Lessons Learned in California As Police Disciplinary Records Become Public
Will California legislation (SB 1421) around officer conduct records set a precedent for New York and other states?
Widespread civil unrest has focused media and citizen attention on public safety agencies nationwide. In many jurisdictions, this has already resulted in a massive spike in public record requests from citizens and media outlets alike. Lawmakers at the local, state, and federal levels have also taken notice and vowed to pass legislation aimed at department accountability, and the president has already taken executive action.
There are concrete examples of what landmark shifts in police records legislation actually mean to department operations.
SB 1421: Previously Privileged Officer Conduct Now Subject to Public Records Requests
One precedent to consider is California’s Senate Bill 1421, signed into law in late 2018 and in force as of January 1, 2019. The broad nature of the scope of this law meant that a vast trove of previously privileged information on officer conduct was now subject to public record requests. While the impact of SB 1421’s implementation on California public safety agencies was nothing short of staggering, there are lessons to be learned from the successes and shortcomings of agency planning and response throughout the state.
In this series, we’ll discuss the:
- Legislation’s rollout
- Practical impact on agency operations
- Things that can be done by any department to start to plan for an unknown future
SB 1421 Signed into Law
First, a bit of background on the bill itself. Introduced by Rep. Nancy Skinner, Senate Bill 1421, titled Peace Officers: Release of Records was signed into law by outgoing Governor Jerry Brown on September 30, 2018 and went into effect on January 1, 2019. The penal code was revised to allow disclosure of peace officer records when an officer discharges his/her firearm, or when internal department investigations resulted in sustained findings of previous excessive use of force, sexual assault, or dishonesty.
While previously protected from disclosure, the net effect of this law was to make disciplinary records of officers accused of misconduct subject to release under the California Public Record Act. This was unprecedented, and nothing short of a tidal change in California public records. In fact, so massive was the body of potentially responsive records that 40 competing newsrooms throughout California formed a coalition called The California Reporting Project, dedicated to obtaining and reporting on these newly-available records.
Guidelines For Other States
Solution #1 Prepare for Day 1 by Assessing Potentially Responsive Records
When considering the impact of new legislation, thinking about what day 1 looks like is a useful exercise, even when the extent of the new legislation is unclear. At 12:01 am on the day new rules take effect, what might the environment look like?
For many LEAs in California, the biggest challenge of SB 1421 was the sheer volume of information that needed to be reviewed, redacted, and approved prior to release. As one records coordinator in a large county’s sheriff department succinctly put it: “We only have one chance to get this right.” Striking a balance between the public’s right to know and Victim and Officer’s right to confidentiality is of the utmost importance. Once material makes its way into the hands of requesters, there’s virtually no practical way to claw that information back. LEAs throughout the state had to first grapple with the amount of potentially responsive records they held. Further compounding these challenges, on July 1, 2019, Assembly Bill 748 took effect, setting new time limits for disclosure of a video or audio recording of a “critical incident” such as an officer-involved shooting or a use-of-force resulting in severe bodily injury or death.
Important Questions to Ask:
- How much information is digitized and how much is on paper?
- For the digitized records, can they be read by a machine or do they need to be run through an OCR process to make them machine-readable?
- For the paper records, will they be digitized to allow for a more efficient redaction process or will they be redacted with Sharpies or Whiteout and scanned afterward?
- Who’s going to do the actual work to get this done?
- What about Body Worn Camera (BWC) footage?
- Dash Cam?
- What is the response timeline and does it differ from a standard public records request?
The bottom line here is that the agencies who were most prepared to meet the new requirements spent the brief period between the bill’s signing and the date it went into effect thinking about this, invested in products and implemented practices that drive efficiency, and made efforts to identify and cull down the body of responsive records to the most manageable size possible while working within the applicable rules.
Solution #2 Review Retention Policies to Reduce Volume
Most government agencies have retention periods for different types of records. The California agencies who routinely enforced their own retention policies ultimately started with the smallest body of potentially responsive documentation, and as a result, responded with relatively less cost and effort. In government records, enforcing retention policies is simply a best practice that cuts down not only on storage cost but labor cost to search, review, and release.
Enforcing retention policies is simply a best practice that cuts down not only on storage cost but labor cost to search, review, and release.
