Open-source genealogy websites are being used to track down murder suspects, and questions are being raised on where the line should be drawn between the right to privacy and the need to protect the public.

In April of 2018, the Golden State Killer was caught after detectives used the DNA of the suspect's relatives to track him down. The genetic information had been shared on a public DNA website by distant cousins, which investigators were able to match to DNA found at various crime scenes.

Paul Holes, an individual who worked on the case, explained the painstaking work involved with using open-source DNA to solve open murders.

"That is a huge undertaking. It took us four months of genealogy work to eventually find the two top people that fit our offender's profile. It's not something you're going to do on a burglary or a petty theft. It is going to be on your major, major homicide cases because it is so manpower-intensive.

It is tough, tough work."

And while catching a serial killer is certainly a noble cause, concerns are arising over the lack of protections and limits on such personal data.

"We all want a serial killer caught," genealogist CeCe Moore told Bloomberg last week. "But what other applications could it be used for that maybe we would not be so in favor of?"

Jennifer Lynch, a senior attorney with Electronic Frontier Foundation, also told Bloomberg that there need to be protections on how personal genetic data can be accessed and used by law enforcement.

"Criminal court cases thus far have treated DNA data like a fingerprint. There are no meaningful protections. And we need them."

The American Civil Liberties Union has also weighed in on this issue, warning companies that collect DNA information from the public that their customers' data cannot be used in criminal investigations.

"All of these companies should make clear that the genetic material they collect from users is not available to serve as legal proof and that law enforcement cannot use their services to test prisoners and arrested individuals or to conduct investigations," wrote the ACLU's Vera Eidelman in an op-ed in the Washington Post. "Otherwise, the public may have to choose between accessing the benefits of genetic science and maintaining its privacy rights."

23andMe has said that it does not voluntarily share genetic data with law enforcement and that the company has "successfully challenged" requests for data from law enforcement.

"We treat law enforcement inquiries, such as a valid subpoena or court order, very seriously," 23andMe Inc.'s privacy chief, Kate Black, said in an interview. "23andMe policies prohibit our voluntary cooperation with law enforcement in order to protect our customers' privacy. To date, we have successfully challenged the law enforcement requests we've received."

Online genetic databases are also subject to hacking. "Israel-based MyHeritage said last week that 92 million accounts were compromised," reported Bloomberg.