Accessing third-party research databases for criminal investigations: Enhancing legal protections and safeguarding public interests

TraceTogether and legislative responses

In March 2020, the TraceTogether App was introduced in Singapore for contact tracing to mitigate the spread of COVID-19. Despite assurances from the government that the App would collect data solely for the purpose of contact tracing, the Ministry of Home Affairs revealed to the Parliament in December 2020 that the Singapore Police Force had accessed the data for a murder investigation. The murder occurred in May 2020 where a jogger was fatally stabbed in Punggol Field. ³⁶ Because the incident had attracted much public attention, police investigators wanted to make an arrest promptly. However, the TraceTogether data were ultimately unhelpful as the suspect had not installed the App onto his phone. ³⁷ The revelation nonetheless prompted public debate and raised concerns about police powers to access data being collected for public health purposes. ³⁸ The public response suggests that many in Singapore were unaware that the TraceTogether data could or would be accessed. ³⁹ Concerns were raised in relation to data privacy, confidentiality, and the potential for police misuse and misidentification in criminal investigations. ⁴⁰ The public who came to learn about the incident criticised the government for not being upfront about these possible uses of the TraceTogether data and called for more transparency around how they will be used and the safeguards that are in place to minimise misuse. ⁴¹

The public response highlighted potential tensions between protecting the privacy of individuals and public safety. To balance both interests, the Parliament of Singapore swiftly passed the COVID-19 (Temporary Measures) (Amendment) Act 2021 (‘Act’) on 2 February 2021 to limit law enforcement’s use of the TraceTogether data to only very serious offences. ⁴² Schedule 7 of the Act lists seven types of offences that are considered as serious offences for the purpose of the law:

Section 82(2) of the Act only permits the disclosure of or access to any personal contact tracing data for investigations involving specified offences under Schedule 7. Furthermore, Section 82(4) stipulates that if police officers or law enforcement agencies request access to personal contact tracing information, individuals are not bound to comply with such requests as they are contrary to Section 82(2). Police officers who failed to comply with the law restricting access to information under Section 82(4) are subject to a penalty of fine or imprisonment or both. ⁴³

In specifying that TraceTogether data could only be accessed in assisting investigations of serious offences within Schedule 7 of the Act, the government has attempted to balance the need for law enforcement agencies to access available data sources to facilitate their investigations while being mindful of the potential intrusiveness of such access to individuals. Although the Act seemed to resolve some potential concerns regarding the limits of authorities in accessing personal contact tracing data, ⁴⁴ it raises other concerns, such as the possibility of widening the list of offences that may be considered as serious in the existing Schedule. This could result in access for a wider range of criminal investigations, and potentially affecting a wider pool of ‘suspects’. The TraceTogether controversy suggests the need to broadly align data access practices with public expectations. ⁴⁵ The incident similarly highlighted the uncertainty of the boundaries constituting public interest and what constitutes serious crimes.

Following the TraceTogether data episode, the Parliament of Singapore introduced amendments to relevant laws governing police authority and their scope of power in criminal investigations. The Registration of Criminals (Amendment) Act 2022 (‘RCAA’) empowers police to collect DNA information from any data source and widen the use of DNA information for criminal investigations. This legislation has important implications to current and future third-party research databases containing DNA information regarding police access. The new law does not address the types of DNA databases, but only in relation to the types of crimes for which DNA samples can be collected from individuals and retained for criminal investigations. Due to the growth in research and commercial databases containing DNA samples, these DNA databases may be affected in the interest of resolving criminal investigations. While the powers of law enforcement agencies to access personal contact tracing data for criminal investigations are limited, arising from the TraceTogether incident, the legislative changes to RCAA signals a potential broadening of access powers to other data sources, which may include research databases that collect and store genetic information. It is thus essential to establish permissible access boundaries. The legal changes and implications are explored further in Section 4 Part B below. Further considerations regarding limitations of third-party databases warrant a rethink about its reliance for criminal investigations. We now turn to consider these limitations.

Ethical issues with DNA profiling for crime investigations

The DNA expansion programme in the United Kingdom since 1995 and the identification of the Golden State Killer through genetic genealogy in the United States have re-ignited debates on law enforcement agencies accessing third-party/commercial DNA databases. ⁵⁴ Key ethical issues include errors in DNA testing resulting in wrongful convictions ⁵⁵ and privacy intrusion. ⁵⁶ When an insufficient quantity of and/or degraded DNA samples are tested, false identifications may occur, ⁶³ increasing risks of harm (e.g.: psychological, reputational, financial) and loss of liberty to innocent individuals. ⁵⁷ In the United States, over 3,200 wrongful convictions have occurred since 1989 and of these, 52% resulted from unvalidated or improper forensic evidence. ⁵⁸ In addition, the database includes individuals whose convictions were overturned following DNA evidence.

