STATE OF MARYLAND GOVERNOR'S OFFICE OF CRIME CONTROL & PREVENTION

Transcription

1 NGA Center for Best Practices' Next Generation Justice Information Sharing Policy Academy Application December 9, 2011 STATE OF MARYLAND GOVERNOR'S OFFICE OF CRIME CONTROL & PREVENTION TEAM LEADER: Kristen Mahoney Executive Director Governor's Office of Crime Control & Prevention 300 E. Joppa Road, Suite 1105 Towson, MD Fax FISCAL AGENT: Carol Mackowiak Chief of Budget and Finance Governor's Office of Crime Control & Prevention 300 E. Joppa Road, Suite 1105 Towson, MD goccp.state.md.us

2 The Maryland Coordination & Analysis Center (MCAC) houses one of Maryland's most innovative statewide data sources: a growing statewide network of License Plate Recognition (LPR) systems. LPR systems are cameras that convert a picture of a vehicle's license plate into computer readable data that can be matched against stolen vehicles or wanted persons databases. When a match occurs, the system alerts law enforcement so that prompt action can be taken. Historically LPRs have been viewed as tools for stolen vehicle identification and enforcement. Taken to the next level, statewide networking of LPR technology maximizes use of license plate data for tracking trends of illegal activity cross-border, expanding the relevance of the data into {I areas of impact such as guns, gangs, and property investigations. Maryland has established complex governance and protocols to ensure efficiency, security, and privacy within the framework of the Governor's LPR strategy; however, in order to search license plates on the statewide system the curr-ent policy framework and technology solution puts the burden on the end user to call, or fax requests to MCAC along with a case number and the reason for the search. Essentially, end users contributing data into the statewide system cannot benefit from that partnership real-time due to Maryland's stringent policies. Scalability of the program remains an area of improvement; Maryland seeks a solution to improve user access. GLOBAL & Maryland's LPR Strategy Governor O'Malley's LPR strategy is a long-term, large scale project. To date, many phases have been completed successfully. The following GLOBAL principles are critical to existing and future phases: Independence of Information Sharing Partners- At the inception of the program governance was solid; partners from all levels and across the State came together to implement

3 the MCAC LPR System. The MCAC maintains a critical infrastructure of shared data while respecting the authority and autonomy of the contributing members. System Scalability- During project initiation a vendor and their technology suite was selected to act as the core of the MCAC LPR System. This vendor was required to work with the LPR industry to implement data sharing standards. The project was expanded, standards employed, and remote member systems, from various vendors, are deployed as part of the overall system. Diversity of Data Source Architectures- By respecting the a~tonomy of remote agencies, ~""' the project grew beyond its initial funding. The project was accommodating to multiple agencies and their vendors by disconnecting the technical standards from the policy practices so data could be transfened freely; however, usage is controlled by policy. Agility- While the technology respects the data collection process regardless of source, the technical limitations of dissemination is currently looped with policy for outside technical connections. This means the technology has not been designed to minimize the considerations necessary to protect the system. The policy needs to be compared other systems, federal and state law, and finally the privacy impact assessment needs to be reviewed to maximize the safe use of this system. Removing these considerations form the technical functions allows the project to focus on deploying national standards that provide the technical assurances policy makers need to move forward. The primary concerns are authentication, encryption, and logging, handled through the GFIPM standards. Additionally, to increase the integration with other systems beyond the Dashboard, web services based on NIEM standards will maximize the sharing environment

