The sort of thing we are curious about…

As Seattle Privacy discusses the need for privacy oversight in City Hall, we are interested in both the big policy and governance questions and in the technical details of privacy-sensitive technology. Here is an example of the latter, drawn from city paperwork involving Cascade Networks, Inc., the contractor that installed the police surveillance cameras and mesh radio network in 2012-2013. The radios that make up the mesh network are basically tricked-out, weather-proofed versions of normal Wi-Fi access points. Before the city “turned off” the radios last year, each of them was broadcasting a network ID that you could have seen on your laptop or cell phone alongside Starbucks or the name of your home wireless router.  The specs for the project included requirements about network access and logging:

mesh_spec

In bland technical language, we learn that the network has the following capabilities.

  • It can limit logins to a list of approved users stored in a database.
  • It can identify potential users based on username/password or hardware device IDs.
  • It will keep detailed logs (time, duration, identity, etc.) of client connections.

However, these details raise questions that still have not been answered by the Seattle Police Department or any other city office.

  • What happens if a random passerby with a laptop or cell phone attempts to “associate” with a city access point? The answer to this could have privacy and security implications for both parties.
  • Wi-Fi devices broadcast uniquely identifiable radio beacons; does the city equipment record these beacons, or can it be configured to do so? Authorities in Chicago are planning just such a capability in a potentially intrusive Big Data collection scheme.
  • How long will logs be kept, and who will have access to them? Will they be subject to public records requests?

These are questions that should have been asked and publicly debated at early stages of the planning process. They also quickly become issues of general policy: If data is collected, it will be used by any legal or illegal branch of government whose agents can pick up a phone. To protect privacy, don’t collect sensitive information in the first place.

Below is a link to the source documents, courtesy of Tacoma-based Infowars reporter Mikael Thalen, who discovered them on the Seattle.gov Web site:

http://www.scribd.com/doc/183600279/Port-Security-Video-Surveillance-System-with-Wireless-Mesh-Network-Seattle

Or download the document.

How police culture works against effective police reform

By Drew Hendricks
Winner of the Washington Coalition for Open Government’s Key Award for his work with public records

 

I have a long history of reading the internal and inter-agency emails of police intelligence units, mostly thanks to the Public Records laws of the State of Washington. I’ve also been known to avail myself of the opportunity to dumpster-dive for records discarded by police and have even gone so far as to reconstruct the shreds of police reports which were found in trash bags. I’ve had a long time to think about police culture as an outsider investigator, police reform activist, and protester over the course of about twenty years.

 

Formal vs. informal power

Police, like any other group of people, are not simple or monolithic in their viewpoints or attitudes. Despite this, I have been able to see some general trends in the outlooks and attitudes of the police I study, especially in the police intelligence units and drug task forces I have tended to focus upon. These are a few of the things I have learned.

Police memoirs and agency histories agree that there is a cultural divide between patrol officers and police administrators, a distinction often seen in movie and TV dramas when conflict arises between the “desk cop” and the “street cop.” There is a grain of truth here, a difference in style and outlook necessary for the police officers who manage other police officers and interact with higher authorities such as police commissioners or sheriffs or city council members. The focus for any manager is always on where authority lies, who answers to whom, and what the organization chart looks like. Nowhere is this focus sharper than when the persons being managed are armed and authorized to make regular use of physical violence.

On the other side of that coin, street cops are of course jealous of their power and alert to any attempt to modify or control it by those outsiders who “just can’t understand” and “don’t risk their lives” as they do. The culture of the street cop can best be exemplified in the “guild rep,” and is expressed in police guild contracts with police management, which explicitly forbid questioning a patrol officer about the use of deadly force for at least three, and often five, working days after the event.

It is this guild-based center of power (often left off of the official organization chart) which most persistently resists personal body-worn cameras, in-car cameras, and other tools of accountability because the first and best users of these technologies will always be police managers. In an especially bad guild-run police agency, police who have been fired come back to work (with back pay) and public records requests have to pass inspection by a guild rep. When the US Department of Justice steps into an agency and tries to reform it by selecting or replacing its managers and its processes, its success in effecting lasting change is often limited by its failure to recognize and confront the actual power of the organized street cops, whether organized in the guild or expressed in “blue flu” epidemics or selective non-patrols of key city council districts. Informal power networks often have as much power as formal ones, especially if they are free from interference because they are covert.

