Experts are sounding the alarm about techniques used to identify the assassin who tried to kill Donald Trump, saying the methods raise grave concerns about privacy.
The gunman, 'loner' Thomas Matthew Crooks, 20, was not carrying an ID, had no criminal record, nearly zero digital footprint and no friends, forcing the FBI to resort to DNA analysis to identity him.
As Kevin Rojek, the special agent-in-charge (SAIC) for the FBI's Pittsburgh field office, told reporters just hours after the shooting on Saturday, 'We're trying to run his DNA and get biometric confirmation.'
While the FBI declined to answer DailyMail.com's requests for details on how they did this DNA analysis, experts say it has often included scouring consumer genealogy databases like Ancestory.com and 23andMe — which store tens of millions of Americans' biometric data each.
And now, newer private DNA database companies have entered the market, firms that cater explicitly to the federal government and law enforcement as their clients.
SAIC Rojek added that the Bureau was also 'looking at photographs' to help ID the shooter, part of a multi-agency effort to put a name to the dead would-be assassin.
As experts told the DailyMail.com, a state-level facial recognition database held by Pennsylvania's Department of Motor Vehicles, fingerprints held as part routine criminal background checks by Crooks' employers and other government registries — while unnamed by the FBI — likely also played a role.
One parallel effort conducted by the Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF) 'completed an urgent trace' that ultimately led to the 'business records from a closed gun dealer,' according to an ATF statement.
That effort, a frantic, manual search through the closed gun shop's paper records, helped trace the rifle to the Crooks' father, according to a report by CNN.
'Results were provided to the FBI and Secret Service in less than 30 minutes that helped identify the shooter,' ATF reported a day after the FBI's DNA announcement.
Civil liberties advocates, however, noted that the increasing reliance on DNA databases by police not only raises privacy concerns, but the tactics have also led to false identifications and wrongful arrests, court records show.
An attorney who overturned one such case told DailyMail.com that these sprawling DNA databases can lead to misidentifications because today's crime scene forensics can recover DNA from extremely small and too often unrelated human debris.
'Our technology for collecting DNA is so sensitive now,' attorney Jennifer Lynch explained. 'You can just swab something somebody has touched and get their DNA.'
'The risk is we shed DNA at different rates and DNA gets transferred from one surface to another,' she continued. 'That's how somebody could be misidentified for a crime.'
Despite the fact that the FBI accomplished its 'biometric confirmation' of Trump's shooter Crooks in less than 24 hours, further details have yet to be made public.
But Lynch, who works as general counsel for the nonprofit Electronic Frontier Foundation (EFF), has spent over a decade tracking the federal government's increasing reliance on vast genetic databases to track US citizens.
This 'scary surveillance and technology,' as Lynch told DailyMail.com, includes law enforcement contracts with private firms, like Verogen, Inc., who have amassed their DNA databases explicitly for 'forensic customers' and 'criminal casework.'
In fact, Verogen has let police access personal genetic data that its ordinary genealogy database users had submitted as private, so long as they had a warrant.
Prior to the entry of firms like Verogen, law enforcement had garnered success closing 'cold case' murders by anonymously uploading the DNA of their suspects into consumer genealogy databases like Ancestory.com and 23andMe.
As of March 2024, Ancestry.com's database houses DNA from over 25 million people and 23andMe's database stores genetic markers for over 14 million, according to the International Society of Genetic Genealogy.
The tactic led California police to finally capture the infamous Golden State Killer in 2018, but has also led to several false identifications and embarrassing dead ends.
In one case, German detectives believed they were on the trail of a serial killer they called 'the Phantom of Heilbronn' — only to discover their suspect's DNA belonged, in reality, to a Polish factory worker who had contaminated all their DNA kit swabs.
In another, DNA evidence led police to suspect that a Yale graduate student had been murdered by a convicted felon, who had died two years before the crime.
GEDmatch — a genetic genealogy company that had already gained notoriety for sharing its customers' DNA data with police — was troublingly purchased by government contractor Verogen over five years ago, Lynch noted.
Verogen 'basically designs technologies for law enforcement,' she said, and its new ownership of GEDmatch has given the company ownership of a database with DNA profiles on over 2 million people.
That commercial venture has now been augmented by a partnership with FamilyTreeDNA, which has its own DNA database of over 1.6 million people.
'Law enforcement has used pseudonyms to upload DNA,' Lynch told DailyMail.com.
'Now, for providers like GEDmatch and FamilyTreeDNA, it's in their business model to allow law enforcement access.'
'After GEDmatch and FamilyTreeDNA announced a partnership,' Lynch said, paraphrasing her 2023 own report. 'One thing they said in their press statement was that using our services, law enforcement can identify even more people.'
The EFF lawyer noted that the police have increasingly turned to these new contractual relationships to track US citizens who who are not already present in the federal government's own DNA databases.
