Loading...
The URL can be used to link to this page
Your browser does not support the video tag.
Home
My WebLink
About
2017-06-13 Policy & Services Committee Agenda Packet
Policy and Services Committee 1 MATERIALS RELATED TO AN ITEM ON THIS AGENDA SUBMITTED TO THE CITY COUNCIL AFTER DISTRIBUTION OF THE AGENDA PACKET ARE AVAILABLE FOR PUBLIC INSPECTION IN THE CITY CLERK’S OFFICE AT PALO ALTO CITY HALL, 250 HAMILTON AVE. DURING NORMAL BUSINESS HOURS. June 13, 2017 Special Meeting Community Meeting Room 6:00 PM Agenda posted according to PAMC Section 2.04.070. Supporting materials are available in the Council Chambers on the Thursday 10 days preceding the meeting. PUBLIC COMMENT Members of the public may speak to agendized items. If you wish to address the Committee on any issue that is on this agenda, please complete a speaker request card located on the table at the entrance to the Council Chambers/Community Meeting Room, and deliver it to the Clerk prior to discussion of the item. You are not required to give your name on the speaker card in order to speak to the Committee, but it is very helpful. Call to Order Oral Communications Members of the public may speak to any item NOT on the agenda. Action Items 1. Consideration of a City Ordinance Protecting Personal Privacy in the Acquisition and use of Surveillance Technologies by the City 2. Recreational and Medical Marijuana: Review and Discussion of State Law Developments and Input to Staff on Next Steps, Including Possible Ordinance Adopting Local Regulations Regarding Commercial Marijuana Activity, Outdoor Cultivation, and Marijuana Dispensaries. This Action is Exempt Under Section 15061(b)(3) of the California Environmental Quality Act. 3. Request for Proposals for a Consulting Firm to Assist the City of Palo Alto and Palo Alto Unified School District With Master Planning of the Cubberley Community Center 4. Staff Recommendation That the Policy and Services Committee Recommend the City Council Accept the Status Update of the Audit for Contract Oversight: Trenching and Installation of Electric Substructure 5. Utilities Department: Cross Bore Inspection Contract Audit 2 June 13, 2017 MATERIALS RELATED TO AN ITEM ON THIS AGENDA SUBMITTED TO THE CITY COUNCIL AFTER DISTRIBUTION OF THE AGENDA PACKET ARE AVAILABLE FOR PUBLIC INSPECTION IN THE CITY CLERK’S OFFICE AT PALO ALTO CITY HALL, 250 HAMILTON AVE. DURING NORMAL BUSINESS HOURS. Future Meetings and Agendas Adjournment AMERICANS WITH DISABILITY ACT (ADA) Persons with disabilities who require auxiliary aids or services in using City facilities, services or programs or who would like information on the City’s compliance with the Americans with Disabilities Act (ADA) of 1990, may contact (650) 329-2550 (Voice) 24 hours in advance. City of Palo Alto (ID # 8180) Policy and Services Committee Staff Report Report Type: Action Items Meeting Date: 6/13/2017 City of Palo Alto Page 1 Summary Title: City Ordinance on Surveillance Technologies Title: Consideration of a City Ordinance Protecting Personal Privacy in the Acquisition and Use of Surveillance Technologies by the City From: City Manager Lead Department: City Manager Recommendation Staff recommends the Policy & Services Committee discuss and recommend City Council adoption of an ordinance establishing criteria and procedures for protecting personal privacy when considering the acquisition and use of surveillance technologies by the City. (Staff will return to Council after the Council break with an actual ordinance, following Council direction and approval on this Action Item). Background In April 2016, Councilmembers Wolbach, Berman and Scharff presented a Colleagues Memo to City Council proposing the adoption of a City Policy or Ordinance to increase transparency and oversight in the acquisition and deployment of surveillance technologies (Attachment A). At the April 25, 2016 Council Meeting, Council voted to refer this Colleagues Memo to the Policy and Services Committee to discuss and potentially make recommendations to Council, with a focus on technology that collects personally identifiable information. In December 2016, City staff presented to the Policy and Services Committee research and in depth information on current surveillance technologies used within the City and outlined some methods other governmental agencies are using to balance transparency, innovation and public safety through the pursuit of smart city strategies. The Committee instructed staff to return to Policy and Services Committee with a potential ordinance that would establish department policies and practices in order to reinforce the protection of individual privacy. (Attachment B) Discussion Personally Identifiable Information as defined by the U.S. Department of Labor is, “any representation of information that permits the identity of an individual to whom the information applies to be reasonably inferred by either direct or indirect means.” As new City of Palo Alto Page 2 technologies emerge the City seeks to reaffirm the commitment to the privacy rights of its residents and community members by establishing an ordinance that will increase City Council Oversight and Transparency in the purchase and use of surveillance technologies. City Staff have reviewed the landscape of laws and policies in place regarding surveillance technologies purchased and used by government agencies, and sought feedback from stakeholders. This led to the comprehensive information provided to the Policy & Service Committee in December. Informal feedback on this report indicated that a narrower focus would be preferable as a next step. Given this, staff recommends an ordinance that focuses on the primary technologies of concern today, and allows for the inclusion of new surveillance technologies that may be developed in the future. This approach establishes reporting and approval processes that can increase transparency without compromising public safety, limiting local control, or requiring additional resources. Proposed Ordinance Tenets Defining Surveillance Technology: The breadth of what is considered surveillance technology under the ordinance will dictate the frequency of requests to Council and resources required to comply with reporting and approval tenets. Staff recommends a measured approach as a starting point from which to build. The following definition has been developed by the City Attorney to focus on current technologies and builds in flexibility as new technologies emerge. “Surveillance Technology” means any device or system primarily designed and actually used or intended to be used to collect and retain audio, electronic, visual, location, or similar information associated with any specific individual or group of specific individuals, for the purpose of tracking, monitoring or analysis associated with that individual or group of individuals. Examples of surveillance technology include, but are not limited to, drones with cameras or monitoring capabilities, automated license plate readers, closed-circuit cameras/televisions, cell-site simulators, biometrics-identification technology, and facial-recognition technology. Explicit Council Authorization: Any purchase or contractual agreement for use of surveillance technology, no matter the cost, would require prior City Council authorization. This ensures that even low-cost technology is given thorough review prior to the City purchase or deploying. Public Oversight: Staff reports requesting authorization will be placed on the Council agenda to ensure public awareness and Council oversight. Reports will at a minimum include: a detailed description of the technology with an explanation of how it works and what information it captures; statutory and/or regulatory, rules governing use of the technology; City of Palo Alto Page 3 measures that will be taken to protect private information; how data will be managed and retained; and, Existing and/or recommended City administrative policies and procedures regarding use of the technology and the information it produces. Transparency and Ongoing Oversight: To continue oversight of the City’s use of surveillance technology after the initial authorization, a report will be submitted to City Council annually. This report will include: identification of the technology and date of City Council authorization; department(s) utilizing the technology; frequency of deployment during the year; and, purpose and outcome of the deployments. These reports will be made easily accessible to reinforce transparency. Potential Alternatives It should be noted that examples provided by advocates for City Council adoption of an ordinance were significantly more elaborate than the ordinance proposed by staff. The alternatives would likely require significantly greater analysis on a broader and somewhat open-ended range of technologies. Staff also noted that the examples were designed to provide direction to individual departments, which would be more applicability within a county government structure than a council-manager structure. If the Council wished to reinforce direction to individual departments, an administrative policies and procedures format would be more appropriate. Staff recommends that the Committee consider and provide direction on the elements of a proposed ordinance. Staff will use this feedback to return with a drafted ordinance for adoption. Attachments: Attachment A_ID# 6876 Colleagues Memo ATTACHMENT B_12-14-16 P&S Final Action Minutes City of Palo Alto COLLEAGUES MEMO April 25, 2016 Page 1 of 4 (ID # 6876) DATE: April 25, 2016 TO: City Council Members FROM: Council Member Berman, Vice Mayor Scharff, Council Member Schmid, Council Member Wolbach SUBJECT: COLLEAGUES MEMO: DEVELOPING CITY POLICY ON ACQUISITION, USE, AND SAFEGUARDS FOR SURVEILLANCE AND INFORMATION-GATHERING TECHNOLOGIES SUMMARY In order to maintain public trust, ensure protection of privacy, and provide clarity for city staff, Palo Alto should proactively adopt an ordinance establishing a general policy governing consideration, adoption, and use of surveillance and information-gathering technologies by city departments, contractors, or partners. RECOMMENDATION We recommend the City Council refer this memo to the Policy and Services Committee to discuss (supported by appropriate staff) creation of an ordinance or other policy governing surveillance and information-gathering technology. Such an ordinance would establish a standard operating procedure (SOP) to be utilized prior to adoption or re-purposing of any technology for potential surveillance applications by City departments, contractors, or partners, as well as prior to seeking funding for such technologies. In addition, the ordinance would require annual reporting on uses of such technologies by the City. Policy and Services should consider the following: 1. Whether and when public hearings and other community engagement are appropriate prior to adoption of surveillance technology by the City, contractor, or partner; 2. The mechanism for Council approval prior to adoption of, re-purposing of, or seeking funding for surveillance technology; 3. Information, such as a Surveillance Impact Report or statement in a City Manager’s Report, to be prepared by staff prior to approval which would include information on operations and management; data use; data minimization and limitation; secure data storage and transmission; data access; data retention; data sharing; handling of Public Records Act requests and any individualized policy recommendations; 4. The requirements of federal, state and local laws, regulations and programs that protect and/or regulate gathering, access, retention and use of personally identifiable information and surveillance technology (such as HIPPA, PCII, PII, VISA, VMS, PRA and April 25, 2016 Page 2 of 4 (ID # 6876) Records Retention). The Committee should survey the existing field of regulation as part of its preparation for developing new regulations; 5. Measures to accommodate community interests in smart city initiatives and other innovations, data-gathering to support planning efforts and other policy development, use of technology to facilitate access to City services and programs, security of persons and property, and cost efficiency, to strike the right balance for Palo Alto; 6. Information sharing between jurisdictions; and 7. What type of oversight, evaluation, auditing, or enforcement are appropriate. For further discussion of possible components, see the model ordinance by the American Civil Liberties Union (Attachment A, pages 22-25) and recommendations by the International Association of Chiefs of Police (Attachment B, pages 3-7). BACKDGROUND Technology Examples of technology with surveillance applications include but are not limited to: automated license plate readers (ALPRs), image and video recording, audio recording, unmanned aerial vehicles (aka “drones”), voice recognition, facial recognition, gait analysis, location tracking, automated social media monitoring, cell phone interceptors / cell phone tower emulators (international mobile subscriber identity catchers "IMSI", e.g. Stingrays), electronic communication surveillance (e.g. internet and phone interception), hacking, and data mining. Palo Alto Palo Alto currently uses audio recording, cameras in police vehicles, body-worn cameras for police officers, and received one ALPR through a County grant. The Council also recently (October 5, 2015) approved a contract to deploy low resolution cameras to count pedestrian and bicycle traffic (the City Manager added a privacy clause to the contract). For video recording in particular, Palo Alto has a staff-written policy that was revised as recently as January 2015. (See Attachment E). Other Cities Other municipalities around the state (see Attachment C) and country have adopted various other technologies, often without notification to the public or elected officials, and without robust policies governing data protection, data access, and data retention. Boston, it was recently revealed, collected ALPR data (tracking residents' locations) which was stored online and accessible by the public. Alameda, CA, recently adopted a policy for Stingrays which was transparent, and well received by privacy advocates and the community as a good example. County Santa Clara County recently rejected adoption of Stingray cell phone interceptors after concerns raised by Supervisor Joe Simitian, in particular due to concerns about transparency. (See attachment D). Santa Clara County is currently considering an ordinance governing surveillance technology use by county agencies. April 25, 2016 Page 3 of 4 (ID # 6876) State In 2015, Governor Jerry Brown signed several bills regarding privacy and modern technology. Two by Senator Jerry Hill deal with ALPRs (SB 34) and cell phone interceptors (SB 741). SB 178 by Senators Mark Leno and Joel Anderson requires a warrant prior to searching cell phones, emails, etc. AB 856 by Assemblymember Ian Calderon restricts use of drones over private property. AB 1116 by Assemblymember Mike Gatto restricts uses of voice recordings by private companies. Federal The Northern California Regional Intelligence Center (aka NCRIC or Fusion Center) in San Francisco links local surveillance with federal, raising concerns for residents about how data collected by local agencies will be shared with federal agencies. Federal intelligence, military, and law enforcement have been the subject of much controversy regarding surveillance technology - the nature, adoption, use, security, and legal justification of which have been questioned. DISCUSSION Law enforcement and government depend on the trust of the community. Use of technologies which has the appearance, potential, or effect of violating privacy or civil liberties can diminish community trust in government, particularly when adopted and used without transparency. The City’s contracting processes include security and other requirements for data and personal information, and the City has a video management procedure that applies to visual information gathering, such as at sensitive utility infrastructure facilities, public garages, etc. Rapidly evolving surveillance technology raises concerns for the City including, but not limited to: privacy of residents and visitors; chilling effects on expression, research, travel, association, or other rights; misuse of data; data breach (access by unauthorized parties); and adoption, use, or expansion of capabilities without Council oversight. Rather than attempt to predict or react to each piece of emerging technology, the proposed ordinance would proactively establish a high level policy to be followed prior to the City (or contractor or partner) seeking funding, adopting, or re-purposing any specific technology. This standard operating procedure would provide clarity and predictability for City departments, the City Council, and the community. As technology advances in coming years, our Police Department in particular will benefit from the confidence of our community that such technologies will only be adopted and utilized in a transparent and responsible manner with clear oversight by the elected City Council and the public to whom they are accountable. Staff Impact Resources from the following departments will be needed to support a policy discussion in Policy & Services: Information Technology, Police Department, Planning & Community April 25, 2016 Page 4 of 4 (ID # 6876) Environment, Utilities, Public Works, Emergency Services, City Manager’s Office, City Clerk’s Office and City Attorney’s Office. Depending on its breadth and specific requirements, significant staff resources may be needed to administer and maintain any new program. As a result of the evolving landscape of technology and security threads, privacy issues and the value of well-conceived policies are not limited to police and public safety activities alone. Utilities, for example, are increasingly working with data that can be sensitive for customers, and this sensitivity will increase with the roll-out of smart meter and smart grid technologies. Similarly, the capability of traffic and parking technologies to collect granular data presents another opportunity to examine the need for balancing data analytics and privacy priorities, while advancing the City’s smart city initiatives. Staff is not suggesting that these issues be overlooked. To the contrary, this may be a topic in which Palo Alto is uniquely positioned to demonstrate leadership in thoughtful stakeholder engagement and policy development. It should be recognized, however, that this effort may be a significant undertaking requiring consummate resources and prioritization to address effectively. MAKING SMART DECISIONS ABOUT SURVEILLANCE A GUIDE FOR COMMUNITIES FROM THE ACLU OF CALIFORNIA alifornia communities are increasingly grappling with whether to deploy new surveillance technologies ranging from drones to license plate readers to facial recognition. This is understandable, since public safety budgets are tight, technology vendors promise the ability to do more with less, and federal agencies or industry sponsors may even offer funding. But surveillance can be both less effective and far more costly to local agencies and to the community at large than initially imagined, leaving communities saddled with long-term bills for surveillance that doesn’t end up making the community safer. Surveillance can also be easily misused, leading to the erosion of community trust, bad press, and even costly lawsuits. In the wake of the revelations about the National Security Agency’s rampant warrantless spying and the use of military equipment in Ferguson, Missouri to quell protests, communities are increasingly focused on the need for greater transparency, oversight, and accountability of surveillance and local policing. More than ever, people are aware of how billions of dollars in federal funding and equipment provided directly to law enforcement is circumventing normal democratic processes and preventing communities from thoroughly evaluating the costs and risks of surveillance. As a result, many community leaders and residents are no longer willing to heed local law enforcement’s call to “just trust us.” Instead, leaders and residents want to know when and why surveillance is being considered, what it is intended to do, and what it will really cost — both in dollars and in individual rights — before taking any steps to seek funding or acquire or deploy surveillance technology. They also want to craft robust rules to ensure proper use, oversight, and accountability if surveillance is used. Unfortunately, few resources exist to help communities make thoughtful decisions about surveillance. That’s where this document comes in. This first-of-its-kind guide provides step-by-step assistance to help communities ask and answer the right questions about surveillance. It includes case studies highlighting smart approaches and missteps to avoid. Because each community and each type of surveillance may present a different set of issues, there is no one-size-fits-all solution. Instead, this guide gives communities a flexible framework that policymakers, community members and law enforcement should use to properly evaluate a wide array of surveillance technologies and develop policies that provide transparency, oversight, and accountability. It also includes a Surveillance & Community Safety Ordinance that communities should adopt to ensure that the right process is followed every time. We hope you will find this document and its supporting materials (available online at aclunc.org/smartaboutsurveillance) useful in making informed decisions about surveillance that recognize and address the costs, risks, and alternatives. Nicole A. Ozer Peter Bibring Technology and Civil Liberties Policy Director Police Practices Director ACLU of California ACLU of California C 1 ONLINE AT ACLUNC.ORG/SMARTABOUTSURVEILLANCE Authors: Chris Conley, Matthew Cagle, Peter Bibring, Jessica Farris, Linda Lye, Mitra Ebadolahi and Nicole Ozer, ACLU of California Contributing Writers: Addison Litton & Thomas Mann Miller Design & Layout: Gigi Pandian & Daniela Bernstein Printing: InkWorks Press This publication was underwritten with support from the ACLU Foundation and the ACLU’s generous members and donors. PUBLISHED BY THE ACLU OF CALIFORNIA NOVEMBER 2014 CONTENTS Technology Overview ........................................................................................................................ 2 Key Questions to Answer Before Moving Forward with Any Surveillance Proposal ...... 3 Why It Matters: The Costs and Consequences of Surveillance ............................................. 4 Surveillance Carries Both Immediate and Ongoing Financial Costs ....................................... 4 Surveillance Carries Costs for the Community as a Whole ...................................................... 5 Surveillance Faces Increased Scrutiny from Public Officials .................................................... 7 Key Steps when Considering a Surveillance Proposal .............................................................. 9 Collectively Evaluate the Effectiveness, Costs, and Alternatives Before Making Decisions about Surveillance ........................................................................................................................... 9 Establish a Surveillance Technology Use Policy to Mitigate Harms and Protect Rights .. 15 Ensure Accountability by Enforcing Policies and Encouraging Ongoing Public Engagement .................................................................................................................................. 19 Conclusion ......................................................................................................................................... 21 Appendix: Model Surveillance & Community Safety Ordinance ...................................... 22 Endnotes ........................................................................................................................................... 216 2 MAKING SMART DECISIONS ABOUT SURVEILLANCE: A GUIDE FOR COMMUNITIES 3 ONLINE AT ACLUNC.ORG/SMARTABOUTSURVEILLANCE 4 MAKING SMART DECISIONS ABOUT SURVEILLANCE: A GUIDE FOR COMMUNITIES Why It Matters: The Costs and Consequences of Surveillance At first glance, surveillance technology may seem like an attractive way to increase public safety while decreasing the costs associated with policing, especially if potentially supported by outside funding. However, surveillance often has unexpected costs, including the expense of installing and maintaining equipment, the practical effect on law enforcement’s ability to work with individuals who feel unfairly singled out, the impact on the rights of community members, and the potential for legal headaches as courts and legislatures continue to grapple with issues related to surveillance. Your community needs to identify and assess all of the costs of surveillance as early in the consideration process as possible in order to determine whether surveillance technology really is the right choice. A. SURVEILLANCE CARRIES BOTH IMMEDIATE AND ONGOING FINANCIAL COSTS The fiscal impact of surveillance can far exceed initial purchase prices for equipment. Modifying current infrastructure, operating and maintaining systems, and training staff can consume limited time and money even if federal or state grants fund initial costs.1 Surveillance technologies may also fail or be misused, resulting in costly lawsuits. Looking beyond the sticker price is essential.2 1. SURVEILLANCE REQUIRES INFRASTRUCTURE, STAFFING, TRAINING, AND MAINTENANCE The hidden costs of infrastructure, training and staffing, operations, and maintenance can dwarf the cost of acquiring surveillance technology in the first place. Communities that have failed to accurately estimate the full financial cost of a surveillance system have dealt with massive cost overruns and programs that fail to accomplish their stated purpose. For example, Philadelphia planned to spend $651,672 for a video surveillance program featuring 216 cameras. Instead, it spent $13.9 million on the project and wound up with only 102 functional cameras after a year, a result the city controller described as “exceedingly alarming, and outright excessive — especially when $13.9 million is equivalent to the cost of putting 200 new police recruits on our streets.”3 To avoid a similar incident in your community, it is essential to identify all of the costs required to install, use, and maintain surveillance technology before making a decision about whether to do so. 2. SURVEILLANCE CAN CREATE FINANCIAL RISKS INCLUDING LITIGATION AND DATA BREACH Surveillance can carry a number of legal risks. Programs that fail to include proper safeguards for freedom of expression, association, and religion, or that inadequately enforce such safeguards, can lead to expensive litigation. For example, Muslim residents in Orange County filed a discrimination lawsuit when it was revealed that state agents were sending informants into mosques to collect information on the identities and activities of worshippers.4 Even technical glitches can create the potential for costly lawsuits and other expenses: the City of San Francisco is still embroiled in a multi-year civil rights lawsuit after wrongly pulling over, handcuffing, and holding at gunpoint an innocent woman due to an error by its ALPR system.5 The collection of surveillance data also creates the risk of data breach liability. Even following best practices (which itself can entail significant expense) is not enough to prevent every breach. California law now requires that a local agency notify residents about a security breach.6 And the fiscal costs of a breach of sensitive surveillance data could be very high: a 2012 “When you’re considering a new technology, it’s important to evaluate not only the upfront costs but also the costs of maintenance and upgrades that will occur down the road.” Captain Michael Grinstead, Newport News (VA) Police Department2 Under California Civil Code § 1798.29, local government agencies are required to notify affected individuals in the result of a data breach. 5 ONLINE AT ACLUNC.ORG/SMARTABOUTSURVEILLANCE report found that companies spent an average of $5.5 million to resolve a data security breach.7 The more information your community collects and retains, the greater the risk and potential cost of a breach.8 3. FUNDS SPENT ON SURVEILLANCE MAY BE WASTED DUE TO COMMUNITY BACKLASH Failing to thoroughly discuss surveillance proposals and listen to community concerns early in the process can result in massive backlash and wasted time and funds when plans have to be suspended or even cancelled. Oakland was forced to scrap most of the planning for its Domain Awareness Center and scale the project back considerably after community members protested the misleading mission statement and lack of transparency for the project.9 Engaging with the community before deciding whether to go forward with a surveillance proposal can help your community avoid a similar mistake. B. SURVEILLANCE CARRIES COSTS FOR THE COMMUNITY AS A WHOLE The community at large may also pay a heavy price if surveillance technology is acquired and deployed without public evaluation of the risks to the community and strong safeguards to prevent misuse. Surveillance can easily intrude upon the rights of residents and visitors if it is used, or creates the perception that it may be used, to monitor individuals and groups exercising their rights to freedom of expression, association, and religion — freedoms that public officials are sworn to protect.10 In addition, surveillance can erode trust in law enforcement, making it harder for officers and community members to work together to keep the community safe. 1. SURVEILLANCE CAN INTRUDE UPON COMMUNITY MEMBERS’ RIGHTS Unfortunately, there are many examples demonstrating how readily surveillance can be misused to target individuals based on their associations or religious or political activities. Police in Santa Clara used a GPS device to track a student due to his father’s association with the local Muslim Community Association.11 Police in Michigan sought “information on all the cell phones that were congregating in an area where a labor-union protest was expected.”12 The NSA specifically monitored the email of several prominent Muslim-Americans with no evidence whatsoever of wrongdoing.13 And in Germany, drones that were supposed to be used only for traffic monitoring and for serious kidnapping situations were later used to monitor an anti-nuclear protest.14 15 Surveillance programs that do not focus on individual targets can be particularly problematic. “Dragnet” surveillance of the entire public creates the potential for all sorts of abuse, from NSA analysts tracking romantic partners16 to a Washington, D.C. police lieutenant blackmailing patrons of a gay bar.17 And surveillance targeted at specific groups, such as members of a religious congregation or attendees at a political rally or gun show, can discourage participation in community activities and alienate the group from the rest of “It is essential that big data analysis conducted by law enforcement outside the context of predicated criminal investigations be deployed with appropriate protections for individual privacy and civil liberties. The presumption of innocence is the bedrock of the American criminal justice system. To prevent chilling effects to Constitutional rights of free speech and association, the public must be aware of the existence, operation, and efficacy of such programs.” ‐ Big Data: Seizing Opportunities, Preserving Values (White House Report)15 “After [public backlash about Oakland’s proposed Domain Awareness Center] we really had to regroup and think about how we needed to proceed.” Renee Domingo, Oakland Emergency Services Coordinator8 6 MAKING SMART DECISIONS ABOUT SURVEILLANCE: A GUIDE FOR COMMUNITIES the community. Even if specific members of the group are legitimate targets of investigation, tracking the entire group extends “guilt by association” to those who have done nothing wrong. And once members of the group are tainted with such suspicion, it becomes easy to justify prying into their private lives, or even threatening them with further consequences, such as placement on the No-Fly List, if they do not cooperate with additional surveillance efforts.181920212223 Just the perceived threat of surveillance has the potential to harm community members by discouraging political advocacy, efforts to seek counseling about reproductive choices, avenues to explore one’s sexuality, and other activities that are clearly protected by the federal and California constitutions. Most recently, in the wake of the revelations of NSA surveillance, research has shown that Internet users are less likely to use search engine terms that they believed might “get them in trouble with the government.”24 Surveillance carries privacy and free speech threats even if it is conducted solely in public places. This is particularly true when surveillance information is aggregated to build a robust data profile that can “reveal much more in combination than any isolated record.”25 As Supreme Court Justice Sonia Sotomayor has noted, “a precise, comprehensive record of a person’s public movements … reflects a wealth of detail about her familial, political, professional, religious, and sexual associations.” In addition, “[a]wareness that the Government may be watching chills associational and expressive freedoms.”26 SURVEILLANCE AND POLITICAL ACTIVISM In an age when surveillance is often justified by the need to combat terrorism, it’s easy to forget that police across the U.S. have a long history of conducting surveillance on political activists, from the “Red Squads” dedicated to disrupting communist groups in the early 20th century to COINTELPRO and other efforts by the police and FBI to infiltrate and discredit the antiwar and civil rights movements in the 1950s, 60s and 70s. In fact, California has seen a long list of such abuses in its recent history: o The California Office of Homeland Security collected detailed information about political demonstrations, including a rally outside a Canadian consulate office in San Francisco to protest seal hunting, a demonstration in Walnut Creek at which government officials spoke against the war in Iraq, and a Women's International League for Peace and Freedom gathering at a courthouse in support of a 56‐year‐old Salinas woman facing federal trespassing charges.19 o Local police have monitored peaceful political events, including a Code Pink antiwar protest on Mother’s Day20 and even a lecture on veganism at Cal State Fresno.21 o Undercover Oakland police officers infiltrated a group planning a peaceful protest against police brutality and even took a leadership role in directing the course of the march.22 o Santa Cruz police officers infiltrated planning meetings for a proposed alternative New Year’s Eve march, leading to a media firestorm and a report from the Santa Cruz police auditor concluding that the department “violated … [parade] organizers’ rights to privacy, freedom of speech and freedom of assembly.”23 Intelligence reforms born from lawsuits and congressional inquiries have led many law enforcement agencies to bar the collection of information about political activism and other First Amendment‐ protected activities without good reason to suspect that a particular individual is or has been involved criminal activity. There need to be similar restrictions on the use of surveillance technology to ensure that it is not used to chill or undermine political activism. 7 ONLINE AT ACLUNC.ORG/SMARTABOUTSURVEILLANCE 2. SURVEILLANCE CAN ERODE TRUST IN LAW ENFORCEMENT The use of surveillance can also reinforce justified concerns of profiling and discrimination, particularly in communities that have historically faced similar issues. Failing to fully engage with community members about the impact of surveillance — or, worse, skirting the democratic process by acquiring and deploying surveillance technology without public discussion at all — can erode trust even further, making it even harder for law enforcement officers to work with the community to solve crimes and protect public safety. Compton police learned this lesson the hard way: after news of an aerial surveillance program that was intentionally kept “hush-hush” broke, both citizens and lawmakers reacted negatively to the secrecy, with the mayor calling for a “citizen private protection policy” ensuring that the community would be notified before any new surveillance equipment was deployed or used.27 This fear that surveillance could be used in a discriminatory fashion is well-founded. In the years after the September 11th attacks, the New York Police Department created a secretive intelligence wing that infiltrated Muslim neighborhoods with undercover officers, where they monitored the daily lives and compiled dossiers about Muslim-Americans engaging in constitutionally protected activities in cafes, bookstores, and private residences with no evidence of illegal activity.28 And in Britain, where video surveillance is pervasive, a European Parliament study showed that “the young, the male and the black were systematically and disproportionately targeted, not because of their involvement in crime or disorder, but for ‘no obvious reason.’”29 Acquiring and using surveillance technologies without recognizing these concerns can reinforce distrust of law enforcement, hindering rather than aiding the protection of public safety.30 C. SURVEILLANCE FACES INCREASED SCRUTINY FROM PUBLIC OFFICIALS Public officials are increasingly tackling issues related to surveillance. There is broad, bipartisan political support for surveillance reform in both D.C. and at the state level, and courts are frequently grappling with cases involving surveillance technology. When evaluating a surveillance proposal, your community needs to consider the potential for legal change and the policy and individual rights concerns that are driving that change. One of the most dramatic shifts in the legal landscape has been an increasing recognition that legal protections for individual rights must take into account the impact of modern technology. As a result, a majority of the Supreme Court has suggested that using technology to track an individual’s location — even in public — over an extended period of time triggers constitutional scrutiny.31 Similarly, a federal judge declared the NSA’s warrantless collection of telephone metadata unconstitutional, criticizing its “almost Orwellian” scope.32 Surveillance programs that fail to account for this trend may well be held unconstitutional, and criminal investigations based on evidence from those programs could be jeopardized. 33 In a recent report, Civil Rights Principles in an Era of Big Data, fourteen civil and human rights groups highlighted the potential disparate impact of data collection on marginalized communities and called for technology to “be designed and used in ways that respect the values of equal opportunity and equal justice.” The report called for an end to high‐tech profiling and efforts to safeguard constitutional principles.30 “GPS monitoring — by making available at a relatively low cost such a substantial quantum of intimate information about any person whom the Government, in its unfettered discretion, chooses to track — may ‘alter the relationship between citizen and government in a way that is inimical to democratic society.’” United States v. Jones (Sotomayor, J., concurring)33 8 MAKING SMART DECISIONS ABOUT SURVEILLANCE: A GUIDE FOR COMMUNITIES The California Constitution is even more protective of community members’ privacy, including in public spaces. The state right to privacy expressly gives Californians a legal and enforceable “right to be left alone” that protects interests in privacy beyond the home.34 The California Supreme Court has held that covertly “infiltrating” and monitoring the activities of students and professors at classes and public meetings without any indication of criminal activity violated the California Constitution,35 as did warrantless aerial surveillance of a resident’s backyard.36 Californians’ right to free expression also extends outside of the home, even to privately-owned areas like shopping centers.37 There are also bipartisan legislative efforts to rein in surveillance at the federal and state level. Federal lawmakers are evaluating proposals aimed at reining in the NSA38 and updating the Electronic Communications Privacy Act.39 As of October 2014, 6 states have enacted laws restricting law enforcement access to location information, with 14 other states considering similar legislation.40 43 states have introduced legislation aimed at curbing the use of drones for surveillance purposes.41 And in communities from Menlo Park to Seattle, local ordinances are placing specific restrictions on the use of surveillance technologies.42 Your community should follow the lead of courts and lawmakers and carefully evaluate the costs and risks of surveillance in order to protect both your investments in public safety and the rights of everyone. ENACT A SURVEILLANCE & COMMUNITY SAFETY ORDINANCE TO MAKE SURE THE RIGHT PROCESS IS FOLLOWED EVERY TIME Passing the Surveillance & Community Safety Ordinance included in the Appendix to this guide will help your community avoid problems down the line by following the right process every time. It ensures that there is community analysis of surveillance technology whenever it is considered, that local lawmakers approve each step, and that any surveillance program that is approved includes both a Surveillance Use Policy that safeguards individual rights and transparency and accountability mechanisms to ensure that the Policy is followed. 9 ONLINE AT ACLUNC.ORG/SMARTABOUTSURVEILLANCE Key Steps when Considering a Surveillance Proposal Surveillance can end up being very costly, both in dollars and in personal freedom. That’s why it is essential to publicly and thoroughly evaluate surveillance proposals. The following section will help your community — including public officials, law enforcement and diverse community members — work together to determine whether surveillance really makes sense and put in place robust rules to ensure proper use, oversight and accountability if your community decides to move forward with a surveillance proposal. 43 A. COLLECTIVELY EVALUATE THE EFFECTIVENESS, COSTS, AND ALTERNATIVES BEFORE MAKING DECISIONS ABOUT SURVEILLANCE Surveillance should only be a means to an end, never as an end in itself. That means that your community should have an actual purpose in mind or problem that needs to be addressed before even considering surveillance technology. Once you have that, you can collectively evaluate whether surveillance is likely to effectively accomplish your goals, as well as the costs to both your community’s budget and to individual rights. 1. DECIDE AS A COMMUNITY: INVOLVE THE ENTIRE COMMUNITY FROM THE START The best way to consider whether surveillance is the right choice and avoid costly mistakes is to engage the entire community — including law enforcement, local lawmakers, and members of the public — in a thorough discussion about any surveillance proposal. Different segments of your community are likely to bring valuable perspectives to the process of evaluating whether to acquire and use surveillance technology. And the time to engage with your community is at the very beginning of the process, before any funding is sought, technology is acquired or system is used.44 How is the community engaged in an informed debate about a surveillance proposal? It is never too early for a public debate about a surveillance proposal. Community members should know what kind of surveillance is being considered, what it is intended to do and how it will affect them at the earliest stages of the process, when their input can bring out important information, highlight community concerns, and help avoid unforeseen problems and community backlash. The Department of Homeland Security (DHS) Privacy Office and Office for Civil Rights and Civil Liberties issued CCTV: Developing Privacy Best Practices, a report that encourages government agencies to build privacy, civil rights, and civil liberties considerations into the design, acquisition, and operations of video surveillance systems. An appendix highlights the need to follow the Fair Information Practice Principles of Transparency, Individual Participation, Purpose Specification, Data Minimization, Use Limitation, Data Quality and Integrity, Security, and Accountability, and Auditing.43 “We need to have discussions with the public about new technologies and the robust privacy policies adopted to protect privacy. This lessens the pushback we get [and] benefits us in the long run.” Chief Art Acevedo, Austin (TX) Police Department44 10 MAKING SMART DECISIONS ABOUT SURVEILLANCE: A GUIDE FOR COMMUNITIES Effectively notifying the public that surveillance is being considered requires more than a line item in a public meeting agenda. Proactively reaching out to community groups, including those representing ethnic and religious communities, and local media to increase public awareness early in the process can help your entire community engage with the issue. 45 An informed debate also requires that your community has access to a wide range of information in order to assess how surveillance would work in practice and whether it would advance local goals. Hosting community meetings with various speakers representing different perspectives (not just law enforcement and the technology vendor) can help the community understand how the surveillance technology actually works and its potential implications. Your community should also prepare and release a Surveillance Impact Report to help everyone understand the scope and potential costs of the proposal and a draft Surveillance Use Policy that details the safeguards that would be put in place if the proposal were approved. Your community may also consider convening an ad-hoc committee of local residents, experts and advocates who can work together to make recommendations or help complete these documents. 464748 CASE STUDY: OAKLAND’S “DOMAIN AWARENESS CENTER” FORCED TO SCALE BACK AFTER KEEPING COMMUNITY IN THE DARK In 2013 the City of Oakland tried to expand its “Domain Awareness Center,” originally focused on the Port of Oakland, into a citywide surveillance network linking together video cameras from local streets and schools, traffic cameras, and gunshot microphones. Instead of soliciting early public input about the expanded system, Oakland tried to move forward without any meaningful engagement with the community. Residents were outraged and the City Council voted against expanding the system.45 CASE STUDY: CITIES ENGAGE WITH COMMUNITY MEMBERS TO EVALUATE SURVEILLANCE PROPOSALS Several cities considering proposals to introduce or expand surveillance have found it useful to actively engage community members through working groups and ad‐hoc committees to shape policy and provide oversight. The Redlands Police Department convened a Citizens’ Privacy Council, open to any resident of the city, to provide advice on policy for surveillance cameras and oversee police use of the cameras.46 Richmond formed an ad‐hoc committee to evaluate policies for its video surveillance program.47 And in 2014, following community backlash and the vote not to expand Oakland’s Domain Awareness Center, the City Council created a Privacy and Data Retention Ad Hoc Advisory Committee comprised of diverse community members to create safeguards to protect privacy rights and prevent the misuse of data for a scaled‐back system to be used at the Port of Oakland.48 11 ONLINE AT ACLUNC.ORG/SMARTABOUTSURVEILLANCE How will the community decide whether to proceed with a surveillance proposal? Community members deserve more than just information about surveillance proposals: they need the opportunity to weigh in on whether the proposal actually benefits the community and how or whether it should move forward, either by giving input to local policymakers at public hearings or by casting their own ballot on the issue. In either case, initial community approval should be obtained before any steps towards acquiring surveillance technology are taken, including applying for funding from outside entities. This ensures that external grants do not circumvent the proper democratic process and cut community members out of the loop. Local policymakers or the community as a whole should be given additional opportunities to weigh in if the proposal changes or as more details become available.49 2. DEFINE THE PURPOSE: ASK HOW AND WHETHER THIS TECHNOLOGY WILL AID YOUR COMMUNITY Your community cannot determine whether surveillance is an appropriate solution if you have not first identified the problem. Defining the specific purpose or issues that surveillance is intended to address is essential to evaluate the likely effectiveness of surveillance and to identify alternatives that might provide a better fit for your needs and budget. It can help highlight the individuals or communities who are likely to be most impacted by surveillance and ensure that their thoughts and concerns are fully understood. It also USE A SURVEILLANCE IMPACT REPORT TO MAKE AN INFORMED DECISION The scope and potential costs of a surveillance technology should be assessed and made available to the community through a Surveillance Impact Report. This report should include: o information describing the technology, how it works, and what it collects, including technology specification sheets from manufacturers; o the proposed purposes(s) for the surveillance technology; o the location(s) it will be deployed and crime statistics for any location(s); o an assessment identifying any potential impact on civil liberties and civil rights and discussing any plans to safeguard the rights of the public; and o the fiscal costs for the surveillance technology, including initial purchase, personnel and other ongoing costs, and any current or potential sources of funding. A worksheet to help your community prepare a Surveillance Impact Report is available at aclunc.org/smartaboutsurveillance. CASE STUDY: SAN JOSE’S DRONE GROUNDED UNTIL COMMUNITY APPROVES San Jose residents were outraged when they learned that their police department had purchased a drone without any public debate. Amid critical media coverage and protests from community groups, civil‐rights advocates, and local residents, police apologized and said they would ground the drone until they could conduct adequate public outreach.49 12 MAKING SMART DECISIONS ABOUT SURVEILLANCE: A GUIDE FOR COMMUNITIES provides a starting point for crafting a Surveillance Use Policy by defining specific objectives for which surveillance is appropriate and barring its use outside of those purposes. 