Feeds

How to delete your DNA profile

A cut-out-and-keep reference guide

Maximizing your infrastructure through virtualization

It's a little known fact that it's possible to have your DNA profile removed from the National DNA Database (NDNAD). While the Police have processes to gather and retain DNA samples - they don't yet have a procedure to delete the DNA of innocent members of the public.

It's complicated - but for now, this is what you should do.

Over four million profiles have been added to NDNAD since 1995. Last year, 115 profiles were deleted and 667,737 added. In the last five years, 634 DNA profiles have been removed from the database, while 2,649,937 profiles were added. In other words, the number of DNA profiles removed is around 0.02 per cent of the number of profiles added in the period - where we have the information.

According to a document called the Step model - Retention guidelines, it is considered "exceptional" for an innocent citizen to have one's DNA sample destroyed, and the associated DNA profile removed.

Currently, the destruction of DNA samples and removal of DNA records are "completed by way of an approved form being sent [by a Senior Information Manager from the Metropolitan Police Service Specialist Crime Directorate 12 (MPS SCD 12)] to designated staff in each of the departments concerned who are aware of the exceptional case procedure, once deletion / destruction has taken place we are informed and subsequently we notify the applicant, there is no process map in existence for this practice."

My own fingerprints and DNA were added to the database on 2005-07-28 when I was arrested on the London Tube.

Then ensued a complaint to the Independent Police Complaints Commission (IPCC), an investigation, an appeal to the outcome and a final decision by the IPCC. The final decision, dated 2007-05-03, "requested that the Metropolitan Police Service reconsider your request for your records and samples to be physically destroyed and electronically deleted, and for the summary information in the Police National Computer to be expunged."

The Misconduct Office informed me, on 21 August last year, that they had agreed to this request. Department SCD12 confirmed that my fingerprints were destroyed and the entry on the fingerprint database was deleted on 2007-07-24, my DNA samples destroyed and the entry on the DNA database deleted on 2007-08-20 and my Police National Computer (PNC) record deleted on 2007-08-30.

If you read the previous paragraph carefully, you may notice that the Misconduct Office requested the exceptional case to be dealt with by SCD12 before informing me of its decision, and SCD12 appears to have been prompt. So it was no longer possible for me to witness the destruction and removal actions. Hopefully there was no break in communications, and all those involved did their job properly without making any mistake. The information I received, unfortunately, leaves room for interpretation.

For instance, there was mention of "DNA sample" (singular) when two mouth swabs were taken - most likely a shortcut. Another example is that SCD12 asks "departments", but the labs that are contracted to analyse the DNA samples and keeping them are not part of the Police and hence not departments, most likely another shortcut.

So how would I know that my DNA profile really had been deleted? One way to verify this would be to plant some of my DNA at a crime scene and wait for a knock at the door. Obviously this is an experiment I will not undertake. I'd much prefer to have (verifiable) specific assurances rather than assumptions, but instead I'll have to trust the Police and the labs they use.

To avoid others having to go through this same situation, I shared these concerns with the SCD12 Senior Information Manager. The outcome: "An exceptional case process map will be available on the MPS Publication Scheme early 2008."

Having a documented process in place instead of the current ad-hoc mechanisms will go some way to increase confidence in the efficacy of what must be a complex procedure. Unsurprisingly, the Information Commissioner's Office has also been keen for a long time for the Police to implement such a step-out (deletion) procedure.

Publishing a process - which describes in detail the actions to be taken by the Police departments and their contractors - will help ensure other innocents get fair and open treatment in getting off the NDNAD. This, in turn, will help make exceptional cases the norm. ®

David Mery, a technologist based in London, was arrested in July 2005 for "suspicious behaviour": carrying a rucksack, and his home computers were confiscated. He was released without charge. Last year he succeeded in having his DNA profile purged. His website is gizmonaut.net.

Application security programs and practises

More from The Register

next story
UK government officially adopts Open Document Format
Microsoft insurgency fails, earns snarky remark from UK digital services head
Major problems beset UK ISP filth filters: But it's OK, nobody uses them
It's almost as though pr0n was actually rather popular
HP, Microsoft prove it again: Big Business doesn't create jobs
SMEs get lip service - what they need is dinner at the Club
ITC: Seagate and LSI can infringe Realtek patents because Realtek isn't in the US
Land of the (get off scot) free, when it's a foreign owner
MPs wave through Blighty's 'EMERGENCY' surveillance laws
Only 49 politcos voted against DRIP bill
Help yourself to anyone's photos FOR FREE, suggests UK.gov
Copyright law reforms will keep m'learned friends busy
EU's top data cops to meet Google, Microsoft et al over 'right to be forgotten'
Plan to hammer out 'coherent' guidelines. Good luck chaps!
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.