Yes, Police Are Snooping Through Criminal Databases For Personal Reasons All The Time

from the as-long-as-zero-fucks-are-given,-nothing-will-change dept

The more journalists and other FOIA enthusiasts gain access to public records, the more we discover that a combination of access and power tends to result in abuse. Even as this abuse goes unaddressed, law enforcement agencies are striving to add more personal information to their databases, extending far past the usual "name/last known location" to encompass a vast array of biometric data.

Privacy watchdogs have been fighting against these for good reason: very little is known about the contents of these databases or the controls put in place to protect the info from inappropriate access. What is known is that these databases are misused by law enforcement officers routinely. What's also been discovered is that this routine misuse is rarely ever punished to the extent the law allows. Warnings about possible jail time are meaningless when the usual punishment usually ranges from nothing at all to short suspensions.

The Associated Press has obtained another pile of documents from public records request that show little has changed. Abuse of access is still a common occurrence, as is the lack of meaningful consequences. There's no almost no oversight and no federal law enforcement body holding agencies accountable for misuse of databases under their control.

No single agency tracks how often the abuse happens nationwide, and record-keeping inconsistencies make it impossible to know how many violations occur.

But the AP, through records requests to state agencies and big-city police departments, found law enforcement officers and employees who misused databases were fired, suspended or resigned more than 325 times between 2013 and 2015. They received reprimands, counseling or lesser discipline in more than 250 instances, the review found.

Unspecified discipline was imposed in more than 90 instances reviewed by AP. In many other cases, it wasn't clear from the records if punishment was given at all. The number of violations was surely far higher since records provided were spotty at best, and many cases go unnoticed.

What was uncovered from the incomplete set of records is the expected behavior. Give someone access to a wealth of other people's personal information and it will be used for personal reasons. Law enforcement officers have misused the databases to stalk and harass exes, look up women they find attractive, and to search for something to discredit journalists and other critics.

Violations frequently arise from romantic pursuits or domestic entanglements, including when a Denver officer became acquainted with a hospital employee during a sex-assault investigation, then searched out her phone number and called her at home. A Mancos, Colorado, marshal asked co-workers to run license plate checks for every white pickup truck they saw because his girlfriend was seeing a man who drove a white pickup, an investigative report shows.

In Florida, a Polk County sheriff's deputy investigating a battery complaint ran driver's license information of a woman he met and then messaged her unsolicited through Facebook.

Officers have sought information for purely personal purposes, including criminal records checks of co-workers at private businesses. A Phoenix officer ran searches on a neighbor during the course of a longstanding dispute. A North Olmsted, Ohio, officer pleaded guilty this year to searching for a female friend's landlord and showing up in the middle of the night to demand the return of money he said was owed her.

Most abuse of law enforcement databases goes undiscovered. The systems generally have no way to tell appropriate use from inappropriate use. Officials who did agree to speak on the record noted that the usual indication of misuse tends to be complaints filed by those targeted by the illegal searches. And that generally only happens when officers perform other illegal or abusive actions, like the previously-mentioned stalking and harassment.

Any attempt to quantify these illegal searches is likely fruitless for the time being. The police haven't shown much interest in policing themselves, and the DOJ has never floated the idea of collecting data on database misuse. Violations are not required to be reported to the FBI. That agency performs spot checks of database requests, but uses a small sampling and the audits are far from comprehensive. Even when records do exist, law enforcement agencies are reluctant to release them. Several records requests by the AP were denied.

On top of that, laws covering access to law enforcement databases vary from locality to locality, and even at the federal level, the issue of illegal vs. inappropriate still hasn't been conclusively determined. The DOJ often displays tremendous enthusiasm when wielding the CFAA against citizens for "unauthorized access," but seems far less willing to do so when law enforcement officers use criminal databases for personal reasons.

It's almost impossible to deter inappropriate behavior when nearly everyone involved takes a hands off approach to the issue. Trying nothing obviously isn't working. And the more that's harvested by the government under the auspices of law enforcement, the more data there is available to be abused.