50 What specific community purposes will be aided by adopting this technology? A well-defined community purpose should include a specific problem and a measurable outcome that the community desires. Vague purposes such as “protecting our city from criminals” make it difficult for the community to understand how surveillance might be used or how its effectiveness might be measured. In contrast, a purpose such as “increase recovery of stolen vehicles” succinctly identifies an outcome desired by community members and helps frame public discussion. That discussion may in turn lead you to narrow or alter the purposes for which surveillance should be used, if you decide to use it at all.51 CASE STUDY: OAKLAND SPENDS $2M ON “HARDLY‐USED” POLICE TECHNOLOGY The cash‐strapped city of Oakland learned the hard way that acquiring new police technology without a clearly‐defined purpose can be a waste of time and money. A city audit revealed that the city had squandered almost $2 million on hardly‐used police technology between 2006 and 2011. The auditor recommended steps to ensure that technology purchases were intended to fulfil specific strategic objectives and regular evaluation of their effectiveness.51 SURVEILLANCE AT THE “BORDER” When you think of the border, you probably imagine a narrow line between our country and our neighbors. But federal regulations grant the U.S. Customs and Border Protection Agency broad authority within 100 miles of the edge of U.S. territory, which includes not just cities like San Diego but Los Angeles, San Francisco, and even Fresno, Redding, and Sacramento.50 This means that the deployment of surveillance technology by border agencies, including technologies originally developed for military purposes, impacts individuals and communities throughout California. Unfortunately, there is very little transparency about the use of surveillance technology by border agencies. Are local officials or lawmakers cooperating in surveillance activities? Are they even informed? Or is the federal government monitoring Californians far from the actual border without the safeguards that our democracy and Constitution demand? A serious and informed discussion of the implications of widespread surveillance at the “border,” whether by your local law enforcement or a federal agency, is absolutely necessary to prevent widespread violations of Americans’ rights to privacy, property, liberty, equal protection, and due process. Even if your community can’t easily prevent federal agencies from monitoring you, it can make sure that local law enforcement and lawmakers are transparent about their role. And it can clearly send a message to federal and state policymakers that you expect to be part of the discussion of any kind of surveillance in your area. 13 ONLINE AT ACLUNC.ORG/SMARTABOUTSURVEILLANCE Will this surveillance technology help your community achieve that purpose? After your community identifies the purposes that surveillance technology might be able to address, you should evaluate whether the proposed technology would actually achieve them. Manufacturer’s claims should not be taken at face value, and certainly not in isolation. Instead, your community should look at all of the evidence or arguments suggesting that surveillance will or will not effectively help you achieve your defined purpose.52 Are there better alternatives to achieve your purpose? Even if the proposed surveillance technology does seem likely to help your community achieve its purpose, there still may be alternatives that are just as (or more) effective, less expensive, and/or less likely to be misused or otherwise impact your community members. In particular, you should compare the effectiveness and costs of technology-based solutions with non- technology-oriented approaches to address the problem. For example, multiple studies have shown that traditional approaches such as increased lighting and foot patrols significantly reduce crime.53 You should not automatically assume that surveillance technology will be more effective.54 3. IDENTIFY THE COSTS AND RISKS: EXAMINE FINANCIAL, LEGAL, AND PRACTICAL CONSEQUENCES Even if a specific technology is appropriate for your community’s purposes, there still may be financial, legal and practical concerns that may make adopting it undesirable. This section will help you measure the likely costs of surveillance so that you can determine whether they are truly outweighed by the expected benefits. CASE STUDY: CITIES REPLACE RED LIGHT CAMERAS WITH LONGER YELLOW LIGHTS California cities are increasingly shutting down red light cameras as evidence mounts that the cameras increase, rather than decrease, traffic accidents. For example, in Walnut, CA, a study found that red light cameras resulted in dramatic increases in “red light running collisions” (400%), “rear end collisions” (71%) and “broadside collisions” (100%)” and that “no argument can be made that photo enforcement has improved safety . . . within the city of Walnut. In fact, the use of red light cameras appears to have decreased safety and put roadway users at increased risk.” In light of this evidence, more than half of the California cities that once used red light cameras have ended their programs, turning instead to alternatives that have proven more effective at preventing accidents such as longer yellow lights at dangerous intersections.54 CASE STUDY: SAN FRANCISCO RECONSIDERS PLANS TO EXPAND SAFETY CAMERA PROGRAM THAT FAILS TO IMPROVE COMMUNITY SAFETY In 2005, San Francisco set out to deter violent crime and provide police with an investigative tool by installing video cameras in the City’s high‐crime, high‐traffic areas. However, post‐installation crime statistics published by mandate under a city ordinance revealed that the cameras neither reduced crime nor assisted in solving them in any meaningful way. In fact, the cameras only led to six suspects being charged by the SFPD between 2005 and 2008. As a result, the Police Commission reconsidered its plans to expand the program.52 14 MAKING SMART DECISIONS ABOUT SURVEILLANCE: A GUIDE FOR COMMUNITIES How much will the technology cost your community to acquire and operate? Deciding how to allocate funds is one of your community’s most important tasks. Every dollar your community spends on surveillance technology is a dollar it cannot spend on some other community need. Residents deserve assurance that funds are being spent on mutually agreed-upon interests. Costs related to surveillance technology will include personnel time, training costs, maintenance and upkeep, as well as any network and storage costs for the data your community may collect. Potential costs associated with risks of data breach or lawsuits based on abuse of surveillance also need to be recognized.55 These questions cannot be dismissed solely because your community is seeking grant funding to pay for the technology. These grants are attractive for obvious reasons: they appear to allow your community to buy a technology without having to spend local taxpayer dollars. But outside grants may not cover the costs that follow a technology’s adoption, particularly the long-term costs of operation, repairs, and personnel. Estimating these costs as accurately as possible — and making sure those estimates are shared with the community and made part of the debate about adopting surveillance — is key. What are the legal risks and associated potential costs of the surveillance proposal? Surveillance technology can carry a number of significant legal risks, in part because of rapid changes to privacy law. Even under current law, misuse of surveillance systems or data or technical glitches outside of your control could subject your community to potential legal liability. And as courts and lawmakers continue to reassess how privacy and free speech rights should apply in the digital age, there is a risk that your community’s investment in surveillance technology could leave you with equipment that can no longer be legally used as intended. These factors need to be accounted for when performing a cost- benefit analysis of any surveillance proposal. 5657 “One more question to ask ourselves is whether we are carefully considering the infrastructure that is needed to support technology — the costs of monitoring it and of staffing technology units at a time when departments are laying off civilians. We really need to think about all of the aspects of technology when initial investments are being made.” ‐ Police Executive Research Forum, “How Are Innovations in Technology Affecting Policing?”55 CASE STUDY: FBI REMOVES GPS TRACKERS AFTER SUPREME COURT RULES THAT WARRANTLESS TRACKING IMPLICATES FOURTH AMENDMENT The FBI had installed approximately 3,000 GPS trackers on cars without a warrant throughout the United States when the U.S. Supreme Court ruled in 2012 that their use implicated the Fourth Amendment.56 As a result, the FBI deactivated the warrantless trackers and its agents had to physically retrieve them.57 Obtaining warrants before using those GPS trackers would have ensured the constitutionality of obtained evidence and saved the FBI considerable time and effort. 15 ONLINE AT ACLUNC.ORG/SMARTABOUTSURVEILLANCE How could the surveillance proposal negatively impact public safety or individual rights? A surveillance proposal designed to benefit your community may carry side effects that undermine that objective. Insecure systems can present a tempting target for hackers, potentially making your community less safe in the process. Surveillance programs that target — or appear to target — specific groups, especially those that already feel marginalized, can make it harder for law enforcement to work cooperatively with those groups to investigate crimes. And surveillance can chill political and social engagement such as attendance at political rallies, gun shows, or religious ceremonies if community members fear that their individual lives are constantly being monitored. Identifying the harms as well as benefits of surveillance is an important part of evaluating any proposal.58 B. ESTABLISH A SURVEILLANCE USE POLICY TO MITIGATE HARMS AND PROTECT RIGHTS If after careful consideration and public debate your community decides that a particular surveillance technology is worth adopting, you need to ensure that policies are in place so that it is used properly. A clear, legally enforceable Surveillance Use Policy that provides guidance about when and how to use surveillance can safeguard individual rights while protecting local law enforcement and your entire community from costly lawsuits, bad press, loss of community trust, and more. Recognizing the necessity of use policies, Seattle and Spokane, Washington recently passed ordinances requiring police to develop use guidelines for new surveillance equipment before using it.59 60 Here are some of the key elements of a robust, legally enforceable Surveillance Use policy. 1. USE APPROPRIATELY: PLACE CLEAR LIMITS ON SURVEILLANCE If your community has been following this guide, you’ve already defined community purposes that justify a particular technology. Now it’s time to use those purposes to decide and memorialize the acceptable uses that will benefit the community and those that are simply prohibited. Doing so safeguards against use of the technology in a manner the community never intended. CASE STUDY: REDLANDS DEPLOYS INSECURE CAMERA NETWORK The surveillance camera network in the city of Redlands made the news for the wrong reasons when computer security experts demonstrated how easily they could take control of the cameras. Although the police department expressed concern about “people with criminal intent using the public camera feed to case homes or businesses or track the police force,” the network was deployed with no security at all. Even after the story broke, the network was secured with an outdated encryption protocol that a researcher described as “putting a diary lock on your front door.”58 CASE STUDY: LAPD BODY CAMERA POLICIES PROTECT OFFICERS AND THE PUBLIC After announcing its intention to adopt body cameras, the Los Angeles Police Department reached out to the police union, the ACLU, and the public, to get input on the program and help designing policies that adequately safeguard privacy of officers and citizens. Being transparent about the program and soliciting input from the beginning can help ensure policymakers identify problems and address them from the start.60 16 MAKING SMART DECISIONS ABOUT SURVEILLANCE: A GUIDE FOR COMMUNITIES When is surveillance permitted or prohibited? The first step is straightforward but essential: defining how and when the technology may be used. Every entity in your community that conducts surveillance should have a policy that clearly specifies appropriate uses of each technology and bars all other uses. In order to benefit from and reflect community input and oversight, technology should only be used for the particular purposes for which it was acquired. Any proposed new uses should be subject to the same public discussion as the acquisition of new technology, allowing the community to weigh in on the appropriateness of any expanded purpose. Your policy needs to be consistent with constitutional guarantees of privacy, equal protection, freedom of speech and freedom of religion. In fact, your use policy should not only address clearly unlawful but also potentially unlawful uses of surveillance technology. If there are questions about the legality of a specific practice, your use policy should prohibit that practice until there is a definite answer. What legal or internal process is required to use surveillance? It is also important to ensure that all legally required and internal processes are followed each time surveillance is used. These processes help to prevent unauthorized or outright illegal uses and also make sure that even appropriate uses of the surveillance technology minimize the impact on individual rights. In many cases, the best way to ensure that legal requirements are satisfied is to require a search warrant prior to conducting surveillance, allowing the court system to play a role in overseeing the program. With the streamlined modern warrant process, officers can seek a judge’s approval quickly and easily by simply placing a phone call or using a mobile device.61 Internal recordkeeping, including recording the reason for each use of surveillance, can also help ensure compliance with the appropriate use policy and create an audit trail for ongoing feedback and oversight. How are officers trained before they conduct surveillance? Having clear policies is not helpful if the people using the technology or the data it collects lack the underlying knowledge to comply with those policies. You need to ensure that training programs for anyone involved with surveillance are comprehensive, encompassing not just the technology and Surveillance Use Policy but the purposes and legal rules that inform the Policy. Training should spell out both the obligations of anyone using the technology and the consequences for policy violations. 62 Are you only collecting necessary data? Ensuring that surveillance technology is used in a way that accomplishes its stated purpose without collecting additional data is a straightforward way to reduce the risk of privacy invasions. That’s why the federal statute authorizing wiretaps has from its inception required “minimization” — an effort to make sure that even after a warrant has issued and collection is underway, police only intercept communications relevant to the investigation, not every communication made by the target.63 “All of our officers receive First and Fourth Amendment training before they’re allowed to access the system in any way.” ‐ Jonathan Lewin, Chicago Police Department Office of Emergency Management and Communications62 17 ONLINE AT ACLUNC.ORG/SMARTABOUTSURVEILLANCE The same principle should be applied to other forms of surveillance, requiring a reasonable effort to avoid collecting superfluous information. For example, a police department that deploys drones to an accident scene to quickly identify any need for police or emergency intervention does not need to record and retain video footage.64 2. PREVENT MISUSE OF DATA: LIMIT WHEN DATA CAN BE USED AND WHO CAN ACCESS IT Even data collected for a legitimate purpose can be put to illegitimate uses. It is essential that your community establish clear rules so that surveillance data is used only for approved purposes. Doing so not only prevents outright abuses of the data that can erode public trust but also keeps “mission creep” from altering the balance that you have already worked out between government actions and individual liberties. How will surveillance data be secured? The first step in preventing misuse of data is ensuring that it is stored securely. Technical safeguards are necessary to help protect community members’ data from accidental disclosure and misuse. You should consult with experts and implement safeguards at multiple levels that protect data at all points in its lifespan. Your community may already possess secure storage space separated from other databases and computer systems. This provides you with an obvious level of control. If you choose to store data elsewhere, you must ensure that it is secure and subject to your safeguards. Your community should also designate someone as an authority or custodian with responsibility over community members’ data and your storage systems. 65 Under what circumstances can collected data be accessed or used? In addition to technical safeguards to protect data, you should also limit the circumstances under which it can be legitimately accessed or used. These limits should be based on the specific purposes your community agreed to when it adopted the technology. For example, if the purpose of the technology is to address specific violent crimes, your policy might allow database searches only as part of an official investigation of a violent crime, and only for data that is related to that investigation. Data access and use CASE STUDY: OHIO STATE HIGHWAY PATROL RETAINS ONLY ALPR HITS The Ohio State Highway Patrol policy for automated license plate readers (ALPRs) states that “all ‘non‐ hit’ captures shall be deleted immediately.” The ALPR program is intended to detect stolen vehicles, Amber Alerts, and persons with outstanding warrants. As a result, retaining data about “non‐hit” vehicles does not further that purpose, and a policy of deleting that data immediately protects the community from unnecessary risks.64 CASE STUDY: MONTEREY COUNTY SUFFERS DATA BREACH DUE TO “TOTALLY OBSOLETE” DATA PRACTICES Monterey County’s computer systems were breached in 2013 and the personal information of over 140,000 local residents was stolen. A subsequent grand jury investigation concluded that the breach stemmed from “totally obsolete” data practices and a failure to follow privacy laws. The grand jury warned of “serious financial consequences” if the county failed to change its practices.65 18 MAKING SMART DECISIONS ABOUT SURVEILLANCE: A GUIDE FOR COMMUNITIES policies that are consistent with the articulated purposes for the system will provide guidance to operators and engender community trust by deterring abuses that can follow unfettered access to surveillance data. Your community’s goal of balancing privacy and security will be easier to achieve if particular data access and use limits are accompanied by steps to ensure the rules are followed. Database access should be limited — for example, by only allowing junior staff to access data with the permission and guidance of a more senior officer, or by limiting data access solely to senior officers. As explained earlier, training is a must. Restricting data access to a limited set of trained employees decreases the potential that community members’ data can be misused. To ensure targeted use of data, it may be appropriate to require a search warrant or similar external process before the data can be accessed at all. 6667 What limits exist on sharing data with outside entities? Placing limits on how you use the data is a great step, but third parties you share the information with may not have the same limits in place. To protect residents’ privacy and prevent uses of information contrary to community desires, it is important to articulate when — if ever — your purposes justify sharing any collected information. During the public debate over your Surveillance Use Policy, the community should decide when sharing is permissible and when it is prohibited. If data can be shared, your community must also determine how to ensure that the entity receiving the data lives up to your community’s standards. This may require contractual language binding the third party to your data policies and safeguards. For example, the city of Menlo Park, California specifically requires by ordinance that any agreement with Northern California’s fusion center demand compliance with the City’s own retention policy.68 If a potential recipient of your data cannot agree with your policies or conditions, the best choice is to not share your data. 3. LIMIT DATA RETENTION: KEEP INFORMATION ONLY AS LONG AS NECESSARY The longer you retain information, the greater the potential privacy and security risks. The easiest way to minimize these risks is to retain only the information you need and only for as long as you need it. Does retaining data help accomplish the purpose for which the technology was acquired? To maximize the usefulness of your technology and minimize civil liberties concerns, your retention period should not be longer than necessary to directly advance community purposes. For instance, deploying automated license plate readers to locate stolen or Amber Alert vehicles is not aided by the collection of historical data. Retaining data “just in case it becomes useful” increases the risk that data will be used contrary to the purpose agreed upon by the community or wind up in the hands of a bad actor. Retaining data can also increase the costs of surveillance by requiring expensive storage solutions and making it harder to effectively use the system. Focusing on the specific objective that surveillance is intended to accomplish can help you determine a retention period that balances that objective with the costs and risks associated with data retention. CASE STUDY: LAX POLICIES LEAD TO “LOVEINT” ABUSE Without strong policies limiting access to data, the temptation to misuse the system for personal interests can be hard to resist. The NSA even has a specific term, LOVEINT, for employees who monitor their significant others,66 and two Fairfield officers could face criminal charges after using a statewide police database to screen women from online dating sites.67 19 ONLINE AT ACLUNC.ORG/SMARTABOUTSURVEILLANCE Are there other legal or policy reasons that inform your data retention policy? There may be other legal and policy issues that affect your data retention policy, informed by legal concerns unrelated to your community’s purposes. For example, your community should choose a retention period that balances a desire to be responsive to public records requests with residents’ civil liberties, including privacy. Responsiveness to records requests should not be a primary justification for an extended retention period, however, since community concerns about surveillance are better addressed by retaining less information in the first place. 69 What happens when the data retention period expires? To prevent misuse of data after your community’s desired retention period has lapsed, ensure that data is regularly deleted after that time. This can be accomplished via automated technical measures or periodic audits. Before data is collected, your community should also decide whether there are any specific circumstances that justify the retention of data beyond your community’s chosen retention period and specify what specific condition(s) must be met in order to do so. For instance, it might be appropriate to preserve data relevant to a specific ongoing investigation, data necessary to complete an investigation of internal data misuse, and data relevant to a criminal defendant’s case. Any such conditions should be informed by your community’s purposes and clearly articulated in your Surveillance Use Policy. C. ENSURE ACCOUNTABILITY BY ENFORCING POLICIES AND ENCOURAGING ONGOING PUBLIC ENGAGEMENT Even if your community has already deployed surveillance technology, the community as a whole has a crucial role in ensuring that the public interest is still being accomplished by surveillance. One key question is whether your Surveillance Use Policy is actually effectively safeguarding individual rights and preventing abuses. A second is whether the assumptions you made when you approved surveillance in the first place still hold true after actual experience with the technology and its impact. Revamping or even cancelling an ineffective or imbalanced program is better than wasting time, money, and community trust on a tool that does more harm than good. 1. IDENTIFY AND ADDRESS ABUSES: AUDIT USE OF TECHNOLOGIES AND DATA AND ADDRESS ANY MISUSE The safeguards in your Surveillance Use Policy are only worthwhile if the policy is actually followed. But given the secretive nature of many forms of surveillance, ensuring compliance takes conscious effort. Strong internal and external oversight and auditing can help identify isolated or systemic abuses of surveillance technology, and legally enforceable sanctions can deter both. What type of supervision exists for persons operating the technology? Your system of management, in addition to technical measures, facilitates internal oversight of your technology and data. Designating a chain of command for a given surveillance technology helps specific personnel understand what responsibilities they have over the equipment or data and makes it easy to trace where misuse occurred. All of this helps your community deter abuses and guarantee that resources are used wisely. “If there’s anything of a criminal nature recorded on video, it’s grabbed and inventoried within hours. Most everything else is never looked at again, so it’s purged automatically.” ‐ Commander Steven Caluris, Chicago Police Department69 20 MAKING SMART DECISIONS ABOUT SURVEILLANCE: A GUIDE FOR COMMUNITIES How will misuses of the technology be identified? The best way to identify misuse of surveillance is to “watch the watchers” by keeping thorough records of each time surveillance is deployed or surveillance data is called up. The person or persons with oversight responsibility should be independent, be given full access to the technology and database, and empowered to receive complaints about misuse and draw conclusions that can lead to legally enforceable consequences. To catch what human oversight misses, your community should ensure that technical measures including access controls and audit logs are in place. Placing the oversight authority with a third party such as the City Council or a citizen panel may also increase the likelihood that the misuses are accurately identified. 70 What legally enforceable sanctions exist against misuse and abuse of this technology? By establishing consequences for violations of the guidelines, your community encourages proper use of the technology and sends a message that community values apply to everyone. Depending on the circumstances, sanctions ranging from retraining to fines, suspensions, or termination may be appropriate for violations of your Surveillance Use Policy. In addition, your community should provide an appropriate remedy for anyone harmed by an abuse. Legally enforceable sanctions discourage misuse and guarantee that aggrieved community members will be made whole. 2. KEEP THE DIALOG OPEN: ENCOURAGE PUBLIC OVERSIGHT AND ONGOING DISCUSSION Your community at large plays two essential roles in ensuring that any current surveillance program actually benefits your community. First, transparency about abuses of surveillance allows the community to determine whether the Surveillance Use Policy or any associated sanctions need to be revised to address the issue. Second, as your community learns first-hand whether surveillance is effective and how it impacts different individuals and groups, you may wish to reassess the purposes for which surveillance should be used or even whether it should still be used at all. Surveillance should be under the control of the community at all times, not just when it is initially being considered. How will the community continue to be informed about the surveillance program? It is important that your community’s oversight mechanisms not only are in place before surveillance is used but also remain available as long as the surveillance program continues or any collected data remains. This allows the community to continue to learn about and provide feedback on the effectiveness and impact of surveillance, and provides the information you will need to evaluate any changes going forward. “[A]ll usage is supervised. All camera and operator actions are logged and can be tracked later.” ‐ Jonathan Lewin, Chicago Police Department Office of Emergency Management and Communications.70 CASE STUDY: FRESNO ADOPTS ANNUAL AUDIT OF VIDEO SURVEILLANCE When the Fresno Police Department proposed a citywide video‐policing program using live‐feed cameras, the city council required an annual independent audit to ensure that all of the privacy and security guidelines for the system’s use are being followed. Fresno Police Chief Jerry Dyer said he supported the audit: “I have no doubt the audit will be very helpful to our ongoing video policing operations.” The city’s auditor, a retired federal district court judge with deep experience on civil rights cases, examined current use of the system and made specific policy recommendations.71 21 ONLINE AT ACLUNC.ORG/SMARTABOUTSURVEILLANCE One of the most effective ways to keep your community informed is to produce an annual report about each surveillance technology that has been used in this past year. This report should include: o A description of how and how often the technology was used; o Information, including crime statistics, that indicate whether the technology was effective at accomplishing its stated purpose; o A summary of community complaints or concerns about the technology; o Information about any violations of the Surveillance Use Policy, data breaches, or similar incidents, including the actions taken in response, or results of any internal audits; o Whether and how data acquired through the use of the technology was shared with any outside entities; o Statistics and information about Public Records Act requests, including responses; and o The total annual costs for the technology, including personnel and other ongoing costs, and any external funding available to fund any or all of those costs in the coming year. 71 In addition, there may be other ways to provide your community with information about the operation and effectiveness of the surveillance program. Responding to Public Records Act requests with as much information as possible, taking into account factors such as the privacy rights of individuals whose information may be included in the requested data, is one way to allow interested community members access to concrete information about the program. Creating standing committees of community members, regularly holding public events and forums, and establishing open inspection periods for the technology can also help keep the community informed. How will local officials and the public re‐evaluate the decision to engage in surveillance or the existing policies and safeguards? The community’s decision to approve surveillance should be reconsidered on an annual basis. If there is evidence that call into question the conclusion that the benefits of surveillance outweigh costs and concerns, or that there are better ways to achieve the same purpose with fewer costs or risks, policymakers should seek community input and take whatever action is appropriate to address these concerns. That may involve narrowing the purpose or scope of surveillance, requiring modifications to the Surveillance Use Policy, or exploring alternatives that better address community needs. Conclusion Communities increasingly understand the need to make smart choices about surveillance technology and ensure that time, energy, and resources are not spent on systems that cost more, do less, and have a greater impact on the rights of community members than you expect. And following public outcry about NSA spying and the use of military equipment by local police, community members demand — and deserve — both a voice in any decision to deploy surveillance technology and reassurance that robust safeguards and public oversight will be in place if surveillance is going to be used. Make sure that your entire community is engaged in asking and answering the right questions about surveillance technology by adopting a Surveillance & Community Safety Ordinance and following the other recommendations in this guide. 22 MAKING SMART DECISIONS ABOUT SURVEILLANCE: A GUIDE FOR COMMUNITIES Appendix: Model Surveillance & Community Safety Ordinance A. KEY PRINCIPLES OF THE MODEL ORDINANCE o Informed Public Debate at Earliest Stage of Process: Public notice, distribution of information about the proposal, and public debate prior to seeking funding or otherwise moving forward with surveillance technology proposals. o Determination that Benefits Outweigh Costs and Concerns: Local leaders, after facilitating an informed public debate, expressly consider costs (fiscal and civil liberties) and determine that surveillance technology is appropriate or not before moving forward. o Thorough Surveillance Use Policy: Legally enforceable Surveillance Use Policy with robust civil liberties, civil rights, and security safeguards approved by policymakers. o Ongoing Oversight & Accountability: Proper oversight of surveillance technology use and accountability through annual reporting, review by policymakers, and enforcement mechanisms. B. MODEL ORDINANCE TEXT The [Council/Board of Supervisors] finds that any decision to use surveillance technology must be judiciously balanced with the need to protect civil rights and civil liberties, including privacy and free expression, and the costs to [City/County]. The [Council/Board] finds that proper transparency, oversight, and accountability are fundamental to minimizing the risks posed by surveillance technologies. The [Council/Board] finds it essential to have an informed public debate as early as possible about whether to adopt surveillance technology. The [Council/Board] finds it necessary that legally enforceable safeguards be in place to protect civil liberties and civil rights before any surveillance technology is deployed. The [Council/Board] finds that if surveillance technology is approved, there must be continued oversight and annual evaluation to ensure that safeguards are being followed and that the surveillance technology’s benefits outweigh its costs. NOW, THEREFORE, BE IT RESOLVED that the [Council/Board] of [City/County] adopts the following: Section 1. Title This ordinance shall be known as the Surveillance & Community Safety Ordinance. Section 2. [Council/Board] Approval Requirement 1) A [City/County] entity must obtain [Council/Board] approval at a properly-noticed public hearing prior to any of the following: a) Seeking funds for surveillance technology, including but not limited to applying for a grant, accepting state or federal funds, or in-kind or other donations; b) Acquiring new surveillance technology, including but not limited to procuring such technology without the exchange of monies or consideration; c) Using new surveillance technology, or using existing surveillance technology for a purpose, in a manner or in a location not previously approved by the [Council/Board]; or d) Entering into an agreement with a non-[City/County] entity to acquire, share or otherwise use surveillance technology or the information it provides. 2) A [City/County] entity must obtain [Council/Board] approval of a Surveillance Use Policy prior to engaging in any of the activities described in subsection (1)(b)-(d). 23 ONLINE AT ACLUNC.ORG/SMARTABOUTSURVEILLANCE Section 3. Information Required 1) The [City/County] entity seeking approval under Section 2 shall submit to the [Council/Board] a Surveillance Impact Report and a proposed Surveillance Use Policy at least forty-five (45) days prior to the public hearing. 2) The [Council/Board] shall publicly release in print and online the Surveillance Impact Report and proposed Surveillance Use Policy at least thirty (30) days prior to the public hearing. Section 4. Determination by [Council/Board] that Benefits Outweigh Costs and Concerns The [Council/Board] shall only approve any action described in Section 2, subsection (1) of this ordinance after making a determination that the benefits to the community of the surveillance technology outweigh the costs and the proposal will safeguard civil liberties and civil rights. Section 5. Compliance for Existing Surveillance Technology Each [City/County] entity possessing or using surveillance technology prior to the effective date of this ordinance shall submit a proposed Surveillance Use Policy no later than ninety (90) days following the effective date of this ordinance for review and approval by [Council/Board]. If such review and approval has not occurred within sixty (60) days of the submission date, the [City/County] entity shall cease its use of the surveillance technology until such review and approval occurs. Section 6. Oversight Following [Council/Board] Approval 1) A [City/County] entity which obtained approval for the use of surveillance technology must submit a Surveillance Report for each such surveillance technology to the [Council/Board] within twelve (12) months of [Council/Board] approval and annually thereafter on or before November 1. 2) Based upon information provided in the Surveillance Report, the [Council/Board] shall determine whether the benefits to the community of the surveillance technology outweigh the costs and civil liberties and civil rights are safeguarded. If the benefits do not outweigh the costs or civil rights and civil liberties are not safeguarded, the [Council/Board] shall direct that use of the surveillance technology cease and/or require modifications to the Surveillance Use Policy that will resolve the above concerns. 3) No later than January 15 of each year, the [Council/Board] shall hold a public meeting and publicly release in print and online a report that includes, for the prior year: a. A summary of all requests for [Council/Board] approval pursuant to Section 2 or Section 5, including whether the [Council/Board] approved or rejected the proposal and/or required changes to a proposed Surveillance Use Policy before approval; and b. All Surveillance Reports submitted. Section 7. Definitions The following definitions apply to this Ordinance: 1) “Surveillance Report” means a written report concerning a specific surveillance technology that includes all of the following: a. A description of how the surveillance technology was used; b. Whether and how often data acquired through the use of the surveillance technology was shared with outside entities, the name of any recipient entity, the type(s) of data disclosed, under what legal standard(s) the information was disclosed, and the justification for the disclosure(s); c. A summary of community complaints or concerns about the surveillance technology; 24 MAKING SMART DECISIONS ABOUT SURVEILLANCE: A GUIDE FOR COMMUNITIES d. The results of any internal audits, any information about violations of the Surveillance Use Policy, and any actions taken in response; e. Information, including crime statistics, that help the community assess whether the surveillance technology has been effective at achieving its identified purposes; f. Statistics and information about public records act requests, including response rates; and g. Total annual costs for the surveillance technology, including personnel and other ongoing costs, and what source of funding will fund the technology in the coming year. 2) “[City/County] entity” means any department, bureau, division, or unit of the [City/County]. 3) “Surveillance technology” means any electronic device, system utilizing an electronic device, or similar used, designed, or primarily intended to collect, retain, process, or share audio, electronic, visual, location, thermal, olfactory or similar information specifically associated with, or capable of being associated with, any individual or group. 4) “Surveillance Impact Report” means a publicly-released written report including at a minimum the following: (a) Information describing the surveillance technology and how it works, including product descriptions from manufacturers; (b) information on the proposed purposes(s) for the surveillance technology; (c) the location(s) it may be deployed and crime statistics for any location(s); (d) an assessment identifying any potential impact on civil liberties and civil rights and discussing any plans to safeguard the rights of the public; and (e) the fiscal costs for the surveillance technology, including initial purchase, personnel and other ongoing costs, and any current or potential sources of funding. 5) "Surveillance Use Policy" means a publicly-released and legally-enforceable policy for use of the surveillance technology that at a minimum specifies the following: a. Purpose: The specific purpose(s) for the surveillance technology. b. Authorized Use: The uses that are authorized, the rules and processes required prior to such use, and the uses that are prohibited. c. Data Collection: The information that can be collected by the surveillance technology. d. Data Access: The individuals who can access or use the collected information, and the rules and processes required prior to access or use of the information. e. Data Protection: The safeguards that protect information from unauthorized access, including encryption and access control mechanisms. f. Data Retention: The time period, if any, for which information collected by the surveillance technology will be routinely retained, the reason such retention period is appropriate to further the purpose(s), the process by which the information is regularly deleted after that period lapses, and the specific conditions that must be met to retain information beyond that period. g. Public Access: How collected information can be accessed or used by members of the public, including criminal defendants. h. Third Party Data Sharing: If and how other [City/County] or non-[City/County] entities can access or use the information, including any required justification or legal standard necessary to do so , and any obligations imposed on the recipient of the information. i. Training: The training required for any individual authorized to use the surveillance technology or to access information collected by the surveillance technology, including any training materials. j. Auditing and Oversight: The mechanisms to ensure that the Surveillance Use Policy is followed, including identifying personnel assigned to ensure compliance with the policy, internal recordkeeping of the use of the technology or access to information collected by the technology, technical measures to monitor for misuse, any independent person or entity with oversight authority, and the legally enforceable sanctions for violations of the policy 25 ONLINE AT ACLUNC.ORG/SMARTABOUTSURVEILLANCE Section 8. Enforcement 1) Any violation of this Ordinance constitutes an injury and any person may institute proceedings for injunctive relief, declaratory relief, or writ of mandate in any court of competent jurisdiction to enforce this Ordinance. 2) A court shall award costs and reasonable attorneys' fees to the plaintiff who is the prevailing party in an action brought to enforce this Ordinance. 3) In addition, for a willful, intentional, or reckless violation of this Ordinance, an individual shall be deemed guilty of a misdemeanor and may be punished by a fine not exceeding $1,000 per violation, imprisonment in the county jail for not more than six months, or both such a fine and imprisonment. Section 9. Severability The provisions in this Ordinance are severable. If any part of provision of this Ordinance, or the application of this Ordinance to any person or circumstance, is held invalid, the remainder of this Ordinance, including the application of such part or provisions to other persons or circumstances, shall not be affected by such holding and shall continue to have force and effect. Section 10. Effective Date This Ordinance shall take effect on [DATE]. 26 MAKING SMART DECISIONS ABOUT SURVEILLANCE: A GUIDE FOR COMMUNITIES 1 See Darwin Bond Graham & Ali Winston, The Hidden Costs of Oakland’s Surveillance Center, East Bay Express, Jan. 22, 2014, available at http://www.eastbayexpress.com/oakland/controversial-the-hidden-costs-of-oaklands-surveillance- center/Content?oid=3816398; Nancy La Vigne et al., Urban Institute, Evaluating the Use of Public Surveillance Cameras for Crime Control and Prevention (2011), available at http://www.cops.usdoj.gov/Publications/ e071112381_EvalPublicSurveillance.pdf. 2 Police Executive Research Forum, How Are Innovations in Technology Transforming Policing? 26 (Jan. 2012) [hereinafter PERF Report], available at http://www.policeforum.org/assets/docs/Critical_Issues_Series/ how%20are%20innovations%20in%20technology%20transforming%20policing%202012.pdf. 3 Press Release, Office of the Controller, Butkovitz Alarmed by Police Camera Program, June 20, 2012, http://www.philadelphiacontroller.org/page.asp?id=792. 4 See Fazaga v. FBI, 844 F.Supp.2d 1022 (C.D. Cal. 2012). 5 See Tim Cushing, Another Bogus Hit from a License Plate Reader Results in Another Citizen Surrounded by Cops with Guns Out, TechDirt (May 23, 2014), https://www.techdirt.com/articles/20140513/07404127218/another-bogus-hit-license-plate- reader-results-another-citizen-surrounded-cops-with-guns-out.shtml. 6 Cal. Civil Code § 1798.29 (2014). 7 Ponemon Inst. & Symantec, 2011 Cost of Data Breach Study: United States (2012), available at http://www.symantec.com/ content/en/us/about/media/pdfs/b-ponemon-2011-cost-of-data-breach-us.en-us.pdf. 8 Symposium, The Value of Privacy, U. Cal.-Hastings School of L. Const. L. Q., Apr. 7, 2014 (oral remarks), available at http://livestre.am/4P7Lk. 9 See Will Kane, Oakland to Limit Surveillance Center to Port, Airport, S.F. Gate, Mar, 6, 2014, available at http://www.sfgate.com/bayarea/article/Oakland-to-limit-surveillance-center-to-port-5290273.php. 10 For example, the San Francisco Police Department’s Mission Statement states that “policing strategies must preserve and advance democratic values” and that “police must respect and protect the rights of all citizens as guaranteed by the state’s Constitution.” Police Department, Mission Statement, http://sf-police.org/index.aspx?page=1616. 11 Terrence O’Brien, Caught Spying, FBI Asks Student to Return GPS Tracker, SWITCHED (Oct. 8, 2010), http://www.switched.com/2010/10/08/caught-spying-fbi-asks-student-to-return-gps-tracker/. 12 Michael Isikoff, FBI Tracks Suspects’ Cell Phones Without a Warrant, Newsweek, Feb, 18, 2010 (updated Mar. 13, 2010), available at http://www.newsweek.com/fbi-tracks-suspects-cell-phones-without-warrant-75099. 13 David Kravets, Rights Groups Decry New NSA Leak: Snooping on Muslim-Americans’ E-mail, Ars Technica (July 9, 2014), http://arstechnica.com/tech-policy/2014/07/rights-groups-decry-new-nsa-leak-snooping-on-muslim-americans-e- mail/. 14 Christian Watien, 5 Uses for Drones that Don’t Involve Fighting Terrorists, Epoch Times (Nov. 10, 2012), www.theepochtimes.com/n2/world/5-uses-for-drones-that-don-t-involve-fighting-terrorists-313051-print.html. 15 Executive Office of the President, Big Data: Seizing Opportunities, Preserving Values 66 (2014), available at http://www.whitehouse.gov/sites/default/files/docs/big_data_privacy_report_may_1_2014.pdf. 16 Andrea Peterson, LOVEINT: When NSA Officers Use Their Spying Power on Love Interests, Wash. Post, Aug. 24, 2013, available at http://www.washingtonpost.com/blogs/the-switch/wp/2013/08/24/loveint-when-nsa-officers-use-their- spying-power-on-love-interests/. 17 See Julia Angwin & Jennifer Valentino-DeVries, New Tracking Frontier: Your License Plates, Wall St. J., Sep. 29, 2012, available at http://online.wsj.com/news/articles/SB10000872396390443995604578004723603576296. 18 See Tanvir v. Holder, Case No. 13-CV-6951 (S.D. N.Y. Apr. 22, 2014) (First Amended Complaint), available at http://apps.washingtonpost.com/g/documents/world/lawsuit-accusing-us-of-putting-people-on-no-fly-list-after-they- say-they-wont-spy/941/. 19 Peter Nicholas, State Tracked Protesters in the Name of Security, L.A. Times, July 1, 2006, available at http://articles.latimes.com/2006/jul/01/local/me-security1.. 20 Camille T. Taiara, Monitoring Malcontents: Why Do the Governor’s Critics Keep Findings Themselves Targets of Strange Police Scrutiny?, S.F .Bay Guardian, http://www.sfbg.com/39/41/news_governator.html. 21 See Mike Rhodes, Students at CSUF Are Starving for Civil Liberties, Indybay (Apr. 27, 2005), https://www.indybay.org/newsitems/2005/04/27/17351181.php. 22 Local 10 ILWU v. City of Oakland, No. 3:03-cv-02962 (N.D. Cal. Apr. 28, 2005) (Jordan Dep. at 24:11-24). 23 See Bradley, Santa Cruzans Speak Out Against Police Infiltration and for an Independent Investigation, Indybay (Jan. 25, 2006), https://www.indybay.org/newsitems/2006/01/25/17981451.php. 24 Alex Marthews & Catherine Tucker, Government Surveillance and Internet Search Behavior (March 24, 2014), http://ssrn.com/abstract=2412564. 25 Riley v. California, 134 S. Ct. 2473, 2489 (2014). Endnotes 27 ONLINE AT ACLUNC.ORG/SMARTABOUTSURVEILLANCE 26 United States v. Jones, 132 S.Ct. 945, 955, 56 (2012). 27 Angel Jennings, Richard Winston & James Rainey, Sherriff’s Secret Air Surveillance of Compton Sparks Outrage, L.A. Times, Apr. 23, 2014, available at http://www.latimes.com/local/lanow/la-me-ln-sheriffs-surveillance-compton-outrage- 20140423-story.html. 28 Adam Goldman & Matt Apuzzo, NYPD Defends Tactics over Mosque Spying; Records Reveal New Details on Muslim Surveillance, Huffington Post (Feb 25, 2012), http://www.huffingtonpost.com/2012/02/24/nypd-defends-tactics- over_n_1298997.html; Adam Goldman & Matt Apuzzo, New York Drops Unit That Spied on Muslims, N.Y. Times, April 15, 2014, available at http://www.nytimes.com/2014/04/16/nyregion/police-unit-that-spied-on-muslims-is- disbanded.html. 29 European Parliament Directorate General Internal Policies, A Review of the Increased Used of CCTV and Video-Surveillance for Crime Prevention Purposes in Europe 15 (2009). 30 See Press Release, Leadership Conference, Civil Rights Principles for the Era of Big Data, http://www.civilrights.org/press/2014/civil-rights-principles-big-data.html. 31 U.S. v. Jones, 132 S.Ct. 945 , 954 (2012) (Sotomayor, J., concurring); id. at 957 (Alito, Ginsberg, Breyer, and Kagan, J., concurring in the judgment). 32 Klayman v. Obama, Civ. No. 13-0851 (D.D.C. Dec. 16, 2013). 33 U.S. v. Jones, 132 S.Ct at 956 (quoting U.S. v. Cuevas-Perez, 640 F.3d 272, 285 (7th Cir. 2011) (Flaum, J., concurring)). 34 Ballot Pamplet., Proposed Amendments to Cal. Const. with Arguments to Voters, Gen. Elec. (Nov. 7, 1972). 35 White v. Davis, 533 P.2d (Cal. 1975). 36 People v. Cook 41 Cal. 3d 373 (1985). 37 Robins v. Pruneyard Shopping Center, 592 P.2d 899 (Cal. 1979) (holding that, under the California Constitution, members of the public have a legal right to pass out pamphlets and seek signatures in a privately-owned shopping center), aff’d, .447 U.S. 74 (1980). 38 U.S.A. Freedom Act, H.R. 3361, 113th Cong. (2013). 39 Email Privacy Act, H.R. 1852, 113th Cong. (2013). 