California’s secretive gang database, with information on hundreds of thousands of predominantly black and Latino men, uses a controversial overlay of sophisticated data analysis and surveillance technologies.
The tools long have been dogged by allegations of racial profiling, inaccuracy and unconstitutional monitoring of free speech. Yet, according to documents obtained through the California Public Records Act, they are being employed by law enforcement without public use policies or privacy safeguards beyond the database’s own rules.
The 19-year-old CalGang database has relied on facial recognition technology at least since the mid-2000s, the documents show. Yet facial recognition, so imprecise that the Federal Bureau of Investigation accepts an error rate of up to 20 percent, is even more inaccurate when used to identify African Americans.
Records associated with a recent critical review of the database by the California State Auditor also show that at least one jurisdiction was allowed to employ a powerful dataset-linking program created by Palantir Technologies, a Pentagon contractor, and indicate that the CalGang Executive Board has considered using social media mining software.
There are no restrictions or guidelines in CalGang’s policies for using facial recognition or open source intelligence software.
Aaron Mackey, an attorney with the Electronic Frontier Foundation – a nonprofit that defends civil liberties in the digital world – was alarmed to learn about the use of facial recognition and Palantir analytics with CalGang. He said he would advocate that the state Legislature limit the use of such powerful tools in conjunction with the database.
“We are amassing incredible amounts of information to target people for non-criminal behavior,” Mackey said.
He pointed to the collection of gang intelligence from stops by police, such as pulling someone over for a traffic violation or jaywalking. Any information collected during those stops and uploaded into CalGang, including photos of an individual’s face, would then be available to law enforcement throughout California and searchable by facial recognition software.
Martin Vranicar, the chairman of CalGang’s executive board and an attorney with the California District Attorneys Association, did not respond to repeated requests for comment.
The state audit found that people had been classified as gang-affiliated based on flimsy evidence, record keeping was sloppy and gang intelligence had been used for employment background checks in violation of federal law and CalGang’s own policies.
However, the report did not address what auditors had learned related to the technological tools, nor did it include the backup research documents. Through a Public Records Act request, Reveal from The Center for Investigative Reporting obtained hundreds of pages of research material.
Among the documents is a 2006 purchase order indicating that CalGang’s executive board paid $25,000 for facial recognition software to Visiphor Corporation, a Canadian firm acquired by i2 Group, an IBM subsidiary.
More recent documents show that CalGang still uses a facial recognition tool. A 2013 white paper produced by CSRA International – the information technology contractor that created the software underpinning CalGang and similar gang databases in 13 other states – also states that “subject images may also be encoded and searched using a third party facial recognition application from SRA’s biometric partner (at an additional cost).”
According to that paper, photographs can either be run through CalGang’s facial recognition component on a desktop, or officers with CalGang access “can take a photograph in the field and have a comparative return in seconds.”
Facial recognition technology is facing renewed scrutiny in the wake of a recent report out of Georgetown University that questioned the lack of privacy protections and the accuracy of software programs relied on by law enforcement.
“Facial recognition is particularly inaccurate for African Americans and young people,” said Alvaro Bedoya, the report’s co-author and executive director of the Center on Privacy & Technology at Georgetown University Law Center.
Bedoya’s report touched on the combined use of facial recognition and gang intelligence by the Los Angeles Police Department in the San Fernando Valley, where live camera streams supported with biometric software ran searches of passing pedestrians against a watch list of wanted gang members. Biometrics are unique physical identifiers such as fingerprints, mugshots, palm prints or the patterns of someone’s iris.
CalGang’s use of facial recognition, “sounds dangerously close to a world where being friends with the wrong people can land you in a biometric database,” Bedoya said. He added that “you may get into a scenario where innocent people are investigated.”
Minutes from the CalGang Executive Board meeting on Sept. 29, 2011, show that the Los Angeles Sheriff’s Department – which maintains the electronic gang records for Los Angeles City and County – also received permission to use Palantir Technologies data-mining software in conjunction with the gang database.
Palantir, a private Palo Alto, California, company that began as a contractor for the U.S. Intelligence Community and the Pentagon, specializes in linking datasets, such as license plate reader data, criminal histories and telephone records.
According to the 2011 meeting minutes, the Los Angeles sheriff intended to use Palantir in the Joint Regional Intelligence Center, the formal name for the Southern California fusion center that coordinates regional intelligence on anti-terrorism and anti-crime efforts. The center provides information to law enforcement throughout Los Angeles and surrounding counties.
The Los Angeles Police Department publicly touts its use of Palantir and published a video in 2013 demonstrating how information from CalGang and other databases are cross-referenced.
However, not all agencies wishing to use Palantir software in conjunction with CalGang were approved. A 2013 request from California Attorney General Kamala Harris to use information in the state database along with Palantir Gotham – the company’s data-integration software – for an anti-human trafficking information system was denied.
In an Aug. 22, 2013, memo to the CalGang board, the California Department of Justice asked for “full access to the CalGang data, which will be integrated with multiple limited access and open sources.”
Minutes from the Sept. 11, 2013, board meeting indicate that CalGang’s custodians were concerned that giving the state Department of Justice that level of access would open the gates to broader public access.
The executive board “wants to provide information to DOJ for the better enforcement of the law … but is concerned about how this is done and not jeopardizing the CalGang database (by) making it discoverable” in court by defense attorneys, the minutes read.
CalGang’s executive board – composed of representatives from police and sheriff’s departments, and district attorneys from across the state – also explored the purchase of social media monitoring software. A Chicago-based company called Geofeedia presented its product to the board in spring 2015. It is not clear from the auditor’s documents whether CalGang went forward with a purchase.
Last month, Facebook and Twitter cut off Geofeedia’s access to raw data streams from their social media products because of concerns raised by the American Civil Liberties Union of Northern California about law enforcement’s use of the surveillance tool to monitor activists.
“Any one of these tools may be troubling enough on their own, but the intrusion of law enforcement on privacy and First Amendment activity is much greater when different kinds of monitoring are combined,” said Peter Bibring, statewide director of police practices for the ACLU.
According to Geofeedia’s marketing material, the software works by searching the raw streams of Facebook, Instagram, Twitter and other similar social media services for public posts either within a certain geographic area or associated with keywords or particular images such as guns or gang symbols.
At last year’s International Chiefs of Police Convention, a Geofeedia representative showed posts to Reveal from protests in Baltimore over the police custody death of Freddie Gray, as well as what the rep called “gang-related” posts from the Chicago metropolitan area.
Concerns about Geofeedia build on those some raised about facial recognition. Beyond privacy issues, critics said the technology can bring suspicion on innocent people just because they are a certain color, communicate using a particular type of slang, are of a particular political persuasion or regularly comment on certain kinds of posts.
“The concern with Geofeedia is that it’s being used as a mass surveillance tool that scrapes the internet writ-large,” Bibring said, “and doesn’t target specific suspects and crimes.”