Video: City Council authorize federal funding for facial recognition and fusion center

By Phil Mocek

At the 2:00 p.m. March 10, 2014, Seattle City Council meeting of the full council (agenda), public comment was received from five people regarding Council Bill 118043, which authorized federal funding for facial recognition software and the Washington State fusion center. Each person spoke in opposition to passage of the bill. Because public comment was, as is typical at City Council meetings, limited to 20 minutes, some people who wished to speak were not allowed to do so. After public comment, council members discussed the bill, then voted 7-1 to pass the bill, with Kshama Sawant casting the lone vote in opposition.

A complete video archive of the meeting is available from Seattle Channel for streaming and download. In attendance at the meeting were (in order from left to right as visible in the video) council members Sally Bagshaw, Bruce Harrell, Sally Clark, Tom Rasmussen, Tim Burgess, Jean Godden, Mike O’Brien, and Kshama Sawant.

Council Bill 118043 authorizes acceptance of a financial grant from U.S. Department of Homeland Security under the Urban Areas Security Initiative program, including about $1.2 million for Seattle Police Department, and ratifies and confirms any act made pursuant to the authority of the ordinance taken prior to the effective date of the ordinance. Intended uses of the DHS funding that have been disclosed to the public include purchase of facial recognition software for use by Seattle Police Department staff and further funding of the regional fusion center.

We are unaware of any way to link directly to a point in time in a video hosted by Seattle Channel, so we cached a portion of the video archive of yesterday’s meeting elsewhere.

Following is an index to relevant portions of that video:

  • 06:42 Public comment: Scott Shock
  • 08:41 Public comment: Lee Colleton
  • 14:27 Public comment: Christopher Sheats
  • 17:11 Public comment: David Robinson
  • 19:19 Public comment: Phil Mocek
  • 23:19 Introduction of item #1: Council Bill 118043
  • 24:06 Councilmember Harrell
  • 29:47 Councilmember Bagshaw
  • 31:15 Councilmember Sawant
  • 34:28 Councilmember Harrell
  • 36:40 Councilmember Clark
  • 40:55 Councilmember O’Brien
  • 42:12 Councilmember Burgess
  • 42:23 Rollcall vote

How to fix Seattle’s operating surveillance ordinance

by Phil Mocek, Jacob Appelbaum, Jan Bultmann, Allegra Searle-LeBel, and Lee Colleton

We call on City Council to make the following improvements to Ordinance 124142, also known as “the operating surveillance equipment” ordinance, before the end of calendar year 2014.

Close loopholes
  • Ordinance 124142 should be amended to regulate all government agencies operating in Seattle, not merely departments in the city of Seattle.
  • Ordinance 124142 should be amended to tighten or entirely remove the exigent circumstances loophole. There are rarely if ever exigent circumstances involved in the purchase of a large-scale strategic surveillance system. If such exigent circumstances do arise, all such exigent circumstances, equipment purchases, budgets, ongoing relationships, training, and outcomes should be reviewed by City Council.
  • Instead of excluding certain existing data-gathering equipment, Ordinance 124142 should specifically ensure that digital in-car video systems (“dash cams”), automated license plate reader (ALPR) systems, “port security” cameras, and other such data-gathering systems will be reviewed. The ALPR system is the most important of these to receive review, as the use of it amounts to wide-area surveillance of everyone–not simply those people who are suspected of having committed crimes. Systems that gather data on behalf of SDOT, SCL, and SPU should also be covered by the ordinance.
  • All protocols for use of surveillance equipment must be public.
  • Any and all aspects–even secret ones–of surveillance performed by or commissioned by government agencies in Seattle must include automatic sunset provisions.
  • All property used for communications interception wire rooms or other surveillance (e.g., rentals of houses, vans, etc.) must be accounted for in a budget. When properties are no longer used for such purpose, their addresses must be disclosed. Similarly, the surveillance-related purpose of other expenses must be disclosed after the necessarily-secret nature of their use concludes.
  • The ongoing budget and expenses for surveillance activity funded by City of Seattle must be public during this entire time so that we, the people, can review these expenses and recognize if such activity has spiraled out of control relative to other city priorities.  The public must have the ability to determine if a general area has been under surveillance.
Logging and Sharing
  • All non-SPD contact (eg: FBI, TSA, ICE, SS, any part of DHS, etc) that request assistance, clearance, or notification of surveillance should be logged. Thus, if the FBI is performing a raid of say, your house, the local police don’t accidentally think it is a (different kind of) crime in progress. This already happens, the key is that the log should be audited and not just a matter of coordination.A requirement that any surveillance operations within Seattle must be logged with the Seattle police – thus, the FBI would be required to notify the SPD, even if only for their spying activity.
  • All legal statutes must be cited *during* collection as to why the collection was undertaken in the first place.
  • All electronic surveillance must be logged, including location, equipment type, legal justification and information on the officer(s) involved.
  • All surveillance requests involving any non-SPD agency, company or private individual must be logged. For example, if SPD asks Google for data on Yoga Arts, that request must be logged.
  • The ordinance should specify that all surveillance data or metadata is only for use with the SPD and is not for data sharing with WSIN, the State of Washington, any Federal agency or any other agency, company, or person without a specific court order.
  • A log of all contact made with those under surveillance – that is – each time a person is under surveillance and the collection ends, the person should be notified and it should be logged. A lack of notification should also be logged. This information should become public record automatically and absolutely handed over during a Privacy Act Request (PAR) by the target of surveillance.
  • If there was a sneak-and-peak warrantless search (eg: PATRIOT Act, Section 215) or a search conducted with a sealed warrant, this must be logged specifically as such. It should be logged with a third party that is not the SPD. We’re open to suggestions as to which party is a good one. It seems that the Mayor’s office is probably a reasonable first choice.
  • If during the course of a surveillance operation, a person is in harm’s way and disclosure *could* expose the surveillance operation, the surveillance team has a *duty* to put public safety before secrecy of the specific operation. This is already the case with good Samaritan laws in most states – when we see a person in trouble, we are required by law to help. For better or worse, it should apply to law enforcement and intelligence agencies, even if it would otherwise harm the secrecy of the operation.


