HomeMy WebLinkAbout2022-09-26 Tech Privacy Task Force Post Agenda Packet City of Chula Vista
Technology and Privacy Advisory Task Force
**POST-MEETING AGENDA**
Date:Monday, September 26, 2022
Time:6:00 p.m.
Location:Council Chambers, 276 Fourth Avenue, Chula Vista, CA
Meeting Agenda
Pages
1.CALL TO ORDER
2.ROLL CALL
3.PUBLIC COMMENTS 2
Any individual may address the task force on any matter within the subject area
of the task force that is not on the agenda. The length of time alotted to each
speaker will be determined by the chair at the beginning of the public comment
session. A maximum of 20 minutes will be provided for public comment at this
time. Speakers will be called in the order in which their requests to speak are
received. If, after 20 minutes, there are still individuals in the queue to speak,
they will be provided an opportunity to speak after the business items have
concluded.
4.WORK SESSION
4.1 Work Session #6 34
Task Force members will finalize the policy recommendations.
5.BUSINESS ITEMS
5.1 Final approval of draft recommendations
5.2 Receive and file meeting summaries 70
6.CLOSING REMARKS
6.1 Closing remarks by Task Force members
6.2 Closing remarks by City staff 75
7.ADJOURNMENT
1
Jeremy Ogul
From:Jim Zuffoletto < >
Sent:Sunday, September 18, 2022 11:07 AM
To:privacytaskforce@chulavistaca.gov
Cc:Rkennedy@chulavistapd.org; pcollum@chulavistapd.org
Subject:Summary of Policy Recommendations
Members of the Privacy Task Force
Let me preface my remarks by thanking you for the opportunity to comment on the proposed
Summary of Policy Recommendations.
My comments are limited to the application of these recommendations as they impact law
enforcement and more specifically the CVPD, Sheriff and National City.
I speak from a background in law and law enforcement having been a sworn member of the CVPD
and SDSO and a licensed attorney representing clients in various area of civil litigation. I served on
the 2021-22 County Grand Jury where my Law and Justice committee examined and extensively
studied the issue of privacy rights and the impact of surveillance and modern technology on the
public. The 2021-2022 Grand Jury published its findings and recommendations which can be found
at: http://www.sdcounty.ca.gov/grandjury.
That being said, the recommendations being proposed are, I believe, incomplete and present
potential serious issues concerning public welfare and safety.
“The Privacy Advisory Board should have nine members, at least two-thirds of whom are Chula Vista
residents.”
It is no surprise that the authors specifically left out inclusion of representatives from law enforcement
and victim’s rights advocates. The special interest groups, working under the guise of the San Diego
TRUST coalition, drafted and presented the exact same recommendations for the City of San Diego.
One only need look at the composition of that group to understand the real purpose behind their
agenda. Best practices studies show that “city council decisions are more likely to be seen as fair
and considerate if all people having a stake in the outcome” are involved. Asking nine pe ople, none of
whom have any experience in law enforcement, to make recommendations on what is acceptable use
of a piece of modern technology is like asking a jury of nine to determine guilt or innocents after
hearing testimony and seeing evidence from only one party to a case. At the August meeting of the
Advisory group, a member of TRUST stated they were only interested in being sure that all members
of the community were represented. That being said, it appears TRUST does not view law
enforcement or victims of crime to be part of the Chula Vista community.
Using that as background, and as mentioned earlier, it is my opinion the recommendations fail to
address serious concerns unique to law enforcement.
Sharing of information with neighboring law enforcement agencies
Warning:
External
Email
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 2 of 78
2
The CVPD works closely with the SDSO, which serves the unincorporated area of Bonita, and with
the NCPD. The departments are often called upon to assist each other. This close symbiotic working
relationship often requires sharing of information by each organization. That need for sharing must be
recognized and incorporated within the guidelines the advisory board works with and in collaboration
with outside agencies and must be considered when recommending any rules on sharing surveillance
or the use of equipment, i.e.; drones.
Law Enforcement Consultation and Contribution
Along the same lines, often, the use of surveillance technology as it specifically applies to law
enforcement cannot be adequately explained by a non-law enforcement lay person. Hence, any
recommendations concerning use of technology must include specific and articulable rationale from
the CVPD (or other L.E. sources) as to the appropriateness of the board’s recommendation. If
necessary, provisions should be included allowing such presentation to be made in a closed-door
session with city council, city attorney, city manager, mayor, and privacy director.
Cooperation and contribution with State and Federal Authorities
In addition, the CVPD has officers assigned to, and cross-sworn with, various state and federal
agencies and task forces such as FBI, DEA, HSA, etc. In their roles, secret and sensitive information
must be shared. Any attempt to quash that sharing might jeopardize further participation by CVPD
personnel and affect public safety. Clarification with regard to sharing of such data should be
included. Once again, this will require input from high level members of the city administration and the
CVPD,
Secrecy and Confidentiality
Finally, I see no provision for discussion of sensitive material among the advisory board members.
Secrecy should be addressed and required as it is with the members of the grand jury. All members
must be held to a strict level of confidentiality and subject to fines or prosecution for violating their
oath.
I would like to present further discussion at the upcoming meeting and will request the same in a
separate writing.
Thank you again,
James M. Zuffoletto, Esq. (Ret)
Virus-free.www.avast.com
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 3 of 78
1
Jeremy Ogul
From:Margaret Baker <mbakerdrph@gmail.com>
Sent:Thursday, September 22, 2022 2:52 PM
To:Privacy Task Force
Subject:Please post attached Privacy Advisory Commission Ordinance with Privacy Task Force meeting
agenda
Attachments:Revised Privacy Advisory Commission Ordinance_2022-07-15.pdf
Margaret A. Baker, DrPH
mbakerdrph@gmail.com
619-840-0463
South Bay People Power promotes social justice through nonpartisan civic engagement.
Warning:
External
Email
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 4 of 78
Surveillance & Community Safety Ordinance
(Revised - July 15, 2022)
ORDINANCE ADDING CHAPTER XXXX TO THE CHULA VISTA
MUNICIPAL CODE ESTABLISHING RULES FOR THE CITY’S
ACQUISITION AND USE OF SURVEILLANCE TECHNOLOGY
WHEREAS, the City of Chula Vista (“City”) takes great public pride in its status as a
Welcoming City and as a Smart City; and
WHEREAS, smart public safety decisions and the protection of all community members
require that municipalities ensure public debate and community involvement in decisions about
whether to acquire or use surveillance technology; moreover, that real public safety requires that
residents have a voice in these decisions; and
WHEREAS, across the U.S. cities that have adhered to a “privacy bill of rights” approach
are able to win public support in implementing the technology with proper safeguards in place to
build trust. Alternatively, cities that implement new technology in secrecy, without oversight,
without policy, and without broad and inclusive public input have found themselves facing
scrutiny, lawsuits, and voter referendums to ban certain technologies.
WHEREAS, the City Council finds it is essential to have an informed public debate as
early as possible about decisions related to the City’s acquisition and use of surveillance
technology; and
WHEREAS, the City Council finds that, while the use of surveillance technology may
threaten the privacy of all citizens, throughout history, surveillance efforts have been used to
intimidate and oppress certain communities and groups more than others, including those that
are defined by a common race, ethnicity, religion, national origin, income level, sexual
orientation or political perspective; and
WHEREAS, while acknowledging the significance of protecting the privacy of citizens,
the City Council finds that surveillance technology may also be a valuable tool to bolster
community safety and aid in the investigation and prosecution of crimes; and
WHEREAS, the City Council finds that surveillance technology includes not just
technology capable of accessing non-public places or information (such as wiretaps) but also
may include technology which aggregates publicly available information, because such
information, in the aggregate or when pieced together with other information, has the potential
to reveal a wealth of detail about a person’s familial, political, professional, religious, or sexual
associations; and
1
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 5 of 78
WHEREAS, the City Council finds that no decisions relating to the City’s use of
surveillance technology should occur without strong consideration being given to the impact
such technologies may have on civil rights and civil liberties, including those rights guaranteed
by the California and United States Constitutions; and
WHEREAS, the City Council finds that any and all decisions regarding if and how the
City’s surveillance technologies should be funded, acquired, or used should include meaningful
public input and that public opinion should be given significant weight in policy decisions; and
WHEREAS, the City Council finds that legally enforceable safeguards, including robust
transparency, oversight, and accountability measures, must be in place to protect civil rights and
civil liberties before any City surveillance technology is deployed; and
WHEREAS, the City Council finds that if a surveillance technology is approved, data
reporting measures must be adopted that empower the City Council and public to verify that
mandated civil rights and civil liberties safeguards have been strictly adhered to.
NOW, THEREFORE, the City Council of the City of Chula Vista does ordain as follows:
Section I. Establishment
A.This Ordinance shall be known as the Surveillance and Community Safety Ordinance.
B.Chula Vista Municipal Code Chapter XXXX,is hereby added as set forth below:
Chapter XXXX. REGULATIONS ON CITY’S ACQUISITION AND USE OF SURVEILLANCE
TECHNOLOGY
C.Definitions
1.“Annual Surveillance Report” means a written report concerning a specific surveillance
technology that includes all the following:
a.A description of how the surveillance technology was used, including the type
and quantity of data gathered or analyzed by the technology;
b.Whether and how often data acquired through the use of the surveillance
technology was shared with internal or external entities, the name of any
recipient entity, the type(s) of data disclosed, under what legal standard(s) the
information was disclosed, and the justification for the disclosure(s) except that
no confidential or sensitive information should be disclosed that would violate
any applicable law or would undermine the legitimate security interests of the
City;
c.Where applicable, a description of the physical objects to which the surveillance
technology hardware was installed without revealing the specific location of such
2
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 6 of 78
hardware; for surveillance technology software, a breakdown of what data
sources the surveillance technology was applied to;
d.Where applicable, a description of where the surveillance technology was
deployed geographically, by each Police Area in the relevant year;
e.A summary of community complaints or concerns about the surveillance
technology, and an analysis of its Surveillance Use Policy and whether it is
adequate in protecting civil rights and civil liberties. The analysis shall consider
whether, and to what extent, the use of the surveillance technology
disproportionately impacts certain groups or individuals;
f.The results of any internal audits or investigations relating to surveillance
technology, any information about violations or potential violations of the
Surveillance Use Policy, and any actions taken in response.To the extent that the
public release of such information is prohibited by law, City staff shall provide a
confidential report to the City Council regarding this information to the extent
allowed by law;
g.Information about any data breaches or other unauthorized access to the data
collected by the surveillance technology, including information about the scope
of the breach and the actions taken in response, except that no confidential or
sensitive information should be disclosed that would violate any applicable law
or would undermine the legitimate security interests of the City;
h.A general description of all methodologies used to detect incidents of data
breaches or unauthorized access, except that no confidential or sensitive
information should be disclosed that would violate any applicable law or would
undermine the legitimate security interests of the City;
I.Information, including crime statistics, that helps the community assess whether
the surveillance technology has been effective at achieving its identified
purposes;
i.Statistics and information about Public Records Act requests regarding the
relevant subject surveillance technology, including response rates, such as the
number of Public Records Act requests on such surveillance technology and the
open and close date for each of these Public Records Act requests;
j.Total annual costs for the surveillance technology,including personnel and other
ongoing costs, and what source of funding will fund the surveillance technology
in the coming year; and
k.Any requested modifications to the Surveillance Use Policy and a detailed basis
for the request.
3
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 7 of 78
2.“City” means any department, unit, program, and/or subordinate division of the City of
Chula Vista as provided by Chapter XXXX of the Chula Vista Municipal Code.
3.“City staff” means City personnel authorized by the City Manager or appropriate City
department head to seek City Council Approval of Surveillance Technology in
conformance with this Chapter.
4.“Community meeting” means a publicly held meeting that is accessible, noticed at least
seventy-two hours in advance in at least two languages, for the purpose of educating
communities, answering questions, and learning about potential impacts of surveillance
technology on disadvantaged groups.
5.“Continuing agreement” means a written agreement that automatically renews unless
terminated by one or more parties.
6.“Exigent circumstances” means a City department’s good faith belief that an emergency
involving imminent danger of death or serious physical injury to any individual requires
the use of surveillance technology that has not received prior approval by City Council.
7.“Facial recognition technology” means an automated or semi-automated process that
assists in identifying or verifying an individual based on an individual’s face.
8.“Individual” means a natural person.
9.“Personal communication device” means a mobile telephone, a personal digital
assistant, a wireless capable tablet and a similar wireless two-way communications
and/or portable internet-accessing device, whether procured or subsidized by a City
entity or personally owned, that is used in the regular course of City business.
10.“Police area” refers to each of the geographic districts assigned to a Chula Vista Police
Department captain or commander and as such districts are amended from time to time.
11.“Surveillance” (or “spying”) means to observe or analyze the movements, behavior, data,
or actions of individuals. Individuals include those whose identity can be revealed by
data or combinations of data, such as license plate data, images, IP addresses, user
identifications, unique digital identifiers, or data traces left by the individual.
12.“Surveillance technology” means any software (e.g., scripts, code, Application
Programming Interfaces), electronic device, or system utilizing an electronic device
used, designed, or primarily intended to observe, collect, retain, analyze, process, or
share audio, electronic, visual, location, thermal, olfactory, biometric, or similar
information specifically associated with, or capable of being associated with, any
individual or group. It also includes the product (e.g., audiovisual recording, data,
analysis, report) of such surveillance technology. Examples of surveillance technology
include, but are not limited to the following: cell site simulators (Stingrays); automated
license plate readers; gunshot detectors (ShotSpotter); drone-mounted data collection;
4
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 8 of 78
facial recognition software; thermal imaging systems; body-worn cameras; social media
analytics software; gait analysis software; video cameras that can record audio or video
and transmit or be remotely accessed. It also includes software designed to monitor
social media services or forecast and/or predict criminal activity or criminality, and
biometric identification hardware or software.
“Surveillance technology” does not include devices, software, or hardware, unless they
have been equipped with, or are modified to become or include, a surveillance
technology beyond what is set forth below or used beyond a purpose as set forth below:
a.Routine office hardware, such as televisions,computers, credit card machines,
badge readers, copy machines, and printers, that is in widespread use and will
not be used for any public surveillance or law enforcement functions related to
the public;
b.Parking Ticket Devices (PTDs) used solely for parking enforcement-related
purposes, including any sensors embedded in parking sensors to detect the
presence of a car in the space;
c.Manually-operated, non-wearable, handheld digital cameras, audio recorders,
and video recorders that are not designed to be used surreptitiously and whose
functionality is limited to manually-capturing and manually-downloading video
and/or audio recordings;
d.Surveillance devices that cannot record or transmit audio or video or be remotely
accessed, such as image stabilizing binoculars or night vision goggles;
e.Manually-operated technological devices used primarily for internal municipal
entity communications and are not designed to surreptitiously collect surveillance
data, such as radios and email systems;
f.City databases that do not contain any data or other information collected,
captured, recorded, retained, processed, intercepted, or analyzed by surveillance
technology, including payroll, accounting, or other fiscal databases;
g.Medical equipment used to diagnose, treat, or prevent disease or injury, provided
that any information obtained from this equipment is used solely for medical
purposes;
h.Police department interview room cameras;
i.City department case management systems;
j.Personal Communication Devices that have not been modified beyond stock
manufacturer capabilities in a manner described above;
5
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 9 of 78
k.Surveillance technology used by the City solely to monitor and conduct internal
investigations involving City employees, contractors, and volunteers; and,
l.Systems, software, databases, and data sources used for revenue collection on
behalf of the City by the City Treasurer, provided that no information from these
sources is shared by the City Treasurer with any other City department or
third-party except as part of efforts to collect revenue that is owed to the City.