Samples used for DNA profiling may reveal much more information and identify the family members of those who are tested. In the search for the Golden State Killer, the US police partnered with a private lab to conduct familial genetic searches and assessed genetic data of individuals who were not suspects of the crime. Substantial concerns about privacy were voiced about the way the police accessed data which led to stricter policy measures on familial searches in some states. Other concerns were raised about risks of employment or insurance discrimination through re-identification of genetic data. ⁵⁹ Although it has been argued that such risks are insignificant, ⁶⁰ there has been considerable public opinion that there are risks associated with genetics regardless of evidence and existing protections. ⁶¹ However, it is postulated that appropriately rigorous data security measures that commensurate with the highly personal and sensitive nature of DNA information could minimise harm to people who have donated their DNA samples. This is because rigorous data security that is applied to DNA databases can reduce opportunities for unauthorised access and use and provide clear audit trails regarding access. This approach provides an assurance that safeguards relating to proper processes and procedures are followed where access is granted to these databases. Consequently, any potential harm to individuals arising from unauthorised access can be reduced. Policymakers should also reassure the public about the safeguards that are put in place to protect their data. While aiming to strike a balance may be a delicate task, it is necessary to maintain the social licence to use donated DNA information in third-party research databases. Meanwhile, concerns about privacy intrusion in the United Kingdom were addressed by its Protection of Freedoms Act in 2012 which aimed to rectify the imbalance between protecting public safety and personal right to privacy. This move has led to the removal of more than a million DNA profiles of adults and children from the NDNAD. ⁶² These ethical concerns will apply to the expansion of DNA databases and widening of police powers in accessing these databases for criminal investigations. It is thus important that these expansions are accepted by the public before the occurrence of adverse implications. ⁶³

A scoping review of public opinion in Europe and the United States on forensic DNA testing in criminal investigations showed potential benefits in crime solving and concerns over improper access and risks to privacy rights. ⁶⁴ The review revealed greater concerns regarding stigmatisation risks among younger participants. While the concern about existing disproportionate inclusion of certain racial/ethnic groups in forensic DNA databases may be less valid in genealogy databases, it may potentially become a societal issue with increasing use of genealogy databases in crime fighting. The review further showed that persons of European ethnicity were more likely to be knowledgeable about forensic DNA databases and reported greater trust in DNA use compared to other ethnic groups, while legal professionals were reportedly more likely to accept DNA databases as crime-fighting tools. This latter group did not regard DNA databases as intruding privacy and favoured long retention periods for convicted offenders’ DNA profiles. This may be attributed to varying levels of stigmatisation experienced by different groups in the review. The study highlighted that public attitudes towards forensic DNA testing are dependent on cultural contexts and associated with levels of public trust and views about the justice system. Discrepancies in knowledge and trust as well as how legal professionals view privacy intrusion underscore societal differences, which calls for a greater understanding of the nuances that exist which affect peoples’ views regarding the use of their personal DNA information.

In terms of attitudes towards laws governing forensic DNA testing, the review reported a range of considerations, from DNA sample retention and removal periods to inclusion criteria, availability of data protection, cross-border DNA data exchange regimes and governance of forensic DNA phenotyping and familial searching. Other studies showed that public support for police access to commercial DNA databases differ based on the types of crime, with greater public support for severe crimes such as murder and sexual assault. ⁶⁵ This finding emphasised the importance of implementing policies that are socially and politically representative of the users’ interests in relation to participants’ informed consent and the powers of police investigations in accessing these DNA databases. ⁶⁶ Due to the limited evidence supporting the effectiveness of DNA evidence in solving crimes, ⁶⁷ a study proposed a trade-off could involve restricting police access to commercial DNA databases to only serious crimes. This approach aims to alleviate public apprehensions regarding privacy risks and genetic discrimination.

In GEDmatch, when the public were informed about police accessing its database and users were given the option to opt out of police access, approximately 90% of the users opted out. ⁶⁸ Although this has significantly reduced the amount of data available for police use, it showed that the public were very mindful of how their personal data are used by law enforcement officers. This can be viewed as a potential drawback to informing the public about the use in advance. It is, however, unclear if Singaporeans would respond in a similar way to GEDmatch users. Based on the public response from the TraceTogether episode, it could be inferred that they would hesitate to permit access to their DNA information except with prior notification. Nevertheless, it remains questionable if they would opt out of police access for criminal investigations.

Broader ethical implications affecting relatives from using DNA information should be included in investigative genetic genealogy practices. ⁶⁹ Researchers in Portugal found that while the study participants were generally willing to contribute to a national forensic database for crime-solving, they were concerned about risks to human rights protections arising from the absence of control and insufficient regulatory frameworks protecting their interests. ⁷⁰ These attitudinal data underscored the importance of demonstrating public interest in exercising access powers by law enforcement agencies.

