Thursday, April 10, 2014

First alleged serial rapist identified from Houston rape-kit backlog

Grits reported on Sunday that the Houston crime lab identified hundreds of hits when it ran results from old rape kits through CODIS, the national DNA database, including 26 possible serial rapists. Now, Houston PD has identified the first of those, the Houston Chronicle reported yesterday:
Houston police on Tuesday for the first time identified a criminal suspect - a possible serial rapist - from testing of sexual assault kits that once gathered dust in the police property room.

HPD sex crime investigators said Herman Ray Whitfield Jr., 43, has been charged with four counts of aggravated sexual assault going back to 1992, and said he may have had more victims. One of his victims, police said, was a 12-year-old.
DNA linked Whitfield to four local cases, with victims ranging from 12 to 30 years old.

As Grits reported over the weekend, the crime lab has uploaded samples to CODIS in 1,662 cases out of 9,723 samples outsourced to private vendors for analysis. So far, they've found 607 "hits," including 26 instances with multiple "hits" on the same alleged offender, apparently including Mr. Whitfield.

We can expect numerous iterations of this same story in the coming months (and possibly years), including some instances where crimes have passed the statute of limitations and can't be prosecuted.

21 comments:

rodsmith said...

guess this means my question on the other thread has been answered.

There have been cases where quick action on old tests would have stopped some of these crimes.

I think anyone involved in not conducting these tests should spend some time in prison.

at a very minimum they are accessory's AFTER the fact. last time I looked that is a felony.

Anonymous said...

My question was not answered. Why are there about 2,000 more "reports" than "reviews" ?

~LAVA~

Gritsforbreakfast said...

@LAVA, I think they just haven't finished the reviews.

Another question: What are the criteria by which cases reviewed are uploaded to CODIS? I suspect they're not doing it in cases where they secured convictions, which would mean they're missing any possible innocence cases. It sounded from Irma Rios' presentation like they're only checking CODIS on unsolved cases.

Anonymous said...


From the preceding post, an anonymous commenter stated, "if the police can not certify that a crime was committed, then DNA profiles from that case can not legally be entered into CODIS."

First, it's not really the decision of the police to upload (or not) the DNA profile into CODIS. It's the crime lab's (usually at the leisure of the DA's Office).

And second, according to the FBI's webpage [http://www.fbi.gov/about-us/lab/biometric-analysis/codis/codis-and-ndis-fact-sheet], even if someone is simply the suspect of a sexual assault (neither confirmed guilty or innocent), their DNA can be uploaded into CODIS -- at the allegation stage, pre-trial.

"...For example, in the case of a sexual assault where an evidence kit is collected from the victim, a DNA profile of the suspected perpetrator is developed from the swabs in the kit. The forensic unknown profile attributed to the suspected perpetrator is searched against their state database of convicted offender and arrestee profiles (contained within the Convicted Offender and Arrestee Indices, if that state is authorized to collect and database DNA samples from arrestees). If there is a candidate match in the Convicted Offender or Arrestee Index, the laboratory will go through procedures to confirm the match and, if confirmed, will obtain the identity of the suspected perpetrator. The DNA profile from the evidence is also searched against the state’s database of crime scene DNA profiles called the Forensic Index..."

Moreover, DNA profiles obtained from "autopsy kits" (where semen was found within the victim), DNA profiles of the alleged unknown perpetrator are still uploaded into CODIS -- without knowing if the sexual incident was actually related to the criminal death of the victim.

Moreover, according to the FBI,

"Q: What are the expungement requirements?... For arrestees, if the participating laboratory receives a certified copy of a final court order documenting the charge has been dismissed, resulted in an acquittal or no charges have been brought within the applicable time period."

So, a man can be accused of sexual assault and have his DNA uploaded into CODIS. Only if the man is deemed innocent will his DNA be removed from the database.

That is, it doesn't matter if it is a "consensual vs. rape" situation. The DNA profile uploaded can be used to explore leads related to other unrelated sexual occurances. So asserting that it's stupid to analyze biological evidence in "he said-she said" situations is, in itself, stupid. It also does not explain why then these kits are retained by the crime labs and police indefinitely. It seems as if no judicial conclusion can be reached, the kits could be destroyed. (or any other evidence in which the judicial conclusion may not be reached.) Wasting freezer space and taxpayer money.

