Welcome back to this weekly meeting of the Health and Safety Committee with Denver City Council.

Coverage of the Health and Safety Committee starts now.

Good morning and welcome to the Health and Safety Committee meeting for January 28th.

My name is Darrell Watson.

I'm honored to serve as the chair of this committee, also as the city council member representing the fine District 9.

We have quite a few city council members in the committee room.

Why don't we start with introductions, starting from our right, and then we'll go online.

So we'll start with Council Member Torres.

Thank you.

Right and left.

Yeah, yeah.

Never thought of ourselves on the right.

Cue me.

Cue me.

Jamie Torres, West Denver District 3.

Thank you, Mr. Chair.

Kevin Flynn, Southwest Denver's District 2.

Laura Vitres, Lucky District 7.

Amanda Sawyer, District 5.

I'm pleased to be on the left.

Cashman, South Denver, District 6.

Good morning.

Serena Gonzalez-Gutierrez, one of your council members at large.

Good morning.

San about Northwest Denver, District 1.

And just verifying, do we have someone online?

Is Council Member Parity online?

And I'm not the only one.

Good morning.

Diana Romero-Campbell, Southeast Denver District 4.

Good, both of you. Thank you so much for joining. We have a briefing this morning, an update on

surveillance task force. And so, Mr. Hoffman, I'll turn it over to you for the presentation and

introduction. If there are any folks in the audience that you would also like to participate,

just let us know and they'll be able to come up and speak from the mic. So, over to you.

Thank you, Committee Chair. Tim Hoffman, I'm in the Mayor's office. I serve as his Director of Policy.

I want to thank all the members of Council for the opportunity to come back for the second update of the Surveillance Technology Task Force,

give you a little bit of an update of where we are.

I know that in the room we have Council Members Gonzalez-Gonizierrez and Flynn, who are members of the task force, and then online Councilwoman Parity.

So once I quickly tick through the updates that I have, I'd like to give them the opportunity to give their updates or their perspective as well.

Before anything else, though, I did just want to take one moment to acknowledge someone in the audience here.

We have Emily Lauck, who's been with the Department of Safety for a good number of years and is tragically, unfortunately, leaving us, I believe, at the end of this week.

So I wanted to thank Emily for her years of service to the City of Denver.

And on a very personal note, I'm thrilled.

Things are going to get better from there, I promise.

So just a quick agenda for today.

I want to give a little bit of an update of the task force overview.

One of the questions or the comments that we heard from the last task force is folks

wanted to see a full list of who is participating in the task force on the next slide and then

after that what the overall mission or the goal of the task force is so council president sandoval

provided some incredibly helpful language that helped frame it i've talked with a couple of

other folks the the mission statement or the goal is something that from my perspective is is what

we are aiming towards it hasn't been something that's been signed off on by all and each individual

task force member. So just wanted to flag that. We'll give a little update on what we've been

doing so far. I'm going to have Tara Segura in technology services come to the table in a moment.

She can talk about some of the changes that technology services has already made

to some of our systems and then talk about where we are going next.

So here is the full list of representatives of the surveillance technology task force. I won't

read them individually. But as you can see, we tried to make sure we had a good cross-section

of agencies from the administration, obviously several city council members, community groups,

and then other subject matter experts. We have several professors who work either in data,

data security and technology. We have legal subject matter experts and other folks. So it is a

a fairly representative group of people who are sitting at the table in these meetings.

It thus far has yielded some good productive discussion and also some disagreement, which

is what I think signifies a productive task force when it's not just a bunch of people

agreeing.

So again, this is the mission or the goal of the task force.

and I highlighted two things that I think are particularly important,

the shared framework and the clear standards that we want to promote here.

Technology services, Denver Police Department, Department of Safety

actually have already really robust safeguards, tools, guidelines in place.

I think one of the issues that we've come across in the course of these discussions

is that it's not particularly easy for the public to navigate and find where those tools are,

where the guidelines are, where the rules and regulations are, and making sure that the public,

the city council members all feel like they, number one, know the guidelines that are in place.

And then as new technologies come online and become available, that they have a good sense

of what those technologies are and how they're impacting the community at large.

So what we've been working on so far, as I said, it was an understanding of the current policies

and procedures that exist in the city, that's focused largely on two separate things. There's

the technology services vendor risk assessment, which is something that they do when new technologies

are being brought online in the city. And then there's regular check-ins after that to make sure

that there is continued compliance with our policies and procedures. And then through the

DPD operations manual, I believe it's section 119 of the Denver Police Operations Manual,

lists out all of the different surveillance technologies that are currently in use in the city by law enforcement,

as well as the kind of governing policies and procedures around how those technologies are employed.

So making sure that before we do anything else, we have a good baseline understanding of what the current framework looks like,

and then talking through where there are opportunities to improve upon that basic framework.

We also did a surveillance technology risk assessment exercise where the group was able to come up with, as you think about surveillance technologies that are being employed by law enforcement, not just in Denver, but in any city, what are some of the big risks that are associated with the use of those technologies?

So some of the pretty obvious ones that have come to the fore are breaches of the data security, the hacking risk, misuse of the technology by other entities, including the federal government.

So we listed, I believe it was something like 18 of these risks.

We looked at current mitigation that the city is employing to make sure that we are minimizing those risks.

And then we also talked through where there's the potential for additional mitigation, either through rules, regulations, additional contract language, or potential ordinance language as well.

And so that's an ongoing exercise that we kind of, in our meetings, we continue to reflect on and come back to is which of the potential risks does that concern fit into?

Are there current mitigation strategies that are being worked on?

And where is the opportunity for additional things to take place?

And then we did a pretty line-by-line review of the technology services vendor risk assessment and talked through that.

Tara has been an excellent thought partner for the entire task force, has been great about answering questions.

and then she and her team were able to work on some quick fixes to things that were raised already

and then there are some other things that will take a little bit longer to get implemented.