  • Ordinance 124142 must be enforced, and penalties for violation must be specified.

Seattle City Light: Seattlites Need an Opt-In Policy for Smart Meters

By Molly Connelly and Jan Bultmann

As Seattle City Light customers, we ask Seattle City Light (SCL) to create an advanced metering infrastructure policy that mandates that SCL obtain informed consumer consent before installing advanced metering devices (AKA “smart meters”) — that is, an opt-In policy.

The system should carry no financial disincentives for those customers who decide not to opt-in.  

In this blog:

  • Threats to Privacy
  • Potential Unintended Consequences
  • Erosion of Public Trust
  • Current Legal Landscape
  • Gap Analysis of Federal and State Regulations
  • Precedents that Support an Opt-in Model
  • Conclusion

Threats to Privacy

Advanced metering technology poses a threat to individual privacy, as federally funded research shows. Government agencies including the Congressional Research Service1, Department of Energy2 and National Institute of Standards and Technology3, have written extensively about the specific threats to privacy generated by residential smart meters. Independent researchers have further documented the level of intimate detail that can be gathered from smart meter data, such as what customers are watching on television.4,5 

Potential for Unintended Consequences

We are concerned that smart meters can now, or in the future, be misused to act as data collection devices which make previously private activities inside our dwellings subject to unauthorized official and criminal surveillance. We are concerned about such data being collected and stored in databases that may not be protected against warrantless searches, and may be managed by companies that have a history of profiting off of warrantless electronic surveillance.6 We are concerned about a lack of clarity regarding Constitutional protections for information collected by Seattle City Light that could be shared with city, state and federal law enforcement via the Seattle Shield Program7 and the Washington State Fusion Center.

Erosion of Public Trust

In the midst of the continuing Snowden revelations about government use of unregulated technology for warrantless electronic surveillance, public trust in the ability of elected officials and public institutions to adequately protect us is at a low point. We need laws and regulations to catch up with technology so that there are clearly defined privacy protections for smart meter data, and data collection and storage protocols that are based on established, relevant law, not just departmental policies. 

