Coffee and hair styling in Ontario, California

My local area is undergoing a transformation, with a number of new businesses appearing in the area. Oddly enough, I keep on seeing two distinctly different types of businesses appearing here.

Over the last couple of years, a number of coffee shops have opened in downtown Ontario (California, not Canada). I’m unintentionally going to leave many of them off this list, but a few of the new coffee shops include Mestiza Cakehouse and Cafe, Special Needz Coffee (with a second location inside 4th Sector Innovations), and Starbucks.

At the same time, a number of new hair stylists and barber shops have opened in downtown Ontario. Trust me, there’s a bunch of them.

I don’t know if this is public knowledge (it’s been discussed at the Ontario IDEA Exchange and other B2B forums), but downtown Ontario is even on track to have an establishment that combines the two business types. (Of course, a few of you have already figured out who I’m talking about.)

I guess that’s real life.

If you have a business and need to stand out from the crowd:

Also see https://bredemarket.com/bredemarket-2800-medium-writing-service/.

What is a bridge?

A bridge helps you get from one place to another.

By Anneli Salo – Own work, CC BY-SA 3.0, https://commons.wikimedia.org/w/index.php?curid=15716878

Without a bridge, you’re stuck at one place and can’t get to the other place. Or you can try to get to the other place, but you may get very wet.

Businesses need bridges to connect with their customers. When the bridges are erected, the customers understand what the businesses can do for them. If the customers need those particular services, they can buy them.

In two hours, I plan to attend the Ontario (California, not Canada) IDEA Exchange at 4th Sector Innovations.

And if some of the attendees ask, I can explain how Bredemarket can be a bridge.

Stupid tech tricks: no permission to respond to calendar invites? (The UID:X trick)

I use two separate Google calendars: one for Bredemarket, and one for personal non-Bredemarket meetings. I receive meeting invitations on both of these calendars. This usually isn’t a problem.

Usually.

Over the last year, I have accepted a variety of calendar invites from external inviters, including invites to Zoom meetings, invites to Microsoft Teams meetings, invites to Google Meet meetings, and even old-fashioned invites for Plain Old Telephone Service (POTS) calls. (Yes, these still exist.) These have originated from Google-managed domains, Microsoft-managed domains, and other domains.

When you accept a calendar invite, you send a message to the inviter that contains your acceptance of the message, and this acceptance is recorded both on your calendar and on the inviter’s calendar.

Except for the invite that I received yesterday evening.

I was reading email on my mobile phone and received a calendar invite. When Gmail displays calendar invites, it displays them with “Yes,” “Maybe,” and “No” buttons.

Calendar invite, the expurgated version.

So I clicked “Yes” on the invite…and received a message that I didn’t have permission to access to the target calendar.

That seemed odd, but I noticed that there was an “invite.ics” file attached to the invitation. While ics files are designed for Microsoft calendars, they can be imported into Google calendars, so I figured that I’d just import the invite.ics file when I had access to my computer the following morning.

So this morning I imported the invite.ics file…and got the same error stating that I didn’t have permission to access the target calendar.

Curious, I researched and found a solution:

“The solution for this is to manually edit the .ics file prior to importing it and replace all occurrences of “UID:” with “UID:X” (without the quotes). After doing this and saving the file, proceed with the import and all should be fine.”

So I opened up the invite.ics file in Notepad, performed the manual edit, and successfully imported the calendar entry.

As it turns out, the inviter doesn’t usually schedule meetings with people outside of the inviter’s domain, which explains why I was the first person to mention the issue.

While the problem was solved, I had no idea WHY the UID:X trick worked. And I’m not the only one asking this question.

Most of the time when I receive a meeting request in my gmail account, Google Calendar understands exactly what is going on and handles the request pleasantly.

But for some zoom meeting requests originating from one particular client, Google Calendar refuses to admit that it’s a meeting request until I edit the ICS file and insert an “X” after the “UID:” prefix per the suggestion here.

Looking at RFC 5545, it doesn’t look like the “X” is required but it’s not terribly clear.

Does RFC 5545 in any way require that “X” to be there?

As of this morning, no one has answered the question, but I found a comment in a separate thread that appeared to be relevant.