14. “Surveillance Impact Report” means a publicly-posted written report including, at a
minimum, the following:
a.Description: Information describing the surveillance technology and how it
works, including product descriptions from manufacturers;
b.Purpose: Information on the proposed purposes(s) for the surveillance
technology;
c.Location: The physical or virtual location(s)it may be deployed, using general
descriptive terms, and crime statistics for any location(s);
d.Impact: An assessment of the Surveillance Use Policy for the particular
technology and whether it is adequate in protecting civil rights and liberties
and whether the surveillance technology was used or deployed, intentionally
or inadvertently, in a manner that may disproportionately affect marginalized
communities;
e.Mitigations: Identify specific, affirmative technical and procedural measures
that will be implemented to safeguard the public from each identified impact;
f.Data Types and Sources: A list of all types and sources of data to be
collected, analyzed, or processed by the surveillance technology, including
open source data, scores, reports, logic or algorithm used, and any additional
information derived therefrom;
g.Data Security: Information about the controls that will be designed and
implemented to ensure that adequate security objectives are achieved to
safeguard the data collected or generated by the surveillance technology
from unauthorized access or disclosure;
h.Fiscal Costs and Sources: The forecasted, prior, and ongoing fiscal costs for
the surveillance technology, including initial purchase, personnel, and other
ongoing costs, and any past, current or potential sources of funding;
6
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 10 of 78
i.Third-Party Dependence: Whether use or maintenance of the surveillance
technology will require data gathered by the surveillance technology to be
handled or stored by a third-party vendor at any time;
j.Alternatives: A summary of all alternative methods (whether involving the use
of a new technology or not) considered before deciding to use the proposed
surveillance technology, including the costs and benefits associated with each
alternative and an explanation of the reasons why each alternative is
inadequate;
k.Track Record: A summary of the experience (if any) other entities, especially
government entities, have had with the proposed technology, including, if
available, quantitative information about the effectiveness of the proposed
surveillance technology in achieving its stated purpose in other jurisdictions,
and any known adverse information about the surveillance technology such
as unanticipated costs, failures, or civil rights and civil liberties abuses,
existing publicly reported controversies, and any court rulings in favor or in
opposition to the surveillance; and
l.Public engagement and comments: A description of any community
engagement held and any future community engagement plans, number of
attendees, a compilation of all comments received and City departmental
responses given, and City departmental conclusions about potential
neighborhood impacts and how such impacts may differ as it pertains to
different segments of the community that may result from the acquisition of
surveillance technology.
15. "Surveillance Use Policy" means a publicly-released and legally-enforceable policy
for use of the surveillance technology that at a minimum specifies the following:
a.Purpose: The specific purpose(s) that the surveillance technology is intended
to advance;
b.Use: The specific uses that are authorized, and the rules and processes
required prior to such use;
c.Data Collection: The information that can be collected, captured, recorded,
intercepted, or retained by the surveillance technology, as well as data that
might be inadvertently collected during the authorized uses of the
surveillance technology and what measures will be taken to minimize and
delete such data. Where applicable, any data sources the surveillance
technology will rely upon, including open source data, should be listed;
7
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 11 of 78
d.Data Access: The job classification of individuals who can access or use the
collected information, and the rules and processes required prior to access or
use of the information;
e.Data Protection: The safeguards that protect information from unauthorized
access, including logging, encryption, and access control mechanisms;
f.Data Retention: The time period, if any, for which information collected by the
surveillance technology will be routinely retained, the reason such retention
period is appropriate to further the purpose(s), the process by which the
information is regularly deleted after that period lapses, and the specific
conditions that must be met to retain information beyond that period;
g.Public Access: A description of how collected information can be accessed or
used by members of the public, including criminal defendants;
h.Third Party Data Sharing: If and how information obtained from the
surveillance technology can be used or accessed, including any required
justification or legal standard necessary to do so and any obligations imposed
on the recipient of the information;
i.Training: The training required for any individual authorized to use the
surveillance technology or to access information collected by the surveillance
technology;
j.Auditing and Oversight: The procedures used to ensure that the Surveillance
Use Policy is followed, including internal personnel assigned to ensure
compliance with the policy, internal recordkeeping of the use of the
surveillance technology or access to information collected by the surveillance
technology, technical measures to monitor for misuse, any independent
person or entity with oversight authority, and the legally enforceable sanctions
for violations of the policy; and
k.Maintenance: The procedures used to ensure that the security and integrity of
the surveillance technology and collected information will be maintained.
Section II. Privacy Advisory Commission
(“Commission”) Notification and Review Requirements
A.Commission Notification Required Prior to City Solicitation of Funds and Proposals for
Surveillance Technology.
1. City staff shall notify the Chair of the Commission by written memorandum along with
providing a Surveillance Use Policy and a Surveillance Impact Report prior to:
8
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 12 of 78
a.Seeking or soliciting funds for surveillance technology, including but not limited to
applying for a grant;
b.Soliciting proposals with any entity to acquire, share or otherwise use
surveillance technology including the information it provides; or
c. Formally or informally facilitating in a meaningful way or implementing surveillance
technology in collaboration with other entities, including City ones.
2. Upon notification by City staff, the Chair of the Commission shall place the item on the
agenda at the next Commission meeting for discussion and possible action. At this
meeting, City staff shall present the Commission with evidence of the need for the funds
or equipment, or shall otherwise justify the action City staff will seek Council approval for
pursuant to Section III.
3. The Commission may make a recommendation to the City Council by voting for
approval to proceed, by objecting to the proposal, by recommending that the City staff
modify the proposal, or by taking no action.
4. If the Commission votes to approve, object, or modify the proposal, City staff may
proceed and seek City Council approval of the proposed surveillance technology
initiative pursuant to the requirements of Section III. City staff shall present to City
Council the result of the Commission’s review, including any objections to the proposal.
5. If the Commission does not make its recommendation on the item within 90 calendar
days of notification to the Commission Chair, City staff may proceed and seek City
Council approval of the proposed Surveillance Technology initiative pursuant to the
requirements of Section II.
B.Commission Review and Approval Required for New Surveillance Technology Before City
Council Approval
1. Prior to seeking City Council approval under Section III, City staff shall submit a
Surveillance Impact Report and a Surveillance Use Policy for the proposed new
surveillance technology initiative to the Commission for its review at a publicly noticed
meeting. The Surveillance Impact Report and Surveillance Use Policy must address the
specific subject matter specified for each document as set forth in Section I.
2. The Commission shall approve, modify, or reject the proposed Surveillance Use
Policy. If the Commission proposes that the Surveillance Use Policy be modified, the
Commission shall propose such modifications to City staff. City staff shall present such
modifications to the Commission for approval before seeking City Council approval
under Section III.
3. Prior to submitting the Surveillance Impact Report, City staff shall complete one or
more community meetings in each City Council district where the proposed surveillance
9
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 13 of 78
technology is deployed, with opportunity for public comment and written response. The
City Council may condition its approval of the proposed surveillance technology on City
staff conducting additional community engagement before approval, or after approval as
a condition of approval.
4. The Commission shall recommend that the City Council adopt, modify, or reject the
proposed Surveillance Use Policy. If the Commission proposes that the Surveillance Use
Policy be modified, the Commission shall propose such modifications to City staff. City
staff shall present such modifications to City Council when seeking City Council approval
under Section III.
5. If the Commission does not make its recommendation on a presented item within 90
days of notification to the Commission Chair pursuant to Section II, City staff may seek
City Council approval of the item.
6. City staff seeking City Council approval shall schedule for City Council consideration
and approval of the proposed Surveillance Use Policy, and include Commission
recommendations, at least fifteen (15) days prior to a mandatory, properly noticed,
germane public hearing. Approval may only occur at a public hearing.
C.Commission Review Requirements for Existing Surveillance Technology Before Seeking City
Council Approval
1. Prior to seeking City Council approval for existing City surveillance technology used
by the City under Section III, City staff shall submit a Surveillance Impact Report and
Surveillance Use Policy for each existing surveillance technology to the Commission for
its review, and for the public’s review, at least fifteen (15) days prior to a publicly noticed
meeting, so the public can prepare for and participate in the Commission meetings. The
Surveillance Impact Report and Surveillance Use Policy shall address the specific
subject matters set forth for each document in Section I.
2. Prior to submitting the Surveillance Impact Report, City staff shall complete one or
more community meetings in each City Council district where the proposed surveillance
technology is deployed with opportunity for public comment and written response. The
City Council may condition its approval on City staff conducting additional outreach
before approval, or after approval as a condition of approval.
3. Prior to submitting the Surveillance Impact Report and proposed Surveillance Use
Policy as described above, City staff shall present to the Commission, and for public
review, a list of all surveillance technology possessed and/or used by the City.
4. The Commission shall rank the surveillance technology items in order of potential
impact to civil liberties to provide a recommended sequence for items to be heard at
Commission meetings. The Commission shall take into consideration input from City
10
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 14 of 78
staff on the operational importance of the surveillance technology in determining the
ranking to allow such matters to be heard in a timely manner.
5. Within sixty (60) days of the Commission’s action in Section II(C)(4), and continuing
every month thereafter until a Surveillance Impact Report and a Surveillance Use Policy
have been submitted for each item of the list, City staff shall submit at least one (1)
Surveillance Impact Report and one (1) proposed Surveillance Use Policy per month to
the Commission for review, generally beginning with the highest ranking surveillance
technology items as determined by the Commission.
6. If the Commission does not make its recommendation on any item within 90 days of
submission to the Commission Chair, City staff may proceed to the City Council for
approval of the item pursuant to Section III.
Section III. City Council Approval Requirements for New
and Existing Surveillance Technology
A. City staff shall obtain City Council approval prior to any of the following:
1. Accepting local, state, or federal funds, or in-kind or other donations for surveillance
technology;
x2. Acquiring new surveillance technology, including but not limited to procuring such
technology without the exchange of monies or consideration;
3. Using existing surveillance technology, or using new surveillance technology, including
the information the surveillance technology provides, for a purpose, in a manner, or in a
location not previously approved by the City Council pursuant to the requirements of this
ordinance; or
4. Entering into a continuing agreement or written agreement with to acquire, share or
otherwise use surveillance technology or the information it provides, including
data-sharing agreements.
5. Notwithstanding any other provision of this section, nothing herein shall be construed
to prevent, restrict or interfere with any person providing evidence or information derived
from surveillance technology to a law enforcement agency for the purposes of
conducting a criminal investigation or the law enforcement agency from receiving such
evidence or information.
B.City Council Approval Process
1. After the Commission notification and review requirements in Section II have been
met, City staff seeking City Council approval shall schedule a date for City Council
consideration of the proposed Surveillance Impact Report and proposed Surveillance
11
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 15 of 78
Use Policy, and include Commission recommendations, at least fifteen (15) days prior to
a mandatory, properly-noticed, germane public hearing. Approval may only occur at a
public hearing.
2. The City Council shall only approve any action as provided in this Chapter after first
considering the recommendation of the Commission, and subsequently making a
determination that the benefits to the community of the surveillance technology outweigh
the costs; that the proposal will safeguard civil liberties and civil rights; and that, in the
City Council’s judgment, no alternative with a lesser economic cost or impact on civil
rights or civil liberties would be as effective.
3. For Approval of existing surveillance technology for which the Commission does not
make its recommendation within ninety (90) days of review as provided for in Section II:
if the City Council has not reviewed and approved such item within four (4) City Council
meetings from when the item was initially scheduled for City Council consideration, the
City shall cease its use of the surveillance technology until such review and approval
occurs.
C.Surveillance Impact Reports and Surveillance Use Policies as Public Records
1.Unless otherwise provided in this Ordinance, Surveillance Impact Reports and
Surveillance Use Policies are public records.
2.City staff shall make all Surveillance Impact Reports and Surveillance Use Policies, as
updated from time to time, available to the public as long as the City uses the
surveillance technology in accordance with its request pursuant to Section II.
3.City staff shall post all Surveillance Impact Reports and Surveillance Use Policies to the
City’s website with an indication of its current approval status and the planned City
Council date for action.
Section IV.Use of Unapproved Surveillance Technology
during Exigent Circumstances
A. City staff may temporarily acquire or use surveillance technology and the data derived from
that use in a manner not expressly allowed by a Surveillance Use Policy only in a situation
involving exigent circumstances.
B. If City staff acquires or uses a surveillance technology in a situation involving exigent
circumstances, City staff shall:
1.Immediately report in writing the use of the surveillance technology and its justifications
to the City Council and the Commission;
2.Use the surveillance technology solely to respond to the exigent circumstances;
3.Cease using the surveillance technology when the exigent circumstances end;
12
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 16 of 78
4.Only keep and maintain data related to the exigent circumstances and dispose of any
data that is not relevant to an ongoing investigation or the exigent circumstances; and
5.Following the end of the exigent circumstances, report the temporary acquisition or use
of the surveillance technology for exigent circumstances to the Commission in
accordance with Section II of this ordinance at its next meeting for discussion and
possible recommendation to the City Council.
C. Any surveillance technology acquired in accordance with exigent circumstances shall be
returned within thirty (30) calendar days following when the exigent circumstances end, unless
City staff initiates the process set forth for the use of the surveillance technology by submitting a
Surveillance Use Policy and Surveillance Impact Report for Commission review within this
30-day time period. If City staff is unable to meet the 30-day deadline, City staff shall notify the
City Council, who may grant an extension. In the event that City staff complies with the 30-day
deadline or the deadline as may be extended by the City Council, City staff may retain
possession of the surveillance technology, but may only use such surveillance technology
consistent with the requirements of this Ordinance.
Section V. Oversight Following City Council Approval
A.Annual Surveillance Report
1. For each approved surveillance technology item, City staff shall present a written
Annual Surveillance Report for the Commission to review within one year after the date
of City Council final passage of such surveillance technology and annually thereafter as
long as the surveillance technology is used.
2. If City staff is unable to meet the annual deadline, City staff shall notify the
Commission in writing of staff’s request to extend this period, and the reasons for that
request. The Commission may grant a single extension of up to sixty (60) calendar days
to comply with this provision.
3. After review of the Annual Surveillance Report by the Commission, City staff shall
submit the Report to the City Council.
4. The Commission shall recommend to the City Council: (a) that the benefits to the
community of the surveillance technology in question outweigh the costs and that civil
liberties and civil rights are safeguarded; (b) that use of the surveillance technology
cease; or (c) propose modifications to the corresponding Surveillance Use Policy that will
resolve any identified concerns.
5. If the Commission does not make its recommendation on the item within 90 calendar
days of submission of the Annual Surveillance Report to the Commission Chair, City staff
may proceed to the City Council for approval of the Annual Surveillance Report.
B.Summary Of All Requests And Recommendations And City Council Determination
13
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 17 of 78
1. In addition to the above submission of any Annual Surveillance Report, City staff shall
provide in its report to the City Council a summary of all requests for City Council
approval pursuant to Section III for that particular surveillance technology and the
pertinent Commission recommendation, including whether the City Council approved or
rejected the proposal and/or required changes to a proposed Surveillance Use Policy
before approval.
2. Based upon information provided in the Annual Surveillance Report and after
considering the recommendation of the Commission, the City Council shall revisit its
“cost benefit” analysis as provided in Section III(B)(2) and either uphold or set aside the
previous determination. Should the City Council set aside its previous determination, the
City’s use of the surveillance technology must cease. Alternatively, City Council may
require modifications to a particular Surveillance Use Policy that will resolve any
concerns with the use of a particular surveillance technology.
Section VI. Enforcement
A.Violations of this article are subject to the following remedies:
1. Any material violation of this Ordinance, or of a Surveillance Use Policy promulgated
pursuant to this Ordinance, constitutes an injury and any person may institute
proceedings for injunctive relief, declaratory relief, or writ of mandate in the Superior
Court of the State of California to enforce this Ordinance. An action instituted under this
paragraph shall be brought against the City of Chula Vista and, if necessary, to
effectuate compliance with this Ordinance or a Surveillance Use Policy (including to
expunge information unlawfully collected, retained, or shared thereunder), any other
governmental agency with possession, custody, or control of data subject to this
Ordinance, to the extent permitted by law.
2. Any person who has been subjected to the use of surveillance technology in material
violation of this Ordinance, or of a material violation of a Surveillance Use Policy, or
about whom information has been obtained, retained, accessed, shared, or used in
violation of this Ordinance or of a Surveillance Use Policy promulgated under this
Ordinance, may institute proceedings in the Superior Court of the State of California
against the City of Chula Vista and shall be entitled to recover actual damages (but not
less than liquidated damages of $1,000 or $100 per day for each day of violation,
whichever is greater).
3. A court may award costs and reasonable attorneys' fees to the plaintiff who is the
prevailing party in an action brought under paragraphs A(1) and A(2) under Section VI
above.
14
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 18 of 78
Section VII. Contract for Surveillance Technology
A.Contracts and agreements for surveillance technology
1.It shall be unlawful for the City to enter into any contract or other agreement for
surveillance technology that conflicts with the provisions of this Ordinance. Any
conflicting provisions in any such contract or agreements, including but not limited to
non-disclosure agreements, shall be deemed void and legally unenforceable. Any
amendment or exercise of any option to any contract to obtain or use surveillance
technology shall require City staff to comply with the provisions of this Ordinance.