Current Legal Landscape

Legal experts acknowledge that our current federal laws and regulations don’t provide adequate smart meter data privacy protection. For example, the Federal Wiretap Act could allow a utility to give permission to law enforcement or a third party to intercept smart meter data without a warrant.8  The third party doctrine as it relates to utility records containing smart meter data has not yet been tested in the Supreme Court. The Stanford Technology Law review advises that “When confronted with a business record or other information held by a third party, the Court should ask whether the record, or the technology used to create the record, reveals information about activities taking place inside the home that otherwise would not be available absent a trespass into the home. The Court should further inquire as to whether the consumer has been able to exercise any real choice about whether to create such records…Under this test, information about in-home activities generated by advanced meters or sensors in a demand response system would be protected by the Fourth Amendment” and “law enforcement officials should be required to obtain a warrant before being given access to those records”.9

At the September 26, 2013 Foreign Intelligence Surveillance Court Review, Senator Mark Udall asked Deputy Attorney General James Cole for clarification on whether section 215 of the Patriot Act (the “business records” provision of the Foreign Intelligence Surveillance Act which allows records to be collected via secret general warrants issued with a diluted standard of probable cause and placing the recipient under gag order) can be used by the National Security Agency to collect business records including “utility bills”; Mr. Cole was unable to rule it out.10 

Gap Analysis of Federal and State Privacy Protections

The US Supreme Court has asserted that “at the very core [of the Fourth Amendment] stands the right of a man to retreat into his own home and there be free from unreasonable government intrusion”.11Our Washington State Constitution provides even more rigorous protection of privacy rights than those guaranteed by the Fourth Amendment. Unlike the Fourth Amendment, WA State Const. Article I Section 7 “clearly recognizes an individual’s right to privacy with no express limitations”12 and states that “No person shall be disturbed in his private affairs, or his home invaded, without authority of law.”  Washington State has historically recognized that an individual has some level of protected privacy interest in power usage, but existing regulations on how law enforcement can access utility records are based on analog meter electrical consumption records collected monthly which are not able to reveal discrete information about a customer’s in-home activities. 

The current Revised Code of Washington (RCW 42.56.335) which regulates law enforcement access to utility records does not require a warrant, or a showing of probable cause, but instead only requires the weak standard of “reasonable belief” that the utility record will help establish that the customer committed a crime.  Advanced meter electrical consumption records can reveal discrete information and intimate details about a customer’s activities occurring within the confines of their home, including use of medical equipment, hours of occupancy, and more. These merit Constitutional protection requiring a warrant for law enforcement to access.

Our laws have not kept pace with changing technology, and we are at risk of violating constitutionally protected privacy rights. In 1994 State v. Young the WA Supreme Court recognized strict privacy protections regarding infrared as a device that discloses information about activities occurring within the confines of a home, and which a person is entitled to keep from disclosure absent a warrant.  An apt quote from the ruling:

However, in construing Const. art. 1, § 7, we have resisted the uncertain protection which results from tying our right to privacy to the constantly changing state of technology. We recognize as technology races ahead with ever increasing speed, our subjective expectations of privacy may be unconsciously altered. Our right to privacy may be eroded without our awareness, much less our consent. We believe our legal right to privacy should reflect thoughtful and purposeful choices rather than simply mirror the current state of the commercial technology industry.”13  

We need the City of Seattle to step in and model privacy policies that reflect thoughtful and purposeful choices.

Precedents that support an opt-in policy

Other jurisdictions have heard customer concerns about smart meters including privacy and data security issues and have responded by creating opt-in policies. The Eugene Water and Electric Board (Oregon’s largest customer owned utility) voted unanimously on Oct. 1, 2013 to move forward with an advanced metering project that takes an opt-in approach that focuses on consumer choice.14 In 2012 the state of New Hampshire enacted a law which prohibits electric utilities from installing smart meter gateway devices without the property owner’s consent.15 Vermont now requires written notice before installing a smart meter, and prohibits fees for those customers who choose not to opt-in.16 Section 1252 of the United States Energy Policy Act of 2005 acknowledges consumer choice and supports an opt-in approach. There is a current bill in the Washington state legislature that will give additional statutory protection to smart meter data by adding it to the public records disclosure exemptions.17


Given the privacy risks of smart meters, consumers must be allowed to choose whether to accept these risks or avoid them by not opting-in to a smart meter.  In the absence of adequate state and federal legislation, we call upon the City of Seattle and Seattle City Light to enshrine the “Opt-in” model in law. The current plan for an opt-out presumes consent; which we argue is inadequate and potentially even unethical, because the technology of smart meters has gotten ahead of consumers as well as regulators. The opt-in model requires explicit, informed consent and encourages customers to be active participants in their utility decisions by allowing them to make an informed consumer choice after being educated about the benefits and risks of smart meters and the security of their information.  