After investigating for a while, it seems adding the “X” is not a permanent solution. The UID is a global identifier, if two events have the same UID in the same calendar there’s a collision. Some calendar services like Outlook (which I use) seem to handle this, while Google and probably many others don’t.

So the mystery continues.

P.S. If you happen across this post and find it helpful, also see my 2009 tip about the spurious “remove probe” error for KitchenAid ovens. (TL;DR: use a blow dryer to remove moisture from the probe hole where the temperature probe is inserted.)

Meta-repurposing

I like to publish “in case you missed it” (ICYMI) posts over the weekend, just in case my Facebook, LinkedIn, or Twitter followers might have missed something that I originally published in the preceding week.

Last weekend I tried something a little different. Now that Bredemarket has been a going concern for over a year, I chose to publish some items that my followers might have missed when I originally published them in the preceding YEAR.

Although there are some parts of 2020 that aren’t fun to revisit.

But this past weekend, I went back to October 2020 for my latest #ICYMI offerings. I want to talk about two of these offerings in particular.

The first #ICYMI item

The first item that I shared last weekend was a Bredemarket blog post from October 17, 2020 entitled “You go back, Jack, do it again” that talked about repurposing content. Here’s a brief excerpt that links to a Neil Patel post.

Why repurpose content?

To reach audiences that you didn’t reach with your original content, and thus amplify your message. (There’s data behind this.)

If you’re a data lover, check the link.

The second ICYMI item

Waylon Jennings promotional picture for RCA, circa 1974. By Waylon_Jennings_RCA.jpg: RCA Records derivative work: GDuwenTell me! – This file was derived from:  Waylon Jennings RCA.jpg:, Public Domain, https://commons.wikimedia.org/w/index.php?curid=17091525

The second item that I shared last weekend was a Bredemarket Spotify podcast episode from the same period entitled “A special episode for Spotify subscribers, with Waylon Jennings’ ‘Do It Again.'” You can probably guess that it was about repurposing content.

To answer a few questions about the podcast:

  • Yes, it was a repurposing of the blog post.
  • Yes, this particular podcast episode was only on Spotify because it included a song sample.
  • Yes, I chose Waylon’s version of the song rather than Steely Dan’s because I like Waylon’s version better.
  • Yes, you have to be on Spotify Premium to hear the whole song, rather than a 30-second snippet. (I’m not on Spotify Premium, so even I haven’t heard the entire podcast as envisioned.)

I don’t really have anything profound to say about repurposing that hasn’t been said already, so treat this as a reminder that you can easily repurpose content on new platforms to reach new readers/listeners.

As I just did.

Again.

Postscripts

For the record, I haven’t created any other Spotify-only podcast episodes with music since that initial one a year ago. So all of the other podcast episodes that I’ve recorded are available on ALL of my platforms, including Anchor.

By the way, there was a third #ICYMI item that I re-shared last weekend on Facebook, LinkedIn, and Twitter. But it didn’t deserve its own re-blog.

(You gotta know when to hold ’em. Yes, that’s Kenny, not Waylon.)

A QR code is not a way of life

For years I have adopted and used the phrase “a tool is not a way of life,” and almost started a blog with that title. I’m glad I didn’t, because…well, because a tool is not a way of life, and who would want to read an entire blog with posts about THAT?

One tool that I have used off and on is the QR code. Years ago, one of my annual corporate goals was to explore how my then-employer could use QR codes; at the time, there wasn’t any pressing need to adopt them.

I have since chosen to adopt QR codes for some of my Bredemarket work, especially in cases where an online reader may need additional information.

For more information about the Bredemarket 2800 Medium Writing Service, scan the QR code above. My content creation process didn’t fit on this brochure.

Of course, I’m not the only one who has adopted QR codes, and dissemination of detailed information isn’t the only reason to use QR codes.

For example, you may want to use QR codes to prevent yourself from dying due to a global pandemic.

And when that particular use case emerged about two years ago, restaurants rushed to adopt it, and vendors of QR code solutions rushed to promote them.