But I will now hand it over to Tara to talk through some of the things that have changed so far

and then anything else you want to add.

Yeah, thanks everyone. Good morning.

So it's been wonderful to be able to engage with everyone and get different perspectives and expertise

when it comes to looking at how we're vetting and assessing our technology

and being able to not just look at the technology,

but look at the business needs, the community's needs, and the data involved,

and being able to assess in one assessment many of those areas.

So currently as it stands, we have a vendor risk assessment

that reviews privacy, information security, architecture, data retention,

accessibility, and environmental impacts.

We've been able to expand some of the questions to incorporate more of the

privacy aspects of the data involved.

And then also one of the items that came up from external task members is that

do our vendors and those that we're assessing really understand the regulatory guidelines?

And are we doing enough to make sure that they understand? And one that I've brought up a few

times with the task force that's easy to look at is often when it comes to records management,

we receive responses from vendors of, oh, yes, we're compliant with GDPR. Well,

a lot of aspects of GDPR are completely the opposite.

What's GDPR?

Sorry. Thank you.

So GDPR are privacy and retention regulations for Europe, for the EU.

Yeah. And they're very robust for individuals to have the right to be forgotten,

to have their data deleted.

Where in Colorado, as a local municipality, we have the complete opposite for many of our record retention needs because of Colorado Revised Act, FORA, which requires us to retain records and produce when needed.

So being able to incorporate information within the assessment where we're educating our vendors on the regulatory needs of Denver has been, I think, a huge win for our team when we're assessing vendors and also for the vendors to know what they're responding to.

So we've been able to incorporate those into the assessment.

And we've also been looking at how do we appropriately have ongoing vendor management of vendors when there are compliance issues,

when things come up where we're questioning whether our data is not being secured or utilized in the manner that they've agreed to within our contracts.

So we've gone through and we're working specifically with the city attorney's office and we've created a breach and remedy language for our technology contracts that gives us quite a bit of latitude to be able to address concerns that come up and mitigate them with the vendor or take action.

We're also going to look at it from an operational perspective.

So we're engaging one of our consultants to see what the industry best practices are when it comes to government entities, having vendor management where we can be able to ensure that our numerous amount of technology vendors are complying with the agreed upon terms.

The third item that the team has started to engage on is looking at the vendor rate assessment from the view of making sure that the data is being collected, utilized, maintained in a manner that protects our city's data and individual civil liberties.

This is another recommendation that came out of the task force.

So my team has started to collaborate with the mayor's office and specifically the Office of Social Equity and Innovation to help develop and implement some specific questions within the assessment.

So where we can, from the beginning, when we're even just looking at and engaging with the vendor, ensure that they're going to be able to meet our needs when it comes to the data.

So a lot more to come, but I'm pretty comfortable with what we've accomplished so far.

And it's been great to have these conversations where it's just not technology focused.

We're able to bring in all of the different expertise and really have a robust conversation.

Absolutely.

Thank you, Tara.

And I'm sure if you can sit at the table, I would imagine there's going to be a question

or two for you.

Where we're going next.

So we've already started to do two things at once, which is survey ordinances and other examples in other cities that they have employed around surveillance technology regulations that other cities have.

Seattle, New York City, Madison, Wisconsin, Berkeley, California, a couple of other places.

Happy to send this group the full list of cities that have pretty robust surveillance technology ordinances.

And then we, in the last meeting, had some discussions around if we were to come up with an ordinance for the city council to consider what would be the large buckets that this group would like to see, what are the areas that other cities have that we think would be viable here, what are the things that maybe don't work.

So that's kind of the next step. I'm hopeful that in the next month or two, we'll have something a little bit more concrete to share with you all to get reactions on.

But that's where we're going next. So with that, I will stop and see.

I know Councilmembers Gonzalez Gutierrez and Flynn in the room are on the task force and then Councilmember Parity online.

So I would give them an opportunity to offer any additional thoughts or context from their perspective.

But thank you all. Tim, if you can pull down the presentation and we have a queue starting first with Council Member Perry, Council Member Gonzalez, Council Member Flint, and then we'll continue on with the other council members that I'm just adding to the queue.

Thanks, Tim. Sorry not to be there in person. I've got a sinus infection going on. So thanks for everyone's patience with that.

Tim, the first, well, so just by way of kind of response or addition, I don't have a lot to add.

I think that describes, we've gotten a lot more into the meat of things recently.

And I was, I'm glad about some of the changes that were made to that VRA process.

I would say that I think from my point of view, the risk mitigation analysis, we, there's kind of a lot of risk left to mitigate.

So I think an ordinance is still very, very important.

But I don't think anyone necessarily disagrees with that.

And then we have some questions that are still outstanding about FLOC and ALPRs specifically.

Looking back to the past, this is from our last council meeting.

You had helpfully sent around a PDF, sorry, from our last committee presentation on this by you.

You sent around a PDF that answered many, many council questions, but there were a number that were still outstanding.

And it's mostly about what FLOC has done in the past with our data.

And I just maintain that it is important for us to know that going forward with an ordinance because it's just for us to get that kind of risk assessment right.

We need to be sort of clear-eyed about the vendors that we've been working with and what's actually happened.

So these are questions like, has FLOC gotten subpoenas in response to which it has disclosed Denver data?

Has FLOC disclosed Denver data on the basis of exigency?

You know, all of those kinds of things.

So I just want to go back to those questions because I continue to think that they're really important. And then in the redact, or sorry, the flock logs that were sent around most recently, I had asked for a much shorter list of jurisdictions with the hope that DPD and the Department of Safety would then be able to review those searches and provide a lot more of the search terms.

because I know it's way too burdensome to look at every search that's ever been done of Denver data

because it's millions and millions and millions of searches and look at the reasons for that

and figure out if there's ongoing investigations or public safety impacts.