LloydV said...

And when cases start popping up that have passed the statute of limitations, our esteemed politicians will use that as an excuse to try and extend the limitations period.

Anonymous said...

Part 1

Several of the points made by 7:40 re the CODIS DNA database are not fully correct. I say this having had responsibilities in CODIS database administration for quite a few years, and having received specific training on issues related to profile acceptance policies.

7:40 says: "First, it's not really the decision of the police to upload (or not) the DNA profile into CODIS. It's the crime lab's (usually at the leisure of the DA's Office)."

There are several incorrect elements to this statement. DA's play absolutely no role in the CODIS system. The role of the laboratory is not to "decide" to upload profiles. The laboratory uploads any profile that meets acceptability criteria that are defined by state and federal statutes. It is those statutes that "decide" what profiles go into CODIS and what profile don't go in. The laboratory has the responsibility to correctly categorize profiles and to determine if they meet the eligibility standards set by the state and federal governments.

CODIS is administered by laboratories, contingent upon ongoing compliance with an official MOU with the FBI (which oversees the entire program). By entering into that MOU with the feds, laboratories agree to comply with federal policies regarding profile acceptability. Those policies are complex because the structure of the CODIS database is complex. It consist of a number of sections ("indexes") each of which contain a particular category of profiles. Profiles generated by laboratories must be correctly assigned to an index at the time of upload. There are different acceptability rules for each index. The concept of indexes is important because there are specific rules about how profiles are searched against one another, and these rules are based upon the index classifications of the profiles.

The index classifications are all based on the relationship of the person who is the source of the DNA profile to the underlying law enforcement investigation. Profiles can only be uploaded to the CODIS database if they are associated with a police investigation. While labs perform the profile entry and upload processes, they rely upon law enforcement information to do those processes correctly.

The indexes that are most familiar to people are the Forensic Index and the Convicted Offended Index.

The Convicted Offender Index is the easy one - it contains profiles of individuals convicted of crimes. But not all crimes. It is the responsibility of each state to define the set of offenses that qualify for the CO Index. Generally, conviction for homicide, rape, assault, or burglary of a habitation will get you into the CO Index. Drunk driving will not get you into the CO Index, as far as I know. But there are differences between the states regarding qualifying offenses. Originally, back in the '90s, the feds defined the qualifying offenses. Later on they deferred to the states. The states have to define the qualifying offenses by legislation. For Texas, qualifying offenses are defined in the Texas Government Code Sec 411.1471 and are implemented in the Texas Administrative Code Sec 37 Part 1 Chap 28 Subchap H Rule 28.123.
...

Anonymous said...

Part 2

The Forensic Index contains profiles from evidence in criminal investigations. But not all evidence. An investigation may involve collection of evidence from an obvious crime scene, such as a death scene. There may also be collection of evidence from associated non-crime scenes, such as a suspect's or a victim's home. Under the MOU regulating CODIS participation, labs must follow the feds rules for submitting a profile to the Forensic Index. For a DNA profile to qualify or the Forensic Index, it must 1) be from evidence that is clearly associated with the criminal incident, and 2) be attributable to the perpetrator of the crime. The goal here is two-fold: 1) to upload to the Forensic Index profiles that are from the perpetrators of crimes, and 2) to prevent the upload of profiles of people who are not perpetrators of crimes.

So, for example: A guy is killed at a bar in a fight. A bloodstain from his fist would probably qualify for the Forensic Index (if it doesn't match the victim). But, a bloodstain from the victim's apartment would not qualify because it is not clearly associated with the death. Another example: A man is killed in an alley. Witnesses say he was smoking with a guy and the guy shot him. Twenty cigarette butts from the alley are processed, giving ten DNA profiles. The police are looking for a lead and want all ten non-victim profiles entered into CODIS. The lab can't do that, because none of the cigarette butts is clearly associated with the murder. In fact, at least nine of the profiles (and maybe ten) would be from non perpetrators.