[M]any of these fortune tellers have something to sell. The most recent of these visionaries are those who have declared that QR codes are here to stay. Leaders in the online ordering and pay-by-phone business offer statistics to prove that the technology has been fully embraced and will continue to outlive the pandemic as the norm for restaurants. Operators who have fully leaned into QR code integration celebrate the news, broadcasting to investors that the technological investments and the pivots to less employee-reliant labor models were prudent, if not prescient, moves.

But now that the pandemic is (hopefully) receding, the shakeout (no, not THAT shakeout) is occurring. For some restaurants, ordering and paying with QR codes and other technological devices is a benefit, but for others, it is a detriment.

If your product is an immersive experience—or the facilitation of relationships—QR code usage may turn out to be counterproductive….

At Barcelona Wine Bar, we heard early on the frequent complaints from guests about QR fatigue and pivoted back to paper menus. Sales increased as each of our restaurants returned to in-person service. More importantly, so did guest satisfaction. We have recently returned thick, leather-bound wine lists to our tables for guests to leaf through instead of asking them to do more mindless online scrolling. QR ordering and payment will remain an option out of courtesy to those who feel safer or find it more convenient. However, as hosts, we would much prefer the opportunity for a final check-in and good-bye.

Here is another example of using a tool when it makes sense, and not using it when it doesn’t.

And this doesn’t have to do with “authenticity,” since the Barcelona Wine Bar concept is just as much a manufactured concept as that of Cracker Barrel and Starbucks (which have embraced QR codes and related technologies).

I only have one complaint that applied to both the Barcelona Wine Bar concept AND the Starbucks concept.

If you are an operator who puts little stock in on-site dining, recognize that customers on their phones often do not hear music, notice artwork and architectural details, nor care if the bartender is smiling or not. 

Perhaps there’s a reason why customers do not hear your music.

Perhaps the customers do not like your music.

If a restaurant truly wants to facilitate conversation, turn the danged music off!

Digital identity and…the United Nations Sustainable Development Goals?

Over the last few years, I have approached digital identity(ies) from a particular perspective, concentrating on the different types of digital identities that we have (none of us has a single identity, when you think about it), and the usefulness of these identities for various purposes, including purposes in which the identity of the person must be well established.

I have also noted the wide list of organizations that have expressed an interest in digital identity. Because of pressing digital identity needs, many of these organizations have moved forward with their own digital identity proposals, although now they are devoting more effort to ensure that their individual proposals play well with the proposals of other organizations.

Enter the United Nations (or part of it)

Well, let’s add one more organization to the list of those concerned about digital identity: the United Nations.

Although actually “the United Nations” is in reality a whole bunch of separate organizations that kinda sorta work together under the UN umbrella. But each of these organizations can get some oomph (an international relations diplomatic turn) from trumpeting a UN affiliation.

So let’s look at the Better Than Cash Alliance.

Based at the United Nations, the Better Than Cash Alliance is a partnership of governments, companies, and international organizations that accelerates the transition from cash to responsible digital payments to help achieve the Sustainable Development Goals

Note right off the bat that the Better Than Cash Alliance is not focused on digital identity per se, but digital payments. (Chris Burt of Biometric Update notes this focus.) Of course, digital payments and digital identity are necessarily intertwined, as we will see in a minute.

Enter the Sustainable Development Goals

But more importantly, digital payments themselves are not the ultimate goal of the Better Than Cash Alliance. Digital payments are only a means to an end to realize the United Nations Sustainable Development Goals, issued by a different UN organization.

Because of its primary focus, the Better Than Cash Alliance concentrates on issues that I myself have only studied in passing. For example, I have concentrated on the issues faced by people with no verifiable identity, but have not specifically looked at this from the lens of Sustainable Development Goal number 5, Gender Equality.

Principle 2 of the UN Principles for Responsible Digital Payments (October 2021 revision)

For this post, however, I’m going to focus on the digital identity aspects of the Better Than Cash Alliance and its report, UN Principles for Responsible Digital Payments (PDF), which was just updated this month (October 2021).

One of the key factors outlined in the report is “trust.” Now trust can have a variety of meanings (including trust that the information about my identity will not be used to throw me into a terrorist concentration camp), but for my purposes I want to concentrate on the trust that I, as a digital payments recipient, will receive the payments to which I am entitled.