RCAA: legal changes, considerations, and implications

The police power to search is not new. These powers could be enhanced or curtailed through legislation or judicial decisions. In the United Kingdom, DNA samples are taken and retained under the Police and Criminal Evidence Act 1984, with further powers under the Criminal Justice Act 2003. The NDNAD was established under the Criminal Justice and Public Order Act 1994 that provides for the collection and retention of DNA samples for criminal investigations. The broadening of police authority to collect and retain DNA information became the subject of legal challenge, resulting in the removal of acquitted offenders’ DNA profile. ⁷¹

In the context of Singapore, the Criminal Procedure Code 2010 (‘CPC’) empowers police officers or authorised persons to order the production of, or access to documents or other things (which could include computer servers) considered necessary or desirable for any investigations. ⁷² An authorised person under the CPC refers to a person who is authorised by the Commissioner of Police, or officers under any prescribed law enforcement agencies. ⁷³ This suggests that individuals who may not necessarily be police officers could have similar powers to access data if they are authorised to do so. In terms of police powers to access any data for criminal investigations ⁷⁴ under the CPC, there are limitations, for example, they could access computer data and decrypted information for the purpose of investigating arrestable offences (i.e.: offences where the police can arrest without warrants such as criminal conspiracy, offences against the state or public peace, health and safety and decency). It is unclear whether these data include DNA information under the CPC. A broad interpretation could mean that in the context of third-party research databases, the information which is stored in computer servers could be subject to access or disclosure order where law enforcement agencies deem necessary or desirable for arrestable offences pursuant to Section 39(1). We now turn to an examination of the legal changes introduced by RCAA.

The Registration of Criminal Act, which was enacted in 1949 was recently amended to authorise law enforcement agencies to collect and store DNA information or other individually identifying information ⁷⁵ from a wider pool of people than the pool of currently permitted individuals. The RCAA was first tabled in the Parliament on 1 August 2022 and read a second time on 12 September 2022. It came into force on 12 June 2023. Among the range of changes that are introduced under RCAA, the key legal changes are the broadening of the types of individuals who may be approached to provide their DNA information and identifying information such as fingerprints and photographs and the scope of offences that are not limited to registrable crimes (i.e. eligible crimes). This approach is aimed at swifter identification of suspects who reoffend. Data can be collected from a range of individuals, where previously it was limited to those who were arrested, convicted or detained. Law enforcement agencies can now collect information from individuals who are not suspects to any investigations, known as volunteers under Sections 14 and 23 of RCAA. Following the new provision for volunteers to provide their DNA information, there are procedural safeguards where their consent must be obtained and they will be informed about the purpose of the collection and how their data are used, with the opportunity to request for this information to be removed and which must be granted. The registrar must remove volunteers DNA information upon their application. On the contrary, Section 27 of RCAA now stipulates that it is an offence for those arrested, convicted, imprisoned or those charged under the Internal Security Act 1960 to refuse to give body samples without reasonable excuse, whereas previously only an adverse inference could be made against such refusals. Furthermore, DNA officers can use reasonable force to take the samples such as blood, head of hair or roots and mouth swab or others in the event of refusal (Section 25). However, such force cannot be used for collecting invasive samples (samples taken by invasive procedures).

DNA and identifying information can now be collected for eligible crimes (non-registrable i.e. crimes that do not attract criminal records, but offenders are subject to imprisonment and the offences are not compoundable except for specific offences e.g.: voluntarily causing hurt and affray). ⁷⁶ An aspect that remains unchanged is the non-collection of DNA information for minor offences. A significant implication arising from the widening of the pool of individuals from whom their DNA information can be collected is the possibility of further access to genomic information which was previously unavailable.

Another legal change is the creation of new identification databases where identifying and DNA information collected under registrable and eligible crimes, volunteers and those arrested under the Internal Security Act (1960) must be recorded in the database. ⁷⁷ Identifying information is defined as descriptions of individuals (including sex, age, bodily appearance, and height), documents containing information identifying the individual, fingerprints, names, or photographs. ⁷⁸ Pursuant to the authority to establish new identification databases, new classifications were introduced to the types of crimes referenced in the CPC, for example, serious crimes are designated as registrable crimes, non-registrable crimes are renamed as eligible crimes, and the last category is minor offences (non-serious crimes). DNA data can be collected by DNA officers for registrable and eligible crimes, while no data can be collected from those who commit minor offences such as making illegal U-turns, creating nuisance, or breaching Covid-19 rules. Consistent with the establishment and recording of identification databases, RCAA introduced new processes for the removal of DNA and identifying information from the databases and statutory safeguards aimed at strengthening the protection for recorded DNA and identifying information.

Another important legal change under RCAA is the expansion of the purpose for which collected DNA information can be used. For instance, collected DNA can now be used for purposes beyond criminal investigation such as death investigations, identifying deceased, and identification of individuals for the purpose of assisting them. ⁷⁹ The information could also be used to enable comparisons to be made between information in databases administered under the Criminal Law (Temporary Provisions) Act 1955, Intoxicating Substances Act 1987 and Misuse of Drugs Act 1973. In contrast to the COVID-19 (Temporary Measures) (Amendment) Act 2021, police powers are significantly enhanced under the RCAA, as data could be collected without being strictly limited to serious (registrable) offences only. The power to compare and potentially share DNA information in the database with other law enforcement agencies’ existing database means that a richer pool of DNA information could emerge, affecting a wider range of individuals.