40 Allie Bohm, Status of Location Privacy Legislation in the States, ACLU Free Future (April 8, 2014), https://www.aclu.org/blog/technology-and-liberty-national-security/status-location-privacy-legislation-states (as of May 6, 2014). 41 Allie Bohm, Status of 2014 Domestic Drone Legislation in the States, ACLU Free Future (April 22, 2014), https://www.aclu.org/blog/technology-and-liberty/status-2014-domestic-drone-legislation-states (as of May 6, 2014). 42 See Bonnie Eslinger, Menlo Park Council Approves Ordinance Regulating Police Use of Surveillance, San Jose Mercury News, May 14, 2014, available at http://www.mercurynews.com/breaking-news/ci_25766277/menlo-park-council-approves- ordinance-regulating-police-use; Seattle City Council Enacts Groundbreaking Legislation Protecting Residents’ Civil Liberties, Local Progress (May 1, 2013), http://localprogress.org/seattle-city-council-enacts-groundbreaking-legislation-protecting- residents-civil-liberties/. 43 U.S. Dep’t of Homeland Security, CCTV: Developing Best Practices (2007), available at http://www.dhs.gov/xlibrary/assets/privacy/privacy_rpt_cctv_2007.pdf. 44 PERF Report, supra note 2, at 35. 45 Ali Winston, Oakland City Council Rolls Back the Domain Awareness Center, East Bay Express (Mar. 5, 2014), http://www.eastbayexpress.com/SevenDays/archives/2014/03/05/oakland-city-council-rolls-back-the-dac. 46 Redlands Police Department, Citizen Privacy Council, http://www.cityofredlands.org/police/CPC. 47 Memorandum, Establishing Ad Hoc Committee to Review the Community Warning System and Industrial Safety Ordinance (Sept. 18, 2012), http://64.166.146.155/agenda_publish.cfm?mt=ALL&get_month=9&get_year=2012&dsp=agm& seq=12339&rev=0&ag=241&ln=23604&nseq=0&nrev=0&pseq=12303&prev=0. 48 See Memorandum, City Administrator’s Weekly Report (Apr. 25, 2014), http://www2.oaklandnet.com/oakca1/groups/cityadministrator/documents/report/oak046804.pdf. 49 Robert Salonga, San Jose: Police Apologize for Drone Secrecy, Promise Transparency, San Jose Mercury News, Aug 5, 2014, available at http://www.mercurynews.com/crime-courts/ci_26279254/san-jose-police-apologize-secret-drone- purchase-promise. 50 See ACLU, Know Your Rights: The Government’s 100-Mile “Border” Zone — Map, https://www.aclu.org/know-your-rights- governments-100-mile-border-zone-map. 51 See Oakland City Auditor, Police Technology Performance Audit: FY 2006–07 through 2010–11 (2012), available at http://www.oaklandauditor.com/images/oakland/auditreports/0pd%20tech.pdf. 52 See Citris, Cistris Study on SF Public Cameras Released (Jan. 9, 2009), http://citris-uc.org/citris-study-on-sf-public- cameras-released/. 28 MAKING SMART DECISIONS ABOUT SURVEILLANCE: A GUIDE FOR COMMUNITIES 53 See David P. Farrington & Brandon C. Welsh, Effects of Improved Street Lighting on Crime: A Systematic Review, Home Office Research Study 251 (Aug. 2002), p. 42; Ronald V. Clarke, U.S. Department of Justice, Office of Community Oriented Policing Services, Improving Street Lighting to Reduce Crime in Residential Areas (Dec. 2008), available at http://cops.usdoj.gov/Publications/e1208-StreetLighting.pdf; Jay Beeber, Collision Analysis of the Photo Enforced Intersection in Walnut, CA, http://www.thenewspaper.com/rlc/docs/2014/ca-walnut.pdf. 54 See Steve Scauzillo, Red Light Cameras Being Stopped, L.A. Daily News. (Jan. 21, 2014), http://www.dailynews.com/general-news/20140121/red-light-cameras-being-stopped. 55 PERF Report, supra note 2, at 44. 56 United States v. Jones, 132 S. Ct. 945 (2012). 57 Joann Pan, FBI Turns Off 3000 GPS Devices After Ruling, Mashable (Feb. 27, 2012), http://mashable.com/2012/02/27/fbi-turns-off-3000-gps-devices/. 58 Kashmir Hill, Whoops, Anyone Could Watch California City’s Police Surveillance Cameras, Forbes.com (Aug. 21, 2014), http://www.forbes.com/sites/kashmirhill/2014/08/11/surveillance-cameras-for-all/. 59 Seattle City Council Enacts Groundbreaking Legislation Protecting Residents’ Civil Liberties, Local Progress (May 1, 2013), http://localprogress.org/seattle-city-council-enacts-groundbreaking-legislation-protecting-residents-civil-liberties/; Jamela Debelak, ACLU of Washington, Surveillance: Spokane Acts to Protect Privacy and Provide Transparency (Aug. 21, 2013), https://aclu-wa.org/blog/surveillance-spokane-acts-protect-privacy-and-provide-transparency. 60 Erika Aguilar, LAPD Body Cameras: 90-Day Test Seeks to Answer Key Questions to Create New Policy, 89.3 KPCC (Feb. 4, 2014), http://www.scpr.org/news/2014/02/04/41855/lapd-body-cameras-90-day-test-seeks-to-answer-key/. 61 Terry McFadden, Technology Helping Police to Receive Warrants Faster, WNDU.com (July 8, 2013), http://www.wndu.com/ news/specialreports/headlines/Technology-helping-police-to-receive-search-warrants-faster--214651051.html. 62 PERF Report, supra note 2, at 14. 63 18 U.S.C. § 2518(5) (2014). 64 Ohio State Highway Patrol Policy No. OSP-103.29 (revised Dec. 23, 2008). 65 Julia Reynolds, Monterey County Grand Jury Finds Computer Data Risks, Monterey Herald, Aug. 21, 2014, available at http://www.montereyherald.com/news/ci_26009592/monterey-county-grand-jury-finds-computer-data-risks. 66 Dianne Feinstein, NSA Officers Spy on Love Interests, Wall St. J., Aug. 23, 2013, available at http://blogs.wsj.com/washwire/2013/08/23/nsa-officers-sometimes-spy-on-love-interests/. 67 Anjali Hemphill, Dating on Duty: Officers Accused of Screening Dates Using Police System, CBS 13 Sacramento (Aug. 22, 2014), http://sacramento.cbslocal.com/2014/08/22/dating-on-duty-officers-accused-of-screening-dates-using-police-system/. 68 See Bonnie Eslinger, Menlo Park Council Approves Ordinance Regulating Police Use of Surveillance, San Jose Mercury News, May 14, 2014, available at http://www.mercurynews.com/breaking-news/ci_25766277/menlo-park-council-approves- ordinance-regulating-police-use. 69 PERF Report, supra note 5, at 36. 70 Id at 14. 71 George Hostetter, Former Judge Wanger Writes Far-Ranging Audit on Fresno Video Policing, Fresno Bee, Jan. 7, 2014, available at http://www.fresnobee.com/2014/01/07/3701754/judge-wanger-delivers-impressive.html. IACP Technology Policy Framework January 2014 Page 1 IACP TECHNOLOGY POLICY FRAMEWORK1 January 2014 Introduction New and emerging technologies increasingly play a crucial role in the daily work of police, equipping officers with enforcement and investigative tools that have the potential of making them safer, better informed, and more effective and efficient. Developing and enforcing comprehensive agency policies regarding deployment and use is a critical step in realizing the value that technologies promise, and is essential in assuring the public that their privacy and civil liberties are recognized and protected. Technological advances have made it possible to monitor and record nearly every interaction between police and the public through the use of in‐car and body‐worn video, access to an expanding network of public and private video surveillance systems, and the increasing use of smartphones with digital recording capabilities by citizens and officers alike. Police can track suspects with the use of GPS tracking technologies and officers themselves can be tracked with automated vehicle location (AVL) systems. Automated license plate recognition (ALPR) systems can scan the license plates of vehicles within sight of officers in the field and quickly alert them if the vehicle has been reported stolen or is wanted. Identity can be remotely verified or established with biometric precision using mobile fingerprint scanners and facial recognition software. Crimes can be mapped as they are reported, gunshot detection technology can alert law enforcement almost instantaneously when a firearm is discharged, and surveillance cameras can be programmed to focus in on the gunshot location and stream live video to both dispatchers and responding officers. With these advancements come new opportunities to enhance public and officer safety. They also present new challenges for law enforcement executives. The challenges include identifying which technologies can be incorporated by the agency to achieve the greatest public safety benefits, and defining metrics that will enable the agency to monitor and assess the value and performance of the technologies. Just because a technology can be implemented, does not mean that it should be. There are also challenges in integrating these technologies across different platforms, building resilient infrastructure and comprehensive security, providing technical support, and maintaining and upgrading applications and hardware. All of this can be confusing and technically demanding, underscoring the need for effective planning, strategic deployment, and performance management. IACP Technology Policy Framework January 2014 Page 2 Addressing these challenges is paramount because of the broader issues that the use of this expanding array of technologies by law enforcement presents. A principal tenet of policing is the trust citizens grant police to take actions on their behalf. If that trust is violated and public approval lost, police are not able to effectively perform their duties to keep communities safe. The Policy Mandate Creating and enforcing agency policies that govern the deployment and use of technology, protecting the civil rights and civil liberties of individuals, as well as the privacy protections afforded to the data collected, stored, and used, is essential to ensure effective and sustainable implementation, and to maintain community trust. Policies function to reinforce training and to establish an operational baseline to guide officers and other personnel in proper procedures regarding its use. Moreover, policies help to ensure uniformity in practice across the agency and to enforce accountability. Policies should reflect the mission and values of the agency and be tightly aligned with applicable local, state, and federal laws, regulations, and judicial rulings. Policies also function to establish transparency of operations, enabling agencies to allay public fears and misperceptions by providing a framework that ensures responsible use, accountability, and legal and constitutional compliance. The use of automated license plate recognition (ALPR) technologies, unmanned aerial systems, and body‐worn video by law enforcement, for example, has generated substantial public discussion, increasing scrutiny, and legislative action in recent years.2 Privacy advocates, elected officials, and members of the public have raised important questions about how and under what circumstances these technologies are deployed, for what purposes, and how the data gathered by these technologies are retained, used, and shared. Having and enforcing a strong policy framework enables law enforcement executives to demonstrate responsible planning, implementation, and management. Agencies should adopt and enforce a technology policy framework that addresses technology objectives, deployment, privacy protections, records management, data quality, systems security, data retention and purging, access and use of stored data, information sharing, accountability, training, and sanctions for non‐compliance. Agencies should implement safeguards to ensure that technologies will not be deployed in a manner that could violate civil rights (race, religion, national origin, ethnicity, etc.) or civil liberties (speech, assembly, religious exercise, etc.). The policy framework is but one of several critical components in the larger technology planning effort that agencies should undertake to ensure proper and effective use of automation. Universal Principles Given the privacy concerns and sensitivity of personally identifiable information and other data often captured and used by law enforcement agencies,3 and recognizing evolving perceptions of what constitutes a reasonable expectation of privacy,4 the IACP Technology Policy Framework January 2014 Page 3 technology policy framework should be anchored in principles universally recognized as essential in a democratic society. The following universal principles should be viewed as a guide in the development of effective policies for technologies that can, or have the potential to monitor, capture, store, transmit and/or share data, including audio, video, visual images, or other personally identifiable information which may include the time, date, and geographic location where the data were captured.5 1. Specification of Use—Agencies should define the purpose, objectives, and requirements for implementing specific technologies, and identify the types of data captured, stored, generated, or otherwise produced. 2. Policies and Procedures—Agencies should articulate in writing, educate personnel regarding, and enforce agency policies and procedures governing adoption, deployment, use, and access to the technology and the data it provides. These policies and procedures should be reviewed and updated on a regular basis, and whenever the technology or its use, or use of the data it provides significantly changes. 3. Privacy and Data Quality—The agency should assess the privacy risks and recognize the privacy interests of all persons, articulate privacy protections in agency policies, and regularly review and evaluate technology deployment, access, use, data sharing, and privacy policies to ensure data quality (i.e., accurate, timely, and complete information) and compliance with local, state, and federal laws, constitutional mandates, policies, and practice. 4. Data Minimization and Limitation—The agency should recognize that only those technologies, and only those data, that are strictly needed to accomplish the specific objectives approved by the agency will be deployed, and only for so long as it demonstrates continuing value and alignment with applicable constitutional, legislative, regulatory, judicial, and policy mandates. 5. Performance Evaluation—Agencies should regularly monitor and evaluate the performance and value of technologies to determine whether continued deployment and use is warranted on operational, tactical, and technical grounds. 6. Transparency and Notice—Agencies should employ open and public communication and decision‐making regarding the adoption, deployment, use, and access to technology, the data it provides, and the policies governing its use. When and where appropriate, the decision‐making process should also involve governing/oversight bodies, particularly in the procurement process. Agencies should provide notice, when applicable, regarding the deployment and use of technologies, as well as make their privacy policies available to the public. There are practical and legal exceptions to this principle for technologies that are IACP Technology Policy Framework January 2014 Page 4 lawfully deployed in undercover investigations and legitimate, approved covert operations.6 7. Security—Agencies should develop and implement technical, operational, and policy tools and resources to establish and ensure appropriate security of the technology (including networks and infrastructure) and the data it provides to safeguard against risks of loss, unauthorized access or use, destruction, modification, or unintended or inappropriate disclosure. This principle includes meeting state and federal security mandates (e.g., the FBI’s CJIS Security Policy7), and having procedures in place to respond if a data breach, loss, compromise, or unauthorized disclosure occurs, including whether, how, and when affected persons will be notified, and remedial and corrective actions to be taken.8 8. Data Retention, Access and Use—Agencies should have a policy that clearly articulates that data collection, retention, access, and use practices are aligned with their strategic and tactical objectives, and that data are retained in conformance with local, state, and/or federal statute/law or retention policies, and only as long as it has a demonstrable, practical value. 9. Auditing and Accountability—Agencies and their sworn and civilian employees, contractors, subcontractors, and volunteers should be held accountable for complying with agency, state, and federal policies surrounding the deployment and use of the technology and the data it provides. All access to data derived and/or generated from the use of relevant technologies should be subject to specific authorization and strictly and regularly audited to ensure policy compliance and data integrity. Sanctions for non‐compliance should be defined and enforced. Developing Policies and Operating Procedures The universal principles provide structural guidance for the development of specific agency policies and operating procedures that comport with established constitutional, legal, and ethical mandates and standards. Agency policies and procedures specify the operational components of each individual technology implementation, deployment, and management, and should typically include and address the following factors:9 1. Purpose a. A general discussion of the purpose of a specific agency policy to include the agency’s position on protecting privacy. 2. Policy a. A discussion of the overarching agency policy regarding the deployment and use of a specific technology, its application to members of the agency, and reference to relevant laws, policies, and/or regulations that authorize the agency to implement a technology, or that relate to the use and deployment of a technology. 3. Definitions IACP Technology Policy Framework January 2014 Page 5 a. A description of the technology, its components, and functions. b. Definitions and acronyms associated with the technology. 4. Management a. Strategic Alignment: Describe how the technology aligns and furthers the agency’s strategic and tactical deployment objectives. b. Objectives and Performance: Identify objectives for the deployment and conditions for use of a technology, and a general strategy for assessing performance and compliance with the agency’s policy. c. Ownership: Clearly specify that the hardware and software associated with the technology is the property of the agency, regardless whether it has been purchased, leased, or acquired as a service, and that all deployments of a technology are for official use only (FOUO). All data captured, stored, generated, or otherwise produced by a technology are the property of the agency, regardless where the data are housed or stored. All access, use, sharing, and dissemination of the data must comply with the policies established and enforced by the agency. d. Classification of Data: Clearly specify the data classification and its level of sensitivity (e.g., top secret, secret, confidential, restricted, unclassified, private, public, etc.), whether the data captured, stored, generated, or otherwise produced by a technology are considered public information, and whether it is subject to applicable public records act requests and under what circumstances. e. Privacy Impact: Develop or adopt and use a formal privacy impact assessment (PIA)10 or similar agency privacy assessment on technology and the data it captures, stores, generates, or otherwise produces. 5. Operations a. Installation, Maintenance, and Support: Require regular maintenance, support, upgrades, calibration, and refreshes of a technology to ensure that it functions properly. b. Deployment: Identify who is authorized to officially approve the deployment and use of a technology, and the conditions necessary for deployment and use, if applicable. c. Training: Require training, and perhaps certification or other documented proficiency, if applicable, of all personnel who will be managing, maintaining, and/or using a technology. Training should also cover privacy protections on the use of the technology, and the impact and sanctions for potential violations. d. Operational Use: Identify specific operational factors that must be addressed in deployment and use of a technology. (For example, for ALPR, the officer should i) verify that the system has correctly “read” the license plate characters; ii) verify the state of issue of the license plate; iii) verify that the “hot list” record that triggered the alert is still active in the state or NCIC stolen vehicle or other file, and confirm the IACP Technology Policy Framework January 2014 Page 6 hit with the entering agency; and iv) recognize that the driver of the vehicle may not be the registered owner). e. Recordkeeping: Require recordkeeping practices that document all deployments of the technology, including who authorized the deployment; how, when, and where the technology was deployed; results of deployments; and any exceptions. Recordkeeping will support efforts to properly manage technology implementation, ensure compliance with agency policies, enable transparency of operations, enable appropriate auditing review, and help document business benefits realization. 6. Data Collection, Access, Use, and Retention a. Collection: Define what data will be collected, how data will be collected, the frequency of collection, how and where data will be stored, and under what authority and conditions the data may be purged, destroyed, or deleted in compliance with applicable local, state, and/or federal recordkeeping statutes and policies, court orders, etc. Identify the destruction/deletion methods to be used. b. Access and Use: Define what constitutes authorized use of data captured, stored, generated, or otherwise produced by a technology. Define who is authorized to approve access and use of the data, for what purposes and under what circumstances. c. Information Sharing: Specify whether data captured, stored, generated, or otherwise produced by a technology can be shared with other agencies, under what circumstances, how authorization is provided, how information that is shared is tracked/logged, how use is monitored, and how policy provisions (including privacy) will be managed and enforced. Any agency contributing and/or accessing shared information should be a signatory of a data sharing Memorandum of Understanding (MOU). Dissemination of any shared information should be governed by compliance with applicable state and federal laws, standards, agency privacy policies, and procedures as agreed in the MOU. d. Security: Define information systems security requirements of the technology and access to the data to ensure the integrity of the systems and confidentiality of the data. The security policy should address all state and federal mandated security policies, and clearly address procedures to be followed in the event of a loss, compromise, unauthorized access or use, destruction, modification, or unintended or inappropriate disclosure of data, including how and when affected persons will be notified, and remedial and corrective actions to be taken. e. Data Retention and Use: Establish data retention schedules in accordance with state or federal law or policy, access privileges, purge, IACP Technology Policy Framework January 2014 Page 7 and deletion criteria for all data captured, stored, generated, or otherwise produced by a technology. Agencies should consider differentiating between data that are part of an ongoing or continuing investigation and information that is gathered and retained without specific suspicion or direct investigative focus. Agencies may wish to limit the retention of general surveillance data. Empirical research assessing the performance of a technology may assist in determining an appropriate retention schedule. 7. Oversight, Evaluation, Auditing, and Enforcement a. Oversight: Establish a reporting mechanism and a protocol to regularly monitor the use and deployment of a technology to ensure strategic alignment and assessment of policy compliance. b. Evaluation: Regularly assess the overall performance of a technology so that it can i) identify whether a technology is performing effectively, ii) identify operational factors that may impact performance effectiveness and/or efficiency, iii) identify data quality issues, iv) assess the business value and calculate return on investment of a technology, and v) ensure proper technology refresh planning. c. Auditing: Audit all access to data captured, stored, generated, or otherwise produced by a technology to ensure that only authorized users are accessing the data for legitimate and authorized purposes, and establish regular audit schedules. d. Enforcement: Establish procedures for enforcement if users are suspected of being or have been found to be in noncompliance with agency policies. Conclusion Realizing the value that technology promises law enforcement can only be achieved through proper planning, implementation, training, deployment, use, and management of the technology and the information it provides. Like all resources and tools available to law enforcement, the use of new technologies must be carefully considered and managed. Agencies must clearly articulate their strategic goals for the technology, and this should be aligned with the broader strategic plans of the agency and safety needs of the public. Thorough and ongoing training is required to ensure that the technology performs effectively, and that users are well versed in the operational policies and procedures defined and enforced by the agency. Policies must be developed and strictly enforced to ensure the quality of the data, the security of the system, compliance with applicable laws and regulations, and the privacy of information gathered. Building robust auditing requirements into agency policies will help enforce proper use of the system, and reassure the public that their privacy interests are recognized and protected. The development of these policies is a proven way for executives to ensure they are taking full advantage of technology to assist in providing the best criminal justice services, while protecting the privacy, civil rights, and civil liberties of citizens. IACP Technology Policy Framework January 2014 Page 8 1 This Technology Policy Framework was developed by an ad‐hoc committee of law enforcement executives and subject matter experts representing IACP Divisions, Committees, Sections, the IACP National Law Enforcement Policy Center, and other organizations and groups, including the Criminal Intelligence Coordinating Council, Major Cities Chiefs Association, National Sheriffs’ Association, Major County Sheriffs’ Association, Association of State Criminal Investigative Agencies, the Institute for Intergovernmental Research (IIR), the Integrated Justice Information Systems (IJIS) Institute, and federal partners. 2 The American Civil Liberties Union (ACLU) recently released two reports addressing law enforcement technologies—ALPR and body‐worn video. Both reports discuss the value of the technology to law enforcement operations and investigations, and both call for policies addressing deployment, operations, data retention, access, and sharing. Catherine Crump, You are Being Tracked: How License Plate Readers Are Being Used to Record Americans’ Movements, (New York: ACLU, July 2013), at https://www.aclu.org/technology‐and‐liberty/you‐are‐being‐ tracked‐how‐license‐plate‐readers‐are‐being‐used‐record, and Jay Stanley, Police Body‐Mounted Cameras: With Right Policies in Place, a Win for All, (New York: ACLU, October 2013), at https://www.aclu.org/technology‐and‐liberty/police‐body‐mounted‐cameras‐right‐policies‐ place‐win‐all. Also see, Massachusetts Senate Bill S.1648, An Act to Regulate the Use of Automatic License Plate Reader Systems, Cynthia S. Creem, Sponsor, at https://malegislature.gov/Bills/188/Senate/S1648; Cynthia Stone Creem and Jonathan Hecht, “Check it, then chuck it,” The Boston Globe, December 20, 2013, at http://www.bostonglobe.com/opinion/2013/12/20/podium‐ license/R1tKQerV0YAPLW6VCKodGK/story.html; Shawn Musgrave, “Boston Police halt license scanning program,” The Boston Globe, December 14, 2013, at http://www.bostonglobe.com/metro/2013/12/14/boston‐police‐suspend‐use‐high‐tech‐ licence‐plate‐readers‐amid‐privacy‐concerns/B2hy9UIzC7KzebnGyQ0JNM/story.html; Ashley Luthern and Kevin Crowe, “Proposed Wisconsin bill would set rules for license‐plate readers,” Milwaukee Journal Sentinel, December 3, 2013, at http://www.jsonline.com/news/milwaukee/proposed‐wisconsin‐bill‐would‐set‐rules‐for‐license‐ plate‐readers‐b99155494z1‐234324371.html; Dash Coleman, “Tybee Island abandons license plate scanner plans,” Savannah Morning News, December 3, 2013, at http://savannahnow.com/news/2013‐12‐02/tybee‐island‐abandons‐license‐plate‐scanner‐ plans#.UqCAy8RDuN0; Kristian Foden‐Vencil, “Portland police are collecting thousands of license plate numbers every day,” Portland Tribune, December 3, 2013, at http://portlandtribune.com/pt/9‐news/203130‐portland‐police‐are‐collecting‐thousands‐of‐ license‐plate‐numbers‐every‐day; Alicia Petska, “City Council split over how to handle license plate reader concerns,” The News & Advance, (Lynchburg, VA), November 12, 2013, at http://www.newsadvance.com/news/local/article_5327dc78‐4c18‐11e3‐bc28‐ 001a4bcf6878.html; Jonathan Oosting, “Proposal would regulate license plate readers in Michigan, limit data stored by police agencies,” MLive, (Lansing, MI), September 9, 2013, at http://www.mlive.com/politics/index.ssf/2013/09/proposal_would_regulate_licens.html; Katrina Lamansky, “Iowa City moves to ban traffic cameras, drones, and license plate recognition,” WQAD, June 5, 2013, at http://wqad.com/2013/06/05/iowa‐city‐moves‐to‐ban‐ traffic‐cameras‐drones‐and‐license‐plate‐recognition/; Richard M. Thompson, II, Drones in Domestic Surveillance Operations: Fourth Amendment Implications and Legislative Responses, (Washington, DC: Congressional Research Service, April 3, 2013), at http://www.fas.org/sgp/crs/natsec/R42701.pdf; Somini Sengupta, “Rise of Drones in U.S. Drives IACP Technology Policy Framework January 2014 Page 9 Efforts to Limit Police Use,” New York Times, February 15, 2013, at http://www.nytimes.com/2013/02/16/technology/rise‐of‐drones‐in‐us‐spurs‐efforts‐to‐limit‐ uses.html?pagewanted=all; Stephanie K. Pell and Christopher Soghoian, “Can You See Me Now? Toward Reasonable Standards for Law Enforcement Access to Location Data That Congress Could Enact,” Berkeley Technology Law Journal, Vol. 27, No. 1, pp. 117‐196, (2012), at http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1845644; and Stephen Rushin, “The Legislative Response to Mass Police Surveillance,” 79 Brooklyn Law Review 1, (2013), at http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2344805. All accessed December 30, 2013. 3 Personally identifiable information (PII) has been defined as “…any information about an individual maintained by an agency, including (1) any information that can be used to distinguish or trace an individual’s identity, such as name, Social Security number, date and place of birth, mother’s maiden name, or biometric records; and (2) any other information that is linked or linkable to an individual, such as medical, educational, financial, and employment information.” Government Accountability Office (GAO), Privacy: Alternatives Exist for Enhancing Protection of Personally Identifiable Information, (Washington, D.C.: GAO, May 2008), p. 1, at http://www.gao.gov/new.items/d08536.pdf. McCallister, et. al., define “linked” information as “information about or related to an individual that is logically associated with other information about the individual. In contrast, linkable information is information about or related to an individual for which there is a possibility of logical association with other information about the individual.” Erika McCallister, Tim Grance, and Karen Scarfone, Guide to Protecting the Confidentiality of Personally Identifiable Information (PII): Recommendations of the National Institute of Standards and Technology, (Gaithersburg, MD: NIST, April 2010), p. 2‐1, at http://csrc.nist.gov/publications/nistpubs/800‐122/sp800‐122.pdf. McCallister, et. al., go on to describe linked and linkable information: “For example, if two databases contain different PII elements, then someone with access to both databases may be able to link the information from the two databases and identify individuals, as well as access additional information about or relating to the individuals. If the secondary information source is present on the same system or a closely‐related system and does not have security controls that effectively segregate the information sources, then the data is considered linked. If the secondary information source is maintained more remotely, such as in an unrelated system within the organization, available in public records, or otherwise readily obtainable (e.g., internet search engine), then the data is considered linkable.” Id. Both accessed December 30, 2013. 4 Justice Harlan first articulated a “constitutionally protected reasonable expectation of privacy” in Katz v. United States, 389 U.S. 347 (1967), at 361. Justice Harlan’s two‐fold test is “first that a person have exhibited an actual (subjective) expectation of privacy and, second, that the expectation be one that society is prepared to recognize as ‘reasonable.’” Id. Many of the technologies being deployed by law enforcement capture information that is publicly exposed, such as digital photographs and video of people and vehicles, or vehicle license plates in public venues (i.e., on public streets, roadways, highways, and public parking lots), and there is little expectation of privacy. “A person traveling in an automobile on public thoroughfares has no reasonable expectation of privacy in his movements from one place to another.” United States v. Knotts, 460 U.S. 276 (1983), at 281. Law enforcement is free to observe and even record information regarding a person’s or a vehicle’s movements in public venues. The U.S. Supreme Court, however, has ruled that the electronic compilation of otherwise publicly available but IACP Technology Policy Framework January 2014 Page 10 difficult to obtain records alters the privacy interest implicated by disclosure of that compilation. U.S. Department of Justice v. Reporters Committee for Freedom of the Press, 489 U.S. 749 (1989). Automation overwhelms what the Court referred to as the practical obscurity associated with manually collecting and concatenating the individual public records associated with a particular person into a comprehensive, longitudinal criminal history record. “…[T]he issue here is whether the compilation of otherwise hard‐to‐obtain information alters the privacy interest implicated by disclosure of that information. Plainly there is a vast difference between the public records that might be found after a diligent search of courthouse files, county archives, and local police stations throughout the country and a computerized summary located in a single clearinghouse of information.” Id., at p. 764. This has subsequently been referred to as the “mosaic theory” of the Fourth Amendment. United States v. Maynard, 615 F.3d 544 (D.C. Cir.) (2010). See also, Orin Kerr, “The Mosaic Theory of the Fourth Amendment,” Michigan Law Review, Vol. 111, p. 311, (2012), at http://www.michiganlawreview.org/assets/pdfs/111/3/Kerr.pdf. Accessed December 30, 2013. 5 These universal principles largely align with the Fair Information Practices (FIPs) first articulated in 1973 by the Department of Health, Education & Welfare (HEW). HEW, Records, Computers and the Rights of Citizens, July 1973, at http://epic.org/privacy/hew1973report/default.html. See, Robert Gellman, Fair Information Practices: A Basic History, Version 2.02, November 11, 2013, at http://bobgellman.com/rg‐ docs/rg‐FIPShistory.pdf. Comparable principles have been articulated by various governmental agencies, including the U.S. Department of Homeland Security, (Hugo Teufel, III, Privacy Policy Guidance Memorandum, Number: 2008‐01, (Washington, DC: DHS, December 29, 2008), pp. 3‐4, at http://www.dhs.gov/xlibrary/assets/privacy/privacy_policyguide_2008‐01.pdf); the Home Office in the United Kingdom (Home Office, Surveillance Camera Code of Practice, (London, UK; The Stationery Office, June 2013), pp 10‐11, at https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/204775/Surve illance_Camera_Code_of_Practice_WEB.pdf); and the Information and Privacy Commissioner of Ontario, Canada (Ann Cavoukian, Guidelines for the Use of Video Surveillance Cameras in Public Places, (Ontario, Canada: Information and Privacy Commissioner of Ontario, September 2007), pp. 5‐6, at: http://www.ipc.on.ca/images/Resources/up‐3video_e_sep07.pdf, and Ann Cavoukian, Privacy and Video Surveillance in Mass Transit Systems: A Special Investigative Report (Privacy Investigation Report MC07‐68), (Ontario, Canada: Information and Privacy Commissioner of Ontario, March 3, 2008), p 3, at: http://www.ipc.on.ca/images/Findings/mc07‐ 68‐ttc_592396093750.pdf). Also see, National Research Council, Protecting Individual Privacy in the Struggle Against Terrorists: A Framework for Program Assessment, (The National Academies Press: Washington, D.C., 2008), at http://nap.edu/catalog.php?record_id=12452. All accessed December 30, 2013. 6 Law enforcement is not, for example, expected to notify the subjects of lawfully authorized wiretaps that their conversations are being monitored and/or recorded. These deployments, however, are typically subject to prior judicial review and authorization. See, e.g., Katz v. United States, 389 U.S. 347 (1967); Berger v. New York, 388 U.S. 41 (1967); Title III, Omnibus Crime Control and Safe Streets Act of 1968, 18 U.S.C. §§ 2510‐2522, as amended by the Electronic Communications Privacy Act of 1986. IACP Technology Policy Framework January 2014 Page 11 7 Federal Bureau of Investigation, Criminal Justice Information Services (CJIS) Security Policy, Version 5.2, August 9, 2013, CJISD‐ITS‐DOC‐08140‐5.2, at http://www.fbi.gov/about‐ us/cjis/cjis‐security‐policy‐resource‐center/view. Accessed December 30, 2013. 8 Additional guidance regarding safeguarding personally identifiable information can be found in the Office of Management and Budget (OMB) Data Breach notification policy (M‐07‐ 16), at http://www.whitehouse.gov/sites/default/files/omb/memoranda/fy2007/m07‐16.pdf, and state data breach notification laws available from the National Conference of State Legislatures, at http://www.ncsl.org/research/telecommunications‐and‐information‐ technology/security‐breach‐notification‐laws.aspx. Accessed December 30, 2013. 9 See, e.g., International Association of Chiefs of Police, Model Policy: License Plate Readers, August 2010 http://iacppolice.ebiz.uapps.net/personifyebusiness/OnlineStore/ProductDetail/tabid/55/Defau lt.aspx?ProductId=1223; Paula T. Dow, Attorney General, Directive No. 2010‐5, Law Enforcement Directive Promulgating Attorney General Guidelines for the Use of Automated License Plate Readers (ALPRs) and Stored ALPR Data, (Trenton, NJ: Office of the Attorney General, December 3, 2010), at http://www.state.nj.us/oag/dcj/agguide/directives/Dir‐2010‐5‐ LicensePlateReadersl‐120310.pdf; Office of the Police Ombudsman, 2011 Annual Report: Attachment G: Body‐Worn Video & Law Enforcement: An Overview of the Common Concerns Associated with Its Use, (Spokane, WA: Spokane Police Ombudsman, February 20, 2012), at http://www.spdombudsman.com/wp‐content/uploads/2012/02/Attachment‐G‐Body‐Camera‐ Report.pdf; ACLU, Model Policy: Mobile License Plate Reader (LPR) System, (Des Moines, IA: ACLU, September 19, 2012), at http://www.aclu‐ia.org/iowa/wp‐ content/uploads/2012/09/Model‐ALPR‐Policy‐for‐Iowa‐Law‐Enforcement.pdf. Many of these policy elements are also addressed in the National Research Council’s report, op. cit., specifically in chapter 2, “A Framework for Evaluating Information‐Based Programs to Fight Terrorism or Serve Other Important National Goals,” at pp. 44‐67. All accessed December 30, 2013 10 A privacy impact assessment (PIA) is “a systematic process for evaluating the potential effects on privacy of a project, initiative or proposed system or scheme.” Roger Clarke, “Privacy Impact Assessment: Its Origins and Development,” Computer Law & Security Review, 25, 2 (April 2009), pp. 125‐135, at http://www.rogerclarke.com/DV/PIAHist‐08.html. Law enforcement agencies should consider using the Global Advisory Committee’s Guide to Conducting Privacy Impact Assessments for State, Local, and Tribal Justice Entities at https://it.ojp.gov/gist/47/Guide‐to‐Conducting‐Privacy‐Impact‐Assessments‐for‐State‐‐Local‐‐ and‐Tribal‐Justice‐Entities. This resource leads policy developers through appropriate privacy risk assessment questions that evaluate the process through which PII is collected, stored, protected, shared, and managed by an electronic information system or online collection application. The IACP published Privacy Impact Assessment Report for the Utilization of License Plate Readers, (Alexandria, VA: IACP, September 2009), at http://www.theiacp.org/Portals/0/pdfs/LPR_Privacy_Impact_Assessment.pdf. For a list of PIAs completed by the U.S. Department of Justice, see http://www.justice.gov/opcl/pia.htm; Department of Homeland Security, see https://www.dhs.gov/privacy‐office‐privacy‐impact‐ assessments‐pia. All accessed December 30, 2013. 1 State of Surveillance in California – Findings & Recommendations January 2015 Executive Summary In the wake of revelations about the National Security Agency’s rampant warrantless spying and local law enforcement’s use of military equipment in cities like Ferguson, Missouri, community members have been regularly contacting the ACLU with concerns about the proliferation of surveillance. Cities and counties have also increasingly reached out for guidance about how to approach the use of surveillance in ways consistent with civil liberties and civil rights. Yet very little information exists about surveillance technology in California or how to properly consider its acquisition or use. To address this, the ACLU of California conducted a first-of-its-kind assessment of surveillance technology in the state. We also released a new resource guide, Making Smart Decisions About Surveillance: A Guide for Communities, and developed a model ordinance designed to help policymakers ensure adequate transparency, oversight, and accountability.1 The following document summarizes our findings about the state of surveillance in California and recommends several ways that the Attorney General and other state policymakers could take action to help address the widespread lack of transparency, oversight, and accountability for surveillance technology in California. Methodology and Summary of Surveillance Survey Findings From June to November 2014, the ACLU of California2 examined thousands of publicly available3 records for California’s 58 counties and 60 selected cities.4 We researched the types of surveillance technology in communities, including automated license plate readers (ALPRs), 5 body cameras,6 drones,7 facial recognition,8 “Stingrays,” 9 and video surveillance.10 We investigated how much money has been spent to acquire and maintain surveillance technology and the source of those funds. We also examined any public processes in place to provide for transparency, oversight, and accountability for surveillance technology’s acquisition and use. What we discovered raised a number of significant concerns. Across the state, there is widespread proliferation of surveillance, with at least 90 communities (40 counties, 50 cities) possessing some form of surveillance technology. Vast sums of money are being spent on surveillance, including over $65 million in publicly available figures, a significant portion of which is federal grant dollars. While some communities are taking important steps to thoroughly consider surveillance technology and develop plans to promote public safety and safeguard citizen rights, we discovered that even basic transparency, oversight, and accountability has become the exception, not the rule. Many California communities lack the 2 guidance to make smart decisions about surveillance and are moving forward without public conversation, careful consideration of the costs and benefits, or adequate policies in place to prevent misuse and safeguard rights. There is Widespread Proliferation of Surveillance Technology in California California communities have acquired and deployed a wide array of surveillance technologies. Our research uncovered at least 90 California communities (40 counties, 50 cities) in possession of various surveillance technologies.11 Video cameras are the most common form of surveillance technology in California - more than half of the cities and counties we examined have acquired them. ALPRs are a close second - 57 of the 118 counties and cities in our survey possess such devices.12 Finally, at least 32 California communities had body cameras as of November 2014.13 Local law enforcement agencies are also acquiring newer, more powerful technologies like drones and Stingray cell phone tracking devices that can facilitate other forms of surreptitious surveillance.14 At least 3 communities (San Jose and Los Angeles and Alameda Counties) have acquired drones for law enforcement purposes. Information about Stingray purchases was nearly impossible to locate, yet we know from reporting and our research that they exist in at least 10 different communities, including Los Angeles, Oakland, San Jose, San Francisco, San Diego and Sacramento.15 While a lack of publicly available information about drones and Stingrays makes it difficult to discover which localities possess these tools and the legal basis for their use, it may be that other communities are either considering or already have these technologies as well. Vast Sums of Money is Being Spent on Surveillance Technology We found publicly available evidence documenting more than $65 million dollars in spending on surveillance technology in California. We identified over $20 million of spending on video surveillance alone.16 These funds come from multiple sources, including local,17 state,18 and federal funding streams.19 Law enforcement agencies have also obtained surveillance funding from private sources such as police foundations,20 asset forfeiture proceeds,21 and other jurisdictions22 (LAPD received its two drones from Seattle police).23 Federal dollars are a very common source of funding for California’s surveillance technology. Federal funds constituted roughly 40 percent of the surveillance programs we examined with identifiable funding sources. Numerous localities have used federal funds to buy everything from automated license plate readers24 to facial recognition technology.25 Federal funds were also originally earmarked for San Jose’s drone purchase.26 In California, these federal funds are typically administered under programs operated by the Department Homeland Security Grant Programs that include the Urban Areas Security Initiative (UASI) and the Port Security Grant Program (PSGP). The California Emergency Management Association (CalEMA) also manages federal surveillance grants to local governments.27 Yet with all of the funding we found for the acquisition of these technologies, surveillance technology’s post-acquisition costs, including maintenance, replacement, staffing, and training were often not accounted for or reported in publicly available materials. We did not find a single surveillance program that was preceded by a comprehensive cost-benefit analysis that included information about current and future costs and an analysis of the potential impact on civil 3 liberties and civil rights. It is clear from the few public records that we located that these ongoing costs can be substantial. For example, Clovis was spending at least $60,000 in maintenance costs for its network of video surveillance cameras by 201128 and Richmond was spending $300,000 annually for maintenance by 2013.29 Because our research was based solely on publicly available information about surveillance, the spending data noted is almost certainly just the tip of the iceberg. Very little information is easily and publicly accessible about local surveillance technology acquisitions. For example, although public records reflect that Riverside acquired ALPR units in 2011, the ACLU was unable to locate any other documents concerning the acquisition, funding or policies concerning these ALPR units.30 Basic Transparency, Accountability and Oversight Is the Exception for Surveillance Technology in California, Not the Rule Surveillance technology is often purchased without adequate community engagement Our research also revealed that communities in California are also acquiring surveillance technology without first adequately engaging the public.31 And when information about surveillance technology is included in public documents at some point in the process, it may include language so vague that it is difficult for the public and even some policymakers to understand what is being considered and know to voice concern. Community members were surprised to learn in 2014 about drone purchases in San Jose and Alameda County. In San Jose, the relevant city council meeting agenda only specified that the police and fire departments had sought authorization to receive $983,000 from the federally funded Bay Area Urban Areas Security Initiative.32 The public did not learn about the purchase until months later when ACLU researchers discovered attached agenda documents with earmarked funds for an “unmanned aerial vehicle.” 33 There was immediate public outrage at this “secret” purchase.34 The police soon apologized and have now initiated a public process to consider the potential use of the drone.35 Unfortunately, this trend continues - in late 2014, the Alameda County Sheriff simply announced that he had bought two drones, providing no public notice despite the fact that widespread local concerns sidelined a similar proposal in 2012.36 The purchase of invasive Stingray cell phone surveillance technology is another area where policymakers and the public appear to also be left in the dark. When Sacramento County approved over $300,000 dollars in funding for what the ACLU believes to be Stingray equipment, the only information provided in public records was that law enforcement was seeking “wireless tracking equipment.” 37 In San Jose public documents, over $300,000 in funding for what the ACLU also suspects to be Stingray technology was referred to as “law enforcement surveillance technology equipment.” 38 Public debate is rare and late in the process Our research found that adequate public debate over surveillance technology is rare and if it happens at all, is very late in the process. We found evidence of public debate about the acquisition of surveillance technology for less than 15% of the programs we tracked. None of the 52 communities we identified with two or more surveillance technologies publicly debated every 4 technology.39 For more than 100 of the 180 surveillance technology programs we identified in publicly available records, we either could not locate evidence of a public hearing or approval was via consent calendar. Consent calendar items are typically designated as routine in nature, are intended to have no discussion, and are often approved en masse with a single vote. We found only two occasions where surveillance technology proposals were removed from the consent calendar to entertain public debate: for body cameras in Fresno,40 and for a mounted infrared video-surveillance camera and microwave transmission system in San Diego County.41 Even where there are public records disclosing the consideration or acquisition of a surveillance program, they are often incomplete, lacking basic information about the technology involved, costs, or potential impact on civil liberties. The result is that policymakers may not have the information they need to make an informed decision. For example, after the Santa Cruz City Council approved the use of federal funds to purchase ALPRs for the police department, one councilmember was asked what effect the scanners might have on on community members, he replied, “I don’t know enough about the technology.” 