Why we & the federal monitor agree: don’t trust SPD on surveillance tech

(Or: It’s Thanksgiving, and we are thankful for SPD’s federal monitor)

As reported in the Seattle Times, a draft report on the Seattle Police Department’s performance has been released by the federally appointed monitor, Merrick Bob, and it is not pretty. Say what you like about the federal government’s own violations of constitutional and human rights, the Department of Justice has served Seattle well by placing SPD under court review and holding it to an objective standard of policing. The excessive force — the unnecessary deaths, beatings, profilings, and daily humiliations — that compelled the DOJ to get involved must stop, and the SPD must fulfill its mission to serve and protect the people of Seattle.

As the city’s privacy-lovers already know, excessive force is not the only problem at SPD.  It was grant-chasing SPD leaders, particularly in the Information Technology division, who accepted money from the Department of Homeland Security  and deployed a city-wide surveillance of security cameras and radio links without public review or debate. In response to community apprehension (especially in West Seattle, where the first cameras went up), SPD’s leadership promised to manage the collected data responsibly and to allow public scrutiny of the images being captured. Additionally, Ordinance 124142, passed in March 2013, required SPD to submit a use policy within 30 days and gain council approval before turning on the system.

Eight months have passed since March, and no use policy has appeared. After people recently noticed that the system was turned on anyway, SPD promised to turn it off again. A legitimate question at this point would be: Who is running this circus?

The federal monitor’s report makes clear that SPD’s Information Technology division is a big part of the problem. There is not only lack of leadership from the City and inside SPD, there is, front and center, a simple lack of competence in IT.

The following excerpts from the report highlight IT’s inability to oversee large projects, plan new ones, manage its data, keep its machines working, and on and on. Remember, these are the people who sneaked in a public surveillance net, and then promised to manage its data in the public interest. In fact, they can’t even produce reliable data for Merrick Bobb. The failure of IT to manage (or even locate) its data plays directly into the SPD leadership’s conspiratorial, closed-door management style. Got a Freedom of Information Act request? Sorry, that information was lost. Got a federal consent decree? Sorry, we can’t really tell you what we are doing, because we don’t know, and we don’t want to know.

  • IT is incapable of providing responsive data to the federal monitor

The Department’s Information Technology (“IT”) leadership has given incorrect or incomplete information to the Monitor and Monitoring Team and has proven itself unable to tackle the management of projects of import or complexity relating to use of force and other areas encompassed by the Settlement Agreement. SPD’s existing capacities to track, analyze, and use data are, at best, weak. The data produced by the IT Department has been error-ridden and inadequate: The SPD simply does not have the data required to implement the Consent Decree, to manage the risk of unconstitutional conduct, to respond to the Monitoring Team’s requests for data in order to measure progress, to enable the Court to assess the speed and good faith of implementation, or to respond to routine inquiries by
City Council for data needed for legislative purposes. (1)

  • IT’s attitude and equipment are outdated

Modern policing is, in short, a scientific and data~driven enterprise…. The Settlement Agreement repeatedly stresses the need for the SPD to gather accurate data by which to manage the risk of unconstitutional policing and measure compliance. The SPD has nonetheless found it difficult to embrace these new technologies. Current data and analytical capabilities are nowhere near adequate. The SPD generates frequently erroneous and incomplete factual information about itself and officer performance. (6)

  • “We can do this ourselves!” — But they can’t

A business intelligence system, properly conceived and developed, is pivotal to SPD’s ability to hold itself accountable for constitutional policing…. During the last year, the SPD has spent substantial time and money–possibly hundreds of thousands of the business intelligence project because some within the Department firmly insisted that they could develop a system on their own, without input from outside experts or from those who will be the users of the system. A proposed “vendor” solution that would link the Department’s existing, jerry-built silos of erroneous and incomplete data to each other, with a weak interconnection, fell well short of what is needed: a modern, sophisticated, and dynamic tool that SPD can use to pragmatically and rigorously assess its performance. (7)