To that end, the revised principles include items such as “ensure funds are protected and accessible” (principle 2), “champion value chain accountability” (principle 9), and other principles that impact on digital identity.

The introduction to the discussion on principle 2 highlights the problem:

A prerequisite of digital payments is that they match or surpass the
qualities of cash. All users rightly expect their funds to be safe and readily available, but this is not always the case. The causal factors behind this are multiplex.

(“Multiplex”? Yes, this document was written by government committees. Or movie theater owners.)

AMC Ontario Mills. (California, not Canada.) By Coolcaesar – Own work, CC BY-SA 4.0, https://commons.wikimedia.org/w/index.php?curid=104309320

To avoid the multiplexity of these issues, one offered response is to “proactively track and protect against unauthorized transactions, including fraud and mistakes.” This can be done by several methods near and dear to us in identity-land:

Advocate for appropriate security controls to mitigate transaction risks (e.g., biometric security,34 two factor authentication,35 limits on logins or transaction amounts,36 creating “need-to-know” administrative privileges for interacting with client data).

Now most people who read this report aren’t interested in the footnotes. But I am. Here are footnotes 34, 35, and 36 from the document.

34 Examples include the use of biometrics in India’s Aadhaar identification system, and UNHCR’s use of iris technology to distribute cash to refugees in Jordan

35 See EU PSD2 Articles 97–98, Ghana’s Payments Systems and Service Act, 2019 (section 65(1)), and Malawi’s 2019 e-Money regulations (section 17)

36 India Master Direction on Prepaid Payment Instruments, Section 15.3

Of course the report could have cited other examples, such as the use of fingerprints for benefits payments in the United States in the 1990s and 2000s, but I’m sure that falls afoul of some Sustainable Development Goal.

Although it’s harder to criticize a UN entity, such as the aforementioned UNHCR, when it uses biometrics.

Or maybe it isn’t that hard, when you think about Access Now’s criticisms of the UNHCR program.

Refugees should not be required to hand over personal biometric data in exchange for basic needs such as purchasing food, or accessing money. However, iris scan technology supplied by UK-registered company, IrisGuard, is reportedly being used by the World Food Programme (WFP) and the United Nations High Commissioner for Refugees (UNHCR) in refugee camps and urban centers in Jordan.

Based on reports suggesting the absence of meaningful consent, and an opaque privacy policy, Access Now has serious objections to the lack of transparency and privacy safeguards around this precarious tech rollout. 

Wow. Jordan is as bad as Illinois. Maybe Jordan needs a BIPA! Hope their doorbell cameras aren’t a problem…

So while the Better Than Cash Alliance is focusing on other things, it’s at least paying lip service to some of the stronger identity controls that many in the identity industry advocate.

Of course, it’s outside of the scope of the Better Than Cash Alliance to dictate HOW to implement “appropriate security controls.”

But anything that saves the whales AND the plankton (and complies with BIPA) will be met with approval.

Freelancing example from Florida

I’m obviously interested in freelancing stories, so I was intrigued when PBS shared this story from Next Avenue. It’s an update on the story of Joan and Steve Reid, who moved from suburban New York to Vero Beach, Florida on 2019.

Photo by Don Lamson from City of Vero Beach website. https://www.covb.org/gallery.aspx?PID=156

While it’s cast as a “retirement” story (both were 67 in 2019), it’s actually a freelancing story.

Both Joan and Steve had been working part-time in New York (as a librarian and florist, respectively), and they initially planned to get part-time employment (minimum wage, 10 hours a week) when they relocated to Vero Beach.

They’ve given up on that idea. “We looked initially, when we arrived,” Joan explains. “But both of us quickly realized we were square pegs trying to fit into round holes.”

So they turned to freelancing.

Steve, who creates art from found objects and mixed media, sold two pieces of art this year for a total of $350.

From November 2019 to April 2021, Joan worked as a content editor for two local magazines, grossing $800 a month. “This was an incredible boost for us,” she says. She earned $630 in 2019 from freelance writing, editing and teaching, but only $305 in 2020 and zero so far in 2021.

Joan also self-published a book on Amazon, and expects to earn $45 from the book in November.

