The study also points out, in a number of places, limitations of the technology, based on response activities and envronmental factors. it’s worth a read, here is the table of contents; you can read the document here Automated Detection and Prevention of Disorderly and Criminal Activities:

 Table of Contents

• 1 Abstract
• 2 Executive Summar
• 2.1 Data Collection
• 2.2 Crime Detection and Prevention
• 2.3 System Evaluation and Feedback
• 2.4 Law Enforcement Relevance and Impact
• 2.5 Dissemination of Research Results
• 2.6 Next Steps
• 3 Introduction
• 4 Data Sets and Data Collections 17
• 4.1 GE Global Research Collection
• 4.2 Airport and “Behave” Data
• 4.3 Mock Prison Riot Data
• 4.3.1 Venue
• 4.3.2 Installation
• 4.3.3 Camera Views
• 4.3.4 Calibration
• 5 Motion and Crowd Pattern Analysis 25
• 5.1 Multi-camera Multi-target Tracking
• 5.2 Detection and Tracking of Motion Groups
• 5.3 Counting and Crowd Detection
• 5.4 Simple Group-Level Events
• 5.5 Group Interaction Model
• 5.6 Group Formation and Dispersion
• 5.7 Agitation and Fighting
• 5.8 Advanced Aggression Detection
• 5.8.1 Feature Tracking
• 5.8.2 Motion Analysis
• 5.8.3 Motion Classification and Clustering
• 5.8.4 Results
• 6 Identity Management
• 6.1 PTZ Camera Control
• 6.1.1 Introduction
• 6.1.2 Related Work
• 6.1.3 Experiments
• 6.1.4 Discussions
• 6.2 Identity Maintenance
• 7 Social Network Estimation
• 7.1 Introduction
• 7.2 Experiments
• 7.3 Conclusions
• 8 Data Collection and System Testing at Mock Prison Riot 2009
• 8.1 Collection and Testing Approach
• 8.2 IRB Approval
• 8.3 Collected Video Data
• 8.4 Mock Prison Riot Detection and Tracking
• 8.5 PTZ Control
• 8.6 Behavior and Event Recognition
• 8.6.1 Meeting / Approaching / Contraband Exchange
• 8.6.2 Aggression Detection
• 8.6.3 Fast Movement
• 8.6.4 Distinct Group Detection
• 8.6.5 Flanking Detection
• 8.7 Performance Evaluation
• 8.7.1 Sequence “Utah Leader Attack” (Nr. 00)
• 8.7.2 Sequence “Utah Leader Attack 2” (Nr. 01)
• 8.7.3 Sequence “Gang Killing other Gang” (Nr. 02)
• 8.7.4 Sequence “Gang Killing other Gang 2” (Nr. 03)
• 8.7.5 Sequence “Gang Killing other Gang 3 – Unrehearsed” (Nr. 04)
• 8.7.6 Sequence “Aborted Attack” (Nr. 05)
• 8.7.7 Sequence “Aborted Attack 2” (Nr. 06)
• 8.7.8 Sequence “Gang Argument – Prisoners get attacked” (Nr. 07)
• 8.7.9 Sequence “Gang Initiation” (Nr. 08)
• 8.7.10 Sequence “Contraband Exchange” (Nr. 09)
• 8.7.11 Sequence “Multiple Contraband Exchange” (Nr. 10)
• 8.7.12 Sequence “Contraband with Fight” (Nr. 11)
• 8.7.13 Sequence “Blended Transaction” (Nr. 12)
• 8.7.14 Sequence “Shanking followed by Leaving” (Nr. 13)
• 8.7.15 Sequence “Gang Hanging Out Followed By Several Fights” (Nr. 14)
• 8.7.16 Sequence “Fight Followed by Guards Leading Offender Off” (Nr. 15)
• 8.7.17 Sequence “Fight Followed by Guards Leading Offender Off” (Nr. 16)
• 8.7.18 Sequence “Contraband – Officer Notices” (Nr. 17)
• 8.7.19 Sequence “Argument Between Gangs – Officer Assault” (Nr. 18)
• 8.7.20 Sequence “Contraband exchange followed by guard searching inmates” (Nr. 19)
• 8.7.21 Sequence “Prisoner being attacked and guard intervening” (Nr. 20)
• 8.7.22 Sequence “Fight breaking out between gang members and officers breaking it up” (Nr. 21)
• 8.7.23 Sequence “Fight between gangs. Guards breaking fight up” (Nr. 22)
• 8.7.24 Sequence “Fight between gangs. Guards breaking fight up” (Nr. 23)
• 8.7.25 Sequence “Gangs fighting. Guards breaking fight up.” (Nr. 24)
• A Public Dissemination
• B Reviews and Meetings
• B.1 Technical Working Group Meeting
• B.2 Kick-Off Meeting at NIJ
• B.3 Sensor and Surveillance Center of Excellence Visit
• B.4 2008 Technologies for Critical Incident Preparedness Expo (TCIP)
• B.5 Mock Prison Riot 2009
• B.6 IEEE Conference on Computer Vision 2009
• C Mock Prison Riot Data
• C.1 Data Recorded while Processing
• C.2 Sequences Processed in Detail
• C.3 Data Recorded without Processing
• D Techinical Details of the PTZ Camera Control
• D.1 Problem Formulation
• D.2 Objective Function
• D.2.1 Quality Measures
• D.2.2 Quality Objective
• D.2.3 Temporal Quality Decay
• D.3 Optimization
• D.3.1 Asynchronous Optimization
• D.3.2 Combinatorial Search
• E Techinical Details of Social Network Analysis 110
• E.1 Building Social Network
• E.1.1 Face-to-Track Association via Graph-Cut
• E.2 Discovering Community Structure via Modularity-Cut
• E.2.1 Dividing into Two Social Groups
• E.2.2 Dividing into Multiple Social Groups
• E.2.3 Eigen-Leaders