4 Reuse and Sharing of Assets- Reuse of the policies and practices for collection has been used to grow the system to its current size. However, the sharing with external systems will need to be documented and prepared for use in other systems that have similar goals. The MCAC and MSP have been consistent presenters at IJIS and IACP LEIM technology meetings and support the sharing of best practices. Additionally the MCAC acts as a technology core for the area. This allows for shared physical assets to reduce overall costs and leverage the purchasing power of agencies for such distributed systems. Alignment of Best Practices and Experience- With the policy for deployment of new ' systems documented and shared will come easing of new partner exposure to risks. This will also need to be done for the effort to expand the sharing beyond our current functionality. GLOBAL Standards & Maryland's Criminal Justice Dashboard (Dashboard) Within three years, the Dashboard has become Maryland's premier clearinghouse of State criminal justice data and tools. A web-based application drawing from more than 100 data sources within 22 agencies, the Dashboard gives law enforcement the real-time data they need to make fast, accurate, informed decisions in the fight against crime. The Dashboard provides unprecedented tools such as facial recognition and statewide offender mapping to over 16,000 users with existing NCIC login name and passwords. The application of GLOBAL standards to the Dashboard is precisely the next generation approach Maryland must take. As the number of data-sharing agencies continues to grow, the need to have this information shared and displayed in a consistent, uniform way on the Dashboard becomes more critical. LPR data would be the first data exchange to apply GLOBAL standards, establishing a foundation for how new and existing data sources would be shared. Currently, each data source of the Dashboard uses a custom data exchange for each agency with no consistency in how common data elements are exchanged. Standardizing the way

5 ~data elements are exchanged will greatly simplify the hundreds of interfaces that the dashbom d currently has and, more importantly, will ensure that the data is displayed in an accurate, meaningful way to law enforcement personnel. This is critical when law enforcement is depending on the accuracy of the data for the decisions that they are making daily. The source of the LPR data would be any agency that has license plate reader technology. While the data in theory would have many of the same data elements, how these data elements m e shared and displayed would need to be coordinated and agreed upon by each contributing agency. Having standards in place on how to accomplish this would. not only make it easier to cf have agencies share the data but would also ensure that the data is displayed in a consistent and meaningful way to end users. Conclusion While the project implementation, collection and consolidation of LPR data adheres to GRA Principles, the end quality of services, while critically useful, is limited in the services and sharing environments. This request is to baseline the system, compare it with similar deployments around the country, and leverage best practices and experiences to safely, pmticularly in consideration of privacy, expand access to the system for our region and beyond. Additionally, the system baseline should identify those areas where existing processes could be improved, such as the encouragement of NIEM compliant data transfers for new and existing connected systems. For new considerations, such as the expansion of the data to the Maryland Dashboard, the project seeks to expand the integrated use of NCIC/METERS authentication and identity management. By implementing GFIPM standards we can maximize our secured sharing internally and with all levels of government. Lastly, this project seeks to act as a learning environment for other state and regional systems that need assistance in deploying similar

6 technologies. The sharing of practice and policy is a basis for our partnerships leveraged through GLOBAL, IJIS, IACP, and other critical policy and technology leaders. SCOPE OF WORK Objectives: 1. Update Maryland's LPR Privacy Policy and Uniform Standards to accomplish expansion of LPR data access in compliance with current laws and Global standards 2. Develop automated solution via Maryland Criminal Justice Dashboard in compliance with current laws and Global standards 3. Execute pilot on Maryland Criminal Justice Dashboard th'\t expands LPR data access to criminal justice partners <' 1 Formally establish LPR Determine governance structure for LPR Advisory March2012 Advisory Committee Committee within MCAC's new role. Review within MCAC/Maryland current members and add new members as State Police appropriate for LPR expansion phase. Advisory Committee Review current LPR general order, privacy policy, April2012 Meeting I and national cases pending on security and privacy issues. Discuss legal limitations and potential criteria required to filter automated search requests. Discuss nexus between DPSCS automated solution and MCAC audit process. Advisory Committee DPSCS to propose interface options for LPR April2012 Meeting II searches on Dashboards as well as programming issues to consider based on Advisory Meeting I policy discussions. Committee reviews first drafts of updated privacy policy and unified operating procedures. Advisory Committee Review final drafts of privacy policy and unified May2012 Meeting III operating procedures. MCAC Drafts New Draft new general order to align with Policy May-June General Order Institute and Committee decisions Advisory Committee Reviews final general order pending sign-off by July 2012 Meeting IV Office of Attorney General, Superintendent of Maryland State Police and Anti-Terrorism Advisory Council Executive Committee (ATAC)