I get that, you know, that's just overburdensome from a CCJRA point of view.

But I'm trying to get us to a point where we're just looking at, excuse me,

Denver and surrounding areas and also the federal agencies that had access

and getting more specific about what they have searched for.

not just when they've expressly searched for ICE, but kind of regardless of what those search terms are,

because it's just hard without us seeing that to understand what we're making policy about.

So those are the outstanding questions.

But other than that, I agree that we're on a good trend in the task force.

And I think Council Member Gonzalez Gutierrez probably has more to say about that.

Council Member Flynn probably has more to say about that.

There's also, yeah, I'll let Council Member Gonzalez Gutierrez mostly speak to this,

but we have been doing this, you know, looking at some of these other cities and thinking about

ordinance language and all of that. So, yeah, thank you very much. That's all I had. Appreciate

it. Thank you, Mr. Chair. Thank you, Councilman Perida. I hope you feel better soon. And Councilman

Morgan's office, the chairs before you jump in. Tim and team, do you want to reflect, respond to

any of the comments? I know some of the questions are going to require research and additional

departments providing data but any response from any of the points that the council member made and

from any on terror anyone else who may want to interject on any of the pieces no just to say

council member parity thank you for the patience on some of those questions i'll go ahead and again

reach out directly to flock because i agree with you that some of those outstanding questions are

things that we will need they're weighing on so i'm happy to do that again today and we'll work

as quickly as we can to get you all the answers.

Thank you so much, Mr. Hoffman.

Council Member Gonzalez-Guterres.

Thank you, Mr. Chair.

And I do want to thank you, Tim,

for listening to the feedback

that not only us as a body have requested,

but I know even those of us on the task force,

I think maybe individually have come to you

with some points of feedback,

but also wanting to just collaborate

and figure out how we can move

the work of the task force along.

And I think we're getting to a much better place.

And I really, really do appreciate the partnership on that.

And I'm glad that we are where we are at now.

And I am looking forward to the conversations around ordinance.

I think Councilwoman Parity alluded to this.

And I think I have as well in task force meetings that we've started pinging our city attorney to try to start getting all this information gathered.

and we did some research requests within our city council office, our central staff,

so that we can be ready on our end of things and would have something for the task force,

for our colleagues to be able to take a look at. And so, you know, some of that is just very,

it's very at the very beginning, right? Very beginning stages and want to loop in folks

as we move forward. I think one of my kind of outstanding concerns right now is, yes, of course,

getting the information that has been requested because we know that will only help us.

One of the things that I've been asking for in the task force has been that we identify what are

the things, even if they are in policy, like under tech services or under DPD, that some of those

things may need to live in ordinance as well. And that is to make sure that when, you know,

if there is a change in leadership in any of these spaces, that we have the guardrails in place

through our ordinance, through our municipal code, and that there are some of those things

that are important to have in there. And we also realize that some of those things

could live in policy and that's fine, but we do want to make sure that the guardrails are in place.

With that said, I think one of the things that's, I think, kind of lingering over us is

the contracts and when things are ending and all of that stuff that's coming upon us.

And I know we continue to have other types of technologies being put out there, like

the drones and other things that are being tested or utilized, piloted.

Really, this is why I've been pushing so hard, right?

And why I've been bugging you so much, Tim, is because we need to get a control over this

and make sure that we're not constantly behind, you know, operating from behind and that we

actually have an ordinance in place so that we're not operating from a place of having to then clean

up afterwards. I'd rather us go into these contracts and enter into these surveillance

technology contracts, no matter what they are, whether it's a different ALPR service, if that's

what happens, I don't know. I would prefer that we have that, the setup before we enter into any

kind of new contract, especially I would say with the ALPR, if that is what is on the table at all.

And whether it's with FLOC or anybody else, I think we need to have that done before another

contract is or anything is being going as going forward is that we need to have the ordinance in

place. And that's what we've been pushing for. And so I think we have a lot of the task force

members are ready to make that happen. And I think we just need to really sink our teeth in

and make that happen. Thank you, Mr. Chair. Thank you so much, Council Member Gonzales-Guterres.

Council Member Flynn. Thank you, Mr. Chair. There's not much I could add to that, but I am,

I just want to concur that the task force has really accelerated the last maybe two meetings,

whereas in the beginning it just felt like what was asked of us seems so precise, but when we

opened the door, it just a lot of, it was like the fire hose came on. And so it took a while to get

our feet on the ground and feel like we're making progress. I know that can be frustrating

to the body here and to folks who've been expecting answers and answers don't come easily.

But I do appreciate the work that's been done lately. And I believe also that we can have,

should have an ordinance in the DRM, something in the DRMC that addresses privacy framework

policies, because every technology might be different. But I think it needs to address

all of the, as much as we can, all of the universe of surveillance technologies. It's not just

license plate readers. It's, you know, halo cameras. It's, you know, ring doorbells from

the public. There's so much out there and it just keeps growing and we can't amend the code every

time something new comes out. So as best we can, an umbrella ordinance that addresses the issues

of privacy, retention, and public safety. And how do they work to provide public safety and how can

we provide that while providing the guardrails that we need? So thank you, Mr. Chair. And I know

that I'm not speaking on behalf of Council, but I just wanted to say for the task force members,

I mean, this is a heavy lift. I mean, this is not just a local municipal discussion. This is

happening across the state. It's happening across the country as to how we focus on this and having

kind of a thoughtful process. It never goes fast enough. A decisioning and an ordinance process

always takes longer than we expect. But I appreciate all three of you for your leadership

and engagement and pushing this forward.

So thank you all.

And to the task force members that are in the audience,

I'm not sure, are there task force members in the audience?

I don't know if they're online.

Online?

I see the chief, I see our team here.