Before I get into the story it, let me be v-e-r-y clear…I am NOT here to debate the effectiveness or morality of red-light/speed enforcement systems, nor am I here to cast dispersions on any of the organizations involved in the press release…this blog posting is strictly about using the Gatso press release to emphasize a point about security and privacy - when we engage in innovative law enforcement technology solutions, we need to take extra care to adequately address the security and privacy of personally identifiable information.

Here’s the press release from Gatso-USA:

GATSO USA Forms Unique, Strategic Partnership with Nlets

Earlier this month, GATSO USA was approved as a strategic partner by the Board of Directors of the National Law Enforcement Telecommunications System (Nlets). Nlets is….general narrative about NLETS was deleted. The approval of GATSO is an exciting first for the photo-enforcement industry.

Nlets will be hosting GATSO’s back office and server operations within the Nlets infrastructure. GATSO will have access to registered owner information for all 50 states plus additional provinces in Canada. The strategic relationship has been described as a “win-win” for both organizations.

From Nlets’ perspective, there are key benefits to providing GATSO with hosted service. Most importantly, it virtually guarantees personal data security. Due to this extra step of storing personal data behind the DMV walls of Nlets, the public can be assured that security breaches — such as the recent incident with PlayStation users — are avoided.

From GATSO’s perspective, hosting the system with Nlets will provide a ruggedized, robust connection to comprehensive registered owner information — without the security issues faced by other vendors in this industry. Nlets was created over 40 years ago…more stuff about NLETS was deleted).

The main points I took away from this press release were:

1. Nlets is going to host the back-end server technology that GATSO needs to look up vehicle registration information of red-light runners;
2. Gatso is going to have access to vehicle registration information for all vehicles/owners in ALL 50 states in the U.S. and (some) provinces in Canada; and
3. And, because it’s behind Nlets firewalls, security is not an issue.

Again, please don’t call me a party-pooper as I am a huge advocate for finding innovative ways to use technology to make law enforcement’s job easier. However, I am also painfully aware (as many of you are) of the many security and privacy related missteps that have happened over the last few years with technology efforts that meant well, but didn’t do enough to make sure that they covered the bases for security and privacy matters. These efforts either had accidental leakage of personal information, left holes in their security posture that enables direct attacks, or created opportunities for nefarious evil-doers with legitimate access to use that access to sensitive information for other than honorable purposes.

After I read the press release, I thought that it would be a good case-study for the topic of this blog - it involved innovative use of technolgy for law enforcement, a psuedo-government agency (Nlets), two foreign-owned private companies, and LOTS of PII sharing - some might even say it had all the makings of a Will Smith movie.

To help set the stage, here are a few facts I found online:

• Gatso-USA is a foreign company, registered in New York State, operating out of Delaware; its parent company is a Dutch company, GATSOmeter BVGatso.
• Gatso does not appear to vet all of the red-light/speed violations itself; it uses another company – Redflex Traffic Systems to help with that (Redflex is not mentioned in the press release).
• Redflex seems to be a U.S. company, but it has a (foreign) parent company based in South Melbourne, Australia.
• Finally, there are no-sworn officers involved in violation processing. Red-light/speed enforcement cameras are not operated by law enforcement agencies; they outsource that to Gatso, who installs and operates the systems for local jurisdictions (with Redflex) for free, (Gatso/Redflex is given a piece of the fine for each violation).