7 Dashboard Development Dashboard Pilot DPSCS development status and troubleshooting. Complete programming to integrate LPR data on Dashboard according to security and privacy protocols. Pilot Dashboard solution between MCAC and select local agencies June- September 2012 September- October 2012 Performance Measures: Completed Privacy Policy Completed Uniform Standards Completed and approved General Order Development of Dashboard solution Pilot of Dashboard solution o #searches o #matches o # anests TEAM MARYLAND Kristen Mahoney Executive Director Governor's Office of Crime Control & Prevention kmahoney@gov.state.md.us Michael B. Roosa Chief Information Officer Maryland State Police ( 410) mroosa@mdsp.org David Engel Executive Director Ronald C. Brothers, Chief Information Officer Maryland Coordination & Analysis Center Department of Public Safety & Correctional Ambassador Road Services Winsor Mill, MD (410) rbrothers@ dpscs.state.md. us den Kristen Mahoney (Team Leader) serves as Governor O'Malley's key criminal justice policy advisor. As the Executive Director of GOCCP, she administers over $100 million in federal and State grant funds annually to improve public safety in Maryland. Ms. Mahoney initiated the Governor's LPR

8 Strategy, serves on the LPR Advisory Committee, and has administered over $6 million in grant funding since 2007 to support LPR technology and establish the Maryland Criminal Justice Dashboard. David Engel joined MCAC as Executive Director in October 2011 after a career specializing in intelligence sharing at the Baltimore City Police Department. Mr. Engel will be responsible for establishing the LPR Executive Committee within MCAC and promulgating policies and procedures that retain legal compliance, security, and privacy as Maryland expands LPR data accessibility. Ronald C. Brothers is the creator of the Maryland Criminal Justice Dashboard, the fundamental public safety component of Governor Martin O'Malley's Security Integration Initiative, Maryland's commitment to making State data accessible across all levels of governilj.~nt. Mr. Brothers has established solid information sharing partnerships across agencies to deliver user-friendly data to local, State, and fedetal criminal justice professionals. Mr. Brothers is charged with integration of statewide LPR data into the Criminal Justice Dashboard. Michael B. Roosa is the project director of over 600K in federal grants to establish Maryland information sharing projects aligned with Global standards, including DOJ' s Suspicious Activity Reporting (SARi and Cross Boundary Information Exchange initiatives. Mr. Roosa is integral in the rollout of Maryland's Statewide CAD/RMS project, automated UCR reporting, and RCAS/LinX partnership. Mr. Roosa is charged with integrating incident data from shared data systems to evaluate system usage and effectiveness

9 I. NGA Center for Best Practices' Next Generation Justice Information Sharing Policy Academy Application December 9, 2011 STATE OF MARYLAND GOVERNOR'S OFFICE OF CRIME CONTROL & PREVENTION TEAM LEADER: Kristen Mahoney Executive Director Governor's Office of Crime Control & Prevention 300 E. Joppa Road, Suite 1105 Towson, MD Fax gov.state.md.us FISCAL AGENT: Carol Mackowiak Chief of Budget and Finance Governor's Office of Crime Control & Prevention 300 E. Joppa Road, Suite 1105 Towson, MD goccp.state.md.us

