E N T OF
Privacy, Civil Liberties, and
Information Quality Policy Development
for the Justice Decision Maker
• In today’s information sharing and other personnel responsible
Highlights environment, well-developed for information management. The
privacy, civil liberties, and team must have the power to both
information quality policies help develop and analyze a plan and
• Since 9/11, virtually all agree that
an agency prevent problems. then implement that plan. The plan
enhanced justice information
Failure to develop, implement, and must include input and review from
exchange is critical. While
maintain such dynamic policies can interested and/or affected persons
pursuing a broadscale sharing
result in: outside of the agency.
capability, decision makers within
the justice and public safety ¤ Harm to individuals.
¤ Public criticism. • Processes developed when most
communities must vigorously ¤ Lawsuits and liability. records were on paper may not
protect our constitutional privacy ¤ Inconsistent actions within translate well in the electronic and
rights and civil liberties and ensure agencies. digital age. A privacy, civil liberties,
information quality and accuracy. In ¤ Proliferation of agency databases
and information quality policy
short: you need privacy, civil rights, with inaccurate data.
and information quality policies to Each agency should evaluate and will promote and facilitate modern
guide your agency’s information strengthen privacy, civil liberties, information management and
sharing efforts. Difficult? Yes. and information quality policies help you remain in control of your
Insurmountable? No. Many good to make them more relevant to agency’s technologies.
resources already exist to help twenty-first century technology.
justice and public safety leaders • The process promoted here does
make the best possible policy • The personally identifiable not require you to “start from
decisions for their information information maintained by agencies scratch.” There are historical
sharing practices. This document —if handled inappropriately—can and increasingly accepted “Fair
serves as an additional tool. cause problems for those affected. Information Principles” to guide
In worst cases, personal safety is your agency’s efforts.
• Privacy, civil liberties, and jeopardized. These issues affect
information quality policies protect the whole justice community, • This document introduces the
your agency and make it easier including law enforcement, framework for a systematic
to do what is necessary—share prosecution, defense, courts, consideration of privacy, civil
information. Focus on these parole, probation, corrections, liberties, and information quality
policies will (1) strengthen public and victim services, as well as policies and practices within your
confidence in your agency’s ability members of the public having agency. A companion Privacy and
to handle information appropriately, contact with the justice system. Civil Liberties Policy Development
(2) strengthen support for your Guide and Implementation
agency’s information management • Success of policy improvement Templates has been designed by
efforts through developing efforts depends on appointing a the U.S. Department of Justice’s
technologies, and (3) ultimately high-level member of your agency (DOJ) Global Justice Information
promote effective and responsible to champion the initiative. That Sharing Initiative (Global) Privacy
sharing of information that person should assemble a policy and Information Quality Working
supports those fundamental development-and-review team of Group to assist your team in
concepts of the justice system we agency stakeholders, including its efforts to develop or revise
embrace as Americans. managers, legal staff, system agency privacy, civil liberties, and
operators, technical support staff, information quality policies.
Foreword: What’s in This for Me?
ou would be hard-pressed to
find an opposing view: justice
and public safety leaders—
indeed, the American public—
want justice-related entities to do
a better job of sharing information
to promote the well-being of our
citizens and local neighborhoods and
to protect homeland security. With
the continually advancing field of
technology, the technical capability to
solve information sharing challenges
now exists. If you can access your Since 1998, the Bureau of Justice
bank account as easily in Duluth, Assistance (BJA), DOJ, has supported
Minnesota, as you can in Tokyo, a group of your peers to tackle these
Japan, surely an officer in one county exact concerns. DOJ’s Global Advisory
can share sex offender data with Committee (GAC) addresses timely
a parole worker in the neighboring justice-related information sharing
town. But justice leaders know all too issues, such as questions of privacy
well the unfortunate truth—sharing and information quality. What follows,
information is not a given. While developed by the Global Privacy and
pursuing a critical, broadscale Information Quality Working Group, is a
justice information sharing capability, sound first step in this area: a blueprint
decision makers must simultaneously for initiating and completing a process
vigorously protect citizens’ to ensure that your agency develops
constitutional rights. In short, privacy, and maintains essential privacy, civil
civil liberties, and information quality liberties, and information quality policies
policies are needed to guide agency involving the collection, use, and
information sharing efforts. We may dissemination of information. Additional
want our justice leaders to exchange resources that address the range
information, but we want that sharing of justice and public safety leaders’
to be appropriate, we want that information sharing challenges and
information to be accurate, and we opportunities are included in “Global
demand safeguards be in place to Resources for the Justice Decision
protect individual rights. Maker,” concluding this document.
