EFF Tells Court Defendants Must Be Allowed To Examine The DNA Software Used To Convict Them

from the rolling-dice-with-more-sides-but-they're-still-just-dice dept

A proper adversarial system means the accused can confront the accuser. But that’s rarely the case when crime solving software is involved. The FBI doesn’t allow accused child porn downloaders to examine the malicious software it used to identify their computers. Multiple law enforcement agencies have dropped cases rather than discuss Stingray devices in open court.

All DNA analysis is handled by software. Most DNA analysis utilizes proprietary code created by private companies which license it to government agencies. The analysis may be performed by government agencies and employees, but when it comes to giving defense lawyers and their clients a chance to examine the software used to generate evidence, it suddenly becomes a very private matter.

Companies routinely intercede in criminal cases, telling judges that handing over source code or other information about their algorithms would somehow make it impossible for them to compete in the crime solving market. In most cases, judges are sympathetic to claims about trade secrets and proprietary code, allowing the accused to only confront their accuser by proxy, via a government expert or an employee of the software company.

In rare cases, the court actually finds in favor of the defendant. Earlier this year, a case involving third-party DNA software and the EFF’s intercession went the defendant’s way with a federal judge in Pennsylvania telling the government it couldn’t hide behind third-party trade secret assertions to keep this code out of the accused’s hands. As the court reasoned then, if DNA evidence is central to the case against the defendant, the defendant should have access to the evidence and the software that created it.

The EFF is hoping for a similar outcome in a case being handled in California. It deals with the possibly wrongful conviction of a 70-year-old man for rape. And it involves a DNA software company whose algorithm was the only one that tied the suspect to the crime.

An elderly woman was sexually assaulted and murdered in her home and two witnesses described seeing a black man in his 50s on the property on the day of the murder. Dozens of people had passed through the victim’s home in the few months leading up to the murder, including Mr. Davis and another individual. Mr. Davis is an African American man who was in his 70s at the time of the murder and suffers from Parkinson’s disease. Another individual who met the witnesses’ description had a history of sex crimes including sexual assault with a foreign object.

DNA samples were taken from dozens of locations and items at the crime scene. Mr. Davis’s DNA was not found on many of those, including a cane that was allegedly used to sexually assault the victim. Traditional DNA software was not able to match Mr. Davis to the DNA sample from a shoelace that was likely used to tie up the victim—but STRMix did, and the prosecution relied heavily on the latter before the jury.

As the EFF points out in its brief [PDF], DNA software is anything but infallible. STRMix was caught a half-decade ago when a bug in its code possibly led to dozens of false arrests and convictions. Presumably that bug has been patched, but if no one outside of STRMix is allowed to examine the code, it’s impossible to see if it might be leading prosecutors and government experts to overstate the certainty of DNA matches.

The necessity of independent source code review for probabilistic DNA programs was starkly demonstrated when FST (a counterpart to STRmix that was used in New York crime labs) was finally provided to a defense team for analysis. According to a defense expert, the undisclosed portion of the code could incorrectly tip the scales in favor of the prosecution’s hypothesis that a defendant’s DNA was present in a mixture. Reply Mem. of Law in Supp. as to Kevin Johnson at 19-21, United States v. Kevin Johnson, (S.D.N.Y. Feb. 27, 2017) (No. 15-CR-565 (VEC), D.I. 110). In fact, STRmix8 has suffered from programming errors that created false results in 60 cases in Queensland, Australia.

The problems caused by nondisclosure are especially acute in the context of the latest generation of probabilistic DNA analysis because there is no objective baseline truth against which the output from the program may be evaluated—and thus it is impossible to gauge the accuracy of these programs by examining their results.

If there’s no objective baseline, every DNA analysis program is allowed to grade on its own curve. DNA matches aren’t actually matches. They just reflect the likelihood of a match. With no baseline, the probability of it being an actual match is left to the discernment of prosecutors and their expert witnesses — all of whom come out looking better if they can secure a conviction.

Unlike breathalyzers, the latest generation of complex DNA analysis tools cannot be measured against an objective truth. Instead, these DNA programs are more akin to probabilistic election forecasting models, such as those designed by FiveThirtyEight and The Economist. The outputted results are based on the calculation of the probability of events—that the defendant, rather than a random person, contributed to the DNA mixture or that person X will win an election—a value that is not an objectively measurable fact. This is why different DNA programs, and even different laboratories using the same program, will generate substantially different results for the same sample.

This is why courts should allow defendants to examine the software that has, for the most part, accused them of committing crimes. If different algorithms produce different outcomes using the same inputs, none are to be trusted until they’re independently examined. And DNA software companies aren’t interested in that happening — not solely because of any trade secrets but because any defendant who successfully casts doubt on the accuracy of test results undermines their business model.

