The California Attorney General’s Office Says It’s Finally Taking Database Abuse Seriously
In 2017, 22 law enforcement employees across California lost or left their jobs after abusing the computer network that grants police access to criminal histories and drivers' records, according to new data compiled by the California Attorney General’s office. The records obtained by EFF show a total of 143 violations of database rules—the equivalent of an invasion of privacy every two and half days.
These numbers represent the first comprehensive accounting of misuse of the California Law Enforcement Telecommunications System (CLETS). While the acronym is not well known by the public, everyone with a driver’s license or criminal record has information accessible through CLETS. Police and other public safety employees access this sensitive information approximately 2.8 million times a day during the regular course of business.
For the last three years, EFF has exposed widespread misuse of CLETS, raising alarms about oversight deficiencies in the Attorney General’s office and its CLETS Advisory Committee. Among our findings: the Attorney General had lapsed in enforcing requirements that agencies who subscribe to CLETS report annually how many times they investigated misuse and what the outcomes were of the investigations.
In response to EFF’s concerns, the Attorney General’s office issued new rules and cracked down on agencies that failed to report their misuse.
“The California Department of Justice, in response to increasingly low submissions of misuse reporting by subscribing agencies, will be instituting changes to reporting to achieve 100 percent reporting of CLETS misuse,” California Justice Information Services Division Chief Joe Dominic wrote in a directive submitted to more than 1,200 law enforcement agencies. “The DOJ considers the failure to report CLETS misuse a serious matter and will proactively enforce this requirement.”
In 2017, only 704 agencies disclosed these records—approximately 53% compliance. Following an overhaul of the oversight system, in 2018 the Attorney General gathered information from 1,285 agencies—98 percent compliance.
|COUNTY (ALL AGENCIES)*||2017 MISUSE VIOLATIONS||RESIGNATIONS AND TERMINATIONS|
* Counties where agencies reported they conducted zero misuse investigations in 2017 are not listed.
While specific information about the nature of the violations is not recorded, the Attorney General has outlined a variety of behaviors that would qualify as misuse. These include querying the database for personal reasons, searching data on celebrities, sharing passwords or access, providing information to unauthorized third parties, and researching a firearm the officer intends to purchase.
CADOJ also updated its rules around accessing CLETS, known as “Policies, Practices and Procedures” manual, which warns agencies that failure to report misuse will be “subject to sanctions, up to and including, removal of CLETS service.” In addition, CADOJ will now require agencies who initially report the outcome of a misuse investigation as “pending” to update CADOJ when the investigation is completed. The PPP also now clearly states that any violation of CLETS policies will face discipline, including suspension or termination, and potential criminal prosecution.
According to the misuse data, law enforcement agencies reported that the 143 misuse cases resulted in 9 terminations, 13 resignations, and 18 suspensions. Four cases rose to the level of charge for misdemeanors or infractions. Unfortunately, 53 violations resulted in no action being taken at all.
Notable among the records is the Los Angeles Police Department, which had failed to file misuse reports year after year with impunity. In 2017, LAPD reported three investigations, two of which resulted in no action being taken, while a third resulted in the suspension and resignation of an employee.
The special investigation unit in the Kings County Human Services Agency—which is charged with protecting at-risk families—raked up the most misuses: 13 cases in which the result was not disclosed. The Los Angeles County Sheriff’s Office reported 6 misuse cases, all of which resulted in suspensions. The Riverside County Sheriff’s Department also saw four resignations in the wake of misuse investigations.
EFF applauds the Attorney General and the California Department of Justice officials who pushed law enforcement agencies to finally report misuse. We appreciate their hard work in ensuring the data is as complete as possible and that agencies are given clear instructions on how to report misuse.
At the same time, it’s unclear whether the Attorney General or the CLETS Advisory Committee will follow up on the reports of widespread misuse in particular agencies or discipline those involved. Now that they have data, EFF urges these bodies to independently investigate these cases and hold public hearings on their findings. In addition, EFF urges the Attorney General to independently investigate access to CLETS by federal agencies to ensure they are not violating state law by accessing non-criminal records for immigration enforcement.
EFF is releasing the Attorney General’s spreadsheet of misuse and the misuse reporting forms for more than 1,200 agencies. Local news organizations may find untold stories about police misconduct in this data, and we urge reporters to call these law enforcement agencies to find out more about the nature of this misconduct.