Why we & the federal monitor agree: don’t trust SPD on surveillance tech

(Or: It’s Thanksgiving, and we are thankful for SPD’s federal monitor)

As reported in the Seattle Times, a draft report on the Seattle Police Department’s performance has been released by the federally appointed monitor, Merrick Bob, and it is not pretty. Say what you like about the federal government’s own violations of constitutional and human rights, the Department of Justice has served Seattle well by placing SPD under court review and holding it to an objective standard of policing. The excessive force — the unnecessary deaths, beatings, profilings, and daily humiliations — that compelled the DOJ to get involved must stop, and the SPD must fulfill its mission to serve and protect the people of Seattle.

As the city’s privacy-lovers already know, excessive force is not the only problem at SPD.  It was grant-chasing SPD leaders, particularly in the Information Technology division, who accepted money from the Department of Homeland Security  and deployed a city-wide surveillance of security cameras and radio links without public review or debate. In response to community apprehension (especially in West Seattle, where the first cameras went up), SPD’s leadership promised to manage the collected data responsibly and to allow public scrutiny of the images being captured. Additionally, Ordinance 124142, passed in March 2013, required SPD to submit a use policy within 30 days and gain council approval before turning on the system.

Eight months have passed since March, and no use policy has appeared. After people recently noticed that the system was turned on anyway, SPD promised to turn it off again. A legitimate question at this point would be: Who is running this circus?

The federal monitor’s report makes clear that SPD’s Information Technology division is a big part of the problem. There is not only lack of leadership from the City and inside SPD, there is, front and center, a simple lack of competence in IT.

The following excerpts from the report highlight IT’s inability to oversee large projects, plan new ones, manage its data, keep its machines working, and on and on. Remember, these are the people who sneaked in a public surveillance net, and then promised to manage its data in the public interest. In fact, they can’t even produce reliable data for Merrick Bobb. The failure of IT to manage (or even locate) its data plays directly into the SPD leadership’s conspiratorial, closed-door management style. Got a Freedom of Information Act request? Sorry, that information was lost. Got a federal consent decree? Sorry, we can’t really tell you what we are doing, because we don’t know, and we don’t want to know.

  • IT is incapable of providing responsive data to the federal monitor

The Department’s Information Technology (“IT”) leadership has given incorrect or incomplete information to the Monitor and Monitoring Team and has proven itself unable to tackle the management of projects of import or complexity relating to use of force and other areas encompassed by the Settlement Agreement. SPD’s existing capacities to track, analyze, and use data are, at best, weak. The data produced by the IT Department has been error-ridden and inadequate: The SPD simply does not have the data required to implement the Consent Decree, to manage the risk of unconstitutional conduct, to respond to the Monitoring Team’s requests for data in order to measure progress, to enable the Court to assess the speed and good faith of implementation, or to respond to routine inquiries by
City Council for data needed for legislative purposes. (1)

  • IT’s attitude and equipment are outdated

Modern policing is, in short, a scientific and data~driven enterprise…. The Settlement Agreement repeatedly stresses the need for the SPD to gather accurate data by which to manage the risk of unconstitutional policing and measure compliance. The SPD has nonetheless found it difficult to embrace these new technologies. Current data and analytical capabilities are nowhere near adequate. The SPD generates frequently erroneous and incomplete factual information about itself and officer performance. (6)

  • “We can do this ourselves!” — But they can’t

A business intelligence system, properly conceived and developed, is pivotal to SPD’s ability to hold itself accountable for constitutional policing…. During the last year, the SPD has spent substantial time and money–possibly hundreds of thousands of the business intelligence project because some within the Department firmly insisted that they could develop a system on their own, without input from outside experts or from those who will be the users of the system. A proposed “vendor” solution that would link the Department’s existing, jerry-built silos of erroneous and incomplete data to each other, with a weak interconnection, fell well short of what is needed: a modern, sophisticated, and dynamic tool that SPD can use to pragmatically and rigorously assess its performance. (7)

  • “Nobody can do this!” — Wrong again

Despite the Monitoring Team repeatedly advising SPD to tum to outside experts and consider alternative solutions for collecting more reliable data, this advice was slow to gain internal support. SPD’s IT leadership consistently told the Monitoring Team that some interim solutions were not technologically feasib1e–even though they were later shown to be easy to accomplish. (7)