There are no real surprises here either; there are many foreign companies that provide good law enforcement technologies to jurisdications across the U.S., and outsourcing traffic violations is not new…BUT what is new here is that a sort-of-government agency (Nlets), has now provided two civilian companies (with foreign connections) access to Personally Identifiable Information (PII) (vehicle registrations) for the entire U.S. and parts of Canada…should we be worried?

Maybe; maybe not. Here are nine questions I would ask:

1. Personnel Security: Will Nlets have a documented process to vet the U.S. and overseas Gatso and Redflex staff who will have access to this information through direct or VPN access to Nlets systems?
2. Data Security: Will Gatso or Redflex maintain working/test copies of any of the registration information outside of the Nlets firewall? If so, are there documented ways to make sure this information is protected outside the firewall?
3. Data Access: Will Gatso/Redflex have access to the entire registration record? or, will access be limited to certain fields?
4. Code Security: Will any of the code development or code maintenance be done overseas in the Netherlands or Australia? If so, will all developers be vetted?
5. Network Security: Will overseas developers/site suport staff have access to the data behind Nlets firewalls? What extra precautions will be taken to protect Nltes systems/networks from abuse/attack?
6. Code Security: Will Nlets conduct any security testing on code loaded on the servers behind their firewalls?
7. Stakeholder Support: Have all 50 U.S. states, and provinces in Canada, been made aware of this new information sharing relationship? Do they understand all of the nuances of the relationship? And, are they satisfied that their constituents personal information will be protected?
8. Audit/Logging: Will all queries to vehicle registration information logged? Is someone checking the logs? How will Nlets know if abuses of authorized access are taking place?
9. Public Acceptance: How do states inform their constituents that their personal vehicle registration information is being made available to foreign owned company? Will they care?

How these questions are answered will determine whether or not we should worry…

Did I miss any other important questions?

Beyond this particular press release and blog posting, I suggest that you consider asking these kinds of questions whenever your agency is considering opening/connecting its data systems to outside organizations or private companies—it may just prevent your agency from becoming a headline on tonights news, like St. Louis –> St. Louis Police Department computer hacked in cyber-attack .

The bottom-line is that whenever you take advantage of opportunities to apply innovative technologies to public safety, make sure that you cover ALL the bases to protect your sensitve data and PII from leakage, direct attacks, or misuse and abuse.

As always, your thoughts and comments are welcome.

r/Chuck

• Chester Ho, a naturalized U.S. citizens, was arrested after stealing the plant cell culture technology from Bristol-Myers Squibb–nearly $15 million loss
• Hwei-Chen Yang was arrested after stealing adhesive trade secrets from Avery Denison–nearly $60 million loss
• Yonggang Min walked out the door of Dupont with more than 16,000 documents from DuPont’s electronic library–nearly $600 million loss

While the Rosenbergs, Ames and Hanssen were guilty of National Security Espionage, Ho, Yang and Min were clearly engaged in Economic Espionage, or “the act of theft or misappropriation of (commercial) trade secrets.” What makes this particularly significant is the fact that the potential for economic espionage exists in virtually every corner of our way of life–government agencies, small companies, large corporations, colleges, universities, overseas research and development laboratories, and economic espionage is largely driven by one of three motives:

1. Profit;
2. Patriotism to home country; or
3. Desire to achieve academic/scientific notoriety.

While the majority of the threat can come from any of the 108 countries actively seeking to collect information about American innovations, and (a sub-set) of the 30,000,000 non-immigrant visitors to our nation every year, the threat can also come from within; companies in like sectors would love to know what the others in that sector are working on–new prescription drug? Next Ipod? Alternative fuel technologies?

So, who can threaten your innovations and intellectual property?

• Insider threats–people working for you;
• People and companies that you partner with;
• Subcontractors providing services
• University students doing research for you;
• Visitors that have an interest in what you do; or
• Competitors who seek to do you harm.

Interesting side note:  75% of the 40 proprietary and confidential information thefts studied between 1996 and 2002 by Carnegie Mellon’s CERT program in a July 2006 study were committed by current employees. Of those current employees committing intellectual property thefts, 45% had already accepted a job offer with another company. “In between the time they have another offer and the time they leave is when they take the information”

At the end of the day, you (and your organization’s leaders) are responsible for the survival of your organization, and only you can really know “Who’s in Your House” and what they are doing. The other way to put it is that if something bad happens, only you will be standing there explaining to your board of directors and shareholders what happened.