2.To the extent permitted by law, the City shall publicly disclose all of its surveillance
contracts, including any and all related non-disclosure agreements, if any, regardless of
any contract terms to the contrary.
Section VIII. Whistleblower Protections
A. Neither the City nor anyone acting on behalf of the City may take or fail to take, or threaten to
take or fail to take, a personnel action with respect to any employee or applicant for
employment, including but not limited to discriminating with respect to compensation, terms and
conditions of employment, access to information, restrictions on due process rights, or civil or
criminal liability, because:
1.The employee or applicant was perceived to, about to, or assisted in any lawful
disclosure of information concerning the funding, acquisition, or use of a surveillance
technology or surveillance data based upon a good faith belief that the disclosure
evidenced a violation of this Ordinance; or
2.The employee or applicant was perceived to, about to, had assisted in or had
participated in any proceeding or action to carry out the purposes of this Ordinance.
B. It shall be grounds for disciplinary action for a City employee or anyone else acting on behalf
of the City to retaliate against another City employee or applicant who makes a good-faith
complaint that there has been a failure to comply with any Surveillance Use Policy or
administrative instruction promulgated under this Ordinance.
C. Any employee or applicant who is injured by a violation of this Section may institute a
proceeding for monetary damages and injunctive relief against the City in any court of
competent jurisdiction.
15
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 19 of 78
Section IX. Review of Existing Surveillance Use Policies
and Adoption as Ordinances
A. Surveillance technology is considered existing if the City possessed, used, or has a contract
in force and effect for the use of surveillance technology, or any resulting data, on the effective
date of this Ordinance.
B. The requirement for City staff to present a list of all existing surveillance technology and,
once ranked, to seek monthly Commission review and approval for the use of existing
surveillance technology shall begin within sixty (60) days after the effective date of this
Ordinance.
C. As per Section II, City staff shall return to City Council with an ordinance or ordinances for
adoption and codification under the Chula Vista Municipal Code of all Surveillance Use Policies,
but only after proper Commission and City Council review of any Surveillance Use Policies for
existing surveillance technology, and with a 15-day public notice period in each instance to allow
the public to prepare and participate in the meetings.
Section X. Severability
If any portion of this Ordinance, or its application to any person or circumstance, is for
any reason held to be invalid, unenforceable or unconstitutional, by a court of competent
jurisdiction, that portion shall be deemed severable, and such invalidity, unenforceability or
unconstitutionality shall not affect the validity or enforceability of the remaining portions of the
Ordinance, or its application to any other person or circumstance. The City Council of the City of
Chula Vista hereby declares that it would have adopted each section, sentence, clause or
phrase of this Ordinance, irrespective of the fact that any one or more other sections,
sentences, clauses or phrases of the Ordinance be declared invalid, unenforceable or
unconstitutional.
Section XI. Construction
The City Council of the City of Chula Vista intends this Ordinance to supplement, not to
duplicate or contradict, applicable state and federal law and this Ordinance shall be construed in
light of that intent.
Section XII. Effective Date
This Ordinance shall take effect and be in force on the thirtieth day after its final
passage.
16
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 20 of 78
Section XIII. Publication
The City Clerk shall certify to the passage and adoption of this Ordinance and shall
cause the same to be published or posted according to law.
Presented by Approved as to form by
____________________________________________________________________
Maria Kachadoorian Glen R Googins
City Manager City Attorney
17
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 21 of 78
Privacy Advisory Commission Ordinance
(Revised - July 15, 2022)
ORDINANCE NO. _________________
ORDINANCE OF THE CITY OF CHULA VISTA ESTABLISHING
THE CHULA VISTA PRIVACY ADVISORY COMMISSION
PROVIDING FOR THE APPOINTMENT OF MEMBERS
THEREOF, AND DEFINING THE DUTIES AND FUNCTIONS OF
SAID COMMISSION
WHEREAS, the Chula Vista City Council (City Council) finds that the use of surveillance
technology is important to protect public health and safety, but such use must be appropriately
monitored and regulated to protect the privacy and other rights of Chula Vista residents and
visitors, and
WHEREAS the City of Chula Vista (the City) has been building on a detailed Smart City
Strategic Action Plan since 2017 with limited opportunity for community input, oversight or
control; and
WHEREAS Chula Vista seeks to maintain its designation by Welcoming America as a
certified Welcoming City, City Council strives to comply with the criteria in the Welcoming
Standard, in particular, relevant criteria relating to “Safe Communities”, “Equitable Access”, and
“Civic Engagement”; and
WHEREAS, the City Council recognizes the use of open data associated with
surveillance technology offers benefits to the City, but those benefits must also be weighed
against the costs, both fiscal and civil liberties; and
WHEREAS, the City Council recognizes that surveillance technology may be a valuable
tool to support community safety, investigations, and prosecution of crimes, but must be
balanced with the individual’s right to privacy, it also; and
WHEREAS, the City Council recognizes that privacy is not just a personal matter; there
are societal consequences to privacy degradation over time as well as societal benefits with
increased trust and transparency; and
WHEREAS, the City Council finds that surveillance technology includes not just
technology capable of accessing non-public places or information, but also may include
technology that aggregates publicly-available information, which, in the aggregate or when
1
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 22 of 78
pieced together with other information, has the potential to reveal details about a person’s
familial, political, professional, religious, or intimate associations; and
WHEREAS, the City Council recognizes that government surveillance may chill
associational and expressive freedoms; and
WHEREAS, the City Council recognizes that data from surveillance technology can be
used to intimidate and oppress certain groups more than others, including those that are defined
by a common race, ethnicity, religion, national origin, income level, sexual orientation, or political
perspective; and
WHEREAS, the City Council finds that safeguards, including robust transparency,
oversight, and accountability measures, must be in place to protect civil rights and civil liberties
before City surveillance technology is deployed; and
WHEREAS, the City Council finds that decisions regarding if and how the City’s
surveillance technologies should be funded, acquired, or used should include meaningful public
input; and
WHEREAS, on January 18, 2022, City Council unanimously approved creation of a
“Technology and Privacy Advisory Task Force” to draft policy and recommendations to be
presented to the City Council for consideration, and further requested that the City
Administration prepare a “Citywide Technology Oversight Policy”; and
WHEREAS, the said Technology and Privacy Advisory Task Force recommends creation
of a new permanent citizen advisory board known as the “Privacy Advisory Commision” to
advise the Mayor and City Council on transparency, accountability, and public deliberation in the
City’s acquisition and usage of surveillance technology and data; and
WHEREAS, Article VI, Section 600 of the City Charter reserves to the City Council the
authority to create boards and commissions by ordinance, and to prescribe their function,
powers, duties, membership, appointment, terms, qualifications, eligibility, reimbursements for
expenses, if any;
NOW THEREFORE the City Council of the City of Chula Vista does hereby ordain as
follows:
Section I. Establishment
A.Establishment and Appropriations
Pursuant to Article VI of the Charter of the City of Chula Vista, there is hereby created a
Chula Vista Privacy Advisory Commission (hereinafter referred to as the “Privacy Commission”
or “Commission”). Appropriations of funds sufficient for the efficient and proper functioning of
the Privacy Commission shall be included in the annual budget by the City Council.
2
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 23 of 78
B.Purpose and Intent
It is the purpose and intent of the City Council to establish a Privacy Commission to
serve as an advisory body to the Mayor and City Council on policies and issues related to
privacy and surveillance. The Commission will provide advice intended to ensure transparency,
accountability, and public deliberation in the City’s acquisition and use of surveillance
technology.
C.Definitions
For purposes of this ordinance, all words defined in the CVMC Chapter XXXX, known as
the Chula Vista Surveillance and Community Safety Ordinance, have the same meaning herein.
D.Membership
The Privacy Advisory Commission shall consist of nine (9) members, who shall serve
without compensation. At least six (6) members shall be Chula Vista residents. Members shall
be appointed by the City Council.
E.Qualifications of Members
All members of the Privacy Advisory Commission shall be persons who have a
demonstrated interest in privacy rights through work experience, civic participation, and/or
political advocacy.
The City Council shall appoint the nine (9) members from the following representative
areas of organization interest, expertise, and background:
1.At least one attorney or legal scholar with expertise in privacy or civil rights, or a
representative of an organization with expertise in privacy or civil rights;
2.One auditor or certified public accountant;
3.One computer hardware, software, or encryption security professional;
4.One member of an organization that focuses on open government and transparency or
an individual, such as a university researcher, with experience working on open
government and transparency; and
5.At least four (4) members from equity-focused organizations serving or protecting the
rights of communities and groups historically subject to disproportionate surveillance,
including communities of color, immigrant communities, religious minorities, and groups
concerned with privacy and protest.
Member qualifications and eligibility shall be in accordance with Chula Vista Charter
Article VI, Section 602, and CVCM Section 2.25.030. No member shall have a state
law-prohibited financial interest, employment, or policy-making position in any commercial or
for-profit facility, research center, or other organization that sells data products, surveillance
equipment, or otherwise profits from recommendations made by the Privacy Advisory
Commission.
F.Terms
3
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 24 of 78
Pursuant to Article VI, Section 602 of the City Charter, members shall be appointed by
motion of the City Council adopted by at least three affirmative votes. The members thereof
shall serve for a term of four (4) years and until their respective successors are appointed and
confirmed. Members shall be limited to a maximum of two (2) consecutive terms and an interval
of two (2) years must pass before a person who has served two (2) consecutive terms may be
reappointed to the body upon which the member had served.
Initial members shall be appointed in staggered terms by lot. For the initial appointments,
three (3) members shall be appointed to an initial term that will expire on June 30, 2023, and
two (2) members shall be appointed to an initial term that will expire on June 30 of each
subsequent year. Initial appointments to a term of two years or less shall not have the initial
term count for purposes of the eight-year term limit.
G.Rules
The Commission shall hold regular meetings as required by ordinance of the City
Council, and such special meetings as such commissions may require. All proceedings shall be
open to the public.
At the first regular meeting, and subsequently at the first regular meeting of each year
following the first day of July of every year, members of the Privacy Advisory Commission shall
select a chairperson and a vice chairperson.
The Commission shall adopt rules for the government of its business and procedures in
compliance with the law. The Commission rules shall provide that a quorum of the Privacy
Advisory Commission is five people.
Pursuant to Article VI, Section 603 of the City Charter, the Commission shall have the
same power as the City Council to compel the attendance of witnesses, to examine them under
oath and to compel the production of evidence before it.
Section II. Privacy Advisory Commission: Duties and
Functions
A.Duties and Functions
The Privacy Advisory Commission shall:
1.Provide advice and technical assistance to the City on best practices to protect resident
and visitor privacy rights in connection with the City’s acquisition and use of surveillance
technology.
2.Conduct meetings and use other public forums to collect and receive public input on the
above subject matter.
3.Review Surveillance Impact Reports and Surveillance Use Policies for all existing and
new surveillance technology and make recommendations prior to the City seeking
solicitation of funds and proposals for surveillance technology.
4.Submit annual reports and recommendations to the City Council regarding:
4
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 25 of 78
a.The City’s use of surveillance technology; and
b.Whether new City surveillance technology privacy and data retention policies
should be developed, or existing policies should be amended.
c.Provide analysis to the City Council of pending federal, state, and local legislation
relevant to the City’s purchase and/or use of surveillance technology.
d.The Privacy Advisory Commission shall make reports, findings, and
recommendations either to the City Manager or the City Council, as appropriate.
The Commission shall present an annual written report to the City Council. The
Commission may submit recommendations to the City Council following
submission to the City Manager.
B.Meetings and Voting
The Commission shall meet at an established regular interval, day of the week, time, and
location suitable for its purpose. Such meetings shall be designated regular meetings. Other
meetings scheduled for a time or place other than the regular day, time and location shall be
designated special meetings. Written notice of special meetings shall be provided to the
Commission members, and all meetings of the Commission shall comport with any City or State
open meetings laws, policies, or obligations.
The Commission shall, in consultation with the City Manager, establish bylaws, rules and
procedures for the conduct of its business by a majority vote of the members present. Voting
shall be required for the adoption of any motion or resolution. Any action by the Commission
shall be approved by a majority of members present, provided a quorum exists.
C.Staff
Staff assistance may be provided to the Board as determined by the City Manager,
pursuant to his or her authority under the Charter to administer all affairs of the City under his or
her jurisdiction.
Section III. Severability
If any portion of this Ordinance, or its application to any person or circumstance, is for
any reason held to be invalid, unenforceable or unconstitutional, by a court of competent
jurisdiction, that portion shall be deemed severable, and such invalidity, unenforceability or
unconstitutionality shall not affect the validity or enforceability of the remaining portions of the
Ordinance, or its application to any other person or circumstance. The City Council of the City of
Chula Vista hereby declares that it would have adopted each section, sentence, clause or
phrase of this Ordinance, irrespective of the fact that any one or more other sections,
sentences, clauses or phrases of the Ordinance be declared invalid, unenforceable or
unconstitutional.
5
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 26 of 78
Section IV. Construction
The City Council of the City of Chula Vista intends this Ordinance to supplement, not to
duplicate or contradict, applicable state and federal law and this Ordinance shall be construed in
light of that intent.
Section V. Effective Date
This Ordinance shall take effect and be in force on the thirtieth day after its final
passage.
Section VI. Publication
The City Clerk shall certify to the passage and adoption of this Ordinance and shall
cause the same to be published or posted according to law.
Presented by:Approved as to form by
________________________________________________________
Maria Kachadoorian Glen R. Googins
City Manager City Attorney
6
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 27 of 78
1
Jeremy Ogul
From:Margaret Baker < >
Sent:Monday, September 26, 2022 12:49 PM
To:Privacy Task Force
Subject:Suggested Changes to Policy Language
Dear Privacy Task Force:
After careful review of the materials posted late Friday, we have a number of suggested
changes to the proposed policy language. Every word in your document is critical, and we are relying
on you to represent our community voices and the best practices that we have presented to you.
Best practices call for civilian oversight of new and existing surveillance technology acquisition, use
and policies through a systematic process that includes robust community engagement, PAB review,
verification and recommendations, and informed decisions by City Council. This process is working in
other municipalities and we expect these best practices finally to be enacted here in Chula Vista - in
order for the community to embrace both its Smart City and Welcoming City designations.
We urge you to consider carefully and adopt each of the following suggestions:
Guiding Principles (GP):
o GP #1 - Change “designed” to “capable of monitoring or capturing...” in each instance
the following clause is used: "designed to monitor or capture personal identifying
information (sensitive or surveillance)“
o GP #2, Bullet 3 - Change “transparency” to “oversight.” - If task force members truly
believe oversight of mass surveillance technology is needed , they should say so in
writing. This is essential if the privacy advisory board or commission is to be anything
more than window dressing on existing practices.
o GP #3, Bullet 2 Comment - No matter what the City says their procurement process is,
the existing processes of voluntary self-management are NOT sufficient for controlling
new and invasive technology, as was clear with the ALPR contract.
Policy Recommendations:
o #1 - Lacks a clear statement of the purpose of the PAB - Add after the word “duties”: “to
provide civilian oversight and to help City Council make good decisions regarding
technology acquisition, use and policies.”
o #1b(4) - Add “and existing”
o #5a - Delete entire sentence.
o #5b - Change to “City Attorney” (not the City Manager)
o #9a - Delete specific reference to “facial recognition technology”.
o #11, 12, 13, 14, & 15 - The same review process outlined in Appendix C should hold for
ALL privacy-related policy issues (including data sharing and retention): a) proposals
by City staff, then b) review and recommendations by the privacy advisory
board/commission, and finally c) informed policy decisions by City Council.
o #15 - any determination of what is “absolutely necessary” must be made after review by
the privacy advisory board, consideration of the PAB’s recommendation, community
engagement, and informed decision by City Council.
o #18 - Change “selected” to “all”; and add “and policies” at the end of the sentence.