Many good resources and guidelines
have been created to assist justice
leaders in making the best business
decisions for information sharing.
Introduction protection are increasingly important.
Additionally, information created or
Should you be concerned about compiled by your agency must be
developing or reviewing your agency’s accurate or it is of little value. When
privacy, civil liberties, and information you share information with another
quality policies? Ask yourself: entity, there is the implicit expectation
that the data you provide is accurate
1. Does my agency control, and that there are steps to ensure
disclose, or provide access information quality; likewise, you
to information to persons expect the same from other agencies
or agencies outside of my when receiving information. Promoting
organization? information quality by internal
safeguards and procedures helps to
2. Does my agency’s information ensure the accuracy of the information
system(s) contain data or you handle.
information connected to or
shared with other information Unless effective privacy, civil liberties,
systems or agencies? and information quality safeguards in that they relate to access to
are being utilized at every level records instead of defining privacy
3. Does my agency collect, use, or
of your agency’s information and protections.2
provide access to “personally
data-handling operation, you may
be exposing yourself and others to
(information that identifies Using computers to share databases
unacceptable risks from inaccurate
individuals by reason of the and cross-reference digital information
information or problems caused by
content)? has heightened privacy and information
failing to honor essential protection
quality concerns. Yet, as a practical
4. Does my agency have a stake in expectations. When agencies
matter, privacy, civil liberties, and
the accuracy of the information collectively maintain appropriate
information quality policies and
it manages? levels of attention to privacy, civil
procedures affect every aspect of an
liberties, and information quality, the
A “yes” to any of the above questions agency’s work, not just technology
sharing of information is facilitated in a
suggests that your agency should and operations. These concerns
responsible and effective manner.
make it a priority to review privacy, involve agency policy aspects, legal
civil liberties, and information quality considerations, public relations, and
Having a “security policy” related to interagency relationships. It is essential
practices. Government policymakers data or information is not enough.
and agency heads must take action to that agency leaders demonstrate an
Security policies alone do not appreciation of the importance of these
cause that review to occur. adequately address the privacy, civil issues by appointing an influential
liberties, and information quality issues member of agency management to
Increasingly, the sharing of information contemplated in this discussion.
is key to agency success in the champion the policy development
Although privacy and security initiatives proposed herein. Because
twenty-first century. The ease of both relate to handling data and
sharing information promoted by new adoption of a privacy and civil liberties
information—and are both essential to policy may require a change in an
technologies and the vital importance justice-related information sharing1—
of ensuring that information is agency’s procedures, it may require a
they have different implications and corresponding shift in agency “mind-
accurate make the case for privacy, considerations. “Security” relates to
civil liberties, and information quality set.” The involvement of a high-level
how an organization protects member of the administration will help
policies that are essential to any information during and after collection.
agency’s information operations. ensure that the necessary changes are
“Privacy” addresses why and how accepted and implemented.
With the growth in the assimilation, information is collected, handled,
utilization, and sharing of personally and disclosed and is concerned
identifiable information—information As a justice or public safety leader,
with providing reasonable quality
that can be linked to individuals—that if you are still unsure about the
control regarding that information.
has come with modern technologies, fundamental importance of privacy,
Considering the breadth of the issue,
effective measures to ensure civil liberties, and information quality
some existing “privacy policies”
appropriate levels of privacy safeguards, picture your agency in the
may fail to address these concerns
within the law enforcement system,
Case Studies: Are he was unable to reverse—or even
stem—the continuing damage caused
Privacy, Civil Liberties, by the mistake. The false information Concept to Action
was contained in data sold to private
and Information information vendors that was, in turn, The case for maintaining effective
Quality an Issue? distributed nationally. There was no
way to trace all disseminations of the
policies related to privacy, civil
liberties, and information quality has
In December 2002, former U.S. Drug erroneous information. At any time, the been made. Now, how should an
Enforcement Administration agent erroneous information can resurface agency respond? By ensuring that it
Emilio Calatayud was sentenced to to falsely attribute this man with a has in place appropriate and relevant
prison and fined on charges related to criminal history record. policies addressing the management
his use of protected law enforcement of information. The following is a
computer systems and databases. Ensuring the accuracy of data your blueprint for agency action.