42 Another was unaware of privacy issues, admitting, “I was asleep at the wheel. The council didn’t get much correspondence about the potential for the erosion of civil rights that these kinds of devices can cause…. If I’d been better informed about [the ALPRs] I may have voted against the purchase….” 43 We also found that the timing of any public debate and policymaker approval is often late in the process – after law enforcement agencies apply and obtain funding for surveillance technology rather than before. The Santa Clara County Sheriff was awarded $489,000 by the Urban Areas Security Initiative to purchase facial-recognition software prior to public process before the Santa Clara County Board of Supervisors.44 In Placerville, police obtained a grant for $26,000 in federal funds for a license-plate reader before City Council public process.45 San Rafael police were awarded $33,126 in federal funds for a license-plate reader before public process at the city council.46 Recently, the San Jose police received federal funding approval and earmarked it to purchase a drone prior to public process at the city council.47 While some California communities have taken important steps to ensure a more robust public process, there is a lack of consistency in the process between different surveillance technologies.48 For example, before Ventura acquired a $93,000 video monitoring system, its police department discussed the system’s intended uses with local community councils, addressed residents’ concerns, and explained the proposed internal use restrictions.49 And while San Jose’s acquisition of a drone initially lacked public involvement, when considering acquisition of body cameras the city developed a robust 12-month work plan that included a diverse ad-hoc committee, an assessment of technological needs, and the drafting of a policy for Council consideration.50 Although we could not locate a community with a policy that ensures consistent public engagement and debate for all surveillance technology, members of the board of supervisors in Santa Clara, San Francisco, and Santa Cruz counties have announced plans to introduce separate Surveillance Technology & Community Safety Ordinances. Few surveillance technologies have adequate use policies We found a publicly available use policy for fewer than 1 in 5 surveillance technology programs. None of the 52 communities with two or more surveillance technologies had publicly available use policies for every technology. Many cities had no use policy whatsoever for their surveillance technology – for example, only 3 of the 61 counties and cities we identified using 5 video surveillance had publicly available use policies. The publicly available policies that do exist largely fail to properly address all of the necessary issues including purpose specification, limited use, training, data security, data retention, auditing, and accountability discussed by the Department of Homeland Security Privacy Office, the International Association of Chiefs of Police Technology Policy Framework, or the ACLU of California guide and model ordinance.51 Many policies we looked at appear to be modified templates that do not properly address all of the necessary issues. The City of Alameda’s 2013 proposal for an ALPR policy is a prime example of this.52 Produced by a company called Lexipol, that policy did not place clear limits on the technology’s use, instead directing that the technology be used for “official and legitimate business.” That policy also lacked detail about officer training, meaningful limits on retention or use of ALPR data, and enforceable consequences for violation of the use policy itself. After analyzing the policy last year, the ACLU urged Alameda to delay adoption of ALPR technology until the community revised and improved its use policy.53 Other surveillance programs appear to have no policies in place except for those written by a federally connected fusion center, such as by the South Bay Information Sharing System (SBISS), the Southern California-based Automated Regional Justice Information System (ARJIS), or the Northern California Regional Intelligence Center (NCRIC).54 These policies lack strong protections to prevent against misuse and infringements of constitutionally protected activities.55 For example, NCRIC’s ALPR policy only prohibits monitoring of First Amendment activities where those activities are the sole reason for monitoring. The ARJIS policy lacks a detailed set of acceptable and prohibited uses.56 While NCRIC expressly permits law enforcement agencies to set local retention policies, others, like ARJIS, do not, and once a community decides to share surveillance data with this fusion center, its control over what happens to community members’ data diminishes.57 We also found that few policies have clear and effective enforcement provisions for violations. The need for enforceable policies is illustrated by Oakland’s officer body camera policy, which contains specific directives to officers’ use of the equipment, prohibitions on conduct, and instructions for the storage and access to data. However, Oakland’s policy does not contain a mechanism ensuring its enforcement58 and it appears that Oakland police have repeatedly violated the department’s body camera policy without consequence.59 Not having a proper use policy can also lead to significant legal problems for communities. San Francisco learned this lesson the hard way when it adopted license plate readers without a formal policy that required officers to confirm plate reads visually to safeguard civil rights. In March 2009, an ALPR unit misread the plate of Denise Green, a 47 year-old African American woman, erroneously flagging her burgundy Lexis as a stolen gray truck. The police stopped Green, handcuffed her, and held her at gunpoint while a search took place.60 In early 2014, a federal appeals court authorized a constitutional rights suit by Green against the SFPD, the City, and the patrol officers. While no community has a surveillance use policy in place that comprehensively addresses all of the necessary issues, several community policies have integrated important building blocks that others can replicate. 6 In 2006, the San Francisco Board of Supervisors passed the Community Safety Camera ordinance (CSC).61 The CSC includes a specific purpose for the cameras and limits use of camera data, requires public notice when new cameras are being considered, a public hearing, a vote of the police commission, approval only if benefits outweigh concerns and community support exists, and annual reporting. In 2006, the Fresno Police Department adopted a Video Policing Project Policy and Guidelines Manual.62 This extensive manual describes the system and its purpose, includes guidance and specific prohibitions on racial profiling, details access limits for collected data, addresses primary and secondary uses of data, strictly limits retention of footage, addresses the public’s right of access to footage obtained by the city’s cameras, and requires independent auditing. In 2014, Menlo Park’s City Council passed an ordinance consisting of a use policy for ALPRs and video surveillance.63 This enforceable policy includes provisions setting forth specific prohibited uses of each technology, quarterly auditing of the use and efficacy of ALPR, and constraints on how data can be shared with third parties including the area fusion center, NCRIC. In 2014, a citizens’ committee appointed by the Oakland City Council drafted a proposed policy for the City’s DHS-funded Port Domain Awareness Center (DAC) that places clear limits on allowable uses, provides guidance to operators with regards to constitutionally protected activities, requires comprehensive auditing, and sets forth enforceable consequences for misuse.64 Oversight of surveillance technology after deployment is virtually non-existent Necessary provisions for oversight of surveillance technology after initial use, including audits, fiscal and civil liberties reviews, and evaluation of program efficacy are few and far between. Two programs we found that planned for more than minimal periodic oversight are Fresno’s citywide video-policing program and San Francisco’s Community Safety Camera Program.65 In Fresno, the city council required an annual independent audit of the police department’s citywide, live-feed, video-policing program to ensure that all of the privacy and security guidelines for the system’s use are being followed. 66 The auditor is specifically instructed to report to the city council on police compliance with Fresno’s video-policing policies.67 The first comprehensive audit was completed in 2014 by a former federal judge.68 Fresno Police Chief Jerry Dyer expressed support for the auditing process, saying “I have no doubt the audit will be very helpful to our ongoing video policing operations.”69 San Francisco’s CSC requires that the San Francisco Police Department prepare a report every year on all cameras in the City and County.70 The annual report is designed to assess the cameras’ effectiveness, effect on crime, and to help the community determine whether any changes to the program should be made.71 In 2008, researchers at the University of California, Berkeley, comprehensively evaluated San Francisco’s surveillance cameras. The resulting report found that the existing camera program had not addressed its intended purpose of preventing or reducing violent crime.72 This report informed subsequent public debate amongst the Board of Supervisors regarding a proposal to expand the program.73 7 Finally, Menlo Park’s ALPR and video surveillance ordinance requires NCRIC (the entity that stores the City’s ALPR data) to provide a quarterly report to the city that summarizes the number of license plates captured by the ALPR in the city, how many of those license plates were “hits” (on an active wanted list), the number of inquiries made by Menlo Park personnel along with the justifications for those inquiries, and information on any data retained beyond six months and the reasons for such retention. In November 2014, Menlo Park published its first quarterly ALPR review. The data indicated that only about .05% of the plate reads were “hits,” most of which were false reads.74 Policy Recommendations Surveillance technology is proliferating in California’s communities largely without mechanisms that ensure transparency, accountability, and oversight for its acquisition and use. Local law enforcement lacks clear guidance and direction from state policymakers on how to promote public safety while safeguarding civil liberties and civil rights. As the state’s chief law officer and defender of liberty for Californians, the Attorney General is well-positioned to work to address these growing concerns in a variety of ways: 1. Issue Attorney General Best Practices for Surveillance Technology With growing community concern about policing, the Attorney General should use the opportunity to issue clear guidance to law enforcement in the state about the basic mechanisms for public transparency, accountability, and oversight that should be in place at the earliest stage of the process – when surveillance technology is being considered and well before it is purchased or deployed. Best Practices issues by the Attorney General’s Office would be very helpful to communities throughout California. The ACLU of California’s guide for communities, Making Smart Decisions About Surveillance, and resources also developed by The International Association of Chiefs of Police, Police Executive Research Forum, and the Department of Homeland Security Privacy Office would hopefully all be helpful to the development of Attorney General Best Practices.75 2. Encourage Law Enforcement Support of Local Ordinances The Attorney General could also encourage local law enforcement to support local Surveillance Technology & Community Safety Ordinances and create mechanisms that facilitate consistent transparency, accountability, and oversight at the local level. Policymakers in Santa Clara County, San Francisco County, and Santa Cruz County have already committed to introducing the ordinance, the Oakland Ad Hoc Advisory Committee on Privacy and Data Retention has also recommended its adoption,76 and several other large and small communities throughout California are also considering next steps. Key principles for local ordinances include: Informed Public Debate at Earliest Stage of Process: Public notice, distribution of information about the proposal and public debate prior to seeking funding or otherwise moving forward with surveillance technology proposals. 8 Determination that Benefits Outweigh Costs and Concerns: Local leaders, after facilitating an informed public debate, expressly consider costs (fiscal and civil liberties) and determine that surveillance technology is appropriate or not before moving forward. Thorough Surveillance Use Policy: Legally enforceable Surveillance Use Policy with robust civil liberties, civil rights, and security safeguards approved by policymakers. Ongoing Oversight & Accountability: Proper oversight of surveillance technology use and accountability through annual reporting, review by policymakers and enforcement mechanisms. 3. Support State Legislation to Create Consistent Transparency, Oversight, and Accountability Mechanisms for California Law Enforcement The Attorney General might also consider state legislation that also incorporates these key principles and ensures proper and consistent transparency, oversight, and accountability when surveillance technology is being considered by any California law enforcement entity. 4. Develop & Periodically Issue California State of Surveillance Report The ACLU of California’s extensive research on surveillance in California also highlighted just how difficult it is to identify what is happening in the state. It would be very helpful for the Attorney General to streamline transparency about surveillance in California, both to increase public awareness and facilitate oversight. As a recommendation in Best Practices or a provision in a potential state law, the Attorney General’s Office should consider mechanisms to compile and release regularly-updated information about surveillance technology in the state, including what is being used and where, funding sources, and what processes are in place to provide for transparency, accountability, and oversight. 1 The Making Smart Decisions About Surveillance guide, an interactive map of findings, and additional resources are available at https://www.aclunc.org/smartaboutsurveillance. 2 Thank you to legal researchers Matt Cagle, Thomas Mann Miller, Molly Caldwell, Tony Huynh, Lauren Harriman, and Leighanna Mixter. 3 For purposes of this document, “publicly available” information is that which a resident with Internet access could obtain online without the assistance of a request under the California Public Records Act. Our search included but was not limited to publicly available agendas, minutes, and staff reports of city councils and county boards of supervisors; documents of regional quasigovernmental entities; government statements; and news reports. 4 We researched the following California cities: Anaheim, Bakersfield, Beverly Hills, Burbank, Blythe, Chico, Chula Vista, Clovis, Concord, East Palo Alto, El Centro, Elk Grove, Escondido, Eureka, Fontana, Fremont, Fresno, Gilroy, Glendale, Hayward, Huntington Beach, Inglewood, Irvine, Long Beach, Los Angeles, Martinez, Merced, Menlo Park, Modesto, Moreno Valley, Napa, Oakland, Oceanside, Ontario, Oxnard, Pasadena, Placerville, Rancho, Cucamonga, Redding, Redlands, Richmond, Riverside, Roseville, Sacramento, Salinas, San Bernardino, San Diego, San Jose, San Rafael, Santa Ana, Santa Clara, Santa Cruz, Santa Maria, Santa Monica, Santa Rosa, Stockton, Turlock, Ukiah, Vallejo, Ventura, Visalia, Yuba City. 5 Automated license plate readers are sophisticated camera systems mounted to police cars or light posts that scan license plates that come into view. They are often used to look for vehicles of interest, such as stolen cars, but in the process may record the time and place of all vehicles that drive by. 6 Body cameras are small cameras worn by police that record audio and video. These cameras can record everything from typical public interactions with police to sounds and images at rallies or even lewd banter in a squad car. Some body cameras are always on, others are controlled by the wearer. 9 7 Drones are unmanned aerial vehicles that may carry cameras, microphones, or other sensors or devices. Drones range from small “quadcopters” that can maneuver near ground level to high-altitude planes with extremely powerful cameras. Often quieter than traditional aircraft, drones are capable of surreptitious surveillance. 8 Facial recognition is software that identifies a person in photos or videos based on various characteristics of the person’s face. Facial recognition software may be applied to photos or videos captured by an array of devices or contained in government databases. 9 “Stingrays,” or International Mobile Subscriber Identity (“IMSI”) Catchers are devices that emulate a cell phone tower in order to interact with nearby cell phones. Stingrays identify nearby devices, operate in a dragnet fashion that affects every phone in range, and can also be configured to intercept and capture the contents of communications including calls, text messages, or Internet activity. 10 Video surveillance camera systems that allow the remote observation or recording of activity in public spaces. Video feeds may be actively monitored in hopes of spotting crime as it happens or recorded for potential investigations or prosecutions. 11 A summary of the ACLU of California’s surveillance findings is located at the following URL: http://www.aclunc.org/surveillancemap. 12 We located approximately $7.8 million in funding allocated for automated license plate readers. 13 We located approximately $8.2 million in funding allocated for officer body cameras. 14 See Jennifer Valentino-Devries, 'Stingray' Phone Tracker Fuels Constitutional Clash, Wall Street Journal, Sept. 22, 2011, available at: http://www.wsj.com/articles/SB10001424053111904194604576583112723197574. 15 We located publicly available information suggesting the following localities possess Stingrays: San Bernardino, Los Angeles Police Department, Los Angeles Sheriff Department, Oakland Police Department, San Jose Police Department, San Francisco Police Department, San Diego Police Department, San Diego County, Sacramento Police Department, and the Sacramento County Sheriff’s Department. 16 We located approximately $21.5 million in funding allocated for video surveillance technology. Cities have spent the most local money on video surveillance programs, totaling almost $10 million across 12 cities. Fresno spent over $3 million on its live-feed cameras between 2006 and 2013, and has resorted to staffing the cameras with volunteers, rather than sworn officers as originally intended. Oliver Wanger, “Video Policing Unit Audit” (Nov. 30, 2013), 3–6, available at http://www.wjhattorneys.com/assets/files/VPU-Audit-00449144.pdf and https://s3.amazonaws.com/s3.documentcloud.org/documents/1003257/wanger-report.pdf ($870,000 in 2007, $1,016,477.95 in 2008, $547,803 in 2009, $124,200 in 2010, $103,600 in 2011, $111,400 in 2012, $148,320 in 2013, and $135,200 in 2014, totaling $3,057,000.95). Richmond and the Port of Richmond spent $4 million on 34 CCTV cameras in “high-crime” Richmond neighborhoods and 79 cameras at the Port of Richmond, in 2007. Richmond City Council, Meeting Minutes (July 31, 2007), 1–2, available at http://www.ci.richmond.ca.us/ArchiveCenter/ViewFile/Item/1253 (the City of Richmond contributed $1,538,244, the Port of Richmond contributed $3,833,279, and the City of Richmond reserved $166,721 for contingencies). Oakland has most likely spent millions of dollars on surveillance cameras, but there is no clear record of total spending. In 2008, Oakland police proposed spending $5.8 million for a wireless mesh system with 20 surveillance cameras and a monitoring center, with expected annual recurring costs of $800,000, and another $1.5 million on cameras around public schools. Oakland currently has 35 CCTV cameras and 40 live-feed cameras in the city, 135 cameras at the Oakland Coliseum complex, and over 700 cameras around public schools. Memo from Wayne Tucker, Chief of Police, to the Office of the City Administrator, regarding a report on crime fighting strategies to the Public Safety Committee (Jul. 8, 2008), at 1, Port of Oakland, Board of Port Commissioners Meeting Agenda (May 23, 2013), Item 3.1, at 12, available at http://www.portofoakland.com/pdf/about/meetings/2013/boar_shee_130523.pdf. 17 For example, in September 2014 the City of Anaheim allocated over $1.15 million of local funds for the purchase of officer body cameras. The specific source of funds was the Police Dept. 2014/2015 Budget for Civil Liabilities Investigator in the General Fund. See Ana Venagas, Anaheim police officers to wear cameras, OC Register, Sept. 9, 2014, available at http://www.ocregister.com/articles/cameras-634334-video-police.html; see also http://www.anaheim.net/docs_agend/questys_pub//MG47522/AgendaFrame.htm; http://www.anaheim.net/docs_agend/questys_pub//MG47522/AS47561/AS47565/AI47816/DO47817/DO_47817.pd f. 18 For example, video surveillance in Roseville was paid for in part with CA Prop. 1b funds. http://roseville.granicus.com/MetaViewer.php?view_id=2&clip_id=2358&meta_id=88314 19 For example, the Department of Homeland Security (DHS) funneled $35,546,960 to local governments in the Bay Area as part of the Urban Area Security Initiative (UASI) between May 1, 2012, and November 30, 2013. From those funds, Oakland received $1,200,730 during that period, San Jose received $1,548,879, Santa Clara County 10 received $4,143,890, and Santa Cruz received $345,800, totaling $7,239,299. While not all UASI funds are allocated to surveillance technology, a significant portion are: See Memo from Tristan Levardo, CFO of the Bay Area Urban Area Security Initiative, to the Bay Area Urban Area Security Initiative Approval Authority regarding FY2011 UASI Spending Report (June 12, 2014), available at http://bayareauasi.org/sites/default/files/resources/061214%20Agenda%20Item%207%20FY2011%20UASI%20Spe nding%20Report.pdf; Bay Area Urban Areas Security Initiative, Project Proposal Guidance for Fiscal Year 2015 (Interim) (Sept. 11, 2014), at 9, available at http://bayareauasi.org/sites/default/files/resources/091114%20Agenda%20Item%204%20Appendix%20A%20FY15 %20Project%20Proposal%20Guidance%20%26%20Sample%20Form.pdf (marked draft for Approval Authority review). 20 The Chico Police Department Business Support Team funded a license-plate reader in Chico. See, e.g., Chico City Council, Meeting Minutes (Feb. 19, 2013), Consent Agenda Item 2.2 (unanimously approving donation of license- plate reader from Chico Police Department Business Support Team), available at http://chico- ca.granicus.com/MinutesViewer.php?view_id=2&clip_id=370&doc_id=9db34992-d762-1030-9122-24b3144c4264; 21 Our research uncovered multiple purchases of surveillance technology made with asset forfeiture funds, including officer body cameras in Hayward and El Centro, video surveillance in Santa Barbara and Bakersfield, and ALPRs in Inglewood. See Hayward City Council Agenda, July 1, 2014, available at http://www.hayward-ca.gov/CITY- GOVERNMENT/CITY-COUNCIL-MEETINGS/2014/CCA14PDF/cca070114full.pdf; City of El Centro Council Agenda Report, Oct. 2, 2012, available at http://www.cityofelcentro.org/userfiles/10-02-12%20- %20Item%209%281%29.pdf; City of Santa Barbara City Council Minutes, Sept. 20, 2011, available at http://services.santabarbaraca.gov/cap/MG100814/AS100818/AS100825/AS100826/AI101983/DO102015/DO_102 015.PDF; Gretchen Wenner, Downtown surveillance cameras will bring Big Brother to Bakersfield, The Californian, Aug. 12, 2010, available at http://www.bakersfieldcalifornian.com/local/x1415295660/Downtown- surveillance-cameras-will-bring-Big-Brother-to-Bakersfield ; City of Inglewood Minutes, July 19, 2011, available at http://www.cityofinglewood.org/civica/filebank/blobdload.asp?BlobID=7045; see also Dave Maass, Asset Forfeiture and the Cycle of Electronic Surveillance Funding, Electronic Frontier Foundation, Jan. 16, 2015, https://www.eff.org/deeplinks/2015/01/asset-forfeiture-and-cycle-electronic-surveillance-funding. 22 In February 2014, the Modesto police announced they were sending a surveillance vehicle—called an “Armadillo”—equipped with eight live-feed, wide-angle, high-definition cameras to monitor “high-crime” neighborhoods. There was no decision by local leaders to approve the transfer; the police department had received the vehicle as a donation from neighboring Ceres. Modesto Police Department, Police Armadillo Hits High Crime Areas (Feb. 25, 2014), http://www.ci.modesto.ca.us/newsroom/releases/police/prdetail.asp?ID=1872; Tim Daly, Modesto cops add “armadillo” to force, News 10, Feb. 26, 2014, available at http://www.news10.net/story/news/local/modesto/2014/02/26/modesto-armadillo-police-camera/5848819/. In another example, several Native American tribes funded license-plate readers for the San Diego County Sheriff. 2011 ALPR funding $78,673.25, San Diego County Meeting Agenda, available at http://www.sdcounty.ca.gov/lueg/iglcbc/meetingdocs/4-8-11_IGLCBC_MeetingAgenda.pdf. 23 Joel Rubin, LAPD adds drones to arsenal, says they’ll be used sparingly, LA Times, May 30, 2014, available at http://www.latimes.com/local/lanow/la-me-ln-lapd-adds-drones-to-arsenal-20140530-story.html (“[T]he department announced that it had acquired two "unmanned aerial vehicles" as gifts from the Seattle Police Department.”) 24 Numerous California localities have used federal funding to purchase automated license plate readers and include Chula Vista, Clovis, East Palo Alto, Marin County, Roseville, San Diego, Tulare County, and Elk Grove. 25 See Memo from Assistant Attorney General Regina B. Schofield to Dr. Pamela Scanlon regarding federal funding in the amount of $418,000 for the Automated Regional Justice Information System (ARJIS) which includes a “query system based on facial recognition.” Available at: https://www.eff.org/files/2013/11/07/01_- _tacids_award_letter_2.pdf; see also Jennifer Lynch & Dave Maass, San Diego Gets in Your Face With New Mobile Identification System, Electronic Frontier Foundation, Nov. 7, 2013, https://www.eff.org/deeplinks/2013/11/san- diego-gets-your-face-new-mobile-identification-system. 26 Memo from Larry Esquivel, San Jose Chief of Police, to the Mayor and City Council (Nov. 1, 2013), at 3, available at http://sanjoseca.gov/DocumentCenter/View/23693 (requesting permission to purchase an unmanned aerial vehicle with $8,000 of $354,000 in DHS funding); City of San Jose, City Council Meeting Minutes (Nov. 19, 2013), Item 2.12, at 9, (authorizing execution of agreement with the City and County of San Francisco to accept $983,000 in funding from the Urban Areas Security Initiative); see also Shawn Musgrave, Despite Repeated Denials, San Jose Police Definitely Have a Drone, Vice (July 29, 2014), available at motherboard.vice.com/read/despite-repeated-denials-san-jose-police-definitely-have-a-drone; Robert Salonga, San 11 Jose police drone inflames surveillance-state rumblings, San Jose Mercury News (July 30, 2014), available at http://www.mercurynews.com/crime-courts/ci_26253376/san-jose-surveillance-state-rumblings-inflamed-by-sjpd. 27 For example, the Alameda County Sheriff originally planned to purchase a drone in 2012 with part of a larger $1.2 million grant dispersed through the California Emergency Management Agency. Angela Woodall, Alameda County puts the brakes on purchasing drone, Oakland Tribune, Dec. 4, 2012, available at http://www.mercurynews.com/breaking-news/ci_22122536. 28 City of Clovis, Report to the City Council (Sept. 19, 2011), available at https://www.ci.clovis.ca.us/Portals/0/Documents/CityCouncil/Agendas/2011/20110919/CC-D-1.pdf; see also Demian Bulaw, Future Fuzzy for Government Use of Surveillance Cameras/Still Some Bay Area Cities Hope to Follow Clovis’ Lead, SFGate, July 23, 2006, available at http://www.sfgate.com/news/article/Future-fuzzy-for- government-use-of-public-2515607.php. 29 See City of Richmond, Human Resources Management Dept. Meeting Minutes (Apr. 25, 2013), at 1–3, available at http://www.ci.richmond.ca.us/Archive/ViewFile/Item/5178. 30 ALPR units were mentioned in a community update newsletter, RPD Happenings, available at http://www.riversideca.gov/rpd/community/newsletters/rpd-2011-05.pdf. 31 There are many examples of surveillance technology purchases without public notice or involvement. For example, a 2009 report to the Salinas city council listed a video surveillance system as having been acquired “recently” despite the fact that the ACLU could not locate publicly available City Council records mentioning the initial purchase. Salinas Police Department, 180-day Report to the Community, October 20, 2009, available at http://www.ci.salinas.ca.us/services/police/pdf/180-DayReport-102009.pdf. 32 Matt Bigler, Bay Area's first cop drone sparks worry, outrage from civil-rights group, KCBS Bay Area, http://sanfrancisco.cbslocal.com/2014/11/13/san-jose-police-hear-residents-concerns-about-surveillance-drone/; Thom Jensen, Mike Bott, Is sheriff's department using tracking and data-collecting device without search warrants?, CBS News 10, June 23, 2014, http://www.news10.net/story/news/investigations/2014/06/23/is- sacramento-county-sheriff-dept-using-stingray-to-track-collect-data/11296461/. 32 City of San Jose, City Council Meeting Agenda (Nov. 19, 2013), at 6 (Consent Calendar Item 2.12), available at http://sanjoseca.gov/DocumentCenter/View/23727. 33 When the San Jose City Council gave approval to police to purchase a drone, the description on the city council meeting agenda specified only that the police and fire departments sought authorization to receive $983,000 from the Bay Area Urban Areas Security Initiative. The description provided only a link to a memo from the police and fire chiefs and the budget director with more information about what the funds would be used for, including $8,000 for an unmanned aerial vehicle. See City of San Jose, City Council Meeting Agenda (Nov. 19, 2013), at 6 (Consent Calendar Item 2.12), available at http://sanjoseca.gov/DocumentCenter/View/23727; Memo from Larry Esquivel, San Jose Chief of Police, to the Mayor and City Council (Nov. 1, 2013), at 3, available at http://sanjoseca.gov/DocumentCenter/View/23693 (requesting permission to purchase an unmanned aerial vehicle with $8,000 of $354,000 in DHS funding). 34 Scott Herhold, Big Brother, begone: The San Jose police should get rid of their drone, San Jose Mercury News, Aug. 2, 2014, available at http://www.mercurynews.com/scott-herhold/ci_26264766/big-brother-begone-san-jose- police-should-get; San Jose Peace & Justice Center, Rally Against the Drone! And Militarization of the Police (last accessed Jan. 20, 2015), http://www.sanjosepeace.org/article.php/20141001152838137. 35 Robert Salonga, San Jose: Police apologize for drone secrecy, promise transparency, San Jose Mercury News, Aug. 5, 2014, available at http://www.mercurynews.com/crime-courts/ci_26279254/san-jose-police-apologize- secret-drone-purchase-promise 36 In November 2014 the Alameda County Sheriff purchased two drones with over $97,000 in funds from the county’s Office of Homeland Security and Emergency Services. See Matt O’Brien, Alameda County sheriff buys two drones, Dec. 4, 2014, available at http://www.mercurynews.com/crime-courts/ci_27059034/alameda-county-sheriff- buys-two-drones. 37 Sacramento County, Board of Supervisors Agenda (Nov. 5, 2013), Item 14, available at http://www.agendanet.saccounty.net/sirepub/cache/2/uwdlotm54esv3znz0pwswbzy/1131109042014035517303.htm ; Memo from the Sheriff’s Department to the Sacramento County Board of Supervisors for the Agenda of Nov. 5, 2013, at 2, available at http://www.agendanet.saccounty.net/sirepub/cache/2/uwdlotm54esv3znz0pwswbzy/649263409042014035719458.P DF (spending authorization request includes $300,075 for “Wireless Tracking Equipment”) (in a response to a public-records request from the ACLU of Northern California about documents related to IMSI catchers, Sacramento County returned a document with the same budget line, $300,075, with the description, apparently “Wireless Tracking Equipment,” redacted); Kim Minugh, Sacramento County sheriff acknowledges possession, use 12 of cellphone surveillance technology, Sacramento Bee (Jul. 31, 2014), available at http://www.sacbee.com/2014/07/31/6596112/sacramento-sheriff-acknowledges.html. 38 Memo from Christopher M. Moore, Chief of Police, to the San Jose Mayor and City Council (July 30, 2014), at 3 (requesting authorization to enter into agreement with City and County of San Francisco to allocate UASI funds to San Jose, including $250,000 for “law enforcement surveillance technology equipment”); Agreement Between the City and County of San Francisco and the City of San Jose for the Distribution of FY 2011 UASI Grant Funds (May 1, 2012), at A-3, available at http://www3.sanjoseca.gov/clerk/Agenda/20120821/20120821_0802acon.pdf ($250,000 to purchase “law enforcement surveillance technology equipment”). The equipment number included in the agreement description, AEL#: 13LE-00-SURV, is used by DHS. See Department of Homeland Security, Equipment, Law Enforcement Surveillance, AEL / SEL Number 13LE-00-SURV, available at https://www.llis.dhs.gov/knowledgebase/authorizedequipmentlist/equipment-law-enforcement-surveillance (accessed Sept. 4, 2014) (equipment description: “Surveillance equipment and related accessories, including but not limited to: audio, data, and visual equipment. Includes electronic equipment such as Pen registers (equipment capable of capturing incoming and outgoing phone numbers, along with the duration of calls, without listening to the actual conversations).”); City of San Jose, Early Distribution Council Packet for May 14, 2013 (Apr. 30, 2013), at 12 (including memo from San Jose Chief of Police Larry Esquivel regarding proposed spending for 2012 UASI funding); Agreement Between the City and County of San Francisco and the City of San Jose for the Distribution of FY 2012 UASI Grant Funds (Dec. 1, 2012), at A-2, available at http://sanjoseca.gov/DocumentCenter/View/15909 ($172,000 to purchase “law enforcement surveillance equipment,” AEL# 13LE-00-SURV); The two expenditures of $250,000 and $172,000 match records San Jose released in response to a public-records request, including proposals to UASI (for the same amounts) and purchase agreements with Harris Corp. (totaling $432,485.31), which produces the most well-known IMSI catchers. See KXTV News 10, 9 Calif. law enforcement agencies connected to cellphone spying technology, Mar. 6, 2014, available at http://www.news10.net/story/news/investigations/watchdog/2014/03/06/5-california-law-enforcement-agencies- connected-to-stingrays/6147381/. 39 In at least one instance, local officials did not debate acquisition but did debate policy: the Chico City Council authorized the purchase of a license-plate reader on the consent calendar, in 2013, but directed staff to draft a use policy, which it did debate. City of Chico, City Council Meeting Minutes (Sept. 3, 2013), available at http://chico- ca.granicus.com/MinutesViewer.php?view_id=2&clip_id=416&doc_id=d8a860c2-67dd-1031-9668-843478bb431f; City of Chico, City Council Meeting Agenda (Sept. 3, 2013), available at http://chico- ca.granicus.com/MetaViewer.php?view_id=2&clip_id=416&meta_id=36829. 40 City of Fresno, City Council Meeting Minutes (Jul. 31, 2014), available at https://fresno.legistar.com/LegislationDetail.aspx?ID=1852287&GUID=833F6193-0CCE-45C7-86CC- 3C0194672568. 41 San Diego County, Board of Supervisors Meeting Agenda (Jan. 26, 2010), Item 2, available at http://sdcounty.granicus.com/DocumentViewer.php?file=sdcounty_673669eb2e688fc71ef2bec80221ad8c.pdf&view =1; Memo from William D. Gore, San Diego County Sheriff, to the San Diego County Board of Supervisors (Jan. 26, 2010) (request for sole source authority to purchase surveillance equipment), available at http://www.sdcounty.ca.gov/bos/supporting_docs/012610ag02t.pdf. 42 John Malkin, Surveillance City? GoodTimes, Jan 29, 2014, http://www.gtweekly.com/index.php/santa-cruz- news/good-times-cover-stories/5386-surveillance-city.html. 43 Id. 44 Santa Clara Board of Supervisors, Minutes, Sept. 11, 2012, available at http://sccgov.iqm2.com/Citizens/FileOpen.aspx?Type=12&ID=4131&Inline=True (approving grant of UASI federal funds); see also Memo from Laurie Smith, Santa Clara County Sheriff, to the Santa Clara County Board of Supervisors regarding Integrated Regional Law Enforcement Information Sharing System (Coplink) (Feb. 12, 2013) (requesting authorization to spend $489,000 from the Department of Homeland Security to upgrade regional database with facial recognition software), available at sccgov.iqm2.com/Citizens/FileOpen.aspx?Type=30&ID=13873. 45 Memo from George Nielson, Chief of Police, to the Placerville City Council, Aug. 20, 2008, available at http://www.cityofplacerville.org/civicax/filebank/blobdload.aspx?blobid=3962 (“[A]pproximately $26,000.00 has been approved by the Approval Authority Board for the City's use, for the purchase of an Automated License Plate Recognition system.”) 46 City of San Rafael, City Council Agenda Report, prepared by Lt. Raffaello Pata, Captain (Mar. 19, 2012). 13 47 See Memo from Larry Esquivel, San Jose Chief of Police, to the Mayor and City Council (Nov. 1, 2013), at 3, available at http://sanjoseca.gov/DocumentCenter/View/23693 (requesting permission to purchase an unmanned aerial vehicle with $8,000 of $354,000 in DHS funding). 48 The Redlands Police Department convened a Citizens’ Privacy Council, open to any resident of the city, to provide advice on policy for surveillance cameras and oversee police use of the cameras. Richmond formed an ad‐ hoc committee to evaluate policies for its video surveillance program. And in 2014, following community backlash and the vote not to expand Oakland’s Domain Awareness Center, the City Council created a Privacy and Data Retention Ad Hoc Advisory Committee comprised of diverse community members to create safeguards to protect privacy rights and prevent the misuse of data for a scaled-back system to be used at the Port of Oakland. Redlands Police Department, Citizen Privacy Council, http://www.cityofredlands.org/police/CPC; Memorandum, Establishing Ad Hoc Committee to Review the Community Warning System and Industrial Safety Ordinance (Sept. 18, 2012), http://64.166.146.155/agenda_publish.cfm?mt=ALL&get_month=9&get_year=2012&dsp=agm& seq=12339&rev=0&ag=241&ln=23604&nseq=0&nrev=0&pseq=12303&prev=0; see Memorandum, Oakland City Administrator’s Weekly Report (Apr. 25, 2014), http://www2.oaklandnet.com/oakca1/groups/cityadministrator/documents/report/oak046804.pdf. 49 City of Ventura Administrative Report (Dec. 14, 2011), available at http://www.cityofventura.net/files/file/meetings/city_council/2012/01-09-12/item%2004.pdf 50 Memo from Larry Esquivel, Chief of Police, to the San Jose Mayor and City Council (Mar. 20, 2014), regarding body worn cameras (detailing work plan for Body Worn Camera Committee), available at http://www.piersystem.com/external/content/document/1914/2126242/1/03-21-14Police.PDF. 51 U.S. Dep’t of Homeland Security, CCTV: Developing Best Practices (2007), available at http://www.dhs.gov/xlibrary/assets/privacy/privacy_rpt_cctv_2007.pdf; International Association of Chiefs of Police, Technology Policy Framework (2014), available at www.theiacp.org/Portals/0/documents/pdfs/IACP%20Technology%20Policy%20Framework%20January%202014 %20Final.pdf. 52 See, e.g., Draft ALPR Policy 462 for the use of Automated License Plate Readers, Alameda City website, http://alamedaca.gov/sites/default/files/department-files/2013-12-26/draft_alpr_policy.pdf. 53 Analysis of Alameda’s Draft Policy Manual for Automated License Plate Readers, Jan. 29, 2014, available at http://alamedaca.gov/sites/default/files/department-files/2014-02-04/aclu_analysis_of_alameda_alpr_policy.pdf. 54 For example, San Diego, Chula Vista, Oceanside, and Escondido share all data they collect with ALPRs through a regional data-sharing system called ARJIS. In the Bay Area alone, several regional data-sharing systems aggregate and analyze ALPR data, including SBISS for the South Bay (Santa Clara and Gilroy), NCRIC for the North Bay (Menlo Park, San Mateo County), and the UASI’s West Node Regional Data Sharing in Marin County. 55 NCRIC Automated License Plate Reader Policy, available at https://ncric.org/html/NCRIC%20ALPR%20POLICY.pdf ARJIS LPR Regional Guidelines (Jan. 2015 draft), available at http://www.arjis.org/Portals/0/PortalDocuments/DRAFT%20ARJIS%20LPR%20Acceptable%20Use%20Policy%2 0psc%2001%2002%202015%20ps.pdf; SBISS Memorandum of Understanding, http://www3.sanjoseca.gov/clerk/Agenda/20100330/20100330_0210mou.pdf. 56SBISS MOU mentions no set limit. NCRIC has a default length of one year, but allows shorter limits set by contributing cities or counties to trump its retention period. ARJIS has a retention period of one year for fixed cameras and two years for portable cameras regardless of limit set by contributor. City of Palo Alto City Council Staff Report (May 5, 2014), available at https://www.cityofpaloalto.org/civicax/filebank/documents/40191; NCIRC Automated License Plate Reader Policy, available at https://ncric.org/html/NCRIC%20ALPR%20POLICY.pdf; LPR Regional Guidelines (Jan. 2015 Draft), available at http://www.arjis.org/Portals/0/PortalDocuments/DRAFT%20ARJIS%20LPR%20Acceptable%20Use%20Policy%2 0psc%2001%2002%202015%20ps.pdf; The City of Novato California Staff Report (Oct. 8, 2013), available at http://ci.novato.ca.us/agendas/pdfstaffreports/cc100813_F-3.pdf; Memorandum of Understanding, available at http://apps.co.shasta.ca.us/BOS_Agenda/MG69199/AS69205/AS69234/AI69367/DO69369/13.PDF. 57 A data sharing agreement in one jurisdiction may affect residents in another. For example, when the Santa Clara County Board of Supervisors approved, via consent calendar, a request from the county sheriff to upgrade a regional database with facial-recognition software, the decision also affected dozens of other cities that cooperate with the county sheriff and contribute information to the database—including every city in Santa Clara, Santa Cruz, Monterey, and San Benito counties. See Memo from Laurie Smith, Santa Clara County Sheriff, to the Santa Clara County Board of Supervisors regarding Integrated Regional Law Enforcement Information Sharing System (Coplink) (Feb. 12, 2013) (requesting authorizing to spend $489,000 from the Department of Homeland Security to 14 upgrade regional database with facial recognition software); Santa Clara County Board of Supervisors, Board of Supervisors Meeting Minutes (Feb. 12, 2013) (approving request from Laurie Smith on consent calendar). 58 Oakland Police Department, Portable Video Management System, Departmental General Order, Effective Date Mar. 5 2014, available at https://www.muckrock.com/foi/california-52/oakland-police-dept-body-cam-policy- emails-and-complaints-13459/#files. 59 See, e.g., Sixteenth Monitoring Report of Robert S. Warshaw, Monitor of the Negotiated Settlement Agreement (NSA) in the case of Delphine Allen, et al., vs. City of Oakland, et al., in the United States District Court for the Northern District of California, at 45, available at http://www.cand.uscourts.gov/filelibrary/1350/2014- 01%20monitoring%20report.pdf. 60 Matt Cagle, San Francisco - Paying the Price for Surveillance Without Safeguards, ACLU-NC Blog, May 22, 2014, https://www.aclunc.org/blog/san-francisco-paying-price-surveillance-without-safeguards. 61 Community Safety Camera Ordinance, Chapter 19 of the San Francisco Administrative Code, available at http://administrative.sanfranciscocode.org/19/. 62 For complete Video Policing Project Policy Guidelines and Manual, see Memo from Jerry Dyer, Fresno Police Chief, to Fresno City Council, Oct. 21, 2008, 13–24, available at http://www.fresno.gov/NR/rdonlyres/77999966- 4ABA-45C5-9519-42E4E29657A4/0/HonorableBrettDorianVideoPolicingAuditorServices.pdf. 63 City of Menlo Park, City Council Special and Regular Meeting Agenda (June 3, 2014), Item #D-1, An Ordinance Regarding the Use of Automated License Plate Readers and Neighborhood Surveillance Cameras, available at http://www.menlopark.org/ArchiveCenter/ViewFile/Item/1658. 64 The Ad Hoc committee’s draft, dated January 15, 2015, is available here: https://oaklandprivacy.files.wordpress.com/2015/01/1-13-15-dac-privacy-and-data-retention-policy-draft- 011515.pdf. 65 Cities and counties have occasionally required that surveillance technologies be reviewed within a certain time period after deployment, but these requirements are rare and incomplete where they exist. For example, while San Bernardino maintains a city website listing statistics about the use of ALPR, including stolen cars recovered, publicly available statistics have not been published for any year following 2010. See ALPR Statistics, City of San Bernardino website (last visited Jan. 20, 2015), http://www.ci.san- bernardino.ca.us/cityhall/police_department/public_safety/traffic_safety_programs/alpr/default.asp. Roseville’s City Council required that the Roseville Police Department report the benefits and costs of bus cameras to a city commission one year after installation. In the case of Roseville, the ACLU found no record that the post-deployment report was ever conducted. City of Roseville, Transit On-Board Video Cameras Purchase (May 31, 2012), available at http://roseville.granicus.com/MetaViewer.php?view_id=2&clip_id=2358&meta_id=88314. 66 Fresno City Council Minutes, Sep. 20, 2012, available at http://www.fresno.gov/CouncilDocs/agenda9.20.2012/1b.pdf. 67 Id.; City of Fresno, City Council Meeting Minutes, Aug. 22, 2006, available at http://www.fresno.gov/NR/rdonlyres/CE8889CD-A095-40D1-968B- B50237558584/0/August222006CityCouncilMinutes.pdf (amending policy to include annual audit); City of Fresno, City Council Meeting Minutes, Sep. 26, 2006, available at http://www.fresno.gov/NR/rdonlyres/2D40AAED-5A45- 4FD1-8316-1EE714F42D78/0/September262006CityCouncilMinutes.pdf (amending policy to include greater protections for individuals participating in demonstrations or other lawful gatherings). 68 Hon. Oliver W. Wanger, Annual Audit for the Fresno Police Department Video Policing Unit for the Period Ending November 30, 2013 (December 30, 2013), available at http://www.wjhattorneys.com/assets/files/VPU- Audit-00449144.pdf; George Hostetter, Former Judge Wanger Writes Far-Ranging Audit on Fresno Video Policing, in The Fresno Bee (Jan. 7, 2014), available at http://www.fresnobee.com/2014/01/07/3701754/judge-wanger- delivers-impressive.html. 69 Judge Wanger: Fresno video policing done right, needs money, Fresno Bee, Jan 8, 2014, available at http://cqrcengage.com/mnmajority/app/document/1354649;jsessionid=ocJiPHEyGHZ19bsd440Xgp5B.undefined 70 Ordinance No. 127-06, Sec. 19.4(d), available at https://sfgov.legistar.com/View.ashx?M=F&ID=2592763&GUID=E040FBD1-E991-425A-AE5B-0A4449FFD108. 71 Id. The report must “identify the camera locations, the crime statistics (or the vicinity surrounding each camera both before and after the camera is installed, crime statistics from surrounding vicinities, the number of times the Police Department requested copies of the recorded images, the number of times the images were used to bring criminal charges, the types of charges brought, and the results of the charges.” 72 See Citris, Citris Study on SF Public Cameras Released (Jan. 9, 2009), http://citris-uc.org/citris-study-on-sf- publiccameras-released/. 15 73 Andrew Dudley, Lights, Camera, Inaction: San Francisco’s Broken Surveillance System, Hoodline, Oct. 19, 2014, http://hoodline.com/2014/10/lights-cameras-inaction-san-francisco-s-broken-surveillance-state. 74 Quarterly Review of Data Captured by Automated License Plate Readers (ALPR) for the Period Beginning July 1, 2014 through October 1, 2014, Menlo Park City Council Meeting, Nov. 18, 2014, available at http://menlopark.org/DocumentCenter/View/5786. 75 See Making Smart Decisions About Surveillance: A Guide for Communities, https://www.aclunc.org/publications/making-smart-decisions-about-surveillance-guide-communities; Map: State of Surveillance in California, ACLU of Northern California, https://www.aclunc.org/article/map-state-surveillance- california; U.S. Dep’t of Homeland Security, CCTV: Developing Best Practices (2007), available at http://www.dhs.gov/xlibrary/assets/privacy/privacy_rpt_cctv_2007.pdf; Police Executive Research Forum, How Are Innovations in Technology Transforming Policing? 26 (Jan. 2012), available at http://www.policeforum.org/assets/docs/Critical_Issues_Series/ how%20are%20innovations%20in%20technology%20transforming%20policing%202012.pdf; International Association of Chiefs of Police, Technology Policy Framework (2014), available at www.theiacp.org/Portals/0/documents/pdfs/IACP%20Technology%20Policy%20Framework%20January%202014 %20Final.pdf. 76 The DAC Ad Hoc Advisory Committee’s recommendations supplementing its privacy policy include a recommendation that Oakland adopt a citywide surveillance technology ordinance. https://oaklandprivacy.files.wordpress.com/2015/01/1-13-15-dac-privacy-and-data-retention-policy-draft- 011515.pdf. FURTHER READING Santa Clara county executive tells Ars what Harris wanted was "on the silly side." Jhaymesisviphotography The Santa Clara County Board of Supervisors has halted a plan to approve the purchase of a cell-site simulator, better SEC Ars Technica has arrived in Europe. Check it out! by Cyrus Farivar - May 7, 2015 6:00am PDT ▼▼ In rare move, Silicon Valley county gov’t kills stingray acquisition | Ars ... http://arstechnica.com/tech-policy/2015/05/in-rare-move-silicon-valley-... 