Skip Repetitive Navigation Links
California State Auditor Report Number : 2015-130

The CalGang Criminal Intelligence System
As the Result of Its Weak Oversight Structure, It Contains Questionable Information That May Violate Individuals’ Privacy Rights

HIGHLIGHTS

Our audit concerning the CalGang database and how law enforcement agencies (user agencies) have implemented requirements for adding juveniles to CalGang revealed the following:


Summary

Results in Brief

CalGang is a shared criminal intelligence system that law enforcement agencies (user agencies) throughout the State use voluntarily. User agencies enter information into CalGang on suspected gang members, including their names, associated gangs, and the information that led law enforcement officers to suspect they were gang members. User agencies have noted that CalGang’s benefits include directing them to information about gang members’ interactions with law enforcement officers throughout the State and facilitating cross‑agency collaboration when investigating and prosecuting gang‑related crimes. However, CalGang’s weak leadership structure has been ineffective at ensuring that the information the user agencies enter is accurate and appropriate, thus lessening CalGang’s effectiveness as a tool for fighting gang‑related crimes. Further, the inaccurate data within CalGang may violate the privacy rights of individuals whose information appears in CalGang records but who do not actually meet the criteria for inclusion in the system.

Both the United States Constitution and the California Constitution recognize the right to privacy—the former implicitly and the latter explicitly. However, CalGang’s current oversight structure does not ensure that user agencies collect and maintain criminal intelligence in a manner that preserves individuals’ privacy rights. Specifically, although the California Department of Justice (Justice) funds a contract to maintain CalGang, the system is not established in state statute and consequently receives no state oversight. Instead, CalGang’s user agencies elect their peers to serve as members of two entities—the CalGang Executive Board (board) and its technical subcommittee called the California Gang Node Advisory Committee (committee)—that oversee CalGang. These oversight entities function independently from the State and without transparency or meaningful opportunities for public engagement. When the committee and the board established CalGang’s policies and procedures (CalGang policy), they asserted CalGang’s voluntary compliance with two different standards: the criminal intelligence requirements in Title 28, Code of Federal Regulations, Part 23 (federal regulations) and Justice’s Model Standards and Procedures for Maintaining Criminal Intelligence Files and Criminal Intelligence Operational Activities, November 2007 (state guidelines)—which were promulgated to protect privacy and other constitutional rights. However, in practice, we found little evidence that the committee and the board have ensured that user agencies comply with either the federal regulations or the state guidelines.

A lack of adequate oversight likely contributed to the numerous instances we found in which the four user agencies we examined—the Los Angeles Police Department (Los Angeles), the Santa Ana Police Department (Santa Ana), the Santa Clara County Sheriff’s Office (Santa Clara), and the Sonoma County Sheriff’s Office (Sonoma)—could not substantiate CalGang entries they had made.1 Specifically, Los Angeles, Santa Ana, and Sonoma, which add gangs to the system, were able to demonstrate that only one of the nine gangs we reviewed met the requirements of CalGang policy before entry; Santa Clara does not add gangs to the system. We also found that all four user agencies lacked adequate support for including 13 of the 100 individuals we reviewed in CalGang. Further, we reviewed more than 560 criteria related to these 100 individuals and determined that the user agencies lacked adequate support for 131, or 23 percent.

Our review uncovered numerous examples demonstrating weaknesses in the user agencies’ approaches for entering information into CalGang. For example, Sonoma included a person in CalGang for allegedly admitting during his booking into county jail that he was a gang member and for being “arrested for an offense consistent with gang activity.” However, the supporting files revealed that this person stated during his booking interview that he was not a member of a gang and that he preferred to be housed in the general jail population. Further, his arrest was for resisting arrest, an offense that has no apparent connection to gang activity.

Throughout our audit, law enforcement officials offered their perspective that inclusion in CalGang is of little impact to individuals because CalGang only points to source documentation. According to CalGang policy, information in the system itself should not be the basis of expert opinion or statement of fact in official reports, nor should it be used for any purposes unrelated to law enforcement, such as employment screenings. However, we found that these prohibitions are not always followed. In fact, our search of California appellate cases that included the terms CalGang or gang database uncovered at least four unpublished cases that referred to CalGang as support for expert opinions that individuals were or were not gang members. Further, three law enforcement agencies that responded to our statewide survey admitted to using CalGang for employment or military‑related screenings. These instances emphasize that inclusion in CalGang has the potential to seriously affect an individual’s life; therefore, each entry must be accurate and appropriate.

The four user agencies we reviewed might have been able to avoid making inappropriate CalGang entries had they fully followed the federal regulations and state guidelines that the committee and the board voluntarily adopted. For example, the state guidelines require supervisory reviews of all information for CalGang entries and annual reviews of all CalGang records to ensure their accuracy and relevance. However, we found that none of the four user agencies have the necessary processes in place to perform these reviews. Further, by requiring only minimal audits of the information in CalGang, the committee has limited its own accountability in ensuring that user agencies comply with the federal regulations and state guidelines. These self‑administered audits review less than 1 percent of CalGang’s total records. The committee does not document the audit results, which CalGang administrators present orally at committee meetings. The limited nature of these audits is especially concerning because they are the committee’s only oversight tool, yet they are not robust enough to ensure that user agencies are maintaining valid and accurate criminal intelligence records, adhering to security protocols, and upholding individuals’ rights to privacy.