  • “Nobody can do this!” — Wrong again

Despite the Monitoring Team repeatedly advising SPD to tum to outside experts and consider alternative solutions for collecting more reliable data, this advice was slow to gain internal support. SPD’s IT leadership consistently told the Monitoring Team that some interim solutions were not technologically feasib1e–even though they were later shown to be easy to accomplish. (7)

  • The problem in IT is the leadership

Notwithstanding the SPD’s resistance to change and suspicion of innovation in some quarters, the Monitor emphasizes that there are many talented individuals within the SPD dealing with data and information technology who are working in good faith and taking justifiable pride in their accomplishments. The problem appears Qt to be the lack of a talented and dedicated staff but, instead, a failure by some members of senior IT leadership to fully accept the requirements of the Settlement Agreement…. (7-8)

  • How IT implements racially color-blind policing

The Monitoring Team’s third troubling discovery was that, for two consecutive years, the demographic figures for Asian and Caucasian subjects in use of force incidents were notably inconsistent with subsequent years. After confirming the accuracy of its analysis, the Monitoring Team brought this inconsistency to the attention of the Compliance Coordinator’s office. After an inquiry, the SPD explained that, for two years, “Asian” was incorrectly recorded in AIM as “Caucasian,” and vice–versa. Thus, although the Monitoring Team collected use of force data across only seven basic categories, it discovered a critical systematic error. The Monitoring Team understands that no effort is currently being made to audit or otherwise correct these errors. It underscores DOJ’s view that the SPD 1acked–and the Monitoring Team thinks the SPD still lacks–the basic tools necessary to manage the risk of unconstitutional policing. (11)

  • IT’s reputation for incompetence provides cover for misconduct

As this report details elsewhere, video and audio are missing far too frequently for incidents reviewed by the Use of Force Review Board and Firearms Review Board These omissions compromise the integrity and quality of investigations. When ICV [in-car video] is missing, the Department regularly and without additional inquiry accepts the explanation that the officer’s equipment was not properly functioning or that the officer did not know how to operate it. The days of technical issues being an immediately accepted excuse for the absence of video must come to an end so that officers can be fairly held accountable if they inappropriately fail to activate ICV or cause their on-body microphone to be muted during an incident. (13)

Protocols for surveillance data under development in Seattle

Here’s an email I wrote to Seattle City Councilmember Bruce Harrell, who chairs the Committee of Public Safety, Technology, and Civil Rights:

Dear Councilmember Harrell,

Thanks so much for all the work you’re doing to address police accountability, the gender pay gap issue, and equitable access to broadband in the city, among so many other issues.

Quick question: In March of this year, Council passed ordinance 124142, which called for the creation of written protocols for City-owned surveillance equipment. The legislation required programs running previously deployed surveillance equipment — specifically, the Alki “Port Security Cameras” — to provide written protocols for their use within 30 days of the passage of the ordinance.

I searched the Council site and the Committee for Public Safety, Civil Rights, and Technology’s recent agendas, but I didn’t see any mention of these protocols under discussion, and was just wondering if you could provide an update about their progress and when the public might hope to have a peek at them.

Thanks very much,

Jan Bultmann
Seattle Resident
Member, Seattle Privacy

 

Today I got a very encouraging response from a member of CM Harrell’s staff, who wrote that the committee is working with SPD and ACLU on draft protocols for the Wireless Mesh Network cameras. The staff person said, “The document is still subject to further changes and will go before the Public Safety Committee for public discussion. The most recent meeting with ACLU and SPD was on Wednesday, 7/17.”

I’m very glad to hear about this, and we’ll be keeping an eye out for the protocols on the Public Safety Committee agendas for when the draft comes out for public review.

Meanwhile, we’ve updated our map (see right) of the mesh network to include the nodes along third and fourth avenues, and we’re planning to get the latest batch to go up in along Rainier Avenue on the map as soon as we can.