 

What the police are for

A similar failure of outsider-led police reform often arises from the misunderstanding of how police agencies infringe on protester rights. The police as an institution are constructed to manage social disruption and strikes, keeping the private ownership of enterprises from being forcibly ejected by the working persons who daily occupy the enterprises. Police see protest as the crack from which such events would flow, and are institutionally opposed to protests unless they are organized by police, for guild purposes. Police intelligence units are the ultimate expression of this distrust of protest. This culture of distrust bridges the street-cop/desk-cop divide. It can flow from management directives down to patrol level or arise independently from patrol officers reacting to unexpected, spontaneous protests. In either case, activists cannot trust either side of the police agency to actually protect their rights to protest. Fundamentally this is NOT what police agencies are made to protect, despite all propaganda to the contrary.

Yet City Council members and activists (often relying on the official organization chart) focus their efforts on management or policy when called on to address police agency interference in legitimate protest movements. Thus the activist often hears the police manager’s response that the police have arrived “to protect everyone’s rights” and that they will only intervene “if there is violence.” I cannot relate to you how many times I have heard these words spoken by a man dressed in padded armor, while standing in front of an entire array of men similarly equipped, all of them armed and trained how to use those arms. Oddly enough this statement has never made me feel secure in the use of my rights.

 

Co-opting the politicians (or worse)

Police managers run interference with the elected (transient) layer of government, while conditioning them through continuity of government (COG) arrangements and private threat assessments and executive session briefings to accept the permanent security state, and to distrust protesters and their motives. You might not realize it, but there is a specific Washington State Patrol officer assigned to find and secure each state-level elected official in case of an emergency. Each official has a WSP “buddy” or “COG Officer” with that official’s personal contact info and addresses.

I can’t emphasize enough the potential for psychological buy-in which this arrangement supports and engenders. Because they depend upon the police intelligence and security apparatus for their personal safety, in a manner which is annually reinforced and practiced in drills, the elected official can come to identify with the stated assumptions implicit in the police intelligence institutions beyond the level which would be expected from simply reading briefings and accepting them as true reflections of reality.

I also can’t emphasize enough the implications of such an arrangement if the security state were ever to lose confidence in the system of electoral politics. Is “continuity of government” a deliberate plan to have a ready-made coup in place if it is ever needed? Perhaps it was intended to be so; it would certainly hang well on that frame as long as most of the COG officers either believed the emergency situation were dire enough, or that the elected officials they “serve” were beneath their contempt. But it certainly doesn’t depend on being explicitly thought of as a coup to function effectively that way in a crisis.

 

The military mindset

From my readings, the types of folks who enjoy making lists of activists and their planning meetings and passing those lists around as “threat assessments” are former military (often former military intelligence) and they do this either as contractor intel analysts or as police employees of various types. I’ve seen everything from IT support personnel doing it, to police detectives doing it, to US Army Reserve intelligence managers doing it as Washington State Fusion Center contractors paid under WSP/DHS grants. They all share common assumptions in their reporting and analysis which stem from who they are as people.

The common link is that they are mostly or all rule-followers. Their thinking is not “rights based” but rather “permission based.” Explaining that you have to respect the rights of protesters to these folks just gets a blank stare. They literally have no idea what you might mean by that. They walk out into the world with a notion of duty and service, they accept that what they were told by higher command is what is important, and if you contradict these orders then you’re a traitor or a terrorist.

If you tell them they are doing terrible things they will not believe it for a minute – they are keeping America safe from all the things that they can imagine some brain-damaged protester might do, if not properly supervised. This is the type who tells you that you can’t take pictures of (This Or That) because (My Boss Said So). It is this type who tells you that “I am the Law.”

Meanwhile, their managers are the types who know that when an elected official asks whether rights are being violated, they had better hand that official a nice organization chart to explain (A) that the system is VERY VERY COMPLEX and (B) Fully Audited To Make Sure They Follow Rules. These are great things until you realize that it doesn’t matter how you write those rules if the rules tell the practicing intelligence analyst to respect fundamental rights (apply a general principle to various situations) rather than evaluate whether a protest group followed the orders they were given, whether by the law or by the sergeant or lieutenant in charge of making the rules clear to the protest group. Making the evaluation is objectively possible while applying a principle is not for a rules-based individual whose sense of order is violated or insulted by the protester’s ideology. How could a criminal have a “right” to block a car in traffic on a road, after all?

The person who knows that the First Amendment protects your right to protest knows that this right is more fundamental than the privilege to drive a car, which must be licensed and approved as to its fitness to be on the road. There is no government “fitness test,” meanwhile, for public political speech – it must only not harm others or call for imminent harm. The officer who hears his sergeant shout at the protesters to get out of the road hears that they have been given an order (an order HE would have to follow), so naturally he sees no problem applying discipline to the protesters (unruly children!). And of course this application of force to clear a road is seen in dozens of cases, even to the point of using a Taser or a baton to harm protesters and in rare instances kill them, all in order to protect the “right” to drive a car to the grocery store or the hospital. Even though the supposed reason to remove the protesters would be “for their safety.” Again, unruly children do not get to decide for themselves what risks they adopt.

