Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Save to My Library
Look up keyword
Like this
0Activity
0 of .
Results for:
No results containing your search query
P. 1
Oakland Domain Awareness Center Privacy Policy DRAFT - May22 2014

Oakland Domain Awareness Center Privacy Policy DRAFT - May22 2014

Ratings: (0)|Views: 48 |Likes:
Published by Phil Wolff
Outline showing what the DAC privacy policy should include.
Outline showing what the DAC privacy policy should include.

More info:

Published by: Phil Wolff on May 23, 2014
Copyright:Traditional Copyright: All rights reserved

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

05/23/2014

pdf

text

original

 
Oakland Domain Awareness Center Privacy Policy
DRAFT - DRAFT - DRAFT - DRAFT - DRAFT - DRAFT - DRAFT - DRAFT - DRAFT BLACK = Approved Sections RED = Suggested sections - NOT discussed in the DAC Committee BLUE = Not approved suggested wording as a result of discussion in the DAC Committee
Table of Contents
Table of Contents  All subsequent revisions of this Privacy Policy must address these issues: Core Values/Unbreakable Principles. Purpose of the DAC High-Level Strategies Changes to the privacy policy
1.All subsequent revisions of this Privacy Policy must address these issues:
a. Information sharing Agreements b. Penalties for Abuse c. Auditing d. Data Retention e. Analytics (Currently not part of the DAC - we could preempt future policy work on this by having an opinion.) - i. Need good definition of Analytics (Port considers Motion Detection Analytics which is critical for the Port to be included, DAC critics consider Facial Recognition and Gait recognition as analytics which is important to them not be included) f. Protection of Whistleblowers g. Purpose definition of the DAC h. Data Minimization i. Data Safeguards (Prevention of abuse)  j. Public Access k. Metrics (is the DAC living up to its goals, is it worth the ongoing cost) l. Security (Primarily Data-security) m. Dispute resolution n. Project Innocence (can the DAC help prove innocence and at what cost)
 
2.Core Values/Unbreakable Principles.
No strategies either high level or operational can violate the following Unbreakable Principles - if any part of this policy is later found to violate any of these Unbreakable principles then the violating part is void and null. Rest of DAC Privacy policy remains in effect.
a. Constitutionality (both Federal and California constitution) i. 1st amendment ii. 4th amendment b. Efficiency c. Safety i. Economic Realities (Need more details) d. Transparency e. Amendability - Citizens ability to amend information about her/himself f. Presumption of Innocence
3.Purpose of the DAC
a. All - Port, OPD, FD i. Real time - Disaster Response 1. Earthquake 2. Fire b. Port i. Real time - examples but not limited to: 1. Tsunami response 2. Ship Bridge collision prevention and response 3. Hazardous material response (HazMat) 4. Perimeter enforcement / Physical Intrusion prevention ii. “After the Fact1. Port has NO need for “after the fact” access to DAC data - Such data can be accessed from other sources c. Oakland Police Department (OPD) i. Real time - examples but not limited to: 1. Coordination of initial response to Crime 2. OPD would like to use the DAC for response to all kinds all the way down to misdemeanor 3. OPD would like data to be retained for 1 shift (8 hours) for this purpose ii. After the Fact 1. Port has NO need for “after the fact” access to DAC data - Such data can be accessed from other sources d. Oakland Fire Department (OFD) i. Real time - examples but not limited to: 1. Coordination of real time response to OFD taks including a. Fire b. Injury c. Hazmat (like Railcar incidents) ii. After the Fact 1. Port has NO need for “after the fact” access to DAC data - Such data can be accessed from other sources
 
 
4.High-Level Strategies
a. Metrics i. Do we achieve what we intended? ii. At what cost? b. Data Minimization i. Only collect what is needed ii. Shortest possible Data retention c. Prevention of Abuse i. Data safeguards ii. Penalties for Abuse iii. Data Security iv. Abuse via Public access laws v. Checks and Balances d. Transparency i. Auditability ii. Protection of Whistleblowers iii. Public Access iv. Dispute Resolution v. Amendability vi. Accessibility of policy and working guidelines vii. Understandability e. Data sharing agreements i. Purpose of Data sharing must be narrowly defined ii. Down-stream cannot share our DAC data - All sharing of Oakland DAC data must be approved according to the privacy policy iii. Penalties for downstream sharing f.
5.Changes to the privacy policy
This DAC privacy policy must stay current and relevant, this section should ensure that a. Schedule and who can change i. This policy can be changed from time to time as needed ii. Changes must be proposed by an Ad Hoc advisory committee and ratified by the City council iii. The Ad Hoc committee must be specifically assembled to review the DAC Privacy policy iv. The Ad Hoc committee is appointed by the City council with each council member being able to appoint up to 2 members on the committee. v. The Privacy policy must be reviewed at least every 5 years by an appointed Ad Hoc advisory Committee

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->