Warning:
External
Email
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 28 of 78
2
o #19 & “20 - Change references to “provide full disclosure” to “provide easy access to all
proposals, reviews and other reports and ample opportunities for engagement in
decision-making process”
o #22 - Delete this sentence: "To protect the City’s information security, only limited
information should be released to the general public."
o #26 - Add “and existing” after “new” both times it is mentioned.
o #27 - Do not change (and minimize) the “Surveillance Impact Report” elements. Instead,
refer to the detailed definition of this important report in Appendix A.
o #28 - If and when the City hires a privacy officer, that staff member will assist the City’s
departments in developing contract that meets the highest standards. However, the
formal review and recommendation process by the civilian privacy advisory
board/commission should be consistently followed regarding contracts. It is the
board/commission’s recommendations that should be forwarded to City Council.
o #29 - Change the word “disclosures” to “notification”
o #31 - City Council needs to review existing technologies and their impact reports and
use policies also. Where is this specified?
o #31 - use the term “sensitive personal information/data” for consistency.
o Comment #2 - Delete the first sentence. The community is calling for oversight, not just
transparency and accountability. Voluntary sounds nice, but the policies and processes
dealing with privacy technology need to be codified in the form of city ordinances. Also,
the civilian privacy advisory board/commission needs to be empowered to provide
oversight and make recommendations to our elected officials, who are most directly
responsible to their districts.
Here are proposed changes for Definitions:
o The task force should not recommend that the advisory board conduct impact
assessments. Those are a lot of work and require a lot of access to resources. No
volunteer group will be able to conduct that work effectively. The board’s role is
to review impact assessments and use policies created by city staff and recommend
whether they sufficiently protect the community from harm. The board also does not
"address" concerns identified by the board; that again refers to work that must be done
by city staff. [BTW, this additional reporting “work” b y city staff is part of the cost of using
surveillance technology tools. It must be factored into the budget when proposing
acquisition or use of such technologies.]
o The definition of impact assessment should not be taken from a generic source. Task
force members should carefully define what elements they want to appear in impact
assessments with particularity. NOTE: Impact assessments are already defined in
Appendix A so if they are accepting that addendum then they should not re-define
impact assessment.
o Need to define the sequence of oversight ("at what point should certain oversight
activities occur?"). If you don't define the sequence, it sends the message that an
activity (like a "review") never actually has to happen, because each step is not
important to any other step, or to any broader process.
o The definitions need to include language confirming that a privacy advisory
board/commission be created that has a defined function in assisting city council in
good decision making. The risk is very real of a board being created with no oversight
responsibilities, no requirements for the city to consult the board's work, and no power
to recommend to city council. In that scenario, this task force will not have won any
power for community members.
Thank you for your diligence in working on this important task.
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 29 of 78
3
Sincerely,
Margaret A. Baker, DrPH
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 30 of 78
1
Jeremy Ogul
From:Kim Knox < >
Sent:Monday, September 26, 2022 11:46 AM
To:privacytaskforce@chulavistaca.gov
Cc:advocacy@lwvsandiego.org
Subject:Letter from the League of Women Voters
Attachments:LWVSD Surveillance Letter- Chula Vista.pdf
Good morning,
Attached, please find a letter on surveillance technology use from the League of Women Voters of San Diego.
--
Kim Knox (she/her)
President, League of Women Voters of San Diego
www.lwvsandiego.org
Warning:
External
Email
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 31 of 78
City of Chula Vista Surveillance Letter
September 25, 2022
Mayor Mary Salas
City Manager Maria V. Kachadoorian
Councilmembers John McCann, Jill Galvez, Stephen Padilla, Andrea Cardenas
City of Chula Vista
276 Fourth Avenue
Chula Vista, CA 91910
Dear Mayor Salas, City Manager Kachadoorian and Councilmembers of Chula Vista:
The City of Chula Vista has access to a growing means of technology-assisted public
observation tools. With such power comes the responsibility to make sure the use of
such tools both advances public safety and protects the rights of Chula Vista residents.
This year, the League of Women Voters of San Diego adopted a position on policing
practices. The League believes cities should enact technology-use ordinances to protect
privacy and other civil liberties. The proposed ordinances should include requirements
for:
1.Audits of specified surveillance policy and surveillance data in an annual
report that is publicly available and includes evidence of crime-prevention
effectiveness, civil rights impact, fiscal costs, and source of funding for
surveillance technology
2.Establishment of independent civilian commissions at the local jurisdiction
level which consist of representatives of involved communities of interest
such as civil rights advocates, attorneys, marginalized groups, specialists in
technology, privacy and open government, to oversee all law enforcement
and government acquisition and use of technology for surveillance
3.Enforcement of violations of the ordinances
4.Protection of whistleblowers
When surveillance technology is acquired, deployed or used without transparency or
independent oversight, public trust in law enforcement can be eroded. We call for
legislation to ensure transparency and robust public input regarding funding, acquisition,
and use of technology at the earliest possible point and throughout the process. Local
decision makers must also establish long-overdue safeguards, including explicit-use
policies and verifiable assessment and accountability measures, to protect civil rights,
civil liberties and privacy. In particular, legally enforceable protections must be adopted
to prevent harms of surveillance historically experienced by certain communities and
groups, including privacy protection. The benefits of providing these protections can
bring increased trust and increased safety for all.
When the Chula Vista Technology and Privacy Taskforce presents its guidelines to
balance the use of technology with limits on the use of data later this fall, we hope that
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 32 of 78
the Chula Vista City Council will take careful consideration of the privacy protection and
civil liberties of residents, enacting strict guidelines before they use taxpayer dollars and
other resources for clearly identified purposes for surveillance. This will have the added
benefit of greater trust in the government and law enforcement which is needed now.
The City of Chula Vista has the opportunity to be a leader in the responsible use of
surveillance technology that protects its residents and addresses concerns regarding the
acquisition and deployment of surveillance technology. In order for technology to
enhance community safety, privacy must be protected through oversight mechanisms
and transparency that allow local elected officials and the public to verify that civil rights
and civil liberties’ safeguards are being adhered to strictly.
Sincerely,
Kim Knox
President
League of Women Voters of San Diego
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 33 of 78
Requested changes from the Sept. 12 task force meeting
1. Establish a set of guiding principles to accompany the recommendations*
a. Add a statement that ordinances should be adopted to implement some of these
recommendations
2. Add a statement expressing the urgency of establishing the Privacy Advisory Board
3. Add the process for public disclosure similar to the chart provided
4. Add a statement expressing the importance of accepting the recommendations as a whole
5. Work on definitions, including privacy impacting technology, privacy implications*
6. Add a recommendation to establish a preference for US-made technology acquisitions where
possible
7. Add a recommendation to require an annual surveillance report for selected technologies
8. Add a recommendation to require an impact report for privacy-impacting technology
9. Add a recommendation to establish whistleblower protections for violations of privacy
protections
10. Add a requirement for public education meetings before acquisition as part of public notice
process*
11. Add the word “ongoing” to PAB
12. Revise the data breach notification recommendation (#21) to limit immediate disclosure only to
affected individuals, comply with all applicable laws, and provide a general public notification
once situation is fully resolved. Model the requirement after existing state law.
13. Refine the wording of Recommendation #11 to address city staff concerns about silos, possibly
by limiting it to access to “sensitive resident data”
14. Add a recommendation that a minimum set of conditions be met before City Council approves a
technology, such as a judgment that the benefits outweigh the risks, and that no better
alternative exists*
* denotes changes that will be elaborated by an ad-hoc subcommittee
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 34 of 78
Chula Vista Technology and Privacy Advisory Task Force
Summary of Policy Recommendations
DRAFT VERSION – September 23, 2022
Guiding Principles
Guiding Principle 1: Protecting the privacy and safety of Chula Vistans via enforceable law.
• The task force intends that ordinances should be passed by the Chula Vista City Council
to regulate the acquisition, deployment, use and expansion of new or existing technology
designed to monitor or capture personal identifying information (sensitive or
surveillance) by the City of Chula Vista.
• The task force urges the Chula Vista City Council to align all future decisions regarding
technology designed to monitor or capture personal identifying information (sensitive or
surveillance) with the principles of ensuring Chula Vistans receive maximum awareness,
that any such technologies provide defined and verifiable benefits for Chula Vistans.
• The task force intends that the fully advised and informed elected members of Chula
Vista City Council should be the only body that can authorize new acquisition of, or
continuing use of, technology designed to monitor or capture personal identifying
information (sensitive or surveillance). There should be no automatic exemption from
this approval process for technologies currently in use.
Guiding Principle 2: Providing the communities of Chula Vista with a permanent, empowered
board or commission.
• The task force intends that a board or commission of independent community members
that are affected by technology and or who are most knowledgeable of the risks of
surveillance technology, will be created by Chula Vista City Council.
• The task force intends that the board/commission should be empowered by Chula Vista
City Council to ensure the community is fully informed and provided with sufficient time
and opportunities for meaningful engagement.
• The task force believes local communities and their elected officials should be
empowered to make determinations about the use of existing and new technology. We do
not intend for department heads or department staff to be empowered to make these
determinations without transparency.
• It is the communities most affected that are most in need of an empowered platform, and
whose advice can be most meaningful to creating a trusted process. The task force
intends that the City select its board/commission members accordingly.
Guiding Principle 3: Protecting taxpayer funds and City operations from waste, fraud and
abuse.
• The task force intends that the proposed acquisition and/or use of technology only be
consented to by the Chula Vista City Council under defined conditions, which are
enforced by City Council during the approval process.
• The task force intends that city departments seeking to fund, acquire, and/or use a
surveillance technology should provide information on the surveillance technology’s
financial benefits and costs, including its acquisition and annual operational costs.
Formatted: Underline
Formatted: Centered
Formatted: Bulleted + Level: 1 + Aligned at: 0.25" +
Indent at: 0.5"
Formatted: Font: Bold
Formatted: Bulleted + Level: 1 + Aligned at: 0.25" +
Indent at: 0.5"
Formatted: Font: Bold
Formatted: Font: Not Italic
Commented [1]: We think the city already does this
during the procurement process. Can we confirm?
Formatted: Font: Not Italic
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 35 of 78
• The task force intends that any program designed to monitor or capture personal
identifying information (sensitive or surveillance) being considered for approval should
demonstrate written policies and operational controls that are commensurate with the
impacts and risks of harms that will be placed on the communities of Chula Vista.
• Any eligible technology operated by the City should be periodically required to
demonstrate to the community and City Council the technology’s costs and effectiveness
at achieving its intended purpose, and its compliance with all privacy requirements.
Guiding Principle 4: Protecting Chula Vistans’ civil rights and civil liberties
• The task force intends that technologies designed to monitor or capture personal
identifying information (sensitive or surveillance) should not be funded, acquired, or used
without studying and addressing their potential impact on civil rights and civil liberties.
• The task force intends that city departments seeking to fund, acquire, or use a technology
designed to monitor or capture personal identifying information (sensitive or
surveillance) should expressly identify the potential adverse impacts the technology may
have on civil rights and civil liberties and what specific measures it will undertake to
prevent such adverse impacts. This information should serve as the basis for all public
hearings regarding the proposed technology.
Based on the guiding principles outlined above, the task force has developed the following
specific recommendations:
Privacy Advisory Board
1. The City should establish a permanent Privacy Advisory Board responsible for carrying
out a broad range of advisory duties.
a. The Privacy Advisory Board should be established as soon as possible, as it is key
to implementing many of the recommendations in this document and conducting
further public discussion on important issues related to privacy and City
technology.
a.b. The Board’s duties are described throughout this document, including:
i. Holding regular meetings that are open to the public, including
opportunities for public comment in English and other languages.
ii. Reviewing Use Policies for privacy-impacting technologies and making
recommendations on changes
iii. Reviewing data sharing agreements.
iv. Reviewing new technology-related contracts.
2. The Privacy Advisory Board should have nine members, at least two-thirds of whom are
Chula Vista residents.
a. Chula Vista residents should comprise a super-majority of Board members
because residents experience the impacts of City decisions on privacy and
technology to a much greater degree than non-residents do.
b. The purpose of allowing non-residents to serve on the Board is to recognize that
non-residents also experience the impacts of City decisions on privacy and
technology, especially if they work, own a business, or attend school in Chula
Formatted: Indent: Left: 0.5"
Formatted: Bulleted + Level: 1 + Aligned at: 0.25" +
Indent at: 0.5"
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 36 of 78
Vista. Additionally, non-residents may have valuable expertise or perspectives
that should be included on the Board.
c. There is no requirement to include non-residents on the Board.
3. Privacy Advisory Board members will be selected through a combination of City staff
review, community review, and City Council review.
a. Members of the Board should be selected through a process that includes review
and vetting by both City staff and by community leaders, similar to the process
used to appoint members of the Technology and Privacy Advisory Task Force.
b. All members of the Board must be approved by a majority vote of the City
Council pursuant to the City Charter.
c. The purpose of involving community leaders in the selection process for some
members is to ensure that Board membership is not exclusively determined by
City staff or elected officials.
4. Selections to the Board should reflect the City’s diversity in terms of race, gender, and
age.
All Board members shall be persons who have an interest in privacy rights as
demonstrated by work experience, civic participation, and/or political advocacy.
No member may be an elected official.
No member may have a financial interest, employment, or policy-making position in any
commercial or for-profit facility, research center, or other organization that sells
surveillance equipment or profits from decisions made by the Board.
Each of the following perspectives should be represented by at least one member of the
Board:
a. A resident of Council District 1
b. A resident of Council District 2
c. A resident of Council District 3
d. A resident of Council District 4
e. A technology professional with expertise in emerging technologies and systems
(this perspective should be represented by three members of the board)
f. A professional financial auditor or Certified Public Accountant (CPA)
g. An attorney, legal scholar, or recognized academic with expertise in privacy
and/or civil rights
h. A member of an organization that focuses on government transparency or
individual privacy
i. A representative from an equity-based organization or a member of the Human
Relations Commission.
j. A former member of the Technology and Privacy Advisory Task Force (only
applies to the first year of appointments)
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 37 of 78
Chief Privacy Officer
5. The City should hire a full-time Chief Privacy Officer responsible for carrying out a
broad range of duties related to privacy.
a. Until a full-time Chief Privacy Officer can be budgeted and hired, the duties of
the Chief Privacy Officer should be carried out by the Chief Information Security
Officer.
b. The Chief Privacy Officer should report to the City Manager to ensure they are
accountable to City Council and the voters of Chula Vista.
i. A minority of task force members believes the Chief Privacy Officer
should report to the City Attorney to ensure they are accountable to the
voters of Chula Vista.
c. The Chief Privacy Officer’s responsibilities include, but are not limited to:
i. Provide regular training sessions and guidance to City staff on privacy
issues.
ii. Serve as the primary City staff liaison to the Privacy Advisory Board,
including:
1. Managing agendas and coordinating meetings
2. Managing the selection process for Privacy Advisory Board
members
3. Assisting in the preparation and presentation of technology Use
Policies for Board review
iii. Performing internal audits and ensuring compliance with data retention
standards and use policies, and coordinating with external privacy auditors
when applicable
iv. Evaluating new technology acquisitions for potential privacy issues
Use Policies
6. The City should create written Use Policies that govern the use of each privacy-impacting
technology and the data generated by those technologies.
a. Each policy should clearly state the purpose of the technology, who will be
allowed to access the technology, how the technology can be used, what kind of
data the technology generates, how that data can be used, how that data is
protected, and the retention period for that data.
7. Use Policies should be drafted by the applicable department in consultation with the
Chief Privacy Officer, then reviewed by the Privacy Advisory Board.
a. Departments will use a template created by the Chief Privacy Officer.
8. Use Policies should be reviewed annually and updated if necessary. Use policies should
also be reviewed and updated any time there is a significant change in the function or
purpose of the technology.
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 38 of 78
9. Due to the large number of use policies that may need to be created or updated, the Chief
Privacy Officer and Privacy Advisory Board will perform an analysis that prioritizes
current and future technologies based on the impact and risks to individual privacy.
Based on the results of this analysis, use policies will be reviewed for the highest-ranked
technologies first.
a. Facial recognition technology, other biometric systems, surveillance systems, and
systems that use machine learning algorithms should be a top priority for Board
review.
Data Retention and Data Sharing
10. The City should never sell the data it collects nor allow third parties working on behalf of
the City to sell or use data owned by the City except as necessary to provide the
contracted service to the City.
