Responses to the Audit

Use the links below to skip to the specific response you wish to view:

California Department of Justice

Los Angeles Police Department

California State Auditor's Comments on the Response From the Los Angeles Police Department

Santa Ana Police Department

Santa Clara County Sheriff's Office

California State Auditor's Comments on the Response From the Santa Clara County Sheriff's Office

Sonoma County Sheriff's Office

California State Auditor's Comments on the Response From the Sonoma County Sheriff's Office

California Department of Justice

July 22, 2016

Elaine M. Howle, CPA
California State Auditor
621 Capitol Mall, Suite 1200
Sacramento, CA 95814

RE: CSA Report 2015-130

Dear Ms. Howle,

The Department of Justice (DOJ) has reviewed the California State Auditor’s (CSA) draft report titled “The CalGang Criminal Intelligence System: As the Result of Its Weak Oversight Structure, It Contains Questionable Information That May Violate Individuals’ Privacy Rights” and appreciates the opportunity to respond to the report.

CSA has made several recommendations to DOJ and the Legislature with regard to creating a public program for shared gang database oversight and accountability, specifically recommending that DOJ guide the board and committee to identify and address the shortcomings that exist in CalGang’s current operations. DOJ would be charged with providing oversight and development of new policies and procedures to ensure proper management and transparency of the CalGang system or any equivalent statewide shared gang database.

In response to the CSA’s specific recommendations to DOJ identified in the draft report, DOJ submits the following responses:

CSA Recommendation: Developing best practices based on the requirements stated in the federal regulations, the state guidelines, and state law, and advising user agencies on the implementation of those practices. The best practices should include, but not be limited to, reviewing criminal intelligence, appropriately disseminating information, performing robust audit practices, establishing plans to recover from disasters and meeting all of the State’s juvenile notification law requirements. Justice should guide the board and committee to develop these best practices by June 30, 2017.

DOJ Response:

DOJ agrees with this recommendation. The CSA recommends that the Legislature require DOJ to implement state regulations that adhere to federal regulations and state guidelines. The best practices developed by DOJ should align with these regulations to avoid confusion. As DOJ will not have the authority to begin the state regulations process until the Legislature grants express authority through legislation, the CSA’s recommended implementation date of June 30, 2017 will likely be impacted. DOJ recommends that the date to develop the best practices be determined by the Legislature through statute. DOJ currently has no existing resources or program in place to handle oversight or administration of CalGang; thus, additional resources and funding will be needed to implement this recommendation.

CSA Recommendation: Instructing law enforcement agencies that use CalGang to complete a comprehensive review of all the gangs documented in CalGang to determine if they meet the necessary requirements for inclusion and to purge from CalGang any groups that do not meet the requirements. Justice should guide the board and the committee to ensure that user agencies complete this review in phases with the final phase to be completed by June 30, 2018.

DOJ Response:

DOJ agrees with this recommendation and will work with the board, committee, and user agencies to provide instruction as recommended. However, until the Legislature grants DOJ express authority, DOJ cannot compel user agencies to complete a comprehensive review and purge groups from CalGang that lack criterion. Once legislation is passed to authorize DOJ to enforce the requirements and compel user agencies to comply, DOJ can assume oversight of CalGang. DOJ currently has no existing resources or program in place to handle oversight or administration of CalGang; thus, additional resources and funding will be needed to implement this recommendation.

CSA Recommendation: Instructing all law enforcement agencies that use CalGang to complete a comprehensive review of all records in CalGang to determine if the user agencies have adequate support for the criteria associated with all the individuals they have entered as gang members. If the user agencies do not have adequate support, they should immediately purge the criteria---and, if necessary, the individuals---from CalGang. In addition, the user agencies should ensure that all the fields on each CalGang record are accurate. Justice should guide the board and the committee to ensure that user agencies complete this review in phases with the final phase to be completed by September 30, 2019.

DOJ Response:

DOJ agrees with this recommendation and will work with the board, committee, and user agencies to provide instruction as recommended. However, until the Legislature grants DOJ express authority, DOJ cannot compel user agencies to complete the comprehensive review of all records in CalGang, purge individuals lacking adequate support for cited criteria, and ensure the accuracy of all fields on each record. Once legislation is passed to authorize DOJ to enforce the requirements and compel user agencies to comply, DOJ can assume oversight of CalGang. DOJ currently has no existing resources or program in place to handle oversight or administration of CalGang; thus, additional resources and funding will be needed to implement this recommendation.

CSA cited several unsupported criteria for individuals entered into CalGang, DOJ will need to further develop how the required support documentation for criterion is maintained in its regulations. As such, all records tied to this criterion for inclusion in CalGang will need to be reviewed after the implementation of regulations. This may impact the deadline recommended by the CSA for completion of the review of records. DOJ recommends that the final review date be determined by the Legislature through statute.

CSA Recommendation: Instructing all user agencies to report to Justice every six months, beginning in January 2017, on their progress toward completing their gang and gang member reviews.

DOJ Response:

DOJ agrees with this recommendation and will work with the board, committee, and user agencies to provide instruction as recommended. However, until the Legislature grants DOJ express authority, DOJ cannot compel user agencies to report their review progress to the DOJ biannually. DOJ recommends that the commencement of the biannual reporting be determined by the Legislature through statute.

CSA Recommendation: Developing standardized periodic training content for all CalGang users and training instructors. Justice should guide the board and committee to develop such standardized training content by June 30, 2017.

DOJ Response:

DOJ agrees with this recommendation and will work with the board and committee to develop standardized training for CalGang users and training instructors. However, until the Legislature grants DOJ express authority, DOJ cannot compel the board and committee to participate in the development, implementation, and enforcement of the training. Once legislation is passed to authorize DOJ to enforce the requirements, and user agencies are compelled to adhere to DOJ’s requirements, DOJ will ensure that the training content is implemented and participation by user agencies is enforced. DOJ currently has no existing resources or program in place to handle oversight or administration of CalGang; thus, additional resources and funding will be needed to implement this recommendation. DOJ recommends that the date for DOJ to develop the standardized training be determined by the Legislature through statute.

CSA Recommendation: Establishing a plan to recertify all CalGang users and training instructors on the new training content. Justice should guide the board and the committee to complete the draft plan by June 30, 2017, and the recertification training by June 30, 2018.

DOJ Response:

DOJ agrees with this recommendation and will work with the board and committee to develop and implement a plan to recertify all CalGang users and training instructors. However, until the Legislature grants DOJ express authority, DOJ cannot compel the board and committee to participate in the development, implementation, and enforcement of the recertification. Once legislation is passed to authorize DOJ to enforce the requirements and user agencies are compelled to comply, DOJ will ensure that the recertification plan is implemented and participation by user agencies is enforced. DOJ currently has no program or existing resources in place to handle oversight or administration of CalGang; thus, additional resources and funding will be needed to implement this recommendation. DOJ recommends that the date for DOJ to establish a training plan for recertification be determined by the Legislature through statute.

CSA Recommendation: Developing policies and procedures requiring the disabling of user accounts for all individuals who no longer have a need to or right to access CalGang because they have separated from their employment with user agencies or for other reasons. Justice should guide the board and the committee to identify and disable all such accounts by September 20, 2016.

DOJ Response:

DOJ agrees with this recommendation and will work with the board, committee, and user agencies to identify and disable accounts for those who no longer have a need or right to access CalGang as outlined. However, until the Legislature grants DOJ express authority, DOJ cannot compel the board, committee, and user agencies to comply with the disabling requirements. Once legislation is passed to authorize DOJ to enforce the requirements, DOJ will ensure that the policies and procedures are established and enforced. DOJ currently has no existing resources or program in place to handle oversight or administration of CalGang; thus, additional resources and funding will be needed to implement this recommendation. DOJ recommends that the date for DOJ to develop policies and procedures be determined by the Legislature through statute.

CSA Recommendation: Determining what steps must be taken to upgrade CalGang’s controls to ensure that CalGang will automatically purge all individuals whose records have not been updated by user agencies for five years.

DOJ Response:

DOJ agrees with this recommendation, but currently has no authority to mandate CSRA International, Inc. (CSRA), the developer of the proprietary CalGang software, to upgrade CalGang’s controls to do automatic purges, nor does DOJ have existing resources or a program in place to handle oversight or administration of CalGang; thus, additional resources and funding will be needed to implement this recommendation. For immediate implementation, DOJ suggests that CSA make this recommendation to the CalGang Executive Board and California Gang Node Advisory Committee that currently oversees CalGang and CSRA. It would be beneficial to DOJ for CSRA to begin making enhancements to CalGang before oversight and administration is assumed by DOJ.