10 The State of Maryland's Fusion Center, Maryland Coordination and Analysis Center (MCAC), is reorganizing operations to proactively support the local crime fight. In partnership with the Maryland State Police (MSP) and the Department of Public Safety & Correctional Services (DPSCS), MCAC is in the beginning phases of strategically matching State offender and incident data with existing federal and local databases to deliver immediate crossjurisdictional alerts and long term trend analysis targeting areas of impact such as guns, gangs, and property crime. MCAC houses one of Maryland's most innovative statewide data sources: a growing t'"' statewide network of License Plate Recognition (LPR) systems. LPR systems are cameras that convert a picture of a vehicle's license plate into computer readable data that can be matched against stolen vehicles or wanted persons databases. When a match occurs, the system alerts law enforcement so that prompt action can be taken. Historically LPRs have been viewed as tools for stolen vehicle identification and enforcement. Taken to the next level, statewide networking of LPR technology maximizes use of license plate data for tracking trends of illegal activity crossborder, expanding the relevance of the data into areas of impact such as guns, gangs, and property investigations. Maryland is at the forefront in the nation in statewide networking and centralized housing of LPR data; however, in order to take the next step in information sharing, Maryland seeks technical assistance from the National Governor's Association Center for Best Practices and the Bureau of Justice Assistance (BJA) to define a solution for expansion of the program that remains in compliance with current laws and GLOBAL standards. Maryland has established complex governance and protocols to ensure efficiency, security, and privacy within the framework of the Governor's LPR Technology Strategy; however, in order to search license

11 plates on the statewide system the current policy framework and technology solution puts the burden on the end user to call, or fax requests to MCAC along with a case number and the reason for the search. Essentially, end users contributing data into the statewide system cannot benefit from that partnership real-time due to Maryland's stringent policies. Scalability of the program remains an area of improvement; Maryland seeks a solution to improve user access. Background In 2007, in response to an overwhelming number of requests for LPR technology from state and local Jaw enforcement agencies, Governor Martin O'Mall~y made LPR technology a ' funding priority. In the last five years, the State has directed over $2 million to state and local law enforcement for new LPRs, adding 104 LPRs to the State's inventory. Governor O'Malley issued an Automated License Plate Reader Technology Strategy in August 2010 and created an Advisory Committee in September 2010 to deploy Maryland's strategy. The Committee achieved the following goals: }> A comprehensive privacy policy to ensure that LPR data is being used for legitimate purposes }> Unified operating procedures for LPR usage that apply to all state and local Jaw enforcement agencies participating in Maryland's LPR strategy }> Promotion of public confidence through openness and transparency, ensuring that LPR information is used only for legitimate law enforcement purposes }> Coordination and evaluation of legal policies and protections that ensure that LPR information retention and sharing policies are consistent with applicable federal and state laws >- Oversight and strategic deployment of additional LPR units to the State's existing inventory }> Consideration of critical infrastructure nodes (Port of Baltimore, BWI, bridges, tunnels), drug trafficking routes, high crime areas, and high traffic density areas when making funding and deployment decisions }> Sustained networking of as many State and local LPR units as possible

12 ~ Creation of a statewide database of scanned tag information to be housed at the Maryland Coordination and Analysis Center (MCAC) Ongoing Statewide Networking As of November 26, 2011, There are 134 LPR units originating from 41 agencies networked to the main server at MCAC. 321 LPRs are deployed statewide. LPR Networking Status with Maryland Coordination and Analysis Center Gmtt 0 Legend Networtdnu Status 0 No!Networile<l e Natworlled F!xe!ILPR Status... Pen!ing /J:::.. Fixed Data Sources: U.S. Census Bureau; Maryland Coordination and Analysis Center, Crimes Programs Branch 30 November 2011 Total LPRs Deployed Statewide 321 Mobiles 246 Barrels 4 Covert Pole Camera 3 Fixed 68 Networked Agencies (as of 11/26) 41 Units Networked (as of 11/26)