1 Congressional Research Service, Smart meter data: privacy and cybersecurity, CRS Report for Congress, 2012.

Available at:

2 Department of Energy, “Data access and privacy issues related to smart grid technologies”, 2010. Available at:

3 National Institute of Standards and Technology, “Guidelines for smart grid cybersecurity: Vol. 2, privacy and the smart grid”, The Smart Grid Interoperability Panel – Cybersecurity Working Group, vol. NISTR 7628, 2010. Available at:

4 Ulrich Greveler, Peter Glosekotter, Benjamin Justus and Dennis Loehr. Multimedia content identification through smart meter power usage profiles. In Computers, Privacy and Data Protection, 2012. Available at:

5 Miro Enev, Sidhant Gupta, Tadayoshi Kohno and Shwetak N. Patel. Televisions, video privacy, and powerline electromagnetic interference. In ACM Conference on Computer and Communications Security, pages 537-550, 2011. Available at:

6 e.g. SAIC, who presented the Seattle City Light Business Case for AMI in 2012. SAIC has a long and troubling history of producing unconstitutional data collection programs for government entities, e.g. they developed the NSA Trailblazer program for warrantless electronic surveillance; it ended in failure, costing taxpayers billions of dollars. They also created PRISM, the NSA program which is currently being used for unconstitutional metadata collection. Note that SAIC offshoot Leidos is a vendor for Meter Data Management Systems used in advanced metering infrastructures.

8 Balough, Cheryl Dancey (2011) “Privacy Implications of Smart Meters,” Chicago-Kent Law Review: Vol 86: Iss. 1, Article 8, page 18. Available at:

9 Jack I. Lerner, Deirdre K. Mulligan (2008) “Taking the “Long View” on the Fourth Amendment: Stored Records and the Sanctity of the Home”, Stan. Tech. L. Rev. 3. Available at:

11 Silverman v. United States, 365 U.S. 505 (1961), discussed in section 512. Also see: Kyllo v. United States, 533 U.S. 27 (2001), (discussed infra part II)

12State v. Simpson, 95 Wash.2d 170, 622 P.2d 1199 (1980) (discussed infra part I, section (2))

13 State v. Young, 123 Wash.2d 173, 867 P.2d 593, (1994), (discussed infra Section II, [7])



Against DHS funding for SPD facial recognition software, fusion centers

By Jan Bultmann, David Robinson, Phil Mocek, and Garrett Cobarr

2/18/2014 Post-Meeting update:

  • Four Seattle Privacy members spoke to the Public Safety Committee (PSC) today.
  • We submitted this document to the committee for inclusion in the public record.
  • PSC did NOT vote on the bill today, but it will be re-introduced to full council on Monday 2/24.
  • Full council will vote on it 3/10.
  • In the meantime, we are marking up a copy of the policy document submitted by Seattle Police Department to Council, to give councilmembers an example of what a through independent technical review with an eye toward privacy and security would look like, and how useful it would be.

Here are background information and talking points for the 2/18/2014 2 pm meeting of the Seattle City Council Public Safety Committee (PSC).

In this post:

What is the legislation?
C.B. 117996 accepts an Urban Area Security Initiative (UASI) grant in the amount of $1,645,955 under Federal Fiscal Year 2012 funding. The bill would approve acquisition of an arrest booking photo comparison database, and add a section to the Seattle Police Manual describing its proper use.

What is Seattle Privacy’s position?
We call on the PSC to do the following:

  1. Hold the legislation for further discussion, including a minimum of three public hearings in the evening when the public can attend.
  2. Make any amendments necessary to the operating surveillance ordinance (Ordinance 124142) that is already in effect BEFORE purchasing any more equipment.
  3. Explain what items SPD needs that the city is not able or willing to provide, and why we have not seen these items in budget proposals.

Talking points

Need for Meaningful Council Oversight

  • This is a police department that has been found to engage in *unconstitutional* behavior fully 20% of the time they use force.
  • Council’s discussions with SPD at the table and dais appear sometimes to be with some other police force, not the one that we read about in DOJ and monitor reports.
  • We get the impression that the the PSC is reluctant to question the assertions of SPD.
  • In the past, SPD has used DHS grant money to purchase drones and surveillance cameras which public outcry has later forced them to shut down. Past behavior is predictor of future behavior.
  • During all that time that unconstitutional force was being used, the Office of Police Accountability very rarely found wrongdoing. Investigations of allegations appear to be ineffective. We have reason to believe that if there are episodes of misconduct, little will be done and the public will be kept in the dark.
  • SPD has earned distrust and strict oversight, and that is the job of the City Council and an informed public.
  • SPD and City Council justify the acceptability of these systems by saying that “the ACLU and the Human Rights Commission were involved in review.” We hold that this level of review is utterly insufficient for funding of programs whose value has been thrown into grave doubt. It does not meet any objective measure of public input. We insist that council hold a minimum of three public hearings before accepting DHS money for SPD use.