So they’re not getting rich from freelancing, but luckily have other sources of income including pensions and Social Security (which they began to receive at age 62).

Perhaps they could increase their freelancing income, but they’re retired. And apparently enjoying themselves.

Canada’s IRCC ITQ B7059-180321/B and the biometric proposals chess match

In a competitive bid process, one unshakable truth is that everything you do will be seen by your competitors. This affects what you as a bidder do…and don’t do.

My trip to Hartford for a 30 minute meeting

I saw this in action many years ago when I was the product manager for Motorola’s Omnitrak product (subsequently Printrak BIS, subsequently part of MorphoBIS, subsequently part of MBIS). Connecticut and Rhode Island went out to bid for an two-state automated fingerprint identification system (AFIS). As part of the request for proposal process, the state of Connecticut scheduled a bidders’ conference. This was well before online videoconferencing became popular, so if you wanted to attend this bidders’ conference, you had to physically go to Hartford, Connecticut.

The Mark Twain House in Hartford. For reasons explained in this post, I spent more time here than I did at the bidders’ conference itself. By Makemake, CC BY-SA 3.0, https://commons.wikimedia.org/w/index.php?curid=751488

So I flew from California to Connecticut to attend the conference, and other people from other companies made the trip. That morning I drove from my hotel to the site of the conference (encountering a traffic jam much worse than the usual traffic jams back home), and I and the competitors assembled and waited for the bidders’ conference to begin.

The state representative opened the floor up to questions from bidders.

Silence.

No one asked a question.

We were all eyeing each other, seeing what the other people were going to ask, and none of us were willing to tip our hands by asking a question ourselves.

Eventually one or two minor questions were asked, but the bidders’ conference ended relatively quickly.

There are a number of chess-like tactics related to what bidders do and don’t do during proposals. Perhaps some day I’ll write a Bredemarket Premium post on the topic and spill my secrets.

But for now, let’s just say that all of the bidders successfully kept their thoughts to themselves during that conference. And I got to visit a historical site, so the trip wasn’t a total waste.

And today, it’s refreshing to know that things don’t change.

When the list of interested suppliers appears to be null

Back on September 24, the Government of Canada issued an Invitation to Qualify (B7059-180321/B) for a future facial recognition system for immigration purposes. This was issued some time ago, but I didn’t hear about it until Biometric Update mentioned it this morning.

Now Bredemarket isn’t going to submit a response (even though section 2.3a says that I can), but Bredemarket can obviously help those companies that ARE submitting a response. I have a good idea who the possible players are, but to check things I went to the page of the List of Interested Suppliers to see if there were any interested suppliers that I missed. The facial recognition market is changing rapidly, so I wondered if some new names were popping up.

So what did I see when I visited the List of Interested Suppliers?

An invitation for me to become the FIRST listed interested supplier.

That’s right, NO ONE has publicly expressed interest in this bid.

A screen shot of https://buyandsell.gc.ca/procurement-data/tender-notice/PW-XS-002-39912/list-of-interested-suppliers as of the late morning (Pacific time) on Monday, October 11.

And yes, I also checked the French list; no names there either.

There could be one of three reasons for this:

  1. Potential bidders don’t know about the Invitation to Qualify. This is theoretically possible; after all, Biometric Update didn’t learn about the invitation until two weeks after it was issued.
  2. No one is interested in bidding on a major facial recognition program. Yeah, right.
  3. Multiple companies ARE interested in this bid, but none wants to tip its hand and let competitors know of its interest.

My money is on reason three.

Hey, bidders. I can keep your secret.

As you may have gathered, as of Monday October 11 I am not part of any team responding to this Invitation to Qualify.

If you are a biometric vendor who needs help in composing your response to IRCC ITQ B7059-180321/B before the November 3 due date, or in framing questions (yes, there are chess moves on that also), let me know.

I won’t tell anybody.

Friday thoughts on expungement

The act of looking at something changes it.

fs.blog, The Observer Effect: Seeing Is Changing
By Dhatfield – Own work, CC BY-SA 3.0, https://commons.wikimedia.org/w/index.php?curid=4279886

(I am not a lawyer. I figure that I should say that up front.)