And for folks who are online, I just want to thank you as well.

I would remiss if I didn't take a moment to thank you.

We have a queue with Council Member Torres,

Council Member Sawyer, and then Council Member Alvides.

Thank you, Mr. Chair.

Thank you, Tim, and my colleagues who are serving on this.

When you mentioned the survey of ordinances and best practices, Tim, are you also looking at times when lawsuits have been filed or what have been the results of those?

I'm just wondering if there's anything that might not be an unofficial policy, but something that maybe highlights a miss or something that went wrong.

Yeah, that's a great question, Councilman Torres.

So certainly as it relates to license plate readers, there's been a lot of legal back and forth in the last 18 months.

So that's been something that has come up and we've been looking at.

There's not really anything definitive that have come out of those cases, but it has been helpful to review those.

I think that that's a really good additional flag to incorporate.

One of the things that we have talked about as it relates to a vendor risk assessment

is making sure that the city attorney's office is more looped in at the very beginning of that

process to make sure that, yes, maybe the technical aspects of the new technology all

check the boxes that Tara and her team want to see, but are there going to be constitutional

concerns that we have with rolling out this new technology? Are there going to be other

legal considerations that should be flagged at the very beginning? So that's something that's been

a top of mind discussion point of how to incorporate that early into that review process.

So I think, yes, absolutely.

Okay, great.

Thank you.

And then how are we looking at things that are coming through now before the ordinance

or the guidance is really put in place?

As I'm thinking about the tech overhaul of our 911 system, things like that.

is there any way that we're able to apply some of what we're learning now

to clear at least some of the early concerns that have been raised in other areas like LPRs?

Yeah. So I think Council Member Gonsalves Gutierrez brings up a really good point that

we don't want to just be reactive to, oh, we again learned that this thing was happening

six months after it started, and now we're going to add a contract provision, right?

But I think that the flock situation in particular has given us an opportunity to add contract provisions to have some pretty robust and additional safeguards in place in some of this.

So I think that that's not just for the ALPR system, but that has, I think, triggered amongst the city attorney's office, Department of Safety, other folks, an effort to make sure that where there are additional or new contracts coming up right now, are there kind of additional sections that we want to include?

And then Tara, I'll turn it over to you if you want to talk about some of the changes that technology services has already made.

Yeah, absolutely.

So specifically with Motorola and looking at the replacement of the 911 system, one of the reasons why we've chosen to go down that path with Motorola is because of the engagement and the transparency and willing to accept and adhere to all of the contract terms.

So they didn't make one exception to any of our technology provisions within the contractual agreement.

And we also added our new PII exhibit, which is associated to the new restrictions and requirements.

It's coming down from the AG's office to ensure that anybody that's maintaining, handling our data is also stating that they're not going to share the data with any federal agencies, anything associated to any immigration activities.

They've already agreed to all of those contract terms.

And the manner in which they're going to be maintaining the data is, from the perspective of, like, regulatory best practices and regulatory requirements, top tier.

It meets all of our CJIS requirements.

CJIS is criminal justice information systems.

And so we really feel confident that we're going to have a long-term partner that's going to want to be there.

to support our efforts and maintain and protect our data.

And it's also really exciting from the technology perspective of its modern technology.

So it gives us a lot more ability to have those technology controls over the data,

where we can implement very specific role-based access controls

where only those that have really specific business needs can access specific types of data.

So very exciting for us to be working with that vendor and utilizing technology to really advance how we're protecting it.

So we have, yeah, we've incorporated the PII certification into all of our contracts that have data involved and also the breach and remedy language.

Those are today in effect.

Right.

Yeah.

Just in terms of our briefings or even presentation and committee, I think that might be a really important thing to highlight.

That system in particular, we don't want to lose any public confidence that calling 911 exposes someone to anything.

And so that's something that I think we really want to make sure we're safeguarding that reputation that our 911 system already has and not chipping away at it through rumor or anything like that.

So that would be just really helpful information to have.

Great. Thank you.

Thank you, Mr. Chair.

Thank you, Council Member Torres.

Council Member Sawyer and Council Member Alvarez.

Thanks, Mr. Chair.

Thank you for that information.

I was actually going to ask the same thing, and I know the Motorola contract is coming, I think, next week.

So, yeah.

Do you mind being in community?

It's a question.

Next week, we appreciate it.

But I do, I want to first just start by saying thank you to all of the task force members.

This is a huge area, a body of law, and I think it is so incredibly important that we come to a space where we are finding a balance between protecting civil liberties

and also having our law enforcement officers have the ability to do their jobs with all of the different technology pieces that make sense for them, right?

And so this is a really hard balance to find, I think.

It is also an incredibly necessary balance for a city of 750,000 people because this technology is not going away.

And there are real benefits to it as it relates to community safety.

And so I just want to ask all of the task force members to keep that in mind.

I know that there are varying levels of agreement with what I just said, and that's okay.

That's the democratic process.

But, you know, I always go back to what the residents of District 5 tell me they want, because that's who I was elected to represent.

And what the residents of District 5 tell me the number one concern is, is community safety.

And, you know, I think it's just it's really important to have that lens during these conversations, because because that's what the people of Denver want.

And they're real clear about it. And so, you know, I think it is incredibly important that we protect our civil liberties.

But this is not something we can just walk away from and not have and not use.

We have to have this technology, too.

So finding the balance here, I really am grateful to all of you because it's not an easy path forward, but it's something we have to do.

So that's it. Thanks.

Thank you, Council Member Sawyer, Council Member Alvarez, and then Council President Pro Tem Romero-Campbell.

Thank you, Committee Chair.

Yes, thank you to the task force members.

I know we all have busy schedules, and so making the extra time to really dig into this gives me reassurance that we are doing the right things.

I did want to just raise up the concerns I've heard come out of community recently around this, which I think the biggest concern is the storing of data.