  • The problem in IT is the leadership

Notwithstanding the SPD’s resistance to change and suspicion of innovation in some quarters, the Monitor emphasizes that there are many talented individuals within the SPD dealing with data and information technology who are working in good faith and taking justifiable pride in their accomplishments. The problem appears Qt to be the lack of a talented and dedicated staff but, instead, a failure by some members of senior IT leadership to fully accept the requirements of the Settlement Agreement…. (7-8)

  • How IT implements racially color-blind policing

The Monitoring Team’s third troubling discovery was that, for two consecutive years, the demographic figures for Asian and Caucasian subjects in use of force incidents were notably inconsistent with subsequent years. After confirming the accuracy of its analysis, the Monitoring Team brought this inconsistency to the attention of the Compliance Coordinator’s office. After an inquiry, the SPD explained that, for two years, “Asian” was incorrectly recorded in AIM as “Caucasian,” and vice–versa. Thus, although the Monitoring Team collected use of force data across only seven basic categories, it discovered a critical systematic error. The Monitoring Team understands that no effort is currently being made to audit or otherwise correct these errors. It underscores DOJ’s view that the SPD 1acked–and the Monitoring Team thinks the SPD still lacks–the basic tools necessary to manage the risk of unconstitutional policing. (11)

  • IT’s reputation for incompetence provides cover for misconduct

As this report details elsewhere, video and audio are missing far too frequently for incidents reviewed by the Use of Force Review Board and Firearms Review Board These omissions compromise the integrity and quality of investigations. When ICV [in-car video] is missing, the Department regularly and without additional inquiry accepts the explanation that the officer’s equipment was not properly functioning or that the officer did not know how to operate it. The days of technical issues being an immediately accepted excuse for the absence of video must come to an end so that officers can be fairly held accountable if they inappropriately fail to activate ICV or cause their on-body microphone to be muted during an incident. (13)

Protocols for surveillance data under development in Seattle

Here’s an email I wrote to Seattle City Councilmember Bruce Harrell, who chairs the Committee of Public Safety, Technology, and Civil Rights:

Dear Councilmember Harrell,

Thanks so much for all the work you’re doing to address police accountability, the gender pay gap issue, and equitable access to broadband in the city, among so many other issues.

Quick question: In March of this year, Council passed ordinance 124142, which called for the creation of written protocols for City-owned surveillance equipment. The legislation required programs running previously deployed surveillance equipment — specifically, the Alki “Port Security Cameras” — to provide written protocols for their use within 30 days of the passage of the ordinance.

I searched the Council site and the Committee for Public Safety, Civil Rights, and Technology’s recent agendas, but I didn’t see any mention of these protocols under discussion, and was just wondering if you could provide an update about their progress and when the public might hope to have a peek at them.

Thanks very much,

Jan Bultmann
Seattle Resident
Member, Seattle Privacy

 

Today I got a very encouraging response from a member of CM Harrell’s staff, who wrote that the committee is working with SPD and ACLU on draft protocols for the Wireless Mesh Network cameras. The staff person said, “The document is still subject to further changes and will go before the Public Safety Committee for public discussion. The most recent meeting with ACLU and SPD was on Wednesday, 7/17.”

I’m very glad to hear about this, and we’ll be keeping an eye out for the protocols on the Public Safety Committee agendas for when the draft comes out for public review.

Meanwhile, we’ve updated our map (see right) of the mesh network to include the nodes along third and fourth avenues, and we’re planning to get the latest batch to go up in along Rainier Avenue on the map as soon as we can.

As co-founder Phil Mocek has reported, the government-owned cameras are a fairly small slice of the overall camera pie: There’s also a program in Seattle called Seattle Shield, in which Seattle PD exchanges information with more than 100 private entities. You can read more about Seattle Shield here: http://investor.abm.com/common/mobile/iphone/releasedetail.cfm?ReleaseID=550581&CompanyID=ABM&mobileid=

Phil’s efforts to discover who all is in Seattle Shield through FOIA requests here: https://www.muckrock.com/foi/seattle-69/seattle-shield-mailing-list-2012-2971/.

Or, see a video of a federal officer harassing Phil on the sidewalk yesterday here: http://archive.org/details/20130725FederalProtectiveServiceHarassment.

If you zoom in on our map at right you can see the exact location where this took place: the federal building.

 

 

 

We are watching Oakland [see included summary of Seattle developments]

We took a bit of a Snowden vacation here at Seattle Privacy, but this being Seattle, the main thing missed was the legal deadline for guidelines and protocols about how Seattle Police use our “waterfront” surveillance cameras. These guidelines are now months overdue, and we’re counting.