The legal implications to the people whose DNA information is collected and stored in third-party research databases could be substantial, as the RCAA affects other related legislation, such as the Employment of Foreign Manpower Act 1990, the Immigration Act 1959, the Internal Security Act 1960, the Intoxicating Substances Act 1987, the Misuse of Drugs Act 1973, the National Registration Act 1965, the Passports Act 2007 and the Police Force Act 2004. ⁸⁰ For example, a law enforcement agency implementing the Misuse of Drugs Act 1973, such as the Central Narcotics Bureau officers who are empowered to arrest and investigate, could potentially request access to these databases to identify suspects who may be implicated in their investigations. Similarly, any Immigration and Checkpoints Authority (ICA) officers or Commercial Affairs Department officers enforcing the respective laws may be able to request access to this information to assist in their investigations. Relatedly, Singapore’s ICA administers biometric information (e.g.: fingerprints, iris data) of Singaporeans and residents as part of border control. These biometric details are managed in accordance with the National Registration Act 1965 (NRA). The NRA specifically provides that police officers are not prevented from exercising their authorities under the CPC and other relevant laws. ⁸¹ This signalled that law enforcement agencies are able to use biometric information stored in the database for their investigations if required. It may also be possible to infer that fingerprints or facial data used by mobile phone apps could be accessed for cross referencing of information to confirm or deny potential suspects.

While it appears that these enhanced powers in collecting, storing, and using DNA information is extensive, one of the proposed safeguards is the possibility to request for the removal of identifying or DNA information from the register, identification and DNA databases. However, requests for removals are subject to specific grounds such as for the purposes of assisting in investigations, ongoing prosecutions or in the security interests of Singapore. ⁸² In addition, an individual whose identifying or DNA information is held in the database could appeal against the Registrar’s determination to maintain the information. ⁸³

Despite the option to appeal against the retention of DNA or identifying information, retaining information on the ground of national security is rather broad and open to interpretation. Future cases could shed light on the efficacy of this safeguard. The issue of DNA sample retention has been considered in the United Kingdom. For example, the European Court of Human Rights (ECHR) has determined that retaining DNA information widely is disproportionate to the freedom to private life. ⁸⁴ This judicial decision led to the introduction of the Protection of Freedoms Act 2012 that limited the period of retention of samples contained in the NDNAD. ⁸⁵ A review of the Protection of Freedoms Act 2012 revealed an improvement in privacy protection of individuals despite some risks to future criminal investigations. ⁸⁶ The Investigatory Powers Act 2016 (United Kingdom) and the EU Law Enforcement Directive similarly provide for law enforcement agencies to access personal data for limited purpose only in view of considerations for privacy and protection of personal information. However, studies have shown that there remain challenges in implementation, particularly in balancing privacy interests and protecting public safety. ⁸⁷ The following sections outline the argument for limiting access to third-party databases to serious crimes investigations and the advantages and drawbacks of this approach.

Tiered access to serious (registrable) and eligible crimes investigations

The RCAA represented an approach to protecting public safety by increasing the capability of law enforcement agencies in collecting and potentially accessing a wide range of data sources to facilitate police investigations. The authority to maintain their own identifying and DNA information databases implies that relevant data in third-party research databases could also be duplicated in these databases and used for purposes that are deemed necessary or desirable in the administration of justice. The decisions of the ECHR highlighted above emphasised the significance of considering other competing interests such as privacy protection, proper collection, use and maintenance of identifying and DNA information, and ensuring the legal and ethical use of these data by law enforcement agencies.

In achieving the aims of protecting public safety through efficient criminal investigations while safeguarding privacy interests and ensuring the sustainability of third-party research databases, access to third-party databases should be tiered for serious (registrable) and eligible offences. Tiered access means that law enforcement agencies can request access to third-party research/DNA databases for criminal investigations according to the categories of crimes outlined in RCAA. There are valid reasons for preferring this approach. The restrictions to serious crimes under the Covid-19 Act exemplified the necessity of using potentially sensitive personal information for the purpose of resolving serious crimes. While it could be argued that the Act was created for the purpose of contact tracing rather than criminal investigations, the gravity of serious crimes justifies access. Under the RCAA, registrable crimes are considered serious crimes, which are broader in scope compared to the seven types of crimes under the Covid-19 Act. Offences such as rioting, robbery and criminal intimidation are examples of serious (registrable) crimes. It is justifiable to collect DNA information and to allow access to third-party DNA databases owing to the gravity of the crimes. There should not be undue delay in serious crime investigations resulting from the need to request for consent from the participants of third-party databases. Time is of the essence in serious crimes due to risks to victims’ lives and the probability of suspects fleeing before they could be caught. Permitting access to third-party research databases for serious (registrable) crimes without requiring consent not only supports public interest protection, but it also goes further in resolving existing concerns with offering options for individuals to opt-out of permitting access to databases containing their genomic or DNA information, or obtaining informed consent, ultimately enabling law enforcement agencies to efficiently fulfil their roles. Advance notification is essential to support access. The lessons from the public responses in the TraceTogether incident suggest that prior notification of such access is preferable and more likely to be accepted by the Singapore public.