He obtained information from these agency creates, compiles, and
protected systems, which he then distributes is crucial. Failure to do Start Right: Assign the Task to
provided to a Los Angeles private so can have severe impact on the
lives of innocent people.
an Influential Member—
investigation firm in return for at least
$22,500 in secret payments. The development of privacy policies
Recently, the Texas Department of must be assigned to someone with
Ensuring that those within your Public Safety proposed incorporating the ability to “stick to the task” and
agency honor privacy restrictions is facial recognition biometrics into its remain focused on what needs to be
essential. They cannot honor that driver’s license photograph database done. Unless the person assigned this
which is not clearly defined and to help stop the issuance of licenses task is recognized as having a high
articulated. to those using deception or fraud. level of authority, it may be difficult
The proposal passed with little debate to obtain acceptance of the efforts
A private investigator hired by an in the Texas Senate but came to made. This project manager should
obsessed fan was able to obtain an abrupt halt in the Texas House be a person who has the power to
the address of television and film of Representatives. Privacy-related enlist the assistance of others within
star Rebecca Schaeffer through her concerns about the use of new the organization to undertake the
California motor vehicle records. The technology, raised by the American analysis and implement the efforts
fan used this information to stalk and Civil Liberties Union (ACLU) and needed to systematically develop the
to kill Schaeffer. The Driver’s Privacy others, led to a lopsided defeat of the policies and procedures. The project
Protection Act (Public Law 103-322) proposal. Concerns about what the manager should be a person who can
was passed in 1994 in reaction to system “might” do overshadowed the directly report to chief policymakers
this stalking death, enhancing the value of what it was intended to do. and chief administrators, while at the
privacy protections for driver’s license same time holding others accountable
information. for their efforts, in order to ensure
Ensuring that controls are in place
that the project remains on task. The
for how information is used in your
Having good information quality, project manager must be able to build
agency will assist your agency
civil liberties, and privacy controls an effective project team to make
in justifying new initiatives and
in place will help to reduce the the effort successful in a reasonable
answering concerns about potential
possibility of agency criticism and length of time.
abuses of information.
can help defer criticisms when they
occur. These case studies highlight the
importance of addressing privacy
An Ohio man’s social security number concerns when collecting, using, and
was accidentally associated with disseminating personally identifiable
another individual’s criminal history information. Privacy and information
record. After losing his job, home, quality are issues that must be
and family, the man became aware of addressed within every agency in the
the mistake within a law enforcement criminal justice system.
information system. While the man
was able to have the data corrected
or death for victims of domestic
Have a Good Foundation: violence and other crimes.
Establish a Project Team—
Once the policy objectives
A project team should include are developed, the agency’s
stakeholders from within the agency top policy leaders (e.g., key
who are affected by privacy, civil legislators, executive branch
liberties, and information quality heads, court administrators, or
issues. A typical team will include chief judges/justices) should be
technical staff familiar with system given an opportunity to endorse
development and operation; those who the objectives. With this agency
use the system(s) regularly in their buy-in of broad objectives and
work; agency legal staff; persons able goals, actual policy development
to craft policy language in a manner or revision can begin. Decisions oppose, or support your policy
consistent with agency formats and should reasonably balance efforts may help you identify and
expectations; and others having a efforts to protect individual rights address issues more effectively.
key role in the agency’s collection, against the overall public safety Involvement in the process
maintenance, use, dissemination, and mission of the agency and justice that leads to a sense of policy
retention of information. system. The risks inherent in any “ownership” promotes the overall
determination should be carefully integrity of the initiative.
Use a Systematic Approach: evaluated and considered.
