Category Archives: fusion centers

San Diego (ICAC) Task Force aids development of technology in the fight against child pornography and child sexual assault material

August 1, 2022 (San Diego, CA)  The National Center for Missing and Exploited Children (NCMEC) is on the front lines of the fight against online crimes against children. Their ‘CyberTipline’ is the country’s centralized system for reporting the online exploitation of children.

According to NCMEC’s website, “Concerned individuals and organizations make reports of suspected online enticement of children for sexual acts, child sexual molestation, child sexual abuse material, child sex tourism, child sex trafficking, and unsolicited obscene materials sent to a child.

A full report of the CyberTipline can be found on the NCMEC website.

Working with Law Enforcement

In this important work, NCMEC works closely with The Internet Crimes Against Children (ICAC) Task Force Program. That program was created to help law enforcement agencies enhance their ability to investigate offenders who use online communication systems to sexually exploit children.

In the United States, there are over 60 regional ICAC Task Force agencies representing almost 5,500 individual agencies.

San Diego’s ICAC task force simplifies the triage and investigation of CSAM and crimes against children incidents.

Sergeant Garrick Nugent is commander of the San Diego ICAC Task Force. His task force consists of roughly 33 different agencies that endeavor to work together to investigate cybercrimes against children in San Diego, Imperial, and Riverside Counties. According to Nugent, most investigations begin with NCMEC, which contacts San Diego ICAC when it believes there’s a local case. These tips, referred to as CyberTips, number in the thousands each year for San Diego ICAC alone. And that number has risen consistently over the past five years.

“I truthfully believe there are more cases,” said Nugent in a 2020 interview with a CBS affiliate in San Diego. “I wish I could say we are (keeping up with the volume). We have both children and predators that are at home. They have unprecedented access to the internet. They’ve got lots and lots of time on their hands and therefore I think we’re seeing the increase as a result.”

Dealing With Growing Volume

With each CyberTip comes a host of investigation intelligence including perpetrator usernames, unique IP addresses, suspect information, Internet Service Provider details, and much more. CyberTips also include disturbing multimedia evidence of child sexual assault materials (CSAM) that must be verified by the task force. Each CyberTip must be downloaded, opened, reviewed, verified, prioritized, and assigned to investigators who already maintain a full plate of cases to investigate. To say the problem is overwhelming is an understatement.

Case Closed Software™ and San Diego ICAC’s Investigation Software for ICAC Units

Since 2020, however, Nugent’s ICAC task force has worked in partnership with Texas-based Case Closed Software to develop innovative new systems designed to simplify and speed up the entire process of triaging and managing CyberTips.

The new system was implemented last year and now, according to Nugent, “greatly helps his ICAC task force to efficiently triage the NCMEC CyberTips and to control, direct, organize, review, and track our multi-agency investigations into child abuse and exploitation.”

Working Hand in Hand to Solve Problems

A quote from Nugent on Case Closed Software’s website states “This software is a must-have for ICAC units.”

Douglas Wood is the founder and CEO of Case Closed Software. According to Wood, his company has unique functionality to allow near-instant triage of CyberTips.

“As a result of our unique partnership with San Diego ICAC, users can simply save CyberTips to our CJIS-compliant cloud service, and moments later view all pertinent information for quick and effective triage”, says Wood. “They can then be assigned to any task force case agent who can use the ICAC investigation case management system to work more efficiently through investigations and prosecutions.”

The Crimes Against Children Conference

In a joint announcement, Case Closed Software and San Diego ICAC Task Force stated support for the upcoming 34th annual Crimes Against Children Conference (CACC) in Dallas, TX beginning August 8, 2022.

According to Case Closed Software, conference attendees will be able to see the ICAC task force software in action at the Exhibitor’s Hall. CCAC is presented annually by the Dallas Children’s Advocacy Center and provides training to agencies in the fields of law enforcement, social work, child protective services, child advocacy, therapy, and medicine who work directly with child victims of crime.

Case Actions: The Baseline for Productive Investigations.

Let’s face it… RMS software, by and large, is not designed for managing major cases. Agencies know it, and the RMS vendors know it. For them, the notion of managing the complexities of major case investigations is an afterthought at best.

(The answer I give to these inquiries, by the way, is that any good investigation management software should have capabilities to ingest data from other law enforcement products, including RMS).

