Transparency of Federal Use of Investigative Technologies (US0070)

As law enforcement and homeland security agencies have harnessed the use of new technologies, such as unmanned aircraft systems, the Administration has recognized that these technologies — which have proven to be safe and low-cost alternatives to traditional methods for criminal investigation, identification, and apprehension — must be used in a manner that protects the privacy and civil liberties of the public. Consistent with the goals of the President’s February 2015 memorandum, law enforcement agencies are encouraged to develop and make publicly available a privacy analysis for advanced technologies and undertake periodic privacy review of their use.

For details of these commitments, see the report: https://www.opengovpartnership.org/documents/united-states-mid-term-report-2015-2017/

Commitment 18. Enhance Transparency of Federal Use of Investigative Technologies

Commitment Text:

Enhance Transparency of Federal Use of Investigative Technologies

As law enforcement and homeland security agencies have harnessed the use of new technologies, such as unmanned aircraft systems, the Administration has recognized that these technologies — which have proven to be safe and low-cost alternatives to traditional methods for criminal investigation, identification, and apprehension — must be used in a manner that protects the privacy and civil liberties of the public. Consistent with the goals of the President’s February 2015 memorandum, law enforcement agencies are encouraged to develop and make publicly available a privacy analysis for advanced technologies and undertake periodic privacy review of their use.

Responsible institutions: Department of Homeland Security and Department of Justice

Supporting institutions: Law enforcement agencies and civil society organizations

Start Date: Not Specified ....... End Date: Not Specified

Commitment Aim

The government drafted this commitment in response to concerns about the growing use of unmanned aircraft systems (UAS) by the government. [236] This commitment aimed to have law enforcement agencies develop and publicly disclose privacy analyses for advanced surveillance technologies—specifically UAS—and undertake privacy reviews related to their use.

Status

Midterm: Limited

At the midterm, the government had made limited progress on this commitment. Policy guidance issued by the Department of Justice (DOJ) in May 2015 [237] pursuant to a White House memorandum from February 2015 [238] called for privacy reviews on the use of unmanned aircraft systems (UAS), but the guidance did not mention the issue of public disclosure. The guidance further stated that the DOJ itself would provide summaries of its UAS use on the DOJ website. However, no such summaries were available at the midterm.

The Department of Homeland Security (DHS), on the other hand, published best practices for protecting privacy, civil rights, and civil liberties in UAS programs in December 2015. [239] DHS also published a policy on the use of cell-site simulators—law enforcement tools that mimic cell towers and are used to connect to nearby mobile phones and other devices that use cellular data. [240]

End of term: Substantial

By the end of term, DHS had in place a system of periodic privacy review and disclosure of privacy analyses regarding the use of UAS, as required by the commitment text. Specifically, as noted in the 2017 annual report of the DHS Privacy Office, DHS Components must first complete a Privacy Threshold Analysis (PTA) when considering “the acquisition, development, or deployment of UAS.” [241] According to the report, most of the PTAs regarding UAS received by the Privacy Office relate to system testing or demonstrations. The Privacy Office then works with the Component(s) to determine if the testing or demonstration could affect the privacy of anyone outside of DHS.

If there is “even a remote possibility” that the use of UAS (or counter-UAS technology) could result in DHS acquiring personally identifiable information (PII), the Privacy Office requires a privacy impact assessment (PIA). According to DHS, PIAs help “the public understand what PII the Department is collecting, why it is being collected, and how it will be used, shared, accessed, secured and stored.” [242] PIAs are then published online if they do not contain classified information. [243] For example, during the period of the action plan, DHS published a PIA that covers the use of cell-site simulators by the Secret Service. [244]

Despite the progress made by DHS in developing and publishing privacy reviews regarding the use of investigative technologies, the DOJ made less progress. The DOJ’s 2016 Annual Privacy Report briefly mentions UAS privacy-related issues. The report, published by the chief privacy and civil liberties officer (CPCLO) and the Office of Privacy and Civil Liberties (OPCL), covers October 2013 through 30 September 2016. The report noted, “The CPCLO and OPCL are working to publish additional documentation that addresses the concerns of transparency and accountability in the Department’s domestic use and operation of UAS, and is designed to help ensure that Department personnel continue to respect individuals’ privacy, civil rights, and civil liberties.” [245] However, no such documentation was publicly available by the close of the end-of-term reporting period.

According to the Department of Justice, its components are required to report annually to the Deputy Attorney General on completed privacy reviews. In addition, components must report the number of deployments of UAS, including a brief description of types or categories of missions, and the number of each type of mission. The Department is then expected to publish a summary of its UAS operations. At the time of writing, the Department informed that this summary would be posted “in the near future,” following a careful and time-intensive review of this information, some of which is potentially sensitive. [246]

Despite the progress made by DHS in developing and publishing privacy reviews, the absence of any publicly available DOJ privacy analyses regarding the use of UAS means that this commitment is substantially—rather than fully—complete.