Begin the Efforts— • Identify Applicable Laws and
• Capitalize Upon the Value of Regulations: An essential early
• Recognize the Stakes: External Input: An important task is the review and identification
Implementation of new early step in the development or of all relevant privacy laws and
technologies may promote revision efforts is to seek outside regulations. Every agency should
cost savings and efficiency yet input from legislators, community be mindful of legal and regulatory
still prompt privacy concerns advocates, victims’ advocates, obligations or restrictions
and objections. Unaddressed media representatives, privacy applicable to agency operations.
privacy issues can overwhelm advocates, commercial information Privacy impact assessments may
the arguments of benefits and services sector members, be required by law or regulation.
cost savings in support of new representatives of agencies with Major policy issues—such as
technologies. If policymakers and whom you share information, and those related to public access
the public are not comfortable with citizens or other interested parties. to information, disclosure of
an agency’s ability to responsibly Broad stakeholder input will help information solely at agency
handle information, the concerns define the focus of your efforts, initiative, protection of sensitive
and fears expressed by even a few provide innovative ideas, and or confidential information, and
opponents can lead to rejection of support final decisions and plans. public notification laws—need to
sensible initiatives. You should invite input from those be considered. Provisions of law or
who will use the information your
• Define Broad Objectives and agency maintains, as well as from
rule will need to be interpreted and
Risks: Early in the process, those who may be critical of your
applied to agency actions. This
in considering the agency’s may be one of the more difficult
agency’s efforts. steps in the overall effort, since
mission and the substance of its
initial efforts, the team should The input of these “outside there are a myriad of laws and
develop broad policy objectives sources” can help the project team regulations that affect information
and determine the risks to both obtain a balanced perspective management and privacy. Some
public safety and protection of and become aware of areas or states and other jurisdictions
individual rights. Do not forget concerns that might otherwise now have chief privacy and civil
to include analysis of victims’ be overlooked. Opposition to liberties officers who may provide
issues when defining risks. Victim- or support for initiatives can assistance in these efforts.
related information requires come from unexpected places; • Analyze Your Information
careful privacy and civil liberties therefore, including sources Flow and Processes:3 Having
policy consideration; violations of in the information-gathering a comprehensive understanding
personal privacy may mean life stage that are likely to criticize, of the flow of information and
information processes within your 2. Limit the collection of personal
agency is essential. Creating “data information to that required for the
purposes intended. (“Collection
and information flowcharts” that
identify key points when privacy
issues are implicated will assist 3. Ensure data accuracy. (“Data
in gaining that understanding.
Determine when privacy, civil 4. Ensure appropriate limits
liberties, or information quality on agency use of personal
information. (“Use Limitation
issues are implicated by the Principle”)
collection, use, or dissemination training plan should take into
5. Maintain effective security over
of personal information. To the account the role and duties of
personal information. (“Security
extent possible, your agency Safeguards Principle”) those being trained. Methods
should create audit logs or trails of holding agency members
6. Promote a general policy of
to track what personal information accountable for abiding by the
openness about agency practices
is being accessed and by whom. and policies regarding personal policies should be identified and
When an agency shares or obtains information. (“Openness Principle”) incorporated into training. For
information with others outside the example, unauthorized access to
7. Allow individuals reasonable
agency, a separate analysis of that access and opportunity to correct an agency’s data or information
data and information flow should errors in their personal information by an agency member may form
be completed. Any comprehensive held by the agency. (“Individual
the basis for internal discipline
privacy and civil liberties or but may also constitute a criminal
information quality policy must 8. Identify, train, and hold agency violation of state law. The
address the key points in the flow personnel accountable for
adhering to agency information ramifications of violations should
of information. be clearly identified in agency
quality and privacy policies.
• Apply “Fair Information (“Accountability Principle”) training. Agency personnel should
Principles” Guidelines: Any be routinely required to engage in
Each agency must evaluate the
review of privacy and information “refresher training.”