The more important point, however, is recognizing that criminal investigators gather vasts amounts of information during the course of an investigation. Witness statements, interviews, interrogations, tips, leads, informant statements, audio files, video files, photos, and much more. Too often, agents must rely on their RMS systems which, per above, are not purpose-built for investigations. Investigators also rely heavily on paper files and file cabinets full of notes, search warrants, and physical evidence.

Fortunately, there is an alternative… purpose built investigation case management software that utilizes what I call ‘Case Actions’ as the underlying workflow. Case Actions are the individual actions that an investigation unit takes in pursuit of closing a case. These are the investigative supplemental reports.  Case Actions are expansive in nature, and include:

  • Crime Scene Visits
  • Interviews
  • Interrogations
  • Knock ‘n Talks
  • Surveillance
  • DNA
  • Search Warrants
  • Affidavits
  • Controlled Buys
  • Arrests

… and much, much more. You get the idea, though.

By effectively logging each Case Action in a particular Case, the investigators (and management) are able to quickly and visually recognize the status of the case, and what further actions should be taken. Each Case Action leads to new information… which leads to new Case Actions. And the beat goes on. Hopefully, sooner rather than later, enough information is garnered to close the case. That’s the power of Case Action based workflow.

With the Case Action based approach, each Case Action is tied to Persons, Locations, Vehicles, etc. As a result, robust dossiers of these things are built without the individual agent(s) even realizing it.

By utilizing an investigation case management solution that is based upon Case Actions, law enforcement can leverage information from previously-entered data such as telephone numbers, evidence items, addresses, persons, gang members, etc. The Case Actions feed themselves – and each other – to build a valuable repository of investigative information.

An example: A detective has received a tip that Doug Wood is involved in a particular criminal activity. By accessing her Case Action-based system, she quickly learns that Doug Wood has been a Suspect in Case 1 (belonging to an entirely different investigator), and a Witness in Case 2 (belonging to a third investigator).

She also learns (via Case Actions performed by the Gang Unit) that Doug Wood shares an address with a confirmed Gang Member and goes by the nickname ‘Woody’. She also sees Doug’s previous addresses, telephone numbers, work history, social media accounts and so on… each of which has been logged as part of completely unique Case Actions.

That is the power of Case Actions based investigation management software. Because each previous Case Action involving Doug Wood was logged, the current investigator has a goldmine of information at her fingertips.

Case Closed Software is the leading provider of Case Action based investigation case management software for law enforcement. Contact Us for a demo today!

Compliance with CFR 28 Part 23 Criminal Intelligence Systems Operating Policies

28-cfr-part-23
As a guide for those interested in criminal intelligence systems such as IntelNexus™, Crime Tech Weekly is publishing the following overview of Title 28, Part 23 of the Code of Federal Regulations (CFR 28 Part 23). The policy reads as follows:

CFR 28 PART 23–CRIMINAL INTELLIGENCE SYSTEMS OPERATING POLICIES
1. Purpose.
2. Background.
3. Applicability.
4. Operating principles.
5. Funding guidelines.
6. Monitoring and auditing of grants for the funding of intelligence systems.

