House of Commons - The National DNA Database

The National DNA Database - Home Affairs Committee Contents

2 Retention of personal profiles

13. Currently about 5 million people have their personal profiles on the National DNA database.[18] As of 24 April 2009, just under 1 million people with profiles on the database had no record of a conviction, caution, reprimand or final warning on the Police National Computer. Some of these 1 million will have been awaiting trial or have had a criminal record that was expunged from the Police National Computer because it related to a pre-2000 caution, but the majority had not been convicted of any crime, some had not been charged with a crime and about 36,000 had not even been arrested (as they were victims of crime or people who had voluntarily given a DNA sample to help narrow down a group of suspects, for example when everyone in a neighbourhood is asked to give a DNA sample).

14. No research has been done specifically on the question of the number of crimes that are solved with the help of the stored personal profiles of those not previously convicted of a crime. Moreover, despite their best efforts the Home Office and others have been able to discover only a few examples of serious violent crime, such as murder or rape, where a suspect has been identified mainly or solely because his or her personal DNA profile was already stored on the database from an earlier arrest that had not resulted in a conviction. The Minister for Policing, Crime and Counter-terrorism wrote to the Public Bill Committee on the Crime and Security Bill with six case studies (subsequently amended to five) where the perpetrator of a very serious crime had been identified in this way. However, in one of these cases the later, more serious, crime had taken place at the perpetrator's own home, which the victim was able to identify, so the profile evidence might be considered to have confirmed the perpetrator's identity rather than suggesting a new suspect.[19] We asked the Home Secretary to provide us with details of the 23 cases to which he had referred in his speech on second reading of the Crime and Security Bill, but we have yet to receive his reply.

15. It is not known how many crimes are solved with the help of the stored personal profiles of those not previously convicted of a crime. The highly complicated calculations made by GeneWatch to try to answer this question on the basis of information from various sources already in the public domain, and the provisional nature of its conclusions, underline the need for the Home Office to undertake research specifically on this issue.

16. In England and Wales (the rules are different in Scotland[20]) records are held indefinitely on the Database[21] but it is possible for the subject to request deletion of his/her profile and for this to be granted in exceptional circumstances at the discretion of the relevant chief constable. ACPO has issued guidance on the Exceptional Case Procedure which includes various grounds on which a chief constable might agree to remove a DNA sample from the database. Those grounds include the fact that a false allegation was made; the subject was unlawfully or wrongly arrested or unlawfully cautioned; the caution was inappropriate; or the subject was unlawfully processed. However, from the evidence we received, even in these cases subjects struggle to get their profiles removed from the database.

17. We took evidence from two people, one of whom had volunteered to give a DNA sample to eliminate himself from an inquiry into the suspicious death of a relative and the other of whom had had his DNA taken despite the fact that he had been arrested for a non-recordable offence, that of littering. Both had believed that they had no choice but to give a sample and both had struggled to get their samples destroyed and profiles deleted.[22] Ms Abbott described other such cases to us.[23]

18. A significant number of people never convicted of a crime are unhappy about their profiles being kept indefinitely on the database. They consider it a slur on their character and personally intrusive, and are worried about the possibility of false matching of a crime to their profile or malicious hacking into the database. Professor Sir Alec Jeffreys noted that there was one recorded instance of an innocent person who had committed suicide apparently as a result of the shame he felt at being a subject on the database.[24] Sir Alec said:

People have drawn analogies between fingerprints and DNA. ... I would argue that DNA is fundamentally different. It is a highly intimate sample. ... It carries information on who you are: your physical appearance, your behaviour, your character, your parentage, your ancestry, your disease liability. ... Even if you look at the DNA profile that is stored on the database, and that is the DNA profile derived from a very limited number of genetic characteristics, that still carries additional information, in particular family information.