Permitting access to third-party DNA databases for eligible crimes similar to registrable crimes, however, may be subject to questions. Offences that fall within eligible crimes are punishable by jail and cannot be compounded, such as causing mischief, affray, or obstructing public servants from discharging their duties. These offences, under the new provisions, are subject to DNA collection and potential access. The amendments appeared to indicate that while these offences are not as grave compared to registrable crimes, they appeared to be treated as similar to registrable crimes. It is suggested that for eligible crimes, a court authorisation should be required before access is granted. This approach is justifiable for two reasons. First, it distinguishes the seriousness of registrable crimes from eligible crimes. This distinction is significant in reflecting the gravity of crimes in these two categories that permits immediate access to databases for serious (registrable) crimes. Second, it promotes the protection of public interest in protecting public safety and safeguards the administration of third-party databases from automatic access as these databases, unlike forensic databases, are not established for criminal investigations purposes.

This approach is consistent with international practices. For example, in stressing the importance of public interest vis-à-vis police access to new-born screening cards, the Australian Law Reform Commission and the Australian Health Ethics Committee advocated for compliance with legislative safeguards that require law enforcement agencies to collect DNA information via consent or court order. ⁸⁸ Furthermore, some scholars have argued that a universal forensic DNA database is likely to disproportionately interfere with an individual’s right to respect for private life under EU laws, however, with appropriate safeguards there could be potential for its use. ⁸⁹ The author rightly noted that ‘While a universal database will definitely assist the police and prosecutors in limiting the scope of their investigations, they should gather other supporting evidence if they want to’. ⁹⁰

It is important to recognise the different purposes for which DNA databases are established. Even in cases where DNA databases are established for the purpose of forensic investigations, there is no consensus as to its acceptability of use. It would be unsurprising if there were more resistance to law enforcement agencies accessing third-party DNA databases that are built specifically for non-forensic investigations, such as clinical and research databases, direct-to-consumer DNA testing databases and genealogy ancestry tracing services. The recommendations for the destruction of DNA information of volunteers who assisted in investigations and the protection from self-incrimination when providing DNA information ⁹¹ are important considerations to adopt with the widening of police powers in accessing DNA databases. The recommendation provides an essential safeguard for volunteers who have donated their DNA information in limiting the use of their information to specific situations, such as identifying missing or deceased relatives and not for the purpose of investigating past crimes. Furthermore, it is right to support the idea that law enforcement agencies ‘should not have the legal right to access all types of DNA databases collected for other purposes’ ⁹² except in circumstances where there is reasonable suspicion of crimes being committed.

Tiered access is consistent with the basic safeguarding of privacy interests, balancing public interest based on the severity of the crimes and the necessity of facilitating criminal investigations that commensurate with the impact of registrable and eligible crimes on society. It reflects considerations of public interest in pursuing swift resolutions of criminal investigations and in protecting and maintaining the social licence in the continuity of research databases. The proposed tiered access for registrable and eligible crimes and minor offences is aimed at providing commensurate levels of safeguards to address concerns surrounding propriety of access in the event access requests are made by law enforcement agencies. The recommendations advocated in this paper bridge the gap left open by potential request access to third-party research databases that are not expressed or included in the law. It provides a clearer demarcation of the types of protective safeguards for different categories of crime. The following section considers the notion of public interest through protecting public safety and how tiering access to serious (registrable) and eligible crimes offers a justifiable boundary to the broadening of access powers.

Protecting public safety as a public interest with public support

Research databases containing DNA information has the potential to benefit the population from healthcare improvements perspectives. It could also be a useful source of information for maintaining population safety. There is an expectation of privacy for people who have donated their DNA data that their information would not be accessed by third parties except for the agreed purposes or with their permission, as shown by the GEDmatch incident, and Ancestry.com’s resistance to grant access to law enforcement agencies except with court orders. The two interests in protecting public safety and safeguarding individual privacy need not necessarily be in conflict. ⁹³ As public interest appeals to the needs of the public, public opinion and values are crucial for conceptualisation of public interest. ⁹⁴ This approach could generate public trust and support in the continuity of, and public participation in research. Similarly, public trust in and support for police powers could be strengthened or weakened in the light of how these powers are exercised.