And I want to better understand what you're talking about when you're saying CORA and how that affects surveillance.

And my concern, I mean, we've all seen the news.

Things are escalating with immigration enforcement and what is considered an enemy of the state, what is considered a word you cannot use, such as kidnapping.

If you use that phrase that ICE is kidnapping people, you're put on a list.

So at what point, my question is at what point would that lead to a subpoena being valid for us to be tracked?

I think probably a lot of us at this table are already on their not favorite people's list.

And, you know, even just thinking at it from a personal level, like, could they subpoena my license plate and know where I'm at, where I'm going?

That is something that is scary for me personally.

It's scary for my family members.

And so I just want to lift that concern to the task force as you have these conversations.

I think that's one of my biggest concerns.

I did talk to one of the commanders in my district yesterday who mentioned the assaults that happened at the tiny home village in my district.

They were able to catch the person that assaulted due to flawed cameras.

And that makes sense to me because once the person harmed someone and you have their license plate, then you track them.

The concern for me is that you don't necessarily have any reason to be tracking me or other people.

And we're tracking everyone for 30 days and keeping that information that is vulnerable, whether it's a young woman who's being stalked, someone seeking access to abortion, or someone that has been randomly labeled, in my opinion, randomly.

But there's all these phrases that are considered making you an enemy of the state at this point at the federal level.

And so just want to elevate that concern.

But I do see like a space potentially for it in regards to like what I mentioned happened in my district.

But I would like to also see what crimes has this helped solve.

Like can we verify that it helped solve that crime?

And because there has been a lot of misinformation where we said that it did help resolve certain crimes like Jax and it hasn't.

So I would like to have more information on that.

Thank you.

Thank you.

Thank you, Council Member Alvarez, Council President Pro Tem Campbell, and then Council

President Sandoval.

And actually, I want to make sure, were there any, because Council Member Alvarez brought

up some salient points, I just want to make sure, because it feels like we're going through

the queue, I want to make sure if there's a pause, any responses, reflections, thoughts

on what was said, and obviously some of the stuff we have to come back to, but I want

to give an opportunity for folks to respond.

I'm going to add just a few items.

When it comes to motor rollers specifically, when we look at that technology and why we're choosing to work with that vendor, there's always going to be a risk of data breach.

Like there's never a risk.

But when we look at that vendor and how they are going to be maintaining our data, just like all of our technology vendors that maintain various system data, they meet the strictest regulatory requirements.

So there's different levels of security that could be present, different levels of access controls.

With what we're agreeing to with Motorola, it completely isolates and allows us to maintain ownership of our data.

So they have no ownership over it and they have no ability to utilize or share the information with how we're restricting it.

I think it's also really important to say that with the contract and the terms that we've agreed to with the PII exhibit being associated to it,

when it comes to those decisions related to when we provide information for our subpoena or share information, that's all going to be done at the city level.

They don't have the ability to make any of those decisions within our agreement with them and how the data is being protected.

So I think it's important to point that out.

I won't go too into the weeds about the security standards, but always more than willing to have a conversation or a meeting, and we can discuss some of those regulatory pieces.

But it's definitely something that we're trying to meet the most strictest secure standards possible.

I appreciate that.

And I would just say when you're talking about the data that they're keeping, that's where my question lies.

Yeah, no, I don't have too much to add other than to say that this is 1 of the focal point topics that the task force is talking about is data retention data storage. Who owns the data? At what point would it be turned over to a 3rd party via an exigent circumstance or a subpoena or anything else like that?

that. So it is a top of mind focus for everyone. And I know that with this group of people in

particular, you all are in the kind of the limelight and the really line here. So I want to

recognize that and thank you, but also just know that it is one of the things that we have been

talking about repeatedly and will be certainly something that has continued to be addressed.

Great. I think something that would be helpful is like in the last six months, how many subpoenas

that are outside of the city of Denver?

Have we received?

How many did we comply with?

Did we deny any?

What were the agencies requesting that data?

Absolutely.

Thank you, committee chair.

Thank you, council member.

And chief, I was curious from your perspective.

There's a question from council member Alvarez

on the impacts or any of the documented impacts

of the use of surveillance technology

or in folks committing crimes.

Can you speak to that? And then are we able to receive data listing when and how that has occurred, where it's been verified?

Thank you, I can.

So to your initial concern, I just want to share the fact that we all, I think, share the same values.

And so we want to make sure that any ordinance or any rules that we put into place are consistent with the values that we share.

As it relates to crimes that any ALPR system or any of our other technologies have been helpful in, we can certainly provide that data.

Great. Thank you.

Good. Council Member Alvarez?

Thank you.

Council President Pro Tem, I have you in a queue and I want to make sure you're able to hear us and to jump on in if you have any questions.

Great. Thank you. Thank you, Council Chair, Committee Chair.

And again, actually, you just answered my question.

I was wondering a little bit more about the surveillance and the data storage.

That is something that is coming up here in conversations in Southeast Denver, so I appreciate those answers.

And I also just wanted to thank the task force for doing this work.

I know it's incredibly nuanced, and I appreciate you all diving in.

I do have a question a little bit about kind of like current use. And I know that we are not asking our safety department to intervene and that we have ordinances around that.

But I am curious, with having that surveillance, is there a way for us to also see current activity that's happening with ICE in our communities?

As we talk about what we're able to pull, is there data that we're able to pull on that right now?

And who is in our communities and how that's being impacted?

Thank you, Council President Pro Tem.

This is Tim Hoffman. We can certainly circle back with you on whether there's that ability or not.

Obviously, you know, as it relates to license plate readers in particular, you would need to know the license plate.

There are now, because we put in place in Denver, you would need to have kind of an enumerated reason for the search and all of those kind of things.

But that's something that we can absolutely circle back with you on about whether that's something that we can do.