Sir Alec told us that he would not like his DNA profile to be on the database:

19. We asked Sir Alec about the possibility of false matches. He said that the chance of the DNA profiles of two people matching was in the order of one in ten trillion, though in court the more conservative estimate of about one in a billion is used. However, the one in ten trillion figure refers to the chance of a one-to-one match on one occasion: the database contains about 5 million profiles and is searched thousands of times a year, which increases the likelihood of matches to one in a trillion. Furthermore, for two related people matches are more likely still: for brothers the probability is one in 200,000—and many of the people on the database are related to one another.[26]

20. Moreover, the chance of a mismatch would increase further with the agreement to allow police forces across Europe to search one another's DNA databases for matches to serious crimes:[27] more searches across a larger number of records equals a greater potential for mismatches. Even now, many of the searches made of the National DNA Database result in multiple matches—a list of potential suspects rather than one—because the personal or crime scene DNA sample was damaged or partial. An average of 83.7 multiple matches were made per month in 2008/09.[28] Sir Alec noted that there had already been at least one example of a totally adventitious but complete match, which had led to an arrest; the innocent subject had had to obtain independent DNA testing to reveal the mistake.[29]

Impetus for change

21. In December 2008 the European Court of Human Rights in Strasbourg found that the blanket nature of the policy on DNA in England and Wales—i.e. retaining all samples, with no time limit, regardless of the seriousness of the offence, or the age of the offender, and whether the person was even charged or convicted—did not comply with Article 8 (right to privacy) of the European Charter of Human Rights. The Court found the policy to be "blanket and indiscriminate".[30] The Court noted with approval the consistency of the approach taken in Scotland with the Committee of Ministers' recommendation R(92)1 on the use of DNA. This recommendation suggests that DNA samples should not be kept after the final decision has been made in the case for which they were taken, unless it is necessary "for purposes directly linked to those for which they were collected." The Court added:

Where the security of the state is involved, the domestic law of the member state may permit retention of [samples and information derived from them] even though the individual concerned has not been charged or convicted of an offence. In such cases strict storage periods should be defined by domestic law; and

Since the primary aim of the collection of samples and the carrying out of DNA analysis on such samples is the identification of offenders and the exoneration of suspected offenders, the data should be deleted once persons have been cleared of suspicion. The issue then arises as to how long the DNA findings and the samples on which they were based can be stored in the case of a finding of guilt.

22. In response to the Court's judgment, the Government published its proposals for the DNA Database in May 2009, as follows:

The destruction of all DNA samples taken from suspects on arrest, regardless of whether the suspect went on to be convicted;
Adults convicted of a recordable offence would have their profiles retained indefinitely;
Adults arrested for a violent, sexual or terrorism-related offence would have their profiles deleted automatically after twelve years and those arrested for less serious offences after six years;
10-18 year olds convicted or arrested for sexual or violent offences would be treated the same as adults; those convicted of lesser offences would have their profiles deleted by the time they became 18 years old;
No profiles of those aged under ten would be retained (this is now already the case); and
Profiles provided voluntarily would not be stored on the database.[31]

23. It emerged in September 2009 that the research by the Jill Dando Institute for Crime Science which the Home Office used to formulate the proposal for retention of profiles for twelve years was incomplete. The Director of the Institute, Professor Gloria Laycock, said:

Their policy should be based on proper analysis and evidence and we did our best to try and produce some in a terribly tiny timeframe, using data we were not given direct access to.

As a result, when the Crime and Security Bill was introduced, it provided for a maximum time of six, rather than twelve, years for retention of records of people arrested but not convicted;[33] the proposals relating to those under the age of 18 were also changed. In summary, the Bill provides for:

Adults—convicted: indefinite retention of DNA profile;
Adults—arrested but not convicted: retention of DNA profile for six years;
Under 18 year olds—convicted of a serious offence or more than one minor offence: indefinite retention of DNA profile;
Under 18 year olds—convicted of a single minor offence: retention of DNA profile for five years;
16 and 17 year olds—arrested for but not convicted of a serious offence: retention of DNA profile for six years;
All other under 18 year olds—arrested but notconvicted: retention of DNA profile for three years;
Persons subject to a control order: retention of DNA profile for two years after the control order ceases to have effect;
Material which has been given voluntarily to be destroyed as soon as it has fulfilled the purpose for which it was taken.[34]

The concept of "qualifying offence" is used to distinguish between serious and minor offences. A qualifying offence is defined as a serious violent, sexual or terrorist offence, and also include the offences of aiding, abetting, conspiring etc the commission of such offences.[35] In addition, where DNA profiles would otherwise need to be destroyed because of the expiry of a time limit, chief officers of police are given power to determine that, for reasons of national security, those profiles may be retained for up to two further years. It is open to chief officers to make further determinations to retain material where necessary.[36]