1 of 5 5/7/2015 6:49 PM FURTHER READING known as a stingray. The secretive surveillance devices can be used to determine a phone’s location, but they can also intercept calls and text messages. During the act of locating a phone, stingrays also sweep up information about nearby phones—not just the target phone. Earlier this year, Ars reported on how the FBI is actively trying to "prevent disclosure" of how these devices are used in local jurisdictions across America. The move, happening in one of the primary counties in Silicon Valley, marks an unusual occasion that a local government has turned away from federal funds that would be used to acquire such a device. The device was approved initially during a February 24, 2015 meeting, despite a testy exchange between the Santa Clara Sheriff's Office and Supervisor Joe Simitian, a former state senator with a penchant for an interest in privacy issues. Simitian's office didn't immediately respond to Ars' request for comment. James Williams, the deputy county executive, wrote in a Tuesday letter to his boss Jeffrey Smith: After negotiations regarding contract terms, including business and legal issues, the County and Harris have been unable to reach agreement on a contract for the purchase of the System. Accordingly, the System will not be purchased at this time. Harris Corporation is the Florida-based defense contractor that is the manufacturer of the device produced under the StingRay trademark. As the dominant maker of cell-site simulators, stingray has also become the generic name for this class of devices. Both the FBI and the Harris Corporation have previously declined to answer Ars' specific questions. Smith told Ars that Harris wanted to impose overly strict restrictions as to what could be disclosed through the public records process. "What happened was, we were in negotiations with Harris, and we couldn't get them to agree to even the most basic criteria we have in terms of being responsive to public records requests," he said. "After many hours of back and forth it became clear that they weren't going to consent to a contract in an attempt to keep everything secret and non-discoverable and that's not something we could live with as a public agency. The negotiations are going to be terminated and the grant money will go to other purposes." WHA DOZ The Nev LG Sna In rare move, Silicon Valley county gov’t kills stingray acquisition | Ars ... http://arstechnica.com/tech-policy/2015/05/in-rare-move-silicon-valley-... 2 of 5 5/7/2015 6:49 PM FURTHER READING He said that the FBI was not involved in the discussions, and that Santa Clara County did not even get to the stage of the onerous non-disclosure agreement along the lines of a previously published one revealed in a court case in Erie County, New York. In that case, a rare unredacted form demonstrated the full extent of the FBI's attempt to quash public disclosure of stringray information. The most egregious example from the document showed that the FBI would prefer to drop a criminal case in order to protect secrecy surrounding the stingray. In St. Louis, a defense lawyer who represented a woman who had pleaded guilty to being involved in a series of robberies recently told Ars that prosecutors dropped charges rather than expose the use of a stingray. Last year, prosecutors in Baltimore did the same thing during a robbery trial. "The best I can get into is that [Harris has] been convinced by somebody, maybe by themselves, that federal law prohibits them saying anything to anybody about their technology unless that person has a badge or is a criminal investigation in the criminal justice system," Smith added. "So if we're buying this as civilians we would have to guarantee that we would never tell anybody that it was being bought. It was a little on the silly side. They're claiming that everything is a trade secret, but the reality is that the public is quite well-aware that this is a wireless wiretapping and it's not a secret, I can't understand where they're coming from." Civil liberties and legal experts hope that the newfound scrutiny that has come from various cities around the country, including Tacoma, Washington, and Erie County, New York, are beginning to reach those in government. "With more scrutiny of these deals and the strings that are attached to them, I am hopeful that more counties will negotiate more aggressively," Brian Owsley, a former federal judge who is now a law professor at Indiana Tech, told Ars. "As Harris Corporation is in the business of selling its products, if enough local law enforcement agencies object to the "standard’ agreement, then Harris Corporation may have to change its standard language." Relatively little is known about how, exactly, stingrays, known more generically as cell-site simulators, are used by law enforcement agencies nationwide, although new documents have recently been released showing how they have been purchased and used in some limited instances. However, it has been well-established that cops have lied to courts about their use. Typically, police deploy them without first obtaining a search warrant. A local privacy activist who has closely followed stingrays from nearby San Leandro, California, Mike Katz-Lacabe, told Ars this was the first time he had ever heard of a county resisting acquisition of a stingray. "Much, if not all, of the credit goes to Supervisor Joe Simitian and his push for transparency," he told WOR In rare move, Silicon Valley county gov’t kills stingray acquisition | Ars ... http://arstechnica.com/tech-policy/2015/05/in-rare-move-silicon-valley-... 3 of 5 5/7/2015 6:49 PM ---- Ars by e-mail. "In addition, this is one of the few times that there has been a public discussion BEFORE the acquisition of a stingray. There were no public discussions in Oakland, San Jose, or San Francisco when each of those police departments acquired a stingray, and they may not have even appeared on an agenda of the respective City Councils." "I hope that this is a sign that sunlight is finally piercing the veil of the secrecy surrounding the use of this equipment," he added. "Use of this equipment is specifically kept hidden from judicial authority and the courts under the terms of the non-disclosure agreement that police departments must sign before they can buy a Stingray. It is critical to our judicial system and our democracy that the public and our elected representatives be informed about the use of these devices so that we can have a discussion about their privacy implications and make informed decisions about policies for their use." Smith, the county executive, for his part was surprised to learn that Santa Clara may be the first local entity to refuse Harris' demands. "We're not focused on being the only one to do something, but we had to do what we thought was right in terms of negotiations," he added. "If it's the only time it's happened, I'm surprised." Cyrus Farivar / Cyrus is the Senior Business Editor at Ars Technica, and is also a radio producer and author. His first book, The Internet of Elsewhere, was published in April 2011. @cfarivar on Twitter In rare move, Silicon Valley county gov’t kills stingray acquisition | Ars ... http://arstechnica.com/tech-policy/2015/05/in-rare-move-silicon-valley-... 4 of 5 5/7/2015 6:49 PM About Us Advertise with us Contact Us Reprints Subscribe to Ars RSS Feeds Newsletters Reddit Wired Vanity Fair Style Details © 2015 Condé Nast. All rights reserved Use of this Site constitutes acceptance of our User Agreement (effective 1/2/14) and Privacy Policy (effective 1/2/14), and Ars Technica Addendum (eff Your California Privacy Rights The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of Cond Ad Choices In rare move, Silicon Valley county gov’t kills stingray acquisition | Ars ... http://arstechnica.com/tech-policy/2015/05/in-rare-move-silicon-valley-... 5 of 5 5/7/2015 6:49 PM City of Palo Alto Policy on Video Management Revised January 2015 I. INTRODUCTION The purpose of this Policy is to provide guidelines for the use of City-owned video management systems (VMS) and accompanying cameras that are permanently installed. Mobile, portable, wearable and other such audio/video systems are outside the scope of this Policy. II. POLICY STATEMENT The City of Palo Alto is committed to enhancing the quality of life of employees and residents of Palo Alto by integrating security practices with available technology. To enhance security of City property and aid investigatory capability, it may be appropriate to permanently install stationary video devices that are owned by the City of Palo Alto, and to ensure that the video systems currently in existence are governed by a single City-wide policy. The City remains committed to ensuring that all video systems are used in a manner that respects and balances the privacy interests of employees and residents. Video systems will be used by various departments to monitor critical infrastructure that support on-going City services, prevent acts of vandalism, theft and other crimes, provide real-time situational awareness in the event of natural disasters or other critical incidents, assist with response to public safety incidents in the City, and, where appropriate, the investigation of criminal activity. III. DEFINITIONS “General Monitoring” refers to viewing recorded images from stationary cameras and monitors that have been approved under this Policy for the purpose of complying with City policies and laws and regulations. “Specific monitoring,” for purposes of this Policy, refers to a more focused type of observation on an individual or group of individuals that involves: (1) realtime or live monitoring; (2) a closer degree of scrutiny related to the reasonable grounds to believe the person(s) who are the target of the monitoring are engaging in or have engaged in prohibited activity and (3) is designed to be investigatory and generally conducted over a longer timeframe. Specific monitoring does not include incidental observation or inadvertent discovery. For any specific monitoring activity to occur, there must be some connection between the information collected and unlawful activity. “Operators” are those persons provided with access to any part of the VMS. Current staffing precludes the routine monitoring of cameras. Accordingly, operators may be capable of viewing live (real-time) or recorded video and other information, depending on their level of access. 1 “VMS Administrator” refers to the designee(s) of the City Manager, who shall oversee this Policy, as defined herein. As of January 2015, the designee(s), who are to form a committee and work collaboratively, are as follows: (1) the Director of Emergency Services; (2) a representative from the Palo Alto Utilities Department; and (3) a representative of the City Attorney’s Office. IV. USE OF PERMANENTLY INSTALLED STATIONARY VIDEO EQUIPMENT A. Rules 1) Application: The head of a City department (“applicant”) wishing to permanently install video cameras shall submit a written request (form) to the VMS Administrator with a statement justifying the benefit of installing such equipment. The application must include the proposed number and location of the device(s), the purpose of the installation, whether the location of the cameras involves recording of activity by employees or the general public or both, and the names and titles of the individuals who will be the operators. The source of funding for the installation must be specifically identified as part of the request. 2) Review: The VMS Administrator will review the request and advise the applicant of the decision within ninety (90) business days after receipt. The applicant may appeal the decision of the VMS Administrator by submitting an appeal to the City Manager or his/her designee, who will consult with the City Attorney’s Office and respond to the request within thirty (30) business days after receipt. The decision of the City Manager or his/her designee is final. 3) Equipment Specifications: The VMS Administrator will develop a specification that provides guidance regarding the type of equipment City departments may purchase, compatibility, installation (contractors, etc.), and other such implementation details. 4) Changes: An applicant may file a written request to change the location or limit the visual range of a specific installation of video equipment based on a belief that it infringes on a reasonable expectation of privacy or other protected rights. The request shall be submitted to the VMS Administrator and shall (a) identify the location, (b) identify the concern or issue, and (c) provide the suggested changes. The VMS Administrator shall respond to the request within ninety (90) business days after receipt. The response will be based on a reconsideration of the initial request to install the devices in light of the concerns. The appeal process is the same as paragraph 2, above. 5) Retroactive Provisions: Within twelve (12) months of the effective date of this Policy and the Equipment Specifications, all existing City-owned systems shall be brought into compliance with all aspects of this Policy. Those which do not conform shall be removed, unless a waiver is granted by the VMS Administrator. 6) Security: Operators shall exercise due care to ensure that video displays shall not be viewable by unauthorized persons. 7) Signage: Any area in which a video system is permanently installed shall have signage prominently displayed indicating the fact of monitoring. In cases in which there is an ongoing investigation, monitoring shall be governed by usual legal or City procedures, which may not require signage. 2 In the event third parties (such as private businesses and other non-government entities) desire to share their video feeds with the City, the following rules will apply: 1) Except for exigent circumstances or temporary (less than 90 days) access, the third party shall submit a written authorization form to the VMS Administrator, specifying which City department is to be granted access, for what duration (if any), and any other conditions or limitations. 2) The VMS Administrator shall maintain a registry of such third parties which have authorized the City of Palo Alto to have access to their video systems. B. Training 1) Operators shall be trained in the technical, legal and ethical parameters of appropriate system use. 2) Operators shall receive a copy of this policy and provide written acknowledgement that they have read and understood its contents. 3) Certain operators, such as those in the 911 Communications Center and the Emergency Operations Center, may require additional training. C. Operation 1) Monitoring will be conducted in a professional, ethical and legal manner. The system will not be used to invade the privacy of individuals or otherwise utilized in areas where the reasonable expectation of privacy exists. Monitoring shall not be used to harass, intimidate or discriminate against any individual or group. 2) Duties of Department Heads. (a) Each Department Head shall designate the Operators and provide the list of staff to the VMS Administrator; (b) Each Department Head shall keep this list of Operators up-to-date and ensure staff completes the required training (per Section B) and completes the VMS Employee Statement and other forms; (c) Department Operators may engage in General Monitoring for the purpose of enhancing compliance with City policies as described in Section I herein; (d) Department Operators shall not engage in Specific Monitoring except in instances of suspected criminal activity, natural disaster, or threat to public property or safety, unless authorized by the VMS; and (e) Every Department Head shall ensure that they or their staff notify the VMS Administrator as soon as practicable of any instances of or planned Specific Monitoring. 3) Duties of VMS Administrator. (a) The VMS Administrator may engage in General Monitoring for the purpose of enhancing compliance with City policies as described in Section I herein; (b) The VMS Administrator shall have City-wide system access and may engage in realtime and Specific Monitoring in the event of natural disaster, law enforcement 3 emergency, imminent threat situation, authorized law enforcement investigation, for the purpose of system-wide threat and safety assessments, and/or with the approval of the Chief of Police or his/her designee or City Manager or his/her designee; (c) The VMS Administrator shall prepare an annual report to the City Manager and the Chief of Police containing information regarding system use City-wide; and (d) All requests for recordings or other system use that are made in connection with internal investigations, disciplinary matters, or criminal investigation shall be made to the VMS Administrator. D. Storage, Public Records 1) Both current and archived recordings will be secured in accordance with current state of art and best practices. 2) The volitional public release of video images shall be done only with the authorization of the VMS Administrator and only with a properly completed written request. 3) Video images needed for a criminal investigation or other official reason shall be collected and booked in accordance with current departmental evidence procedures. 4) Requests for recorded video images from other government agencies or by the submission of a court order or subpoena shall be promptly submitted to the Police Department Communications Manager, who will research the request and submit the results of such search through the VMS Administrator to the City Attorney's office for further handling. Every reasonable effort should be made to preserve the data requested until the request has been fully processed by the City Attorney's office. 5) Video images captured by the system that are requested by the public or media will be made available only to the extent required by law. Except as required by a valid court order or other lawful process, video images requested under the Public Records Act will generally not be disclosed to the public when such video images are evidence in an ongoing criminal investigation in which a disposition has not been reached. 6) Recordings shall be retained for one (1) year in accordance with California Government Code Section 34090.6(a) and then will be erased or recorded over unless retained as part of a criminal investigation, a civil or criminal court proceeding, pursuant to a Preservation Notice issued by the City Attorney’s Office. No attempt shall ever be made to alter any recording, except to enhance quality for investigative purposes and to blur elements (such as uninvolved bystander faces) consistent with other policies and common practice to preserve privacy, to preserve evidence or other such lawful and valid reason. The VMS may have network video recorders (NVRs) or similar mechanisms where images are “buffered” for a period of time before they overwritten. Such data are not considered recordings. A recording occurs when images are exported to another medium (such as a DVD). 7) Retained recordings will be destroyed at the appropriate time, which will be determined and directed by the City Attorney’s Office. 4 E. Destruction or Tampering with Cameras or System Components Any person who tampers with or destroys a camera or any part of the video system may be prosecuted in the criminal justice system as well as subject to discipline, up to and including termination, in the case of staff. F. Routine Audits The video system shall be subject to regular audits. Any unauthorized use of the video system shall be reported to the VMS Administrator as well as the City Manager or his/her designee. 5 POLICY AND SERVICES COMMITTEE ACTION MINUTES Page 1 of 3 Special Meeting Wednesday, December 14, 2016 Chairperson DuBois called the meeting to order at 6:04 P.M. in the Community Meeting Room, 250 Hamilton Avenue, Palo Alto, California. Present: DuBois (Chair), Kniss, Scharff Absent: Berman Oral Communications None. Agenda Items 2. Directions to Staff Concerning Further Requirements and Restrictions Related to Basement Construction and Dewatering. MOTION: Vice Mayor Scharff moved, seconded by Chair DuBois to recommend the City Council direct Staff to: 1. Modify the Pilot Construction Dewatering Program (per the list below) approved by Council (on February 1, 2016), to apply to new applications after adoption (to the extent possible, for the 2017 construction season); and 2. Draft an ordinance codifying and enhancing the Construction Dewatering Program, with a goal of bringing the ordinance to Council in 2017, in order to be in place for projects not having either their Conditions of Approval or Building Permits by July 1, 2017, for the 2018 construction season; and 3. Explore the implementation and incentives for using advanced construction techniques such as cut-off walls. ACTION MINUTES Page 2 of 3 Policy and Services Committee Special Meeting Action Minutes 12/14/16 AMENDMENT: Chair DuBois moved, seconded by Council Member XX to add to the Motion “Have Staff evaluate and bring options to Council regarding additional incentives such as the mandatory cone test, allowing a longer construction season if you use a cutoff wall and the idea of a required draw down test.” AMENDMENT FAILED DUE TO THE LACK OF A SECOND AMENDMENT: Chair Dubois moved, seconded by Council Member XX to add to the Motion “Ask Staff to evaluate the idea of a temporary moratorium with the exception for those that participate in the pilot program.” AMENDMENT FAILED DUE TO THE LACK OF A SECOND MOTION RESTATED: Vice Mayor Scharff moved, seconded by Chair DuBois to recommend the City Council direct staff to: 1. Modify the Pilot Construction Dewatering Program (per the list below) approved by Council (on February 1, 2016), to apply to new applications after adoption (to the extent possible, for the 2017 construction season); and 2. Draft an Ordinance codifying and enhancing the Construction Dewatering Program, with a goal of bringing the ordinance to Council in 2017, in order to be in place for projects not having either their Conditions of Approval or Building Permits by July 1, 2017, for the 2018 construction season; and 3. Explore the implementation and incentives for using advanced construction techniques such as cut-off walls. MOTION PASSED: 2-1 DuBois no, Berman absent The Committee took a break from 8:37 P.M. to 8:44 P.M. 1. Discussion and Recommendations for Data Collection and Privacy Policy Guidelines. MOTION: Chair DuBois moved, seconded by Council Member Kniss to recommend Staff return to the Policy and Services Committee with a ACTION MINUTES Page 3 of 3 Policy and Services Committee Special Meeting Action Minutes 12/14/16 potential Ordinance that would establish department policies and practices in order to reinforce the protection of individual privacy. MOTION PASSED: 3-0 Berman absent 3. Discussion and Recommendations for the 2017 City Council Priority Setting Process and Retreat Planning. NO ACTION TAKEN Future Meetings and Agendas ADJOURNMENT: Meeting was adjourned at 9:18 P.M. CITY OF PALO ALTO OFFICE OF THE CITY ATTORNEY June 13, 2017 The Honorable City Council Palo Alto, California Recreational and Medical Marijuana: Review and Discussion of State Law Developments and Input to Staff on Next Steps, Including Possible Ordinance Adopting Local Regulations Regarding Commercial Marijuana Activity, Outdoor Cultivation, and Marijuana Dispensaries. This Action is Exempt Under Section 15061(b)(3) of the California Environmental Quality Act. Recommendation Staff recommends that the Policy and Services Committee review and discuss state law developments regarding recreational and medical marijuana and provide input to staff on next steps, including potential local regulations. As a starting point for discussion, staff has prepared a proposed ordinance (Attachment A) consistent with current City policies on marijuana (prohibiting outdoor marijuana cultivation, medical marijuana dispensaries, and commercial marijuana activities except for deliveries). After incorporating Policy & Services’ direction into a revised proposed ordinance, staff proposes sending zoning code amendments to the Planning & Transportation Commission for review during the summer, and returning to Council for ordinance adoption in the fall. Executive Summary Proposition 64, also known as the Adult Use of Marijuana Act (AUMA), was passed by voters on November 8, 2016. The AUMA permits commercial marijuana activities, but gives municipalities the option to prohibit some or all of such activities, including: commercial cultivation, retail sales, delivery services, distribution, manufacturing of marijuana-containing products, and testing businesses.1 If the City Council wishes to prohibit some or all commercial marijuana activities, it must enact an ordinance that goes into effect before January 1, 2018. On that date, the state is required to begin issuing licenses for commercial marijuana activities under the AUMA, but the state will not issue a license if such activity is banned by the City. Presently, the City has two ordinances that regulate marijuana. The first bans medical marijuana dispensaries and was enacted in 1997 in response to the voter-approved legalization 1 The AUMA also permits personal use activities, such as smoking of marijuana by adults 21 years or older and indoor growing of up to six marijuana plants for personal use. This ordinance does not address the personal use activities, but the City Council has the ability to adopt reasonable regulations consistent with the AUMA. Page 2 of medical marijuana. The second bans the outdoor cultivation of marijuana and was enacted in 2016 and in anticipation of the passage of Proposition 64, but this ordinance will sunset in November 2017. If adopted, the proposed ordinance (Attachment A) would extend the outdoor cultivation prohibition indefinitely. The proposed ordinance would also assert the City’s right to prohibit most commercial marijuana activities permitted under the AUMA, including commercial cultivation facilities, manufacturing facilities, retailers, and warehouses. The only permitted commercial activity under this ordinance would be the delivery of marijuana. The proposed ordinance would also curtail similar commercial activities for medical marijuana permitted under the Medical Marijuana Regulation and Safety Act, which is analogous to the AUMA but for medical marijuana. These measures will give the City more time to consider which, if any, commercial activities should be permitted in the City, and whether to adopt more permissive regulations. The proposed ordinance would also update the existing prohibition of medical marijuana dispensaries with a codified subsection. The state legislature is currently working on a “clean-up” bill to Proposition 64, but despite its name, the bill could make significant changes to both recreational and medical marijuana laws. State agencies have also just released draft regulations. Due to the unsettled nature of state marijuana laws, the City may want to revisit this issue in response to state actions. Background Marijuana has been decriminalized in phases in California.2 Medical marijuana was first legalized by the voters in 1996 upon the passage of Proposition 215. In response, the City passed an ordinance in 1997 prohibiting medical marijuana dispensaries. While dispensaries were not allowed under the City’s zoning code under the principles of permissive zoning provisions, the City passed the ordinance to make the prohibition clear.3 In 2015, the Governor approved AB 266, known as the Medical Marijuana Regulation and Safety Act. The Act creates a new licensing system for medical marijuana-related businesses and imposes regulations on medical marijuana.4 In November 2016, California voters passed Proposition 64, also known as the Adult Use of Marijuana Act (AUMA), which legalized marijuana under state law for recreational (non- medical) and commercial uses. The following is a summary of some of the major provisions: 2 Marijuana remains a Schedule I drug under the federal Controlled Substances Act. 3 See Ordinance 5399, Section 1 for more analysis of the zoning issues and presumptions regarding medical marijuana. 4 Health and Safety Code (H&S) §19300 et seq. Page 3 Recreational possession, use, and personal growing permitted, subject to local regulations. The AUMA legalized adult (21 years or older) smoking and consumption of recreational marijuana.5 Adults are allowed to grow up to six plants indoors per residence and possess 28.5 grams of marijuana in public.6 Marijuana grown at home cannot be sold, but can be gifted.7 Smoking is not allowed in any place that already bans tobacco smoking or near schools, and can only be carried in a closed container in a vehicle (driving while smoking is illegal).8 The City can enact reasonable regulations that do not conflict with state law.9 This report and the attached ordinance do not address personal use regulations and these can be addressed in the future. Commercial activities permitted, subject to local prohibitions. Proposition 64 legalized several types of commercial marijuana activities, but require a state- issued license. The AUMA envisions at least three types of state-issued licenses: a license to cultivate commercially, a license to retail or distribute (which also allows delivery), and a license to test or manufacture. Cities have the option to prohibit one or more types of these state-licensed commercial activities.10 The City Council may adopt an ordinance that identifies which activities are prohibited within the City. If the City prohibits any commercial marijuana activity, the state shall not grant a license for such activity within the City. Conversely, cities that wish to allow all state-licensed commercial activity do not have to pass an ordinance affirming their intent; it is already state law. For commercial activities that are allowed, cities can create their own regulations, such as business license requirements and zoning and land use requirements, among others. Neighboring cities, including San Jose, have already developed regulations as to medical marijuana which would likely be extended to all commercial marijuana activities. These regulations are largely time, place, and manner regulations that set minimum standards for safety and security, as well as create a permit system for delivery vehicles and drivers. The San Jose City Council has delegated regulation authority to its City Manager. (Note, however, that the state’s forthcoming marijuana regulations may preempt City regulations.) Taxes on Marijuana Sales Taxation of marijuana depends on whether it is for recreational or medical use under the AUMA. Both recreational and medical marijuana is subject to a new State Marijuana Excise Tax, which is 15% of the gross receipts of retail sales.11 Recreational marijuana is also subject to 5 H&S §11362.1. 6 H&S §11362.2 7 H&S §11362.1(a)(2). 8 H&S §11362.3. 9 H&S §11362.2(b). 10 Business and Professions Code (BPC) §26200. 11 Rev. & Tax. §34011(a). Page 4 traditional state and local sales taxes. The AUMA also created a new State Cultivation Tax, which is imposed at the rate of $9.25 per ounce for flowers and $2.75 per ounce for leaves.12 Marijuana cultivated for personal use is exempt from the State Cultivation Tax.13 Discussion The AUMA allows several types of commercial marijuana activities: commercial cultivation, dispensaries, retail sales, delivery services, distribution, manufacturing of marijuana-containing products, and testing businesses. The AUMA requires a state-issued license before a person can conduct these activities. The Medical Marijuana Regulation and Safety Act allows similar commercial activities and also requires a state-issued license to operate. The AUMA requires the issuance of licenses to start no later than January 1, 2018. Should the City Extend or Modify the Outdoor Cultivation Prohibition? Last November, Council adopted a temporary ban on outdoor marijuana cultivation that will automatically sunset in November 2017. To avoid confusion and to ensure that no state licenses for commercial cultivation are issued before the City can re-address this issue, the Committee may want to recommend that Council extend the ban on outdoor marijuana cultivation by removing the sunset provision. Council can revisit the issue and adopt more permissive rules at any time. Should the City Restate the Existing Prohibition on Medical Marijuana Dispensaries? The City passed an uncodified urgency ordinance in 1997 to prohibit medical marijuana dispensaries. To avoid confusion and to ensure that no state licenses for medical marijuana dispensaries are issued, the Committee may want to recommend that Council re-adopt and codify a prohibition on medical marijuana dispensaries. Should the City Prohibit Most Commercial Activities Except Deliveries? Under principles of permissive zoning, commercial marijuana activities for both medical and recreational use are presumptively prohibited in Palo Alto because they are not listed as permitted activities in the City’s zoning code. But the AUMA seems to anticipate that cities will adopt ordinances prohibiting the activities they wish to restrict within their boundaries. To avoid confusion and preserve local control, the Committee may want to recommend that Council add an express prohibition of all outdoor marijuana cultivation and all commercial marijuana activities except for deliveries to people within Palo Alto. Council can revisit these issues and adopt more permissive rules at any time. Timeline Staff is seeking input and a recommendation from the Policy and Services Committee before scheduling the proposed ordinance, with modifications recommended by the Committee, for a hearing and recommendation by the Planning and Transportation Commission this summer. 12 Rev. & Tax. §34012(a). 13 Rev. & Tax. §34012(j). Page 5 The goal is to bring an ordinance with recommendations from the Committee and the PTC to the full Council in September. The City Council must pass an ordinance that goes into effect by January 1, 2018 if it wishes to prohibit some or all commercial marijuana activities. Otherwise, the state can issue licenses for commercial marijuana activities that occur within the City. In addition, for any commercial activity that is allowed, staff recommends that the City examine and develop regulations by January 1, 2018 in anticipation of licenses being issued and the commencement of commercial activity. The City should be cognizant of the development of state-level marijuana regulations before promulgating its own. Lastly, should the City wish to regulate personal uses of marijuana, including smoking and personal indoor cultivation, staff recommends that regulations or laws be developed after the state issues any relevant regulations, which is anticipated this summer. Staff recommends that the City Council address commercial uses first to ensure that the City’s ability to regulate in these areas is established before the state can issue licenses permitting commercial activity. Resource Impact Staff does not anticipate a resource impact associated with this ordinance. As with similar zoning regulations, enforcement would be done on a complaint basis. Any future efforts to develop additional regulations for commercial marijuana businesses or personal cultivation would require staff time and could result in zoning or licensing provisions requiring additional staff resources. Future regulations may require additional law enforcement or code enforcement resources. Environmental Review This proposed ordinance is not a “project” within the meaning of section 15378 of the California Environmental Quality Act (CEQA) Guidelines because it has no potential for resulting in physical change in the environment, either directly or ultimately. In the event that this Ordinance is found to be a project under CEQA, it is subject to the CEQA exemption contained in CEQA Guidelines section 15061(b)(3) because it can be seen with certainty to have no possibility of a significant effect on the environment. ATTACHMENTS: Attachment A - Ordinance Repealing Chapter 9.17 and Amending Chapters 18.04 and 18.42 (PDF) Attachment B - League of Cities AUMA FAQ (PDF) Department Head: Molly Stump, City Attorney Page 6 NOT YET APPROVED 170503 th TS/ORD Amending 9.17 Ordinance No. _____ Ordinance of the Council of the City of Palo Alto Repealing Chapter 9.17 (Personal Cultivation of Marijuana) of Title 9 (Public Peace, Morals and Safety) of the Palo Alto Municipal Code; Repealing Ordinance No. 4422; and Amending Chapters 18.04 (Definitions) and 18.42 (Standards for Special Uses) of Title 18 (Zoning) to Prohibit Outdoor Cultivation of Marijuana, Prohibit Medical Marijuana Dispensaries, and Prohibit Commercial Marijuana Activities, Except for Deliveries. The Council of the City of Palo Alto does ORDAIN as follows: SECTION 1: The Council of the City of Palo Alto finds and declares as follows: A. On June 9, 1997, the Palo Alto City Council adopted uncodified urgency Ordinance No. 4422 declaring the establishment and operation of medical marijuana dispensaries to be prohibited use under the City’s zoning ordinance. B. On October 24, 2016, the Palo Alto City Council adopted Ordinance No. 5399, prohibiting the outdoor cultivation of marijuana. That ordinance had a sunset date of one year from the date the ordinance took effect. C. On November 8, 2016, California voters passed Proposition 64, known as the Adult Use of Marijuana Act (AUMA), which legalized the use, sale, and consumption of recreational marijuana by persons 21 years of age and older. D. The AUMA also permits commercial marijuana activities subject to state licensure, but preserves local governments’ authority to regulate and ban some or all commercial marijuana activities. (See, e.g., Business and Professions Code section 26200). E. Outdoor marijuana cultivation; medical marijuana dispensaries, and commercial marijuana activities are not listed in the City’s zoning code as permitted or conditionally‐ permitted land uses, making them prohibited under the principles of permissive zoning provisions. (City of Corona v. Naulls (2008) 166 Cal.App.4th 418). Nevertheless, the state may not expressly recognize the application of permissive zoning principles as to marijuana‐related uses. F. In order to protect the public health, safety, and welfare, the City Council desires to replace the existing temporary ban on outdoor cultivation at Chapter 9.17 and the uncodified prohibition of medical marijuana dispensaries in Ordinance No. 4422 with new Code section 18.42.150 to prohibit, in express terms: (1) the outdoor cultivation of marijuana; (2) medical marijuana dispensaries; and (3) commercial marijuana activities, with the exception of deliveries. SECTION 2. Chapter 9.17 of Title 9 of the Palo Alto Municipal Code is hereby repealed. NOT YET APPROVED 170503 th TS/ORD Amending 9.17 SECTION 3. Ordinance No. 4422 of the City of Palo Alto is hereby repealed. SECTION 4. Chapter 18.04 of Title 18 of the Palo Alto Municipal Code is hereby amended to add new subsection 18.04.030(a)(94.5) to read as follows: (94.5) “Marijuana” means all parts of the plant Cannabis sativa L., Cannabis indica, Cannabis ruderalis, and hybrid strains derived thereof, whether growing or not; the seeds thereof; the resin extracted from any part of the plant; and every compound, manufacture, salt, derivative, mixture, or preparation of the plant, its seeds or resin. (A) “Commercial marijuana activity” means any activity related to cultivation, possession, manufacture, distribution, processing, storing, laboratory testing, labeling, transportation, distribution, delivery or sale of marijuana or products containing marijuana. “Commercial marijuana activity” does not include personal recreational uses allowed by Health and Safety Code sections 11362.1 and 11362.2 or personal medical uses allowed by sections 11362.765 and 11362.77, as amended from time to time. (B) “Cultivation” means any activity involving the planting, growing, harvesting, drying, curing, grading, or trimming of marijuana for any purpose. (C) “Medical marijuana dispensary” is a facility where marijuana is made available for medical purposes in accordance with Health and Safety Code section 11362.5 et seq. or any other provision of state law that authorizes the use of marijuana for medical purposes. SECTION 5. Chapter 18.42 of Title 18 of the Palo Alto Municipal Code is hereby amended to add new section 18.42.150 to read as follows: 18.42.150 Marijuana Cultivation and Commercial Activities (a) Prohibition of open cultivation. Open marijuana cultivation is not permitted. Personal cultivation permitted under Health and Safety Code section 11362.2, as amended from time to time, must occur within a locked structure not visible by normal unaided vision from any public place. (b) Prohibition of commercial activities. Commercial marijuana activity is not permitted. (c) Exception for qualified delivery services. Notwithstanding the prohibition in section 18.42.150(b), delivery of marijuana is permitted pursuant to laws of the State of California. This section does not permit any temporary, persistent, or fixed physical presence used for commercial marijuana activities (including but not limited to medical marijuana dispensaries, collectives, cooperatives, or any other retail outlets) besides delivery vehicles in the active state of making a delivery. (d) Prohibition of medical marijuana dispensaries. NOT YET APPROVED 170503 th TS/ORD Amending 9.17 Medical marijuana dispensaries are not permitted. (e) Regulations. The City Manager is authorized to approve regulations consistent with this section. (f) Enforcement. The City may enforce this section and its regulations in any manner permitted by law and is entitled to recover all costs, including attorneys fees, related to enforcement. The violation of this section is hereby declared to be a public nuisance and shall, at the discretion of the city, create a cause of action for injunctive relief. SECTION 5. Severability. If any provision, clause, sentence or paragraph of this ordinance, or the application to any person or circumstances, shall be held invalid, such invalidity shall not affect the other provisions of this ordinance which can be given effect without the invalid provision or application and, to this end, the provisions of this ordinance are hereby declared to be severable. SECTION 6. CEQA. The City Council finds and determines that this Ordinance is not a “project” within the meaning of section 15378 of the California Environmental Quality Act (CEQA) Guidelines because it has no potential for resulting in physical change in the environment, either directly or ultimately. In the event that this Ordinance is found to be a project under CEQA, it is subject to the CEQA exemption contained in CEQA Guidelines section 15061(b)(3) because it can be seen with certainty to have no possibility of a significant effect on the environment. SECTION 7. Effective Date. This ordinance shall be effective on the thirty‐first date after the date of its adoption. INTRODUCED: PASSED: AYES: NOES: ABSTENTIONS: ABSENT: ATTEST: APPROVED: ______________________________ ____________________________ City Clerk Mayor NOT YET APPROVED 170503 th TS/ORD Amending 9.17 APPROVED AS TO FORM: ____________________________ City Manager ______________________________ Principal City Attorney 1 January 9, 2017 Frequently Asked Questions (FAQs) Adult Use of Marijuana Act1 Proposition 64 Question#1: When does the AUMA take effect? Answer: The AUMA took effect November 9, 2016, the day after the election. But note, the AUMA requires a state license to engage in commercial nonmedical marijuana activity. Licensing authorities are required to begin issuing licenses by January 1, 2018 and the League anticipates that the issuance of licenses will not occur much in advance of January 1, 2018. Thus, the AUMA provisions legalizing commercial nonmedical marijuana activity will not become operational until the state begins issuing licenses (likely in late-2017). The AUMA provisions legalizing personal use and cultivation of nonmedical marijuana took effect November 9, 2016. Question #2: Can private individuals cultivate nonmedical marijuana at home beginning November 9, 2016? Answer: Yes, within a private residence by a person 21 years and older for personal use. The AUMA provides that local governments can reasonably regulate, but cannot ban the personal indoor cultivation of up to six nonmedical marijuana plants per private residence. This includes cultivation in a greenhouse that is on the property of the residence but not physically part of the home, as long as it is fully enclosed, secure, and not visible from a public space. Because this activity is not subject to state licensing requirements, individuals may engage in personal indoor cultivation beginning November 9, 2016, unless a city enacts an ordinance imposing a reasonable regulatory scheme that would preclude them from doing so before complying with the city’s regulatory requirements. Local governments may regulate or ban all personal outdoor cultivation. However, the AUMA includes language purporting to repeal any ordinance that bans personal outdoor 1 Please consult your City Attorney before taking action to implement the AUMA. The answers to these FAQs may be different in your city based upon your municipal code, regulations, and policies. The answers do not constitute legal advice from the League of California Cities®. 2 cultivation upon the California Attorney General’s determination that nonmedical use of marijuana is lawful under federal law. Question #3: Is there a limitation on the number of marijuana plants that can be cultivated within a single residence? Answer: Yes. Not more than six living plants may be planted, cultivated, harvested, dried, or processed within a single private residence, or upon the grounds of that private residence, at one time. A “residence” is defined as a house, an apartment unit, a mobile home, or other similar dwelling. No matter how many persons over 21 years of age are living in a “residence,” only 6 living plants may be cultivated at one time. (Health & Safety § 11362.2(b)(3).) Question #4: Can a landlord ban the cultivation/smoking of marijuana on his or her property? Answer: Yes. An individual or private entity may prohibit or restrict personal possession, smoking, and cultivation of marijuana on the individual’s or entity’s privately owned property. A state or local government agency also may prohibit or restrict such activities on property owned, leased, or occupied by the state or local government. (Health & Safety §§ 11362.45(g) and (h).) Question # 5: Can a city ban personal indoor cultivation in all leased or multi-unit residences within the city? Answer: No. A city cannot prohibit personal indoor cultivation of marijuana in all leased or multi-unit residences within the city. However, because cities may reasonably regulate personal indoor cultivation, a city might be able to condition permit approval for personal indoor cultivation in a leased residence on the applicant receiving permission from his or her landlord. Question # 6: Does a city’s ban on commercial cultivation, personal outdoor cultivation, or retail sales of marijuana or marijuana products make it ineligible for state grant monies for law enforcement, fire protection, or other local programs addressing public health and safety associated with the implementation of Prop 64? Answer: Yes. If a city bans commercial cultivation, or personal outdoor cultivation, or retail sales of marijuana or marijuana products, it is ineligible to receive state grant monies funded through the new state excise taxes that take effect on January 1, 2018. (Revenue and Taxation Code § 34019(e)(3)(D).) Question #7: What does the AUMA say about possession, transporting, purchasing or giving away of non-medical marijuana? Answer: A person 21 years of age or older may possess, process, transport, purchase or give away to persons 21 years of age or older not more than 28.5 grams of marijuana in the non-concentrated form and not more than 8 grams of marijuana in a concentrated 3 form including marijuana products. If the AUMA passes, these activities will be lawful under state law and cannot be prohibited under local law. Question #8: Do cities that ban or regulate medical marijuana businesses need to update their ordinances to include nonmedical marijuana? Answer: Yes. The AUMA prohibits state licensing authorities from issuing a license to a commercial nonmedical marijuana business if operation of the business violates a local ordinance of the jurisdiction in which the business will operate. This means that a city wishing to adopt business or land use regulations prohibiting or regulating commercial nonmedical marijuana businesses must adopt an ordinance prior to the date the state begins issuing licenses, which the League anticipates will be in late 2017.2 Question #9: Can cities be confident that a permissive zoning code, by itself, provides sufficient protection against nonmedical marijuana businesses setting up shop without local approval? Answer: No. It is unlikely that cities will succeed in arguing that nonmedical marijuana land uses are prohibited by permissive zoning codes under the AUMA, because the AUMA does not contain the same protective language as the MMRSA with respect to permissive zoning. Therefore, cities that wish to ban all or some nonmedical marijuana activities should adopt express prohibitions, even if they operate under a permissive zoning code. Question #10: Are cities at risk of losing the opportunity to impose bans on personal outdoor cultivation if they don’t act until after the November election? Answer: No. A city may adopt an ordinance banning or regulating personal outdoor cultivation at any time. Question #11: Are cities at risk of losing the opportunity to impose bans on nonmedical marijuana businesses, if they don’t act until after the November election? Answer: No. However, if a city does not adopt an ordinance expressly banning or regulating nonmedical marijuana businesses before the state begins issuing state licenses nonmedical businesses, a state-licensed nonmedical marijuana business will be able to operate within its jurisdiction without local permission or permitting. This is due to a provision in the AUMA that provides that state licenses cannot be issued where the activity would violate a local ordinance. If a jurisdiction has no ordinance regulating nonmedical marijuana businesses, then the local regulatory scheme is silent on that type of activity, and the state can unilaterally issue a license under terms fully compliant with the AUMA. Cities may adopt an ordinance expressly banning or regulating such operations after the state begins to issue licenses, but it will be difficult to terminate the state licensee’s operations until the state license is up for renewal. Therefore, the best practice is to adopt an ordinance before the state begins issuing state licenses. 2 Please see Question #8 regarding the use of public roads for transportation and delivery. 