11. Internal data-sharingSharing of sensitive personal data between City Departments should
be subject to a review process that includes approval by the City Manager and periodic
review by the Chief Privacy Officer and Privacy Advisory Board.
a. The purpose of this policy recommendation is to ensure there is a clear
understanding of how data is being used and shared between departments, and to
prevent situations where there is uncertainty around how data is being used, such
as in the case of the informal data-sharing that occurred between Engineering and
the Police Department regarding traffic signal camera feeds.
a.b. This recommendation does not apply to the sharing of standard business data or
other operational information between departments. It does apply to data that can
be used to identify a person.
12. External data-sharing between the City and third parties must be approved through a
formal, auditable process that includes the Chief Privacy Officer and Privacy Advisory
Board.
a. The purpose of this policy recommendation is to prevent situations like the
sharing of ALPR data with law enforcement agencies that should not have had
access to it.
b. The review should ensure that personal information is not being shared and that
the data has been repackaged and de-identified to minimize the possibility of
privacy violations.
13. The City Records Retention Schedule should be re-organized and expanded to include
information on what personal data is collected and when that data will be deleted.
a. As part of these updates, the Records Retention schedule should be presented in a
format that provides a category for data type in addition to the existing categories.
b. The Chief Privacy Officer should collaborate with the City Clerk to lead this
process.
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 39 of 78
14. The City should establish a more formal process for ensuring that personal data is being
deleted according to the Use Policies established for that data.
15. The City should establish a policy that it will not collect personal data unless it is
absolutely necessary to provide the core service.
a. The Chula Vista Public Library’s approach to personal data is a model that should
be followed citywide. Personal data is only collected and retained for the period
necessary to provide the service. For example, the library keeps a record of an
item checked out by an individual borrower only until that item is returned, at
which point data related to that transaction is deleted.
b. To ensure compliance with this policy, the Chief Privacy Officer should randomly
sample Departments or data sets to review on a periodic basis.
16. Where possible, the City should anonymize, remove, or de-identify data that relates to a
person.
a. It must be understood and acknowledged that anonymization strategies will not
completely protect individuals from having their identities reverse-engineered
from otherwise anonymized datasets, but these strategies are still valuable in
mitigating risks to individual privacy.
17. The role of the City’s Data Governance Committee should be more clearly defined and
communicated to the public.
a. The City should ensure that the work of the Data Governance Committee is
consistent with the City’s adopted privacy policies and with the role or
recommendations of the Privacy Advisory Board.
a.
Transparency and Oversight
18. City staff should provide annual reports to the Privacy Advisory Board on the use of
selected privacy-impacting technologies. These reports should include the following
information:
a. A description of how and where the technology was used
b. A description of the type and quantity of data gathered or analyzed by the
technology
c. Information about how the data was shared with internal or external entities,
including the names of any recipient entity, the type of data shared, and the
justification for the sharing
18.19. City staff should provide the public with full disclosures about what technologies
have been acquired, what data is being collected, and how that data is being used.
a. These disclosures should happen in a variety of ways, including on the City’s
website, through email newsletters, social media, and in printed communications
mailed to residents.
Formatted: No bullets or numbering
Formatted
Formatted: Indent: Left: 0.5", No bullets or
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 40 of 78
b. These disclosures should address what data is being collected, what department is
collecting it, how it is being used, who has access to it, how long it is retained,
etc.
c. Where feasible, signs should be posted to notify and disclose surveillance
technology. For example, if surveillance cameras are added to parks, signs should
be posted notifying visitors that they are under video surveillance.
d. The City should hold public forums, educational seminars, and other types of
community events to ensure the public is informed and has an opportunity to hold
the City accountable for how privacy-impacting technologies are being used.
e. All public disclosures related to technology, data, and privacy should be provided
with adequate time for public review before any meeting. The 72-hour standard is
not sufficient for the public to review and consider new information, especially
when that time period coincides with weekends and holidays.
e.
19.20. Information about privacy and technology that is provided on the City website
should be easy to find and easy to understand.
a. Links to disclosures should be provided on each Department’s page within the
City website.
b. The City’s “smart city” webpages should have their own navigational tab or
section on the City website, rather than being contained under the Business /
Economic Development section.
20.21. Contracts with technology vendors should be easy for the public to find and
review.
a. This should include information about the status of existing contracts, including
upcoming renewal or termination dates.
21.22. Data breaches should be publicly disclosed to affected individuals as soon as
possible, pursuant to all applicable state and federal laws, and the City should provide a
general notification to the public once the issue has been fully resolved.
a. Notification should happen within 24 hours of the data breach being confirmed.
b.a. Notification to the general public should occur through a wide range of
communications channels, including social media, news media, and the City
website. To protect the City’s information security, only limited information
should be released to the general public.
22.23. Residents should have the opportunity to opt-out or have their data deleted if it
was provided voluntarily to the City and is not needed for City operations.
a. It is understood that individuals will not be able to opt-out of certain types of data
collection, such as a drone responding to 9-1-1 calls, or medical data being
retained following a emergency medical service call.
a.24. The City should establish strong whistleblower protections for any employee who
reports a suspected violation of the City’s privacy or technology policies or any use of
City technology that could violate an individual’s privacy.
Formatted
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 41 of 78
Procurement
25. All contracts with privacy implications must be presented to the City Council, regardless
of whether they meet standard purchasing and contracting thresholds that typically trigger
City Council review.
26. At least one month prior to a City Council decision to acquire new privacy-impacting
technology or to adopt new policies around the use of privacy-impacting technology, the
City should hold public meetings to solicit community input on the proposed policies
associated with the technology.
a. Meetings should be held in locations on both the West and East sides in locations
such as public libraries.
b. These public meetings should include a presentation by City staff outlining how
the technology would work, types of data to be collected, how the data would be
protected, etc.
c. These meetings should be recorded and made available on the City’s website
and/or social media channels such as YouTube, and links to the video should be
promoted through City communications channels in the weeks prior to a City
Council decision.
27. Following the public meetings and prior to seeking City Council approval for a new
privacy-impacting technology, City staff should create a Technology Impact Report that
identifies the following:
a. Potential impacts to the City’s budget, including the cost of acquisition and cost
of anticipated ongoing operations and maintenance
b. Potential impacts on the City’s information security, and proposed strategies to
mitigate those impacts
c. Potential impacts on the civil rights and civil liberties of community members,
and proposed strategies to mitigate those impacts
28. Prior to City Council presentation, contracts with privacy implications must be reviewed
by the Chief Privacy Officer and the Privacy Advisory Board. The evaluation provided
by the Chief Privacy Officer and the Privacy Advisory Board must be included as part of
the report presented to City Council.
29. Public disclosures should follow a process similar to that outlined in Appendix C, in
which City staff first provides draft impact reports and use policies to the Privacy
Advisory Board, then receives feedback and a recommendation from the Privacy
Advisory Board, then provides public notice at least two weeks in advance of a City
Council meeting, and then holds a public hearing at a City Council meeting.
23.
Formatted: Indent: Left: 0"
Formatted: Font: (Default) Times New Roman, 12 pt
Formatted: Indent: Left: 0"
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 42 of 78
24. When acquiring new technology systems, the Chief Information Security Officer and
Chief Privacy Officer should prepare an assessment of the technology’s potential impact on the
City’s information security and detail any mitigation strategies. This assessment should be
provided to the Privacy Advisory Board and the City Council at the same time as any other
documents provided for review, such as the contract for the technology (Item 24) and the
technology's proposed Use Policy (Item 7).
30. As a strategy to mitigate risks to the City’s information security, the City should establish
a preference for acquiring technology that is developed and sold by companies that are
owned and based in the United States.
31. Prior to agreeing to acquire new privacy-impacting technology, the City Council should
make a determination that the following conditions have been met:
a. The collection and use of personal information is reasonably necessary and
proportionate for one of the following purposes, and that this purpose outweighs
the risks and costs to the civil rights and civil liberties of Chula Vista community
members:
i. The vital interest of the individual
ii. The public interest
iii. Contractual necessity
iv. Compliance with legal obligations
v. Unambiguous consent of the individual
vi. Legitimate interest of the City
b. City staff have provided an adequate justification for the stated purposes,
retention periods, and impacts of the technology.
c. The public has been notified at least 30 days prior to the City Council decision.
d. The Privacy Advisory Board has reviewed and provided a recommendation as
part of the City’s due diligence and risk assessment process, and this
recommendation has been documented and provided to the City Council.
e. The City will follow best practices — including, but not limited to,
anonymization, encryption, and least privilege access — to safeguard data.
f. The City will govern the use of surveillance data and biometric data in a manner
similar to the California Privacy Rights Act (CPRA) requirements for “sensitive
data.”
25.32. The City may not enter into any agreement that prohibits the City from publicly
acknowledging that it has acquired or is using a particular technology. Nondisclosure
agreements are acceptable only to extent that they protect a vendor’s proprietary
information without prohibiting the City’s acknowledgement of a relationship with the
vendor.
26.33. Contracts should include a clause of convenience that allows the City to terminate
the agreement in the event the vendor violates any restriction on the sale or sharing of
data or otherwise violates individual privacy protections.
Formatted: Font: (Default) Times New Roman, 12 pt
Formatted: Normal, No bullets or numbering
Formatted: Indent: Left: 0.5", No bullets or
Formatted: Numbered + Level: 2 + Numbering Style:
a, b, c, … + Start at: 1 + Alignment: Left + Aligned at:
0.75" + Indent at: 1"
Formatted: No bullets or numbering
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 43 of 78
27.34. Technology contracts should require that vendors provide the City with the
capability to audit or review who has accessed what information.
a. These access reports should be provided at pre-designated intervals to City staff
or third-party auditors.
28.35. City staff should be provided with additional training to assist in recognizing
potential data privacy issues in contracts.
a. Key staff to receive additional training includes the Chief Privacy Officer, Chief
Information Security Officer, City Attorney staff, and purchasing and contracting
staff.
29.36. Changes in the ownership of a privacy-impacting technology that has already
been reviewed by the Privacy Advisory Board should trigger a new review by the Privacy
Advisory Board.
Information Security
30.37. Establish a comprehensive information security policy that addresses procedures
for maintaining and controlling access to data and articulates the roles and responsibilities
of data stewards and data custodians.
a. An outline of such a policy has been developed by the Information Security
subcommittee of this Task Force and will be submitted as part of this
recommendation.
b. The policy should make clear that only City-owned mobile equipment using two-
factor authentication should be allowed to connect to the City’s primary network.
Any personal devices connecting to the City’s network must use restricted “guest”
access.
c. The policy should provide for audits of all City-owned equipment to protect
against unauthorized storage of regulated data.
d. The policy should require data security breaches to be reviewed and addressed by
an established panel that includes the Director of Information Technology
Services, the Chief Information Security Officer, the Chief of Police, the City
Attorney, and the Chief Privacy Officer.
e. The policy should require that data is stored and transmitted in encrypted formats
whenever possible and prohibit the communication of confidential data through
end-user messaging technologies such as email, instant messaging, chat, or other
communication methods.
f. The policy should specifically address mobile computing devices, including
recovery of data in the event a mobile computing device is lost or stolen.
Additional Comments
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 44 of 78
1. The Task Force has received multiple public comments regarding the methodology used
to conduct the public opinion survey and focus groups. The Task Force encourages City
staff and City Councilmembers to consider the potential for bias in the results of the
public opinion research, particularly as described in the letter from Dr. Norah Shultz of
San Diego State University, which was provided as part of the August 15 Task Force
meeting agenda.
2. Some of the recommendations in this document can be achieved through voluntary
changes to the City’s operating policies and processes, but for some recommendations, an
ordinance may be required to implement. The Task Force urges the City to adopt
ordinances to provide greater structure and accountability to these recommendations.
3. While the Task Force understands it is the City’s prerogative to accept only some of the
recommendations in this document, the Task Force urges the City to treat these
recommendations as a unified whole and implement all recommendations.
Formatted: Numbered + Level: 1 + Numbering Style:
1, 2, 3, … + Start at: 1 + Alignment: Left + Aligned at:
0.25" + Indent at: 0.5"
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 45 of 78
Chula Vista Technology and Privacy Advisory Task Force
Summary of Policy Recommendations
DRAFT VERSION – September 23, 2022
Guiding Principles
Guiding Principle 1: Protecting the privacy and safety of Chula Vistans via enforceable law.
• The task force intends that ordinances should be passed by the Chula Vista City Council
to regulate the acquisition, deployment, use and expansion of new or existing technology
designed to monitor or capture personal identifying information (sensitive or
surveillance) by the City of Chula Vista.
• The task force urges the Chula Vista City Council to align all future decisions regarding
technology designed to monitor or capture personal identifying information (sensitive or
surveillance) with the principles of ensuring Chula Vistans receive maximum awareness,
that any such technologies provide defined and verifiable benefits for Chula Vistans.
• The task force intends that the fully advised and informed elected members of Chula
Vista City Council should be the only body that can authorize new acquisition of, or
continuing use of, technology designed to monitor or capture personal identifying
information (sensitive or surveillance). There should be no automatic exemption from
this approval process for technologies currently in use.
Guiding Principle 2: Providing the communities of Chula Vista with a permanent, empowered
board or commission.
• The task force intends that a board or commission of independent community members
that are affected by technology and or who are most knowledgeable of the risks of
surveillance technology, will be created by Chula Vista City Council.
• The task force intends that the board/commission should be empowered by Chula Vista
City Council to ensure the community is fully informed and provided with sufficient time
and opportunities for meaningful engagement.
• The task force believes local communities and their elected officials should be
empowered to make determinations about the use of existing and new technology. We do
not intend for department heads or department staff to be empowered to make these
determinations without transparency.
• It is the communities most affected that are most in need of an empowered platform, and
whose advice can be most meaningful to creating a trusted process. The task force
intends that the City select its board/commission members accordingly.
Guiding Principle 3: Protecting taxpayer funds and City operations from waste, fraud and
abuse.
• The task force intends that the proposed acquisition and/or use of technology only be
consented to by the Chula Vista City Council under defined conditions, which are
enforced by City Council during the approval process.
• The task force intends that city departments seeking to fund, acquire, and/or use a
surveillance technology should provide information on the surveillance technology’s
financial benefits and costs, including its acquisition and annual operational costs.
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 46 of 78
• The task force intends that any program designed to monitor or capture personal
identifying information (sensitive or surveillance) being considered for approval should
demonstrate written policies and operational controls that are commensurate with the
impacts and risks of harms that will be placed on the communities of Chula Vista.
• Any eligible technology operated by the City should be periodically required to
demonstrate to the community and City Council the technology’s costs and effectiveness
at achieving its intended purpose, and its compliance with all privacy requirements.
Guiding Principle 4: Protecting Chula Vistans’ civil rights and civil liberties
• The task force intends that technologies designed to monitor or capture personal
identifying information (sensitive or surveillance) should not be funded, acquired, or used
without studying and addressing their potential impact on civil rights and civil liberties.
• The task force intends that city departments seeking to fund, acquire, or use a technology
designed to monitor or capture personal identifying information (sensitive or
surveillance) should expressly identify the potential adverse impacts the technology may
have on civil rights and civil liberties and what specific measures it will undertake to
prevent such adverse impacts. This information should serve as the basis for all public
hearings regarding the proposed technology.
Based on the guiding principles outlined above, the task force has developed the following
specific recommendations:
Privacy Advisory Board
1. The City should establish a permanent Privacy Advisory Board responsible for carrying
out a broad range of advisory duties.
a. The Privacy Advisory Board should be established as soon as possible, as it is key
to implementing many of the recommendations in this document and conducting
further public discussion on important issues related to privacy and City
technology.
b. The Board’s duties are described throughout this document, including:
i. Holding regular meetings that are open to the public, including
opportunities for public comment in English and other languages.
ii. Reviewing Use Policies for privacy-impacting technologies and making
recommendations on changes
iii. Reviewing data sharing agreements.
iv. Reviewing new technology-related contracts.
2. The Privacy Advisory Board should have nine members, at least two-thirds of whom are
Chula Vista residents.
a. Chula Vista residents should comprise a super-majority of Board members
because residents experience the impacts of City decisions on privacy and
technology to a much greater degree than non-residents do.
b. The purpose of allowing non-residents to serve on the Board is to recognize that
non-residents also experience the impacts of City decisions on privacy and
technology, especially if they work, own a business, or attend school in Chula
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 47 of 78
Vista. Additionally, non-residents may have valuable expertise or perspectives
that should be included on the Board.
c. There is no requirement to include non-residents on the Board.
