The Seattle City Council unanimously approved a set of principles Monday to guide how city departments collect, hold and use private information. The principles, envisioned as the first of three steps towards establishing a citywide privacy initiative, include six commitments, which create, as Bruce Harrell called it, an “ethical framework” for what is to be done with the huge amount of information amassed by city departments in a digital era.
In November, Mayor Ed Murray assembled an interdepartmental team led by the Department of Informational Technology (DoIT) and the Seattle Police Department (SPD) to create a privacy initiative to be applied across all departments. In addition to DoIT and SPD, the team included representatives from Seattle City Light, Seattle Fire Department, the City Attorney's office and a half-dozen other departments.
“When you really look at the amount of data we collect as a city,” said Harrell, who is spearheading the effort within the council, “it’s intimidating: home loans, law enforcement, B&O tax information, public wifi, credit card information, information about vulnerable populations and minors. It’s all fairly mind-boggling.” As it sits now, comprehending what can and cannot be done with that information is a challenge because every department has its own statement, akin to the agreements you see when you buy a song on iTunes. Said Vinh Tang, an assistant to Harrell, “We did an inventory of all the statements in the city and they were so inconsistent."
The guiding principles approved Monday do not specify how data collection and use will be regulated or carried out. Specific ideas will be outlined in a privacy statement that DoIT promised at the end of August. DoIT also promised what they called a privacy toolbox, which will be a strategy for informing the public of the initiative, if it is finally enacted.
But as the interdepartmental team moves forward with the second and third steps, the members now have a philosophy for what should and shouldn’t be included. Pinning down the ethics of an entire city is difficult, said Michael Mattmiller, Seattle’s chief technology officer. “We need to balance the needs of many communities in a city where we have so many perspectives, while still balancing what the city needs to control.”
Credit: City of Seattle
Seattle would be one of the first municipal governments, if not the first, to create a citywide privacy initiative. “We’re wading into new waters,” said Mattmiller.
The principles the city landed on are, arguably, predictable and fairly brief, filling only one page: “We value your privacy; We collect and keep only what we need; When possible, we make available information about the ways we use your information; We are accountable; We follow federal and state laws about information disclosure; We work to maintain and use accurate personal information.”
But the principles, written with citizen input, are simple for a reason. “We don’t want to make commitment that we can’t stand up to,” said Mattmiller. “We can’t create a principle that we can’t back up."
In May, Mattmiller and his team will receive data from a joint study between the University of Washington and the University of California Berkeley that is examining how cities collect data. As a part of that study, researchers are developing a set of recommendations that Mattmiller says will help the final statement.
Jan Bultmann, the president of the Seattle Privacy Coalition, said the timing of the Privacy Initiative feels especially relevant with the Sunday night Oscar success of Citizenfour, the documentary about the Edward Snowden NSA revelations. Snowden’s leaks turned the question of big data regulation into an international debate.
Locally, the debate has been no less fierce.
In 2012, there was outrage when the public found out the Federal Aviation Administration had granted the police department permission to fly two quietly acquired Draganflyer X6 drones, which were to be equipped with recording equipment. Then-Mayor Mike McGinn called off the drone program and gave them away to the Los Angeles Police Department.
In late 2012 and early 2013, SPD installed a network of 30 video cameras along the waterfront and Alki. After public outrage, the council blocked the system until better regulations were decided upon. The $5 million network has still not been used.
In January, the SPD was accused of discreetly photographing protesters at an event at the University Village, which may have violated a 1979 ordinance restricting police from targeting activities of a sexual, religious or political nature for recording.
Perhaps the issue most at the forefront, however, is that of police-worn body cameras. While the privacy initiative is meant to regulate all departments that gather private information, Harrell aide Tang said, “The Seattle Police Department is constantly in our minds.” There has been plenty of confusion as to how police recordings should be regulated. For example, would that ’79 ordinance apply to body cams' recordings? Police intelligence auditor Mark Boerner says probably, while SPD’s senior counsel says no.
Last fall, SPD had a "hackathon", inviting technology experts, including Mattmiller to help them sort the issue out.
SPD didn't immediately respond to a request for comment on Monday's discussion of the initiative. However, in a Public Safety, Civil Rights, and Technology committee meeting last Friday, Mike Wagers, SPD’s chief operating officer, said, “We’re excited about this.”
Members of both the ACLU and the Seattle Privacy Coalition, two organizations historically skeptical of police data gathering, also expressed support for the privacy initiative. "I’m so delighted that they’re moving forward on it," said Bultmann of the Coalition. “Privacy has developed in patchwork fashion. We have to put privacy first as a consideration.” While she’d like to see the initiative do more than she expects it will, such as including funds to hire an independent chief privacy officer to audit the departments, she said, “This is a step in the right direction."