4 Question #12: Can cities ban deliveries under the AUMA? Answer: Yes. Cities can ban deliveries within their territorial limits. However, cities cannot prevent the use of public roads for the delivery of marijuana. For example, if a licensed delivery company located in City A must travel on public roads through City B to make an authorized delivery in City C, City B cannot prohibit the licensed delivery company from travelling on public roads in City B to get to City C. In addition, cities may not prevent the use of public roads within its jurisdiction to transport nonmedical marijuana. Question #13: What is the best way for cities to notify the state licensing agencies of their local ordinances that regulate and/or prohibit commercial non-medical marijuana activities within their jurisdictions? Answer: Unless the state licensing agencies indicate otherwise, cities should mail copies of their local ordinances that regulate or prohibit commercial nonmedical marijuana activities within their jurisdictions to the Department of Consumer Affairs, the Department of Food and Agriculture, and the Department of Public Health. Cities should regularly check each Department’s website to ensure that this practice complies with any regulations the Departments may pass regarding notice of local ordinances. In addition, Cities should ensure that any updates or amendments to local ordinances that regulate or prohibit commercial nonmedical marijuana activities are promptly submitted to each Department. Question #14: What are the rules regarding taxation under the AUMA? Is it true that marijuana can no longer be subject to sales tax? Answer: Under the AUMA, there is a 15% state excise tax on recreational marijuana, but medical marijuana is exempt from state and local sales tax altogether. The rationale is that marijuana consumed for truly medical purposes is no different from conventional pharmaceuticals, which are also exempt from federal, state, and local sales tax. However, other forms of excise tax may be levied on all marijuana, whether medical or recreational. For example, a cultivation tax, a manufacturing tax, or the most common, a business license tax may still be levied at the local level on any commercial marijuana activity. But note, because the AUMA levies a state excise tax of 15% on recreational marijuana, all local governments have reason to be concerned about the cumulative tax rate when local tax levies are added to that. For that reason, locals are encouraged to look at existing local taxes and to assess what marijuana-related revenue streams may be derived from those sources before levying additional taxes that are specific to marijuana. City of Palo Alto (ID # 8194) Policy and Services Committee Staff Report Report Type: Action Items Meeting Date: 6/13/2017 City of Palo Alto Page 1 Summary Title: Recommend RFP for Cubberley Community Center Master Plan Title: Request for Proposals for a Consulting Firm to Assist the City of Palo Alto and Palo Alto Unified School District With Master Planning of the Cubberley Community Center From: City Manager Lead Department: Community Services Recommendation Staff recommends that the Policy and Services Committee recommend Council direct the Community Services Department to release a Request for Proposals for a Consulting Firm to assist the City of Palo Alto and Palo Alto Unified School District with master planning of the Cubberley Community Center. Background The Cubberley Community Center is located on a 35-acre site in south Palo Alto that was previously home to Cubberley High School until 1979. Of the 35 acres, the Palo Alto Unified School District (PAUSD) owns 27 acres and the City of Palo Alto owns 8 acres. The City has leased PAUSD’s 27 acres since January 1, 1990 and operates the community center on the combined 35 acre site. The lease has since been amended multiple times and the current amendment will expire in December 2019. The lease amendment includes a condition that the City and PAUSD will jointly develop a master plan for the entire site by December 31, 2019 and shall meet and confer to determine the scope and funding for the preparation of the plan. A Cubberley Citizens Advisory Committee (CCAC) representing a cross-section of Cubberley tenants, city-wide neighborhoods, schools and city-wide representatives, and other relevant organizations, was formed in 2012 to cooperatively explore all practical joint uses of the Cubberley campus for both educational and community service needs. Several sub-committees were formed focusing on school needs, community needs, facilities, and finance. Additionally, a Policy Advisory Committee consisting of City Council members and School District Board members was created. The result of the CCAC process was the recommendation that the site be designed for shared City / City of Palo Alto Page 2 School District use and for the City and the School District to work cooperatively toward a phased development to support both school and community needs. The final report of the CCAC can be found at http://www.cityofpaloalto.org/civicax/filebank/documents/33455. On March 9, 2016, City Manager Jim Keene and PAUSD Superintendent Max McGee signed a Cubberley Futures Compact to demonstrate the commitment between the City and the School District to collaboratively plan for the future of the 35-acre Cubberley site. Since then, City staff have had conversations with design thinking teams at Stanford’s d.school and IDEO to better understand the role that design thinking techniques could have in planning for the future of Cubberley. City and PAUSD staff have been working closely together to develop a scope of work that will be used to request proposals from consulting firms who are experienced in master planning, design thinking and stakeholder engagement. The scope of work has gone through multiple iterations as the school district further analyzed their enrollment projections and potential future needs for Cubberley. Discussion Both the City and PAUSD have an interest in developing a plan for the 35-acre site to meet the future educational, recreational, and community needs of PAUSD, Palo Alto and the community and have committed to collaborating on the future use of the entire Cubberley site. The City has a broad vision for a community center that provides a multi-cultural learning environment and supports social, emotional and physical health for all ages and abilities. The City is ready to define the function and form of a new center on its eight acres and the City has established a Cubberley Community Center Master Plan Capital Improvement Plan in the City of Palo Alto Fiscal Year 2017 Capital Budget (Project Number CB-16001). PAUSD is concurrently evaluating the best possible future use of their 27 acres. The overriding consideration to PAUSD regarding Cubberley is projected school enrollment, administrative facility needs and other extended educational needs. The current data for PAUSD enrollment projections do not support development of Cubberley in the near- term or mid-term for an additional school, with their time horizon being 10 or more years before the possible need could emerge. PAUSD has expressed their commitment to collaborating on the Cubberley master planning process. Even though the time horizon for rebuilding parts or all of Cubberley may be different for the City and PAUSD the two agencies are committed to developing a comprehensive master plan that supports the interests of the community. City and PAUSD staff have drafted a scope of work for the master planning process which is described below. Scope of Work With the assistance of a consulting firm experienced in creative and effective public engagement design thinking processes, the City and PAUSD will lead a collaborative City of Palo Alto Page 3 group of staff from both organizations, as well as community stakeholders in a master planning process that will include an evaluation of the community’s assets and opportunities related to education, recreation and wellness. The master planning process will build on the previous work of the CCAC to develop an effective and comprehensive master plan for the Cubberley Community Center site. The goal is to create an inclusive yet flexible process that can accommodate changing needs for the immediate and long term future of the site. The outcome will be a process that is inclusive, adaptable, and synergizes multiple uses while meeting our timeline and shared vision. The tasks included in the scope of work are grouped into two separate phases. The first phase is focused on developing a plan for efficient yet productive community engagement, and developing conceptual designs for Cubberley. At the completion of Phase One, we can expect to have three to six conceptual design scenarios that will be reviewed by Council, PAUSD Board of Education and the community. These scenarios will be developed with the stakeholder group, and will consider community input and results of the asset and opportunity evaluation. Phase One includes the following tasks: TASK 1: DEVELOP WORKPLAN TASK 2: REVIEW FINAL REPORT OF THE CUBBERLEY COMMUNITY ADVISORY COMMITTEE TASK 3: DEVELOP A STAKEHOLDER AND COMMUNITY ENGAGEMENT PLAN TASK 4: COMMUNITY ASSET EVALUATION TASK 5: VISIONING WORKSHOP TASK 6: DESIGN THINKING WORKSHOPS TASK 7: DEVELOPMENT OF CONCEPTUAL DESIGNS Phase two will consolidate what was learned in phase one into a Master Plan document, including a preferred conceptual design alternative based on feedback received from Council and the Board of Education. Phase two will only be initiated after the consultant has successfully completed phase one. At the end of the second phase, we can expect to have a Final Master Plan with preferred conceptual design, and a completed environmental review that complies with the California Environmental Quality Act. Tasks included in phase two are: TASK 8: DRAFT CUBBERLEY MASTER PLAN REPORT AND SCHEMATICS TASK 9: COMMUNITY MASTER PLAN REVIEW MEETING TASK 10: CITY AND PAUSD COMMISSIONS, BOARDS AND COUNCIL STUDY SESSIONS TASK 11: CALIFORNIA ENVIRONMENTAL QUALITY ACT (CEQA) REVIEW TASK 12: FINAL CUBBERLEY MASTER PLAN Timeline The scope of work will be presented for review and input at the following meetings: City of Palo Alto Page 4 June 13, 2017 – City Policy and Services Committee June 20, 2017 – PAUSD Board of Education August 2017 – City Council August 2017 - PAUSD Board of Education It is expected that a Request for Proposals will be released in late August or September 2017 with the goal of having a contract in place by December 2017. Resource Impact Cubberley Community Center Master Plan is included in the FY18 proposed Capital Budget (Project Number CB-16001) providing $414,877 from the Cubberley Property Infrastructure Fund. A cost sharing agreement with PAUSD will need to be finalized prior to executing a professional service agreement for the master planning work. Policy Implications This project is related to Comprehensive Plan Goal C-4, which states, “Attractive, well- maintained facilities that serve Palo Alto residents.” Policy C-24 states, “Reinvest in aging facilities to improve their usefulness and appearance. Avoid deferred maintenance of City infrastructure” and specifically references development of a Cubberley Master Plan in Program C-19. The Draft Parks, Trails, Natural Open Space Recreation Master Plan identifies Cubberley as a “unique opportunity site”, and includes redevelopment of the Cubberley Community Center as a high priority and high urgency project. Additionally, the Draft Parks, Trails, Natural Open Space Recreation Master Plan includes the following Policy and Program, under Goal 2: Enhance the capacity, quality and variety of uses of the existing system of parks, recreation and open space facilities and services. Policy 2.A: Sustain the community’s investment in parks and recreation facilities. Program 2.A.1 Collaborate with Palo Alto Unified School District to develop and implement a vision and master plan for the future of the Cubberley Community Center. Attachments: Att A: PA_Cubberley Scope 5-30-17 DRAFT SCOPE OF WORK 05/30/17 1 Master Plan and Visioning - Cubberley Community Center The City of Palo Alto and Palo Alto Unified School Goal To collaboratively develop a community vision and master design plan for the Cubberley Community Center that is innovative, flexible and adaptable. Purpose The Cubberley Community Center is located on a 35-acre site in south Palo Alto that was previously home to Cubberley High School until 1979. Of the 35 acres, the Palo Alto Unified School District owns 27 acres and the City of Palo Alto owns 8 acres. The City leases PAUSD’s 27 acres and operates the community center facility including athletic fields and tennis courts on the combined 35 acre site. The current lease between the City and PAUSD will expire in December 2019. In March 2016, Palo Alto’s City Manager and PAUSD’s Superintendent signed the Cubberley Futures Compact demonstrating their “commitment to jointly and cooperatively work toward a vision for the future that has the maximum impact for the common good” of the Palo Alto community and future generations. Both the City and PAUSD have an interest in developing a plan for the 35 acre site to meet the future educational, recreational, and community needs of PAUSD, Palo Alto and the community and have committed to collaborating on the future use of the entire Cubberley site. The City has a broad vision for a community center that provides multi-cultural learning environment that supports social, emotional and physical health for all ages and abilities. The City is ready to define the function and form of a new center on its eight acres and the City has established a Cubberley Community Center Master Plan Capital Improvement Plan in the City of Palo Alto Fiscal Year 2017 Capital Budget (Project Number CB-16001). PAUSD is concurrently evaluating the best possible future use of their 27 acres. The overriding consideration to PAUSD regarding Cubberley is projected school enrollment, administrative facility needs and other extended educational needs. The current data for PAUSD enrollment projections do not support development of Cubberley in the near-term or mid-term for an additional school, with their time horizon being 10 or more years before the possible need could emerge. While there are two discreet property-owners (City and PAUSD) within the 35 acres, the master planning process must recognize the benefit of planning the 35 acres collaboratively so opportunities for maximizing and sharing public space are included and the most benefit to the community is provided. With the assistance of a consulting firm experienced in creative and effective public engagement design thinking processes, the City and PAUSD will lead a collaborative group of staff from both organizations, as well as community stakeholders in a needs assessment and master planning process. The goal is to create an inclusive yet flexible process that can accommodate changing needs for the immediate and long term future of the site. The outcome will be a process that is inclusive, adaptable, and synergizes multiple uses while meeting our timeline and shared vision. The City and the PAUSD are seeking a design team that will partner with the community and build on the previous work of the CCAC to develop an effective and comprehensive master plan for the Cubberley Community Center site. Background A Cubberley Citizens Advisory Committee (CCAC), representing a cross-section of Cubberley tenants, city-wide neighborhoods, schools and city-wide representatives, and other relevant organizations, was formed in 2012 to cooperatively explore all practical joint uses of the Cubberley campus for both DRAFT SCOPE OF WORK 05/30/17 2 educational and community service needs. Four sub-committees were formed to focus on: 1) school needs; 2) community needs; 3) facilities; and 4) finance. Additionally, a Policy Advisory Committee consisting of City Council members and School District Board members was created. The result of the CAC process was the recommendation that the site be designed for shared City / School District use and for the City and the School District to work cooperatively toward a phased development to support both school and community needs. The Master Plan and visioning process will consider the prior work of the Cubberley Citizens Advisory Committee (CCAC) including the Final Report of the CCAC that was completed in 2013. (http://www.cityofpaloalto.org/gov/agendas/cubberley_community_advisory_committee.asp) Scope of Work Phase One TASK 1: DEVELOP WORKPLAN Consultant will work with City and PAUSD staff to finalize a detailed schedule of work for Tasks 2 through 5, including which tasks can be conducted in parallel, critical path tasks, key decision points and frequency of regular project team meetings/conference calls. All existing information that will be provided by the City and PAUSD will be identified in this task. Meetings to Include: • Meeting with City and PAUSD staff to review draft scope and schedule Deliverables: Draft scope and schedule Final scope and schedule Request for information letter TASK 2: REVIEW FINAL REPORT OF THE CUBBERLEY COMMUNITY ADVISORY COMMITTEE Consultant will review the 2013 Final Report of the Cubberley Community Advisory Committee and all supporting and background material, meeting notes, including subcommittee meeting notes. Meetings to Include: • None Deliverables: None TASK 3: DEVELOP A STAKEHOLDER AND COMMUNITY ENGAGEMENT PLAN Consultant will develop a stakeholder and community engagement plan that will guide community outreach during the Master Plan process, including specific charge of the group, timing of stakeholder participation, and number and format of stakeholder workshops and community meetings. The stakeholder group will be created through a public application process with final selection of the group by the City Manager and PAUSD Superintendent. DRAFT SCOPE OF WORK 05/30/17 3 Meetings to Include: • Stakeholder Advisory Group workshops (number of workshops identified in tasks 5 and 6) Community meetings (number tbd) Deliverables: Stakeholder and Community Engagement Plan Stakeholder workshop agendas and outcome summaries TASK 4: COMMUNITY ASSET EVALUATION Consultant will conduct an evaluation of the community’s recreational, educational and cultural assets to identify opportunities for Cubberley that address community preferences and fill existing gaps in services and programs, while maximizing public resources. The evaluation will use existing information to be provided by PAUSD and City (for example; existing uses of Cubberley Community Center, results of the City of Palo Alto’s Parks, Trails, Open Space and Recreation Master Plan outreach efforts and Comprehensive Plan Update, PAUSD enrollment data and future projections, the report of the PAUSD Enrollment Management Advisory Committee, PAUSD youth and extracurricular programs), as well as other relevant data identified by Consultant (for example; projected local, regional and national trends in education and recreation). Consultant will identify where gaps exist and develop a plan to fill those gaps and obtain additional data, if needed. Consultant will prepare a draft report and a final report that consolidates the findings and recommendations of this task. Meetings to Include: • Stakeholder Advisory Group workshops (number tbd) Community meetings (number tbd) Presentation of final asset evaluation report to project team Presentation to City/School Liaison Committee Deliverables: Draft memorandum summarizing findings of asset evaluation including inventory list of existing data reviewed, gaps identified in data, and plan for collecting additional information Draft memorandum summarizing findings of additional data collection efforts Final asset evaluation report and recommendations approved by City and PAUSD TASK 5: VISIONING WORKSHOP Consultant will design and lead a workshop with the Stakeholder Advisory Group to develop the vision, goals and guiding principles that will inform the direction and desired outcomes of the master planning effort. Consultant will develop a decision-making process that will be used throughout the master planning effort and will present this process at the workshop for discussion and agreement. Meetings to Include: • Workshop with City and PAUSD staff and Stakeholder Advisory Group (number tbd) Deliverables: Workshop agenda DRAFT SCOPE OF WORK 05/30/17 4 Memorandum outlining decision-making process Workshop notes to include, at a minimum, the vision statement and goals TASK 6: DESIGN THINKING WORKSHOPS Consultant will apply a design thinking approach to facilitate a series of workshops with City/PAUSD staff and the Stakeholder Advisory Group. Using creativity and innovative tools, the workshops will generate facility and program concepts that will ultimately guide development of the Master Plan. Meetings to Include: • Workshops with City and PAUSD staff and Stakeholder Advisory Group (number tbd) Deliverables: Workshop agendas Workshop summaries Three or more facility and program concepts for the 35 acre site Presentation to School Board and City Council on facility and program concepts TASK 7: DEVELOPMENT OF CONCEPTUAL DESIGNS Based on the results of Tasks 2 – 6, Consultant will prepare a minimum of three and a maximum of six conceptual designs for a future Cubberley facility layout and type of programming the facility layout would support. The concepts will reflect the outcome of the asset evaluation, visioning workshop and design thinking workshops. Each conceptual design will identify the location of different program elements such as education, recreation, and wellness. Multi-purpose, flexible spaces as well as potential shared spaces will also be called out. The scenarios will be presented to the community, commissions, City Council and PAUSD for review. Meetings to Include: • Project Team Meeting • Stakeholder Advisory Group meeting • Community Meetings • Parks and Recreation Commission • City/School Liaison Committee • City Council • PAUSD Board of Education Deliverables: Three to six conceptual designs in electronic, print and display formats Presentation to School Board and City Council on facility and program concepts Meeting notes DRAFT SCOPE OF WORK 05/30/17 5 PHASE 2 (Note: Scope and compensation for Phase 2 tasks will be negotiated following the successful completion of Phase 1.) TASK 8: DRAFT CUBBERLEY MASTER PLAN REPORT AND SCHEMATICS Building off the conceptual designs and subsequent feedback received (Task 7), Consultant will prepare a draft Master Plan for the 35 acre Cubberley. The draft Master Plan will include different scenarios for maintaining, modifying, and reconstructing the site and facilities, including site schematics and cost estimates to serve short, medium and long term needs of the community. Potential funding scenarios will be included. Meetings to Include: • Stakeholder Advisory Group meeting • Project Team Meeting • Parks and Recreation Commission • City/School Liaison Committee Deliverables: Staff project review meeting Stakeholder Advisory Group meeting agenda, presentation and summary City and PAUSD Staff Project Review Team meeting agenda, presentation and summary Presentation to Parks and Recreation Committee Presentation to City/School Liaison Committee Administrative Draft Master Plan Report Outline Administrative Draft Master Plan Report Public Draft Master Plan Report TASK 9: COMMUNITY MASTER PLAN REVIEW MEETING Consultant will design a community-wide review meeting to solicit feedback on the Draft Master Plan Report and schematics. Meetings to Include: • Community Master Plan review meeting (multiple meetings may be considered) Deliverables Community Meeting agenda, presentation and summary TASK 10: CITY AND PAUSD COMMISSIONS, BOARDS AND COUNCIL STUDY SESSIONS Consultant will develop a presentation and walk-through of the Draft Master Plan Report and schematics for the City’s Parks and Recreation Commission, Architectural Review Board, Planning and Transportation Commission and Historical Review Board for input and feed-back. Consultant will incorporate feedback received and prepare a presentation for a City Council study session. A PAUSD Board of Education will be scheduled if needed. Meetings to Include: Parks and Recreation Commission Study Session DRAFT SCOPE OF WORK 05/30/17 6 Planning and Transportation Commission Study Session Architectural Review Board Study Session Historical Review Board Study Session City/School Liaison Meeting City Council Study Session (if needed) PAUSD Board of Education Study Session (if needed) Deliverables Meeting staff reports, presentations and summaries TASK11: CALIFORNIA ENVIRONMENTAL QUALITY ACT (CEQA) REVIEW Consultant will complete the appropriate programmatic CEQA review in parallel with Task 10 below. Consultant will prepare for and lead all public hearings associated with the CEQA process. Meetings to Include: Project Team Meeting Public Hearing(s) Parks and Recreation Commission Architectural Review Board City Council Meeting Deliverables: CEQA Initial Study Checklist Administrative Draft CEQA document Public Draft CEQA document Response to public comments Final CEQA document TASK 12: FINAL CUBBERLEY MASTER PLAN Based on the combined input of City Boards, Commissions, City Council and the community, Consultant and the Staff Project Team will identify the necessary revisions and update the Draft Master Plan Report to reflect the input received. The site schematics will be revised in parallel as part of this effort. This revised document will be finalized as the Revised Draft Cubberley Master Plan. This version of the document will be presented to the City’s Commissions for their review and recommendations and to City Council for adoption, along with the CEQA document prepared in Task 9. Meetings to Include: Project Team Meeting Parks and Recreation Commission Study Session Parks and Recreation Commission Meeting – Recommend Approval of the Master Plan City Council Meeting Additional City Commission meetings as needed PAUSD Board of Education Meeting Deliverables: Administrative draft Cubberley Master Plan Project Team meeting agenda, presentation and summary Parks and Recreation Commission meeting agendas, presentations and summaries DRAFT SCOPE OF WORK 05/30/17 7 City Council meeting presentations Board of Education meeting presentations Final Adopted Cubberley Master Plan City of Palo Alto (ID # 8179) Policy and Services Committee Staff Report Report Type: Action Items Meeting Date: 6/13/2017 City of Palo Alto Page 1 Summary Title: Status Update of Audit Recommendations for Contract Oversight Audit Title: Staff Recommendation that the Policy and Services Committee Recommend the City Council Accept the Status Update of the Audit for Contract Oversight: Trenching and Installation of Electric Substructure From: City Manager Lead Department: Utilities Recommendation Staff recommends the Policy and Services Committee recommend that the City Council accept the attached Status of Audit Recommendations for the Contract Oversight: Trenching and Installation of Electric Substructure Audit. Background The City Auditor’s Office previously issued an audit regarding contract oversight of a trenching and installation of electric substructure. The objective of the audit was to determine if the Utilities Department effectively managed its $1.9 million contract with Casey Construction, Inc. for trenching services and the installation of electric substructure, in accordance with contract terms, the City of Palo Alto Municipal Code, and relevant policies and procedures. The Utilities and Administrative Services Departments have completed four of the six open recommendations. They 1) implemented procedures to meet with the appropriate parties when there are large variances between the lowest and second lowest bid or the City’s estimate, 2) established a process for verifying and ensuring consistency in figures reported in staff reports to Council, 3) issued a request for proposals for and selected and implemented a hosted, web-based, E-procurement solution software system, and 4) developed a vendor evaluation form to address vendor performance, responsiveness, quality of work, change orders, delays, and issues prior to contract renewal. The attached report (Attachment A) provides an update on the status of the two remaining recommendations. Staff has been working to implement the Auditor’s recommendations. Utilities has completed contract administration training and will seek additional training for procurement, project management and risk management on an as-needed basis. Utilities has City of Palo Alto Page 2 also established general project management guidelines (Attachment B) including roles and responsibilities, scheduling, change orders, negotiations, payments and contract closing. Utilities will continue to work toward uniform implementation of the guidelines and usage of the forms. Administrative Services has and continues to collaborate with the City Attorney’s Office on further developing the Invitation for Bid (IFB) Template on a regular basis. The latest revision is made available and in use. This collaborative effort now includes the new “Design- Build” templates. Contracts are regularly being uploaded into Planet Bids Contracts Management Module. On boarding department project managers is forthcoming. Staff is still in the process of completing the two remaining recommendations. 1) The Project Coordinator position remains vacant as Utilities redefines the contract administration and project management responsibilities of the position to better address department needs. 2) A vendor evaluation form has been drafted but has not been implemented. The purpose of the evaluation form is to monitor the performance of the vendor and identify any incidents that occurred during the project. Utilities will work with Administrative Services on implementing the form. Attachments: Attachment A: Status Update of Audit Recommendations for Contract Oversight Audit Attachment B: Project Management Guidelines STATUS OF AUDIT RECOMMENDATIONS CONTRACT OVERSIGHT: TRENCHING AND INSTALLATION OF ELECTRIC SUBSTRUCTURE – ISSUED 10/30/13 PAGE 1 The City Manager has agreed to take the following actions in response to the audit recommendations in this report. The City Manager will report progress on implementation six months after the Council accepts the audit report, and every six months thereafter until all recommendations have been implemented. Recommendation Responsible Department Original Target Date and Response Current Status Implementation Update and Expected Completion Date Finding 3: The Utilities Department did not enforce contract billing terms that were the basis. 5. The Utilities Department should work with ASD to review existing contract performance management policies and develop procedures to ensure staff appropriately administers the City’s contracts. Procedures should address the following areas: ● Monitoring of contractor billings to ensure accuracy and compliance with contract terms. ● Ensuring contracts are appropriately and timely modified, if required. Administrative Services and Utilities Departments 3/31/14 Utilities staff is formalizing the process by which contractor work is requested, approved, inspected, reviewed, and invoiced. Utilities will hire a Project Coordinator to assist Engineering in administrating contracts, verifying invoices, and processing payments. Utilities will be requesting for similar positions in Operations and Customer Support Services in the 2014 mid‐year budget. Utilities will also develop a tracking mechanism to monitor contractor work, reconcile invoices, and verify payments. ASD will conduct a review of the entire purchasing process citywide. The departments will collaborate to bring contract management training to appropriate staff. This training will be rolled out to all departments. In Progress June 2017 Management Update: Utilities has completed contract administration training and will seek additional training for purchasing, project management and risk management on an as-needed basis. Utilities has established general project management guidelines including roles and responsibilities, scheduling, change orders, negotiations, payments and contract closing. Utilities will continue to work toward uniform implementation of the guidelines and usage of the forms. The Project Coordinator position remains vacant as Utilities redefines the contract administration and project management responsibilities of the position to better address department needs. ASD has and continues to collaborate with the City Attorney’s Office on further developing the IFB Template on a regular basis. The latest revision is made available and in use. This collaborative ATTACHMENT A STATUS OF AUDIT RECOMMENDATIONS CONTRACT OVERSIGHT: TRENCHING AND INSTALLATION OF ELECTRIC SUBSTRUCTURE – ISSUED 10/30/13 PAGE 2 Recommendation Responsible Department Original Target Date and Response Current Status Implementation Update and Expected Completion Date effort now includes the new “Design-Build” templates. Contracts are regularly being uploaded into Planet Bids Contracts Management Module. On boarding department project managers is forthcoming. Meanwhile ASD is also considering contracts management in an Electronic Document Management System (EDMS), as with ARC’s “Infolink” platform, for public record management functionalities, like contract management. Expected Completion Date: December 2017: December 2015 Management Update: In February 2015, construction contract management training was conducted in conjunction with PWD and ASD. The training covered procurement, project manager responsibilities, project scheduling, change order requests, claims, payments and project closure. In October 2015, ASD provided citywide training on compliance to the new prevailing wage requirements for construction and improvement contracts. The training identified the roles and responsibilities of Purchasing and project managers and reporting requirements to the Department of Industrial Relations. The Utilities Project Coordinator position is currently vacant in Engineering. Utilities is currently reassessing the job classification for this role and evaluating the need for a higher Project Manager classification. Staff will recruit for the position in 2016. Until the position is filled, the project managers will continue administering STATUS OF AUDIT RECOMMENDATIONS CONTRACT OVERSIGHT: TRENCHING AND INSTALLATION OF ELECTRIC SUBSTRUCTURE – ISSUED 10/30/13 PAGE 3 Recommendation Responsible Department Original Target Date and Response Current Status Implementation Update and Expected Completion Date the contracts with support from administrative staff on invoice verification and payments. All contract, invoice and supporting documentations are managed in a central shared drive. The Invitation for Bid (IFB) template is currently in the process of being revised to simplify and coordinate language between other sections of the contract; the boilerplate language should be completed by the second half of 2016. The firm that ASD selected to implement an invoice management system was unable to deliver on the scope as planned in 2015. ASD will evaluate the possibility of acquiring another invoice management solution or consider waiting until the new ERP system is implemented with built in invoice management. Expected Completion Date: Q4 2016 June 2014 Management Update: Utilities has developed contract management guidelines and a project charter for large construction projects and professional services. These contracts and documents are stored on a centralized SharePoint website. Utilities Engineering hired a Project Coordinator in March 2014 to assist with contract administration and project management. The coordinator has developed a contract database, coordinated project management training, and formalized policies and procedures. Utilities Operations reclassified a position in the FY 2015 to assist with contract and inventory management. Utilities is working with the City Attorney's Office to strengthen the boilerplate language in the IFB and STATUS OF AUDIT RECOMMENDATIONS CONTRACT OVERSIGHT: TRENCHING AND INSTALLATION OF ELECTRIC SUBSTRUCTURE – ISSUED 10/30/13 PAGE 4 Recommendation Responsible Department Original Target Date and Response Current Status Implementation Update and Expected Completion Date professional service contract templates. ASD hired a consultant to perform an independent review of the entire purchasing process. The review recommended a new purchasing system, increased training, and additions to the Purchasing Manual among other recommendations. Staff is in the process of implementing the recommendations. ASD has selected an online invoice management system to improve the review, approval and tracking invoices received by the City. This system will be implemented in 2015 and will provide increased accountability and visibility into the invoice review and payment process. Expected Completion Date: 6/30/15 Finding 4: The Utilities Department did not appropriately manage its contract with Casey Construction, Inc. to ensure the City’s projects were completed in accordance with plans and cost estimates. 6. The Utilities Department should work with ASD to review existing contract performance management policies and develop procedures to ensure staff appropriately administers the City’s contracts. Procedures should address the following areas: Roles and responsibilities for the contract administrator and any additional training requirements for staff. Monitoring of contractor performance. Ensuring payments are made only for services and materials included in the contract scope. Administrative Services and Utilities Departments Recommendation 5 & 6 are similar. See response to recommendation 5. In Progress June 2017 Management Update: Utilities has established general project management guidelines including roles and responsibilities, scheduling, change orders, negotiations, payments and contract closing. Utilities will continue to work toward uniform implementation of the guidelines and usage of the forms A vendor evaluation form has been drafted but has not been implemented. The purpose of the evaluation form is to monitor the performance of the vendor and identify any incidents that occurred during the project. Utilities will work STATUS OF AUDIT RECOMMENDATIONS CONTRACT OVERSIGHT: TRENCHING AND INSTALLATION OF ELECTRIC SUBSTRUCTURE – ISSUED 10/30/13 PAGE 5 Recommendation Responsible Department Original Target Date and Response Current Status Implementation Update and Expected Completion Date Ensuring there is an adequate process and documentation to show planned work has been completed. with ASD on implementing the form. Expected Completion Date: December 2017 December 2015 Management Update: Utilities is monitoring contractor performance through routine inspections, weekly meetings and communication. During inspections, staff reviews and verifies the contractor’s performance by documenting and signing off the work completed (i.e. number of boxes installed, footage of pipe installed). In the weekly meetings, staff reviews the work schedule, scope of work, claims and change orders with the contractor. ASD has updated the City’s procurement training guide including contract administration roles and responsibilities, process workflow, best practices and common pitfalls. ASD will continue to provide procurement training annually and update the guide on an as-needed basis (eg., to reflect changes to prevailing wage laws). http://cityconnect.staff.copa/civica/filebank/blobdload. asp?BlobID=4255 ASD implemented PlanetBids as the City’s new eProcurement solution. PlanetBids includes a contract management module that provides a structure for managing contracts. This module of PlanetBids will be rolled out to departments beginning in 2 2016. Expected Completion Date: Q2 2016 June 2014 Management Update: Roles, responsibilities, STATUS OF AUDIT RECOMMENDATIONS CONTRACT OVERSIGHT: TRENCHING AND INSTALLATION OF ELECTRIC SUBSTRUCTURE – ISSUED 10/30/13 PAGE 6 Recommendation Responsible Department Original Target Date and Response Current Status Implementation Update and Expected Completion Date and workflow for contract administration are documented and saved on SharePoint. Utilities Engineering completed a mandatory 3-day project management course in July 2014. ASD provided purchasing and contract administration training to the Executive Team and City staff in 2013 and 2014. This training will continue in 2014 and 2015 as part of an ongoing purchasing training curriculum for City staff. Additional Contract administration training is planned for November 2014 with Purchasing and City Attorney's Office. See responses above related to vendor performance review and new invoice management system. Expected Completion Date: 6/30/15 IFB CONSTRUCTION CONTRACT Successfully plan and manage your project’s constructions contracts between your Contractors and the City of Palo Alto by staying within compliance according to the Contract Documents. Construction Contract Management for Project Managers’ Guidelines ATTACHMENT B IFB Contracts | The Project Manager’s Guidelines Revision Draft 03 | December 19, 2014 Page | 1 Contents PROJECT MANAGEMENT ...................................................................................................................... 3 Overview .................................................................................................................................................................................. 3 Guidelines ............................................................................................................................................................................... 3 Project Manager’s Responsibilities: ......................................................................................................................... 3 PLANNING .................................................................................................................................................................. 4 INITIATING A CONTRACT ............................................................................................................................................ 4 BUDGET ...................................................................................................................................................................... 5 COMPLIANCE ............................................................................................................................................................. 6 SCHEDULE ................................................................................................................................................................. 6 CLOSING .................................................................................................................................................................... 6 1. SCHEDULES & DELAYS ................................................................................................................. 8 Process Steps ......................................................................................................................................................................... 8 Project Manager’s Responsibilities: ......................................................................................................................... 8 Project Manager’s Delay Analysis Summary:......................................................................................................... 10 Contractor’s Responsibilities: ................................................................................................................................. 12 Process Flowchart: ................................................................................................................................................... 14 2. CHANGE ORDERS ........................................................................................................................ 15 Objective ............................................................................................................................................................................... 15 Process Steps ...................................................................................................................................................................... 15 Changes to the Contract: ........................................................................................................................................ 15 Project Manager’s Responsibilities: ....................................................................................................................... 17 Field Order: .............................................................................................................................................................. 19 Change Order Request Form: ................................................................................................................................. 20 Contract Change Order Form: ................................................................................................................................. 21 Contractor’s Responsibilities: ................................................................................................................................. 22 Process Flowchart: ................................................................................................................................................... 24 3. CLAIMS ......................................................................................................................................... 25 Process Steps ...................................................................................................................................................................... 25 Contractor’s Claim Requirements: ......................................................................................................................... 25 Project Manager’s Responsibilities: ....................................................................................................................... 25 Summary ...................................................................................................................................................................... 27 4. DISPUTES ..................................................................................................................................... 28 Process Steps ...................................................................................................................................................................... 28 Project Manager’s Responsibilities: ....................................................................................................................... 28 Contractor’s Dispute Requirements: ...................................................................................................................... 28 Both Parties’ (Contractor / City) Requirements: .................................................................................................... 28 Summary .............................................................................................................................................................................. 30 IFB Contracts | The Project Manager’s Guidelines Page | 2 Revision Draft 03 | December 19, 2014 5. REQUEST FOR INFORMATION (RFI) ........................................................................................... 31 Process Steps ...................................................................................................................................................................... 31 Project Manager’s Responsibilities: ....................................................................................................................... 31 6. TERMINATIONS / SUSPENSIONS .............................................................................................. 33 Process Steps ...................................................................................................................................................................... 33 Project Manager’s Responsibilities: ....................................................................................................................... 33 Contractor’s Responsibilities: ................................................................................................................................. 35 Emergency Termination of Contract: ...................................................................................................................... 38 7. STOP PAYMENT NOTICES & PAYMENT BONDS ....................................................................... 40 Overview ............................................................................................................................................................................... 40 Project Manager’s Responsibilities: ....................................................................................................................... 40 Stop Payment Notice Flowchart: ............................................................................................................................ 42 Reference Table: ..................................................................................................................................................... 43 8. CLOSING ....................................................................................................................................... 44 Overview ............................................................................................................................................................................... 44 Project Manager’s Responsibilities: ....................................................................................................................... 44 Contractor’s Closing Requirements:..................................................................................................................... 456 Closing Flowchart: ................................................................................................................................................. 478 DEFINITIONS ........................................................................................................................................ 