CSA Recommendation: To promote transparency and hold the board, the committee, and user agencies accountable for implementing and adhering to criminal intelligence safeguards, Justice should post quarterly reports on its website beginning June 30, 2017, that summarize how it has guided the board and the committee to implement and adhere to criminal intelligence safeguards: the progress the board, the committee, and user agencies have made in implementing and adhering to these safeguards; the steps these entities still must take to implement these safeguards; and any barriers to the board’s and the committee’s success in achieving these goals.

DOJ Response:

DOJ agrees with this recommendation, but currently has no program in place to handle oversight or administration of CalGang; thus, additional resources and funding will be needed to implement this recommendation. DOJ also does not have authority to require user agencies to conduct external audits to assess implementation and adherence to criminal intelligence safeguards and report their progress to DOJ. Until the Legislature grants DOJ express authority, DOJ cannot compel the board, committee, and user agencies to comply with the requirements. DOJ recommends that the date to start posting quarterly reports be determined by the Legislature through statute.

CSA Recommendation: To promote transparency and encourage public participation in CalGang’s meetings, Justice should post the following information to its website unless doing so would compromise criminal intelligence information that must be shielded from public release:

Summary results from the committee’s audits of CalGang records.

The agendas, minutes, and referenced attachments for all future board and committee meetings, as well as other documents of significance such as letters, memos, or agreements.

From the past five years, all available agendas, minutes, and referenced attachments from scheduled and ad-hoc board and committee meetings, as well as all other documents of significance. Justice should post these materials by October 31, 2016.

DOJ Response:

DOJ agrees with this recommendation and will work with the board and committee to post all referenced information that we are successful in acquiring to the Attorney General’s website. However, until the Legislature grants DOJ express authority, DOJ cannot compel the board and committee to make all components available to DOJ. Once legislation is passed to authorize DOJ to enforce the requirements, DOJ will ensure that all available and future referenced information are made available to the public through the Attorney General’s website. DOJ currently has no existing resources or program in place to handle oversight or administration of CalGang; thus, additional resources and funding will be needed to implement this recommendation.

CSA Recommendation: If Justice needs additional resources to guide the board and committee to identify and address the shortcoming that exist in CalGang’s current operations and oversight, to report on the board and committee’s progress in addressing CalGang’s shortcomings, and to post necessary information to its website, Justice should take steps to secure the resources it needs.

DOJ Response:

DOJ agrees with this recommendation and will work with the Legislature and the Department of Finance to identify and obtain the additional resources and funding necessary for DOJ to implement the recommendations outlined in the CSA audit of CalGang.

The following recommendations by CSA were made to the Legislature with regard to CalGang, but have a direct impact to DOJ. As such, DOJ has provided the following responses to these recommendations:

CSA Recommendation: Designate Justice as the state agency responsible for administering and overseeing CalGang or any equivalent statewide shared gang database.

DOJ Response:

DOJ agrees with this recommendation. Express authority from the Legislature is needed before DOJ can fully enforce the recommendations made by the CSA. DOJ currently has no existing resources or program in place to handle oversight or administration of CalGang; thus, additional resources and funding will be needed to implement this recommendation.

CSA Recommendation: Require that CalGang or any equivalent statewide shared gang database adhere o federal regulations and relevant safeguards from the state guidelines, including supervisory reviews of database entries and regular reviews of all records.

DOJ Response:

DOJ agrees with this recommendation. Express authority from the Legislature is needed for DOJ to fully enforce CalGang’s adherence to federal regulations and state guidelines regarding criminal intelligence systems and compel user agencies to comply. DOJ currently has no program in place to handle oversight or administration of CalGang; thus, additional resources and funding will be needed to enable DOJ to adequately administer and oversee CalGang.

CSA Recommendation: Specify that Justice’s oversight responsibilities include developing and implementing standardized periodic training as well as conducting---or hiring an external entity to conduct--periodic audits of CalGang or any equivalent statewide shared gang database.

DOJ Response:

DOJ agrees with this recommendation. Express authority from the Legislature, and funding to either DOJ or the user agencies to hire an external entity to conduct periodic audits is needed before DOJ can fully enforce the recommendations made by the CSA. DOJ currently has no program in place to handle oversight or administration of CalGang; thus, additional resources and funding will be needed to enable DOJ to adequately administer and oversee CalGang.

CSA Recommendation: To promote public participation in key issues that may affect California’s citizens and to help ensure consistency in the use of any shared gang database, the Legislature should require Justice to interpret and implement shared gang database requirements through the regulatory process. This process should include public hearings and should address the following:

Adopting requirements for entering and reviewing gang designations, including establishing a retention period for gangs.

Adopting criteria for identifying gang members. These criteria should define which offenses are consistent with gang activity.

Specifying how user agencies will operate any statewide shared gang database, including requiring user agencies to implement supervisory review procedures and periodic record reviews. The user agencies should report the results of the reviews to Justice.

Standardizing practices for user agencies to adhere to the State’s juvenile notification requirements, including guidelines for documenting and communicating the bases for juveniles’ gang designations.

DOJ Response:

DOJ agrees with this recommendation. Express authority from the Legislature is needed before DOJ can fully enforce the recommendations made by the CSA and ensure user agency compliance with policies and procedures. DOJ currently has no program in place to handle oversight or administration of CalGang; thus, additional resources and funding will be needed to enable DOJ to adequately administer and oversee CalGang.

CSA Recommendation: To ensure transparency, the Legislature should require Justice to publish an annual report with key shared gang database statistics---such as the number of individuals added to and removed from the database---and summary results from periodic audits conducted by Justice or any external entity. Further, the Legislature should require Justice to invite and assess public comments following the report’s release. Subsequent annual reports should summarize any public comments Justice received and actions it took in response.

DOJ Response:

DOJ agrees with this recommendation. Express authority from the Legislature is needed before DOJ can fully enforce the recommendations made by the CSA. DOJ currently has no program in place to handle oversight or administration of CalGang; thus, additional resources and funding will be needed to enable DOJ to adequately administer and oversee CalGang.

CSA Recommendation: To help ensure that Justice has the technical information it needs to make certain that CalGang or any equivalent shared gang database remains an important law enforcement tool, the Legislature should establish a technical advisory committee to advise Justice about the database use, database needs, database protection, and any necessary updates to policies and procedures. The Legislature should specify the qualifications for membership in the technical advisory committee, which should include representatives from local and state agencies that use the shared gang database. Further, it should require that the committee meet at least twice a year and adhere to the Bagley-Keene Open Meeting Act and other relevant open meeting laws.

DOJ Response:

DOJ agrees with this recommendation and would welcome feedback from a Legislative technical advisory committee with regard to CalGang. DOJ would also like to be a member of the committee, if established.

Again, thank you for the opportunity to review and comment on the draft audit report. If you have any questions or concerns regarding this matter, you may contact me at the telephone number listed above.

Sincerely,

JOE DOMINIC
Director, California Justice Information Services Division

LARRY J. WALLACE
Director, Division of Law Enforcement

cc:
Nathan R. Barankin, Chief Deputy Attorney General
Venus D. Johnson, Associate Attorney General
Tammy Lopes, Director, Division of Administrative Support
Andrew J. Kraus III, CPA, Director, Office of Program Review and Audits

Los Angeles Police Department

July 28, 2016

Ms. Elaine Howle
621 Capitol Mall, Suite 1200
Sacramento, CA 95814

Dear Ms. Howle,

The Los Angeles Police Department (LAPD) has received and reviewed the findings of the draft audit report conducted by the California State Auditor’s Office regarding The CalGang Criminal Intelligence System dated August 2016. The findings and action taken have been discussed with LAPD Audit Division, LAPD’s CalGang Node Administrator as well as with the LAPD’s Chief of Detectives. The LAPD is in general agreement with the findings listed in the draft audit report.