As an automated fingerprint identification system (AFIS) product manager, and in other roles related to AFIS, I have dealt with the concept of expungement.

The American Bar Association (ABA) defines expungement as follows:

In law, “expungement” is the process by which a record of criminal conviction is destroyed or sealed from state or federal record. An expungement order directs the court to treat the criminal conviction as if it had never occurred, essentially removing it from a defendant’s criminal record…

This post looks at various aspects of expungement, including its applicability outside of government (both in the US and in GDPR-land), the difference between sealing and destruction of records, how your (above) average technology product manager deals with expungement, and my huge philosophical question regarding the DOCUMENTING of expungement.

You can’t expunge the public record

Now obviously there are limits to the effects of expungement. If the California court system were to declare that some notorious criminal’s conviction were to be expunged, it would be impossible to treat the conviction “as if it had never occurred,” at least in the public eye. Millions of websites, newspaper and magazine articles, and books would have recorded the conviction for posterity, and it isn’t like you can go from house to house and remove every copy of the relevant People magazine article or New York Post article that mentioned the conviction.

New York Post, “OJ does ‘lard’ time!” https://nypost.com/2013/05/14/oj-does-lard-time/

Well, at least you can’t remove them in my country.

Or maybe you can

It’s a different matter in the countries where the General Data Protection Regulation (GDPR) is in force, where at least the online public record of a conviction CAN be removed. Article 17 of the GDPR (the “right to erasure” or the “right to be forgotten”) says in part:

The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies…

…the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject…

So in this case an expungement order CAN be extended beyond government records.

Or at least to the online search record. In late 2019, Google was ordered to remove record of three 1999 Der Spiegel articles that mentioned a convicted murderer.

But in a 2018 case, web archives did NOT have to remove records of a 1991 murder.

But perhaps there are dark web samizdat records that detail all of these non-forgotten facts, far from the prying eyes of the enforcers in Brussels.

The difference between sealing and destroying a record

Let’s return to government records in the U.S.

Because expungement is (mostly) a state process, the specific details of expungement differ from state to state. As the ABA notes, different states have different definitions of how records should be expunged.

  • The ABA notes that in Kentucky, it is sufficient to seal the record, which means that only certain privileged people can view the record, but the record still exists. (I was unable to independently confirm that this is still the case in Kentucky, but it appears that Arkansas generally only offers sealing, with the exception of juvenile records.)
  • The state of Washington, however, requires all expunged records to be destroyed so that NO ONE can see them. RCW 13.50.270 details how and when records should be destroyed when destruction is required.

How to implement expungement

As an AFIS product manager, I had to think about the consequences of expungement. For a live AFIS, the method for handling this varied.

  • In the cases where it was sufficient to seal a record, the whole process could be handled by role based access control. My products (Omnitrak and Printrak BIS) had long lists of access privileges, and different access privileges could be assigned to different roles. So, for example, the privilege to view a sealed record could be given to a “supervisor” role, but denied to a “trainee” role.
  • In the cases where you actually needed to destroy an expunged record, you would of course handle things differently. Someone whose role had the privilege to delete records would simply go to the record in question, double-check and triple-check to make sure that the right record was selected, ask the system to delete the record, and answer the inevitable “Are you sure?” question to actually delete the record.

Note that the descriptions above apply to a live AFIS. If you REALLY wanted to be thorough about this, you’d need to think about the backups. Any critical system such as an AFIS is backed up on multiple levels, with the backups stored in different areas. So perhaps an underground bunker several hundred miles from the AFIS site might contain a year old backup that may include an expunged record. Something to think about.

How to document expungement

But these concerns paled in comparison to the philosophical one that surrounds any mention of expungement.

Let’s say that I was convicted of burglary, my state allows me to expunge my burglary conviction, and my state is one of the states that requires destruction of expunged records. (For the record, I was never convicted of burglary. But how would you know?)

To start the process, I or my lawyer would have to fill out a form (here’s Illinois’ form) listing the case numbers of the records that I want expunged.

After I (or my lawyer) submitted my request, some process would need to take place to approve the request to expunge.

After that, the records would be expunged in accordance with the relevant state laws.

So far so good.

But what happens next?