There are other indexes, all with their own rules for qualification: the Unidentified Human Remains Index, the Missing Person Index, the Biological Relatives of Missing Persons Index, the Arrestee Index, the Detainee (immigration detainee) Index, etc.

The importance of the indexes is that under the federal DNA identification Act, only certain of the indexes can be searched against one another. For example, profiles in the Forensic Index can be searched against profiles in the Forensic Index, the CO Index, the Arrestee Index, the Detainee Index, the Missing Person Index, and the Unidentified Human Remains Index. But, profiles in the Forensic Index can not be searched against the Biological Relatives of Missing Persons Index. The only index that can be searched against the Biological Relatives of Missing Persons Index is the Unidentified Human Remains Index.

7:40 says: "Moreover, DNA profiles obtained from "autopsy kits" (where semen was found within the victim), DNA profiles of the alleged unknown perpetrator are still uploaded into CODIS -- without knowing if the sexual incident was actually related to the criminal death of the victim."

7:40 is incorrect. A semen sample collected at autopsy of a homicide only qualifies for upload as a Forensic sample is it is attributable to the perpetrator of the homicide. A semen sample from a random drive-by-shooting victim is not eligible for the Forensic Index because it is not associated with the shooting. A semen sample from a homicide victim found disrobed in a field would be eligible, because there is a clear association of sexual activity with the death.

7:40 says: "So, a man can be accused of sexual assault and have his DNA uploaded into CODIS. Only if the man is deemed innocent will his DNA be removed from the database."

7:40 is incorrect. Being accused of a crime does not qualify the accused's DNA profile for upload to CODIS. If he is arrested, then that qualifies for upload to the Arrestee Index. But it requires arrest, not just accusation. If the accused gives a voluntary sample to compare to the kit evidence, his profile can not be uploaded to the Arrestee Index if he hasn't been arrested. (His profile would not be eligible for the Detainee Index if he is a US citizen.)

Sorry to take up so much space. But correcting misinformation is difficult, while creating misinformation is easy.

Anonymous said...

11:58-

Thanks for correcting the FBI's misinformation.

Anonymous said...

You're welcome. But the problem wasn't the FBI's information. It was 7:40's reading of the information.

Anonymous said...

"The laboratory has the responsibility to correctly categorize profiles and to determine if they meet the eligibility standards set by the state and federal governments."

In other words, they have to "decide".

What if the crime lab "decides" incorrectly? What if the crime lab improperly categorizes a DNA profile and upload it anyway because of the assumption:

"...it is attributable to the perpetrator of the homicide..."
"...there is a clear association of sexual activity with the death..."
"...evidence that is clearly associated with the criminal incident..."
"...be attributable to the perpetrator of the crime..."

These are some very 100%-absolutely-certain-conviction-securing statements from someone assumed to be a scientist, independent, unbiased, and removed from law enforcement. I would at the very least think there would be words such as "possibly", "potentially", "could", "might". But the statements found within the comments from 12pm reflect a more cop-like attitude.

What if the police give the crime labs misinformation because "...While labs perform the profile entry and upload processes, they rely upon law enforcement information to do those processes correctly."? ("He must be guilty because we arrested him. He must be guilty because we uploaded his DNA profile into CODIS.")

And while the criteria for uploading the DNA profiles into the databases are included within the statutes, is it illegal to upload incorrect profiles? Has anyone been prosecuted for disregarding the statutes and upload DNA profiles anyway? The MOUs are in place, but are they enforceable? I can imagine with that with the cop-mentality presented by commenter 12pm, there is a wide range of abuse for the CODIS database.

12pm is incorrect. He assumed that 7:40 was from Texas.

Anonymous said...

12:00 here.

In response to 4:06's questions/comments -

4:06 said:"12pm is incorrect. He assumed that 7:40 was from Texas."

No assumption was made re where 7:40 is from. Because GFB is a Texas-centric blog, I gave some information that might be of value to any Texans who would be interested in looking up information for themselves. Many Texans (including me, by the way) don't particularly trust people in government. It is always a good thing to research these things for yourself.