The following recommendations were made by the California State Auditor’s Office:

Recommendation No.1

a. Review gangs entered into CalGang to ensure the gangs meet reasonable suspicion requirements;

Response: The LAPD will revise audit requirements to ensure an annual review is conducted to evaluate whether reasonable suspicion requirements have been met for each gang member entered into CalGang.

b. Review gang members that have been entered into CalGang to ensure the existence of proper support for each criterion;

Response: The LAPD is currently revising its CalGang procedures to include directed and expanded CalGang audits.

c. Purge from CalGang any records for gangs or gang members that do not meet the criteria for entry;

Response: Revised CalGang audits will include specific instructions related to purging of records that do not meet criteria for entry into CalGang.

d. Complete gang and gang member reviews in phases with the final phase for gangs to be completed by June 30, 2018;

Response: The LAPD is currently monitoring approximately 470 gangs in the City of Los Angeles and will develop a timeline in which to accomplish this recommendation. It is anticipated that this review can be completed by the recommended date of June 30, 2018.

e. The final phase for gang members to be completed by June 30, 2019.

Response: The LAPD is currently monitoring approximately 40,000 gang member entries into CalGang. The LAPD will audit a statistically valid sample. If findings reveal a significant deficiency, a larger sample would be utilized and this recommendation will be revisited. If a statistically valid sample is utilized for gang member entries the completion date of June 30, 2019, is reasonable.

Recommendation No. 2

a. Develop or modify as necessary all policies and procedures related to CalGang to ensure they align with state law, CalGang Policies, federal regulations, and when appropriate, the state guidelines [California Attorney General’s Model Standards and Procedures for Maintaining Criminal Intelligence Files and Criminal Intelligence Operational Activities];

Response: The LAPD is currently performing a comprehensive review of all Department related policies and procedures related to CalGang.

In May of 2016, the CalGang Node Advisory Committee (CGNAC) voted to eliminate the requirement to follow the California Attorney General’s Model Standards and Procedures for Maintaining Criminal Intelligence Files and Criminal Intelligence Operational Activities. The LAPD is conducting an examination into the feasibility of maintaining compliance with the Attorney General’s guidelines. However, the CalGang Executive Board took no action with regard to the CGNAC Board recommendation.

The LAPD has current CalGang policies and procedures in place, which all Department CalGang users are expected to adhere to. The draft audit report did not find the LAPD deficient with following state law or federal regulations. The LAPD will continue to maintain this high standard of compliance with all applicable laws.

b. Implement appropriate policies and procedures for entering gangs;

Response: All CalGang policies and procedures will be reviewed and any deficiencies identified will be corrected by revising existing policies and procedures.

c. Perform supervisory reviews of gangs and gang member entries;

Response: All source documents used to establish a gang or gang member entry into CalGang require a supervisor to review and approve. Existing LAPD CalGang policy will be revised to include an expanded “Supervisor Responsibilities” section outlining required supervisor duties.

d. Implement policies and procedures for performing periodic CalGang record reviews; sharing CalGang information; and complying with Juvenile notification requirements;

Response: The LAPD will ensure that appropriate policies and procedures exist for performing periodic CalGang record review; sharing CalGang information; and, complying with juvenile letter notification requirements. It should be noted that LAPD Audit Division has Department wide audit responsibility. They will be consulted to establish an expanded Department CalGang audit to ensure compliance with CalGang policies and procedures.

The following paragraph is also referenced in our comment number 1.

The draft audit report did not find LAPD deficient with the sharing of CalGang information; however, in response to this audit, LAPD is in the process of completing a Detective Bureau Notice to all LAPD Commanding Officers titled “CalGang Proxy Login”.

This Notice will establish LAPD policies and procedures for sharing CalGang information with outside agencies and non-users of CalGang.

A new Telephonic Information Request Form will be created, which must be completed by non-CalGang users when making GalGang information requests. This will enhance and support the CalGang Proxy Login feature in CalGang, which tracks all second party requests.

e. Recommendation No. 2 should be completed by March 31, 2017.

Response: The LAPD is in agreement.

Other Related Matters:

The draft audit report discusses the following other related matters:

• LAPD Police Officers not being viable “reliable sources” in determining the identification of an individual as a gang member to be included in CalGang;

Response: The LAPD asserts that its Gang Enforcement Detail (GED) officers are not only viable reliable sources, but also have the gang training, expertise, field experience, and time on the job to make the determination as to whether an individual meets the criteria to be identified as an active gang member or an active affiliate gang member as per CalGang requirements and LAPD policy. The GED officers are required to attend a week long Gang Awareness course and a one or two-day CalGang course. The GED officers go through an extensive background review, complete a financial disclosure, and receive continuous gang training from a variety of sources.

• Process for removing separated employees from CalGang;

Response: In response to this audit, a formalized process will be implemented where an official project will be generated whereby the Department’s Personnel Division will provide the LAPD CalGang Node Administrator a monthly separation list identifying employees who have separated from the Department. The Node Administrator will then disable these individuals from using CalGang.

• The LAPD did not have fully documented plans for restoring CalGang information after a man-made or natural disaster;

Response: The LAPD does not house the server where CalGang information is stored. The Los Angeles Sheriff’s Department (LASD) houses three servers and DOJ houses another. The LASD data center has a generator backup system. Once a month, the generator is tested by transferring the full operations of the data center to the generator for 30 minutes. The data on the CalGang servers is backed up once a day to an external drive that is housed in the same rack as the primary servers. The CalGang data is continuously replicated to a central DOJ server. The CGGN Replication Document from the LASD details this information; however, LAPD was not authorized to release this information due to LASD security protocols.

There is no Disaster Recovery or Incident Response plan specific to the CalGang data or servers. However, the building that houses the data center does have a Disaster Recovery Plan that pertains to the entire building, including the data center. The Norwalk Data Center’s Disaster Recovery Plan does not include CalGang. If there is a Disaster Recovery incident at the Norwalk Data Center and the Los Angeles CalGang servers are lost, users will be directed to the replicated DOJ CalGang server.

Users may view all of the Los Angeles data on the DOJ server but they will be unable to add/update records until the Los Angeles servers are restored. The Los Angeles servers will be restored via local backups located at the Norwalk Data Center. The LASD document Los Angeles CalGang Backup Information should be referred to for further information as LAPD was not authorized to release this information due to LASD security protocols. The LASD informed the LAPD that they already provided the CGGN Replication Document and the Los Angeles CalGang Backup Information document to the State Auditor’s Office.

A note can be added to LAPD’s forthcoming and revised CalGang policies and procedures pointing personnel to LASD and DOJ in the event that LAPD loses access to CalGang information after a disaster.

Process for documenting letters of contest:

• The LAPD will include a check box in CalGang indicating if a letter of contest was received for a juvenile.

Stated CalGang rules in User Agreement:

• The LAPD will revise its CalGang User Agreement to include: language that CalGang is not to be used for employment, housing, or military background check purposes; CalGang rules; and, requirement(s) for safeguarding GalGang data. It should be noted that the audit found no evidence of LAPD sharing information for the purposes of employment, housing or military.

After complete review of the draft audit findings, which were provided to the LAPD, the Department is asking that consideration of the audit title be reconsidered. The wording “As the Result of Its Weak Oversight Structure, It Contains Questionable Information That May Violate Individuals’ Privacy Rights” is misleading and volatile. We strongly believe the title to this report should reflect exactly what it did, which was provide insight on how to strengthen internal controls and improve upon our overall CalGang system. In essence, this title appears to be contentious, particularly in a time in which law enforcement agencies are facing great challenges with public trust. Moreover, the draft audit report does not identify nor specifically indicate what privacy rights have been violated and how.

Should you have any questions or concerns regarding this matter, please contact
Captain Charles P. Hearn, Commanding Officer, Gang and Narcotics Division, at
(213) 833-3700.

Very truly yours,

CHARLIE BECK
Chief of Police

MATT BLAKE, Deputy Chief
Chief of Detectives

Comments

CALIFORNIA STATE AUDITOR’S COMMENTS ON THE RESPONSE FROM THE LOS ANGELES POLICE DEPARTMENT

To provide clarity and perspective, we are commenting on the Los Angeles Police Department’s (Los Angeles) response to our audit. The number below corresponds to the number we have placed in the margin of Los Angeles’s response.

Los Angeles erroneously concludes that our report does not identify the department as deficient in following state law or federal regulations or with sharing CalGang information. We did, in fact, find that Los Angeles is deficient in numerous areas. For example, it is deficient in supporting gang member criteria entries, as summarized in Table 7; it lacks processes to properly share CalGang information and limit CalGang assess; and it has failed to appropriately notify juveniles and their parents as state law requires, as summarized in Table 11.