3. Privacy Advisory Board members will be selected through a combination of City staff
review, community review, and City Council review.
a. Members of the Board should be selected through a process that includes review
and vetting by both City staff and by community leaders, similar to the process
used to appoint members of the Technology and Privacy Advisory Task Force.
b. All members of the Board must be approved by a majority vote of the City
Council pursuant to the City Charter.
c. The purpose of involving community leaders in the selection process for some
members is to ensure that Board membership is not exclusively determined by
City staff or elected officials.
4. Selections to the Board should reflect the City’s diversity in terms of race, gender, and
age.
All Board members shall be persons who have an interest in privacy rights as
demonstrated by work experience, civic participation, and/or political advocacy.
No member may be an elected official.
No member may have a financial interest, employment, or policy-making position in any
commercial or for-profit facility, research center, or other organization that sells
surveillance equipment or profits from decisions made by the Board.
Each of the following perspectives should be represented by at least one member of the
Board:
a. A resident of Council District 1
b. A resident of Council District 2
c. A resident of Council District 3
d. A resident of Council District 4
e. A technology professional with expertise in emerging technologies and systems
(this perspective should be represented by three members of the board)
f. A professional financial auditor or Certified Public Accountant (CPA)
g. An attorney, legal scholar, or recognized academic with expertise in privacy
and/or civil rights
h. A member of an organization that focuses on government transparency or
individual privacy
i. A representative from an equity-based organization or a member of the Human
Relations Commission.
j. A former member of the Technology and Privacy Advisory Task Force (only
applies to the first year of appointments)
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 48 of 78
Chief Privacy Officer
5. The City should hire a full-time Chief Privacy Officer responsible for carrying out a
broad range of duties related to privacy.
a. Until a full-time Chief Privacy Officer can be budgeted and hired, the duties of
the Chief Privacy Officer should be carried out by the Chief Information Security
Officer.
b. The Chief Privacy Officer should report to the City Manager to ensure they are
accountable to City Council and the voters of Chula Vista.
i. A minority of task force members believes the Chief Privacy Officer
should report to the City Attorney to ensure they are accountable to the
voters of Chula Vista.
c. The Chief Privacy Officer’s responsibilities include, but are not limited to:
i. Provide regular training sessions and guidance to City staff on privacy
issues.
ii. Serve as the primary City staff liaison to the Privacy Advisory Board,
including:
1. Managing agendas and coordinating meetings
2. Managing the selection process for Privacy Advisory Board
members
3. Assisting in the preparation and presentation of technology Use
Policies for Board review
iii. Performing internal audits and ensuring compliance with data retention
standards and use policies, and coordinating with external privacy auditors
when applicable
iv. Evaluating new technology acquisitions for potential privacy issues
Use Policies
6. The City should create written Use Policies that govern the use of each privacy-impacting
technology and the data generated by those technologies.
a. Each policy should clearly state the purpose of the technology, who will be
allowed to access the technology, how the technology can be used, what kind of
data the technology generates, how that data can be used, how that data is
protected, and the retention period for that data.
7. Use Policies should be drafted by the applicable department in consultation with the
Chief Privacy Officer, then reviewed by the Privacy Advisory Board.
a. Departments will use a template created by the Chief Privacy Officer.
8. Use Policies should be reviewed annually and updated if necessary. Use policies should
also be reviewed and updated any time there is a significant change in the function or
purpose of the technology.
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 49 of 78
9. Due to the large number of use policies that may need to be created or updated, the Chief
Privacy Officer and Privacy Advisory Board will perform an analysis that prioritizes
current and future technologies based on the impact and risks to individual privacy.
Based on the results of this analysis, use policies will be reviewed for the highest-ranked
technologies first.
a. Facial recognition technology, other biometric systems, surveillance systems, and
systems that use machine learning algorithms should be a top priority for Board
review.
Data Retention and Data Sharing
10. The City should never sell the data it collects nor allow third parties working on behalf of
the City to sell or use data owned by the City except as necessary to provide the
contracted service to the City.
11. Sharing of sensitive personal data between City Departments should be subject to a
review process that includes approval by the City Manager and periodic review by the
Chief Privacy Officer and Privacy Advisory Board.
a. The purpose of this policy recommendation is to ensure there is a clear
understanding of how data is being used and shared between departments, and to
prevent situations where there is uncertainty around how data is being used, such
as in the case of the informal data-sharing that occurred between Engineering and
the Police Department regarding traffic signal camera feeds.
b. This recommendation does not apply to the sharing of standard business data or
other operational information between departments. It does apply to data that can
be used to identify a person.
12. External data-sharing between the City and third parties must be approved through a
formal, auditable process that includes the Chief Privacy Officer and Privacy Advisory
Board.
a. The purpose of this policy recommendation is to prevent situations like the
sharing of ALPR data with law enforcement agencies that should not have had
access to it.
b. The review should ensure that personal information is not being shared and that
the data has been repackaged and de-identified to minimize the possibility of
privacy violations.
13. The City Records Retention Schedule should be re-organized and expanded to include
information on what personal data is collected and when that data will be deleted.
a. As part of these updates, the Records Retention schedule should be presented in a
format that provides a category for data type in addition to the existing categories.
b. The Chief Privacy Officer should collaborate with the City Clerk to lead this
process.
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 50 of 78
14. The City should establish a more formal process for ensuring that personal data is being
deleted according to the Use Policies established for that data.
15. The City should establish a policy that it will not collect personal data unless it is
absolutely necessary to provide the core service.
a. The Chula Vista Public Library’s approach to personal data is a model that should
be followed citywide. Personal data is only collected and retained for the period
necessary to provide the service. For example, the library keeps a record of an
item checked out by an individual borrower only until that item is returned, at
which point data related to that transaction is deleted.
b. To ensure compliance with this policy, the Chief Privacy Officer should randomly
sample Departments or data sets to review on a periodic basis.
16. Where possible, the City should anonymize, remove, or de-identify data that relates to a
person.
a. It must be understood and acknowledged that anonymization strategies will not
completely protect individuals from having their identities reverse-engineered
from otherwise anonymized datasets, but these strategies are still valuable in
mitigating risks to individual privacy.
17. The role of the City’s Data Governance Committee should be more clearly defined and
communicated to the public.
a. The City should ensure that the work of the Data Governance Committee is
consistent with the City’s adopted privacy policies and with the role or
recommendations of the Privacy Advisory Board.
Transparency and Oversight
18. City staff should provide annual reports to the Privacy Advisory Board on the use of
selected privacy-impacting technologies. These reports should include the following
information:
a. A description of how and where the technology was used
b. A description of the type and quantity of data gathered or analyzed by the
technology
c. Information about how the data was shared with internal or external entities,
including the names of any recipient entity, the type of data shared, and the
justification for the sharing
19. City staff should provide the public with full disclosures about what technologies have
been acquired, what data is being collected, and how that data is being used.
a. These disclosures should happen in a variety of ways, including on the City’s
website, through email newsletters, social media, and in printed communications
mailed to residents.
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 51 of 78
b. These disclosures should address what data is being collected, what department is
collecting it, how it is being used, who has access to it, how long it is retained,
etc.
c. Where feasible, signs should be posted to notify and disclose surveillance
technology. For example, if surveillance cameras are added to parks, signs should
be posted notifying visitors that they are under video surveillance.
d. The City should hold public forums, educational seminars, and other types of
community events to ensure the public is informed and has an opportunity to hold
the City accountable for how privacy-impacting technologies are being used.
e. All public disclosures related to technology, data, and privacy should be provided
with adequate time for public review before any meeting. The 72-hour standard is
not sufficient for the public to review and consider new information, especially
when that time period coincides with weekends and holidays.
20. Information about privacy and technology that is provided on the City website should be
easy to find and easy to understand.
a. Links to disclosures should be provided on each Department’s page within the
City website.
b. The City’s “smart city” webpages should have their own navigational tab or
section on the City website, rather than being contained under the Business /
Economic Development section.
21. Contracts with technology vendors should be easy for the public to find and review.
a. This should include information about the status of existing contracts, including
upcoming renewal or termination dates.
22. Data breaches should be disclosed to affected individuals as soon as possible, pursuant to
all applicable state and federal laws, and the City should provide a general notification to
the public once the issue has been fully resolved.
a. Notification to the general public should occur through a wide range of
communications channels, including social media, news media, and the City
website. To protect the City’s information security, only limited information
should be released to the general public.
23. Residents should have the opportunity to opt-out or have their data deleted if it was
provided voluntarily to the City and is not needed for City operations.
a. It is understood that individuals will not be able to opt-out of certain types of data
collection, such as a drone responding to 9-1-1 calls, or medical data being
retained following a emergency medical service call.
24. The City should establish strong whistleblower protections for any employee who reports
a suspected violation of the City’s privacy or technology policies or any use of City
technology that could violate an individual’s privacy.
Procurement
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 52 of 78
25. All contracts with privacy implications must be presented to the City Council, regardless
of whether they meet standard purchasing and contracting thresholds that typically trigger
City Council review.
26. At least one month prior to a City Council decision to acquire new privacy-impacting
technology or to adopt new policies around the use of privacy-impacting technology, the
City should hold public meetings to solicit community input on the proposed policies
associated with the technology.
a. Meetings should be held in locations on both the West and East sides in locations
such as public libraries.
b. These public meetings should include a presentation by City staff outlining how
the technology would work, types of data to be collected, how the data would be
protected, etc.
c. These meetings should be recorded and made available on the City’s website
and/or social media channels such as YouTube, and links to the video should be
promoted through City communications channels in the weeks prior to a City
Council decision.
27. Following the public meetings and prior to seeking City Council approval for a new
privacy-impacting technology, City staff should create a Technology Impact Report that
identifies the following:
a. Potential impacts to the City’s budget, including the cost of acquisition and cost
of anticipated ongoing operations and maintenance
b. Potential impacts on the City’s information security, and proposed strategies to
mitigate those impacts
c. Potential impacts on the civil rights and civil liberties of community members,
and proposed strategies to mitigate those impacts
28. Prior to City Council presentation, contracts with privacy implications must be reviewed
by the Chief Privacy Officer and the Privacy Advisory Board. The evaluation provided
by the Chief Privacy Officer and the Privacy Advisory Board must be included as part of
the report presented to City Council.
29. Public disclosures should follow a process similar to that outlined in Appendix C, in
which City staff first provides draft impact reports and use policies to the Privacy
Advisory Board, then receives feedback and a recommendation from the Privacy
Advisory Board, then provides public notice at least two weeks in advance of a City
Council meeting, and then holds a public hearing at a City Council meeting.
30. As a strategy to mitigate risks to the City’s information security, the City should establish
a preference for acquiring technology that is developed and sold by companies that are
owned and based in the United States.
31. Prior to agreeing to acquire new privacy-impacting technology, the City Council should
make a determination that the following conditions have been met:
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 53 of 78
a. The collection and use of personal information is reasonably necessary and
proportionate for one of the following purposes, and that this purpose outweighs
the risks and costs to the civil rights and civil liberties of Chula Vista community
members:
i. The vital interest of the individual
ii. The public interest
iii. Contractual necessity
iv. Compliance with legal obligations
v. Unambiguous consent of the individual
vi. Legitimate interest of the City
b. City staff have provided an adequate justification for the stated purposes,
retention periods, and impacts of the technology.
c. The public has been notified at least 30 days prior to the City Council decision.
d. The Privacy Advisory Board has reviewed and provided a recommendation as
part of the City’s due diligence and risk assessment process, and this
recommendation has been documented and provided to the City Council.
e. The City will follow best practices — including, but not limited to,
anonymization, encryption, and least privilege access — to safeguard data.
f. The City will govern the use of surveillance data and biometric data in a manner
similar to the California Privacy Rights Act (CPRA) requirements for “sensitive
data.”
32. The City may not enter into any agreement that prohibits the City from publicly
acknowledging that it has acquired or is using a particular technology. Nondisclosure
agreements are acceptable only to extent that they protect a vendor’s proprietary
information without prohibiting the City’s acknowledgement of a relationship with the
vendor.
33. Contracts should include a clause of convenience that allows the City to terminate the
agreement in the event the vendor violates any restriction on the sale or sharing of data or
otherwise violates individual privacy protections.
34. Technology contracts should require that vendors provide the City with the capability to
audit or review who has accessed what information.
a. These access reports should be provided at pre-designated intervals to City staff
or third-party auditors.
35. City staff should be provided with additional training to assist in recognizing potential
data privacy issues in contracts.
a. Key staff to receive additional training includes the Chief Privacy Officer, Chief
Information Security Officer, City Attorney staff, and purchasing and contracting
staff.
36. Changes in the ownership of a privacy-impacting technology that has already been
reviewed by the Privacy Advisory Board should trigger a new review by the Privacy
Advisory Board.
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 54 of 78
Information Security
37. Establish a comprehensive information security policy that addresses procedures for
maintaining and controlling access to data and articulates the roles and responsibilities of
data stewards and data custodians.
a. An outline of such a policy has been developed by the Information Security
subcommittee of this Task Force and will be submitted as part of this
recommendation.
b. The policy should make clear that only City-owned mobile equipment using two-
factor authentication should be allowed to connect to the City’s primary network.
Any personal devices connecting to the City’s network must use restricted “guest”
access.
c. The policy should provide for audits of all City-owned equipment to protect
against unauthorized storage of regulated data.
d. The policy should require data security breaches to be reviewed and addressed by
an established panel that includes the Director of Information Technology
Services, the Chief Information Security Officer, the Chief of Police, the City
Attorney, and the Chief Privacy Officer.
e. The policy should require that data is stored and transmitted in encrypted formats
whenever possible and prohibit the communication of confidential data through
end-user messaging technologies such as email, instant messaging, chat, or other
communication methods.
f. The policy should specifically address mobile computing devices, including
recovery of data in the event a mobile computing device is lost or stolen.
Additional Comments
1. The Task Force has received multiple public comments regarding the methodology used
to conduct the public opinion survey and focus groups. The Task Force encourages City
staff and City Councilmembers to consider the potential for bias in the results of the
public opinion research, particularly as described in the letter from Dr. Norah Shultz of
San Diego State University, which was provided as part of the August 15 Task Force
meeting agenda.
2. Some of the recommendations in this document can be achieved through voluntary
changes to the City’s operating policies and processes, but for some recommendations, an
ordinance may be required to implement. The Task Force urges the City to adopt
ordinances to provide greater structure and accountability to these recommendations.
3. While the Task Force understands it is the City’s prerogative to accept only some of the
recommendations in this document, the Task Force urges the City to treat these
recommendations as a unified whole and implement all recommendations.
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 55 of 78
Appendix A: Definitions
DRAFT – September 23, 2022
1.“Annual Surveillance Report” means a written report concerning a specific surveillance
technology that includes all the following: (San Diego TRUST pg.3)
a. A description of how the surveillance technology was used, including the type and
quantity of data gathered or analyzed by the technology;
b. Whether and how often data acquired through the use of the surveillance technology
was shared with internal or external entities, the name of any recipient entity, the type(s)
of data disclosed, under what legal standard(s) the information was disclosed, and the
justification for the disclosure(s) except that no confidential or sensitive information
should be disclosed that would violate any applicable law or would undermine the
legitimate security interests of the City;
c. Where applicable, a description of the physical objects to which the surveillance
technology hardware was installed without revealing the specific location of such
hardware; for surveillance technology software, a breakdown of what data sources the
surveillance technology was applied to;
d. Where applicable, a description of where the surveillance technology was deployed
geographically, by each Police Area in the relevant year;
e. A summary of community complaints or concerns about the surveillance technology,
and an analysis of its Surveillance Use Policy and whether it is adequate in protecting
civil rights and civil liberties. The analysis shall consider whether, and to what extent, the
use of the surveillance technology disproportionately impacts certain groups or
individuals;
f. The results of any internal audits or investigations relating to surveillance technology,
any information about violations or potential violations of the Surveillance Use Policy,
and any actions taken in response. To the extent that the public release of such
information is prohibited by law, City staff shall provide a confidential report to the City
Council regarding this information to the extent allowed by law;
g. Information about any data breaches or other unauthorized access to the data collected
by the surveillance technology, including information about the scope of the breach and
the actions taken in response, except that no confidential or sensitive information should
be disclosed that would violate any applicable law or would undermine the legitimate
security interests of the City;
h. A general description of all methodologies used to detect incidents of data breaches or
unauthorized access, except that no confidential or sensitive information should be
disclosed that would violate any applicable law or would undermine the legitimate
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 56 of 78
security interests of the City;
I. Information, including crime statistics, that helps the community assess whether the
surveillance technology has been effective at achieving its identified purposes;
i. Statistics and information about Public Records Act requests regarding the relevant
subject surveillance technology, including response rates, such as the number of Public
Records Act requests on such surveillance technology and the open and close date for
each of these Public Records Act requests;
j. Total annual costs for the surveillance technology, including personnel and other
ongoing costs, and what source of funding will fund the surveillance technology in the
coming year; and
k. Any requested modifications to the Surveillance Use Policy and a detailed basis for the
request.