As co-founder Phil Mocek has reported, the government-owned cameras are a fairly small slice of the overall camera pie: There’s also a program in Seattle called Seattle Shield, in which Seattle PD exchanges information with more than 100 private entities. You can read more about Seattle Shield here: http://investor.abm.com/common/mobile/iphone/releasedetail.cfm?ReleaseID=550581&CompanyID=ABM&mobileid=

Phil’s efforts to discover who all is in Seattle Shield through FOIA requests here: https://www.muckrock.com/foi/seattle-69/seattle-shield-mailing-list-2012-2971/.

Or, see a video of a federal officer harassing Phil on the sidewalk yesterday here: http://archive.org/details/20130725FederalProtectiveServiceHarassment.

If you zoom in on our map at right you can see the exact location where this took place: the federal building.

 

 

 

SPD event tonight and this week’s recommended #privacy reading

SPD event tonight:

Tonight at beautiful Golden Gardens, we’ll hear Seattle Police Department spokespeople and techies talk about the Port of Seattle surveillance cameras. If you can, please come: This is pretty interesting stuff.

Details: Golden Gardens Bathhouse, 8498 Seaview Pl. NW, Friday, May 24th at 7 p.m.

SPD also invites your e-mail comments or questions at cameraquestions@seattle.gov.

Seattle Privacy Coalition members have made it to each of the previous public meetings (at Alki and Belltown) and we plan to be there tonight.

This week in recommended reading

We don’t really mean to tell you to read Bruce Schneier every single time the man posts something, but we couldn’t resist sharing this very alarming article, which envisions all our devices, appliances, clothing, and other items tracking us and each other and reporting in: The Internet of Things.

Speaking of things that know where you are: From the opposite side of the country comes news of the Maine Senate voting to require police to get a warrant before engaging in location tracking of cell phones and other GPS-enabled devices in non-emergency situations.

We feel like we see articles almost every day that refer to new (or existing) programs and systems that gather and store data, such as ORCA and other transit cards, Smart Meters, and more.

Lately we’ve been seeing and using the term “Accidental Surveillance” to describe how, when they are all put together, these systems paint an alarmingly detailed picture of our lives and movements.

Here’s a piece by Seattle City Councilmember Tim Burgess that discusses how, starting April 1, owners of commercial and multifamily residential buildings of at least 20,000 square feet must report energy usage to the City on an annual basis. We’re all for saving energy, we just want to make sure privacy protection is part of the conversation: Tracking Building Energy Use.

Finally we saw that Woodinville plans to purchase surveillance cameras to fight crime, and is also considering the sort of automated license plate reader (ALPR) system in use currently in Seattle. Props to Mayor Bernie Talmas, the lone no vote, who was reported in The Seattle Times as voting no, “saying he was concerned about privacy issues and possible liability to the city.”

And this seems like a good moment to note that Seattle Privacy Coalition does not oppose data gathering systems, but we also are concerned about privacy issues and possible liability to our fair city, and would love to see oversight in place to review department protocols.

 

 

 

 

Who do you want looking after your privacy rights?

We’ve been brainstorming the ideal make up of an advisory board to help City Council review protocols for surveillance equipment. Here’s what we’ve come up with so far.

– University of Washington security and privacy research center
– Representative from the police accountability and review board
– Computer hardware developer
– Security software developer
– Sociologist
– Two attorneys with expertise in privacy law
– Near Future Security Researcher
– ACLU technology expert
– Community member with stake in free expression (artist? blogger?)
– Small business owner

Principles for an effective civilian oversight board

Below are some existing principles for civilian oversight. We’ve submitted them along with our proposal to Seattle City Council in hopes that they will help Council craft an oversight body that has real authority to influence policy.

Independence. The power to conduct hearings and report findings and recommendations to the public.

Investigatory Power. The authority to independently investigate incidents and issue findings on complaints.

Hearings. Essential for solving credibility questions and enhancing public confidence in process.

Reflect Community Diversity. Board and staff should be broadly representative of the community it serves.

Policy Recommendations. Civilian oversight can spot problem policies and provide a forum for developing reforms.

Statistical Analysis. Public statistical reports can function as early warning systems and detail trends, helping to identify potentially vulnerable systems.