We are not questioning the training, expertise, and field experience of Los Angeles’s gang enforcement officers. They are uniquely qualified to evaluate potential gang tattoos, gang areas, gang dress, gang symbols and hand signs, and to conduct interviews of suspected gang members and informants—all of which are criteria they can use to justify a person’s inclusion in CalGang. Because this criteria is available, we find it inappropriate that Los Angeles would allow an officer to justify a person’s inclusion in CalGang based on the criteria—“Subject has been identified as a gang member by a reliable informant/source”, when the only support for this criteria is a circular reference back to this officer’s conclusion that the individual is a gang member. In our view, “reliable informant/source” indicates that the law enforcement agency received reliable information from outside its agency, and not simply a determination made by an officer inside its agency.

Los Angeles misunderstands our concern. We received and reviewed the documents that Los Angeles refers to and found that these documents outline processes for backing up CalGang data. We acknowledge that each of the node administrator agencies that we reviewed— including Los Angeles—asserted that they protect their data against loss by implementing practices such as regular backups of data. However, Los Angeles seems to overlook our concern that it does not have an agreed-upon plan with its service provider—the Los Angeles County Sheriff’s Department, in this case—for restoring CalGang information within a specified time frame after a man-made or natural disaster. As Los Angeles points out, in the event of such a disaster, users will be unable to add or update records until the Los Angeles servers are restored. As such, it is important that Los Angeles and its service provider formally agree on an acceptable recovery strategy to minimize the impact of an interruption.

The audit’s title is derived from the conclusions we drew from the evidence we collected and examined over the course of the audit. We believe the title aptly summarizes the audit conclusions and that those conclusions are soundly supported by audit evidence.

Santa Ana Police Department

July 28, 2016

Elaine M. Howle, CPA
California State Auditor
621 Capitol Mall, Suite 1200
Sacramento, CA 95814

Re: Response to Audit of “The CalGang Criminal Intelligence System” Dear Ms. Howle,

In 2015, the Joint Legislative Audit Committee requested the California State Auditor’s Office conduct an audit on the use of CalGang, a shared criminal intelligence database. The Santa Ana Police Department is an end-user of the CalGang system and was one of several agencies throughout the state to be audited. The Santa Ana Police Department welcomed the audit as an examination of this magnitude had never been conducted. During the audit, Santa Ana Police Department and State Auditor personnel interacted in a transparent and professional manner. The Department was eager to learn how to improve internal processes and ensure industry-best practices have been employed.

On July 18, 2016 the State Auditor’s Office released their preliminary audit report. The report primarily focuses on law enforcement’s process deficiencies. However, when scrutinizing the Department’s juvenile notification process, the State Auditor’s Office indicated, “… Santa Ana exceeded the law’s requirement by notifying parents after each contact juveniles had with police that resulted in updates to their records.” More impressive was the State Auditor’s Office recognizing the Department’s efforts to provide education and intervention for juveniles and their parents during the contestation process. The State Auditor’s report states, “Santa Ana’s process when it receives a contestation letter represents a best practice that we believe could be the basis for statewide standards.”

The State Auditor’s Office recommended the following actions to address the specific deficiencies:

Begin reviewing the gangs they have entered into CalGang to ensure the gangs meet reasonable suspicion requirements. They should also begin reviewing the gang members they have entered into CalGang to ensure the existence of proper support for each criterion. They should purge from CalGang any records for gangs or gang members that do not meet the criteria for entry. Individuals who are independent from the ongoing administration and use of CalGang should lead this review. The agencies should complete the gang and gang member reviews in phases with the final phase for gangs to be completed by June 30, 2018, and the final phase for gang members to be completed by June 30, 2019.

The Santa Ana Police Department has a clear understanding of the State Auditor’s recommendation and intends to fulfill the recommendation without modification or delay. The Department will begin reviewing the gangs we have entered into CalGang immediately. The Department will then review the gang members we have entered to ensure proper criterion has been documented and entered. Any gangs or its members not meeting requirements will be purged from CalGang. The Department intends to complete this review within the recommended timelines.

Develop or modify as necessary all their policies and procedures related to CalGang to ensure they align with state law, CalGang policy, the federal regulations, and the state guidelines. In particular, the law enforcement agencies should implement appropriate policies and procedures for entering gangs; performing supervisory reviews of gangs and gang member entries; performing periodic CalGang record reviews; sharing CalGang information; and complying with juvenile notification requirements. The law enforcement agencies should complete this recommendation by March 31, 2017.

The Santa Ana Police Department, with assistance from legal counsel, will establish a standalone policy and procedure for CalGang. This policy and procedure will support state law, CalGang policy, federal regulations, and state guidelines. The Department will ensure CalGang entries meet all criteria, supervisory reviews are conducted, a system to track CalGang information sharing will be created, and juvenile compliance notification requirements will be met. The Department intends to fully comply with these recommendations on or before March 31, 2017.

The Santa Ana Police Department would like to thank the staff from the California State Auditor’s Office for their professionalism during the audit process. There is no question their review and recommendations will assist the Santa Ana Police Department in the implementation of process improvements related to criminal intelligence files.

Sincerely,

CARLOS ROJAS
Chief of Police

Santa Clara County Sheriff's Office

July 20, 2016

Elaine M. Howle, CPA
State Auditor
621 Capitol Mall, Suite 1200
Sacramento, CA 95814

Dear State Auditor Howle,

This letter is in response to your draft audit report titled, “The CalGang Criminal Intelligence System; As the Result of Its Weak Oversight Structure, It Contains Questionable Information That May Violate Individuals’ Privacy Rights”. We received and reviewed the draft report. The report identifies a number of deficiencies and presents an opportunity to establish better practices and update our current policies and procedures.

The Sheriff’s Office agrees to a certain extent with the recommendations noted by the auditor. It should be noted that the Sheriff’s Office is a part of a node and not the node administrator. Some of the information documented in the report is not specific to our office but to other law enforcement agencies in our county.

The following is the Sheriff’s Office response to the specific recommendations of the draft audit report:

Recommendation:

Review the gang members entered into CalGang to ensure the existence of proper support for each criterion.
Purge from CalGang any records for or gang members that do not meet the criteria entry.
A review of entries should be made by a person independent from the administration and use of CalGang.

Response:

A staff member independent from the ongoing administration and use of CalGang will review the information entered into CalGang and purge any records of gang members that do not meet the criteria for entry.

Recommendation:

Develop or modify as necessary policies and procedures related to CalGang to ensure they align with state law, CalGang policy, the federal regulations, and the state guidelines.
Implement policies and procedures for entering gangs, performing supervisory reviews of gang and gang member entries, performing periodic CalGang record reviews, sharing CalGang information, and complying with juvenile notifications requirements.

Response:

The Santa Clara County Sheriff’s Office Special Operations Division Administration will review and update existing policies and procedures related to CalGang to ensure they align with state law, CalGang policy, federal regulations, and the state guidelines. Additionally, the Sheriff’s Office will implement an additional layer of supervision to conduct reviews of gang member entries and perform periodic CalGang record reviews. (It is important to note, the Sheriff’s Office only enters gang members into the system, not gangs as specified in the report.)

Regarding Juvenile Notifications, the Sheriff’s Office is not out of compliance. Our office has not entered juveniles into the system due to the fact that there are not clear guidelines specifically for those juveniles that are wards of the court.

The Santa Clara County Sheriff’s Office looks forward to working with the State Auditor, the CalGang Executive Board, and the California Gang Node Advisory Committee to improve the CalGang Intelligence System and in turn safeguard the rights of those in the system.

If you need additional information regarding this response, please contact Captain Dalia Rodriguez, Santa Clara County Sheriff’s Office Special Operations Division, at 408-808-4764.

Thank you for the opportunity to respond to this audit.

Sincerely,

Laurie Smith, Sheriff

Comments

CALIFORNIA STATE AUDITOR’S COMMENTS ON THE RESPONSE FROM THE SANTA CLARA COUNTY SHERIFF'S OFFICE

To provide clarity and perspective, we are commenting on the Santa Clara County Sheriff’s Office (Santa Clara) response to our audit. The numbers below correspond to the numbers we have placed in the margin of Santa Clara’s response.

In footnote 8 of the audit report, we note that Santa Clara does not add gangs to CalGang; rather, it links suspected gang members to gangs already existing in the database. Consequently, it did not have a process for adding gangs to CalGang for us to review.

Nowhere in the audit report do we conclude that Santa Clara is not in compliance with juvenile notification requirements. We acknowledge that Santa Clara stopped adding juveniles to CalGang in direct response to the notification requirements.