The nightmare scenario is to discover that there are decades worth of paper records in a warehouse somewhere which are now responsive because retention policies weren’t enforced. One large police department in California which demonstrates this point retained 20 years of digital records – well beyond what was required – as well as an additional 40 years of paper records totaling some 5 million pages. A major purchase was made and a project was undertaken to digitize the paper records, and a full-time team of sworn officers has been assigned to work these requests. The fiscal impact alone is huge, and it will take an estimated 5 years to work through the backlog of responsive documents to respond to blanket requests for records, all while periodically communicating time extensions to requesters. This is in addition to new requests that come in as applicable incidents take place. Simply put, it is a baffling amount of work to undertake.
Whatever forms new legislation takes across the country, beginning to address these questions and thinking about day 1 puts agencies on their best foot to respond when the time comes
The Case for Security:
Best Practices for Hardware/Software & the Users of Records Systems
Solution #3 Review Security Policies & Practices, Add Auditing & Training
When discussing the subject of sensitive records, one of the primary concerns that an agency must address is security. In the case of police records potentially containing both victim information and personnel information, security becomes critically important and gaps in any solution that touches or houses these records are potentially quite damaging. Data security standards such as CJIS and HIPAA dictate best practices for digital data storage, handling, and systems hardening to mitigate breach risk.
However, this is only part of the risk calculation. While the concept of a data breach elicits thoughts of nefarious hackers attempting to penetrate key systems, the reality is that most data breaches are the result of the weakest part of any computer system – its users.
Two Security Scenarios to Consider:
- Poorly Trained Users Accidental Disclosure of PII
- Officers Under Investigation Manipulating Records
Consider the possibility of a poorly-trained user accidentally disclosing confidential records, or even officers who may be under investigation by their own Internal Affairs or Professional Standards department. These situations present a potentially sticky situation. Without the ability to tightly control security profiles granting access to these records and controlling which personnel can participate in the process of adding, removing, or reviewing potentially responsive records, opportunities for conflicts of interest and data breaches arise.
Data Breach Triggers/Alerts & Repercussions
In California, a data breach triggers a legally-mandated process of investigating the breach and notifying the parties involved of the circumstances and extent to which their personal information was compromised. The civil penalties for failing to adhere to these requirements are steep, in addition to the negative effect this may have on future litigation, not to mention the harm done to a department’s reputation.
Regular auditing and certification by third-party systems security experts addresses the hardware and software side, while well-defined best practices and routine IT security training address the personnel side. This holistic approach allows an agency to demonstrate both to their citizens and their employees that security is important, and due diligence is performed accordingly.
Compliance and Litigation:
Personnel Records Go from Confidential to Public
Subpoenas No Longer Required for Misconduct and Use of Force
Broadly speaking, California Senate Bill 1421 introduced an entirely new layer of compliance to peace officer conduct. Within the law, two main categories of conduct were addressed: administrative misconduct and physical use-of-force. Prior to the enactment of this bill, California peace officer personnel records were largely considered confidential and generally only made available through subpoenas. Commonly, Pitchess motions in criminal cases where defendants allege excessive use of force on the part of a peace officer were used to obtain that officer’s personnel records, provided that the officer’s department had previously sustained findings which demonstrated a propensity toward abuse.
Senate Bill 1421, however, allows access to entire departments’ misconduct records on every officer simply by placing a public records request, rather than proving good cause for a subpoena.
Solution #4 Figure Out How To Manage Entire Disciplinary Files Requiring Review & Redaction – with Multiple Release Time Frames for Compliance
Not only do entire employee disciplinary files need to be gathered up, but they must be reviewed for confidential information and redacted accordingly. Further complicating the matter is the fact that officers under investigation for dishonesty and use-of-force could potentially have timelines for release tied separately to a single request based on whether multiple investigations were ongoing. This means that the potentially responsive records may have to be held for a certain period of time pending the outcome of a separate investigation, creating multiple release time frames around maintaining compliance, adding complexity for the people responsible for responding to public records requests.
Solution #5 Make Sure Your Process Works Long Term
Stepping back for a moment, consider the importance of compliance and avoiding litigation in responding to public records requests in general. Last year, GovQA took the largest survey of its kind to ask what really matters to the people who handle public records requests across the country. Maintaining compliance and avoiding litigation were two of the top three concerns nationwide. Consider also the implications of the ongoing COVID-19 pandemic. Many government entities hadn’t done sufficient business continuity planning to allow for an effective remote workforce, and while many states suspended their mandated public record response timeframes, some states did not and left it to those agencies to figure out on their own.
