Yes, Police Are Snooping Through Criminal Databases For Personal Reasons All The Time

from the as-long-as-zero-fucks-are-given,-nothing-will-change dept

The more journalists and other FOIA enthusiasts gain access to public records, the more we discover that a combination of access and power tends to result in abuse. Even as this abuse goes unaddressed, law enforcement agencies are striving to add more personal information to their databases, extending far past the usual “name/last known location” to encompass a vast array of biometric data.

Privacy watchdogs have been fighting against these for good reason: very little is known about the contents of these databases or the controls put in place to protect the info from inappropriate access. What is known is that these databases are misused by law enforcement officers routinely. What’s also been discovered is that this routine misuse is rarely ever punished to the extent the law allows. Warnings about possible jail time are meaningless when the usual punishment usually ranges from nothing at all to short suspensions.

The Associated Press has obtained another pile of documents from public records request that show little has changed. Abuse of access is still a common occurrence, as is the lack of meaningful consequences. There’s no almost no oversight and no federal law enforcement body holding agencies accountable for misuse of databases under their control.

No single agency tracks how often the abuse happens nationwide, and record-keeping inconsistencies make it impossible to know how many violations occur.

But the AP, through records requests to state agencies and big-city police departments, found law enforcement officers and employees who misused databases were fired, suspended or resigned more than 325 times between 2013 and 2015. They received reprimands, counseling or lesser discipline in more than 250 instances, the review found.

Unspecified discipline was imposed in more than 90 instances reviewed by AP. In many other cases, it wasn’t clear from the records if punishment was given at all. The number of violations was surely far higher since records provided were spotty at best, and many cases go unnoticed.

What was uncovered from the incomplete set of records is the expected behavior. Give someone access to a wealth of other people’s personal information and it will be used for personal reasons. Law enforcement officers have misused the databases to stalk and harass exes, look up women they find attractive, and to search for something to discredit journalists and other critics.

Violations frequently arise from romantic pursuits or domestic entanglements, including when a Denver officer became acquainted with a hospital employee during a sex-assault investigation, then searched out her phone number and called her at home. A Mancos, Colorado, marshal asked co-workers to run license plate checks for every white pickup truck they saw because his girlfriend was seeing a man who drove a white pickup, an investigative report shows.

In Florida, a Polk County sheriff’s deputy investigating a battery complaint ran driver’s license information of a woman he met and then messaged her unsolicited through Facebook.

Officers have sought information for purely personal purposes, including criminal records checks of co-workers at private businesses. A Phoenix officer ran searches on a neighbor during the course of a longstanding dispute. A North Olmsted, Ohio, officer pleaded guilty this year to searching for a female friend’s landlord and showing up in the middle of the night to demand the return of money he said was owed her.

Most abuse of law enforcement databases goes undiscovered. The systems generally have no way to tell appropriate use from inappropriate use. Officials who did agree to speak on the record noted that the usual indication of misuse tends to be complaints filed by those targeted by the illegal searches. And that generally only happens when officers perform other illegal or abusive actions, like the previously-mentioned stalking and harassment.

Any attempt to quantify these illegal searches is likely fruitless for the time being. The police haven’t shown much interest in policing themselves, and the DOJ has never floated the idea of collecting data on database misuse. Violations are not required to be reported to the FBI. That agency performs spot checks of database requests, but uses a small sampling and the audits are far from comprehensive. Even when records do exist, law enforcement agencies are reluctant to release them. Several records requests by the AP were denied.

On top of that, laws covering access to law enforcement databases vary from locality to locality, and even at the federal level, the issue of illegal vs. inappropriate still hasn’t been conclusively determined. The DOJ often displays tremendous enthusiasm when wielding the CFAA against citizens for “unauthorized access,” but seems far less willing to do so when law enforcement officers use criminal databases for personal reasons.

It’s almost impossible to deter inappropriate behavior when nearly everyone involved takes a hands off approach to the issue. Trying nothing obviously isn’t working. And the more that’s harvested by the government under the auspices of law enforcement, the more data there is available to be abused.

This is just another item in a long list of law enforcement abuses that has gone unaddressed for decades now — either internally or by the federal government. Trust is something that’s earned. Trust shouldn’t just be handed over, and that level should deteriorate as abuse is exposed, rather than remain unchanged. But that’s not what has happened over the years. Instead, law enforcement agencies benefit from a perpetual benefit of a doubt. The end result is obvious: agencies and their employees have no problem abusing trust because they’ve expended no effort in “earning” it.

Filed Under: , , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Yes, Police Are Snooping Through Criminal Databases For Personal Reasons All The Time”

Subscribe: RSS Leave a comment
PaulT (profile) says:

Re: Not surprising

If so, it’s scary that it’s “expected” that real-life police officers act the way that a screenwriter with no legal expertise would write them in order get to a predetermined result, usually with no thought of what would happen to police or victims past the end credits.

Especially when the average screenwriter presumably has the same grasp of the reality of police work as they do of technology (not a lot, and often laughably wrong).