So what can you do to protect yourself? I suggest five key strategies:

• Ask the right questions;
• Do the math;
• Trust, but verify;
• Use the velvet rope and black cloth; and
• Educate, communicate and reward.

1. Ask the Right Questions

Corporate presidents and CEOs should regularly ask their security officers the following five questions:

1. What technologies/projects are most at risk?
2. Why are others interested in it?
3. Who are the specific threats?
4. Where are the vulnerabilities?
5. How are we stopping them from getting it?

Establish a good idea of what an adversary might be after, why they’re after it, and what your organization is doing to protect it from compromise. For larger organizations, with many projects, you should go through this exercise with each program/product.

2. Do the Math

You cannot protect everything, so develop a strategy to identify and protect those projects and technologies that can cause the most dire consequences to your bottom line. I suggest dividing up your organization’s projects/products into three piles.

• Pile One = those projects that the future of your company rests on or those that you risk jail time for compromise;
• Pile Two = Those projects that are important, but expendable; and
• Pile Three = Those projects that are commodities or already in the open source.

 Here is some sample criteria to help you decide which pile a project may belong in:

Sample Criteria for Pile One

• Classified or sensitive national security project
• New research and development effort
• Loss would mean significant loss of revenue and new CEO

Sample Criteria for Pile Two

• Company future doesn’t hinge on product survival
• No significant IP or trade secrets involved
• Product at the middle of “S” curve

Sample Criteria for Pile Three

• No IP or trade secrets involved
• Commodity type product or service; top of the “S” curve
• Already in the public domain

Remember: Focus on Pile One FIRST–do not be tempted to go after the low-hanging furit in piles two or three.

To be continued…In Part 2 of 2, I’ll finish with Key Strategies 3, 4 and 5.

As always, comments and houghts are welcome.

Chuck Georgo, chuck@nowheretohide.org

Chuck has served as a strategic planner, business analyst, and technologist for the National Security Agency, Federal Bureau of Investigation, Department of Homeland Security, Naval Criminal Investigative Service, Naval Security Group, Illinois State Police, and many other public and private sector organizations. He helped these agencies to develop meaningful strategies, to implement innovative technologies, and to assess their success towards achievement of desired public safety and homeland security results. He currently serves as Executive Director for NOWHERETOHIDE.ORG, First Vice President of the InfraGard Maryland Members Alliance, and Chairman, IJIS Institute Security and Privacy Committee.

It’s no secret, the National Information Exchange Model (NIEM) is a huge success.  Not only has it been embraced horizontally and vertically for law enforcement information sharing at all levels of government, but it is now spreading internationally.  A check of the it.ojp.gov website lists more than 150 justice-related Information Exchange Package Documentation (IEPD) based on NIEM–it’s been adopted by N-DEX, ISE-SAR, NCIC, IJIS PMIX, NCSC, OLLEISN, and many other CAD and RMS projects. 

For at least the last four years, Search.org has been maintaining the Justice Information Exchange Model (JIEM) developed by Search.org.  JIEM documents more than 15,000 justice information exchanges across  9 justice processes, 75 justice events, that affect 27 different justice agencies. 

So if JIEM establishes the required information exchanges required in the conduct of justice system business activities, and NIEM defines the syntactic and semantic model for the data elements within those justice information exchanges…then…

Wouldn’t it make sense for JIEM exchanges to call-out specific NIEM IEPDs?

And vice-versa, wouldn’t it make sense for NIEM IEPDs to identify the specific JIEM exchanges they correspond to?

Here’s a diagram that illustrates this…

Let me know what you think..

r/Chuck

chuck@nowheretohide.org - www.nowheretohide.org

While I disagree with their assertion that “legal limits” are the answer (we already have lots of laws governing the protection of personal privacy and civil liberties), I do think that more can be done by fusion center directors to prove to groups such as the ACLU that they are in-fact operating in a lawful and proper manner.

To help a fusion center director determine their level of lawful operation, I’ve prepared the following ten question quiz.  This quiz is meant to be criterion based, meaning that ALL ten questions must be answered “yes” to pass the test; any “no” answer puts that fusion center at risk for criticism or legal action.