The meaning of public interest is influenced by social and political arrangements and interpreted accordingly. ⁹⁵ Examples include regulating genetically modified food and public health and safety in permitting the building of public infrastructure and utilities in preserved areas. Public interest in the context of granting consent waivers ⁹⁶ considers the interests of affected individuals and groups with diverse values, commitments and circumstances, as well as their welfare, justice and human rights including privacy rights. ⁹⁷ Public interest can sometimes be characterised by public benefit. For example, in data sharing practices, public benefit can be demonstrated through building a social licence. ⁹⁸ In addition, the Public Sector (Governance) Act (PSGA) 2018, ⁹⁹ Data Sharing Direction within PSGA, and the Government Instruction Manual (Data Sharing beyond the Public Sector) ¹⁰⁰ provide some insights into how public benefit is determined in Singapore. However, the PSGA is limited to sharing data in the interest of the Singapore public sector, ranging from promoting Singaporean values, to securing business and economic continuity and ensuring accountable stewardship of Singapore’s public sector finances and resources. The Government Instruction Manual provides some examples of how public interest could be served through data sharing from a broad social, health benefit and safety perspective. ¹⁰¹ These perspectives are exemplified by financial assistance to individuals through workfare income supplement scheme, suppressing infectious diseases, law enforcement, criminal investigation or fraud detection and reviewing policies for emerging areas of concern and national security.

Public benefit is sufficiently broad to include protecting public safety through swift resolutions of criminal investigations. For example, Singapore’s Attorney-General’s Chambers definition of Compelling Public Interests outlines a range of interests that aims to protect public safety and national security. Examples range from conducting law enforcement, crime prevention, to criminal investigation, responding to life, health and safety emergencies and containing public health threats. ¹⁰² Public interest requires that benefits should have sufficient justification that they outweigh the risks. ¹⁰³ Policies to reliably evaluate the public interest criterion should be designed to reflect procedural values such as reflexibility, transparency, reasonableness and accountability. ¹⁰⁴ The range of public interests identified in the examples above are uncontroversial, however the boundaries in which law enforcement agencies can exercise their access powers can be more clearly specified.

A key advantage of tiered access is swifter acquisitions to key information contained in third-party DNA databases. Serious crimes often involve the deprivation of life and liberty, and threats to national security, which are within broadly accepted public interest goods. Police investigations should proceed without undue burdens of obtaining court order or individual consent in so far as third-party databases are concerned. It is plausible that more people are likely to support access for serious crimes investigations. ¹⁰⁵ Serious crimes investigations often generate a collective social ‘agreement’ for swifter resolution of crimes and thus more likely to receive broad population support where access is sought. In this sense, societal commitment to justice is reflected by striving to ensure that serious crimes perpetrators are brought to justice swiftly. This is further supported by current understanding of public interest in Singapore identified in the examples above that are characterised by protecting public safety and deriving benefits from a safe and secure social environment. This approach similarly reflects important procedural values in public policy of reasonableness and accountability.

Another advantage of tiered access is ensuring compliance of access powers that occur within the social licence granted to the administration of justice. The RCAA enables police officers and law enforcement agencies to update their own database when accessing other research databases. This means that there could be a ‘waiting list’ of potential ‘suspects’ comprising relatives who may not even have consented to their use, threatening their interests to be protected from harm. However, where access is tiered for serious (registrable) and eligible crimes investigations, the concern raised above could be minimised. Furthermore, a wide range of complementary investigative tools, such as surveillance cameras in public areas, mobile phone connections and island-wide citizen reporting channels in a highly wired society such as Singapore indicated the availability of other investigative sources. Consequently, requests for access to third-party databases for non-serious crimes could be justifiable where these available resources are exhausted and information in the databases could assist with generating leads. However, current practice requiring court declarations is already the default and taking away this power would require considerable debate.

Furthermore, requiring consent from participants to allow access by police for criminal investigations in third-party databases may not always be feasible. While informed consent is an important first step in alerting potential participants to the possibility of third-party access to their information in addition to the specified purpose (e.g.: familial tracing or clinical research), it may not necessarily be adequate in some circumstances. This arose from the nature of obtaining consent through ‘click-and-accept’ mode in these types of databases, where people do not usually read or comprehend the use policies. Public criticism arising from access being provided to law enforcement agencies by commercial third-party DNA databases, such as FamilyTreeDNA and GEDmatch, have forced these companies to revise their privacy policies to restrict access through customer choice. Despite these measures, law enforcement agencies continue to request access to these databases for their investigations.

Other viable population-type databases, such as the UK Biobank and the 100,000 Genomes Project, could face similar outcomes if access limits are not imposed. In addition, the GEDmatch drawbacks highlighted above, where customers opted out of permitting access to police when given the option to do so could have originated from the reluctance to provide DNA information for all types of criminal investigations. That said, it is unknown if such reluctance would decrease where access is only granted for serious crimes, though given public support for access to databases for serious crimes, this might be the case. Nonetheless, given continued interest in accessing third-party databases, it would be more useful to permit access to serious (registrable) crimes, while for non-serious crimes, access requests should be determined either on a case-by-case basis or subject to court orders. Court orders may be the strongest safeguard available to the participants of third-party databases as law enforcement agencies are required to apply to the courts with justifications as to the reasons for accessing these databases for non-serious (minor) crimes. This approach is preferable to pre-empt blanket access by law enforcement agencies and to reassure participants that their DNA information are primarily used for the purposes for which these databases are established. ¹⁰⁶ An alternative for access request for non-serious crimes investigations is to come to an arrangement with law enforcement agencies outlining the exact purpose and scope of access, instead of relying on existing, standard clauses on informed consent, which are often broadly worded. This approach could eliminate any potential ‘fishing’ expedition by law enforcement agencies for any criminal proceedings or investigations.