4:06 said: "And while the criteria for uploading the DNA profiles into the databases are included within the statutes, is it illegal to upload incorrect profiles?"

Intentional misuse of CODIS is illegal. I am unaware that penalties are specified in Texas law. But because CODIS database records are government records, I would suspect that laws related to falsification of government records would apply to intentional misuse situations. Penalties for misuse are written into federal law. Specifically, the 2004 Justice For All Act specifies penalties of $250,000, or imprisonment for a period of not more than one year, or both.

4:06 said: "Has anyone been prosecuted for disregarding the statutes and upload DNA profiles anyway?"

I don't know. That is an interesting question.

4:06: "The MOUs are in place, but are they enforceable?"

Several years ago, the state crime lab in Connecticut lost access to CODIS for a time, because it did not comply with the MOU requirements. So, yes, the MOU is enforceable.

4:06 said: "What if the police give the crime labs misinformation..."

If you are talking about intentionally providing incorrect information in order to get a profile uploaded to CODIS, then it is my understanding that that would be intentional misuse of the CODIS system and would be illegal (see above). If you are talking about unintentionally providing incorrect information, then the lab would have to remove the profile from the database when the correct information became known to the lab.

4:06 said. "What if the crime lab improperly categorizes a DNA profile and upload it anyway..."

Of course, this is an ongoing concern. Labs have checks in place to keep this from happening. These will include procedural requirements to have documentation of the critical law enforcement information information that was used to categorize the profile, and review and sign-off of the categorization by qualified reviewers and/or managers. However, errors can still happen. If an error is identified, then the lab would pull the profile from the database, and then resubmit it under the correct category.

I hope this helps.

Anonymous said...

So let's talk Texas.

With all the flag-waving and chest-thumping notions that the DNA databases are being used correctly (or legally), I present specific comments included within the DOJ Office of the Inspector General's report COMPLIANCE WITH STANDARDS GOVERNING COMBINED DNA INDEX SYSTEM ACTIVITIES AT THE SOUTHWESTERN INSTITUTE OF FORENSIC SCIENCES (SWIFS) DALLAS COUNTY, TEXAS, Audit Report Number GR-80-10-002, December 2009.

"We noted that the Laboratory was not in compliance with NDIS participation requirements because we identified four exceptions in the areas reviewed. Specifically, we found that: (1) the laboratory was not sending backup tapes of the CODIS server to a secure off-site location on a monthly basis, (2) 8 of the 17 NDIS matches in our sample were not requested or confirmed within 30 business days, (3) the external audit we reviewed was not forwarded to the FBI within 30 days, and (4) the Laboratory had allowed an unauthorized user [unsupervised] access to CODIS for 1 year without the proper authorization from the FBI [footnote: the FBI denied the CODIS user's access based on a failed security check]. We also found a QAS violation...and the Laboratory did not maintain sufficient documentation to assess whether investigators were notified in a timely manner for two other matches we reviewed. footnote: Our sample included 17 matches. However, one case file could not be located. As a result, we reviewed 16 samples."

Anonymous said...

Continued, the DOJ OIG's audit of SWIFS (part 2)...

"Our review of 103 forensic DNA profiles uploaded to NDIS revealed that 18 profiles were unallowable, incomplete, or missing, and because of insufficient record retention, 15 of the Laboratory's files did not have sufficient evidence to determine if the profiles were obtained from a crime scene. These 33 profiles included one case file that was incomplete and did not reflect evidence of DNA analysis and two case files that could not be located. In addition, we found four profiles with incorrect information that had been uploaded to NDIS. The Laboratory corrected two of the four incorrect profiles and deleted the remaining two incorrect profiles from NDIS. As a result of our review, the Laboratory deleted all 35 of these profiles while we were on site for our audit field work."

Anonymous said...

Continued, the DOJ OIG's audit of SWIFS (part 3)...