This is just another item in a long list of law enforcement abuses that has gone unaddressed for decades now -- either internally or by the federal government. Trust is something that's earned. Trust shouldn't just be handed over, and that level should deteriorate as abuse is exposed, rather than remain unchanged. But that's not what has happened over the years. Instead, law enforcement agencies benefit from a perpetual benefit of a doubt. The end result is obvious: agencies and their employees have no problem abusing trust because they've expended no effort in "earning" it.


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    Richard (profile), 4 Oct 2016 @ 3:36am

    Not surprising

    This isn't surprising as the heroes of films and police dramas on TV do this kind of thing all the time and although they sometimes get punished (a useul plot device) they almost always get exonerated in the end because they "Get Results".

    It is only to be expected that real life police officers do the same thing.

    reply to this | link to this | view in chronology ]

    • icon
      PaulT (profile), 4 Oct 2016 @ 4:22am

      Re: Not surprising

      If so, it's scary that it's "expected" that real-life police officers act the way that a screenwriter with no legal expertise would write them in order get to a predetermined result, usually with no thought of what would happen to police or victims past the end credits.

      Especially when the average screenwriter presumably has the same grasp of the reality of police work as they do of technology (not a lot, and often laughably wrong).

      reply to this | link to this | view in chronology ]

      • icon
        That One Guy (profile), 4 Oct 2016 @ 5:16am

        Re: Re: Not surprising

        An idea along those lines first came to mind thanks to the horrific idea of 'torture is okay because it can stop something even worse' I've run across a few times(too many), but a variation of it could work just as well here.

        Police/government agent breaks the law to go snooping for personal data on the 'bad guy', finds it, and uses it to bring them in and charge them. It goes to court, defense finds out about the law breaking and gets the 'ironclad' case completely tossed as a result, with the accused walking free and everyone extremely pissed at the agent for screwing up what should have been an open and shut case and letting someone that all the evidence paints as absolutely guilty off the hook, all because of their incompetence and/or indifference to the law.

        (The torture version would be roughly similar, a bomb is going to be detonated in a populated area, government agent/agency captures a 'terrorist mastermind', and because 'terrorists don't deserve rights!' they torture the person to get the location of the bomb to stop it from going off. After getting the information they rush off, clock counting down to find... nothing.

        Bomb goes off in a completely different area killing and maiming tons of people, and only afterwards does it come out that they tortured someone who had no idea where the bomb was, whether because the person they tortured was completely innocent or because they were 'guilty' but never knew that bit of information in the first place, and in either case they just said whatever they thought would get the torture to stop.

        And if you really want to rub it in/add insult to injury have it come out that in their focus on the one person they completely ignored evidence that could have prevented the bombing because 'they already had the right guy and it was only a matter of time until he talked')

        Of course neither of the above would ever make it into your standard tv crime shows, because as everyone knows police and/or government agents/agencies would never make mistakes like that, and anyway everything is acceptable so long as the 'good guys' do it, because 'bad guys' neither have no deserve the protection of the law.

        reply to this | link to this | view in chronology ]

  • identicon
    Anonymous, 4 Oct 2016 @ 3:46am

    Well since the abuse is THAT wide (insert sarcastic shocked voice here), maybe the system should get additional security. Since almost everything is getting done with CHIPED cards and two factor authorization... Lets apply that to the databases! Want to run a search on some phone number? Needs an additional higher ranking officers card and code! (Would not apply to simple checks such as normal traffic stops, but those could only return simple data such as validity of license or if vehicle is stolen/warrants out.) Need to find out complex info? Requires an aproved warrant ID number!
    But then again cops will bitch and moan thru their union reps about how this will make their jobs too hard and that the terrorierists will win!!!

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 4 Oct 2016 @ 3:48am

    What could possibly go wrong?

    Collect and store massive amounts of personal information, then make it searchable by a group of heavily-armed sociopathic bullies with a well-deserved reputation for murder, rape and assault. I'm sure that'll end well.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 4 Oct 2016 @ 6:36am

      Re: What could possibly go wrong?

