MENUMENU

Prosecutors are sending people to jail with software evidence that no one can double-check

Software makers want to protect their trade secrets. Defense attorneys want to protect their clients’ lives.

Software composed of 170,000 lines of computer code can decide whether someone goes to prison, but surprisingly few people are allowed to review that code.

Prosecutors in more than 200 criminal cases across the United States, including murder and rape trials, have used the TrueAllele DNA-testing software to secure convictions, but defense attorneys cannot look at the software’s code. Courts have sanctioned the secrecy surrounding the program in order to protect the profits of Cybergenetics, its creator.

TrueAllele’s secrecy is in the spotlight again following the major role the software played in an ongoing California murder trial.

The defendant, a convicted sex offender named Martell Chubbs, was arrested for a 1977 murder when police investigating cold cases matched his DNA to evidence from the crime scene. Chubbs pled not guilty.

One forensics company concluded that the DNA profile in question appeared in one in 10,000 African Americans. TrueAllele went much further, saying the match was “1.62 quintillion times more probable than a coincidental match to an unrelated Black person.”

When Ars Technica interviewed Chubbs’ lawyer, Angelyn Gates, she argued that the enormous disparity showed why transparency was necessary.

Courts have so far denied Gates’ attempts to read TrueAllele’s code. They have sided with Cybergenetics, which argued that the “highly competitive commercial environment” meant that the code could not be released. The case even reached the California Supreme Court.

An independent review of TrueAllele’s code is possible without making it the public. “They also could get the coded audited by [an] independent [third] party behind a non-disclosure of trade secrets,” one critic of Cybergenetics wrote on Reddit. “They don’t need to go open source, but they also can’t keep it a secret given the nature of [its] use.”

Code review isn’t just a matter of principle. There are real concerns that DNA-analyzing software can make mistakes—mistakes that can send people to prison for a long time.

“Coding errors have been found to alter DNA likelihood ratios by a factor of 10, causing prosecutors in Australia to replace 24 expert witness statements in criminal cases,” Rebecca Wexler, a visiting scholar at the Berkeley School of Law’s Human Rights Center, wrote for in Slate. “When defense experts identified a bug in breathalyzer software, the Minnesota Supreme Court barred the affected test from evidence in all future trials. Three of the state’s highest justices argued to admit evidence of additional alleged code defects so that defendants could challenge the credibility of future tests.”

Wexler argued that the lack of transparency equated to unconstitutionally denying defendants their right to cross-examine evidence, a key safeguard against error and fraud.

Cybergenetics did not respond to a request for comment.

H/T Ars Technica | Photo via steakpinball/Flickr (CC BY 2.0)

Patrick Howell O'Neill

Patrick Howell O'Neill

Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.