 

Assessing the protester threat

To illustrate this point, let me pull out two quotes from the 2013 threat assessments around May Day 2013, the first from the Washington State Fusion Center’s April 5th May Day threat assessment:

While the WSFC does not track First Amendment protected activities of groups or individuals, May Day events have been plagued by significant criminal conduct carried out by a small group of people who commit criminal acts (vandalism, property damage, graffiti, etc.).1

Now imagine saying that same sentence with the event “May Day” replaced with the word “Seafair,” or “football game” and it becomes obvious that this “threat assessment” contains some serious political animus toward the political importance of May Day for Anarchists, Socialists, and other counter cultures rather than an objective concern over “vandalism, property damage, graffiti, etc.”

A further quote from a smaller police intelligence unit, the Regional Intelligence Group 5 (Pierce County) shows how police intelligence relies on cut-and-paste lip service for rights, while contradicting the spirit of those words with the actual content of the quote:

While the SSRIG does not track First Amendment protected activities of groups or individuals, May Day events have been plagued by significant criminal conduct carried out by a small group of people who commit criminal acts (vandalism, property damage, graffiti, etc.)….

LE officers need to be aware those who are involved and planning this event have been involved in aggressive Port Military Resistance Protests at the Port of Tacoma, to include Police Brutality protests in Tacoma in the recent past.2

If the SSRIG / RIG5 “does not track First Amendment Protected activities” (such as association) then how, exactly, would they know that “those who are involved and planning this event have been involved in aggressive Port Military Resistance Protests at the Port of Tacoma, to include Police Brutality protests in Tacoma in the recent past.”? And why would protesting police brutality be a police intelligence issue, anyway?

Any attempt to re-write the rules and procedures to protect protester rights will fail because of how the people who organize police intelligence think about the world. The problem is that people who believe in rights and the application of principles to situations are not the types who go into managing or distributing police intelligence. Built on that foundation, the little individual lies each officer tells about their “study subjects” can compound quickly into a domestic terrorism dossier for a simple protest organizer. Until 2009, the Washington State Patrol actually ran an informal database-sharing effort in a series of “Domestic Terror Conferences” which apparently profiled activists and protesters as long as they had been accused of violence during one of their arrests, without apparent regard for whether they had actually been convicted of a violent crime.3

WSP ended its sponsorship of the DT conferences and they were taken up by the Portland Department of Justice in 2010 and 2011. The WSP explanation for ending their sponsorship of the “DT Book” database in the last year they hosted the associated conference is telling:

Perhaps some clarification is due on the reason for discontinuing the “book”. The reasons are myriad and we hope that this will help you have a better understanding of our decision.

 

  1. Intelligence information must be vetted through a supervisor and the Section Commander for inclusion into the database (to comply with LEIU standards and 28CFR part 23).
  2. No Intelligence data should be kept in separate files/locations.
  3. The information for the book is derived from multiple sources and there is no verification that it been vetted for accuracy and completeness nor the reliability of the source and the content.
  4. In reference to the purge requirements, the information is not WSP’s information thus we have not established the retention period and at time of purge we would have to verify the information has not been updated prior to that purge creating more work than necessary for WSP.
  5. We do not know how the information was collected. Each state, as well as federal agencies, has different collection and retention standards that could be in conflict with WSP requirements. That could easily open all of us to extensive scrutiny and outside audits.
  6. Finally, WSP OCIU [Organized Crime Intelligence Unit] has limited ability to continue to devote such intense levels of time and resources toward putting together this information, maintaining it, and distributing it to these other agencies.

We welcome discussion on submitting information or intelligence into another database, such as the RISS Network nodes (WSIN, RMIN, etc), which would enhance the aspects of the original concept of the “book.”4

Even more telling is that I and activists associated with me had caught US Army spy John Towery about five months before this email was written, and a top-down review of Washington State Police intelligence was underway at the time.5

 

Conclusion

In light of my research and experience studying law enforcement professionals, I call on elected officials and specifically the DOJ monitor assigned to review the progress of reform in SPD, to recognize that there are institutional and attitudinal barriers to change that need to be confronted. It really is not the business of any police agency to decide which potential protest events will be met with force, and which protest organizers will be interfered with, arrested, followed, watched, and lied to by undercover officers and their informants. By starting down that road, these police agencies have abandoned their Constitutional oaths in favor of their convenience and their corporate patrons. It is time to return to the rule of law, if you’ll hear that from an Anarchist like me.


