the data on the false positives and all other independently verified incorrect results generated. Show me how you fixed the process that lead to those incorrect results. Show me the data on the tools, equipment, etc. used to independently corroborate all the results.

    If you can't show me these, or if what you show me is nothing but hot air, then the "evidence" has to be dismissed. It is not evidence, it is no better than sticking the names of anyone associated with the case on a dartboard, putting on a blindfold and throwing a dart at the board.

    reply to this | link to this | view in chronology ]

  • icon
    Bloof (profile), 27 May 2021 @ 3:01am

    'Do you presume to criticize the Great Oz? You ungrateful creatures! Think yourselves lucky that I'm giving you an audience tomorrow, instead of twenty years from now! Oh! The Great Oz has spoken! Oh! Pay no attention to that man behind the curtain. The Great, Powerful...

    -- has spoken --'

    We've seen time and time again that intelligence agencies and law enforcement are more than happy to pour money into unreliable tech and defend it to the death because admitting they bought into a lie would open them up to lawsuits and scrutiny. They'd rather a million people get unfairly thrown to the wolves than let others look behind the curtain to find there's a wolf there making guesses.

    reply to this | link to this | view in chronology ]

    • icon
      Bloof (profile), 27 May 2021 @ 3:18am

      Re:

      See how Dennis L. Montgomery made millions pretending there were hidden messages in Al Jazeera broadcasts which only he could decode with his magic technology that nobody could look into. He'd still be at it if his false intel hadn't caused an international incident that slid under the radar during the Bush years. He's also one of the minds behind the right wing election conspiracy theories, the Hammer and Scorecard nonsense.

      reply to this | link to this | view in chronology ]

  • identicon
    Annonymouse, 27 May 2021 @ 4:14am

    The prosecutor had the choice to go after the 70 year old with Parkinsons or the healthy 50 year old with a documented history of violence. They went after the 70 year old. Why?

    My guess is because he wouldn't be able to fight back and the other might just pay them a visit.

    Makes me wonder why prosecutors and their police stooges are not held accountable to face punishments equivalent to what they pushed onto the wrongfully accused.

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Close

Add A Reply

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Insider Shop - Show Your Support!

Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Recent Stories
.

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.