      Searchable by anyone with backdoor credentials, including the ever scary hackers.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 4 Oct 2016 @ 7:06am

        Re: Re: What could possibly go wrong?

        That's a good point. If I were drug dealer A, and I was interested in actionable intelligence about drug dealers B, C, and D in my town, I'd have three choices:

        1. Set up my own intelligence-gathering operation. Expensive. Risky. Tedious.

        2. Pay off a cop -- not hard, most cops are corrupt to the core and will happily take bribes -- and have that cop harvest all the information of B, C, and D for me. And as a bonus: give me a copy of the information on myself so that I can do risk assessment. (For extra credit: pay off TWO cops and compare what they both return, just in case one of them is holding out on me.)

        3. Pay someone to hack the database. Given the history of government databases (horribly poor security) it shouldn't be that hard. But option 2 is probably cheaper and faster. Plus there are other advantages to buying a cop.

        reply to this | link to this | view in chronology ]

  • identicon
    Yes, I know I'm commenting anonymously, 4 Oct 2016 @ 4:03am

    You cannot increase security by trying to change the user..

    Bruce Schneier blogged this week: "Stop Trying to Fix the User".
    Analogously : you cannot prevent abuse of `big data' by expecting those with access not to abuse their access.
    Either minimize the data or put better limits the access. (and that is without accounting for data security).

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 4 Oct 2016 @ 8:53am

    I keep waiting for one the crime dramas that are on to have this really big, really nasty criminal who is unequivocally guilty in court and big climax building JUSTICE VERDICT! coming... just to have all charges dropped due to fruit of the poisonous tree and the cops get a court date where they have to defend themselves due to their unlawful actions.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 4 Oct 2016 @ 9:59am

    Almost as if the government rewards police misuse and abuse of the citizenry.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 4 Oct 2016 @ 11:19am

    Talk about accountability for police is great. But when are we going to also apply it to politicians?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 5 Oct 2016 @ 12:26am

    Can't wait for Whatever to magically explain this away.

    ...Now that I think about it, he's a fan of the NSA and LOVEINT, isn't he?

    reply to this | link to this | view in chronology ]

  • icon
    That Anonymous Coward (profile), 5 Oct 2016 @ 12:32am

    Gee if only that Verizon tech who got busted had used some of the cash he made to become a reserve deputy, he would have avoided the jail time.
    http://arstechnica.com/tech-policy/2016/09/verizon-technician-sold-calling-location-data-for-th ousands-of-dollars/

    Protecting the image of the system at the expense of keeping the system legit. Signing contracts that allow an outside party to decide if they really should have been fired. Allowing them to RorR (Retire or resign) without any charges being filed, and move to yet another department to continue their personal crime wave.

    If I accessed a database of information about LEO's, I would be in jail faster than the speed of light. There would be press releases about what a violation this was. There would be demands for more money to secure the system & track unauthorized uses. If I had a badge, no one would say boo it seems.

    When protecting the image of something at all costs, includes covering up crimes... perhaps it is time to consider the system is corrupt and needs to be rebuilt. The trust of the public is waning towards LEO's and these examples of cops being allowed to skate at nearly every turn explain why we no longer trust them.

    I get pulled over with a small bag of weed and my life is pretty much ruined.

    A cop stood on the hood of a car and executed 2 unarmed people... then had the gall to sue because he felt his disciple (sitting in time out for some time) was worse than what officers of other races got.

    Why should we trust a system that clearly has different rules? Good enough for me, good enough for thee.

    reply to this | link to this | view in chronology ]

  • identicon
    jjro1, 1 Jul 2018 @ 7:15am

    Ontario doesn't event care

    Cops here brag about using these databases for personal gain. OIPRD doens't even care. OIPRD claims investigating constable database abuse isn't their job. Ontario, Independent, Police, Review, Directorate. An arms length entitiy that oversees police abuse has zero interest in dozens of cops abusing the databases.

    Great country, eh?

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: Techdirt Logo Gear
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.