 

1 13-0020-May_Day_Threat_Assessment_May_1_2013_(U-FOUO).pdf. Hosted on SeattlePrivacy.org by permission of the author.
2 Threat_Assessment_May_Day_2013_(South_Sound).pdfHosted on SeattlePrivacy.org by permission of the author.
4 Email message. Thursday, November 19, 2009. [Withheld from publication by the editors.]

Seattle Privacy expands mission to include state, federal issues

We formed Seattle Privacy almost a year ago, with the specific intention of persuading Seattle City Council to empower an expert civilian privacy oversight board to review all proposed use of surveillance equipment in the City of Seattle. We were responding to the deployment of surveillance cameras along Alki. The longer we poked around, the more equipment and surveillance systems we found, including SPD’s use of ALPR (automatic license plate readers), the Seattle Shield program, whereby private companies provide surveillance data to SPD, and the interesting role of Homeland Security funding in building Seattle’s mesh net.

Then, Edward Snowden surfaced in Hong Kong, with revelations about the NSA’s illegal dragnet surveillance programs and what has fairly been called the militarization of the Internet.

At first we tried to stay focused on what we could do right here in Seattle. We dreamed of presenting Seattle to the world as a model of legislative success in curtailing surveillance. We still do

Over time, however, all of our members have been drawn into other efforts as well. This week we’re talking to US Senator Maria Cantwell, next week we’ll be lobbying state elected officials in Olympia. It’s time for us to acknowledge that we are no longer a municipally focused organization. We’re working with Washington State ACLU and the national organization Free Press to identify legislators to contact and legislation to promote.

We seek the protection of privacy for all people, where ever they live, whatever their citizenship, against increasingly totalitarian government surveillance programs and intrusive and cynical corporate data collection. Our focus remains on policymaking, but we are happy to publicize other approaches, including direct action, protests, petitions, training and educational efforts, and more.

Be seeing you!

How Seattle City Council can fix broken Seattle Police oversight

Dear Councilmembers,

We, your constituents, respectfully request that you change your oversight strategy toward the Seattle Police Department in response to the events of 2013, as described below.

Traditionally, the record suggests, Council has treated SPD requests for funding and for entrance into partnerships with other governmental bodies and private companies as innocuous, as business as usual, as more of the same.

This seems an inadequate approach, particularly given the following:

  • Seattle Police Monitor Merrick Bobb’s findings on the willful foot-dragging and noncompliance of SPD leadership
  • The unacceptable state of the SPD’s Information Technology Unit as described in the monitor’s second semiannual report
  • The evident inability or unwillingness of large subsections of the United States Department of Homeland Security, a major granting agency to SPD, to comply with the letter, much less with the spirit, of US law
  • The stealth deployment of DHS-funded drones and surveillance cameras in our city and the farcical show of gathering public feedback that followed
  • Council’s explicit acknowledgement of the need to protect privacy and anonymity via enactment of Ordinance 124142

In light of these developments, we ask that you, our elected representatives, step up the level of scrutiny that you bring to all SPD initiatives.

  • We ask that you adopt a skeptical approach to claims made by SPD staff; that you make it a standard practice to challenge, not to cheer-lead, when engaging in oversight of SPD.
  • We ask that you demand greater detail in the semi-annual reports of the Police Intelligence Auditor, and that you direct the auditor to adopt a more skeptical stance. After reviewing SPD records, he should describe, not simply enumerate, operations involving collection of restricted information, if not while those operations are active, then after their conclusions.
  • We ask that you thoroughly evaluate all proposals emanating from SPD for any potential infringement upon human rights and for noncompliance with Ordinance 124142. Please envision the effects of such proposals as implemented not by those SPD staff whom you know to have the best of intentions, but as implemented by future staff who may have less respect for the policies with which they are expected to comply.

We hope that you will send to SPD a message similar to the following:

Our constituents no longer have the trust in your organization that many of them once had. We have watched with surprise and dismay as your staff are repeatedly found to have acted with disregard for individual privacy and with resistance to institutional transparency. Those days are over. We now intend to oversee your department’s actions with even greater rigor than that with which we oversee other city departments. We will not treat reviews of audits as perfunctory. We will insist on systems that prevent inappropriate use by design, not simply by policy.  We will not authorize the acceptance of federal grants that allow you to operate outside of our oversight.  We will look upon every proposal for new SPD policies or equipment with skepticism.  Our constituents demand it.