1 Purpose.
The purpose of this regulation is to assure that all criminal intelligence systems operating through support under the Omnibus Crime Control and Safe Streets Act of 1968 are utilized in conformance with the privacy and constitutional rights of individuals.
2 Background.
It is recognized that certain criminal activities including but not limited to loan sharking, drug trafficking, trafficking in stolen property, gambling, extortion, smuggling, bribery, and corruption of public officials often involve some degree of regular coordination and permanent organization involving a large number of participants over a broad geographical area. The exposure of such ongoing networks of criminal activity can be aided by the pooling of information about such activities. However, because the collection and exchange of intelligence data necessary to support control of serious criminal activity may represent potential threats to the privacy of individuals to whom such data relates, policy guidelines for Federally funded projects are required.
3 Applicability.
(a) These policy standards are applicable to all criminal intelligence systems operating through support under the Omnibus Crime Control and Safe Streets Act of 1968.
(b) As used in these policies: Criminal Intelligence System or Intelligence System means the arrangements, equipment, facilities, and procedures used for the receipt, storage, interagency exchange or dissemination, and analysis of criminal intelligence information; Inter-jurisdictional Intelligence System means an intelligence system which involves two or more participating agencies representing different governmental units or jurisdictions; Criminal Intelligence Information means data which has been evaluated to determine that it: (i) is relevant to the identification of and the criminal activity engaged in by an individual who or organization which is reasonably suspected of involvement in criminal activity, and (ii) meets criminal intelligence system submission criteria; Participating Agency means an agency of local, county, State, Federal, or other governmental unit which exercises law enforcement or criminal investigation authority and which is authorized to submit and receive criminal intelligence information through an inter-jurisdictional intelligence system. A participating agency may be a member or a nonmember of an inter-jurisdictional intelligence system; Intelligence Project means the organizational unit which operates an intelligence system on behalf of and for the benefit of a single agency or the organization which operates an inter-jurisdictional intelligence system on behalf of a group of participating agencies; and Validation of Information means the procedures governing the periodic review of criminal intelligence information to assure its continuing compliance with system submission criteria established by regulation or program policy.
us-constitution4 Operating principles.
(a) A project shall collect and maintain criminal intelligence information concerning an
individual only if there is reasonable suspicion that the individual is involved in criminal conduct or activity and the information is relevant to that criminal conduct or activity.
(b) A project shall not collect or maintain criminal intelligence information about the political, religious or social views, associations, or activities of any individual or any group, association, corporation, business, partnership, or other organization unless such information directly relates to criminal conduct or activity and there is reasonable suspicion that the subject of the information is or may be involved in criminal conduct or activity.
(c) Reasonable Suspicion or Criminal Predicate is established when information exists which establishes sufficient facts to give a trained law enforcement or criminal investigative agency officer, investigator, or employee a basis to believe that there is a reasonable possibility that an individual or organization is involved in a definable criminal activity or enterprise. In an inter-jurisdictional intelligence system, the project is responsible for establishing the existence of reasonable suspicion of criminal activity either through examination of supporting information submitted by a participating agency or by delegation of this responsibility to a properly trained participating agency which is subject to routine inspection and audit procedures established by the project.
(d) A project shall not include in any criminal intelligence system information which has been obtained in violation of any applicable Federal, State, or local law or ordinance. In an inter-jurisdictional intelligence system, the project is responsible for establishing that no information is entered in violation of Federal, State, or local laws, either through examination of supporting information submitted by a participating agency or by delegation of this responsibility to a properly trained participating agency which is subject to routine inspection and audit procedures established by the project.
(e) A project or authorized recipient shall disseminate criminal intelligence information only where there is a need to know and a right to know the information in the performance of a law enforcement activity.
(f) (1) Except as noted in paragraph (f) (2) of this section, a project shall disseminate criminal intelligence information only to law enforcement authorities who shall agree to follow procedures regarding information receipt, maintenance, security, and dissemination which are consistent with these principles. (2) Paragraph (f) (1) of this section shall not limit the dissemination of an assessment of criminal intelligence information to a government official or to any other individual, when necessary, to avoid imminent danger to life or property.
28-cfr-cop
(g) A project maintaining criminal intelligence information shall ensure that administrative, technical, and physical safeguards (including audit trails) are adopted to insure against unauthorized access and against intentional or unintentional damage. A record indicating who has been given information, the reason for release of the information, and the date of each dissemination outside the project shall be kept. Information shall be labeled to indicate levels of sensitivity, levels of confidence, and the identity of submitting agencies and control officials. Each project must establish written definitions for the need to know and right to know standards for dissemination to other agencies as provided in paragraph (e) of this section. The project is responsible for establishing the existence of an inquirer’s need to know and right to know the information being requested either through inquiry or by delegation of this responsibility to a properly trained participating agency which is subject to routine inspection and audit procedures established by the project. Each intelligence project shall assure that the following security requirements are implemented: (1) Where appropriate, projects must adopt effective and technologically advanced computer software and hardware designs to prevent unauthorized access to the information contained in the system; (2) The project must restrict access to its facilities, operating environment and documentation to organizations and personnel authorized by the project; (3) The project must store information in the system in a manner such that it cannot be modified, destroyed, accessed, or purged without authorization; (4) The project must institute procedures to protect criminal intelligence information from unauthorized access, theft, sabotage, fire, flood, or other natural or manmade disaster; (5) The project must promulgate rules and regulations based on good cause for implementing its authority to screen, reject for employment, transfer, or remove personnel authorized to have direct access to the system; and (6) A project may authorize and utilize remote (off-premises) system data bases to the extent that they comply with these security requirements.