24. All these provisions relate to DNA taken under the Police and Criminal Evidence Act (PACE). Samples relating to terrorism offences are also covered by the Bill. Currently fingerprints, samples and profiles from suspected terrorists may be retained for an indefinite period.[37] The Crime and Security Bill would make provision for a destruction and retention regime broadly equivalent to that outlined above in relation to PACE.[38]

25. Clause 22 of the Bill[39] requires the Secretary of State to make a statutory instrument prescribing the manner, timing and other procedures in respect of destroying relevant biometric material already in existence. The Bill also puts on a statutory footing the existing National DNA Database Strategy Board. This Board already reports to the Home Secretary, providing strategic oversight of the application of powers under PACE for taking and using DNA. The principal partners are the Association of Chief Police Officers, the Association of Police Authorities and the Home Office.

Proposals for retaining the DNA of adults

26. All of our witnesses were content that the DNA profiles of those convicted of a crime should be retained, and they voiced no opposition to the Government's proposals for this group of people. Nor did they dispute that it might be necessary for public safety reasons to retain DNA from some people who had been arrested but not convicted in connection with serious violent or sexual crime or terrorism. They were, however, deeply divided on the question of the retention of the profiles of those arrested for, but not convicted of, 'lesser' crime. The police strongly preferred to retain the DNA profiles of adults who had not been convicted, arguing that, owing to a lack of supporting evidence, the difficulty of proving intent or consent, procedural problems, the intimidation of witnesses and other factors, they were unable to bring to trial, let alone see convicted, significant numbers of people who had actually committed a crime. The police were concerned that, if they were not allowed to retain the profiles of clever or lucky criminals, these criminals might be tempted to offend again and it might prove impossible to link them clearly to the subsequent crimes.[40] Liberty, GeneWatch and Ms Abbott were equally firmly of the view that people who had not been found guilty of a crime had to be presumed to be innocent and, in particular in the case of non-violent or less serious crimes, should not have their DNA retained beyond the period necessary to conclude legal proceedings.[41]

EQUITY AND PROPORTIONALITY

27. As noted above,[42] in 2003 Parliament moved the bar for collection of DNA samples back from suspects being charged to arrest for a recordable crime. The Minister told us that the threshold for arrest was high and the offences involved were "serious".[43] However, as we were told by other witnesses during this and other inquiries, not all recordable offences would fall within the category of what the public would consider 'serious crime'—under the present DNA regime, those suspected of shoplifting or possession of drugs are treated the same as those suspected of murder—and arrests have been made for trivial incidents such as minor playground fights.[44] Those who have been arrested for a non-recordable offence or have been wrongly arrested may also find themselves on the database, as do volunteers who have given their DNA to help narrow down a list of possible suspects; and, once on the database, they find it very difficult to get themselves removed.[45]

28. As noted earlier, the statistics show no clear increase in the detection rate from the shift from taking DNA on charge to taking DNA on arrest. We are also aware of the fact that arrests have been made for flimsy reasons,[46] whereas there has to be a solid basis for charging someone with an offence. It could therefore be argued that the DNA from those never charged with an offence should be treated differently from those charged but not convicted. However, this runs counter to the principle in England and Wales that in law people are either innocent or guilty by introducing gradations of innocence. It also does not tackle the nub of the problem: arrest should be a high threshold. At least in part, the anomalies have arisen in the current system because of the way in which offences are treated—for example, far more incidents are now classified as crimes of violence even if no physical assault has taken place—and target-driven policing has encouraged police officers to treat minor incidents formally in order to reach targets. We hope that both these trends will be mitigated by the move back to 'commonsense policing'; if so, the number of arrests for flimsy reasons should decline sharply. We therefore do not recommend the return to the pre-2004 situation of DNA being collected only on charging not on arrest.

29. However, the counter-balance to this is that it should be easier for those wrongly arrested or who have volunteered their DNA to get their records removed from the database. We recommend some changes to make this possible later in this report.