2. “City” means any department, unit, program, and/or subordinate division of the City of Chula
Vista as provided by Chapter XXXX of the Chula Vista Municipal Code. (CV Municipal Code
Sec. 210.01.01 paragraph C; San Diego TRUST pg.6)
3. “City staff” means City personnel authorized by the City Manager or appropriate City
department head to seek City Council Approval of Surveillance Technology in conformance with
this Chapter. (San Diego TRUST pg.7)
4. “Community meeting” means a publicly held meeting that is accessible, noticed at least
seventy-two hours in advance in at least two languages, for the purpose of educating
communities, answering questions, and learning about potential impacts of surveillance
technology on disadvantaged groups. (CV City Charter pg.7; San Diego TRUST pg.7)
5. “Continuing agreement” means a written agreement that automatically renews unless
terminated by one or more parties. (CV City Charter pg.7; San Diego TRUST pg.7)
6. “Exigent circumstances” means a City department’s good faith belief that an emergency
involving imminent danger of death or serious physical injury to any individual requires the use
of surveillance technology that has not received prior approval by City Council. (CV City
Charter pg.7; San Diego TRUST pg.7)
7. “Facial recognition technology” means an automated or semi-automated process that assists in
identifying or verifying an individual based on an individual’s face. (CV City Charter pg.7; San
Diego TRUST pg.7)
8. “Individual” means a natural person. (CV City Charter pg.7; San Diego TRUST pg.7)
9. “Personal communication device” means a mobile telephone, a personal digital assistant, a
wireless capable tablet and a similar wireless two-way communications and/or portable internet-
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 57 of 78
accessing device, whether procured or subsidized by a City entity or personally owned, that is
used in the regular course of City business. (CV City Charter pg.8; San Diego TRUST pg.8)
10. “Police area” refers to each of the geographic districts assigned to a Chula Vista Police
Department captain or commander and as such districts are amended from time to time. (CV City
Charter pg.8; San Diego TRUST pg.8)
11. “Sensitive personal information” will reflect the California Privacy Rights Act (CPRA)
1798.140 definition of personal information which defines the term to include:
(l) personal information that reveals:
(A) a consumer’s social security, driver’s license, state identification card, or
passport number;
(B) a consumer’s account log-in, financial account, debit card, or credit card
number in combination with any required security or access code, password, or
credentials allowing access to an account;
(C) a consumer’s precise geolocation;
(D) a consumer’s racial or ethnic origin, religious or philosophical beliefs, or
union membership;
(E) the contents of a consumer’s mail, email and text messages, unless the
business is the intended recipient of the communication;
(F) a consumer’s genetic data; and
(2) (A) the processing of biometric information for the purpose of uniquely
identifying a consumer;
(B) personal information collected and analyzed concerning a consumer’s health;
or
(C) personal information collected and analyzed concerning a consumer’s sex life
or sexual orientation.
12. “Surveillance” (or “spying”) means to observe or analyze the movements, behavior, data, or
actions of individuals. Individuals include those whose identity can be revealed by data or
combinations of data, such as license plate data, images, IP addresses, user identifications,
unique digital identifiers, or data traces left by the individual. (CV City Charter pg.8)
13. “Surveillance technology” means any software (e.g., scripts, code, Application Programming
Interfaces), electronic device, or system utilizing an electronic device used, designed, or
primarily intended to observe, collect, retain, analyze, process, or share audio, electronic, visual,
location, thermal, olfactory, biometric, or similar information specifically associated with, or
capable of being associated with, any individual or group. It also includes the product (e.g.,
audiovisual recording, data, analysis, report) of such surveillance technology. Examples of
surveillance technology include, but are not limited to the following: cell site simulators
(Stingrays); automated license plate readers; gunshot detectors (ShotSpotter); drone-mounted
data collection; facial recognition software; thermal imaging systems; body-worn cameras; social
media analytics software; gait analysis software; video cameras that can record audio or video
and transmit or be remotely accessed. It also includes software designed to monitor social media
services or forecast and/or predict criminal activity or criminality, and biometric identification
hardware or software. “Surveillance technology” does not include devices, software, or
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 58 of 78
hardware, unless they have been equipped with, or are modified to become or include, a
surveillance technology beyond what is set forth below or used beyond a purpose as set forth
below: (CV City Charter pg.8; San Diego TRUST pg.8)
a. Routine office hardware, such as televisions, computers, credit card machines, badge
readers, copy machines, and printers, that is in widespread use and will not be used for
any public surveillance or law enforcement functions related to the public;
b. Parking Ticket Devices (PTDs) used solely for parking enforcement-related purposes,
including any sensors embedded in parking sensors to detect the presence of a car in the
space;
c. Manually-operated, non-wearable, handheld digital cameras, audio recorders, and
video recorders that are not designed to be used surreptitiously and whose functionality is
limited to manually-capturing and manually-downloading video and/or audio recordings;
d. Surveillance devices that cannot record or transmit audio or video or be remotely
accessed, such as image stabilizing binoculars or night vision goggles;
e. Manually-operated technological devices used primarily for internal municipal entity
communications and are not designed to surreptitiously collect surveillance data, such as
radios and email systems;
f. City databases that do not contain any data or other information collected, captured,
recorded, retained, processed, intercepted, or analyzed by surveillance technology,
including payroll, accounting, or other fiscal databases;
g. Medical equipment used to diagnose, treat, or prevent disease or injury, provided that
any information obtained from this equipment is used solely for medical purposes;
h. Police department interview room cameras;
i. City department case management systems;
j. Personal Communication Devices that have not been modified beyond stock
manufacturer capabilities in a manner described above;
k. Surveillance technology used by the City solely to monitor and conduct internal
investigations involving City employees, contractors, and volunteers; and,
l. Systems, software, databases, and data sources used for revenue collection on behalf of
the City by the City Treasurer, provided that no information from these sources is shared
by the City Treasurer with any other City department or third-party except as part of
efforts to collect revenue that is owed to the City.
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 59 of 78
14. “Surveillance Impact Report” means a publicly-posted written report including, at a
minimum, the following: (CV Charter pg.11; San Diego TRUST pg.11)
a. Description: Information describing the surveillance technology and how it works,
including product descriptions from manufacturers;
b. Purpose: Information on the proposed purposes(s) for the surveillance technology;
c. Location: The physical or virtual location(s) it may be deployed, using general
descriptive terms, and crime statistics for any location(s);
d. Impact: An assessment of the Surveillance Use Policy for the particular technology and
whether it is adequate in protecting civil rights and liberties and whether the surveillance
technology was used or deployed, intentionally or inadvertently, in a manner that may
disproportionately affect marginalized communities;
e. Mitigations: Identify specific, affirmative technical and procedural measures that will
be implemented to safeguard the public from each identified impact;
f. Data Types and Sources: A list of all types and sources of data to be collected,
analyzed, or processed by the surveillance technology, including open source data,
scores, reports, logic or algorithm used, and any additional information derived
therefrom;
g. Data Security: Information about the controls that will be designed and implemented to
ensure that adequate security objectives are achieved to safeguard the data collected or
generated by the surveillance technology from unauthorized access or disclosure;
h. Fiscal Costs and Sources: The forecasted, prior, and ongoing fiscal costs for the
surveillance technology, including initial purchase, personnel, and other ongoing costs,
and any past, current or potential sources of funding;
i. Third-Party Dependence: Whether use or maintenance of the surveillance technology
will require data gathered by the surveillance technology to be handled or stored by a
third-party vendor at any time;
j. Alternatives: A summary of all alternative methods (whether involving the use of a new
technology or not) considered before deciding to use the proposed surveillance
technology, including the costs and benefits associated with each alternative and an
explanation of the reasons why each alternative is inadequate;
k. Track Record: A summary of the experience (if any) other entities, especially
government entities, have had with the proposed technology, including, if available,
quantitative information about the effectiveness of the proposed
surveillance technology in achieving its stated purpose in other jurisdictions, and any
known adverse information about the surveillance technology such as unanticipated
costs, failures, or civil rights and civil liberties abuses, existing publicly reported
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 60 of 78
controversies, and any court rulings in favor or in opposition to the surveillance; and
l. Public engagement and comments: A description of any community engagement held
and any future community engagement plans, number of attendees, a compilation of all
comments received and City departmental responses given, and City departmental
conclusions about potential neighborhood impacts and how such impacts may differ as it
pertains to different segments of the community that may result from the acquisition of
surveillance technology.
15. "Surveillance Use Policy" means a publicly-released and legally-enforceable policy for use
of the surveillance technology that at a minimum specifies the following: (CV Charter pg.13;
San Diego TRUST pg.13)
a. Purpose: The specific purpose(s) that the surveillance technology is intended to
advance;
b. Use: The specific uses that are authorized, and the rules and processes required prior to
such use;
c. Data Collection: The information that can be collected, captured, recorded, intercepted,
or retained by the surveillance technology, as well as data that might be inadvertently
collected during the authorized uses of the surveillance technology and what measures
will be taken to minimize and delete such data. Where applicable, any data sources the
surveillance technology will rely upon, including open source data, should be listed;
d. Data Access: The job classification of individuals who can access or use the collected
information, and the rules and processes required prior to access or use of the
information;
e. Data Protection: The safeguards that protect information from unauthorized access,
including logging, encryption, and access control mechanisms;
f. Data Retention: The time period, if any, for which information collected by the
surveillance technology will be routinely retained, the reason such retention period is
appropriate to further the purpose(s), the process by which the information is regularly
deleted after that period lapses, and the specific conditions that must be met to retain
information beyond that period;
g. Public Access: A description of how collected information can be accessed or used by
members of the public, including criminal defendants;
h. Third Party Data Sharing: If and how information obtained from the
surveillance technology can be used or accessed, including any required justification or
legal standard necessary to do so and any obligations imposed on the recipient of the
information;
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 61 of 78
i. Training: The training required for any individual authorized to use the surveillance
technology or to access information collected by the surveillance technology;
j. Auditing and Oversight: The procedures used to ensure that the Surveillance Use Policy
is followed, including internal personnel assigned to ensure compliance with the policy,
internal recordkeeping of the use of the surveillance technology or access to information
collected by the surveillance technology, technical measures to monitor for misuse, any
independent person or entity with oversight authority, and the legally enforceable
sanctions for violations of the policy; and
k. Maintenance: The procedures used to ensure that the security and integrity of the
surveillance technology and collected information will be maintained.
16. Data: Structured information. Includes narrative, textual, geospatial, tabular, legislative,
statistical, factual, quantitative, or qualitative information. (Chula Vista Open Data Policy)
17. Personal Data: Any Data that identifies, or can in combination with other Data identify, an
individual person.
18. Privacy-Impacting Technology: A technology that generates, collects, or otherwise makes
use of Personal Data. Does not include standard office equipment such as laptop computers,
standard office software such as Microsoft Excel, or manually operated equipment such as
handheld digital cameras.
19. CHANGES TO BETTER DEFINE Privacy Impacting Technology & Privacy Implications:
The City should establish a Privacy Advisory Board responsible for carrying out a
broad range of advisory duties.
a. The Board’s duties are described throughout this document, including:
i. Holding regular meetings that are open to the public, including opportunities for
public comment in English and other languages.
ii. Reviewing Use Policies for PRIVACY-IMPACTING TECHNOLOGIES and
making recommendations on changes. Conduct periodic privacy impact
assessments and review/address identified privacy risks
iii. Reviewing data sharing agreements.
iv. Reviewing new technology-related contracts.
23. All contracts with PRIVACY IMPLICATIONS privacy risks must be presented
to the City Council, regardless of whether they meet standard purchasing and
contracting thresholds that typically trigger City Council review.
- Both terms defined in NIST:
Privacy impact Assessment - https://csrc.nist.gov/glossary/term/privacy_impact_assessment
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 62 of 78
Privacy Impact Assessment: " An analysis of how information is handled to ensure handling
conforms to applicable legal, regulatory, and policy requirements regarding privacy; to determine
the risks and effects of creating, collecting, using, processing, storing, maintaining, disseminating,
disclosing, and disposing of information in identifiable form in an electronic information system;
and to examine and evaluate protections and alternate processes for handling information to
mitigate potential privacy concerns. A privacy impact assessment is both an analysis and a formal
document detailing the process and the outcome of the analysis."
Privacy Risk - https://csrc.nist.gov/glossary/term/privacy_risk
Privacy Risk: "The likelihood that individuals will experience problems resulting from data
processing, and the impact should they occur."
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 63 of 78
Information Security Subcommittee Report
August 15, 2022
Members: Charles Walker and Carlos De La Toba
Recommended City Information Security Policies
PURPOSE: To provide guidelines with regard to the responsibility of every City of Chula Vista (City) employee
who accesses Data and information in electronic formats and to provide for the security of that Data and to
restrict unauthorized access to such information.
POLICY: Electronic Data is important to the City assets that must be protected by appropriate safeguards and
managed with respect to Data stewardship. This policy defines the required Electronic Data ma nagement
environment and classifications of Data, and assigns responsibility for ensuring Data and information privacy
and security at each level of access and control.
SCOPE AND APPLICABILITY: This policy applies to all City personnel and affiliated users with access to City
Data.
DEFINITIONS:
Affiliated Users: Vendors and guests who have a relationship to the City and need access to City systems.
Application or App: A software program run on a computer or mobile device for the purpose of providing a
business/academic/social function.
Cloud: An on-demand availability, geographically dispersed infrastructure of computer system resources,
especially data storage (cloud storage) and computing power, without direct active management by the end
user. Clouds may be limited to a single organization (Private Cloud), or be available to many organizations
(Public Cloud). Cloud-computing providers offer their “services” according to three standard models:
Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS).
Confidential Data: Data that are specifically restricted from open disclosure to the public by law are classified
as Confidential Data. Confidential Data requires a high level of protection against unau thorized disclosure,
modification, transmission, destruction, and use. Confidential Data include, but are not limited to:
• Medical Data, such as Electronic Protected Health Information and Data protected by the Health
Insurance Portability and Accountability Act (HIPAA);
• Investigation. Only investigation data and information within the following broad categories is to be
considered Confidential Data:
o Active Investigations;
o Activity that is covered by a fully executed non-disclosure agreement (NDA);
o Information, data, etc., that is proprietary or confidential (whether it belongs to an internal
investigator or an outside collaborator), regardless of whether it is subject to an NDA;
o Information or data that is required to be deemed confidential by state or federal law (e.g.,
personally identifying information about research subjects, HIPAA or FERPA protected
information, etc.); and
o Information related to an allegation or investigation into misconduct.
• Information access security, such as login passwords, Personal Identification Numbers (PINS), logs with
personally identifiable Data, digitized signatures, and encryption keys;
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 64 of 78
• Primary account numbers, cardholder Data, credit card numbers, payment card information, banking
information, employer or taxpayer identification number, demand deposit account number, savings
account number, financial transaction device account number, account password , stock or other
security certificate or account number (such as Data protected by the Payment Card Indu stry Data
Security Standard) ;
• Personnel file, including Social Security Numbers;
• Library records;
• Driver’s license numbers, state personal identification card numbers, Social Security Numbers,
employee identification numbers, government passport numbers, and other personal information that
is protected from disclosure by state and federal identity theft laws and regulations.
Data Classifications: All Electronic Data covered by this policy are assigned one of three classifications:
• Confidential
• Operation Critical
• Unrestricted
Data Custodian: Persons or departments providing operational support for an information system and having
responsibility for implementing the Data Maintenance and Control Method defined by the Data Steward.
Data Maintenance and Control Method: The process defined and approved by the Data Steward to handle
the following tasks:
• Definition of access controls with assigned access, privilege enablement, and documented
management approval, based on job functions and requirements.