(h) All projects shall adopt procedures to assure that all information which is retained by a project has relevancy and importance. Such procedures shall provide for the periodic review of information and the destruction of any information which is misleading, obsolete or otherwise unreliable and shall require that any recipient agencies be advised of such changes which involve errors or corrections. All information retained as a result of this review must reflect the name of the reviewer, date of review and explanation of decision to retain. Information retained in the system must be reviewed and validated for continuing compliance with system submission criteria before the expiration of its retention period, which in no event shall be longer than five (5) years.
(i) If funds awarded under the Act are used to support the operation of an intelligence system, then: (1) No project shall make direct remote terminal access to intelligence information available to system participants, except as specifically approved by the Office of Justice Programs (OJP) based on a determination that the system has adequate policies and procedures in place to insure that it is accessible only to authorized systems users; and (2) A project shall undertake no major modifications to system design without prior grantor agency approval.
audit-400x400(j) A project shall notify the grantor agency prior to initiation of formal information exchange procedures with any Federal, State, regional, or other information systems not indicated in the grant documents as initially approved at time of award.
(k) A project shall make assurances that there will be no purchase or use in the course of the project of any electronic, mechanical, or other device for surveillance purposes that is in violation of the provisions of the Electronic Communications Privacy Act of 1986, Public Law 99-508, 18 U.S.C. 2510-2520, 2701-2709 and 3121-3125, or any applicable State statute related to wiretapping and surveillance.
(l) A project shall make assurances that there will be no harassment or interference with any lawful political activities as part of the intelligence operation.
(m) A project shall adopt sanctions for unauthorized access, utilization, or disclosure of
information contained in the system.
(n) A participating agency of an inter-jurisdictional intelligence system must maintain in its agency files information which documents each submission to the system and supports compliance with project entry criteria. Participating agency files supporting system submissions must be made available for reasonable audit and inspection by project representatives. Project representatives will conduct participating agency inspection and audit in such a manner so as to protect the confidentiality and sensitivity of participating agency intelligence records.
(o) The Attorney General or designee may waive, in whole or in part, the applicability of a particular requirement or requirements contained in this part with respect to a criminal intelligence system, or for a class of submitters or users of such system, upon a clear and convincing showing that such waiver would enhance the collection, maintenance or dissemination of information in the criminal intelligence system, while ensuring that such system would not be utilized in violation of the privacy and constitutional rights of individuals or any applicable state or federal law.
federal-funds5 Funding guidelines.
The following funding guidelines shall apply to all Crime Control Act funded discretionary assistance awards and Bureau of Justice Assistance (BJA) formula grant program subgrants, a purpose of which is to support the operation of an intelligence system. Intelligence systems shall only be funded where a grantee/subgrantee agrees to adhere to the principles set forth above and the project meets the following criteria:
(a) The proposed collection and exchange of criminal intelligence information has been
coordinated with and will support ongoing or proposed investigatory or prosecutorial activities relating to specific areas of criminal activity.
(b) The areas of criminal activity for which intelligence information is to be utilized represent a significant and recognized threat to the population and: (1) Are either undertaken for the purpose of seeking illegal power or profits or pose a threat to the life and property of citizens; and (2) Involve a significant degree of permanent criminal organization; or (3) Are not limited to one jurisdiction.
(c) The head of a government agency or an individual with general policy making authority who has been expressly delegated such control and supervision by the head of the agency will retain control and supervision of information collection and dissemination for the criminal intelligence system. This official shall certify in writing that he or she takes full responsibility and will be accountable for the information maintained by and disseminated from the system and that the operation of the system will be in compliance with the principles set forth in 23.20.
(d) Where the system is an inter-jurisdictional criminal intelligence system, the governmental agency which exercises control and supervision over the operation of the system shall require that the head of that agency or an individual with general policymaking authority who has been expressly delegated such control and supervision by the head of the agency: (1) assume official responsibility and accountability for actions taken in the name of the joint entity, and (2) certify in writing that the official takes full responsibility and will be accountable for insuring that the information transmitted to the inter-jurisdictional system or to participating agencies will be in compliance with the principles set forth in 23.20. The principles set forth in 0 23.20 shall be made part of the by-laws or operating procedures for that system. Each participating agency, as a condition of participation, must accept in writing those principles which govern the submission, maintenance and dissemination of information included as part of the inter-jurisdictional system.
(e) Intelligence information will be collected, maintained and disseminated primarily for State and local law enforcement efforts, including efforts involving Federal participation.
6 Monitoring and auditing of grants for the funding of intelligence systems.
(a) Awards for the funding of intelligence systems will receive specialized monitoring and audit in accordance with a plan designed to insure compliance with operating principles as set forth in 23.20. The plan shall be approved prior to award of funds.
(b) All such awards shall be subject to a special condition requiring compliance with the
principles set forth in 23.20.
(c) An annual notice will be published by OJP which will indicate the existence and the objective of all systems for the continuing inter-jurisdictional exchange of criminal intelligence information which are subject to the 28 CFR Part 23 Criminal Intelligence Systems Policies.
___________
black versionCrime Tech Solutions is a leading provider of criminal intelligence database management software for 28 CFR Part 23 compliance. The company also develops Case Closed™ investigation case management software, sophisticated link analysis software, and advanced crime analytics.