30. The Government's proposals treat adults and juveniles differently, imposing an across-the-board limit of six years retention for adults arrested for but not convicted of a recordable offence. For under 18 year olds who fall into the 'arrested but not convicted' category, the proposals differentiate by age and by seriousness of offence. For under 16s, whatever the offence for which they are arrested, retention of DNA profiles would be for three years. 16 and 17 year olds arrested for a serious violent, sexual or terrorist offence (including the offences of aiding, abetting or conspiring to commit such offences) would have their profiles retained for six years (like adults); retention would be for three years for 16 or 17 year olds arrested for any other offence.[47]

31. It is arguable on the basis of natural justice and the ECHR's judgment that those suspected of committing the most serious crimes should be treated differently from those suspected of more minor crimes. Ms Abbott, Liberty and GeneWatch clearly thought so. We support the distinctions made among juveniles, not least because numerous studies have shown that many 'get into trouble with the law' for something comparatively minor and never offend again. This leaves the question whether the same distinction should be made among adults. The police argued that enough people progressed from committing 'minor' crimes to serious crime that the effectiveness of the database would be seriously undermined if those suspected of minor crimes had their DNA profiles deleted earlier than others. We accept this, and therefore do not recommend that the Bill's provisions relating to adults make a distinction between those arrested for major and minor crimes.

LENGTH OF TIME FOR RETAINING PROFILES

32. Having recommended that the DNA profiles of adults convicted of crimes should be retained indefinitely, and that no distinction should be made among those arrested but not convicted, we turn now to the period of time for which this latter group's profiles should be kept.

33. We have already noted that the Government's initial proposal to retain such profiles for twelve years was abandoned after the research apparently supporting it proved to be defective. In his letter of 2 February 2010 to Members of Parliament responding to issues raised in debate on the Second Reading of the Crime and Security Bill, the Home Secretary considered how the time limit should be determined. He said:

34. The Home Secretary is right to caution against a simple identification of a second arrest, with no indication of outcome, as being proof of guilt. If faced with a crime such as burglary, where it is known that a high proportion of offences is committed by a limited number of repeat offenders, it is right for the police to look first at suspects previously arrested for a similar crime, rather than to the general population. Arrest to arrest data reveal the likelihood of being arrested again, but do not equate to the risk of offending after an initial arrest.

35. However, accepting these data for want of better, the issues to be addressed are whether those arrested but not convicted are more likely than the general population to be arrested subsequently, and for how many years after the initial arrest does the probability of a second arrest arise. The Home Secretary explained that, on the data available, "we estimated that the risk of re-arrest in the group originally arrested but not convicted remains higher than in the general population for six years after the initial arrest, providing a justification for our retention policy".[49] Unfortunately, the Home Office had only a maximum of three years of usable data on arrests because the Police National computer had been 'weeded' of arrest entries for earlier years.[50] This analysis shows that adults arrested but not convicted are significantly more likely to be re-arrested than the general population for up to three years after the initial arrest. However, the Home Office statisticians had insufficient data on which to base their estimates beyond three years, so they simply extrapolated from the data for those re-arrested within three years for the group on the database and made an estimate of the arrest rate for the general population. They entered the caveat that "the intersection of the two [lines] around the six-year point is quite sensitive to errors in either the extrapolation or the estimated risk of criminality for the general population." In other words, it is not certain that either the extrapolation or the estimate is correct, so it is not certain that six years is really where the difference in probability reduces to a minimum: the timescale could be longer, it could be shorter. It is noteworthy that part of the uncertainty is attributable to the fact, as the analysis report recognises, that some of the group arrested but not convicted will never be arrested again. Given what we have already found about the inappropriateness of some arrests, this uncertainty could be significant.

As shown in the figure above, most of the risk of re-arrest for those arrested but not convicted is in the years immediately following the initial arrest: the probability of re-arrest decreases sharply during the first year and remains significant for about three years.

36. A three year retention period is what has been adopted in Scotland for some types of offences. Until the passage of the Police, Public Order and Criminal Justice (Scotland) Act 2006, all DNA data (both samples and profiles) taken from a subject in Scotland were destroyed or deleted from databases if the subject was not subsequently convicted in a criminal court. The 2006 Act, however, permitted the retention of data after the conclusion of criminal proceedings where the subject had been prosecuted in the criminal court for, though not convicted of, a 'relevant sexual offence' or 'relevant violent offence'. 'Relevant sexual offence' included a wide range of offences such as rape, indecent assault and child pornography; 'relevant violent offence' encompassed crimes such as murder, assault or fire raising but not all crimes involving some element of violence (for example, breach of the peace or the carrying of offensive weapons in public).[51] Where DNA data is retained under these provisions, it must be deleted from the database and destroyed within three years of the conclusion of criminal proceedings, or by any later date set by a sheriff following application by a chief constable. The sheriff may make an order for destruction to be delayed for up to two years, but this can be extended if the chief constable applies again.[52]