Did It Open Government?

Access to Information: Did Not Change

The commitment did not open government with respect to access to information during the action plan period. As mentioned above, the DOJ did not publish any new information regarding privacy analyses surrounding the use of UAS or other investigative technologies. While DHS maintained a system of periodic privacy reviews, there is little evidence of a change to government practice as it relates to the public disclosure of PIAs. Specifically, DHS has been publishing PIAs since before the start of the action plan. According to the 2017 annual report of the DHS Privacy Office cited above, the Privacy Office has published three PIAs to date surrounding the use of UAS. [247] Two of the PIAs were published well before the start of the action plan (in 2012 and 2013); the other was published after the close of the action plan (in August 2017). [248] Moreover, while DHS did publish a PIA regarding the use of cell-site simulators by the Secret Service in May 2017, this was an update to an earlier existing PIA published in October 2013. [249] Given the lack of new PIAs disclosed during the action plan period, the IRM considers that this commitment did not contribute to greater levels of public access to information.

Carried Forward?

At the time of writing, the US government had not published its fourth national action plan, so it is unclear if this commitment will be carried forward. Privacy issues related to unmanned aircraft systems (UAS) are clearly important. However, the lack of specificity surrounding this commitment’s actions implies a limited potential impact and suggests that limited resources may be better spent elsewhere. If this topic is included in a future action plan, it is important to modify the commitment. The revised version should reflect a concrete deliverable and a greater emphasis on making more information on the use of UAS regularly available to the public.

[236] Gregory McNeal, “Drones and Aerial Surveillance: Considerations for Legislatures,” Brookings Institution, November 2014, http://brook.gs/2qcn8RG. 

[237] Department of Justice, Department of Justice Policy Guidance: Domestic Use of Unmanned Aircraft Systems,” May 2015, https://www.justice.gov/file/441266/download, consulted 4 October 2017.

[238] “Presidential Memorandum: Promoting Economic Competitiveness while Safeguarding Privacy, Civil Rights, and Civil Liberties in Domestic Use of Unmanned Aircraft Systems,” The White House, 15 February 2015, https://obamawhitehouse.archives.gov/the-press-office/2015/02/15/presidential-memorandum-promoting-economic-competitiveness-while-safegua, consulted 4 October 2017.

[239] “Best Practices for Protecting Privacy, Civil Rights & Civil Liberties In Unmanned Aircraft Systems Programs,” US Department of Homeland Security, 18 December 2015, https://www.dhs.gov/sites/default/files/publications/UAS%20Best%20Practices.pdf, consulted 9 May 2018.

[240] “Policy Directive 047-02,” Department of Homeland Security, 19 October 2015, https://www.dhs.gov/sites/default/files/publications/Department%20Policy%20Regarding%20the%20Use%20of%20Cell-Site%20Simulator%20Technology.pdf, consulted 9 May 2018.

[241] “2017 Privacy Office Annual Report to Congress,” Department of Homeland Security, Privacy Office, 31 October 2017, https://www.dhs.gov/sites/default/files/publications/dhsprivacyoffice2017annualreport-FINAL-10312017.pdf, consulted 9 May 2018.

[242] “Privacy Compliance,” Department of Homeland Security, 30 March 2017, https://www.dhs.gov/compliance, consulted 4 May 2018.

[243] “Privacy Impact Assessments,” Department of Homeland Security, https://www.dhs.gov/privacy-impact-assessments, consulted 4 May 2018.

[244] “Privacy Impact Assessment for the Field Support System (FSS),” Department of Homeland Security, 8 May 2017, https://www.dhs.gov/sites/default/files/publications/privacy-pia-usss-014%28a%29-fss-may2017.pdf, consulted 4 May 2018.

[245] Department of Justice, 2016 Annual Privacy Report: 1 October 2013 – 30 September 2016, 18–19, https://www.justice.gov/CPCLO_OPCL_AR13-16_FINAL/download, consulted 14 September 2017.

[246] The IRM received this information in a comment from the Department of Justice during the pre-publication review of this report. The comment was received via e-mail on 30 April 2018.

[247] “2017 Privacy Office Annual Report to Congress,” Department of Homeland Security, Privacy Office, 31 October 2017, https://www.dhs.gov/sites/default/files/publications/dhsprivacyoffice2017annualreport-FINAL-10312017.pdf, consulted 9 May 2018.

[248] Ibid.

[249] “DHS/USSS/PIA-014 Field Support System,” Department of Homeland Security, https://www.dhs.gov/publication/dhsussspia-014-field-support-system, consulted 9 May 2018.