Meanwhile, things have gone completely crazy in Oakland, California, our new surveillance soul-mate to the south. In a series of events that mirror the secretive and determined behavior of the Seattle Police Department and its friends at the Department of Homeland Security, shadowy surveillance-loving operatives have tried to sell a $15.9 million network of “waterfront” surveillance cameras and other devices to the Oakland City Council, which met Tuesday night to hear about the proposal. Since Oakland is second to none as a city of active citizens, there was also a crowd well-informed privacy advocates – better informed than the council, which had no idea what it was getting into.

At Seattle Privacy, we stand proudly in solidarity with privacy and transparency activists in Oakland.

To first recap the situation in Seattle, recall that in 2012 the police (led by 30-year SPD veteran Assistant Chief Paul McDonagh and with Detective Monty Moss as technical lead) quietly applied for and received a $5 million dollar grant from the Department of Homeland Security to pay for “port security”. The security would consist of surveillance cameras along the waterfront, combined with a mixed wired and wireless network for communications. The City Council rubber-stamped the proposal without meaningful public debate in May 2012 (Ordinance Number: 123879), listing the Port of Seattle, the Coast Guard, and the Seattle Fire Department partners. By late 2012 and early 2013, equipment was being acquired and SPD was trying in some haste to line up additional partners (the Port of Tacoma, the Seattle Department of Transportation, King County Metro) and combine several other grants to build a much larger network. Controversy erupted when the first cameras appeared at Alki Beach. The mayor promised a “thorough public vetting” of the issue, and on March 26, under pressure from the public, the council passed a bill (Ordinance 124142) requiring city departments to submit formal data-use policies before undertaking surveillance. Out in the community, SPD toured a dog-and-pony-show that passed for a “public vetting” (= “Here’s what we are doing so listen closely!”) while the cameras steadily went up. Ultimately, the network will span the entire city from north to south, the “port security” rationale almost forgotten as inland traffic corridors and government buildings get wired in. There is still no official use policy.

Now back to Oakland, where the story begins in 2009 with the creation of a Domain Awareness Center (DAC), a “joint project between the Port of Oakland and the city, which “started as a nationwide initiative to secure ports by connecting motion sensors and cameras in and around the shipping facilities” (San Francisco Chronicle). However,

While the foundation for the original proposal for the DAC centered primarily on security at the Port of Oakland, it has morphed into a consolidation of many real-time data flows, surveillance cameras and law enforcement statistics in a centralized location. (Oakland Local)

As conceived, the Oakland plan is an unbelievably worse privacy threat than what Seattle has so far attempted. Among its features:

  • Integration of Oakland police and fire communications into a comprehensive surveillance center
  • Video cameras (134 so far)
  • Some cameras equipped with “motion or image recognition technology” (75 so far)
  • Gunshot detection microphones
  • License-plate readers
  • Crime-mapping software
  • Private alarm detections programs
  • Monitoring of Twitter feeds

A further $2 million grant that is being sought would further integrate sensors and cameras from

  • CalTrans
  • The Oakland Unified School District
  • The Oakland County Coliseum
  • Oracle Arena
  • Regional law enforcement intelligence centers

This latest grant proposal was supposed to be approved by the Oakland City Council at a Tuesday, July 16, meeting. Discovering that the issue was controversial, the Council postponed a decision for two weeks. Astonishingly, the city leaders seem not to have considered that years of police violence and brutal repression of protestors (some of it in the previous 48 hours), as well as the record of local and federal surveillance of peaceful political movements such as Occupy, might make the public wary of giving the Oakland police even more power to track them, all of them, all the time.

Attorney Lee Tien of the Electronic Frontier Foundation noted in the Chronicle that the Council had failed to provide guidelines about how all this data would be used, or how long it would be retained. “There’s no indication they’ve considered any privacy or civil liberties issue in the first place,” he said.

At Seattle Privacy, we stand proudly in solidarity with privacy and transparency activists in Oakland. Every day the gap between what our elected officials are required to do, and what they are adequately educated to do, seems to grow wider. We call for municipal governments everywhere to accept that the intersection of technology and privacy is too important and too complex to legislate without expert advice from both fields. This shouldn’t be hard to accept, elected officials seek expert advice from structural engineers, architects, water quality specialists, economists, and a host of other specialized professionals. It’s past time to bring the cryptologists and network engineers on board.

For more information:

Oakland Tribune article on Bay Area regional surveillance initiatives, including Oakland (1 July 2012).

On Twitter, follow @marymad and look for the #DAC (Domain Awareness Center) hashtag.