Solution #6 Be Flexible – Consider Redefining Use of Force to Match Spirit of the Law
As with any law, California Senate Bill 1421 was subject to interpretation, but the spirit of the law was to bring more accountability and transparency to officer personnel records in order to identify problematic patterns of behavior. While officers’ unions were fighting in court to determine whether the bill was intended to be retroactive, other agencies took a closer look at how their own policies and definitions impacted the number of cases which would ultimately be subject to release under the law, and how they could adjust those policies to align more closely with the spirit of the legislation while mitigating potential excess workload.
For example, consider one large city’s definition of use of force. Previous to the passage of SB 1421, any time a K9 unit was unleashed, they considered it use of force regardless of whether that K9 physically engaged a suspect. Because this was a relatively routine occurrence which was largely inconsequential in the absence of bodily harm being done to a subject or officer, this rule was revised to require the K9 to actually engage the suspect in order to qualify as a use of force. Furthermore, they specifically designed what was considered a serious use of force to mean any incident in which an officer or suspect required medical attention in a hospital setting.
By adjusting their own policy on the definition of serious use of force to instead require that a suspect or the officer need have received medical attention after the interaction, this department was able to institute a plan that would ultimately cause them to have fewer responsive cases while still satisfying their citizens’ need to know, and still reporting on the instances of significance which may point to a larger pattern of problematic behavior.
Again, there’s simply no way to know at present how changes in legislation are going to look, and the affected agencies will largely have no control over the substance of these new laws. However, by showing flexibility in the ongoing evolution of department policy, an agency can be nimble with resources while still remaining accountable to the public.
The Case for Streamlined Workflow and Automation
Legislation as far-reaching as California Senate Bill 1421 necessitates an in-depth look at current processes with a view toward bringing efficiency wherever possible, but where does an agency start? How does one arrive at the goal of maximum efficiency and maximum compliance? And where does technology fit in all of this?
Solution #7 Find a Flexible Technology Solution
The answers to this question necessarily differ from agency to agency. With different laws and statutes in different states and localities defining compliance, what makes one agency more efficient may simply be unworkable, unhelpful, or even illegal for another. This means that many technology solutions that do not have the flexibility to be configured to the unique needs and nuances of each agency simply cannot bring the maximum level of efficiency and compliance. Each agency can do a holistic review of their processes and find opportunities for enhancement, which is where workflow automation technology comes into play. But what is workflow automation, exactly?
Simply put, workflow automation is the blueprint, execution, and automation of processes based on specified conditions where human tasks, data, or files are routed between people or systems based on pre-defined business rules. In other words, steps in a process that happen routinely but are carried out manually by human users can instead be triggered to happen automatically based on the IFTTT (“If this then that”) expressions in computer code to match business cases defined for that particular organization. Assignment of tasks, request routing, and oversight processes can be done through software, and this automation can be brought to bear on virtually any part of a process. This results in fewer “touches” by the people involved and overall better use of time and resources.
Senate Bill 1421 presented a host of “IF” conditions that applied based on the disposition of the requested records.
Whether flexible workflow automation technology is being used to update and streamline an antiquated process or as part of the ongoing process designed to address shifting legislation, allowing software to do as much of the work as possible facilitates better resource allocation. Good technology implemented properly is a force multiplier and facilitates scaling up a process in a manageable manner instead of adding more people to an inefficient process.
What does the future hold for law enforcement agencies? This is of course the most difficult part of the equation to solve. The gut feeling of many of the folks we talk with is that complaints and record requests are going to continue increasing both in quantities and scope and that new legislation will continue to broaden the definition of what records are potentially responsive. Whether or not a new era of police accountability is on the horizon remains a matter of debate, but what seems clear is that the landscape is changing.
Two Items of General Consensus:
- Complaints and record requests are going to continue increasing in quantity and scope
- New legislation will continue to broaden the definitions of what constitutes responsive records (example: SB 1599 expansions of SB 1421)
While some agencies in California struggled to get through the backlog of SB 1421 requests, draft Senate Bill 1599, was already on the horizon. SB 1599 represents something of an expansion of the principles of SB 1421, laying out more circumstances under which police personnel records may become subject to release. Though it has not been signed into law, many agencies who learned the hard lessons of SB 1421 are trying to stay ahead of the shifting landscape. The drafting of SB 1599 started prior to the widespread social unrest we’ve witnessed since the killing of George Floyd.
The Peers in Public Records Newsletter (formerly FOIA News) is a bi-monthly e-newsletter brought to you by GovQA. It is a collection of the latest trends in public record requests and government transparency initiatives, shared stories, live roundtables, informative case studies, and actionable knowledge that will help you calm the chaos and keep your organization compliant. Send your comments to firstname.lastname@example.org.