Fusion Center Privacy and Security Quiz

1. Is every fusion center analyst and officer instructed to comply with that fusion center’s documented policy regarding what information can and cannot be collected, stored, and shared with other agencies?
2. Does the fusion center employ a documented process to establish validated requirements for intelligence collection operations, based on documented public safety concerns?
3. Does the fusion center document specific criminal predicate for every piece of intelligence information it collects and retains from open source, confidential informant, or public venues?
4. Is collected intelligence marked to indicate source and content reliability of that information?
5. Is all collected intelligence retained in a centralized system with robust capabilities for enforcing federal, state or municipal intelligence retention policies?
6. Does that same system provide the means to control and document all disseminations of collected intelligence (electronic, voice, paper, fax, etc.)?
7. Does the fusion center regularly review retained intelligence with the purpose of documenting reasons for continued retention or purging of outdated or unnecessary intelligence (as appropriate) per standing retention policies?
8. Does the fusion center director provide hands-on executive oversight of the intelligence review process, to include establishment of approved intelligence retention criteria?
9. Are there formally documented, and enforced consequences for any analyst or officer that violates standing fusion center intelligence collection or dissemination policies?
10. Finally, does the fusion center Director actively promote transparency of its lawful operations to  external stakeholders, privacy advocates, and community leaders?

Together, these ten points form a nice set of “Factors for Transparency” that any fusion center director can use to proactively demonstrate to groups like the ACLU that they are operating their fusion center in a lawful and proper manner. 

As always, your thoughts and comments are welcomed…r/Chuck

While we eagerly wait to see how our 44th President translates these memorable election mottos into tangible projects for rebuilding our nation’s infrastructure, one colleague of mine, Charles Jennings, CEO of Swan island Networks stepped up and laid out eleven very forward leaning “shovel-ready” ideas for investing in America’s “virtual” infrastructure.  Below I point out three of Charles’ ideas that have a direct impact on law enforcement and public safety,; and include some personal thoughts.

- National Information Exchange Model (NIEM) – Let’s speed-up development and implementation of NIEM; this is critical for expediting law enforcement and homeland security information sharing programs such as N-DEx, LInX, ISE-SAR, and others.

- Rural Broadband – While this is good for our ecomomy, it’s VERY good for small rural law enforcement agencies, many of which who still do not have decent internet access.

- State/Local/Tribal Clouds – While this is good for agencies of any size, this will (again) benefit the smaller law enforcement agencies who don’t have the time, expertise, or resources to be in the “IT” business; shared-services using in-the-cloud strategies can bring advanced capabilitis to these agencies very quickly.

You can see Charles’ paper in its entirety here –> http://www.swanisland.net/solutions/Shovel-Ready.pdf

As always, your thoughts and comments are welcomed…r/Chuck

Let me first layout the agency landscape :

• There are about 14,000 state and local law enforcement agencies;
• In roughly 3,000 counties;
• That make up the 50 states of our great nation.

Now let’s layout the funding landscape:

• For 2008 the Department of Homeland Security (DHS) allocated $3,200,000,000 (billion) for state and local assistance grants;
• In that same year, the Department of Justice (DOJ) made another $2,000,000,000 available;
• For 2008 that’s a total of $4,200,000,000;
• For 2007 that number was $4,500,000,000;
• For 2009, we are hoping that number stays about the same or goes even higher.
• To all these numbers you must add funding from the Department of Defense, Department of Transportation, Department of Health and Human Services, or State funding sources for LEIS.

Finally, let me lay out the cost landscape for LEIS:

• In my eight or so years of experience of building and deploying LEIS, I’ve seen the costs associated with hooking up an agency to vary between $5,000 and $80,000 per record system connection;
• On average though, I feel the safer number is between about $20,000 and $40,000;
• For arguments sake, let’s use the high number of $40,000.

Now comes the fun part…let’s do some math…

• To be realistic, let’s say that 25% of the 14,000 agencies are already sharing information;
• That leaves about 10,000 agencies left to connect;
• At $40,000 an agency, we would need a total of $560,000,000 (Million);
• Divide that by the 3,000 counties, and we will need about $190,000 per county;
• If we do this over three years, that’s only $63,000 per county, per year for three years!

With (on average) every county getting about $1,400,000 every year for law enforcement and public safety (out of the $4.2 Billion allocated annualy), I would like to think that we (collectively) can see the benefits of LEIS enough to spare $63,000  a year for three years to get it done.

Here’s where the issue of choices and priorities comes in.  If we can agree that the money IS there, what we really need to work on are ways to convince the policymakers and law enforcement exectutives in those counties that investing a little in LEIS is a better investment than whatever it is their currently spending their part of the $4,200,000,000 on.  Do you agree?

