«[PROPOSED] CITY OF OAKLAND DOMAIN AWARENESS CENTER (DAC) PRIVACY AND DATA RETENTION POLICY I. BACKGROUND AND OVERVIEW Port Domain Awareness Center ...»
[PROPOSED] CITY OF OAKLAND DOMAIN AWARENESS CENTER
(DAC) PRIVACY AND DATA RETENTION POLICY
I. BACKGROUND AND OVERVIEW
Port Domain Awareness Center (interchangeably referred to in this document as
Port Domain Awareness Center”, “Domain Awareness Center,” or “DAC”) was first proposed
to the City Council’s Public Safety Committee on June 18, 2009, in an information report regarding the City of Oakland partnering with the Port of Oakland to apply for Port Security Grant funding under the American Recovery and Reinvestment Act, 2009.
Under this grant program, funding was available for Maritime Domain Awareness (MDA) projects relative to “maritime” or “waterside” uses. The Port and City were encouraged to consider the development of a joint City-Port Domain Awareness Center. The joint DAC could create a center that would bring together the technology, systems and processes that would provide for an effective understanding of anything associated with the City of Oakland boundaries as well as the Oakland maritime operations that could impact the security, safety, economy or environment. However, the City Council action on March 4th, 2014 limited the scope of the DAC to the Port. Any effort to expand the DAC beyond the Port would require a public hearing and action by the City Council.
“Port Domain Awareness” is defined as the effective understanding of anything associated with all areas and things of on, under, relating to, adjacent to, or bordering the sea, ocean, or other navigable waterways, including all first responder and maritime related activities, infrastructure, people, cargo, and vessels and other conveyances that could impact the security, safety, economy, or environment.
The DAC would be used as a tool or system to accomplish this effective understanding as it relates to the security, safety, economy or environment of the Port of Oakland.
The DAC is a joint project between the Port and the City of Oakland. The DAC is physically located within the Emergency Operations Center (EOC) and it can collect and monitor live streams of video, audio, and/or data, watching for time-critical events that require an immediate response. Additionally, the DAC is the part of the EOC that stays alert between emergencies and refers Port-adjacent incidents to the EOC staff for the EOC activation decision. While the rest of the EOC activates, the DAC can share relevant information to incident participants until the EOC infrastructure takes over. Notwithstanding any other provision to the contrary, this Policy applies only to the City-Port DAC systems operated by the City of Oakland’s Emergency Operations Center in Oakland, California which are under the City’s control, and does not apply to Port of Oakland monitoring and security systems operated by the Port and which are outside the City’s jurisdiction or control.
II. MISSION OF THE DOMAIN AWARENESS CENTERThe mission of the DAC is to provide situational awareness information so that the City is better equipped to make timely and critical decisions on the best ways to prevent, prepare for, respond to, and recover from emergencies and potentially catastrophic events.
III. POLICY PURPOSEThis policy’s purpose is to protect the Right to Privacy, civil liberties, and freedom of speech of the general public as protected by the California and Federal Constitutions, and erect safeguards around any data captured and retained by the DAC, and to protect against its improper use, distribution and/or breach and in how it is used for law enforcement investigations. This policy shall be referred to as the DAC Privacy and Data Retention Policy (“Policy”). More specifically, the principal intent of this Policy is to ensure the DAC adheres to constitutionality, especially the 1st and 4th amendments of the U.S. Constitution and the California Constitution. Also, this Policy is designed to see that the DAC processes are transparent, presume people’s innocence, and protects all people’s privacy and civil liberties.
Privacy includes our right to keep a domain around us, which includes all those things that are part of us, such as our body, home, property, thoughts, feelings, associations, secrets and identity. The right to privacy gives us the ability to choose which parts in this domain can be accessed by others, and to control the extent, manner and timing of the use of those parts we choose to disclose. The importance of privacy can be illustrated by dividing privacy into three equally significant parts: 1) Secrecy - our ability to keep our opinions known only to those we intend to receive them, without secrecy, people may not discuss affairs with whom they choose, excluding those with whom they do not wish to converse. 2) Anonymity - Secrecy about who is sending and receiving an opinion or message, and 3) Autonomy - Ability to make our own life decision free from any force that has violated our secrecy or anonymity.
This Policy is designed to promote a “presumption of privacy” which simply means that individuals do not relinquish their right to privacy when they leave private spaces and that as a general rule people do not expect or desire for law enforcement to monitor, record, and/or aggregate their activities without cause or as a consequence of participating in modern society.
In adopting this Policy, it is not the intent of the City Council to supersede or suspend the functions, duties, and authority of the City to manage and oversee the affairs of the City and to protect public safety. This policy is intended to affirm the rights of privacy and freedom of expression, in conformance with and consistent with federal and state law. Nothing in this policy shall be interpreted as relieving the City’s responsibility to comply with any and all labor and union agreements, and to comply with all other City Council applicable policies.
by the City Council, including but not limited to reviewing and advising on any proposed changes to this Policy or to the DAC.
D. The City Council, through passed resolution 84869 on March 4th, 2014, which provides in
relevant part the following limitations on the Domain Awareness Center:
That the Domain Awareness center will be implemented in a port-only approach and shall hereafter be referred to as the “Port Domain Awareness Center (DAC); and...