37. Decisions on retention periods must balance public safety against individual privacy. The current situation of indefinite retention of the DNA profiles of those arrested but not convicted is impossible to defend in light of the judgment of the European Court of Human Rights and unacceptable in principle. However, given the complexity of the issues and the conflicting evidence about what would be an appropriate length of time for retention, we are unable to recommend a specific period other than to say that we would regard three years as the minimum length of time for which such profiles should be retained.

Removing records from the Database

38. Even with a time limit for retention of the DNA profiles of those arrested but not convicted, there will still need to be provisions for the removal of profiles from the database in cases of wrongful arrest, when volunteers want them deleted, and so on. We noted that one of the most inequitable aspects of the current DNA regime was the inconsistency in the approach of Chief Constables to requests to have profiles removed. Despite the existence of the Exceptional Case guidance issued by ACPO, research carried out in the form of Freedom of Information requests to the various police forces showed wide variations between regions: while overall 22% of requests were granted, six police forces (Cambridgeshire, City of London, Dyfed Powis, Gloucestershire, Humberside and Nottingham) removed none while South Yorkshire and Wiltshire removed 80% or more.[53]

39. Legally, the DNA profiles are owned by whichever police force entered them on the database, with the Chief Constable acting as the data controller. Although they agreed that greater consistency and transparency in decision-making were needed, the police told us that a strength of the current system was that data were owned by the individual police forces rather than a central organisation. They felt this guaranteed that greater care was taken in the recovery and recording of DNA material and profiles. They suggested all that was needed was some greater codification of the process by means of the Crime and Security Bill, plus some clearer guidance to Chief Constables.[54] We considered that this would still leave considerable scope for inconsistency between 43 forces, and that the lack of a central point to which the public could send their requests for removal and from which they could receive advice was also a flaw in the system.

40. One option for such a central clearing point would be the National Policing Improvement Agency, which runs the database.[55] However, at a late stage in our deliberations, another and better option was suggested: the National DNA Database Strategy Board. This organisation already exists informally, but the Crime and Security Bill would place it on a statutory basis. The Board, while chaired by the ACPO lead on DNA and including officials from the Home Office and the Association of Police Authorities, also includes independent members such as the Information Commissioner, the Forensic Science Regulator and members of the National DNA Database Ethics Group. Overall, therefore, it is more independent of the police than the NPIA. The Government has tabled amendments at Report Stage of the Bill to give the National DNA Database Strategy Board the central co-ordinating role, as the organisation to which applications for deletion of records would be made, handling the case, making a recommendation to the relevant chief constable based on the statutory guidance that it (the Board) would issue, and informing the applicant of the result. We support these proposals.

41. The Home Secretary has assured us that the Strategy Board would consult widely on the guidance to chief constables before issuing it, and said that he expected the guidance to reflect the range of circumstances where retention of a DNA profile was clearly inappropriate, such as where it was objectively clear that no offence had been committed. We consider that the then Home Affairs Committee should be consulted by the Board on the draft guidance. The Home Secretary cited an example of where DNA data should not be retained— that of someone arrested for shoplifting when trying to exchange goods for which she was carrying the receipt. This example is absolutely cut and dried; we expect the guidance to allow for the destruction of data in a far wider range of cases.

18 There are more than 5.5 million personal profiles on the database, but a number of these are duplicates (because the person from whom the sample was taken has given another name, the sample has been wrongly recorded, etc). As of 24 April 2009, there were an estimated 4,587,430 people with records on the database: HC Deb, 2 June 2009, col 360W. Given that the profiles of about 0.5 million people per year are loaded onto the database, the total now must be nearly 5 million. Back

19 Public Bill Committee: Crime and Security Bill, 4 February 2010, col 234-235 Back

20 See para 37 below. Back

21 Under the Criminal Justice and Police Act 2001 Back

22 Qq 160-171 Back

23 Qq 3 and 36 Back

24 Q 195 Back

25 Q 188 Back

26 Q 190 Back

27 Q 191 Back

28 HC Deb, 17 June 2009, col 315W Back

29 Q 191 Back