13 Maryland's Criminal Justice Dashboard (Dashboard) Within three years, the Dashboard has become Maryland's premier clearinghouse of State criminal justice data and tools. A web-based application drawing from more than 100 data sources within 22 agencies, the Dashboard gives Jaw enforcement the real-time data they need to make fast, accurate, informed decisions in the fight against crime. The Dashboard provides unprecedented tools snch as facial recognition and statewide offender mapping to over 16,000 users with existing NCIC login name and passwords. Given the success of the Dashboard and its existing security protocols, Maryland seeks to integrate statewide LPR data with the Dashqoard to increase scalability and efficiency of Maryland's LPR Strategy. SCOPE OF WORK Objectives: 1. Update Maryland's LPR Privacy Policy and Uniform Standards to accomplish expansion of LPR data access in compliance with current laws and Global standards 2. Develop automated solution via Maryland Criminal Justice Dashboard in compliance with ctment laws and Global standards 3. Execute pilot on Maryland Criminal Justice Dashboard that expands LPR data access to criminal justice partners Formally establish LPR Determine governance structure for LPR Advisory January 2011 Advisory Committee Committee within MCAC's new role. Review within MCAC/Maryland current members and add new members as State Police appropriate for LPR expansion phase. Advisory Committee Review current LPR general order, privacy policy, February 2011 Meeting I and national cases pending on security and privacy issues. Discuss legal limitations and potential criteria required to filter automated search requests. Discuss nexus between DPSCS automated solution and MCAC audit process. Advisory Committee DPSCS to propose interface options for LPR March 2011 Meeting II searches on Dashboards as well as programming issues to consider based on Advisory Meeting I policy discussions. Committee reviews first drafts

14 Advisory Committee Meeting Ill MCAC Drafts New General Order Advisory Committee Meeting IV Dashboard Development Dashboard Pilot of updated privacy policy and unified operating procedures. Review final drafts of privacy policy and unified operating procedures. Draft new general order to align with Policy Institute and Committee decisions. Reviews final general order pending sign-off by Office of Attorney General, Superintendent of Maryland State Police and Anti-Terrorism Advisory Council Executive Committee (ATAC). DPSCS development status and troubleshooting. Complete programming to integrate l,jpr data on Dashboard according to security and privacy protocols. Pilot Dashboard solution between MCAC and select local agencies May 2011 May-June 2011 July 2011 June- September 2011 September- October 2011 Performance Measures: Completed Privacy Policy Completed Uniform Standards Completed and approved General Order Development of Dashboard solution Pilot of Dashboard solution o #searches o #matches o #arrests TEAM MARYLAND Kristen Mahoney Executive Director Governor's Office of Crime Control & Prevention kmahoney@ gov.state.md.us David Engel Executive Director Maryland Coordination & Analysis Center Ambassador Road Winsor Mill, MD

15 Michael B. Roosa Chief Information Officer Maryland State Police ( 410) mroosa@mdsp.org Ronald C. Brothers, Chief Information Officer Department of Public Safety & Correctional Services (410) rbrothers@ dpscs.state.md. us Kristen Mahoney (Team Leader) serves as Governor O'Malley's key criminal justice policy advisor. As the Executive Director of GOCCP, she administers over $100 million in federal and State grant funds annually to improve public safety in Maryland. Ms. Mahoney initiated the Governor's LPR Strategy, serves on the LPR Advisory Committee, and has administered over $6 million in grant funding!!,, ' since 2007 to support LPR technology and establish the Maryland Criminal Justice Dashboard. David Engel joined MCAC as Executive Director in October 2011 after a career specializing in intelligence sharing at the Baltimore City Police Department. Mr. Engel will be responsible for establishing the LPR Executive Committee within MCAC and promulgating policies and procedures that retain legal compliance, security, and privacy as Maryland expands LPR data accessibility. Ronald C. Brothers is the creator of the Maryland Criminal Justice Dashboard, the fundamental public safety component of Governor Martin O'Malley's Security Integration Initiative, Maryland's commitment to making State data accessible across all levels of government. Mr. Brothers has established solid information sharing partnerships across agencies to deliver user-friendly data to local, State, and federal criminal justice professionals. Mr. Brothers is charged with integration of statewide LPR data into the Criminal Justice Dashboard. Michael B. Roosa is the project director of over 600K in federal grants to establish Maryland information sharing projects aligned with Global standards, including DOJ' s Suspicious Activity Reporting (SAR) and Cross Boundary Information Exchange initiatives. Mr. Roosa is integral in the rollout of Maryland's Statewide CAD/RMS project, automated UCR reporting, and RCAS/LinX partnership. Mr. Roosa is charged with integrating incident data from shared data systems to evaluate system usage and effectiveness