'There are two main kinds of databases in the US,' Lynch explained. 'There's the criminal DNA databases run by the government and then there's private or consumer DNA databases.'
These government-held databases, including the FBI's Combined DNA Index System (CODIS), have exploded in size in recent years.
'The criminal DNA databases,' Lynch explained, 'in general, it's almost every person convicted of a felony in the United States and many — if not most — arrestees.'
Worse, the rules around whose DNA is stored varies widely state by state.
Since 2009, for example, California has authorized the extraction and permanent cataloguing of DNA from even innocent people who had simply been arrested on suspicion of crimes as minor as shoplifting or bouncing a bad check.
'In California,' as the American Civil Liberties Union noted in a their report on the issue, '30 percent of individuals arrested for a felony are never convicted.'
'The low level of proof required to make an arrest,' ACLU wrote of the millions added to state databases and from there CODIS, 'means that allowing DNA collection immediately after arrest will lead to large databases full of innocent people.'
'At the local level, there are criminal DNA databases that may collect DNA from people who have been arrested for a misdemeanor,' Lynch added.
Innocent people who were never arrested, but the victims of a crime can become tracked and catalogued too, she noted, like 'a rape survivor' who 'may have provided their DNA to the cops.'
Of particular concern, as Lynch has litigated successfully in court, are the proven cases in which DNA evidence at a crime scene has falsely identified a suspect.
This issue has been more common as more sensitive DNA techniques have allowed forensic investigators to extract a DNA sample from even smaller and more trace amounts of biological than ever before.
Lynch cited the case of a San Jose, California man, who spent five months in jail falsely accused of murder charges, after a database found his DNA at the scene of a brutal home invasion in Santa Clara County.
'Finally his public defender realized that there's no way he could have committed the murder,' Lynch said, 'because he was highly intoxicated that night and had been taken to a local medical facility.'
'So what they ultimately think happened is that the paramedic that took him to the medical facility was the same person who later was called to the scene of the murder and [accidentally] transferred the suspect's DNA to the murder victim.'
'That is not unusual at all, unfortunately,' Lynch said.
The head of the FBI's Pittsburgh office, Rojek, told reporters the FBI had not found a motive for what he described as 'an assassination attempt on our former president.'
Rojek also noted that law enforcement was looking 'very intently' to see if Crooks had been on their radar before the shooting.
According to Pennsylvania public court records, Crooks had no criminal history — leaving state and federal investigators with even less data to make a positive ID.
Lynch suspects that less glamorous and less impressive methods than a sprawling DNA database may have played the decisive role in identifying Crooks.
'Pennsylvania has face recognition for their driver's license database,' Lynch told DailyMail.com, 'most driver's license databases do.'
'So perhaps, police could run a photograph of the guy against the driver's license database and identify him,' she speculated, though she noted other options existed.
Crooks was employed as a dietary aide at the Bethel Park Skilled Nursing and Rehabilitation, where his boss told reporters he had passed a background check.
'Thomas Matthew Crooks performed his job without concern and his background check was clean,' the nursing home's administrator, Marcie Grimm, said in a statement. 'We are shocked and saddened to learn of his involvement.'
According to Lynch, the background check would have included routine fingerprinting that could have helped match prints on the rifle Crooks used to fire at Trump.
'A lot of people have fingerprints in databases that are accessible to the government,' she noted. 'It's kind of like an unsexy way to identify people.'
Additionally, Crooks had shot at Trump, damaging his ear, with an AR-style rifle that his father had purchased legally — which, along with the address on the registration for the shooter's vehicle, may have led to a direct DNA match at the Crooks home.
Lynch opined that the FBI's reference to running the suspects 'DNA' might have been part of a Bureau effort to appear like all-seeing, omniscient crime-stoppers: 'Sometimes I worry that law enforcement is just trying to scare us,' she said.
'And there's certainly a lot of scary surveillance and technology out there,' she added, 'and ways for the police to identify us.'
This May, researchers at Georgetown Law reported that the US Department of Homeland Security (DHS) 'misleads and intimidates people to collect their DNA.'
DHS via its customs and border patrol agents have, in fact, spent years genetically cataloging immigrants and refugees held within US detention centers.
According to the US Government Accountability Office, the program has fed 'nearly 1 million DNA samples' into the FBI's CODIS database between 2020 and 2022.
'It's definitely being aggressively done,' Lynch said. 'But it's not quite as coordinated yet [...] It's not like we have a database of all refugees and asylum-seekers' DNA.'
She outlined one, not uncommon scenario, for how these DNA databases can be unintentionally misused: 'The risk is that I could handle a knife and hand it to you, and then you hand it to another person. And you're the one who commits the crime with it before you hand off the knife.'
'It could be that none of your DNA is on that knife,' Lynch said, 'but all of mine is.'
'There's lots of examples of that,' she said.