Sonoma County Sheriff's Office

July 22, 2016

Elaine M. Howle, CPA
California State Auditor
621 Capitol Mall
Suite 1200
Sacramento, CA 95814

Dear Ms. Howle,

Attached please find the Sonoma County Sheriff’s Office response to the State Auditor’s Report about CalGang® and the Sonoma County Sheriff’s Office’s regional role in the administration of this gang crime intelligence system.

Included are several attachments for your review.

If you have any questions, please contact me at 707-565-2781.

Sincerely,

STEVE FREITAS
Sheriff-Coroner

SF/wh

SONOMA COUNTY SHERIFF’S OFFICE
RESPONSE TO CALGANG® AUDIT REPORT

The Sonoma County Sheriff’s Office is pleased to have the opportunity to respond to the State Auditor’s Report about CalGang® and the Sonoma County Sheriff’s Office’s regional role in the administration of this important gang crime intelligence system (“Report”). The Report was compiled after a months-long audit during which the auditor team was given unprecedented access to staff and materials. Volumes of information were presented, procedures were explained, and full cooperation was provided to the auditor team by the Sonoma County Sheriff’s Office.¹

The Report highlights the importance of CalGang® which provides a shared database to law enforcement agencies with current gang information, allowing agencies to improve the efficiency of their criminal investigations, enhance officer safety, and better protect the public .² The Sonoma County Sheriff’s Office shares those important values and has been committed to supporting CalGang® for the benefit and safety of our communities and law enforcement agencies. The statewide gang problem knows no jurisdictional boundaries and the Sonoma County Sheriff’s Office believes that effective intelligence sharing is essential to protect the public from dangerous gang crimes.

The gathering of data in a criminal intelligence system often includes sensitive and private information. The Sonoma County Sheriff’s Office understands that this may raise concerns about individual’s privacy rights. The Sonoma County Sheriff’s Office acknowledges that an appropriate level of auditing is necessary, and is committed to administering the CalGang® database in a responsible and appropriate way, while balancing the need to protect individuals’ rights with the need to protect the public from crimes caused by gangs.

The Sonoma County Sheriff’s Office’s administration of CalGang® has always been appropriate and lawful. Despite the Report’s title which suggests a potential for privacy rights violations state-wide, the audit did not unearth any actual privacy violations by the Sonoma County Sheriff’s Office. In fact, the Sonoma County Sheriff’s Office believes that it has met or exceeded the statutory guidelines for administering a model Criminal Intelligence System that is used nation-wide. Indeed, since the CalGang® program’s inception, it was been used as the template for other regional and nation-wide criminal intelligence databases. Sonoma County’s administration of CalGang® fully complies with federal auditing requirements, contained in Title 28, section 23 of the Code of Federal Regulations (28 CFR §23).

Importantly, any information contained in CalGang® is subject to multiple levels of scrutiny before it is entered into CalGang®. First, the source information comes from law enforcement officers in the field. Before any information is transmitted to a CalGang® node agency (like Sonoma County) for entry into CalGang®, it is generally reviewed by the local law enforcement officer’s supervisor. Then, once the information is transmitted to a CalGang® node administrator, the source information is again vetted to ensure it meets the CalGang® criteria.

¹ The Sonoma County Sheriff’s Office was provided a redacted version of the Report that contained only information about the Sonoma County Sheriff’s Office. Further, the Sonoma County Sheriff’s Office was prohibited by the Auditor’s Office from discussing the Report with CalGang’s governing board or other local agencies who administer CalGang – despite the fact that CalGang is a state-wide program. The Sonoma County Sheriff’s Office hopes and anticipates that CalGang’s state-wide governing board will subsequently issue a comprehensive response to the Report once all agencies involved in operating the state-wide CalGang system have had an opportunity to review the entire Report.

² The legislature recognized that gang crimes presented a “clear and present danger” to the public when it enacted the Street Terrorism and Prevention Act (Penal Code §§186.20 et.seq.).

Sonoma County Sheriff’s Office has supported CalGang® for over 20 years. The staff from all involved agencies assigned to the California Gang Node Advisory Committee (Committee) and CalGang® Executive Board (Board) have done a phenomenal job developing and deploying a system that has become the gold standard around the county and beyond. This work was done primarily by local law enforcement, with very little support from the state of California and largely at the expense of the committee and board member agencies. The exceptional value of the CalGang® system is evidenced by more than 500 success stories written by end users praising the ability of CalGang® to assist in the investigation of crimes up to and including multiple capital murders.

The Report focuses on the 2007 version of the California Attorney General’s Model Standards and Procedures for Maintaining Criminal Intelligence Files (AG’s Model Standards) regarding heightened audit requirements. What the Report fails to acknowledge is that CalGang® was created more than 20 years ago in full compliance with the prior version of the AG’s Model Standards. The CalGang® Board and Committee never agreed to comply with the 2007 version of the AG’s Model Procedures. The Sonoma County Sheriff’s Office believes that the current level of CalGang® oversight, which was originally recommended by John Gordiner, Senior Assistant Attorney General assigned to CalGang®, remains appropriate. It is above and beyond what is employed in other Criminal Intelligence Systems we are familiar with, it is proactive, forward looking, and holds end users accountable. It also, within the permissible confines of 28CFR23, promotes transparency through its Executive Board which has met in public for decades. CalGang® does not violate individual privacy rights, in fact, it protects those rights by operating strictly within the confines of 28CFR23.

The following paragraph is also referenced in our comment number 6.

The overly onerous annual auditing requirements of the 2007 version of the AG’s Model Standards would make administering the CalGang® system as a node administrator unfeasible for Sonoma County. The Sonoma County Sheriff’s Office, as a node agency, would have to hire multiple high-level law enforcement personnel to fully comply with the Report’s interpretation of the 2007 version of the AG’s Model Procedures.

This highlights Sonoma County’s fundamental concern about this Report. The Auditors acknowledged that they had never audited a criminal intelligence database before. The Sonoma County Sheriff’s Office is concerned that given the limited time the Auditors had to review the CalGang® system, and become familiarized with how criminal intelligence databases are maintained and the national standards that govern such databases, the Report contains recommendations that are not grounded in either the correct interpretation of the law or the reality of operating a criminal intelligence database.

The ongoing resources necessary to operate the state-wide system has been an issue for 20 years. CalGang® has never been appropriately funded by the State, leaving stake holders, local communities, and law enforcement agencies to fund the staff and equipment. However, if CalGang® is forced to comply with the recommendations put forth by the auditor’s report, the Sonoma County Sheriff’s Office will not be able to provide the additional resources it would take to support the 35 other counties of the Node. Ultimately, Sonoma County will be forced to stop operating as a Node agency.

Recommendation #1

Begin reviewing the gangs they have entered into CalGang® to insure that the gangs meets reasonable suspicion requirements. They should also begin reviewing the gang members they have entered into CalGang® to insure the existence of proper support for each criterion. They should purge from CalGang® any records for gangs or gang members that do not meet the criteria for entry. Individuals who are independent from the on-going administration and use of CalGang® should lead this review. The agencies should complete the gang and gang member reviews in phases with the final phase for gangs to be complete June 30, 2018, and the final phase for gang members to be completed by June 30, 2019.

Recommendation #2

Develop or modify as necessary all their policies and procedures related to CalGang® to insure they align with state law, CalGang® policy, the federal regulations, and the state guidelines. In particular, the law enforcement agencies should implement appropriate policies and procedures for entering gangs; performing supervisory reviews of gang and gang member entries; performing periodic CalGang® record reviews; sharing CalGang® information; and complying with juvenile notification requirements. The law enforcement agencies should complete this recommendation by March 31, 2017.

The Sonoma County Sheriff’s Office simple response to the auditor’s recommendations is:

CalGang® is a state-wide program, and funding and staffing is a state-wide issue.

If we follow the recommendations of the auditor’s report, the Sonoma County Sheriff’s Office will be forced to stop operating as a Node agency.

We will operate for a reasonable amount of time for a replacement to be identified; if no other agency steps forward, our stored criminal intelligence data in CalGang® will be purged, pursuant to 28CFR23.

ATTACHMENT A: SPECIFIC RESPONSES

The following paragraph is also referenced in our comment number 4.

A major challenge with the auditor’s document was that significant portions, including titles and some complete sections were redacted. It is unclear exactly what areas of concern must be attended to.

The Sonoma County Sheriff’s Office would eagerly work to correct actual issues, but specifics are redacted, leaving only broad, non-specific allegations. There is nothing to identify the offender and specific questionable record(s).