Sure. I think about that as we have, you know, eyes out terrorizing our residents.

I think I need to be able to find out where they are and in what areas I would be interested in that.

Thank you, Council President Pro Tem, Council President, and then Council Member Gonzalez-Guterres.

So thank you all for the briefing and more importantly, the collaboration.

I think that when we collaborate, we get better outcomes for all of the residents of Denver working in silos just has unintended consequences in my opinion.

I'll be interested in learning.

So I think from what I'm learning on all of the fintech side is it's changing and evolving so quickly.

And oftentimes the United States, in my studies, is the last to adopt things.

So in Japan and in China, they're already doing blockchain.

I don't know if you're familiar with it, but it makes the data more secure.

It's not a cloud base.

They're doing it for simple things like they have scooters in Japan.

They're doing it for their scooters so that you can actually keep your information secure.

They're moving it to their health care system.

So your health care system isn't actually in the cloud that you actually own your own health care system.

And so as these advances come from other countries, usually the United States is a little bit lag time from what I've been researching.

So I want to just make sure that as we get into these contracts, that they are safeguarded to protect the residents of Denver and protect our intent, right, to be able to,

what you mentioned, Councilman Alvita, is that they were able to apprehend that suspect.

They've also been used in my council district along federal.

I know they have been used along federal all the way from the county, because I'm on the

county border, to Councilmember Flint.

I know they have numerous times.

And with that, how do we create a contract that if three years from now we have new technology

technology on the horizon, who's in charge and who takes that lead. I often feel like in bureaucracy,

we move forward with these contracts and then we forget about them. And then new technology comes

in similar to what happened with Flock. When we got onto Flock, there was no, we had no idea that

they were going to be sharing information, that they were going to have contracts with Homeland

security and that our information could be commingled on the cloud and how it could safeguard

us. And we were blindsided. So I want to just make sure how do we, what is our, for lack of a better

term, standard operating procedures of coming back to these contracts and coming back to the

technology and saying, hey, do we need to pivot? Do we need to have something? Because we oftentimes

in the city want to lock ourselves in to these five-year contracts, which I understand because

you don't want to bring them back and we have to bring in all of this hardware and we have to get

all this onboarding like we're doing with Motorola. I get that. And at the same time in five years,

five years ago, there was no automatic license plate readers. There just weren't. When we first

got elected. That wasn't a thing. And so as these startups, FinTech startups blow up,

when I met with the CEO of Flock, he didn't even know all the things that I was talking about

because I had just taken a technology class. And so I was like, what do you mean? You don't

understand what I'm saying. How is it you're the CEO of a major FinTech? I realized after doing

research is because it was a startup and it got bigger than he got in front of it out in front of

his skis he really did in my personal opinion i think he did um so how are we protecting who

who is that point of contact who will make sure who in the department of safety and technology

services are making sure that we're up to date with all of the fintech that is coming out and

And how do we protect ourselves getting into these long-term contracts, yet at the same time making sure that we have enough flexibility to pivot if needed?

Yeah. Thank you, Council President.

That's a great question.

Another topic of discussion that we've been really focused on in the task force, just two responses.

In the technology services vendor risk assessment, one of the first section lays out the roles and then responsibilities of people who are doing these assessments.

and something that has been raised by members of the task force and that we're exploring how to

incorporate in is who is responsible, to your point, for the ongoing maintenance and kind of

checkup of these technologies, right? Because there are pretty explicit roles and responsibilities

around when we are onboarding these new technologies. And so is there an opportunity

to have either a new role or added responsibilities for folks in technology services, in the city

attorney's office and the Department of Safety and other places to say, hey, every whatever it is,

six months, a year, you are doing an audit or a check of the technology to make sure that it is

being used properly. The second thing that I'll note, as it relates to some of the contract

language, there are opportunities and we have incorporated into the latest FLOC contract. I

can't speak for any of the other contracts that are moving through now, but it's something that

we're certainly exploring is including very specific language in these contracts

around opting out of new technology rollouts unless the city and county of Denver reviews

the technology in advance and signs off on it, right? And I think the devil is going to be in

the details of if it's a kind of a run-of-the-mill software update where we're going from system 4.0

to 5.0, that probably falls outside of the scope of this. But if there's going to be substantive

changes to the technology that whatever the threshold is that would trigger, we want to,

we're not automatically opting in to that rollout for a lot of the reasons that you suggested. So,

Tara, you want to talk about anything else? I'll just have two other really quick items. So,

we've also implemented just late last year, Q4, an annual assessment of the vendors that we're

working with. And some of the questions that we are asking them are associated to changes in

products, changes in their third, fourth party venue of data, anything that would be applicable

in the new functionality. And then to not show my geek card a little bit too much,

in TS, we have created an innovation portal that's available to everyone in all the city users to put

in different ideas of technology innovations. And then based on the volume of individuals that are

also interested in those, they're being rated. We're doing a rice scoring associated to them

to make sure that we are staying on top of it, meeting the same needs and being innovative

when we look at technology and not being siloed to only those that are within technology services.

So pretty excited.

That just went live here a few weeks ago, and we've got quite a few ideas that are already, you know,

moving up within the scoring of individuals and the need to use them for business purposes.

Awesome.

That's awesome.

Yeah.

One last question I have is, do you all partner?

Let me take it back and say I statement.

I really love land use.

And so I have partnered with the University of Denver and their Department of Architecture.

I get capstone students from their masters of urban planning and they help me solve four things

because it's a neutral third party based in academia. It's not political or it shouldn't be.

Do you all partner right now with any university in Denver so that you can bring on subject matter

experts who are not based in bureaucracy but have different viewpoints? So for instance, the

The lead business school, CU Boulder, has a whole department based on technology innovation, like a whole entire department that I didn't even know existed until I took a class.