49 IFB Contracts | The Project Manager’s Guidelines Revision Draft 03 | December 19, 2014 Page | 3 Project Management Guidelines Overview These Project / Contract Management Guidelines (the “Guidelines”) cover the issues involved in managing large construction contracts. The key strategies for successful project / contract management are: » Planning » Initiating a Contract » Budget » Compliance » Schedule » Closing Guidelines Project Manager’s Responsibilities: The Project Manager (PM) is responsible for: » Planning o Project Charter template o Project Charter Instructions » Initiating a Contract o Construction Contract: IFB (Invitation For Bid) See Purchasing Manual for detailed instructions o Prepare Work Scope o Prepare Technical Specifications WGW Standards Electric Standards Electric Drawing Specifications Public Works Standards o Prepare Special Provisions o Bidding Process with Purchasing » Budget o Monitor that the project stays within budget o Verify and pay invoices » Compliance o Monitor that the Contractor follows all Contractual obligations o PM to initiate proper forms/responses when appropriate IFB Contracts | The Project Manager’s Guidelines Page | 4 Revision Draft 03 | December 19, 2014 Change Order Requests Contract Change Orders Field Orders Notice To Proceed (NTP) Amendment requests RFI Responses Accelerated Work Schedule Notice Default Notice Suspension with Cause Notice Termination with Cause Notice Suspension without Cause Notice Termination without Cause Notice Dispute / Claim collection of details » Schedule o Ensure the Contractor provides a current schedule every month o Monitor the schedule, ensuring that all milestones / deadlines are met » Closing o Closing Checklist o Upload permanent records according to your department’s requirements. For Example, Utilities Engineering uploads permanent records into DoxBrowser. PLANNING Planning begins with the Project Charter. The Project Charter walks you through the project in detail and assists you in planning out the project and assists in ensuring that important information is not missed. Walk through the Project Charter template with your project team. This document should be filed in your Project folder. INITIATING A CONTRACT Once you have filled out the Project Charter template you will be able to identify an accurate scope. You will learn the following about your project during this planning process: » Background o Purpose of your project o Background that led up to the project o Justification for the project » Scope o High-level project description (who, when, and how?) o High-level requirements (what must be achieved?) o Measurable objectives (what must be delivered?) o Benefits vs Cost (which option?) o Success criteria (how will success be measured?) o Out of Scope » Uncertainty o Known project risks o Assumptions behind expectations IFB Contracts | The Project Manager’s Guidelines Revision Draft 03 | December 19, 2014 Page | 5 o Constraints and restrictions » Cost » Time » Stakeholders Good preparation of the work scope is essential in the foundation for successful project management. If you are unfamiliar with the type of project you’re assigned, do some research and find out if this type of construction (or similar) was performed before. » Were there any change orders, field orders, claims, delays, documents or any other details that will assist you in preparing your work scope? Understand what’s been done before and use that information to define a better Work Scope. Did a previous Contractor require any change orders to the Contract Documents? If so, why were there changes? Was something missed in a previous scope? » Were there any disagreements with a previous Contractor that arrived during the Contract Time, such as, was a Unilateral Change Order submitted? Disputes? Claims? With your accurate scope, you will need to create your technical specifications and special provisions for the project. Keep in mind that currently, the General Conditions, Article 3, of our contract include numerous specifications/rules the Contractor is required to follow that support specific types of work. Please become familiar with the standards that are already included in our contract’s general conditions so you do not duplicate any specifications or special provisions. When you have your final scope, technical specifications and special provisions you are ready to submit to the Purchasing Department whom will launch the bidding process. You will work with the Purchasing Department to qualify the Contractors, ensuring the winning bidder is capable of performing the work requested of them. BUDGET Once your Contractor is awarded the contract, you are responsible in keeping your project within budget. In order to stay within budget, the following helps: work from an accurate scope, ensure the Contractor stays on schedule, exercise your ability to counter any potential delays or changes, and respond immediately to requests for information. The PM is required to approve all invoices for their project. When you receive invoices, check all invoiced work orders against the daily tags received, check the invoice details against the As Built documents at the job site, add the project number to the invoice, add the cost center, sign, and submit the invoice to the office administrative assistant for SAP invoice parking. If your project is more complex, keep a log/record in MS Excel of all payments and invoices received. This will assist you in ensuring your contract amount is balanced and always known by you. IFB Contracts | The Project Manager’s Guidelines Page | 6 Revision Draft 03 | December 19, 2014 COMPLIANCE Keep your contract in compliance by submitting all appropriate forms and responses when needed. Monitor your Contractor that the work they are performing follows the contract. Once the Notice to Proceed (NTP) is submitted by you to the awarded Contractor, the monitoring of the Project has started. Within thirty (30) Days of the Notice To Proceed, Contractor shall provide City with a complete listing of all Subcontractors, which shall include, but not be limited to, the Work contracted for, Subcontractor’s name, address, telephone and facsimile numbers, form for doing business (i.e, sole proprietor, corporation, partnership), point-of-contact and Subcontractor’s license classification and number. (page 97, Article 5.2.1) When you’re first made aware of a change needed by the Contractor (via Change Order Request form), address the change order request by submitting a Contract Change Order. If a change is requested by you or the Construction Manager, submit a Field Order to the Contractor. See Change Orders Guidelines for more detailed instructions. Should a Contractor submit a Request for Information (RFI) to you, respond in a timely manner. See Request for Information Guidelines for more detailed instructions. If you find that the Contractor is falling behind schedule and will not meet the completion date in the Contract, address the Delay immediately. See Delay / Scheduling Guidelines for more detailed instructions. When appropriate submit Notice of Defaults, Suspension with Cause Notice, Suspension without Cause Notice, Termination with Cause Notice, or Termination without Cause Notice. See Terminations / Suspension Guidelines for more detailed instructions. Should the Contractor submit a Claim or if you or the Contractor Disputes a change order request, address the situation immediately. See Claims Guidelines for more detailed instructions or see Disputes Guidelines for more detailed instructions. SCHEDULE The construction schedule should be received on a monthly basis, normally with the monthly invoice. If the Contractor is using MS Project, ask the Contractor to provide a Gantt chart showing the critical path. Being able to identify the critical path will be a useful tool later during the project should there be any delays that need to be accommodated for in the schedule. See Schedule & Delays Guidelines. CLOSING The purpose of closing out a Contract is to verify that both parties have fulfilled their contractual obligations and there are no responsibilities remaining. It is also a good time to IFB Contracts | The Project Manager’s Guidelines Revision Draft 03 | December 19, 2014 Page | 7 assess the success of the contract and to determine if there are any lessons learned for future contracting. To initiate the close out of a Contract, the PM should first determine if the Contractor has satisfactorily performed all required contractual obligations. A Contract is ready for close out when: » All deliverables/Submittals, including reports, Record Documents, other, have been delivered and accepted. » Contractor’s Affidavit received. We have a template file you may forward to your Contractor if they do not have one readily available. » Final payment has been made » All monitoring issues have been resolved » All property inventory and ownership issues are resolved including disposition of any equipment or licenses purchased under the contract » Final acceptance from the Project Manager has been received » Contractor is aware of and in compliance with records retention requirements » Any deficiencies found are documented and communicated. » All liens/stop notices have been cleared. » Project has been recorded by the County When closing out a contract, ensure you’ve completed the final Closing Checklist. If all work is complete, then the contract may be closed. Once the final payment has been mailed, email the Purchasing Department that the contract is complete and may be closed in the system. Upload all permanent records appropriately. IFB Contracts | The Project Manager’s Guidelines Page | 8 Revision Draft 03 | December 19, 2014 1. Schedules & Delays Process and Procedures Process Steps Project Manager’s Responsibilities: In order to insure a project is on schedule, the Project Manager (PM) must review all schedules that are received. The PM should receive updated schedules with every invoice and receive an updated schedule no later than 30 days from the previous updated schedule received from the Contractor. The updated schedules should be thoroughly reviewed and assessed that all milestones scheduled are being met and that the project is moving at a pace that will meet the completion date of the project and contract term. Essentially it is the responsibility of the Project Manager to evaluate and manage their projects in this manner and insuring all target dates are met. Avoid Delays by managing the schedule. The Contractor is allowed two alternatives to share the schedule. Alternative 1, is a schedule they keep, usually MS Projects is used. Otherwise, Alternative 2, they may note all tasks in the scope and give the specific date, date range, or number of days from the NTP (Notice To Proceed). IFB Contracts | The Project Manager’s Guidelines Revision Draft 03 | December 19, 2014 Page | 9 The contract requires that the updated Construction Schedule from the Contractor is received by the PM on a monthly basis. Ask the Contractor to provide a Gantt chart showing the critical path. If the PM does not receive the updated Construction Schedule, notify the Contractor in writing of their failure to provide this information in the time allotted per the General Conditions of the Contract. Constantly follow-up with the Contractor when due dates are not met. » An updated Construction Schedule shall be received with each progress payment request (invoice), but no less frequently than monthly and shall include the following (General Conditions Section 3.10.3.5): o A written narrative report detailing the actual progress of the Work as of the date of submission. o The expected progress of the Work as of such date according to the approved Construction Schedule. o The reasons for any variance. o If required, Contractor’s plan for placing the Work back on the Schedule, at Contractor’s expense. Review the schedule thoroughly. Check that the project is on track, that all milestones are being met, and that the completion date scheduled will be successfully met by the Contractor. Go to the project site location and ask for the As Built documents. Review the invoice against the As Built documents. The Contractor is required to update the As Built documents daily. The invoiced items should be clearly identified on the As Built documents. Do not release invoices unless these updates are made to the on-site As Built documents. This will assist you in receiving complete As-Built documents from the Contractor at the end of the project. If there are any doubts that the Contractor will meet the Completion Date of a Contract, the PM may want to consider submitting an Accelerated Work Measures Schedule Request. The PM may only submit this request to the Contractor if there were Delays caused by the Contractor and the Schedule reflects the Completion Date will not be met due to the Contractor’s performance. If a Project Manager has come to the conclusion that the completion date for a project is not going to be met, the Project Manager must evaluate the details of the cause for Delay. Another scenario is when the PM is made aware of a Delay and was informed by the Contractor or Construction Manager directly. IFB Contracts | The Project Manager’s Guidelines Page | 10 Revision Draft 03 | December 19, 2014 Incomplete Schedule: More Complete Schedule: IFB Contracts | The Project Manager’s Guidelines Revision Draft 03 | December 19, 2014 Page | 11 Project Manager’s Delay Analysis Summary: In order to best analyze the situation, the PM will need to collect the facts for the cause of Delay. Was the Delay due to the actions of the City of Palo Alto (City) through extra work requests, field orders and or Delays caused by City? If so, this type of a Delay would be considered an Excusable Delay. Are the Project’s Completion Date and Contract’s End Term Date going to be met? If not, a Change Order will need to be prepared and submitted by the PM. Will there be additional costs due to City’s changes? If yes, a Change Order will need to be prepared and submitted by the PM. If the PM were informed of the Delay by the Contractor or Construction Manager did the Contractor inform the PM within seven (7) days of learning of the Delay? If not, this type of Delay can be considered an Unexcused Delay. Is the Delay due to war, embargoes, fire, unavoidable casualties, unusual delays in transportation, national emergency, stormy and inclement weather conditions that are unusual and unseasonable in which the work cannot continue? If none of these reasons are the cause for the Delay, then this type of Delay may be considered an Unexcused Delay. If any of these reasons are the cause for the Delay, then the Delay is considered an Excused Delay. Is there an Excusable Delay or Compensable Delay occurring concurrently with an Unexcused Delay? Is the number of days for the Excusable Delay and/or Compensable Delay in excess of the number of days for the Unexcused Delay? If so, the Unexcused Delay can be considered an Excused Delay as it will not cause additional Delays. However, if the number of days for the Unexcused Delay exceeds the number of days for the Excusable Delay and/or Compensable Delay running concurrently, the Unexcused Delay will cause additional days of Delay and may be cause for initiating an Accelerated Work Measures Notification or Liquidated Damages. If the cause for Delay is considered an Unexcused Delay, the PM may consider submitting an Accelerated Work Measures Notification to the Contractor. This forces the Contractor to meet the project completion date by the Contractor increasing their number of workers, apply additional shifts (including overtime shifts if necessary), and any other measure to accelerate the project’s schedule. This type of request is not at City’s cost, but at the Contractor’s cost as the Delay is an Unexcused Delay. A template file for the Accelerated Work Measures Notification is available for your use. If the cause for Delay is considered an Unexcused Delay, and there is loss of money to City, Liquidated Damages may be justified. Should the PM choose to pursue Liquidated Damages, the PM will need to prepare and calculate the potential loss and submit a Claim to their Manager for approval. IFB Contracts | The Project Manager’s Guidelines Page | 12 Revision Draft 03 | December 19, 2014 Although a Delay may be considered an Excused Delay, will the completion of the project occur before the Contract’s Term End Date? If not, the PM will need to submit a Change Order Request to adjust the Contract Term. Contractor’s Responsibilities: The Contractor is responsible in informing the PM within seven (7) days of learning there is a delay in the schedule. The Contractor must also have a proposed plan within another 5 days to get the construction schedule back on track with the originally approved schedule. Schedule Examples- Base IFB Contracts | The Project Manager’s Guidelines Revision Draft 03 | December 19, 2014 Page | 13 Delay on Critical Path Delay NOT on Critical Path IFB Contracts | The Project Manager’s Guidelines Page | 14 Revision Draft 03 | December 19, 2014 Process Flowchart: IFB Contracts | The Project Manager’s Guidelines Revision Draft 03 | December 19, 2014 Page | 15 2. Change Orders Guidelines Objective When managing any changes, the best approach is to address any requested changes as soon as possible. Work with the Contractor and understand the request for a change as soon as you’re aware there is a request for a change. Respond in a timely manner when handling the Change Order Process. Follow all Change Order steps in the Contract General Conditions and make the best decision possible for the change. Process Steps Changes to the Contract: A change to the contract may be initiated by the Project Manager (PM), the Contractor, and/or the Construction Manager and the change may begin with a Field Order or a Change Order Request. Change Initiated by Project Manager (PM) Field Order » When a change is found to be of an urgent or emergency situation, a field order directive may be given directly to the Contractor in the field. The PM should always carry blank field order forms for their use to address urgent matters. » Regardless if the change is not of an urgent matter or whether there is no money and no time extension involved, the PM may issue a written Field Order and submit to the Contractor for execution. » When the PM fills out the Field Order, the PM has several choices to make based on the Change. o The PM determines if the change is considered “Extra Work” or may choose that the change is “Not Extra Work.” o If the PM decided that this change is considered “Extra Work” then the PM may also enter in the amount of Extra Work Cost Unit Cost (not to exceed amount) Lump Sum IFB Contracts | The Project Manager’s Guidelines Page | 16 Revision Draft 03 | December 19, 2014 Time and Materials Other Other $0 (no change to Contract Cost) TBD, allowing the Contractor to determine the amount (to be known when the Contractor submits the Change Order Request) o The PM determines if the Contractor is “Entitled to an extension of Time”.” If the PM determined that the change entitles the Contractor to an “extension of Time” then the PM may enter in the number of days the Contract should be extended. The PM may also enter 0 days needed, if there is no extension of Time needed. The PM may also enter TBD allowing the Contractor to determine how much time is needed (to be known when the Contractor submits the Change Order Request). » If the Contractor is not in agreement with the Field Order’s Cost or Time, the PM’s submitted Field Order to the Contractor acts as the notification that the Contractor has ten (10) days to submit a Change Order Request disputing the Field Order’s Cost or Time. o If the Contractor fails to submit a Change Order Request to the PM within ten (10) days then the Field Order shall be deemed full acceptance of the agreement to all the terms, and the Contractor has waived all rights to dispute any or all terms of the Field Order. » If the Contractor is not in agreement with the Field Order and the City is not in agreement with the Contractor’s Change Order Request the PM may consider issuing a Unilateral Change Order. o Remember to notify the Contractor that they are able to submit a Claim if they do not agree with the Unilateral Change Order and that the Claim needs to be submitted within fourteen (14) days of receiving the Unilateral Change Order. » If the Contractor is in agreement with the Field Order, and the PM’s calculations of additional Cost and Time, then the PM may start the Change Order without a Change Order Request, as the Field Order’s Cost and Time is agreed upon already. » If the Field Order has no changes to Contract Cost or Contract Time, the Field Order does not execute a Change Order Request or Contract Change Order. The Field Order is for record purposes only as there was a change made to the Contract Work. IFB Contracts | The Project Manager’s Guidelines Revision Draft 03 | December 19, 2014 Page | 17 Change Initiated by Contractor Field Order » In an emergency situation the Contractor is required to act and is required to call the PM or inform a City Representative (i.e. Site Inspector). The Contractor must also respond in writing within 24 hours of the event explaining the details of the emergency and what was done to address it. » For good measure, the PM should also write up a field order within 24 hours (using the written response from the Contractor) and have all appropriate parties sign. Change Order Request » If a change is requested by the Contractor and is NOT an urgent need, the PM may then request that the Contractor submit a Change Order Request. o The Change Order request acts as a quote because the Contractor is required to give all details of the change of the Work, Cost of the Work, and any Time extensions needed for the Work. Project Manager’s Responsibilities: After a Change Order Request is received, the PM is responsible in creating and submitting a Contract Change Order. » If the Change Order Request is disputing a Field Order…Did the Contractor submit the Change Order Request within ten (10) days of receiving the Field Order? o If the Contractor submitted the Change Order Request after ten (10) days, please return the Change Order Request to the Contractor along with notification that the Change Order Request is denied due to… Contractor’s failure to submit the Change Order Request disputing the Field Order within the ten (10) days as required per contract term Section 7.3 of the General Conditions in the Contract. In this denial of the Change Order Request, the PM should also include notification that the Contractor has the right to submit a Claim within fourteen (14) days of the denied notice. » If the Change Order Request is submitted due to a change identified by the Contractor, did the Contractor submit the Change Order Request within ten (10) days of learning of the change? o If not, please return the Change Order Request to the Contractor along with notification that the Change Order Request is denied due to… Contractor’s failure to submit the Change Order Request within the ten (10) days of learning of the change, as required per contract term Section 7.2 of the General Conditions in the Contract. In this denial of the Change Order Request, the PM should also include notification that the Contractor has the right to submit a Claim within fourteen (14) days of the denied notice. » The Change Order Request must be submitted as required per the General Conditions IFB Contracts | The Project Manager’s Guidelines Page | 18 Revision Draft 03 | December 19, 2014 of the Contract. The requirements are: o Must clearly describe the circumstances that are the basis of the Change, with reference to particular provisions of the Contract Documents involved, direct relevant documents and related requests (such as, field order). o If requesting an extension of Time on the Contract, Contractor must submit the following with the Change Order Request. Description of time delay Statement that the Time delay is critical to completion Probable effect of the Time delay; number of days Updated schedule reflecting the Time delay “Fragnet” in the Schedule, or a “time impact analysis” identifying all critical and non-critical activities affected by the Change Order Request. This analysis must show logical ties to the existing and most current Construction Schedule. o If requesting adjustments to the Contract Sum (increase/decrease) the cost should be computed as below and include a detailed breakdown of the amount requested. Unit Price: as agreed upon in the Contract, and is deemed included as allowable costs and markups Lump Sum Pricing: lump sum which is agreed upon by City and Contractor, based on estimated allowable costs and markups Time and Materials: work performed on a time and materials basis shall be calculated as the sum of allowable costs, plus markups » If the Contractor did not submit the Change Order Request with all required documentation, the PM may deny the Contractor’s Change Order Request. o Contractor’s failure to submit the Change Order Request with all required documentation as required per contract term Section 7.2 of the General Conditions in the Contract. o In this denial of the Change Order Request, the PM should also include notification that the Contractor has the right to submit a Claim within fourteen (14) days of the denied notice. » If the Change Order Request is fully in accordance with the Contract General Conditions, the PM may now move forward with submitting a Contract Change Order. » If a contract has numerous on-going changes, the PM may collect all field orders and change order requests and combine into one Contract Change Order. The PM should submit a Contract Change Order when any of the following occurs: o the collected changes totals over $10,000 o the collected changes is over a one (1) month period of time o the contract is due to expire (submit at least 30 days before expiration) » If the PM receives a change order request that is not using the City’s Change Order Request form, return the change order request and reject the submittal. The Contractor is required to submit Change Order Requests using the City’s form per contract term Section 7.2. IFB Contracts | The Project Manager’s Guidelines Revision Draft 03 | December 19, 2014 Page | 19 Field Order: Field Order Sample, the PM or City Representative initiates this form. IFB Contracts | The Project Manager’s Guidelines Page | 20 Revision Draft 03 | December 19, 2014 Change Order Request Form: Change Order Request Form sample (3 pages). The Contractor initiates this form. IFB Contracts | The Project Manager’s Guidelines Revision Draft 03 | December 19, 2014 Page | 21 Contract Change Order Form: » If the Contractor is in agreement with the Field Order, the Contractor would sign the Field Order and the PM would then fill out the Contract Change Order paperwork based on the Field Order. » If the Contractor submitted a Change Order Request according to the General Conditions of the Contract, the PM would then fill out the Contract Change Order working from the Change Order Request. » Contract Change Order sample (3 pages). The PM initiates this form. IFB Contracts | The Project Manager’s Guidelines Page | 22 Revision Draft 03 | December 19, 2014 When the Contract Change Order is completely filled out, the PM would forward to the Administrative Staff to initiate the electronic signature process. The Admin would then enter a Purchase Requisition into the SAP system based on the Contract Change Order and send a copy of the electronic signed Contract Change Order to the Purchasing Department. NOTE: Not all Contract Change Orders or Field Orders are agreed upon by all parties. When the parties involved in a change to the contract there are options in the Change Order Process to work with the disagreements. Within the Change Order Process there are extensions to the Delays, Claims, Disputes, Terminations, Suspensions, Mediation and Arbitration that may be utilized to address disagreements. There are sections that follow which give more details around these other options. Here is an example of a Timeline for Contract Change Orders that works its way from a Field Order (dated 4/1/2014), into the Change Order Process, Dispute Process, Claims Process, Statement of Dispute, and eventually to Mediation, and Binding Arbitration (all based on when responses from the Contractor and PM/City should be received by; how many days to respond) in the event of continued disagreement on a Change Order between the PM and Contractor. Contractor’s Responsibilities: It is the Contractor’s responsibility to inform the PM when a change is needed to a contract. The Contractor is required to inform the PM within ten (10) days of learning that a change is needed. If a Contractor does not inform the PM of this change within the allotted time, this may cause a Delay in the schedule. The Contractor may be held accountable for causing a Delay in the schedule because the Contractor did not inform the PM as required per the Contract General Terms. It is also the responsibility of the Contractor to come up with a plan within five (5) days to get the construction schedule back on the original approved schedule. IFB Contracts | The Project Manager’s Guidelines Revision Draft 03 | December 19, 2014 Page | 23 The Contractor is required to submit a Change Order Request using the City’s form. If the Contractor does not use the City’s form, the change order request should be returned and rejected, per IFB General Conditions 7.2. At all times, the Contractor is obligated to proceed with performance of the work, including and without limitation, performance of work directed by a Field Order or as modified by a Change Order, promptly and expeditiously, regardless if there is a dispute, disagreement, or failure of the parties to reach an agreement regarding the Contract Sum and/or Contract Time. If the Contractor disputes the rejection of a Change Order Request, the Contractor must submit a Claim in compliance with the Dispute Resolution Process. However, the work must continue and be performed by the Contractor without delay, slowing, interruptions or suspensions by the Contractor due to disputes between the parties. IFB Contracts | The Project Manager’s Guidelines Page | 24 Revision Draft 03 | December 19, 2014 Process Flowchart: IFB Contracts | The Project Manager’s Guidelines Revision Draft 03 | December 19, 2014 Page | 25 3. Claims Guidelines Process Steps Contractor’s Claim Requirements: A Contractor may submit a Claim to the City of Palo Alto (City) if the Contractor is not in agreement with a Change Order Request being denied in whole or in part. There are specific requirements the Contractor has to meet in order to submit the Claim. » The Contractor had to submit their Change Order Request in compliance with the Contract Documents. The Contractor was to deliver personally or via certified mail to City’s Attorney’s Office and copy the Project Manager. » The Claim is required to be submitted in writing, all supporting documentation and certificates are included with the Claim. » The Claim must be filed within fourteen (14) Days after the Change Order was denied » A statement that it is a Claim must clearly specify the amount for payment and specify the days for an extension of the Contract Time. » A detailed description of the act, error, omission, Differing Site Condition, event or other circumstance giving rise to the Claim. » A sworn statement Contractor and any Subcontractor involved in the Claim if the Claim is based on error, omission, conflict or ambiguity that was not discovered prior to submission of the Bid. » A statement demonstrating that a Change Order Request was submitted in a timely manner. » Detailed cost breakdown from the Change Order Request. » Copies of actual job cost records demonstrating that the costs have been incurred. » If the Claim involves a request for adjustment of the Contract Time, written documentation demonstrating that Contractor has complied with the requirements of the Contract Documents pertaining to proving the right to an extension of time under the Contract Documents. » A written certification signed by an authorized signer of the Contractor’s organization. Project Manager’s Responsibilities: Although the Claim is now with City’s Attorney’s Office, once the Project Manager (PM) is informed that a Contractor has submitted a Claim, the PM should stay involved in the Claim process and should review the Contractor’s Claim. IFB Contracts | The Project Manager’s Guidelines Page | 26 Revision Draft 03 | December 19, 2014 The following steps should be taken by the PM: » The PM should check that the Contractor’s Claim includes all required documentation. There is a Claim Checklist template for the PM’s use. Checklist below. Claim Checklist REQUIREMENTS FULFILLED REQUIREMENT (Y/N)? ADDITIONAL COMMENTS. Delivered personally or via certified mail to City’s Attorney’s Office. The Claim is required to be submitted in writing, all supporting documentation and certificates are included with the Claim. The Claim must be filed within fourteen (14) Days after the Change Order was denied A statement that it is a Claim must clearly specify the amount for payment and specify the days for an extension of the Contract Time. A detailed description of the act, error, omission, Differing Site Condition, event or other circumstance giving rise to the Claim. A sworn statement Contractor and any Subcontractor involved in the Claim if the Claim is based on error, omission, conflict or ambiguity that was not discovered prior to submission of the Bid. A statement demonstrating that a Change Order Request was submitted in a timely manner. Detailed cost breakdown from the Change Order Request. Copies of actual job cost records demonstrating that the costs have been incurred. If the Claim involves a request for adjustment of the Contract Time, written documentation demonstrating that Contractor has complied with the requirements of the Contract Documents pertaining to proving the right to an extension of time under the Contract Documents. A written certification signed by an authorized signer of the Contractor’s organization. Example of the Certificate on next page. IFB Contracts | The Project Manager’s Guidelines Revision Draft 03 | December 19, 2014 Page | 27 Once the PM completes the checklist, forward a copy to Purchasing along with the PM’s explanation of the Claim. The PM must also: » Compare all involved documentation submitted in the Claim against the PM’s Project files to confirm all are accurate. » If there are any discrepancies in the required documentation, the PM should submit a rebuttal Claim with the detailed explanation of the discrepancies in the Contractor’s Claim. » Did the Contractor submit the Claim within fourteen (14) days from receiving the denial on the Change Order? If not, the PM should note this in the rebuttal Claim and provide a copy of the letter of notification the PM provided the Contractor informing the Contractor that should the Contractor like to submit a Claim, the Contractor must submit within fourteen (14) days from the date the Change Order was denied. » Regardless if a Claim or the existence of any dispute regarding any Claim, the Contractor shall not delay, slow or stop performance of the Work, but is to diligently proceed with performance in accordance with the Contract Documents and City will continue to make payments as required by the Contract Documents. Did the Contractor delay, slow or stop performance of the work? If so, the PM may want to include a detailed description of events in the rebuttal Claim that the Contractor was not following their obligations to the Contract. The PM is to work with Purchasing and may follow-up with the CAO’s office directly. Summary Contractors may submit Claims which arise upon issuance of a decision by the City or Construction Manager denying, in whole or in part, a Change Order Request, which was previously submitted in compliance with the Contract Documents. A Claim that demands an extension of time or an increase in the Contract Sum does not accrue unless Contractor has previously submitted such demand(s) in a Change Order Request. The Project Manager (PM) may submit a Claim for Liquidated Damages due to an Unexcused Delay. All Claims are also referred to as Losses. IFB Contracts | The Project Manager’s Guidelines Page | 28 Revision Draft 03 | December 19, 2014 4. Disputes Guidelines Process Steps Project Manager’s Responsibilities: The Project Manager is responsible in understanding all the details around the Dispute and should provide the Attorney’s Office a copy of all Claim details and supporting documentation. The Project Manager should schedule a call or meeting as soon as possible with the Attorney’s Office to discuss the Dispute to better prepare the Attorney’s Office. Contractor’s Dispute Requirements: A Contractor is required to submit the Dispute to the City of Palo Alto (City) if the Contractor is not in agreement with a Claim being denied in whole or in part. There are specific requirements the Contractor has to meet in order to submit the Dispute. The Contractor is required to submit a written Statement of Contract Dispute to City within thirty (30) days after receipt of City’s written response to a Claim, or within thirty (30) days following the meet and confer conference if the parties have participated in a meet and confer conference. Should the Contractor fail in responding as stipulated above, City’s decision to the Claim shall become final and binding. Both Parties’ (Contractor / City) Requirements: Each party is required to participate fully and in good faith of each step of the Contract Dispute Resolution Process. Each of the following steps in the Contract Dispute Resolution Process to be followed in the sequence as they appear below: » Direct Negotiations. Designated representatives of City and Contractor shall meet as soon as possible (but no later than ten (10) days after receipt of the Statement of Contract Dispute) in a good faith effort to negotiate a resolution to the Contract Dispute. o Each party to be represented by a fully authorized representative with full knowledge of the details of the Claims or defenses being asserted by such party in negotiations. o If the Contract Dispute involves the assertion of a right or claim by a Subcontractor against Contractor that is in turn being asserted by Contractor against City (“Pass-Through Claim”), then the Subcontractor shall also have a representative attend the negotiations with full authority and knowledge. o If the Contract Dispute is not resolved, the parties may either continue the IFB Contracts | The Project Manager’s Guidelines Revision Draft 03 | December 19, 2014 Page | 29 negotiations or any party may declare negotiations have ended. o All discussions during the negotiations are to be documented solely for the purpose of negotiations shall be confidential and privileged. » Deferral of Contract Disputes. Following completion of direct negotiations, if there are unresolved Contract Disputes they shall be deferred pending Final Completion unless City requires that all parties involved are to continue with negotiations prior to Final Completion. o All Contract Disputes deferred until Final Completion are to be consolidated within reasonable time after Final Completion. o Parties may continue informal negotiations; however, such informal negotiations shall not alter provisions for deferring final determinations and resolution of unresolved Contract Disputes until after Final Completion. » Mediation. If the Contract Dispute remains unresolved after negotiations of the above, the parties shall submit the Contract Dispute to non-binding mediation before a mutually acceptable third party mediator. o Qualifications of Mediator. Parties to select a mediator who is a retired judge or an attorney with at least five (5) years’ experience in public works construction contract law and in mediating public work construction disputes. In addition, the mediator shall have at least twenty (20) hours of formal training in mediation skills. o Submission to Mediation and Selection of Mediator. The party initiating mediation of a contract Dispute is to provide written notice to the other party of its decision to mediate. If neither party is unable to agree upon a mediator within fifteen (15) days after the receipt of the written notice, then the parties are to submit the matter to JAMS at its San Francisco Regional Office for selection of a mediator. » Mediation Process. The mediation is to take place at the office of the Mediator or at City’s office; City to select the location. The cost of mediation is to be shared equally by the parties. o The mediator is to provide an independent assessment on the merits of the Contract Dispute and recommendations for resolution. o All discussions during the mediation and all documents prepared solely for the purpose of the mediation shall be confidential and privileged. o If the mediator declares that the parties are at impasse and notifies the parties in writing that the mediation has ended, the Contractor may submit a written request that those portions of its Claim that remain unresolved is to be submitted to binding arbitration. Contractor is to submit this written request within 60 days from receiving notification from the mediator that the mediation was at an end. If the Contractor does not submit the written request for binding arbitration within the 60 day period, the Claim shall be deemed waived. » Binding Arbitration. o Process. Any submitted for binding arbitration shall be determined by arbitration IFB Contracts | The Project Manager’s Guidelines Page | 30 Revision Draft 03 | December 19, 2014 at the San Francisco JAMS’ offices, and administered by JAMS. o Waiver of Jury Trial. Contractor and City each voluntarily waive its right to a jury trial with respect to any Contract Dispute that is subject to binding arbitration. The Contractor shall include this provision in its contracts with its Subcontractors who provide any portion of the Work. » Non-Waiver. The participation in the Contract Dispute Resolution Process does not waive, release or compromise any defense to City, without limitation, to previously waived Contractor’s failure to comply with the Contract Documents and/or the Contractor’s failure to comply with any time periods for providing notice of requests for adjustments of the Contract Sum or Contract Time, or for submissions of Claims and supporting documentation. Summary Contractors may submit a Dispute if the Contractor has submitted a Claim and the Contractor dispute’s the City’s response denying all or part of a Claim, or if the City failed to respond within the prescribed time; the prescribed time being thirty (30) days of the receipt of the Claim for Claims greater than $50,000, or the prescribed time being fifteen (15) days of the receipt of the Claim for Claims less than $50,000. Contract Disputes shall be resolved by the parties in accordance with the Contract Dispute Resolution Process. The Contract Dispute Resolution Process is set forth in Section 4.3 of the General Conditions in lieu of any and all rights under the law that either party has its rights adjudged by a trial court or jury. IFB Contracts | The Project Manager’s Guidelines Revision Draft 03 | December 19, 2014 Page | 31 5. Request for Information (RFI) Guidelines Process Steps Project Manager’s Responsibilities: When the Contractor needs an interpretation or clarification of the work scope, or contract terms, they will submit a Request for Information (RFI) to the PM. The RFI is the method by which a contractor asks for and obtains direction from the City on the project. The reason an RFI is submitted is due to the design documents are allegedly: » Ambiguous » Conflicting » Faulty » Inadequate » Incomplete The RFI may be submitted by a Contractor to the PM on the RFI form, via an email, in person or by mail. If a Contractor calls on the phone and the request is an RFI related type question (due to insufficient information, engineering conflicts and alternate proposals with the design documents), the PM should ask the Contractor to submit their request in writing. The RFI is handled formally in writing specifically because when the design documents in the contract are needing clarification the direction given by the engineer/PM needs to be recorded accordingly. This will avoid any disputes later around the direction given by the PM or the understanding by the Contractor. The direction of the design documents details / specifications should be clearly identified in the written RFI. The PM is responsible for providing the Contractor with a clear and accurate written response in a timely manner. The PM should attempt to respond back to the contractor within two (2) days, but the complexity of the RFI may delay the response. The Contractor may be entitled to a Compensable Delay if the PM does not provide a response within ten (10) days of receiving a request for information, so the sooner the PM is able to respond, the better. The RFI and response should be saved in the project files and records. The data shared with the Contractor should be as accurate as possible. If the PM is aware that not all details of a project are available, then the PM should take this into consideration when identifying the work scope and ensure that the contractor is fully apprised of their responsibilities. The PM is fully responsible in ensuring the Contractor has the most accurate information available to them to perform the work and that they have a full understanding of the scope of work that needs to be performed. IFB Contracts | The Project Manager’s Guidelines Page | 32 Revision Draft 03 | December 19, 2014 IFB Contracts | The Project Manager’s Guidelines Revision Draft 03 | December 19, 2014 Page | 33 6. Terminations / Suspensions Guidelines Process Steps Project Manager’s Responsibilities: The Project Manager (PM) is responsible for fully understanding the scope of work to be performed in a Contract. With that understanding the schedule and work performed is to be monitored closely, ensuring all milestones are met. Suspension / Termination (without Cause): » Working with Purchasing and the City Attorney’s Office (CAO) the PM may submit a Suspension of Order by City of Palo Alto notification in the event that the Contract Work Scope was inaccurate and a Suspension will allow the PM time to reevaluate the Work and Schedule. A Suspension without Cause is to be used for City’s convenience; however, it will also be at City’s expense. A Suspension without Cause template form is available. o Purchasing will submit the notice to the Contractor. The Suspension may only suspend the work up to an aggregate of fifty percent (50%) of the Contract Time. o If applicable, submit a Contract Change Order to cover any adjustment of the Contract Sum or the Contract Time necessarily caused by such suspension. » Working with Purchasing and CAO the PM may submit a Termination of Contract (without Cause) notification in the event that the Contract Work Scope has major changes and adjustments; this type of notification without cause will be at City’s expense. o The PM is to assess the options and must send a recommendation to the Purchasing Department. Possible options are: Contract’s Work Scope may be deleted in whole or parts. Terminate all work effective immediately. Other option that best suits the project’s progress. NOTE: The compensation allowed and within forty-five (45) days after receipt of a billing from Contractor seeking payment of sums, City shall pay the following: Work Performed. Amount of Contract Sum allocable to the portion of the work properly performed, less sums previously paid. Close-out Costs. Demobilizing. Administering the close-out of Contractor’s participation in the Project. Fabricated Items. Previously unpaid cost of any items delivered to the Project Site which was fabricated. Profit Allowance. Allowance for profit calculated at four percent (4%) of the sum of the above items, provided that the Contractor can prove likelihood that it would have a profit if the Construction Contract had not been terminated. IFB Contracts | The Project Manager’s Guidelines Page | 34 Revision Draft 03 | December 19, 2014 Suspension / Termination (with Cause) » Purchasing will submit in writing a Notice of Default allowing the Contractor opportunity to correct any failures in meeting the work required of them per the contract documents. PM is to work with Purchasing to draft the Notice of Default. » Should the failures on a Notice of Default not be corrected by the Contractor, the PM may pursue Suspension of Order for Cause or a Termination of Contract for Cause. NOTE: The Contractor shall not be entitled to an increase in Contract Time or Contract Price. » PM responsible for meeting with Purchasing and Purchasing will meet with the Attorney’s Office for the legal assessment of the situation. IFB Contracts | The Project Manager’s Guidelines Revision Draft 03 | December 19, 2014 Page | 35 Contractor’s Responsibilities: Suspension / Termination (without Cause) » Upon receipt of a Notice of Termination the Contractor must do the following: o Immediately discontinue the work as specified o Place no further orders or subcontractors for materials, equipment, services or facilities, except what is necessary for completion of work that is not discontinued o Provide to City a description in writing within fifteen (15) days after receipt of notice of the termination, all subcontractors, purchase orders and contracts that are outstanding, including, without limitation, the terms of the original price, any changes, payments, balance owing, the status of the portion of the work covered and a copy of all paperwork. IFB Contracts | The Project Manager’s Guidelines Page | 36 Revision Draft 03 | December 19, 2014 o Assign to City the subcontracts, purchase orders or contracts, or portions that City elects to accept by assignment and cancel the ones that City elects to not accept. o Perform only work as necessary to preserve and protect work already in progress and to protect materials, plants, and equipment on the Project Site. » Upon receipt of a Notice of Suspension of the City of Palo Alto, the Contractor must do the following, at City’s expense: o Comply with the order and take all reasonable steps to minimize costs allocable to the work covered by the Suspension Order. o If the Suspension Order is canceled or expires, the Contractor shall resume and continue with the work. IFB Contracts | The Project Manager’s Guidelines Revision Draft 03 | December 19, 2014 Page | 37 IFB Contracts | The Project Manager’s Guidelines Page | 38 Revision Draft 03 | December 19, 2014 Suspension / Termination (with Cause) A Suspension or Termination with cause, it is due to the Contractor failing to perform or correct work in accordance with the Contract Documents. » In the event of a Suspension Order by the City of Palo Alto, the Contractor shall not be entitled to an increase in Contract Time or Contract Price. » In the event of a Termination Notice by the City of Palo Alto, the Contractor shall do the following (unless directed otherwise): o Immediately discontinue the work specific to the notice o Place no further orders or subcontractors for materials, equipment, services or facilities, except what is necessary for completion of work that is not discontinued o Provide to City a description in writing within fifteen (15) days after receipt of notice of the termination, all subcontractors, purchase orders and contracts that are outstanding, including, without limitation, the terms of the original price, any changes, payments, balance owing, the status of the portion of the work covered and a copy of all paperwork. o Assign to City the subcontracts, purchase orders or contracts, or portions that City elects to accept by assignment and cancel the ones that City elects to not accept. o Perform only work as necessary to preserve and protect work already in progress and to protect materials, plants, and equipment on the Project Site. Upon termination, whether for cause or for convenience, the provision of the Contract Documents remain in effect as to any Claim, obligation, warranties, guarantees, submittals of as-build drawings, instructions, or manuals, or other such rights and obligations arising prior to the termination date. Emergency Termination of Contract: » A Construction Contract may be terminated due to an emergency, per Government Code of the State of California, Section 4410 and Section 4411. 4410. In the event a national emergency occurs, and public work, being performed by contract, is stopped, directly or indirectly, because of the freezing or diversion of materials, equipment or labor, as the result of an order or a proclamation of the President of the United States, or of an order of any federal authority, and the circumstances or conditions are such that it is impracticable within a reasonable time to proceed with a substantial portion of the work, then the public agency and the contractor may, by written agreement, terminate said contract. 