Generally:

The auditors have never audited a criminal intelligence system. The very title of the report, ”The CalGang Criminal Intelligence System: As a result of Weak Oversight Structure, It contains Questionable Information That May Violate Individuals’ Privacy Rights” draws conclusions that are subjective and misleading.

The CalGang® policies and procedures and the end use agency agreements were originally drafted by the Attorney General’s representatives, Senior Assistant Attorney General John Gordiner until his retirement; then Deputy Attorneys General Rob Nash and Harry Colombo.

Specifically:

Section	Concerns (C) and Sonoma County Sheriff’s Office Response (R)
“Scope and Methodology	[REDACTED]” The portion titled Scope and Methodology is redacted entirely. We cannot respond to the contents without knowing the materials and process with which the auditors are relying upon to complete their tasks and reach their conclusions.
“Leadership Section [TITLE REDACTED]”	The paragraph title is redacted. 13 C1: The auditor takes exception to our senior detective sergeant, with 35 years of law enforcement experience, serving as node administrator, committee member, and end user. R1: The following bullet point is also referenced in our comment number 13. Every node administrator is a committee member. Every node administrator is an end user. Every node administrator is an instructor. This is far from a weakness in the framework; rather, it is an overwhelming strength. It makes sense to use our best, brightest, most experienced personnel to fill these crucial positions. The node administrators have in excess of 250 years of combined law enforcement experience. The collective expertise of these dedicated personnel is an asset and an integral part of the CalGang® system. C2: The auditor has concern that end users are not disabled when they separate or transfer. 14 R2: The auditor has redacted the identity of the sole end user they take exception to. Due to this omission we are unable to correct the issue. 15 Sonoma County Sheriff’s Office has procedures in place for the modifying and removing separated employees. An office-wide message, generated from the Personnel Bureau, is distributed whenever a person is moved to a different position or separates from the agency. It is at that time that person’s CalGang® access is reevaluated. C3: The auditor believes that our written policy for the re-establishment of CalGang® services after a disaster or other catastrophic failure is lacking. R3: CalGang® data is replicated in near-real time to the central node at the DOJ in Sacramento. It is backed up nightly both locally and off-site. If the Sonoma Node (or any other California Node) is unavailable, the data remains searchable at DOJ, or visa-versa. 16 We believe that our Service Level Agreement with the County Information Systems Department, which is responsible for the data center, addresses the re-establishment of all Sheriff’s services, including CalGang® as part of the County-Wide Continuity of Operations Plans. All eventualities cannot be anticipated, nor do disasters fit neatly into boxes. Re-establishment of services is dependent on many issues which the Sheriff’s Office cannot control. Sonoma County Sheriff’s Office has evaluated the ability to return the CalGang® system’s functionality after a disaster and we are implementing a plan to restore services. CalGang® is not a mission-critical application, restoration can take a lesser priority following a disaster. Should we experience a catastrophic event, we could restore the system to full functionality with 90 days subject to priority. C4: The auditor noted a discrepancy between CalGang® Policy and a since re-written DOJ Guideline. R4: 17 CalGang® fully complies with Federal standard as required in Title 28, section 23 of the Code of Federal Regulations as is evidenced in the compliance letter from the Institute for Intergovernmental Regulations dated February 7, 2006. That document is attached. The following bullet point is also referenced in our comment number 6. The committee policies dated September 27, 2007 were based on the California Criminal Intelligence File Guidelines dated July 1, 1994. This version of the State Guidelines does not include the overly onerous review requirements outlined in the updated Model Standard and Procedures for Maintaining Criminal Intelligence Files and Criminal Intelligence Operational Activities, dated November 2007. The November 2007 version, was revised by Deputy Attorneys General (DAG) Harry Colombo and Rob Nash. DAGs Colombo and Nash were the two Deputy Attorney Generals assigned as representatives to the Committee. These additional requirements were never recommended by Colombo and Nash to be included into CalGang®. C5: A peace officer can make an arrest, depriving a person of their actual liberty, based on probable cause. However the threshold for entry into CalGang® is much lower, subjective reasonable suspicion, as defined pursuant to 28CFR23. R5: The detention, arrest and possibly their subsequent incarceration (or release on their promise to appear, a citation) of a person only requires the eventual sergeant’s review. There are considerably more personal liberties and rights at stake. C6: The recommendation of this audit is that there are two or three more levels of review to meet a much lower burden of proof. R6: In May 2016, the Committee and the Board chose to exclude the reference to the November 2007, DOJ guideline, Model Standard and Procedures for Maintaining Criminal Intelligence Files and Criminal Intelligence Operational Activities, in favor of 28CFR23 statute.
“Gangs Section [REDACTED]”	C7: The auditor takes exception to how Gangs are documented in CalGang®. R7: 18 The auditor states that “[Sonoma] could [NOT] prove that it performed the analysis required to establish reasonable suspicion.” However, in the corresponding footnote, the report acknowledges, “Through our review, we determined that Sonoma was able to demonstrate that the gangs we reviewed currently meet CalGang® policy requirements.” The process is started by a communication from an end user to the administrator requesting the gang be created. That communication can be a standard form, an email, a phone call or face-to-face, as often occurs in training classes when we bring new agencies onto CalGang®. 19 That gang can only be entered into CalGang® by the administrator. The name, title, agency, contact information of the requestor is noted and is available for follow up contact if necessary in CalGang®. If there is a paper copy of the request, it historically has not been retained, as all that information is included in the digital record. Since this was discussed during the audit, those written requests are being electronically attached to the Gang record, thus preserving the request. The following bullet point is also referenced in our comment number 19. The status of that gang is then monitored at least three times a year by the administrator to make sure the end user agency populates the gang with members. If this population doesn’t occur, the gang is purged. As a gang is not an individual it has no privacy rights. The individual’s connection to the gang is fully documented.
“[SONOMA DOES] Not Have Adequate Support for Sonoma of the Individuals and Many of the Criteria They Entered into CalGang”	C8: 20 A fundamental flaw in the report is the inaccurate use of the term “support,” instead of “supporting documentation,” e.g. the report reads that data entries lacked support, instead of data entries lacked supporting documentation. This improper terminology leads to a series of assumptions that data entries were unsupported or inaccurate simply because no documentation was available at the time of the audit to prove the entry criteria. R8: The following bullet point is also referenced in our comment number 20. While this may be a legitimate point to encourage better documentation procedures (where practical and feasible), the mere lack of documentation (which the report explains by virtue of current processes) does not necessarily mean that the entries were, in fact, materially unsupported or inaccurate. The report includes numerous conclusions that “inaccurate criteria entries” existed, which resulted in a finding that “Sonoma is tracking people in CalGang who do not appear to justifiably belong in the system.” This is not the case. C9: 21 The auditors were offered a stand-alone, fully functioning laptop version of CalGang® to audit. Instead they chose to look at the raw data in the database. This caused numerous conflicts since the auditors “version” was incomplete. This was communicated to the auditor and they believed they at one point had remedied the issue; however our CalGang® version still did not reconcile with the auditors view. We were not consulted after that. R9: 22 The report states only 40% of records were in compliance. In actuality, only 40% were reviewed, and all of those were in compliance. The balance were never reviewed because the auditor did not correctly reconcile their version. C10: The auditor seems to accept our end users expert opinion(s) that certain tattoos are gang related and specific locations are gang areas, but we continue to disagree on what crimes are “gang related.” R10: 23 We contend that crimes are gang related if they are in support of, for the benefit of, or in association with a criminal street gang or its members. The auditor insists that only the crimes in penal code section 186.22(e) are gang related. The following bullet point is also referenced in our comment number 23. We hold that for intelligence purposes, beyond a subjective reasonable suspicion many crimes can be gang related, based on the support of, benefit, or association with doctrine. Conversely, the crimes enumerated in 186.22(e) might NOT be gang related. The following bullet point is also referenced in our comment number 23. We believe each incident is viewed in the totality of the circumstances based on the 28CFR23 subjective reasonable suspicion standard.
“CalGang Records Section [REDACTED] [SONOMA HAS] Not Established Necessary Processes for Reviewing and Purging Records”	C11: The auditor notes that some of the aspects of the November 2007 version of the Model Standard and Procedures for Maintaining Criminal Intelligence Files and Criminal Intelligence Operational Activities, specifically expanded review of data entry, is not incorporated into Sonoma County and CalGang® policy. This is specifically addressed earlier in this response paper. R11: The following bullet point is also referenced in our comment numbers 1, 2, and 7. The Sonoma County Sheriff’s Office believes that the current level of CalGang® oversight, which was originally recommended by the Senior Assistant Attorney General assigned to CalGang®, remains appropriate, in fact it is above and beyond what is employed in other Criminal Intelligence Systems we are familiar with. It is proactive, forward looking, and holds end users accountable. It also, as much as is possible within the confines of 28CFR23, is transparent via the CalGang® Executive Board which has for decades met publicly. The following bullet point is also referenced in our comment number 1. CalGang® does not violate individual privacy rights; in fact, it protects those rights by operating strictly within the confines of 28CFR23. 24 Records are purged automatically when they have not been substantially updated within the five year statutory requirement.
“[SONOMA] Lacks Processes to Ensure They Share CalGang Information Properly and Limit CalGang Access as CalGang Policy Requires”	The Sonoma County Sheriff’s Office responds generally, that end users are trained that releases of criminal intelligence information is only to Law Enforcement Personnel with a specific right and need to know. Military recruiters and any other potential employers are specifically discussed and are examples of those who may not receive CalGang® criminal intelligence information, as are Attorneys (both prosecuting and defense, see Brady v Maryland, 373 US 83(1963) and generally any member of the public. 25 Additionally, end users must affirmatively acknowledge these caveats EVERY TIME they log into CalGang®, please refer to the attached document, “EndUserPerso.pdf” C12: 26 The auditor suggests that staff was not truthful when identifying external requests. R12: The Sonoma County Sheriff’s Office does track Public Records Acts requests and Discovery requests. Those records are maintained in our Central Information Bureau. End user auditing is maintained within the CalGang® application. Our administrator did not receive any other external requests for CalGang® information during the time frame specified. All requests were made directly into the CalGang® system and are tracked there in the systems extensive audit trail. The following bullet point is also referenced in our comment number 25. Our Sonoma County Sheriff’s Office policy is attached as criminal-street-gang.pdf and the Sonoma County Chiefs’ Association policy CRIMINAL STREET GANG INTELLIGENCE FILES is attached. 92-2.pdf
“[SONOMA] Cannot Demonstrate They Follow CalGang Training Policy or Best Practices.”	C13: 27 The auditor alleges that our Training curriculum is not approved by the Committee and/or Board. R13: Our training curriculum was originally developed 20 years ago in a collaboration between our node administrator and another qualified node administrator and used by all trainers state-wide and presented as a model for our interstate and federal partners. The following bullet point is also referenced in our comment number 27. It has always been certified by the California Commission on Peace Officers Standards and Training (POST) and the California Board of State Community Corrections, Division of Standards and Training for Corrections (STC). Every end user has attended that Committee developed training. We discussed the perceived discrepancy between CalGang® policy and actual practice as it refers to our Committee developed, state certified, Train the Trainer course. 20 years ago, our committee developed a state certified training course that was 24 hours (three full days.) This was in an era that end users needed to be trained in the basic use of a computer. Currently, computer usage and familiarity is commonplace and instruction in such basics is unwarranted. The following bullet point is also referenced in our comment number 27. Since then, the Committee agreed that this could be shortened to 16 hours. The Committee developed a Train the Trainer class as an eight hour POST and STC certified course. The following bullet point is also referenced in our comment number 27. One of the pre-requisites for the Train the Trainer class is the attendance of the FULL end user class, which was originally 24 hours, and later shortened to 16 hours. The intent of the policy is that a node administrator/trainer originally trained the Train the Trainer student in the FULL class. The policy said a full class was 24 hours and was not corrected to 16 hours. This is a simple oversight and policy has since been corrected to reflect FULL end user class. The following bullet point is also referenced in our comment number 27. This was explained to the auditors but not conveyed in their findings.