From my perspective, I would want to make sure that the records were expunged as I requested. From the state’s perspective, the state would want to ensure that the expungement order was carried out.

But if I file a question with the state that asks whether my burglary conviction was expunged, I am acknowledging within state records that I was convicted for burglary. And if the state produces a report of the records that were expunged, and my burglary conviction is listed on it, then the state is acknowledging within state records that I was convicted for burglary.

I guess the workaround is for me to ask the state, “Hey state, could you provide me with a list of my criminal convictions?” At this point the state would respond, “Here’s your list of criminal convictions…hmm, you don’t have any.”

At this point I would ask, “Are you sure?”

So the state would respond, “Well, let’s check the backups.”

(Sigh.)

By DC Comics – Two-Face Year One #2, Fair use, https://en.wikipedia.org/w/index.php?curid=62328520

How the “CSI effect” can obscure the limited role of DNA-based investigative leads

People have been talking about the “CSI effect” for decades.

In short, the “CSI effect” is characterized as the common impression that forensic technologies can solve crimes (and must be used to solve crimes) in less than an hour, or within the time of a one-hour television show.

When taken to its extreme, juries may ask why the law enforcement agency didn’t use advanced technological tools to solve that jaywalking case.

Advanced technological tools like DNA, which has been commonly perceived to be the tool that can solve every single crime.

Well, that and video, because video is powerful enough to secure a conviction. But that’s another story.

Can DNA result in an arrest in a Denver homicide case?

A case in point is this story from KDVR entitled “DNA in murder case sits in Denver crime lab for 11 months.”

This is a simple statement of fact, and is not that surprising a statement of fact. Many crime labs are inundated with backlogs of DNA evidence and other forensic evidence that has yet to be tested. And these backlogs ARE creating difficulties in solving crimes such as rapes.

But when you read the article itself, the simple statement of fact is painted as an abrogation of responsibility on the part of law enforcement.

A father is making an emotional plea and putting up $25,000 of his own money to help find his son’s killer.

He is also asking the Problem Solvers to look into the time it has taken for DNA evidence to be tested in this case and others.

Tom O’Keefe said it’s taking too long to get answers and justice.

From this and other statements in the article, a picture emerges of an unsolved crime that can only be solved by the magical tool of DNA. If DNA is applied to this, just like they do on TV, arrests will be made and the killer will be convicted.

So why is it taking so long to do this?

Why is justice not being served?

KDVR is apparently not run by impassioned activists, but by journalists. And it is important from a journalistic perspective to get all sides of the story. Therefore, KDVR contacted the Denver Police Department for its side of the story.

The Denver Police Department has identified all parties involved, and the investigation shows multiple handguns were fired during this incident. While this complex case remains open, which limits details we can provide, we can verify that a significant amount of forensic work has been completed, but some remains. Investigators believe the pending forensic analysis can potentially support a weapon-related charge but will not further the ongoing homicide investigation.

OK, let’s grant that they’re not trying to identify an unknown assailant, since “all parties involved” are known.

But once that DNA is tested, isn’t that going to be the magic tool that provides the police with probable cause to arrest the killer?

Um, no.

Even IF the DNA evidence DOES happen to show a significant probability that an identifiable person committed the homicide, that in itself is not sufficient reason to arrest someone.

Why not?

Because you can’t arrest someone on DNA evidence alone.

DNA evidence can provide an investigative lead, but it has to be corroborated with other evidence in order to secure an arrest and a conviction. (Don’t forget that the evidence has to result in a conviction, and in most of the United States that requires that the evidence show beyond a reasonable doubt that the person committed the crime.)

Why was a serial killer in three European countries never brought to justice, despite overwhelming DNA evidence?

Reasonable schmeasonable.

If DNA ties someone to a crime, then the person committed the crime, right?

Let’s look at the story of a serial killer who terrorized Europe for over a decade, even though ample DNA evidence was found at each of the murder scenes, beginning with this one:

In 1993, a 62-year-old woman was found dead in her house in the town of Idar-Oberstein, strangled by wire taken from a bouquet of flowers discovered near her body.