And when I was meeting with the professor, they literally have him go to different countries to learn about fintech startups and innovation.

It's called business innovation.

are you all partnering with those subject matter experts to make sure that we don't oftentimes

i have learned in bureaucracy you very siloed and it's very like this is how we've done it because

we've done it this way for so long and actually you can have breakthroughs when you actually face

it and you go outside your comfort zone and you go to someone who studies this and um has different

vantage points and learns from different universities throughout their whole system.

So are you all doing anything like that? Or would you be open to anything like that?

I'll speak for the task force and then Tara, if you want to just talk about other systems.

So currently, I believe we have two professors who sit on the task force as kind of those technical advisors from that side.

One from Ohio State, one was at the recommendation of Councilwoman Parity,

who's joined us for the last task force meeting, I believe is at CU or CU Denver.

They come from a kind of the legal technology side of it.

I think that there is probably opportunity to have someone who kind of understands the data science a little bit more.

But Tara, I'll let you add anything else around just generally speaking in the city.

Yeah. So there's quite a few collaborations and initiatives going on with different groups.

So specifically DU, we do collaborate quite a bit with some of their various departments.

I actually speak there on an annual basis for one of the data professors for the business school.

But then we also have, so we have various groups that bring together, you know, local and state municipalities of other individuals and different types of roles that are similar.

But then we've also engaged in quite a few different, some worldwide initiatives, some local, where they're trying to bring the right type of innovation to government.

What is it? Bloomberg.

The Bloomberg Initiative is something that technology services is very involved in and is meeting with professionals associated to it, as well as folks throughout the world trying to solve some of the issues that we are.

So it's pretty robust.

And different areas within technology services are focusing with different types of groups and consultants.

But I will say right now, SUMA, our Chief AI and Information Officer, really tries to foster that culture within the department and gives a lot of opportunity for folks to be able to have the opportunity to consult, brainstorm, and be part of those initiatives.

Okay. Yeah. Thank you. Thank you, Mr. Chair.

Thank you, Council President.

Council Member Gonzalez-Guterres.

Yeah, thank you so much, Mr. Chair.

I just wanted to touch on a few things after hearing everyone.

Thank you so much for trusting us to do this work.

Councilman Alvidrez, thank you for asking that question.

That is something that I asked way back when we had the last FLOC contract that came before Council.

So last April.

That was a question that I had and I've had in the queue for many months, almost a year.

And so I hope that we do get that data as far as, you know, because the original reason that FLOC cameras were implemented was because of auto thefts.

And from that, what we've learned is that there are other uses, right, for this technology.

And so the question is important to know, you know, what are the other types of crimes or things that are being addressed or how are these technologies being utilized,

especially with the ALPRs in these other situations. And so that's been an outstanding

question. So I appreciate you bringing that back up. The other piece that I'll just, I guess,

in the spirit of collaboration and hearing from my colleagues here, I think there is a very

a very big interest in making sure that council is apprised of what comes next.

And hearing a lot of the conversations around contracts that come before us and whatnot,

seeing how interested we all are, maybe some of us more than others, but I think all of us are

very interested in this. I know that we do have the rule that anything under $500,000

doesn't come for council. And I respect that. I get that. That is mayoral authority and all of

those great things. But in the spirit of collaboration and the fact that we've all

been working so hard with one another to make a lot of these changes, to mitigate the concerns,

to talk about ordinance. And I feel like we are doing a much better job in collaboration.

I think it would speak volumes if we could do that going forward with any potential

surveillance technology contracts that are below the threshold,

that if there were an opportunity for council to be able to review those contracts. And I say that

because not because of a lack of trust, but in the spirit of collaboration. And the fact that,

you know, we've all been engaged in these conversations. We have a task force that is

like specifically tasked with this. I just, if it's all possible, and of course, I know this

needs to go back to the administration, but I am making the request. And I don't know if my

colleagues agree with me or not, but I just think in the light of, one, everything that's happening

around us in our city and our country as Mr. Chair indicated but also just the

investment that I think many of us have in wanting to make sure we are doing

best for the people of Denver and that we're working together in doing that. So

that's that's my thought there that's my two cents and maybe that's something we

can work on together. Thank you Councilman. Thank you Councilman

Gonzales Gutierrez, Council Member Flynn back in queue.

Oh, thank you.

I think that's a very reasonable request that the administration let us know if they're going to do a smaller contract under the threshold.

But I do want to remind members that in May, when we voted Flockdown unanimously, that many of us were prepared to vote aye, but we were asked by the mayor's office to vote it down.

There's a great misunderstanding in the public right now that city council unanimously voted it down because it didn't want it.

Some of us did, but it looked like votes were changing.

So the mayor's office said, OK, you're probably going to kill it.

Let's kill it unanimously.

We'll form this task force.

And in the meantime, the mayor told us that he was going to do a contract amendment just below the threshold because it was a $333,000 contract and he was going to take it up just under the threshold to keep it operating while the task force did its work and hopefully reach a conclusion by last October, which, of course, we didn't do.

So I just wanted to point that out that it wasn't unanimously voted down because the entire council didn't want it.

It was voted down by some of us so that we could do this work that we're now reporting on.

And that the mayor did tell us he was going to do that amendment just below the threshold.

So I just wanted to clarify that.

Thank you.

Thank you, Council Member Flynn.

Just want to look around the room, see if there are any other questions.

I've got one or two.

Council President, back in the queue, and then I'll ask my questions after.

I don't remember having that conversation about the mayor amendment.

I just have to say that on the record.

that maybe you had that conversation with the administration.

I never had that conversation with the administration.

So I think it's important that we say I statements

when we make those kinds of statements

because I'll just say I don't remember that.

I do remember having a conversation later in the fall

with the mayor's office saying that I had had a meeting with, I can't remember his name right now,

but with the CEO of Flock and that I had an apology email from the CEO of Flock because he lied to my

face. So that was what I had the conversation with the mayor because he did. The CEO of Flock

sat in my council office and I used specific language with him to ask him what was happening.