Comments

CALIFORNIA STATE AUDITOR’S COMMENTS ON THE RESPONSE FROM THE SONOMA COUNTY SHERIFF'S OFFICE

To provide clarity and perspective, we are commenting on the response that the Sonoma County Sheriff’s Office (Sonoma) provided to our audit. The numbers below correspond to the numbers we have placed in the margin of Sonoma’s response.

Sonoma states that the audit did not unearth any actual privacy violations it had committed. An actual violation of privacy is a question for a court of law to decide and not one that this audit was designed to answer. What the audit did reveal is that Sonoma’s process for adding information to CalGang does not comply with standards designed to protect individuals’ right to privacy. Further, as Table 7 shows, we reviewed 25 individuals associated with Sonoma and found that seven did not have adequate support for their inclusion in CalGang. When law enforcement agencies cannot provide adequate support for the inclusion of individuals in CalGang, documenting those individuals’ whereabouts, appearance, and associates in a shared database could constitute or lead to a violation of their privacy or other constitutional rights.

Sonoma’s use of the term “statutory guidelines” is misleading in that neither CalGang, nor its applicable guidelines, are contained in statute. Rather, CalGang’s governance bodies voluntarily adopted certain federal and state criminal intelligence guidelines. Sonoma is mistaken in its belief that it meets or exceeds these guidelines for administering a criminal intelligence system. For example, Sonoma could not demonstrate that it established reasonable suspicion for four gangs it entered into CalGang. Further, Table 7 summarizes the number of individuals and criteria for which Sonoma could not provide adequate support. Finally, Sonoma lacks necessary processes for reviewing CalGang entries for accuracy and relevance.

The node administrator agencies audit at the committee’s direction and we conclude that the committee’s audit approach is weak and does not ensure that CalGang contains only valid, accurate information. Of specific concern was that the node administrator agencies audit their own records and only orally report the results. We also describe how one sergeant at Sonoma acts as a committee member, the Sonoma node administrator, and as a CalGang user. He asserted to us that he enters at least 95 percent of CalGang records for Sonoma. We conclude that playing multiple, conflicting roles highlights the current weaknesses in CalGang’s oversight framework of which the audits are a key part.

Sonoma points out that it was provided a redacted copy of the audit report containing only information about Sonoma and prohibited from discussing the report with outside parties including the board and the committee. Our enabling statutes require us to keep all substantive audit related information confidential while an audit is ongoing. To comply with the law, we did not share draft report text concerning other entities with Sonoma, just as we did not share text concerning Sonoma with the other entities that were also the subjects of the audit. We twice explained our confidentiality requirements and protocols to Sonoma; once at the beginning of the audit and again at the end. Moreover, we briefed pertinent Sonoma staff repeatedly about our preliminary conclusions before we drafted the report. We are confident that Sonoma was aware of all the issues related to it that this audit report contains.

Sonoma is confusing law enforcement reviews of source information, such as arrest reports or other field observations, with the scrutiny needed to add information to CalGang. We did not question the field observations of law enforcement officers; rather, we questioned the accuracy of the corresponding entries in CalGang. By his own admission, Sonoma’s node administrator enters at least 95 percent of CalGang entries for Sonoma. No other person reviews these entries and we found that 48 of the 119 criteria we reviewed (40 percent) were not supported by source information as shown in Table 7. In some instances, Sonoma could not locate the corresponding source information but in many other instances we located the source information and it did not match the entry included in CalGang, which is something a supervisory or quality control review would ostensibly catch—if Sonoma actually had these processes in place.

For nearly nine years since it published its September 2007 policies and procedures manual, the California Gang Node Advisory Committee’s (committee) manual indicated that CalGang will comply with the California Attorney General’s intelligence file guidelines—guidelines that were updated in November 2007 and have remained unchanged. At no time has the committee clarified that it was only the former Attorney General guidelines to which the committee’s policies and procedures were referring. Only until this audit began to question why CalGang users were not complying with—and in some cases not even aware of—the Attorney General guidelines, did committee members such as Sonoma begin saying that it was only the former guidelines to which the committee had agreed to follow. This revisionist view neglects the plain language of the committee’s policies and procedures, which offers no caveat as to a particular version of the guidelines it indicates CalGang will follow.

Sonoma is mischaracterizing board meetings as public. Neither the board nor the committee meet in public; they do not post public notice of their meetings, post agendas and minutes, or accept public testimony. All of these actions are accepted as standard for public meetings government and quasi‑government bodies hold. For Sonoma to maintain that these meetings are “public”, despite the board not having any processes to make them truly public, is further evidence to us that the statutory changes we recommend are greatly needed.

The length of time to complete this audit was entirely sufficient for us to understand CalGang and all related requirements. The State Auditor’s Office has extensive experience reviewing the reliability of all types of databases and examining the support for all types of assertions, including those made by law enforcement agencies.