4411. Such an agreement shall include the terms and conditions of the termination of the contract and provision for the payment of compensation or money, if any, which either party shall pay to the other or any other person, under the facts and circumstances in the case. Compensation to the contractor shall be determined on the basis of the reasonable value of the work done, including preparatory work. As an exception to the foregoing, in the case of any fully completed separate item or portion of the work for which there IFB Contracts | The Project Manager’s Guidelines Revision Draft 03 | December 19, 2014 Page | 39 is a separate contract price, the contract price shall control. The parties may in any other case adopt the contract price as the reasonable value of the work done or any portion thereof. o Should a Contract be terminated due to an Emergency as stipulated in Section 4410 and/or Section 4411, the Contractor’s compensation is determined on the basis of the reasonable value of the work done, include preparatory work. The City of Palo Alto (City) may suspend the Construction Contract and reserve to itself all rights to Losses related to suspension of all or any portion of this Construction Contract for as long a period of time as City determines. City shall have no obligation to adjust the Contract Sum or Contract Time, and shall have no liability to Contractor for damages if City directs Contractor to resume work. City shall have the right to terminate the Construction Contract, in whole or in part, upon the failure of Contractor to promptly cure any default as required. Any notice of termination given to Contractor by City shall be effective immediately, unless otherwise provided therein. City may also, at its sole discretion and without cause, terminate the Construction Contract in part or in whole upon written notice to Contractor. When submitting this type of termination to the Contract, the expense is on City. IFB Contracts | The Project Manager’s Guidelines Page | 40 Revision Draft 03 | December 19, 2014 7. Stop Payment Notices & Payment Bonds Guidelines Overview Stop Payment Notices can be received anytime during a construction contract. The reason for stop payment notices is to protect the subcontractor(s) working under a direct contractor. If the subcontractor(s) is not being paid as required the subcontractor may submit a stop payment notice to City (public entity) to hold the money they are owed. This ensures that the subcontractor(s) will receive payment for services rendered. Project Manager’s Responsibilities: If there are any Stop Payment Notices received during the project or after the Notice of Completion and before Final Payment, City PM is required to withhold sufficient funds to cover the cost of the Stop Payment Notice, plus additional funds to cover the cost of the of legal fees that City might incur. The typical withholding amount should be 125% of the Stop Payment Notice. City may require that the Contractor provides a Stop Payment Release Bond in an amount of 125% of the Stop Payment Notice amount from a bonding company not currently providing bonding to the City; the City will release the Stop Payment Funds to the Contractor. PMs should watch funds very closely at the completion of the project to ensure that there are sufficient funds remaining to be paid to the contractor between the retention and the final invoice to cover any Stop Payment Notice withholdings. Final invoice should be delayed until the 30 day waiting period after filing the Notice of Completion has elapsed. If all the conditions for final payment are met with the exception of any remaining funds being held for the payment of Stop Payment Notices, the City may release funds that are not required to cover the cost of the Stop Payment Notices. After a Notice of Completion was filed, a Stop Payment Notice was received, and if a lawsuit was NOT filed by the Stop Payment Notice Claimant (subcontractor) within the allotted time (120 days from date of Notice of Completion, or 180 days from the completion of the project without a Notice of Completion filed) City may release the Stop Payment Notice funds to the Contractor because the Stop Payment Notice is no longer in effect. IFB Contracts | The Project Manager’s Guidelines Revision Draft 03 | December 19, 2014 Page | 41 Should the Contractor not agree with a Stop Payment Notice submitted by their subcontractor, the Contractor may serve City with an Affidavit challenging the Stop Payment Notice. The PM is then required to submit a notice to the subcontractor (claimant) with a copy of the Affidavit challenging their Stop Payment Notice informing them that the funds will be released in whole or in part unless a counter-affidavit is served after 10 days of this notice and before 20 days from the date of the notice. If the subcontractor (claimant) of the Stop Payment Notice does not submit a counter- affidavit to City, the Stop Payment Notice will be rejected and the holding of funds will be lifted at no liability to City. IFB Contracts | The Project Manager’s Guidelines Page | 42 Revision Draft 03 | December 19, 2014 Stop Payment Notice Flowchart: IFB Contracts | The Project Manager’s Guidelines Revision Draft 03 | December 19, 2014 Page | 43 Reference Table: IFB Contracts | The Project Manager’s Guidelines Page | 44 Revision Draft 03 | December 19, 2014 8. Closing Guidelines Overview Project Manager’s Responsibilities: When a project is completed by the Contractor, the Contractor will inform the Project Manager (PM) that the project is ready for final inspection. The PM will then perform a final inspection. If the final inspection confirms the work was completed and performed properly per the Contract Documents, the PM may then submit the Notice of Completion to the County Clerk. This filing is due within ten (10) Days after acceptance of City of Palo Alto (City). If the project is complete, all conditions of final payment are met, and thirty (30) days have elapsed since the filing of the Notice of Completion, the final retention funds will be released to the Contractor with the final payment. If there are any Stop Payment Notices received after Notice of Completion is filed, follow Stop Payment Notices section of these guidelines. CIVIL CODE – CIV, DIVISION 4. GENERAL PROVISIONS [3274 ‐ 9566], PART 6. WORKS OF IMPROVEMENT [8000 ‐ 9566], TITLE 3. PUBLIC WORK OF IMPROVEMENT [9000 ‐ 9566], CHAPTER 4. Stop Payment Notice [9350 ‐ 9510], ARTICLE 1. General Provisions [9350 ‐ 9364] 9356. A stop payment notice is not effective unless given before the expiration of whichever of the following time periods is applicable: (a) If a notice of completion, acceptance, or cessation is recorded, 30 days after that recordation. (b) If a notice of completion, acceptance, or cessation is not recorded, 90 days after cessation or completion. (Added by Stats. 2010, Ch. 697, Sec. 20. Effective January 1, 2011. Operative July 1, 2012, by Sec. 105 of Ch. 697 and by Section 8052.) After the closing checklist is complete, note any lessons learned from this Project and file in the project folder. Inform Purchasing the contract is closed and ask that when final payment is made to close the contract in SAP. Upload all permanent records appropriately. IFB Contracts | The Project Manager’s Guidelines Revision Draft 03 | December 19, 2014 Page | 45 Notice of Completion: IFB Contracts | The Project Manager’s Guidelines Page | 46 Revision Draft 03 | December 19, 2014 Contractor’s Closing Requirements: 1) The Contractor is required to submit the application for Final Payment with all supporting documents, which are: » In the format designated by City or Construction Manager » Must be itemized via Approved Schedule of Values » Successful system test » Includes data substantiating Contractor’s right to payment » Must be itemized showing amounts for Change Orders, Modifications and Retention. 2) The Contractor must complete and deliver all required written guarantees, warranties, operation and maintenance manuals. » As built documents / record documents » Drawings / schedules / certificates and other required contract docs » All approvals and acceptances made 3) Affidavit from Contractor stating all workers and persons employed, all firms supplying materials, and all Subcontractors have been paid in full. 4) Completion of all work, including correcting punch list items and site clean-up of all trash, equipment, and supplies belonging to Contractor. 5) Submission of releases of claims, stop notices and disputes with no reservations. 6) Evidence of payment to Subcontractors provided to PM/City, per conditional releases, within five (5) days after Final Payment is received. IFB Contracts | The Project Manager’s Guidelines Revision Draft 03 | December 19, 2014 Page | 47 IFB Contracts | The Project Manager’s Guidelines Page | 48 Revision Draft 03 | December 19, 2014 Closing Flowchart: IFB Contracts | The Project Manager’s Guidelines Revision Draft 03 | December 19, 2014 Page | 49 Definitions From General Conditions Change: Additions, deletions, or other modifications to the Work, which may or may not involve Extra Work and which may or may not involve an adjustment (increase or decrease) to the Contract Sum or the Contract Time under the terms of the Contract Documents. Change Order: A duly authorized written instrument signed by City, or by City and Contractor, which operates to amend the scope of Work, and which may also amend the Contract Sum or the Contract Time. Change Order Request: Contractor's written request for a Change Order. City / City: City of Palo Alto, a California chartered Municipal Corporation. Claim: A separate written demand by Contractor for an extension of the Contract Time, and/or for payment of money or damages arising from Work done by, or on behalf of Contractor. Compensable Delay: A Delay for which Contractor may be entitled under the Contract Documents to both an extension of the Contract Time and an adjustment of the Contract Sum for additional compensation. Construction Contract: The written contract executed between City and Contractor for construction of the Project. Construction Manager: The City designated employee, project manager or an individual, partnership, corporation, joint venture or other legal entity under contract with City to perform construction management services for the Project. The term "Construction Manager" means Construction Manager or Construction Manager's authorized representative. Construction Schedule: The Approved graphical representation of Contractor’s as-planned schedule for performance of the Work, and all Approved updates thereto, prepared in accordance with the requirements of the Contract Documents and that provides for Substantial Completion of the Work within the Contract Time. Contract Dispute: A dispute that arises out of or is related to the Construction Contract or the interpretation, enforcement, or breach thereof, except as specified in the General Conditions, Article 4. Contract Disputes Resolution Process: The process of resolution of Contract Disputes, and, upon election of City, disputes as set forth in Article 4 of the General Conditions. Contract Documents: This term shall be as defined in Section 3 of the Construction Contract. IFB Contracts | The Project Manager’s Guidelines Page | 50 Revision Draft 03 | December 19, 2014 Contract Sum: The total amount of compensation stated in the Construction Contract that is payable to Contractor for the performance of the Work in accordance with the Contract Documents, including adjustments made by Change Order. Contract Time: The total number of days set forth in the Construction Contract, within which Substantial Completion of the Work must be achieved by Contractor, including any adjustments of time (increases or decreases) made by a Change Order. Contractor: The individual or firm under contract with City to serve as the General Contractor for construction of the Project, including Contractor's authorized representative. Defective Work: Work by Contractor that is unsatisfactory, faulty, omitted, incomplete, deficient or does not conform to the Applicable Code Requirements, the Contract Documents, the directives of City or the requirements of any inspection, reference standard, test, code or approval specified in the Contract Documents. Delay: Whether capitalized or not, includes any circumstances involving disruption, hindrance, or interference in the performance of the Work within the Contract Time. Excusable Delay: A Delay for which Contractor may be entitled under the Contract Documents to an extension of time, but not compensation. Extra Work: Additional Work or costs due to a Change in the Work that is not described in or reasonably inferable from the Contract Documents which may be the basis for an adjustment of the Contract Sum and/or the Contract Price under the terms of the Contract Documents. Extra Work shall not include additional Work or costs arising from Contractor’s failure to perform any of its duties or obligations under the Contract Documents. Field Order: A written instrument signed by the City or its Construction Manager or Construction Manager Representative that authorizes and directs performance of the Work described therein, and which may or may not include adjustments (increase or decrease) to the Contract Sum and/or Contract Time. Final Completion: Full completion of all Work required by the Contract Documents, including all punch list items, and submission of Record Documents, all to City’s satisfaction. Final Payment: Final payment of the Contract Sum following Final Completion, including release of undisputed retention, less any amounts withheld or offset pursuant to the Contract Documents, including, but not limited to, liquidated damages, unreleased stop notices, amounts subject to setoff, and up to 150% of unresolved third-party claims for which Contractor is required to indemnify City, and up to 150% of any amounts in dispute as authorized by Public Contract Code Section 7107. General Conditions: That portion of the Contract Documents relating to the administrative procedures to be followed by Contractor in carrying out the Work. IFB Contracts | The Project Manager’s Guidelines Revision Draft 03 | December 19, 2014 Page | 51 Losses: Any and all losses, costs, liabilities, Claims, damages, liquidated damages, actions, judgments, settlements, expenses, fines and penalties. "Losses" do not include attorneys' fees. Pre-Construction Meeting: A meeting held with the Project Team prior to beginning construction in order to review Contract Documents and clarify roles, responsibilities and authority of the Project Team. Project: The total construction, of which the Work performed by Contractor under the Contract Documents may be the whole or part and which may include Work performed by City’s own forces or by Separate Contractors. Project Team: Collectively, the Contractor, City, Design Consultant, Separate Contractors, Construction Manager and other consultants and contractors providing professional and technical consultation for the design and construction of the Project. Record Documents: The term “Record Documents” refers to the As-Built Documents, warranties, guarantees and other documents required to be submitted by Contractor as a condition of Final Completion. Request for Information (RFI): A written instrument, prepared by Contractor, which requests an interpretation or clarification in the Work or a response to a question concerning the Work. A Request for Information does not entitle Contractor to an adjustment in the Contract Sum unless it requires Extra Work and Contractor requests and is entitled to such an adjustment in accordance with the provisions of the Contract Documents. Request for Information Response: A written instrument, usually prepared by the Design Consultant, which sets forth an interpretation or clarification in the Work or a response to a Contractor question concerning the Work. Site: The physical site located within City where the Project is to be constructed, including all adjacent areas for staging, storage, parking and temporary offices. Special Provisions and Technical Specifications: The portions of the Contract Documents consisting of the written requirements for materials, equipment, standards, skill, quality for the Work and performance of related services. These provisions may also contain amendments, deletions or additions to the General Conditions. Statement of Contract Dispute: The Contractor’s written statement prepared in accordance with Article 4 of the General Conditions required as a condition of its initiating the Contract Dispute Resolution Process set forth in the Construction Contract. Subcontractor: A person or firm that has a contract with a Contractor to perform a portion of the Work. The term "Subcontractor" includes suppliers and vendors and is referred to throughout the Contract Documents as if singular in number and means a Subcontractor or an authorized representative of the Subcontractor. “Subcontractor” includes Subcontractors of any tier. IFB Contracts | The Project Manager’s Guidelines Page | 52 Revision Draft 03 | December 19, 2014 Submittals: All shop drawings, samples, exemplars, product data and other submittals required to be submitted by Contractor under the Contract Documents. Substantial Completion / Substantially Complete: As determined by City, the point at which the Work is sufficiently complete to be occupied and utilized by City for its intended purpose, and Contractor has fulfilled its obligations under the Contract Documents, except for minor punch list items which do not impair City's ability to so occupy and utilize the Project. Unexcused Delay: Any Delay in the path of activities that is critical to Substantial Completion of the Work within the Contract Time and which Delay is not attributable to the City. An Unexcused Delay shall not entitle Contractor to either an extension of the Contract Time or an adjustment of the Contract Sum. To the extent an Unexcused Delay is concurrent with an Excused Delay; the Excusable Delay shall be conclusively deemed an Unexcused Delay. Unilateral Change Order: A change order which is issued by the City without requiring the consent or signature of the Contractor. It is a one-sided directive to perform and although a Contractor must abide by a unilateral directive, the Contractor is free to file a Claim for the additional costs or time incurred. Work: All labor, materials, equipment, services, permits, fees, licenses and taxes, and all other things necessary for Contractor to perform its obligations and complete the Project, including, without limitation, any changes or additions requested by City, in accordance with the Contract Documents and all Applicable Code Requirements. CITY OF PALO ALTO OFFICE OF THE CITY AUDITOR June 13, 2017 The Honorable City Council Palo Alto, California Utilities Department: Cross Bore Inspection Contract Audit In accordance with the Fiscal Year 2017 Annual Audit Work Plan, the Office of the City Auditor has completed the Utilities Department: Cross Bore Inspection Contract Audit. The audit report presents two findings with four recommendations. The Office of the City Auditor recommends that the Policy and Services Committee review and recommend to the City Council acceptance of the Utilities Department: Cross Bore Inspection Contract Audit. Respectfully submitted, Harriet Richardson City Auditor ATTACHMENTS: Attachment A: Utilities Department: Cross Bore Inspection Contract Audit (PDF) Department Head: Harriet Richardson, City Auditor Page 2 Utilities Department: Cross Bore Inspection Contract Audit June 1, 2017 Normal Sewer and Gas Pipeline Alignment Gas Line Crossbored Through Sewer Pipeline Office of the City Auditor Harriet Richardson, City Auditor Steve Hendrickson, Management Specialist Houman Boussina, Senior Performance Auditor Attachment A Page intentionally left blank Attachment A Office of the City Auditor ● 250 Hamilton Avenue, 7th Floor ● Palo Alto, CA 94301 ● 650.329.2667 Copies of the full report are available on the Office of the City Auditor website at: http://www.cityofpaloalto.org/gov/depts/aud/reports/performance/default.asp OFFICE OF THE CITY AUDITOR EXECUTIVE SUMMARY Utilities Department: Cross Bore Inspection Contract Audit June 1, 2017 PURPOSE OF THE AUDIT To determine if Hydromax USA, LLC, (Hydromax) met its contract requirements for inspecting City sewer pipelines to rule out cross bores and whether the City exercised appropriate contract oversight. Finding 1: Hydromax inspected 10,791 (60 percent) of 18,028 laterals and could not complete nearly half of its attempted inspections because of adverse conditions in sewer lines (Page 6) Hydromax invoiced 13,725 lateral inspections under its contract with the City to inspect 18,028 laterals. Although the contract required Hydromax to inspect all mains and laterals for cross bores and to document lateral conditions, Hydromax invoices show that it could not complete 6,625 (48 percent) of 13,725 lateral inspections due to unanticipated field conditions. Furthermore, Hydromax inspection records contain inaccurate, incomplete, and potentially duplicative information. The City paid $2.95 million for the work Hydromax performed under the $3.5 million contract. Recommendation to the Utilities Department: Identify and prioritize sewer pipelines that Hydromax did not fully inspect or attempt to inspect for inspection under a future contract(s). Finding 2: City oversight and NASSCO contracting guidelines can help ensure accurate, complete, and cost effective future inspections (Page 9) The City’s management of its cross bore inspection contract did not ensure that the City obtained accurate and complete inspection data in accordance with NASSCO standards and anticipated contract costs. The City can ensure it obtains accurate, complete, and cost effective sewer pipeline inspection data by incorporating NASSCO contracting guidelines, ensuring consistency of its contract documents, and providing sufficient oversight of contracted work and key deliverables. Key Recommendations to the Utilities Department: • Identify missing data in the City’s laterals database. • Incorporate relevant and useful provisions from NASSCO’s contract template in future sewer inspection contracts. • Identify gaps in staff expertise needed to monitor and facilitate field inspections and to review and track inspection data. Attachment A Page intentionally left blank Attachment A TABLE OF CONTENTS OBJECTIVE .................................................................................................................................................. 1 BACKGROUND ............................................................................................................................................. 1 SCOPE ....................................................................................................................................................... 3 METHODOLOGY .......................................................................................................................................... 3 FINDING 1: Hydromax inspected 10,791 (60 percent) of 18,028 laterals and could not complete nearly half of its attempted inspections because of adverse conditions in sewer lines ........................................ 6 Finding 1 Recommendations ............................................................................................................. 8 FINDING 2: City oversight and NASSCO contracting guidelines can help ensure accurate, complete, and cost effective future inspections .............................................................................................................. 9 Finding 2 Recommendations ........................................................................................................... 13 APPENDIX 1: City Manager’s Response ................................................................................................... 14 ABBREVIATIONS ASD Administrative Services Department NASSCO National Association of Sewer Service Companies U.S.C. United States Code Attachment A Page intentionally left blank Attachment A Utilities Department: Cross Bore Inspection Contract Audit 1 INTRODUCTION Objective The purpose of this audit was to determine if Hydromax USA, LLC, (Hydromax) met its contract requirements for inspecting City sewer pipelines to rule out cross bores and whether the City exercised appropriate contract oversight. Background Sewer Pipelines: Laterals and Mains Exhibit 1 shows a typical layout of sewer pipelines that includes privately-owned upper and City-owned and maintained lower sewer laterals that carry indoor sewage (i.e., wastewater) to the City’s wastewater mains in the street. This report uses the generic term, “sewer pipeline,” when an inspection record did not specify the type of sewer pipeline or when the distinction is not relevant. EXHIBIT 1: Layout of Sewer Pipelines Source: City of Palo Alto Special Wastewater Utility Rule and Regulation 23 Sewer pipelines in City records The City has a database of about 18,000 City-owned and maintained laterals. The resident- or business-owned, connected Attachment A 2 Utilities Department: Cross Bore Inspection Contract Audit laterals may branch out for various functional or design reasons and are not included in the City’s database. Federal gas pipeline safety requirements Federal law (47 U.S.C. § 192.1005 - 192.1007) requires gas distribution operators to develop and implement procedures to identify, monitor, and address gas pipeline risks such as damage, equipment failure, and leaks. Cross bore safety risks Cross bores are intersections of one utility pipeline through another, such as when a gas pipeline is inadvertently installed through a sewer pipeline. Cross bores generally occur when a gas line is installed using a trenchless method that prevents visibility of the underground sewer pipeline. Residents or plumbers may accidentally cut through a crossbored utility pipeline (e.g., a gas pipeline) when opening (e.g., clearing roots) the sewer pipeline. If the cutting device damages a gas pipeline, gas may be introduced into the connected structure (e.g., a home), which could cause an explosion. The City has installed mechanical gas pipeline safety valves on about 7,500 (43 percent) of 17,500 gas service lines. These valves shut off gas if there is a sudden surge in flow, which mitigates safety risks, but not all gas pipelines have the valves and, in rare cases, they may malfunction. NASSCO inspection standards The National Association of Sewer Service Companies (NASSCO) sets industry standards for assessing, maintaining, and rehabilitating underground infrastructure and to assure the continued acceptance and growth of trenchless technologies. NASSCO trains and certifies inspectors to objectively and consistently assess and document sewer pipeline conditions based on a standardized grading system. NASSCO also certifies software used to record condition codes that enable utility operators to identify, plan, prioritize, manage, and renovate their sewer pipelines. Hydromax contract In July 2011, the City entered into an 18-month, $3.5 million contract with Hydromax to use closed circuit television inspection methods to inspect mains and the 18,000 laterals to identify gas cross bores and document lateral conditions in accordance with NASSCO standards. The Utilities Department assumed that there would be one contiguous, privately-owned lateral for each of the 18,000 City-owned and maintained laterals in its records. The contract required Hydromax to fully inspect and document lateral Attachment A Utilities Department: Cross Bore Inspection Contract Audit 3 conditions according to NASSCO standards but only to document basic observations and major defects for mains (e.g., start, stop, footage, major defect). The contract did not include separate compensation for inspecting mains. The City later amended the contract to increase the maximum compensation to $4.3 million and extend the expiration date to December 31, 2013. Final project status A June 2016 Utilities Department presentation to the Utilities Advisory Commission showed that as of December 31, 2013, Hydromax had inspected about 13,000 (72 percent) of the 18,000 laterals and had identified 26 gas cross bores but that inspection attempts did not rule out cross bores for about 5,900 (45 percent) of the 13,000 inspected laterals. The City paid Hydromax a total of $2.9 million - $2.5 million for lateral inspections and $407,000 for other work and let the contract expire without the remaining work being done due to unanticipated field conditions that required services beyond the contract scope. The Utilities Department estimated an additional $3.3 million in future costs to inspect about 1,900 high priority laterals (e.g., laterals serving high occupancy properties), including laterals that Hydromax did not inspect. Scope We assessed Hydromax inspection and billing data from July 2011 through January 2015 that was associated with the City’s $4.3 million contract, which expired on December 31, 2013. We assessed relevant City contract and contract oversight documents to determine whether Hydromax met key contract requirements and whether the City exercised appropriate contract oversight. We did not engage Hydromax, the Utilities Operations Division, or subject matter experts who may have relevant information concerning the audit findings. Although our methodology (below) included a general assessment of the reliability and completeness of the City’s sewer pipeline inspection data, we did not assess whether inspections met NASSCO standards or legal mandates. Methodology To accomplish our audit objective, we: •Conducted a risk assessment to identify and prioritize risks associated with the City’s cross bore inspection program. •Identified and reviewed applicable laws and sewer pipeline inspection best practices. Attachment A 4 Utilities Department: Cross Bore Inspection Contract Audit •Reviewed and identified key provisions of the City’s contract with Hydromax. •Interviewed Utilities Department, Administrative Services Department, and City Attorney’s Office staff to understand contract requirements. •Reviewed Utilities Department invoice and inspection tracking documents and interviewed Utilities Department staff to assess whether contract oversight was sufficient to ensure that the City paid for Hydromax inspections that were completed and invoiced in accordance with contract terms. •Assessed the reliability and completeness of the City’s sewer pipeline inspection data. •Verified Hydromax inspector certification numbers using NASSCO’s online verification tool. Data reliability We used ACLTM Analytics and Excel software to assess the accuracy and completeness of Hydromax inspection records by searching for missing, inaccurate, and incomplete data based on our understanding of NASSCO requirements and database integrity principles. We interviewed Utilities Department staff who were knowledgeable about the data and brought data reliability concerns to their attention. We have included some of these concerns in the audit finding. We selected and reviewed a sample of Hydromax inspection records for 10 sewer pipelines to determine the causes and potential impact of multiple inspection records that inspectors entered for the same sewer pipeline. We used judgmental sampling to focus on completed inspections that appeared to have been finalized and to include inspections from a variety of Hydromax inspectors. Because this was a judgmental sample, our conclusions cannot be projected to the total population of inspection records. Compliance with government auditing standards We conducted this audit of the City’s cross bore inspection contract in accordance with our Fiscal Year 2017 Annual Audit Work Plan and generally accepted government auditing standards. Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objectives. We Attachment A Utilities Department: Cross Bore Inspection Contract Audit 5 believe that the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objectives. We would like to thank management and staff in the Utilities and Administrative Services Departments for their time, cooperation, and assistance during the audit process. Attachment A 6 Utilities Department: Cross Bore Inspection Contract Audit Finding 1 Hydromax inspected 10,791 (60 percent) of 18,028 laterals and could not complete nearly half of its attempted inspections because of adverse conditions in sewer lines Summary Hydromax invoiced 13,725 lateral inspections under its contract with the City to inspect 18,028 laterals. Although the contract required Hydromax to inspect all mains and laterals for cross bores and to document lateral conditions, Hydromax invoices show that it could not complete 6,625 (48 percent) of 13,725 lateral inspections due to unanticipated field conditions. Furthermore, Hydromax inspection records contain inaccurate, incomplete, and potentially duplicative information. The City paid $2.95 million for the work Hydromax performed under the $3.5 million contract. Unanticipated sewer pipeline conditions hampered inspections Hydromax invoiced the City for 13,725 lateral inspections. Although invoices do not specify sewer lines, Hydromax’s inspection records show that it inspected 10,791 of 18,028 laterals in the City’s records. Exhibit 2 shows that Hydromax invoiced $1.3 million for 7,100 completed lateral and branch lateral inspections and $1.2 million for 6,625 incomplete inspections. Hydromax could not complete all inspections because of sewer pipeline conditions, obstructions, and lateral branches hampered inspections and would have required services beyond the contract scope. The incomplete inspections may have still served to reduce or eliminate cross bore risks, which was the primary contract objective. EXHIBIT 2: Hydromax invoices for 13,725 lateral inspections Source: Utilities Department 6,870 Complete Inspections $1,270,950 (50%) 6,625 Incomplete Inspections $1,225,625 (48%) 230 Complete Branch Inspections $42,550 (2%) Attachment A Utilities Department: Cross Bore Inspection Contract Audit 7 In an effort to facilitate completion of the inspection project, the City added services to the original contract scope through change orders to address: •Obstructions that required construction and repair – Hydromax said it would complete inspections after the required work at no additional cost. •Sewer pipelines that required cleaning to facilitate traversing or televising the pipeline – Hydromax invoiced an hourly rate to supplement City’s efforts to clean pipelines. •Branch laterals longer than 15 feet – Hydromax charged the City $185 to inspect branch laterals longer than 15 feet. •Longer than anticipated lateral lengths – Hydromax reported an average lateral length of 84 feet versus the 65 feet stated in the contract, which may have resulted in cost savings to the City. The extra length required specialized equipment, additional inspection, and additional condition coding. •Mains with diameters of 6 inches or less, including mains with tree roots and other obstructions – Hydromax reported that these conditions increased costs because it had to use extra camera crews and specialized equipment. The contract with Hydromax required payment for incomplete inspections after reasonable attempts. The City paid Hydromax $2.54 million for the inspections performed, whether completed or not, and for 230 lateral branches that were longer than 15 feet, and another $407,000 for other services, some of which were added to the contract through the change orders. The City also extended the contract timeline from December 31, 2012 to December 31, 2013. Inspection records inconsistent, incomplete, and potentially duplicative Hydromax recorded 21,940 inspections for 15,121 sewer pipelines. Inspection records did not include information regarding invoicing, so we could not assess which inspections were included in invoices shown in Exhibit 2. Under the contract terms, the City relied on Hydromax to assess and quality control all inspection videos to definitively detect or rule out cross bores. Inspection records were not all consistent and complete and may have included duplicates. The City did not have a process to validate Hydromax inspection data and allowed the contract to lapse before Hydromax attempted to inspect at least 7,237 laterals. Attachment A 8 Utilities Department: Cross Bore Inspection Contract Audit About 12,900 (59 percent) of the 21,940 inspection records cited an inspection status (e.g., “complete”, “cannot complete”, “incomplete”) and 5,274 (24 percent) included condition scores. Hydromax inspectors recorded the final inspection status using nonstandardized, narrative text that does not fully support analysis (e.g., summaries by status) and does not always make clear the inspection status (e.g., “rerun push camera”). Although the primary contract purpose was to identify cross bores, inspection records that are not unique, do not show progress status, and/or do not include condition scores may not be useful to validate invoices, identify incomplete inspections, and repair, maintain or upgrade sewer pipelines. During the contract term, the City did not have any NASSCO-certified staff to interpret the inspection data (see related discussion in Finding 2). Recommendations The Utilities Department should: 1.1. Identify sewer pipelines that Hydromax did not fully inspect or attempt to inspect. Prioritize these sewer pipelines for inspection under a future contract(s). To the extent possible, based on past experience, predict potential inspection challenges, such as poor pipeline conditions, that may hinder future inspections. Disclose these challenges in future contract solicitations. Attachment A Utilities Department: Cross Bore Inspection Contract Audit 9 Finding 2 City oversight and NASSCO contracting guidelines can help ensure accurate, complete, and cost effective future inspections Summary The City’s management of its cross bore inspection contract did not ensure that the City obtained accurate and complete inspection data in accordance with NASSCO standards and anticipated contract costs. The City can ensure it obtains accurate, complete, and cost effective sewer pipeline inspection data by incorporating NASSCO contracting guidelines, ensuring consistency of its contract documents, and providing sufficient oversight of contracted work and key deliverables. City monitored contract but did not enforce all performance objectives or NASSCO standards Utilities Department Engineering staff reviewed Hydromax’s invoices and work progress but did not have NASSCO-certified staff or access to NASSCO manuals to ensure that Hydromax met the contract requirement to perform inspections in accordance with NASSCO. Utilities staff could not interpret the inspection information and use it for sewer pipeline operation and maintenance purposes. Although the primary contract objective was to rule out cross bores, providing condition codes (i.e., overall condition assessment scores) was also an objective and could have provided useful information for the City to prioritize future sewer pipeline work. Finding 1 discusses concerns about the reliability of inspection data. Since the end of the contract, one employee has become certified, and the Utilities Department has adopted NASSCO inspection standards. Hydromax inspectors may have misrepresented their certification status NASSCO issues certificate numbers that uniquely identify certified inspectors. NASSCO-certified inspection software requires inspectors to enter their certificate number when recording inspection data. The City did not ensure that Hydromax’s inspectors were properly certified, and our search in NASSCO’s online verification tool did not validate any of the inspector certificate numbers that Hydromax submitted to the City with the inspection records.1 Multiple Hydromax inspectors entered the same certificate number, and most of the certificate numbers were obviously invalid, containing only zeroes or other invalid formats. A NASSCO representative told us that although NASSCO-certified software requires entry of certificate numbers, it does not validate the certificate. 1 The NASSCO certificate verification tool is accessible at https://www.nassco.org/. Attachment A 10 Utilities Department: Cross Bore Inspection Contract Audit Condition assessment of sewer pipelines provides advantages Condition assessments of underground sewer pipelines is an ongoing process that provides information to avoid emergencies, prioritize repair and replacement projects, plan for the future, and enhance the ability to make technically sound judgments regarding asset management. The Utilities Department did not ensure that Hydromax complied with the contract requirement to code sewer pipeline conditions in accordance with NASSCO standards. Utilities Department staff stated that condition scores have limited value to them and may be misleading due to ongoing condition changes (e.g., new construction). Finding 1 discusses concerns that not all Hydromax inspection records included condition assessment scores. Exhibit 3 summarizes sewer pipeline condition assessment costs and benefits. EXHIBIT 3: Costs and Benefits of Sewer Pipeline Condition Assessments Costs Benefits Inspection equipment and labor Early problem identification resulting in use of less expensive repair methods Monitoring equipment and data collection Reduced emergency costs and consequences Post-inspection planning, data analysis, and reporting Reduced operating and maintenance costs Service disruptions due to inspection work Avoided service disruptions Avoided or mitigated sanitary sewer overflows or pipeline breaks Avoided public health costs Improved planning and prioritizing of rehabilitation and replacement projects Reduced backlogs of deferred maintenance Identification and prediction of future capital renewal needs More effective and efficient operations and maintenance Source: United States Environmental Protection Agency Contract terms inconsistent; NASSCO guidelines not incorporated The City’s cross bore inspection contract with Hydromax had inconsistent provisions and did not incorporate NASSCO’s recommended contract language for billing, data, and inspector certification requirements that could help the City more effectively Attachment A Utilities Department: Cross Bore Inspection Contract Audit 11 meet its inspection program goals and objectives.2 The City’s contract: •Required Hydromax to code laterals in accordance with NASSCO standards in one section but in another required inspections that allow for future coding according to standards, if desired. •Did not require Hydromax to meet inspection standards prior to being paid. •Did not specify data requirements. NASSCO guidelines provide a detailed list of required and optional data that can be customized and incorporated into contracts. •Did not require proof of inspector certification. NASSCO contract guidelines require contractors to provide proof of certification for both inspectors and individuals performing coding prior to the start of work. Costs higher than anticipated Including incidental and change order costs, the City effectively paid $215 per Hydromax lateral inspection (i.e., $2.95 million ÷ 13,725 invoiced lateral inspections) as opposed to the anticipated, effective rate of $200 per lateral inspection (i.e., contracted inspection and associated costs ÷ 13,725 invoiced lateral inspections). The contract required payment for incomplete inspections after reasonable attempts but did not include construction services needed to complete some inspections that were hampered by obstructions. The original contract scope assumed that the benefits of inspection attempts were greater than the costs, especially in comparison to rates that other jurisdictions paid during project term. A June 2016 Utilities Department presentation to the Utilities Advisory Commission showed that Hydromax had identified 26 gas cross bores. Contract disclosures may reduce change orders and costs The request for proposal documents disclosed that the City anticipated access challenges during inspections and provided some clarification on payment terms. These disclosures and clarifications were not all included in the final contract, which supersedes any preliminary contract documents. Specifically, the City disclosed to contractors placing bids: •80 percent of laterals would have some to a significant amount of roots. 2 NASSCO template contracts are at https://www.nassco.org/resources/guideline-specs. Attachment A 12 Utilities Department: Cross Bore Inspection Contract Audit •The City does not track resident-owned laterals or know their exact lateral lengths. •For payment purposes, each branch lateral serving the same structure is one lateral. Had the City included these disclosures and clarifications in the final contract, it may have avoided the need for the change orders, amendments, and additional contract costs discussed in Finding 1. More flexible contract model may have been appropriate The contract with Hydromax required inspection of all 18,000 City laterals in City records for a fixed price of $3.5 million, but the City did not have sufficiently detailed information regarding the condition, length, quantity, and diameter of its sewer pipelines, which resulted in greater than anticipated effort for Hydromax. Contracts should result in reasonable contractor risk and provide the contractor with the greatest incentive for efficient and economical performance. NASSCO’s contract guidelines recommend payment terms based on linear foot inspected rather than the number of laterals inspected, which was the basis for payment in the Hydromax contract. As discussed in Finding 1, the City negotiated change orders and amendments with Hydromax to address the expanded scope of work, but Hydromax still could not complete all contracted inspections due to unanticipated conditions that required additional work outside the contract scope. Utilities Department staff do not know the number or conditions of remaining laterals and branches, or the extent of maintenance or construction necessary to enable inspectors to inspect the remaining laterals. Given the uncertainty about laterals remaining to inspect, the NASSCO contract billing model may offer the City more flexibility and more incentive to future contractors. The contract required the City to pay for incomplete inspections after Hydromax made reasonable attempts. However, the City may have been able to negotiate an alternative pricing structure with Hydromax given the large number of inspections that Hydromax could not complete because of field conditions. Utilities staff stated that the City still benefited from inspection attempts because Hydromax identified cross bores at reasonable costs compared to fees paid by other jurisdictions. Attachment A Utilities Department: Cross Bore Inspection Contract Audit 13 City has prioritized remaining lateral inspections but may not have complete data A complete, independent list of laterals can help track inspection progress, identify sewer pipelines still at risk, and plan sewer pipeline maintenance and upgrades. Utilities staff have created a priority list of laterals remaining to inspect. However, many Palo Alto parcels in City records do not have a corresponding lateral record, so the priority list may not be complete and accurate. Although the Utilities Department does not have a process to ensure the completeness of its laterals data, the City’s cross bore inspection process identified laterals that were connected to the City’s main sewer lines using closed circuit television methods. This process should have identified laterals that were not in the City’s records. Recommendations The Utilities Department should: 2.1. Identify missing data in its laterals database by comparing it with independent databases such as Hydromax inspection data. Update its laterals database to ensure it can effectively serve to track inspection progress. 2.2. Incorporate relevant and useful provisions from NASSCO’s contract template, such as linear foot pricing and prior verification of inspector certifications, in future sewer inspection contracts. Consult with the Administrative Services Department’s purchasing staff and the City Attorney’s Office to determine if City can enforce NASSCO template provisions that it plans to incorporate. 2.3. Identify gaps in staff expertise needed to monitor and facilitate field inspections and to review and track inspection data. Develop a training and certification plan for field staff who should have the expertise to help meet the City’s inspection goals and objectives. Attachment A 14 Utilities Department: Cross Bore Inspection Contract Audit APPENDIX 1 – City Manager’s Response The City Manager has agreed to take the following actions in response to the audit recommendations in this report. The City Manager will report progress on implementation six months after the Council accepts the audit report, and every six months thereafter until all recommendations have been implemented. Finding: 1. Hydromax inspected 10,791 (60 percent) of 18,028 laterals and could not complete nearly half of its attempted inspections because of adverse conditions in sewer lines. 1.1 Identify sewer pipelines that Hydromax did not fully inspect or attempt to inspect. Prioritize these sewer pipelines for inspection under a future contract(s). To the extent possible, based on past experience, predict potential inspection challenges, such as poor pipeline conditions, that may hinder future inspections. Disclose these challenges in future contract solicitations. Utilities Concurrence: Agree Target Date: Late 2018 Action Plan: Staff will review a previously generated prioritization list based on assessment of risk for property classifications, review inventory of parcels that do not have an associated lateral, and develop a final prioritization list and cost estimates based on experience and data from the original crossbore contract. Implementation of next phase will proceed based on available funding. Finding: 2. City oversight and NASSCO contracting guidelines can help ensure accurate, complete, and cost effective future inspections. 2.1 Identify missing data in its laterals database by comparing it with independent databases such as Hydromax inspection data. Update its laterals database to ensure it can effectively serve to track inspection progress. Utilities Concurrence: Agree Target Date: Mid 2018 Action Plan: Staff will utilize existing data to review and update the City’s GIS to reflect missing active City-owned laterals. This will be done in conjunction with the inventory of parcels referenced in Finding 1.1. 2.2 Incorporate relevant and useful provisions from NASSCO’s contract template, such as linear foot pricing Utilities Concurrence: Agree Target Date: Mid to Late 2018 Action Plan: Attachment A Utilities Department: Cross Bore Inspection Contract Audit 15 and prior verification of inspector certifications, in future sewer inspection contracts. Consult with the Administrative Services Department’s purchasing staff and the City Attorney’s Office to determine if City can enforce NASSCO template provisions that it plans to incorporate. Staff will review the NASSCO contract template and look for provisions to incorporate in a future City contract, as applicable. 2.3 Identify gaps in staff expertise needed to monitor and facilitate field inspections and to review and track inspection data. Develop a training and certification plan for field staff who should have the expertise to help meet the City’s inspection goals and objectives. Utilities Concurrence: Agree Target Date: Late 2018 to Start of future contract Action Plan: Staff will continue to review staffing gaps for office and field personnel. If gaps are identified and are not resolved by training, additional expertise will be identified within the City or via contract. Attachment A