That One Guy (profile) says:

Re: Re: Not surprising

An idea along those lines first came to mind thanks to the horrific idea of ‘torture is okay because it can stop something even worse’ I’ve run across a few times(too many), but a variation of it could work just as well here.

Police/government agent breaks the law to go snooping for personal data on the ‘bad guy’, finds it, and uses it to bring them in and charge them. It goes to court, defense finds out about the law breaking and gets the ‘ironclad’ case completely tossed as a result, with the accused walking free and everyone extremely pissed at the agent for screwing up what should have been an open and shut case and letting someone that all the evidence paints as absolutely guilty off the hook, all because of their incompetence and/or indifference to the law.

(The torture version would be roughly similar, a bomb is going to be detonated in a populated area, government agent/agency captures a ‘terrorist mastermind’, and because ‘terrorists don’t deserve rights!’ they torture the person to get the location of the bomb to stop it from going off. After getting the information they rush off, clock counting down to find… nothing.

Bomb goes off in a completely different area killing and maiming tons of people, and only afterwards does it come out that they tortured someone who had no idea where the bomb was, whether because the person they tortured was completely innocent or because they were ‘guilty’ but never knew that bit of information in the first place, and in either case they just said whatever they thought would get the torture to stop.

And if you really want to rub it in/add insult to injury have it come out that in their focus on the one person they completely ignored evidence that could have prevented the bombing because ‘they already had the right guy and it was only a matter of time until he talked’)

Of course neither of the above would ever make it into your standard tv crime shows, because as everyone knows police and/or government agents/agencies would never make mistakes like that, and anyway everything is acceptable so long as the ‘good guys’ do it, because ‘bad guys’ neither have no deserve the protection of the law.

Anonymous Coward says:

Well since the abuse is THAT wide (insert sarcastic shocked voice here), maybe the system should get additional security. Since almost everything is getting done with CHIPED cards and two factor authorization… Lets apply that to the databases! Want to run a search on some phone number? Needs an additional higher ranking officers card and code! (Would not apply to simple checks such as normal traffic stops, but those could only return simple data such as validity of license or if vehicle is stolen/warrants out.) Need to find out complex info? Requires an aproved warrant ID number!
But then again cops will bitch and moan thru their union reps about how this will make their jobs too hard and that the terrorierists will win!!!

Anonymous Coward says:

Re: Re: What could possibly go wrong?

That’s a good point. If I were drug dealer A, and I was interested in actionable intelligence about drug dealers B, C, and D in my town, I’d have three choices:

1. Set up my own intelligence-gathering operation. Expensive. Risky. Tedious.

2. Pay off a cop — not hard, most cops are corrupt to the core and will happily take bribes — and have that cop harvest all the information of B, C, and D for me. And as a bonus: give me a copy of the information on myself so that I can do risk assessment. (For extra credit: pay off TWO cops and compare what they both return, just in case one of them is holding out on me.)

3. Pay someone to hack the database. Given the history of government databases (horribly poor security) it shouldn’t be that hard. But option 2 is probably cheaper and faster. Plus there are other advantages to buying a cop.

Yes, I know I'm commenting anonymously says:

You cannot increase security by trying to change the user..

Bruce Schneier blogged this week: “Stop Trying to Fix the User”.
Analogously : you cannot prevent abuse of `big data’ by expecting those with access not to abuse their access.
Either minimize the data or put better limits the access. (and that is without accounting for data security).

Anonymous Coward says:

I keep waiting for one the crime dramas that are on to have this really big, really nasty criminal who is unequivocally guilty in court and big climax building JUSTICE VERDICT! coming… just to have all charges dropped due to fruit of the poisonous tree and the cops get a court date where they have to defend themselves due to their unlawful actions.

That Anonymous Coward (profile) says:

Gee if only that Verizon tech who got busted had used some of the cash he made to become a reserve deputy, he would have avoided the jail time.

Protecting the image of the system at the expense of keeping the system legit. Signing contracts that allow an outside party to decide if they really should have been fired. Allowing them to RorR (Retire or resign) without any charges being filed, and move to yet another department to continue their personal crime wave.

If I accessed a database of information about LEO’s, I would be in jail faster than the speed of light. There would be press releases about what a violation this was. There would be demands for more money to secure the system & track unauthorized uses. If I had a badge, no one would say boo it seems.

When protecting the image of something at all costs, includes covering up crimes… perhaps it is time to consider the system is corrupt and needs to be rebuilt. The trust of the public is waning towards LEO’s and these examples of cops being allowed to skate at nearly every turn explain why we no longer trust them.

I get pulled over with a small bag of weed and my life is pretty much ruined.

A cop stood on the hood of a car and executed 2 unarmed people… then had the gall to sue because he felt his disciple (sitting in time out for some time) was worse than what officers of other races got.

Why should we trust a system that clearly has different rules? Good enough for me, good enough for thee.

jjro1 says:

Ontario doesn't event care

Cops here brag about using these databases for personal gain. OIPRD doens’t even care. OIPRD claims investigating constable database abuse isn’t their job. Ontario, Independent, Police, Review, Directorate. An arms length entitiy that oversees police abuse has zero interest in dozens of cops abusing the databases.

Great country, eh?

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...