The audit’s recommendations are grounded in the evidence we collected and examined over the course of the audit. That evidence clearly undermines Sonoma’s continued belief that its administration of CalGang is not deficient in any manner—despite having the highest deficiency rate of any of the four agencies we reviewed, as evidenced by Table 7.

Given the emphasis Sonoma places on the value of CalGang to protect its citizens, we find it disconcerting that Sonoma will only use the system if it can continue to do so in its present manner, an approach that our audit report demonstrates puts at risk individuals’ rights to privacy and which is not in accordance with safeguards necessary for a criminal intelligence system.

As indicated in Note 5, 40 percent of the Sonoma-related criteria entries we reviewed were not adequately supported by appropriate source information. Our recommendations are designed to reduce this deficiency rate and thereby help CalGang be a reliable tool that law enforcement can use to fight gang crime. If Sonoma cannot accept a fair and honest critique of its current processes, and even attempt to improve its procedures without threatening to walk away from CalGang altogether, then Sonoma may not be suited to be a CalGang node administrator.

Sonoma has failed to understand the issue at hand. We describe a lack of accountability and oversight because too few people play too many roles. We use Sonoma’s one sergeant who acts as a committee member, the node administrator and as a CalGang user to make our point. As stated on this same page, he asserted to us that he enters at least 95 percent of CalGang records for Sonoma and then he audits his own work as node administrator. We conclude that playing multiple, conflicting roles highlights the current weaknesses in CalGang’s oversight framework.

We typically do not disclose the names of individuals in our published audit reports. We discussed the account in question with Sonoma staff during our fieldwork and have provided the account user’s information to Sonoma.

Sonoma has not documented its policy or procedure for modifying or removing CalGang user access rights. In addition, we identified an active user account for an individual that no longer worked for Sonoma.

Sonoma’s agreement with its service provider does not specify how quickly the CalGang information would need to be restored in order to minimize the impact of an interruption, as industry best practices indicate. Although Sonoma’s assertion that it is implementing a plan to restore the system within 90 days is encouraging, it is important that Sonoma and its service provider formally agree on this time frame to ensure that the service provider is able to meet Sonoma’s needs.

Sonoma has mischaracterized the 2006 letter from the Institute for Intergovernmental Research (institute), which predates CalGang’s current policy and, thus, is no longer relevant to CalGang. We introduce the institute as the criminal intelligence training vendor with which the federal government contracts. The letter the institute issued to Sonoma opines on CalGang’s policy; it concludes that the policies and procedures are in compliance with federal regulations. However, the institute’s opinion is not relevant presently because the committee updated the policy in 2007, after the institute issued its opinion.

Based on Sonoma’s comment, we conclude that it did not understand the report text. To avoid any further misunderstanding we expanded the text and removed the footnote. The word ‘currently’ is italicized in that text as a way to stress that in our subsequent review the gangs we initially reviewed met the CalGang criteria as a gang. We thought it was important to draw a distinction between the past and the present so that our stakeholders do not conclude that the gangs we reviewed do not presently meet the CalGang criteria. The fact that these groups presently meet gang criteria does not mean that law enforcement agencies were justified in not maintaining support for why these groups were originally added to CalGang.

Sonoma fails to understand that law enforcement agencies must be prepared to demonstrate that a group meets gang criteria before it can be entered into CalGang. In Figure 3 we depict the process that must be followed to add a gang to CalGang. Federal requirements state that reasonable suspicion must be established and CalGang policy requires, among other items, that the group must have three or more members. Sonoma is further mistaken that the monitoring it mentions are an effective tool to identify gangs that do not meet CalGang criteria. We describe weaknesses in the committee’s audit process.

Sonoma is failing to hear and adjust its understanding to the plain language of our audit report. Criteria entries from Sonoma did not just lack supporting documentation; many of its criteria entries in CalGang inaccurately reflected the documentation that should have supported the entry. We provided an example of a supposed gang member that, according to a Sonoma CalGang entry, admitted to being a gang member during a custody classification interview at a county jail. We obtained the written record of this interview and found that he said he was not a gang member and desired to not be housed with the gang to which he was later connected in CalGang. We found similar problems with another individual in our Sonoma selection and brought this to the attention of the node administrator. He agreed that in three separate instances the admission referenced in CalGang was not documented in the relevant reports and he purged these criteria entries from CalGang. Because we provided information on all deficiencies we found to Sonoma, we do not understand why Sonoma would continue to misunderstand what we are clearly communicating.

Although we appreciated Sonoma’s offer of a laptop version of CalGang, obtaining raw data from CalGang allowed us to conduct electronic analyses that would have otherwise been impossible using a laptop version of CalGang. We obtained all CalGang data to which we had legal access and that was necessary to conduct our electronic analyses. We did not obtain certain documents available in CalGang, such as photos and reports, because these items typically make electronic files prohibitively large and because we knew these items could be obtained from the law enforcement agencies as needed. The only “conflicts” that occurred were when we could not verify from the source documents we obtained that CalGang criteria entries were supported. In these instances, we asked the law enforcement agency or the applicable node administrator for additional documentation or perspective.

This response has no clear relationship to the redacted draft report we provided to Sonoma. As we show in Table 7, we found that 48 of the 119 criteria we reviewed (40 percent) for Sonoma did not have adequate support. In roughly half of these instances, the deficiency we found was that Sonoma could not provide the supporting document. For the remainder, we located the document but the information contained therein was not supportive of the conclusion indicated in the CalGang criteria entry.

We used Penal Code 186.22(e) as a benchmark for whether offenses were consistent with gang activity because no other standard is offered in the committee’s policies and procedures. Throughout its response, Sonoma continues to add the term “subjective” to any description of the reasonable suspicion standard described in federal regulations. By doing so, Sonoma reveals its predisposition to reject any objective standard for which offenses would actually be consistent with gang activity. Sonoma provides an alternative definition in its response but, in practice, does not attempt to prove that the offenses for which it entered criteria into CalGang were indicative of gang activity. Sonoma used offenses such as resisting arrest and violating probation to justify including individuals in CalGang but did nothing to prove that such offenses were in support of a gang or its members, unless by “members” Sonoma is arguing that the offenders were in support of themselves. If so, then Sonoma presupposes that these individuals are gang members and therefore any offense they commit is in support of that gang.

We identified three separate weaknesses with CalGang’s purge function including over 250 records that were not scheduled to purge from CalGang for more than 100 years.

The attachments referred to in Sonoma’s response are available upon request.

Sonoma has mischaracterized the audit report and is further demonstrating its misunderstanding of CalGang policy. We state that Sonoma has no processes in place to capture requests it receives for CalGang records that are internal to its organization or from other law enforcement agencies. Sonoma’s comment suggests that we consider staff to be untruthful when in reality our audit standards require that we gather evidence to support our work. An individual’s assertion is a form of evidence, but considered less reliable than records or documents supporting an entity’s actions. We describe that the state guidelines require Sonoma to have written policy regarding information sharing, but that Sonoma’s written policy lacks all of the necessary safeguards the CalGang policy specifies.

Sonoma is making statements that it could not support during the audit and thus, we dismissed as not relevant. The audit report concludes that Sonoma could not demonstrate that the committee approved the training materials that it follows. Sonoma was not able to provide evidence of the committee’s approval; thus, we stand by our conclusion. The fact that POST and STC certified the training is irrelevant given that the CalGang policy states that the committee must approve the training and neither the committee nor Sonoma could evidence that approval. Moreover, Sonoma describes committee agreements that it could not evidence and which are in direct conflict with current CalGang policy.

Responses to the Audit

California Department of Justice

Los Angeles Police Department

Comments

CALIFORNIA STATE AUDITOR’S COMMENTS ON THE RESPONSE FROM THE LOS ANGELES POLICE DEPARTMENT

Santa Ana Police Department

Santa Clara County Sheriff's Office

Comments

CALIFORNIA STATE AUDITOR’S COMMENTS ON THE RESPONSE FROM THE SANTA CLARA COUNTY SHERIFF'S OFFICE

Sonoma County Sheriff's Office

SONOMA COUNTY SHERIFF’S OFFICE RESPONSE TO CALGANG® AUDIT REPORT

The Sonoma County Sheriff’s Office simple response to the auditor’s recommendations is:

ATTACHMENT A: SPECIFIC RESPONSES

Comments

CALIFORNIA STATE AUDITOR’S COMMENTS ON THE RESPONSE FROM THE SONOMA COUNTY SHERIFF'S OFFICE

SONOMA COUNTY SHERIFF’S OFFICE
RESPONSE TO CALGANG® AUDIT REPORT