"Until January 2009, the Laboratory attempted the analysis of 13 core loci on forensic unknown samples only when there was not a standard to compare it to; for the rest of its forensic samples, the Laboratory only attempted 9 core loci. NDIS requires that the analysis of all 13 core loci for forensic samples be attempted and a profile must contain at least 10 core loci for it to be searchable in the NDIS database. Therefore, prior to January 2009, the number of searchable profiles uploaded to NDIS was significantly decreased because of this Laboratory practice. The Technical Leader [Tim Sliter] told us...it was a cost-cutting measure, as not using the second kit to run the remaining four loci saved money."

Anonymous said...

Continued, the DOJ OIG's audit of SWIFS (part 4)...

"For the 103 samples that we reviewed, we found that 58 contained 9 or less loci and thus are not searchable at NDIS. We asked the CODIS Administrator to run a list of the 9 or less loci profiles the Laboratory had uploaded to NDIS, and we found that 614 of the 1,171 profiles (52 percent) uploaded as of May 13, 2009, were unsearchable at NDIS. Eleven of these profiles were uploaded after January 1, 2009. We are therefore concerned that this policy may not be implemented effectively and that the Laboratory may not be fully participating in the CODIS program."

Anonymous said...

Continued, the DOJ OIG's audit of SWIFS (part 5)...

"For the 103 forensic profiles in our sample, the Laboratory deleted 35, or 34 percent, from NDIS. Specifically, we found 30 unallowable profiles that the Laboratory deleted from NDIS because they did not adhere to the FBI's suitability standards. The Laboratory also deleted two inaccurate profiles. In addition, we found one profile with an incomplete case file for which no evidence of the DNA analysis was provided and two profiles for which the case files could not be located. These circumstances raise concerns about the Laboratory's adherence to NDIS requirements and Quality Assurance Standards."

Anonymous said...

Continued, the DOJ OIG's audit of SWIFS (part 6)...

"We have conducted CODIS audits since 1999 and the Southwestern Institute of Forensic Sciences Laboratory has one of the highest rates of noncompliance to date. Specifically, 35 of the 103 profiles we reviewed were not allowable for inclusion in NDIS. While Laboratory resources are an issue, efforts to ensure that the profiles at NDIS fully conform to federal regulations are also important. This is particularly relevant in this situation where the egregious nature of our findings indicates that there are most likely a significant number of additional unallowable profiles at NDIS maintained by the Laboratory. Also contributing to our conclusion is our identification of a profile sample matching that of a victim, which we consider to be unacceptable."

Anonymous said...

12:00 here -

The example given above illustrates several of the points I made regarding the MOU and correction of errors when identified.

Additionally it illustrate one of the controls that I did not mention, which is audits of the CODIS system in order to identify gaps, errors, and opportunities for improvements in processes. Typically, audits such as this would be followed up with corrections and changes to procedures that would be reviewed and approved by the FBI.

Anonymous said...

What the above example really means is that MOUs and Texas State laws can be ignored entirely by the crime labs without consequences. And that audits are basically a moot point since the 2009 audit had discovered violations dating back to 2001, unaddressed for 8 years. Did no other audits within that time period find these problems?

That's a ridiculous amount of time to elapse before identifying errors or making corrections (just ask Todd Willingham). This is clearly a sign of negligence and incompetence.

To add injury to insult, Dr. Jeffrey Barnard, a member of the Texas Forensic Science Commission (responsible for investigating scientific negligence and misconduct in crime labs) is the Crime Lab Director of SWIFS -- the above mentioned examples.

Leading by example, one screw-up at a time.

rodsmith said...

7:43 you were doing so good till this!

"That's a ridiculous amount of time to elapse before identifying errors or making corrections (just ask Todd Willingham). This is clearly a sign of negligence and incompetence."

actually it's most likely it's a sign of consparcy and collusion to hide the truth.

the last 50-60 years or so the gov't at ALL lvl's has gotten damn good at that.

Anonymous said...

Sounds like the crime lab in question (in the above comments) illegally uploaded DNA profiles and searched the DNA databases illegally.

I wouldn't be surprised if some crafty defense attorney argued for the suppression of the CODIS hits based on an illegal search and seizure.