And I actually vetted that language through a couple of my professors and a couple of my friends who are in the fintech world.

And I used specific language.

And I got an apology email from the CEO of Flock saying that he was sorry for lying to me.

That prompted me having a conversation with the mayor saying I have a lot of concern about this vendor.

And I have a lot of concern about integrity.

But I don't remember having a conversation in May saying that he was going to extend the contract.

Maybe they had different conversations.

There's 13 of us, and I've learned that over time that sometimes we get broken off and we get told different things,

and that's just part of working in a body.

But I just wanted to clarify for the record that I wasn't aware of that information,

and I did tell the mayor when he talked about extending the contract,

I did say I felt disappointed because those were things in,

when he mentioned what safeguards were going to be put into the extension,

I said, with all due respect, those should have already been in there.

We were told those were already going to be in there.

Those were things that when I had a demonstration with Councilwoman Gonzales Gutierrez

and Councilwoman parity, we were told certain safeguards were already implemented.

And when we have the presentation and the demo, they couldn't follow through with them.

And that's what prompted us having a deeper conversation and a lot of concern saying,

hey, we were promised this in this contract and it wasn't followed through on.

And so for me, it was like it kept piling on and piling on.

So I just wanted to say that I'm glad that you had that conversation and knowledge.

I just, I did not.

Thank you.

I was going to say, just briefly, I want to go back and forth.

If you have a final comment.

I don't know who all the mayor's office said this to before the meeting.

I know they had a discussion with me.

I don't know if anyone else had that.

But I mentioned that in my remarks before the vote on the floor.

So I said this on the floor, that this is what the mayor's office had proposed, this task force and an extension of the contract.

So I don't know if anybody would include in on that, but that's what I said on the floor.

Thank you, Councilmember Flynn.

I appreciate a robust discussion.

And quite frankly, I know that the work of this task force, the work of council, our focus is to make sure we move forward on work within the surveillance sphere to make sure that we maintain civil liberties and we also ensure we have safety.

I do have a question that I was curious. We haven't touched on specifically. I met with some organizations specifically focused on reproductive health and ensuring that we protect and secure sites, especially those who are providing support for reproductive health.

Obviously, Colorado is a space, a place, a state where folks come from all over the country because of our protection for women and our families.

Curious on the protections within contracts as far as where cameras can be housed or where they can be put up.

Are there any, have there been any thoughts on sensitive places as far as proximity to sensitive places?

And if there are cameras in some of those sensitive places where we actually have law in the books that we need to protect folks' rights, access to health care, what are the steps we're taking?

So first, any thoughts within the kind of the process we're looking at as for as requirements for surveillance on near sensitive places?

And then the second part, if we have cameras near some of those sensitive places, what are the steps we're taking to either remove those?

Actually, I'll stop it. Remove those.

Yeah. Thank you, Councilman.

And I have had numerous conversations with some of those reproductive rights organizations as well, COBOLT and other folks.

We're trying to figure out a time for them to come in and talk to the task force in the coming weeks about some of their concerns so that we're getting that frame as well.

But it is something that is top of mind.

as it relates to specific camera placement and kind of where we would restrict or not restrict,

I think part of the concern is that there are any number of places, not just kind of reproductive

health care facilities, but when you start talking about concerns around immigration officials,

kind of how you would define that, there are any number of other places that would probably fall

into that category. So just as a reminder, these cameras are facing public right-of-way at

intersections, right? And so I think that there would be a lot of logistics to figure out

how far away from those quote-unquote sensitive locations would the cameras need to not be,

those kind of things. Independent of whether or not there's an ultimate decision on removing

cameras for certain locations, what is very clear in the contract language, and frankly,

is very clear in just the code in Denver, is that were we to receive a subpoena or a request for

information from a jurisdiction in Texas looking for someone who came to Denver to access reproductive

health care, under no circumstances would Denver comply with that request for information. And

that's something that we've been explicit about. And it's something that, to my knowledge,

has not, we have not received one of those requests in Denver that I'm aware of. I'm happy

to kind of check and confirm that. But I think it goes back to the conversation that Councilwoman

Alvedrez was having and Councilwoman Gonsalos Gutierrez around data protection and data integrity.

And so I think that making sure that we are being very clear that were we to receive any sort of

request along those lines, it's just going to be a flat out denial. We wouldn't comply with it

because it'd be against both Denver and Colorado law.

I appreciate that response, Mr. Hoffman.

That's still my outstanding question.

I know with an ordinance, we have the capacity

to build, and I think the responsibility

where we have proximity requirements

for a whole host of things.

And so I look forward to us having a dialogue on that.

And if there is the opportunity for an ordinance

that we look at how that applies.

And I have great respect for the work our city does.

I think our teams together can figure out something to protect those areas and still maintain public safety and right away surveillance that doesn't infringe.

So looking forward to that continued work.

Thank you, Mr. Chair.

I just wanted to make sure I answered from the council side on that same question for you because I appreciate you bringing it up.

But yeah, I know myself and Councilman Parity have also in our offices have met with some of those organizations as well and have heard those same concerns.

And are also seeking to make sure that we're, of course, bringing that to the task force, as Tim said, and looking at, you know, are there ways that we can address that in policy as well to make sure that people are protected in all aspects of things.

So thank you so much for bringing it up. I appreciate that. I appreciate all the questions from council members.

Really appreciate the task force members for the good work that you're doing. This is why this is why we're here.

This is kind of the type of stuff, the type of work that we should be collaborating and leaning on. So with that, thank you all. Mr Hoffman. Thank you for technology services for your leadership. We have two items on consent. None have been pulled off. And so this meeting is adjourned.

Thank you.

Thank you.