Criminal Intelligence Databases: Violations of privacy rights are the exception, not the rule.

privacyThe notion that law enforcement fusion centers regularly violate individuals’ privacy rights as they capture intelligence on gangs, terrorist activities, organized crime, and other threats to public safety is simply not true. That, according to a study published in the Journal of Police and Criminal Psychology.
The paper, “Law Enforcement Fusion Centers: Cultivating an Information Sharing Environment while Safeguarding Privacy,” was authored by Jeremy Carter, an assistant professor of  Public and Environmental Affairs at Indiana University-Purdue University Indianapolis. His article carefully addresses the privacy-rights issue of criminal intelligence gathering, among others.
fusion_centers_mapThere are approximately 80 fusion centers in the United States. They were created in response to the 9/11 terrorist attacks. The attacks exposed the requirement for greater information sharing and improved intelligence capabilities at all law enforcement levels.  According to the article’s author, the idea was to have the key pieces of data funneled into fusion centers so that highly trained analysts could stay atop of threats and correspond with local law enforcement agencies on these potential threats.
Designed with a view to enhance information-sharing among agencies, fusion centers act as ‘hubs’ of data and intelligence on gang activities, terrorist cells, organized crime, and other public safety threats. Vast amounts have data has been collected, and concerns about individual privacy and civil rights have ensued. The very legitimacy of these fusion centers has been called into question.
bigbrotherThe notion that law enforcement fusion centers represent ‘Big Brother’, and that data is being stored and disseminated about people irrespective of whether they are suspected of criminal activity is simply wrong, according to Professor Carter.
Still, concerns remain about who can access the data, and for what purpose. However, a survey of fusion centers across the country suggests that they take appropriate steps to safeguard individual privacy via something called Federal Regulatory Code CFR 28 Part 23.
28-cfr-part-23“Fusion centers are following the federal regulatory code, 28 CFR Part 23, that is the legal standard for collecting information,” Carter said. “That code says you have to establish a criminal predicate, basically probable cause, to keep information on identifiable individuals.”
Additionally, the majority of the fusion centers have implemented strong controls that provide built-in safeguards that protect the privacy of individuals. The fusion centers are also regularly audited to ensure that only the correct type of data is gathered, and that is stored and disseminated in a need-to-know basis.
black versionCrime Tech Solutions develops and markets a suite of crime fighting software including IntelNexus™, a criminal intelligence database system that complies with the above mentioned code 28 CFR Part 23. The company also provides software for investigation case management, advanced crime analytics, and link/social network analysis.

Study: Violations of privacy rights by fusion centers are the exception, not the rule

Great 28 CFR Part 23 article from Indiana University – Purdue University Indianapolis discussing Jeremy Carter’s “Law Enforcement Fusion Centers: Cultivating an Information Sharing Environment while Safeguarding Privacy.”
See the article at http://news.iupui.edu/releases/2016/07/fusion-centers-privacy-concerns-carter.shtml