Problem with the Booking Comparison System

  • This system enables SPD to search records of many people who were never charged, much less convicted, of crime.
  • As currently written, the policy could be changed at any time without notice to Council or the public. This PSC has talked about Ordinance 124142 as a safeguard, but that ordinance is weak, containing no language about compliance or penalties for noncompliance. We also know that the police introduced language that weakened it further at 5 pm the Friday before Council voted it through as amended Monday morning.
  • We know that Councilmember Harrell plans to introduce an amendment to address the weakness of the operating surveillance ordinance (Ordinance 124142) in March, but we want to see that ordinance amended BEFORE any new equipment is purchased.
  • Ordinance 124142 is now one year old and we have yet to see any record that any department has submitted privacy policies in compliance with it. The city has failed to follow its own law.
  • The Booking Photo Comparison System policy defines a suspect as “a person whom an officer reasonably suspects may be involved in criminal activity.” That includes people who are never even arrested.
  • “The database will contain only booking photos of individuals who have been arrested, fingerprinted, photographed and booked into an adult correctional facility in King, Pierce or Snohomish counties.” That includes people who are never charged with a crime.
  • The Booking Photo Comparison System usage log will be audited annually by SPD’s Audit, Policy and Research. How will auditors verify that there was probable cause? Where will that information be logged for audits? What’s the enforcement mechanism?
  • What’s to limit what photos will be dumped into the database? (For example, mention has been made of a WA Department of Licensing facial recognition database  based on driver’s licenses.)
  • What is the limit on where future additions to the database will come from?
  • Allowing automation of policy activities takes it from somewhat acceptable to invasive and unacceptable. A human officer can fly a camera around, investigate license plates, and look at photographs. But we don’t want an army of police robots in the sky, on poles, in cameras in cars, following us all around and mining any photographs they can get for data, dumping it into a database that they may share with any number of county, state, and federal agencies.
  • Example: May Day 2012 incident action plan where Sanford called for photos of all known “anarchists/criminals” and people who’d been arrested in Occupy protests
  • Just as the NSA manipulated and misled Congress, SPD are likely to manipulate and mislead City Council. They will allow Council and the public to assume the best, while the police push to the limit of what they can get away with. They are rules-enforcers, not rights-protectors.
  • We call on Council to think about potential purchases with consideration for just how bad it could be, not just concoct a rosy vision of how well it could go.
  • Example: In documents released under public disclosure earlier this week we learned that city of Seattle built a radio receiver system so they can watch the (sometimes unencrypted) communications from the WSP’s flying infrared cameras, which we know to be used to monitor, for example, political demonstrations. Were Council aware of this system? (FLIR 380)
  • Example: In August 2012 The Guardian reported that DHS paid $832,000 for a trial deployment of the Trapwire surveillance system in Seattle. Was Council aware of this system?

Timeline of events behind Council Bill 117996

December 2003 Initial version of this legislation is passed: Ordinance 121283, passed by the City Council on September 22, 2003, authorized the Seattle Police Department to apply for funding under FFY03 UASI Grant Award Programs I and II, authorized the Seattle Police Department to execute an agreement to partner with the State of Washington, King County, and other local jurisdictions to participate in UASI Grant Award Program II, and appropriated an initial allocation of funding under both grant programs for immediate needs of conducting vulnerability assessments and providing urgently needed equipment to City departments.

2004-2012 Variations on same legislation passed every single year without significant public debate for 10 years.

June 2013 Edward Snowden reveals NSA domestic spying programs.

December 2013 Public Safety Committee (PSC) held the 11th iteration of the legislation due to a potentially controversial program, Booking Comparison Software. PSC asked SPD to provide documentation of public outreach in privacy policy development and asked for ACLU and Human Rights Commission input into the system.

January 2014 New executive, changes to SPD command staff. SPD received input from ACLU and Human Rights Commission, provided draft privacy policy.

February 5, 2014 SPD presented legislation to PSC, discussion.

February 19, 2014 PSC discussion.

February 24, 2014 Bill to be re-introduced.

March 10, 2014 Full council vote.