But protecting a business model isn’t the court’s business. The courts are there to serve justice, which means protecting the rights of the accused from accusers utilizing proprietary tech while waving around signed NDAs.

Filed Under: , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “EFF Tells Court Defendants Must Be Allowed To Examine The DNA Software Used To Convict Them”

Subscribe: RSS Leave a comment
This comment has been deemed insightful by the community.
Bluegrass Geek (profile) says:

Government egislation & regulation have dropped the ball on this matter. If DNA evidence can be used to convict a person, there should be a clear burden of proof levied on the companies performing this test to show they are accurate & reliable. Any company that fails to demonstrate their tests are reliable should be barred from evidence in a court of law.

That Anonymous Coward (profile) says:

"This is why different DNA programs, and even different laboratories using the same program, will generate substantially different results for the same sample."

So these newest bestest tests are the latest in field test kits?
Like that recent story about the cop claiming the ashes of a child were drugs because the test said so.

This comment has been deemed insightful by the community.
This comment has been deemed funny by the community.
Anonymous Coward says:

I have a secret magic box into which I can place my hand and pull out names on slips of paper that are guaranteed to be the names of pedophiles. The prosecutor of this case is one of those names. No, you can’t see the box. If you see it, the box stops working. Also the pedophiles will win. Don’t let that happen!

This comment has been deemed insightful by the community.
That One Guy (profile) says:

Refusing to let the defense examine the evidence and method of gathering and confirming it should be seen as no different than the prosecution presenting an assertion by an unnamed individual that swears the defendant is guilty, without allowing the defense to know who they are or cross-examine them.

If the defense can’t examine and/or challenge evidence then it should be ruled inadmissible and thrown out with no amount of ‘proprietary concern’ able to overrule that, arguing otherwise is basically an admission that corporate profits have priority over the freedom and potentially lives of people.

Anonymous Coward says:

I know this blog covers the tech aspect, but...

Faulty DNA analysis software is only one way that DNA evidence in a case may be utter rubbish. Contamination is a big problem. "Itinerant DNA" (DNA traveling from one person to another through incidental means) is another. And there are all sorts of conclusions you can leap to about the presence of DNA that are utterly unjustified.

Simple Justice had an essay on just this thing.

BG (profile) says:

Show me you're reliable

Fine, if you want to stop me looking at the source code, processes used, etc. then so be it. If you used machine learning and the whole process is effectively a black box process, even to the developers of the software, then so be it.

Show me the independently verified test results behind your claims of 100%/99% accuracy. Show me the sample size for your testing, and it had better be at least 100K of samples of verifiable origin. Show me the data on the false positives and all other independently verified incorrect results generated. Show me how you fixed the process that lead to those incorrect results. Show me the data on the tools, equipment, etc. used to independently corroborate all the results.

If you can’t show me these, or if what you show me is nothing but hot air, then the "evidence" has to be dismissed. It is not evidence, it is no better than sticking the names of anyone associated with the case on a dartboard, putting on a blindfold and throwing a dart at the board.

This comment has been deemed insightful by the community.
Bloof (profile) says:

‘Do you presume to criticize the Great Oz? You ungrateful creatures! Think yourselves lucky that I’m giving you an audience tomorrow, instead of twenty years from now! Oh! The Great Oz has spoken! Oh! Pay no attention to that man behind the curtain. The Great, Powerful…

— has spoken –‘

We’ve seen time and time again that intelligence agencies and law enforcement are more than happy to pour money into unreliable tech and defend it to the death because admitting they bought into a lie would open them up to lawsuits and scrutiny. They’d rather a million people get unfairly thrown to the wolves than let others look behind the curtain to find there’s a wolf there making guesses.

Bloof (profile) says:

Re: Re:

See how Dennis L. Montgomery made millions pretending there were hidden messages in Al Jazeera broadcasts which only he could decode with his magic technology that nobody could look into. He’d still be at it if his false intel hadn’t caused an international incident that slid under the radar during the Bush years. He’s also one of the minds behind the right wing election conspiracy theories, the Hammer and Scorecard nonsense.

This comment has been deemed insightful by the community.
Annonymouse says:

The prosecutor had the choice to go after the 70 year old with Parkinsons or the healthy 50 year old with a documented history of violence. They went after the 70 year old. Why?

My guess is because he wouldn’t be able to fight back and the other might just pay them a visit.

Makes me wonder why prosecutors and their police stooges are not held accountable to face punishments equivalent to what they pushed onto the wrongfully accused.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...