Nobody had any information on what might have happened to Lieselotte Schlenger. No witnesses, no suspects, no signs of suspicious activity (except for the fact that she’d been strangled to death with a piece of wire, of course). But on a bright teacup near Schlenger, the police found DNA, the only clue to surface at all.

The case went cold, given that the only lead was the DNA of an unknown woman, and there was no match. Yet.

Eight years later, in 2001, there was a match when the same woman’s DNA was found at a murder scene of a strangulation victim in Freiburg, Germany. Police now knew that they were dealing with a serial killer.

But this time, the woman didn’t wait another eight years to strike again.

Five months after the second murder scene, her DNA showed up on a discarded heroin syringe, after a 7-year-old had stepped on it in a playground in Gerolstein. A few weeks later it showed up on an abandoned cookie in a burgled caravan near Bad Kreuznach, like she’d deliberately spat out a Jammy Dodger as a calling card. It was found in a break-in in an office in Dietzenbach, in an abandoned stolen car in Heilbronn, and on two beer bottles and a glass of wine in a burgled bar in Karlsruhe, like she’d robbed the place but stuck around for a few cheeky pints.

And her activities were not confined to Germany.

Over the apparent crime spree, her DNA was sprayed across an impressive 40 crime scenes in Austria, southern Germany, and France, including robberies, armed robberies, and murders.

In 2009, the case took an even more bizarre turn.

Police in France had discovered the burned body of a man, believed to be from an asylum seeker who went missing in 2002. During his application, the man had submitted fingerprints, which the police used to try and confirm his identity. Only, once again, they found the DNA of the phantom.

“Obviously that was impossible, as the asylum seeker was a man and the Phantom’s DNA belonged to a woman,” a spokesperson for the Saarbrücken public prosecutor’s office told Spiegel Online in 2009.

But how could this be?

DNA evidence had tied the woman, or man, or whatever, to six murders and numerous other crimes. There was plenty of evidence to identify the criminal.

What went wrong?

Well, in 2009 police finally figured out how DNA evidence had ended up at all of these crime scenes in three countries.

The man’s death led to an explanation of the case: there was no serial killer, and the DNA could be traced to a woman working in a packing center specializing in medical supplies. It was all down to DNA contamination.

Well, couldn’t that packing woman be convicted of the serial murders and other crimes, based upon the DNA evidence?

No, because there was no other evidence linking the woman to the crimes, and certainly “reasonable doubt” (or the European criminal justice equivalent) that the woman was also the dead male asylum seeker.

This is why DNA is only an investigative lead, and not evidence in and of itself.

But the Innocence Project always believes that DNA is authoritative evidence, right?

Even those who champion the use of DNA admit this.

If you look through the files of people exonerated by the Innocence Project, you find a common thread in many of them.

Much of the evidence gathered before the suspect’s original conviction indicated that the suspect was NOT the person who committed the crime. Maybe the family members testified that the suspect was at home the entire time and couldn’t have committed the crime in question. Or maybe the suspect was in another city.

However, some piece of evidence was so powerful that the person was convicted anyway. Perhaps it was eyewitness testimony, or perhaps something else, but in the end the suspect was convicted.

Eventually the Innocence Project got involved, and subsequent DNA testing indicated that the suspect was NOT the person who committed the crime.

This in and of itself didn’t PROVE that the person was innocent, but the DNA test aligned with much of the other evidence that had previously been collected. It was enough to cast a reasonable doubt on the conviction, allowing the improperly convicted suspect to go free.

But there are some cases in which the Innocence Project says that even DNA evidence is not to be trusted.

Negligence in the Baltimore Police Department’s crime lab tainted DNA analysis in an unknown number of criminal cases for seven years and raises serious questions about other forensic work in the lab, the Innocence Project said today in a formal allegation that the state is legally required to investigate.

DNA contamination, the same thing that caused the issues in Europe, also caused issues in Baltimore.

And there may be other explanations for how a person’s DNA ended up at a crime scene. Perhaps a police officer was careless and left his or her DNA at a crime scene. Perhaps someone was at a crime scene and left DNA evidence, even though that person had nothing to do with the crime.

In short, a high probability DNA match, in and of itself, proves nothing.

Investigative leads and reasonable doubt are very important considerations, even if they don’t fit into a one-hour TV show script.