• Identification of valid Data sources
• Acceptable methods for receiving Data from identified sources
• Process for the verification of received Data
• Rules, standards and guidelines for the entry of new Data, change of existing Data or deletion of Data
• Rules, standards and guidelines for controlled access to Data
• Process for Data integrity verification
• Acceptable methods for distributing, releasing, sharing, storing or transferring Data
• Acceptable Data locations
• Providing for the security of Confidential Data and Operation Critical Data
• Assuring sound methods for handling, processing, security and disaster recovery of Data
• Assuring that Data are gathered, processed, shared and stored in accordance with the City privacy
statement (to be written).
Data Steward: The persons responsible for City functions and who determine Data Maintenance and Control
Methods are Data Stewards.
Electronic Data/Data: Distinct pieces of information, intentionally or unintentionally provided to the City in a
variety of administrative, academic and business processes. This policy covers all Data stored on any
electronic media, and within any computer systems defined as a City information technology resource.
Mobile Computing Devices: Information technology resources of such devices include, but are not limited to,
laptops, tablets, cell phones, smart phones, and other portable devices.
Operation Critical Data: Data determined to be critical and essential to the successful operation of the City as
a whole, and whose loss or corruption would cause a severe detrimental impact to continued operations.
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 65 of 78
Data receiving this classification require a high level of protection against accidental d istribution, exposure or
destruction, and must be covered by high quality disaster recovery and business contin uity measures. Data in
this category include Data stored on Enterprise Systems such as Data passed through networked
communications systems. Such Data may be released or shared under defined, specific procedures for
disclosure, such as departmental guidelines, documented procedures or policies.
City Provided Data Systems: Information technology resources, as defined and described by the City and used
for the storage, maintenance and processing of City Data.
Unrestricted Data: Information that may be released or shared as needed.
Usage/Data Use: Usage and Data Use are used interchangeably and are defined as gathering, viewing,
storing, sharing, transferring, distributing, modifying, printing and otherwise acting to provide a Data
maintenance environment.
PROCEDURES:
1. Data Stewardship
Data Stewards are expected to create, communicate and enforce Data Maintenance and Control Methods.
Data Stewards are also expected to have knowledge of functions in their areas and the Data and information
used in support of those functions. The Chief Information Officer(CIO) is ultimately accountable for the Data
management and stewardship of all the City data. The CIO may appoint others in their respective areas of
responsibility.
2. Data Maintenance and Control Method
Data Stewards will develop and maintain Data Maintenance and Control Methods for their assigned systems.
When authorizing and assigning access controls defined in the Data Maintenance and Control Methods
involving Confidential Data and Operation Critical Data, Data Stewards will restrict user privileges to the least
access necessary to perform job functions based on job role and res ponsibility.
If the system is a City Provided Data System, City Technology Services will provide, upon request, guidance and
services for the tasks identified in the Data Maintenance and Control Method.
If the system is provided by a Public Cloud, the Data Steward must still verify that the Data Maintenance and
Control Method used by the Public Cloud provider meets current City technology standards (to be written)?.
Further, ongoing provisions for meeting current City technology and security standards (to be written)? must
be included in the service contract.
Review of Public Cloud solutions must include City Technology Services and City Attorney prior to final solution
selection and purchase.
Use of personal equipment to conduct City business must comply with all guidance provided by City policies
(to be written)?.
3. Data Custodianship
Data Custodians will use Data in compliance with the established Data Maintenance and Control Method.
Failure to process or handle Data in compliance with the established method for a system will be considered a
violation of the City policies.
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 66 of 78
4. Data Usage
In all cases, Data provided to the City will be used in accordance with the Privacy Statement (to be written)
Software solutions, including SaaS solutions, are selected to manage Data and are procured, purchased and
installed in conjunction with City (to be written)
Data will be released in accordance with City (to be written). Requests for information from external agencies
(such as Freedom of Information Act requests, subpoenas, law enforcement agency requests, or any other
request for Data from an external source) must be directed to the City Attorney and processed in accordance
with existing policies.
Standards for secure file transmissions, or Data exch anges, must be evaluated by the CIO when a system other
than a City Provided Data System is selected or when a Public Cloud is utilized. Specific contract language may
be required. The City Attorney must be consulted regarding such language.
Unencrypted authorization and Data transmission are not acceptable.
Communication of Confidential Data via end-user messaging technologies (i.e., email, instant messaging, chat
or other communication methods) is prohibited
5. Storing Data
Data cannot be stored on a system other than a City Provided Data System without the advance permission of
the Data Steward and demonstrated legitimate ne ed.
Data should be stored in encrypted formats whenever possible. Confidential Data must be stored in
encrypted formats. Encryption strategies should be reviewed with City Technology Services in advance to
avoid accidental Data lockouts.
Data cannot be stored on a City-provided Computing Device unless the device is encrypted without the
advance permission of the Data Steward and demonstrated legitimate need.
Data must be stored on devices and at locations approved by Data Stewards. If information techn ology
resources (computers, printers and other items) are stored at an off-campus location, the location must be
approved by Data Stewards prior to using such resources to store City Data.
Technology enables the storage of Data on fax machines, copiers, cell phones, point-of-sale devices and other
electronic equipment. Data Stewards are responsible for discovery of stored Data and removal of the Data
prior to release of the equipment.
When approving Mobile Computing Device Usage, Data Stewards must verify that those using Mobile
Computing Devices can provide information about what Data was stored on the device (such as a cop y of the
last backup) in the event the device is lost or stolen.
In all cases, Data storage must comply with City retention policies. Data Usage in a Public Cloud system must
have specific retention standards(to be written)? written in the service contract. The City Attorney must be
consulted regarding such language.
Provisions for the return of all City Data in the event of contract termination must be included in the contract,
when Data is stored on a Public Cloud. The City Attorney must be consulted regarding such language. Current
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 67 of 78
security standards (to be written)? (such as controlled access, personal firewalls, antivirus, fully updated and
patched operating systems, etc.) will be evaluated when a system other than a City Provided Data System is
selected and must be covered in contract language. The City Attorney must be consulted regarding such
language.
Data stored on Mobile Computing Devices must be protected by current security standard methods (such as
controlled access, firewalls, antivirus, fully updated and patched operating systems, etc.).
City standard procedures (to be written) for the protection and safeguarding of Confidential Data and
Operation Critical Data must be applied equally and without exception to City Provided Data Systems, Mobile
Computing Devices and systems other than City Provided Data Systems, such as Public Cloud solution.
6. Systems and network Data
Systems and network Data, generated through systems or network administration, logs or other system
recording activities, cannot be used, or captured, gathered, analyzed or disseminated, without the advance
permission of the Chief Information Officer.
7. Value of Data
In all cases where Data are to be processed through a Public Cloud, the following assessment must be d one:
The value of the Data must be determined in some tangible way.
Signature approval from the Data Steward’s division vice president or ap propriate party with the ability to
authorize activity at the level of the value of the Data must be obtained.
8. Sanctions
Failure to follow the guidelines contained in this document will be considered inappropriate use of a City
information technology resource and therefore a violation of the City policy(to be written).
9. Data Security Breach Review Panel
A Data Security Breach Review Panel (Panel) comprised of the following members will be established:
o Chief Information Officer
o Chief of Police
o City Attorney
o Chief Privacy Officer
10. Data Loss Prevention Software
Define granular access rights for removable devices and peripheral ports and establish policies for users,
computers and groups, maintaining productivity while enforcing device security
11. Audits
All City owned equipment is subject to audit for unauthorized storage of regulated data. Devices authorized to
store regulated data are subject to audits as deemed necessary by the CIO. Reasonable prior notification of an
audit will be provided. Audit results are handled confidentially by Information Security staff and are reported
to the CIO in aggregate.
12. Mobile Devices
City owned mobile equipment will be exclusively allowed on the City’s primary network and use two factor
authentication. All personal devices must use “guest” access if provided.
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 68 of 78
How does the Surveillance Ordinance work in
practice?
Notification
•City entity
notifies PAC Chair
of its wish to
acquire new
surveillance
technology.
Report
Submission
•City entity
submits a
Surveillance
Impact Report
and proposed
Surveillance Use
Policy to the
Privacy Advisory
Commission for
its review at a
regularly noticed
meeting.
PAC
Evaluation
•PAC reviews
documentation,
works with City
entity to revise
Impact Report
and Use Policy
•Recommends
that the City
Council adopt,
modify, or reject
the proposed
Surveillance Use
Policy.
Public
Notice
•City Council
provides public
notice that will
include the
Surveillance
Impact Report,
proposed
Surveillance Use
Policy, and
Privacy Advisory
Commission
recommendation
at least fifteen
(15) days prior to
the public
hearing.
Public
Hearing
•City Council
determination: 1)
benefits to the
community
outweighs the
costs; 2) proposal
will safeguard
civil liberties and
civil rights; and 3)
no alternative
with a lesser
economic cost or
impact on civil
rights or civil
liberties would be
as effective.
Process for city to acquire or use a surveillance technology
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 69 of 78
Technology and Privacy Advisory Task Force
Meeting Summary
September 12, 2022
Task Force members present: City staff and consultants present:
Mae Case
Petrina Branch
Rafal Jankowski, Co-Chair
Art Pacheco
Pedro Rios
Sophia Rodriguez, Chair
Patricia Ruiz
Charles Walker
Maria Whitehorse
Adrianna Hernandez
Dennis Gakunga
Anne Steinberger
Glen Googins
Jeremy Ogul
Kyle Alderman
Task Force members absent:
Carlos De La Toba
Dominic LiMandri
Lucia Napolez
1. CALL TO ORDER
Co-Chair Jankowski called the meeting to order at 6:05 p.m.
2. ROLL CALL
Adrianna Hernandez called the roll.
3. PUBLIC COMMENTS
Public comments were received from James Zuffoletto, Nicolas Paul, Nancy Relaford, and Norell
Martinez.
Written public comments were distributed from the following individuals: Jason Essex, Steve
Goldkrantz, Seth Hall, James Zuffoletto, Robert Johnson, John Richeson, David Stucky, Gina
Velasco, Eric Wood, and Margaret Baker.
4. BUSINESS ITEMS
4.1. Receive and file meeting summaries
Jeremy Ogul announced that the meeting summaries from August 15 and August 22 would be
delayed to a future meeting.
5. WORK SESSION
5.1. Work Session #5
Task force members continued their discussion of the draft policy recommendations, with each
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 70 of 78
member being given the opportunity to offer changes or additions to the recommendations. Through
discussion and deliberation, a list of requested changes was developed as follows:
1. Establish a set of guiding principles to accompany the recommendations
a. Add a statement that ordinances should be adopted to implement some of these
recommendations
2. Add a statement expressing the urgency of establishing the Privacy Advisory Board
3. Add the process for public disclosure similar to the chart provided
4. Add a statement expressing the importance of accepting the recommendations as a whole
5. Work on definitions, including privacy impacting technology, privacy implications
6. Add a recommendation to establish a preference for US-made technology acquisitions where
possible
7. Add a recommendation to require an annual surveillance report for selected technologies
8. Add a recommendation to require an impact report for privacy-impacting technology
9. Add a recommendation to establish whistleblower protections for violations of privacy
protections
10. Add a requirement for public education meetings before acquisition as part of public notice
process
11. Add the word “ongoing” to PAB
12. Revise the data breach notification recommendation (#21) to limit immediate disclosure only
to affected individuals, comply with all applicable laws, and provide a general public
notification once situation is fully resolved. Model the requirement after existing state law.
13. Refine the wording of Recommendation #11 to address city staff concerns about silos,
possibly by limiting it to access to “sensitive resident data”
14. Add a recommendation that a minimum set of conditions be met before City Council
approves a technology, such as a judgment that the benefits outweigh the risks, and that no
better alternative exists
Task force members agreed to form the following ad-hoc subcommittees to further elaborate on some
of the requested changes:
Guiding principles: Member Case, Member Whitehorse
Definitions: Member Walker, Co-Chair Jankowski, Member Rios
Conditions for Council approval: Member Pacheco
Public education meetings: Chair Rodriguez
Glen Googins, Adrianna Hernandez, responded to questions from task force members and provided
additional information on various subjects.
Seth Hall provided comments at the request of Chair Rodriguez.
6. ADDITIONAL PUBLIC COMMENTS
Additional public comments were received from Seth Hall.
7. STAFF COMMENTS
None.
8. TASK FORCE MEMBER COMMENTS
None.
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 71 of 78
9. ADJOURNMENT
Chair Rodriguez adjourned the meeting at 9:06 p.m.
- Meeting summary prepared by Jeremy Ogul
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 72 of 78
Technology and Privacy Advisory Task Force
Meeting Summary
August 22, 2022
Task Force members present: City staff and consultants present:
Mae Case
Carlos De La Toba
Rafal Jankowski, Co-Chair
Dominic LiMandri
Lucia Napolez
Art Pacheco
Pedro Rios
Sophia Rodriguez, Chair
Patricia Ruiz
Maria Whitehorse
Adrianna Hernandez
Dennis Gakunga
Anne Steinberger
Glen Googins
Jeremy Ogul
Kyle Alderman
Task Force members absent:
Petrina Branch
Charles Walker
1. CALL TO ORDER
Chair Rodriguez called the meeting to order at 6:06 p.m.
2. ROLL CALL
Adrianna Hernandez called the roll.
3. PUBLIC COMMENTS
Public comments were received from Norell Martinez.
Written public comments were distributed from Roman Covarrubias and Margaret Baker.
4. WORK SESSION
4.1. WORK SESSION #4
Adrianna Hernandez read a written statement from City Manager Maria Kachadoorian.
Chair Rodriguez asked Hernandez to convey a request to Kachadoorian that any city feedback on the
task force recommendations be provided a week in advance of the meeting. Hernandez agreed to
communicate that request.
Jeremy Ogul led task force members in an informal poll process to rate each task force member’s
level of agreement with each draft policy recommendation.
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 73 of 78
Based on the informal poll, task force members proceeded with a discussion of the recommendations
that had the highest levels of disagreement, made changes to those recommendations, and then took a
new informal poll on each of the revised recommendations.
Dennis Gakunga and Anne Steinberger answered questions from the task force regarding the City’s
Data Governance Committee.
Member Case moved to remove law enforcement experience as a required qualification for at least
one member of the proposed Privacy Advisory Board. The motion was seconded by Member Ruiz.
The motion passed unanimously.
An e-comment was received from Nancy Relaford.
5. ADDITIONAL PUBLIC COMMENTS
None.
6. STAFF COMMENTS
None.
7. TASK FORCE MEMBER COMMENTS
None.
8. ADJOURNMENT
The meeting was adjourned at 9:38 p.m.
- Meeting summary prepared by Jeremy Ogul
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 74 of 78
CHULA VISTA, CA
Technology & Privacy Advisory Task Force
Closing Comments Next Steps
September 26, 2022 Technology & Privacy Advisory Task Force -Closing Comments
September 26, 2022
2022-09-26 Technology & Privacy Advisory Task Force Agenda Page 75 of 78
CHULA VISTA, CA
Securing important public input
•10 Task Force Meetings –open to the
public (April –Sept)
•Live stream, e-comments, in-person
•Dedicated website for public access
•Agendas, meeting minutes, presentations
•Public Opinion Survey of 600
Chula Vista Residents (Mar. 21 –31st)
•Six Public Opinion Focus Groups, including
two in Spanish (July)
•Two interactive community outreach
meetings (July 27th & 28th)
September 26, 2022 Technology & Privacy Advisory Task Force -Closing Comments 22022-09-26 Technology & Privacy Advisory Task Force Agenda Page 76 of 78
CHULA VISTA, CA
We’ve come a long way
•Six months information gathering, collaboration, and deliberation (April –September)
•10 Public Task Force Meetings, including 6 Work Sessions
•Participation with City Manager and City Attorney Staff
•Briefings from 12 City departments/divisions
•Tour of Police Department Operations, Traffic Management Center
•Two community outreach meetings
•More than 50 hours together
–THANK YOU!
September 26, 2022 Technology & Privacy Advisory Task Force -Closing Comments 32022-09-26 Technology & Privacy Advisory Task Force Agenda Page 77 of 78
CHULA VISTA, CA
What happens next
•City manager will review and analyze
task force recommendations
•City staff and City attorney develop
draft policy
•Presentation to City Council in
November
•Establishment of Privacy Advisory
Board in 2023
September 26, 2022 Technology & Privacy Advisory Task Force -Closing Comments 42022-09-26 Technology & Privacy Advisory Task Force Agenda Page 78 of 78