applicability and appropriateness
quality principles should consider of these FIPs in the context of • Test and Evaluate: Finally,
what are referred to as “Fair its mission and responsibilities. once implemented, the developed
Information Principles,” or FIPs. The FIPs provide a framework policy should be tested to
These eight basic FIPs were for a systematic review of privacy determine whether it truly results
developed and formalized in the and information quality policies in the anticipated protections. A
early 1980s to address issues and practices. They help agency programmed review of the results
related to the commercial use and leaders to understand which of the policy implementation,
sharing of personally identifiable information quality and privacy including a planned feedback
information. Although the FIP protection efforts are important mechanism, should be factored
guidelines are over 20 years and needed. However, the FIPs into the policy itself. Each policy
old and were developed in a are guidelines, not absolutes. For should be reviewed on a regular
commercial context, they still example, some agencies may basis to ensure it continues to
constitute the basis upon which need to ensure that articulation address changes in the law, as
sound information quality and and policy implementation of the well as current agency practices.
privacy policies can be developed. “Use Limitation Principle” do not In addition, the review should
Since the FIPs are well known and unduly restrict the agency’s use include analysis of technological
widely accepted, outside interests of information. The eight FIPs are advancements that may enhance
reviewing your policies are likely summarized at the end of this implementation of the policy. One
to use them when providing input document. method of ensuring such review is
or voicing criticism. The FIPs are to “sunset” the policy on a certain
designed to: • Implement, Train, and Hold future date, requiring the policy to
Accountable: The team should be reviewed and renewed prior to
1. Define agency purposes for
develop a training plan that will
information to help ensure its expiration.
agency uses of information reach all within the agency who will
are appropriate. (“Purpose be responsible for implementing
Specification Principle”) or abiding by the policies. The
Fair Information Principles
Modern information management realities
demand that agencies develop and implement
1. Purpose Specification Principle
Identify the purposes for which all personal
comprehensive privacy, civil liberties, and
information is collected, and keep subsequent use of
information quality policies, incorporating good
the information in conformance with such purposes.
information practices and design principles. Many
agencies have few (if any) policies in place, while
others may be dealing with privacy, civil liberties, and 2. Collection Limitation Principle
information quality issues on a case-by-case basis. A Review how personal information is collected to
systematic, developmental approach will ensure that ensure it is collected lawfully and with appropriate
issues and concerns are addressed before individual authority, and guard against the unnecessary, illegal,
harm occurs or practices become a matter of agency or unauthorized compilation of personal information.
or administrator embarrassment, criticism, or liability.
3. Data Quality Principle
By initiating the development of comprehensive Implement safeguards to ensure information is
policies in a systematic manner, policymakers accurate, complete, and current, and provide
and chief administrators can help ensure that methods to correct information discovered to be
their operations reasonably and fairly address
deficient or erroneous.
protection and information quality concerns. The
careful selection of a high-level project manager 4. Use Limitation Principle
and implementation of a balanced project team Limit use and disclosure of information to the
approach will significantly enhance the opportunity purposes stated in the purpose specification, and
for the effort to be successful. Use of generally implement realistic and workable information-
recognized FIPs to structure the policy development retention obligations.
will facilitate the overall effort.
5. Security Safeguards Principle
To assist those assigned the responsibility of Assess the risk of loss or unauthorized access to
implementing the approach suggested here, a information in your systems, and ensure ongoing
Privacy and Civil Liberties Policy Development use conforms to use limitations.
Guide and Implementation Templates has
been developed to better outline the process and
provide access to supplementary resources. These 6. Openness Principle
additional tools facilitate actual policy development Provide reasonable notice about how information
and the review of these efforts. The Guide is is collected, maintained, and disseminated by your
designed to help those in charge handle their agency, and describe how the public can access
important privacy-related activities efficiently and information as allowed by law or policy.
effectively. For more information, refer to http://it.ojp.
gov/documents/Privacy_Guide_Final.pdf. 7. Individual Participation Principle
Allow affected individuals access to information
Footnotes related to them in a manner consistent with the
1 DOJ’s Global Advisory Committee has formed working groups to handle both agency mission and when such access would
information sharing “security” and “privacy” issues. Please see “Global Resources for
the Justice Decision Maker” at the end of this document for further information. otherwise not compromise an investigation, case,
court proceeding, or agency purpose and mission.
policies simply address the process by which outside entities obtain information from
the agency under the federal Freedom of Information Act or the local “public records
access” equivalent. While having a policy that defines information disclosure under
applicable public records law is an aspect of a systematic approach to privacy and
8. Accountability Principle
data management, such a policy does not address the issues and concerns that are
the focus here. Such a policy is a step in the right direction but does not complete the
Have a formal means of oversight to ensure the
journey. privacy and information quality policies and the
3 SEARCH, The National Consortium for Justice Information and Statistics design principles contained therein are being
(with funding from the Bureau of Justice Assistance) has done extensive work with
the Justice Information Exchange Model (JIEM) Project to facilitate the charting of honored by agency personnel.