That the following items will be removed from the DAC Phase I integration: (a) Shot Spotter in immediate areas outside of the Port Area, and (b) 40 City Traffic Cameras identified on pages 9 and 10 of the City Administrator’s Supplemental Agenda Report, dated February 27, 2014, and...
That the following items will be removed from DAC Phase II integration: (a) Police and Fire Records Management Systems (RMS), and (b) any news feeds and alerts except those expressly listed in the City Administrator’s Supplemental Agenda Report, dated February 27, 2014, and...
That no new system capabilities can be added to the DAC without express City Council approval, including, but not limited to technological functionalities such as facial
recognition, other forms of analytics (like “gait analysis”, in which someone can be identified based on the way they walk) or other capabilities that haven’t yet been invented but are soon to come...
As used in this Policy, the following terms are defined below:
“Allowable Use” means the list of uses in Section VIII A. of this Policy for which the DAC can be used.
“Analytics” means the discovery and understanding of meaningful patterns and trends in data for well-informed decisions. Especially valuable in areas rich with recorded information, analytics relies on the simultaneous application of statistics, computer programming and operations research to quantify performance.
“Bookmark” means a feature of video management systems that allows DAC Staff to quickly mark and annotate a moment for later review; the time stamped record is the bookmark.
“Compliance Officer” means the City Auditor or their designee who is responsible for reviewing the quarterly reports prepared by the Internal Privacy Officer and conducts random audits to ensure the DAC Staff is abiding by this Policy.
“DAC Data” means any data or information fed into, stored, or collected or captured by the DAC System, or derived therefrom.
“DAC Operations Group” means the various personnel who support and maintain the DAC IT systems.
“DAC Staff” means the City of Oakland employees who will be responsible for monitoring the equipment within the DAC on a day-to-day basis, including supervisors, and that have completed appropriate training prior to interaction with the DAC.
“DAC System” means access and use of the following combined feeds and systems in one application or framework: Port Security Cameras (Phase 1), Port Intrusion Detection System (IDS) (Phase 1), Port GIS (Phase 2), Port Vessel Tracking (Phase 2), Port Truck Management (Phase 2), Police and Fire CAD (Phase 2), WebEOC Notifications (Phase 2), Tsunami Alerts (Phase 2), Police and Fire Automatic Vehicle Location (Phase 2), NOAA Weather Alerts (Phase 2), USGS Earthquake Information (Phase 2), City of Oakland Shot Spotter Audio Sensor System (only those sensors that provide coverage to Port areas), and the physical security information system, server, attached storage, and mobile devices. “DAC System” does not refer to the use of any of these systems or feeds outside the DAC application or framework.
“EOC” means: Oakland's Emergency Operations Center, a facility and service of the Oakland Fire Department's Emergency Management Services Division (EMSD). The EMSD ensures
"that the City of Oakland and community are at the highest level of readiness and able to prevent, mitigate against, prepare for, respond to and recover from the effects of natural and human-caused emergencies that threaten lives, property and the environment." "EMSD also supports the coordination of the response efforts of Oakland's Police, Fire and other first responders in the City's state-of-the-art Emergency Operations Center to ensure maximum results for responders, the ability to provide up-to-date public information and the ability to provide the best resource management during a crisis. Additionally, EMSD coordinates with the Operational Area and other partner agencies to guarantee the seamless integration of federal, state and private resources into local response and recovery operations. The EOC is a secure facility with access limited to City employees with a need for access, contractors, and security-cleared members of partner organizations. The EOC facility hosts the joint City-Port DAC systems, data, and staff.” “Internal Privacy Officer” means the person who oversees the day-to-day operations of the DAC and who is charged with ensuring the DAC Staff are abiding by this Policy on a day-today basis. They check the logs, file reports, and make immediate decisions that arise that do not allow time for a further review.
"ITD" means the City of Oakland's Information Technology Department.
“Major Emergency” means the existence of conditions of disaster or extreme peril to the safety of persons and property within the territorial limits of the Port of Oakland or having a significant adverse impact within the territorial limits of the Port of Oakland, caused by such conditions as air pollution, fire, flood, storm, epidemic, drought, sudden and severe energy shortage, plant or animal infestation or disease, the state Governor’s warning of an earthquake or volcanic prediction, or an earthquake, or other conditions, which are likely to be beyond the control of the services, personnel, equipment, and facilities of the City of Oakland and require the combined forces of other political subdivisions to combat, or with respect to regulated energy utilities, a sudden and severe energy shortage requires extraordinary measures beyond the authority vested in the California Public Utilities Commission.
“Need To Know” means even if one has all the necessary official approvals (such as a security clearance) to access the DAC System, one shall not be given access to the system or DAC Data unless one has a specific need to access the system or data in order to conduct one's official duties in connection with one of the Allowable Uses in Section VIII A. of this Policy.
Furthermore, the “need” shall be established prior to access being granted by the designated City official or their designee and shall be recorded in accordance with Internal Record Keeping and Auditing requirements under Section IX.