San Diego’s City Council on Tuesday approved substantial changes to the city’s regulation of surveillance technology used by police and other departments, despite vocal opposition from privacy rights advocates.
In August of 2022, the City Council passed the Transparent and Responsible Use of Surveillance Technology (TRUST) Ordinance, which gave departments one year to identify existing surveillance tech, hold community meetings and secure council approval for each item. Departments would need to complete a similar process for newly adopted surveillance technology.
The ordinance was considered among the most robust surveillance transparency laws in the country. But it has since endured a series of amendments, largely pushed by Mayor Todd Gloria, who argues the ordinance is overly broad and hamstrings city operations.
Last summer, as the one-year approval deadline approached and many technologies hadn’t started the review process, the City Council pushed back the deadline by three years. At the City Council’s regular meeting on Tuesday, council members passed additional changes that would exempt from review police databases, fixed security cameras and other technologies previously subject to the law. They also indicated additional changes were likely.
“As the Public Safety (Committee) chair, I will bring this ordinance forward for amendments as often as we need, because we are gonna have to work to get this right,” said District 5 Councilmember Marni von Wilpert. “Today is not the end-all, be-all.”
The item passed 6-2, with Council President Sean Elo-Rivera and District 8 Councilmember Vivian Moreno voting against it. The District 4 council seat remains empty, after former council member Monica Montgomery Steppe was elected in November to the San Diego County Board of Supervisors. She introduced the TRUST Ordinance.
More than a dozen constituents and privacy rights advocates showed up to Tuesday’s council meeting to oppose the agenda item.
“We are furious,” said Lilly Irani, an associate professor of communication and computer science at UC San Diego, during the meeting’s public comment. “Today’s vote is a time to show the people watching that you stand by your words.”
Yearslong effort
The TRUST Ordinance traces its origins to the fumbled rollout of so-called “smart streetlights” in 2016. The streetlights were supposed to save on energy costs and help analyze traffic patterns. They also came with cameras, which the San Diego Police Department (SDPD) used — unbeknownst to the public — to help solve investigations.
Residents and privacy rights advocates cried foul, and then-Mayor Kevin Faulconer ordered the streetlights shut off. Over the next few years, the City Council worked on the TRUST Ordinance with the TRUST SD Coalition, a local advocacy group that pushes for greater transparency and accountability around surveillance.
The ordinance established a multi-step process for reviewing and approving the city’s surveillance technology. Each department must create an inventory of its surveillance equipment, release reports on the uses and impacts of each item and hold community meetings to solicit feedback. Their findings are then submitted to the Privacy Advisory Board, a volunteer panel made up of experts and community members that provides recommendations to the City Council. Finally, departments must secure council approval for each technology.
Only a handful of items have cleared the process and secured City Council approval. That includes a renewed rollout of smart streetlights — this time with promises of new safeguards.
SDPD has made the most progress of any department, releasing reports in 2023 on more than 70 pieces of technology, including drones and a device that pulls data from cell phones for investigative purposes. Of those technologies, SDPD has submitted about two dozen to the Privacy Advisory Board for review.
Other departments are lagging far behind SDPD.
In an email, city spokesperson Nicole Darling said departments have started preparing reports, but did not specify how many have taken this initial step. She added that “SDPD technologies were prioritized to move through the process.” She did not respond to a follow-up question asking why SDPD’s efforts would preclude other departments from starting the technology review process established over a year ago.
More changes to come
Some departments may be waiting for clarification on which technologies they need to review.
Late last year, the city put together a list of more than 300 technologies that fit the ordinance’s broad definition of “surveillance technology.” It included many basic tools used by departments on a daily basis, such as Google Maps and email newsletter software.
Gloria’s office points to these items as examples of how the ordinance casts too wide of a net.
Chloe Madison, a senior policy advisor to Gloria, testified that the amendments aimed to “give city staff clear direction on implementation and allow the city to continue to use necessary operations.”
Under the revised ordinance, a broad swath of tools are now exempt from review, such as social media applications and “city operational business applications.”
But privacy rights advocates said some exemptions are problematic, including the one for security cameras used to protect city buildings and “other physical assets.”
They’re also concerned about exemptions for police databases. That includes ARJIS, a data-sharing network used by dozens of law enforcement agencies in the San Diego region that provides access to information on warrants, arrests, photos and field interviews. KPBS previously reported how U.S. Customs and Border Protection has access to the database.
Talitha Wright, a resident of District 6, told council members Tuesday that these changes would “gut community transparency and oversight” of the city’s surveillance technology.
During the meeting, District 7 Councilmember Raul Campillo tacked on an additional amendment that would exempt software SDPD uses to analyze data that’s already been approved or exempted.
Elo-Rivera objected to this change.
“Software that supercharges the technology that has been approved is super concerning to me,” he said.
While Elo-Rivera acknowledged some “common sense” changes were needed, he ultimately voted against the proposal.
“I am not satisfied that I can tell my constituents, with the confidence that I need to, that their privacy is being protected if I vote in support of this ordinance,” he said.
Privacy rights advocates did score one minor victory. The mayor’s office originally proposed reducing the amount of time the Privacy Advisory Board has to review technologies and provide recommendations to the City Council, from 90 days to 60 days.
Members of the board testified that the change would be unworkable, and council members agreed to preserve the 90-day review period.