your information flow. Information about the JIEM Project, including project documents
and training opportunities, is available at www.search.org/integration/
Global Resources for the Justice Decision Maker
• The Global Justice Extensible Markup
Language (XML) Data Model (Global JXDM)—
The U.S. Department of Justice’s (DOJ) Global Justice What began in March 2001 as a reconciliation of
Information Sharing Initiative (Global) serves as a data definitions evolved into a broad endeavor
Federal Advisory Committee to the U.S. Attorney to develop an XML-based framework to enable
General on critical justice information sharing the entire justice and public safety community
initiatives. Global promotes standards-based electronic to effectively share information at all levels of
information exchange to provide justice and public government—laying the foundation for local, state,
safety communities with timely, accurate, complete, tribal, and federal justice interoperability.
and accessible information in a secure and trusted
environment. Global is administered by the • Applying Security Practices to Justice
U.S. Department of Justice, Office of Justice Information Sharing is a field compendium of
Programs, Bureau of Justice Assistance. current best practices and successful models for
justice-related information technology (IT) security.
Since 1998, DOJ’s Global Advisory Committee The publication covers key IT security topics from
(GAC or “Committee”) has concentrated its diverse detection and recovery to prevention and support.
expertise on challenges to and opportunities for • The Justice Standards Clearinghouse for
justice and public safety data exchange. Members Information Sharing is a Web-based standards
of this Federal Advisory Committee actively pursue clearinghouse promoting a central resource of
broadscale information sharing, communicating their information sharing standards and specifications
recommendations directly to the nation’s leading that have been developed and/or implemented
justice official—the U.S. Attorney General. across the nation.
Being intimately acquainted with practitioners’ • The OJP IT Initiatives/Global Justice
demands, GAC representatives are particularly Information Sharing Initiative Web site is a
gratified to support the development and distribution comprehensive “one-stop shop” developed for
of resources for those in the field—they, too, are interested justice and public safety practitioners
producers, consumers, and administrators of the same at all levels of government and all stages of the
crucial justice-related data. information sharing process. In addition to housing
the resources outlined above, topics include:
Privacy, Civil Liberties, and Information Quality ¤ GAC publications, minutes, presentations, and
concerns compose one objective of Global’s announcements.
¤ Featured information sharing initiatives and
overarching mission. Intelligence, Infrastructure/ organizations.
Standards, and Security solutions are also necessary ¤ Computer system information exchange processes.
to drive justice information sharing forward. To that ¤ New policy and technology developments.
end, GAC’s advice and counsel have yielded the ¤ Model information sharing systems.
following resources to help justice officials make the ¤ Information sharing “lessons learned.”
¤ Promising practices.
best business decisions possible: ¤ Peer-to-peer networking.
¤ Events calendar.
• The National Criminal Intelligence Sharing Plan ¤ Latest justice IT news.
(Plan) provides a cohesive vision and practical
For updates and access to all above resources,
solutions to improve law enforcement’s ability to
visit www.it.ojp.gov/global. To speak with someone
detect threats and protect communities. The office
about DOJ’s Global Initiative or GAC events—including
of the U.S. Attorney General has endorsed the Plan
biannual GAC meetings open to the public—or obtain
and is committed to making the resources available
hard copy documents, please call Global staff at
to carry out its goals.
(850) 385-0600, extension 285.
This project was supported by Grant No. 2005-NC-BX-K164 awarded by the Bureau of Justice Assistance, in collaboration
rev. 02/08 with the U.S. Department of Justice’s Global Justice Information Sharing Initiative. The Bureau of Justice Assistance is a
component of the Office of Justice Programs, which also includes the Bureau of Justice Statistics, the National Institute of Justice,
the Office of Juvenile Justice and Delinquency Prevention, and the Office for Victims of Crime. Points of view or opinions in this
document are those of the author and do not represent the official position or policies of the U.S. Department of Justice.