Justifiable incursion into privacy interests

When police officers collected a DNA sample from a crime scene and want to access genome sequencing data from research databases to identify a possible match, the match itself would not necessarily be problematic. However, it may lead to identifying relatives that have contributed to the database with similar genetic markers. Almost all privacy legislation (including the GDPR) provides for access to personal data connected with criminal offences. However, Article 10 of the GDPR also requires appropriate safeguards when processing this data. ¹⁰⁷ This layer of protection is likely to prompt support for access within acceptable boundaries that are not unduly intrusive. Consequently, the public would be more likely to be supportive of data sharing to respond to crime and security where appropriate safeguards are in place.

Commercial DNA testing databases are viewed as desirable options for law enforcement agencies due to richer information being available from customers who provided their personal information compared to existing information that are available from police or forensic databases such as CODIS. ¹⁰⁸ The identification of relatives leads to another concern, where, if police were to access these research databases, stigmatisation could occur. ¹⁰⁹ This possibility could not be ruled out because associations with law enforcement agencies usually entail provision of information which could be intrusive in nature and sometimes embarrassing, with the potential to implicate family members or other relatives. This type of familial searching creates opportunities to identify more members of families who share genetic relationships, implicating their involvement with law enforcement investigations and contravening the original purpose for which their DNA information is collected initially. While some types of involvement are necessary, such as police interviewing family members about a suspect’s whereabouts as part of legitimate police investigations, the potential for stigmatisation for family members arises by associated genetic relationships. The grounds for removing any identifying or DNA information from the database under the RCAA, except for requests from volunteers, present further complexities for affected individuals to eradicate that perception, given that the Registrar has the power ultimately to decide if that information could be removed or otherwise. An advantage of a tiered access approach for serious (registrable) and eligible crimes and minor offences is protecting individual privacy to their DNA information in the least intrusive manner. It is postulated that people will be more likely to accept these incursions into their privacy interests owing to the gravity of serious crimes. This would result in less privacy incursion compared to broad access for non-serious crimes investigations. In addition, the proposal for court authorisations where access is sought for eligible crimes demonstrates the state’s commitment to respecting individuals’ informational privacy for information contained in third-party databases.

A further implication is retention of DNA and identifying information on the respective registers and databases which gives rise to questions about the extent of privacy intrusion for affected individuals. The RCAA does not specify any storage period in which stored data could be removed. The only option is for affected individuals to request for its removal. This may create a situation where data stored could be used, or accessed multiple times by law enforcement agencies as the need arises. However, where access is tiered, it would be useful to quickly identify the profiles of repeat offenders while reducing the chances of implicating individuals whose profiles are on the database for non-serious crimes. This is because the latter’s profile could only be accessed under court orders as proposed above.

Finally, data security and cyber security vulnerabilities are important aspects in protecting individual privacy for DNA data stored in electronic systems. The retention of DNA and other personally identifying information in police and forensic databases risks security breaches if no appropriate infrastructure is implemented. Any unauthorised access to these databases risks compromising not only the integrity of the information but could harm profiled individuals and their relatives through disclosures of highly personal information and misuse of their identities. RCAA provides some safeguards in this aspect. It amended Section 49 of its principal law to provide for further rules to be made regarding implementation of security safeguards to protect the information contained in the registers, identification database or DNA database, and any computer system that are used to maintain these records. ¹¹⁰ This statutory protection is aimed at safeguarding data loss, alteration, destruction, and any unauthorised access, disclosure or copying. The Registration of Criminals (DNA Database, Identification Database and Register) Rules 2023 which came into force on 12 June 2023 outlined broad safeguards for DNA, identification and register databases. ¹¹¹ Safeguards include ensuring storage and maintenance of separate back-up databases, surveillance of premises hosting databases through CCTVs, implementation of protocols protecting information in the databases from loss, modifications, destructions or unauthorised access supported by periodic reviews, ensuring that changes to the databases are recorded and secured against intrusion and that databases are inaccessible from the Internet. ¹¹²

An option to address concerns with data security and privacy intrusion arising from vulnerabilities of cyber security for DNA data stored in electronic systems is establishing clear responsibilities at the outset. Those responsible for administering research databases have assumed the duty to protect the safety and security of the data. If they are to facilitate any access arrangements for law enforcement agencies for non-serious crimes, it is important to clarify the scope of access, including specifying a limited number of authorised persons who could access these data. The provision of privacy assurances as a fundamental criterion for all types of crimes, such as prescribed limits to the scope of access and limits to the number of authorised persons who could access this information and databases demonstrates accountability in using these databases for justifiable but limited purposes. This could be done at the initial stage of establishing the databases in anticipation of potential access, and with advance notification to the users when they signed up as participants. This approach is likely to offer privacy assurances to participants that safeguards are established in protecting their data. For instance, central coordinating authorities could anticipate and build in clear access-and-use agreements for non-serious crimes. In the alternative, they could be empowered to negotiate the terms of access, such as requiring court orders prior to access or giving advance notice to participants. It is similarly crucial to ensure how data access is being conducted where third-party databases are owned or administered by government agencies, as different data management systems apply. For example, in Singapore, data management is governed under a separate legal framework while commercial entities are governed under the PDPA. Intermediary bodies that permit access to law enforcement agencies should be considered if any access agreements apply. As data protection standards may vary according to different entities, the proposed safeguards become more essential than ever.