In addition to the errors we found in the 100 records we reviewed, our use of an electronic analysis of all CalGang records uncovered a number of problems that highlight the importance of both supervisory and ongoing reviews of CalGang information. For example, we found 42 individuals in CalGang who were supposedly younger than one year of age at the time of entry—28 of whom were entered for “admitting to being gang members.” We also found a significant number of individuals with illogical record purge dates—the dates by which the individuals’ records must be deleted from CalGang. Mirroring the federal regulations, CalGang policy requires that individuals’ records be purged five years after their dates of entry unless user agencies have entered subsequent criteria which resets the five-year period. Nevertheless, we found more than 600 individuals with purge dates that were well beyond the five year limit; in fact, more than 250 individuals in CalGang had purge dates more than 100 years in the future. By failing to review information before and after its entry into CalGang, the committee and user agencies diminish the system’s crime‑fighting value and do not adequately protect the privacy of those who have been entered into the system.

Further, the user agencies we reviewed have not fully implemented a state law that took effect in January 2014 that generally requires law enforcement agencies to notify juveniles and their parents or guardians (parents) before adding the juveniles to a shared gang database such as CalGang. As a result, many juveniles and their parents were not afforded the right to contest the juveniles’ gang designations. Los Angeles and Santa Ana continued to add juveniles to CalGang after January 2014, but that these two user agencies failed to provide proper notification for more than 70 percent of the 129 juvenile records we reviewed. Further, the two agencies did not provide the juveniles and parents who were sent notices with enough information to reasonably contest the juveniles’ gang designations. Possibly as a result of insufficient information, we found that few juveniles or parents have contested juveniles’ inclusion in CalGang. The other two user agencies we reviewed—Santa Clara and Sonoma—did not add juveniles to CalGang once the notification law took effect.

Because of its potential to enhance public safety, CalGang needs an oversight structure that better ensures that the information entered into it is reliable and that its users adhere to requirements that protect individuals’ rights. To this end, we believe the Legislature should adopt state law that specifies that CalGang, or any equivalent statewide shared gang database, must operate under defined requirements that include the federal regulations and key safeguards from the state guidelines, such as supervisory and periodic record reviews. Further, we believe the Legislature should assign Justice the responsibility for overseeing CalGang and for ensuring that the law enforcement agencies that use CalGang comply with the requirements. Establishing Justice as a centralized oversight entity responsible for determining best practices and holding user agencies accountable for implementing such practices will help ensure CalGang’s accuracy and safeguard individuals’ privacy protection. Moreover, we recommend that the Legislature create a technical advisory committee to provide Justice with information about database best practices, usage, and needs to ensure that CalGang remains a useful law enforcement tool. Figure 6 illustrates what, in our view, would be a stronger oversight structure for CalGang.

Recommendations

The Legislature

To ensure that CalGang, or any equivalent statewide shared gang database, has an oversight structure that supports accountability for proper database use and for protecting individuals’ rights, the Legislature should do the following:

To promote public participation in key issues that may affect California’s citizens and help ensure consistency in the use of any shared gang database, the Legislature should require Justice to interpret and implement shared gang database requirements through the regulatory process. This process should include public hearings and should address the following:

To ensure transparency, the Legislature should require Justice to publish an annual report with key shared gang database statistics—such as the number of individuals added to and removed from the database—and summary results from periodic audits conducted by Justice or an external entity. Further, the Legislature should require Justice to invite and assess public comments following the report’s release. Subsequent annual reports should summarize any public comments Justice received and actions it took in response.

To help ensure that Justice has the technical information it needs to make certain that CalGang or any equivalent shared gang database remains an important law enforcement tool, the Legislature should establish a technical advisory committee to advise Justice about database use, database needs, database protection, and any necessary updates to policies and procedures.

Justice

As the Legislature considers creating a public program for shared gang database oversight and accountability, Justice should guide the board and the committee to identify and address the shortcomings that exist in CalGang’s current operations and oversight. The guidance Justice provides to the board and the committee should address, but not be limited to, the following areas:

To promote transparency and hold the board, the committee, and user agencies accountable for implementing and adhering to criminal intelligence safeguards, Justice should post quarterly reports on its website beginning June 30, 2017, that summarize how it has guided the board and the committee to implement and adhere to criminal intelligence safeguards; the progress the board, the committee, and the user agencies have made in implementing and adhering to these safeguards; the steps these entities still must take to implement these safeguards; and any barriers to the board’s and the committee’s success.

To promote transparency and encourage public participation in CalGang’s meetings, Justice should post summary audit results, meeting agendas, and meeting minutes to its website, unless doing so would compromise criminal intelligence information or other information that must be shielded from public release.

Law Enforcement Agencies

Until they receive further direction from the board, the committee, or Justice, the law enforcement agencies we reviewed—Los Angeles, Santa Ana, Santa Clara, and Sonoma—should address the specific deficiencies we found by taking the following actions:

Agency Comments

Justice responded to the audit stating that it agreed with all of the recommendations. Justice expressed that it will work with the board and the committee in various capacities to implement the recommendations. However, Justice stated that it believes it needs express authority and additional resources from the Legislature to assume oversight of CalGang.

Los Angeles, Santa Ana and Santa Clara all indicated that they agreed with the recommendations and would take the steps necessary to implement them.

Sonoma disagreed with the audit’s findings and took exception to the criteria the audit relied upon. Sonoma stated that it believes it has met or exceeded the statutory guidelines for administering a model criminal intelligence system. Sonoma also stated that if it follows the report’s recommendations it will be forced to stop operating as a node administrative agency.




Footnote

1 Because multiple law enforcement agencies can add information to a gang member’s CalGang record, some of the deficiencies we found relate to information other law enforcement agencies added to these CalGang records. Go back to text



Back to top