I’d also like to know what role youthink the IACP, MCC and NSA would play here?

Thoughts and comments invited…and yes, I used a calculator…;-)

r/Chuck Georgo

The IJIS Institute announces the appointment of Chuck Georgo, founder of NOWHERETOHIDE.ORG, as the Chairperson of the IJIS Institute’s Security and Privacy Advisory Committee. 

The purpose of the IJIS Institute’s Security and Privacy Advisory Committee is to provide advice and counsel to the Department of Justice’s Office of Justice Programs (OJP), as well as other national organizations, on issues of information system security and privacy as applied to integrated justice and public safety information systems, and to develop materials and seminars to educate industry and government staffs on security and privacy measures, designs, and related issues. 

The Security and Privacy Advisory Committee strives to be vendor agnostic in all activities and work products and to be the authoritative source for establishing effective privacy and security measures throughout the justice, public safety, and homeland security information sharing community. Additionally, the committee’s goals include increasing government and industry awareness and understanding of technical and non-technical privacy and security requirements and improving the privacy and security posture for federal, state, local, and tribal justice information sharing efforts. In order to achieve these goals, the committee performs research, issues white papers, develops and conducts training, participates in advisory working groups, and supports technical assistance projects.

Chuck Georgo, regarding his appointment, noted that, “Successful information sharing requires trust. I believe that to get trust you need two things—honorable motive and reliability. Organizations must know that your motives benefit the social good and that your means to protect shared information from compromise is achievable and durable. While honorable motive is in the hands of law enforcement and justice agency executives, I believe that the IJIS Institute, through the Security and Privacy Advisory Committee, can help government and industry to employ effective ways for achieving the reliable means to protect that information. I look forward to working with my fellow committee members to further advance the cause of information sharing through robust security and privacy principles and practices.” 

Chuck Georgo has nearly 28 years of experience in intelligence, national security, defense, and law enforcement arenas. He has served as a strategic planner, business analyst, and technologist supporting the National Security Agency, Federal Bureau of Investigation, Department of Homeland Security, Naval Criminal Investigative Service, Naval Security Group, and many other public and private sector organizations. 

# # #

About the IJIS Institute — The IJIS Institute serves as the voice of industry by uniting the private and public sectors to improve mission critical information sharing for those who protect and serve our communities. The IJIS Institute provides training, technical assistance, national scope issue management and program management services to help government fully realize the power of information sharing. Founded in 2001 as a 501(c)(3) non-profit corporation with national headquarters on the George Washington University Virginia Campus in Ashburn, Virginia, the IJIS Institute has grown to more than 240 member and affiliate companies across the United States. For more information visit www.IJIS.org.

About NOWHERETOHIDE.ORG – NOWHERETOHIDE.ORG, LLC, was established to help federal, state, and local law enforcement, justice, and homeland security agencies to better achieve their public safety and national security objectives. As our name implies, we want to help these agencies become so effective that criminal elements have nowhere-to-hide from justice. We offer planning, assessment, and technology consulting services to help law enforcement, justice, and national security agencies identify and resolve the issues that currently stand in the way of achieving high performance standards. For more information visit www.nowheretohide.org.

I think we can take a lesson from Tom and the OMB and begin using a formal framework for evaluating the level of implementation and real-world results of the many Law Enforcement Information Sharing projects around the nation.  Not for any punitive purposes, but as a proactive way to ensure that the energy, resources, and political will continues long enough to see these projects achieve what their architects originally envisioned. 

I would like to propose that the evaluation framework be based on six “Standards for Law Enforcement Information Sharing” that every LEIS project should strive to comply with; they include:

1. Active Executive Engagement in LEIS Governance and Decision-Making;

2. Robust Privacy and Security Policy and Active Compliance Oversight;

3. Public Safety Priorities Drive Utilization Through Full Integration into Daily Operations;

4. Access and Fusion of the Full Breadth and Depth of Regional Data (law enforcement related);

5. Wide Range of Technical Capabilities to Support Public Safety Business Processes; and

6. Stable Base of Sustainment Funding for Operational and Technical Infrastructure Support.

My next step is to develop scoring criteria for each of these standards; three to five per standard, something simple and easy for project managers and stakeholders to use as a tool to help get LEIS “done.”

I would like to what you think of these standards and if you would like to help me develop the evaluation tool itself…r/Chuck

Chuck Georgo
chuck@nowheretohide.org
www.nowheretohide.org