Criteria and circumstances of access

Third-party research or commercial databases have been used for criminal investigations, particularly in serious crimes where other investigation leads have failed to provide clues or proved to be insufficient. The complete DNA profiles from these databases were sought after to confirm or disprove the suspects’ involvement. Similarly, the information in these databases could be potentially accessed and used more broadly. This article does not object to all access requests by law enforcement agencies; rather it advocates for a balanced approach in accommodating the competing interests outlined above. The proposed tiered access considers the experiences from the Singapore public responses to the use of TraceTogether information by the police force and current research on the use of DNA information across international practices for criminal investigations.

RCAA has clarified the different levels of crimes and broadened the possibility of data collection from individuals by law enforcement agencies. The classification of registrable, eligible and non-serious (minor) crimes is helpful in determining the criteria and circumstances in which non-forensic databases such as research databases containing DNA information could be accessed by law enforcement agencies for criminal investigations. The article has so far outlined justifications for tiered access for serious (registrable), eligible crimes and minor offences to aid the courts in decision-making for eligible and non-serious crimes. These recommendations are underpinned by the recognition of protecting public safety in the public interest, safeguarding privacy interests and enabling the sustainable functioning of third-party research databases that are valuable to clinical research and socially beneficial for familial tracing purposes.

In view of the gravity of serious (registrable) crimes, the law could go further in enabling law enforcement agencies to access potential leads in their investigations, with fundamental privacy assurances in place. This could be achieved by permitting access sans consent for serious (registrable) crimes, and access with court orders for eligible and non-serious crimes (minor offences). An alternative that could be considered is to permit the brokerage of access agreements between law enforcement agencies and third-party databases. Prior public consultation for such access agreements however is essential to gauge public acceptance of this option. For serious (registrable) crimes (i.e. crimes that involve offences against the person or property and where commission of such offences entail criminal records), access to DNA databases, including research databases can be permitted automatically to facilitate swifter investigations by law enforcement agencies from multiple sources to identify the perpetrators. Although this may appear to be unrestricted access, it is not the case as only a court authorisation is dispensed with for requests to access third-party research databases for serious (registrable) crimes. Basic privacy safeguards apply and supported by advance notification to users. Law enforcement agencies are required to demonstrate that access to such databases is limited in scope as opposed to a ‘fishing expedition’ and only limited, designated individuals could access this information and databases. Advance notification of access could be a feasible compromise as it coheres with the need for greater transparency following the TraceTogether experience.

Eligible crimes are non-registrable crimes under RCAA. Examples of such crimes are stalking, making obscene films, or drink driving. Although the offences under this category do not entail criminal records, the commission of such offences is punishable by jail and not compoundable (except for specific compoundable offences). Eligible crimes are considered less serious than registrable (serious) crimes, and therefore should require court authorisation to access research databases containing DNA information. For access requests under this category, an example of a potential circumstance that could permit law enforcement agencies to access research databases is where there are multiple potential suspects and confirmation is needed to eliminate other suspects.

For non-serious crimes or minor offences, no data are collected under RCAA and any request to access non-forensic or third-party research databases should require court authorisation. Law enforcement agencies are required to demonstrate the necessity of accessing these databases, for instance in circumstances where there are no investigative leads at all or where any remaining complementary investigative tools have been exhausted and the information in the database could reasonably generate potential leads. Other potential circumstances include reasonable suspicion of the offender’s potential links to any registrable or eligible crimes that merit further investigation to confirm or eliminate the possibility. Ultimately, access to research databases containing DNA information for the purpose of investigating non-serious crimes should be assessed on a case-by-case basis and supported by court authorisations.

There is also the issue of what the public should be told regarding the differentiated levels of police access. This issue is paradoxically, the more widely this is publicised and known, the less likely it is to be effective. However, respect for citizens requires that the people know how the State operates, and the rules, whatever they are, should be publicised. It should also, ideally, be a requirement of informed consent that participants are informed of these implications of providing DNA. One objection to access to genomic data from health research by legal authorities is that it will reduce participation in valuable research. While such an objection could be raised, they should also be informed that any blood, tissue or other bodily samples used in medicine or clinical purposes can be used for the same purpose. Similarly, the same problem exists for access to genomic and non-genomic biological samples generated during newborn screening. Inevitably, values must be weighed. If the public interest in genomic research (or newborn screening) is greater than the interest in investigation of crime using genomic instruments, perhaps Courts, police and legal authorities ought to be barred from accessing such samples or databases. This is a topic for future discussion.