California police would have to disclose the use of more surveillance devices under this proposed law
In what will likely become another battle over the balance between privacy and public safety, new legislation at the state Capitol would expand the list of electronic surveillance devices that California law enforcement agencies must disclose to the public.
The bill, introduced last month by state Sen. Jerry Hill (D-San Mateo), would require any local law enforcement agency in California that uses surveillance technology to submit a plan to local officials on how it uses the equipment and the information collected. Surveillance plans would have to be presented at an open hearing and would be required to include any facial recognition software, drones or even social media monitoring used by officers.
Law enforcement officials say the list of surveillance methods is so broad that producing policies for each device could be impractical and would hinder criminal investigations. But privacy advocates argue it doesn’t do enough to shed light on police use of spying equipment, technology that they say is quickly evolving and whose reach could be expanded under the administration of President-elect Donald Trump.
Hill said he hopes “to create transparency and a check and balance.” “There has to be standards to create limitations on the use and potential abuse of this technology, because it can be so intrusive on our lives and can very easily cross the line and violate our civil rights,” he said.
California, which already has what may be the most comprehensive digital privacy laws in the nation, has been at the forefront of efforts to make the use of law enforcement surveillance devices more transparent.
State laws require investigators to obtain a probable cause warrant for all digital content and access to devices, such as cellphones, and mandate that law enforcement agencies catalog and make publicly available information about their data systems.
Senate Bill 21 would require law enforcement agencies to draft polices by July 1, 2018, identifying all of their types of surveillance technology, their authorized reasons for using them, the types of data collected and the levels of employees who can use them, along with a description of their training.
It also would prohibit an agency from acquiring new technology unless approved by local officials at a regularly scheduled public meeting.
The legislation is predicated on two laws that went into effect last year. One required agencies to draft and publicly post privacy and usage policies if they operate automated license-plate recognition software. Another ordered the same for cell-site simulators, often called “Stingrays” or “Dirtboxes.”
The powerful cellphone tracking devices function as fake cellphone towers to cast a broad dragnet over communications. Law enforcement agencies have sparked controversy and court battles over their use and their ability to collect information from innocent people not under investigation.
But privacy advocates say that not all agencies have complied with the new disclosure rules and that, as with Hill’s proposal, current laws don’t go far enough to ensure that they do.
Legal experts say some agencies could skirt disclosure requirements by borrowing the technology from other federal agencies not subject to state law.
In April, the Electronic Frontier Foundation and more than 30 other watchdog groups and nonprofits combed through nearly 170 California government websites to make sure surveillance policies had been posted. They found 79 — many of which could easily be located. But volunteers at the time could not locate policies for at least 90 agencies, which were believed to employ surveillance technology based on public records.
Dave Maass, an investigative researcher with the Electronic Frontier Foundation, said more agencies have since posted their policies online. But whether California has a clearer picture now of the surveillance technology in use is “a mixed bag,” he said.
Some policies have revealed new information, such as how long police hold on to data from license plate readers — anywhere from three months to a year or longer. But many used boilerplate language, revealing only that the technology was in use.
Hill said his new legislation is meant to be an inclusive, catch-all policy for technology that is quickly changing. But critics on both sides of the issue say it needs more work.
Cory Salzillo, legislative director with the California State Sheriffs’ Assn., said his organization had yet to take a position on the bill, but he said law enforcement officials will look into concerns over whether its provisions could give “criminals a road map about how we surveil them.”
Privacy implications of facial recognition back in the spotlight »
Law enforcement officials said the legislation also imposes challenges for investigators who might need to buy or borrow new technology in time-sensitive cases or emergency situations.
For privacy advocates, the concern is it lacks teeth.
“We appreciate the underlying concerns that motivate the bill,” said Kevin Baker, legislative director of the American Civil Liberties Union of Northern California. “But it doesn’t address the most fundamental issues, such as what is the cost and the risk [of using these devices], and is there going to be real oversight and real enforcement?”
Twitter: @jazmineulloa
ALSO
Cellphone encryption bill pits police against tech industry and privacy advocates
Why California may not see statewide rules on the use of drones anytime soon
Lawmakers try to fix a side effect of reducing drug and theft crimes
Get the L.A. Times Politics newsletter
Deeply reported insights into legislation, politics and policy from Sacramento, Washington and beyond. In your inbox three times per week.
You may occasionally receive promotional content from the Los Angeles Times.
