The following privacy guidelines for the NYPD’s Domain Awareness System were released in April 2009.
Domain Awareness System Public Security Privacy Guidelines
- 7 pages
- April 2, 2009
In order to help ensure public safety and security and to detect, deter, and prevent potential terrorist activities, the New York City Police Department (NYPD) has developed a networked Domain Awareness System. The Domain Awareness System not only supplies critical supplemental assistance to officers’ ongoing security and public safety efforts, but also enhances the collaborative nature of those efforts by leveraging the resources of the private sector and other City agencies. Given the ongoing threat of terrorist attack, the Domain Awareness System is an important part of the NYPD’s integrated approach to providing protection for those who work in, live in, and visit New York City.
The Public Security Privacy Guidelines (the Guidelines) establish policies and procedures to limit the authorized use of the Domain Awareness System and to provide for limited access to and proper disposition of stored data. To ensure that appropriate privacy protections exist, the NYPD has considered and consciously incorporated technical, operational, legal, policy, and oversight safeguards throughout the development life cycle of the Domain Awareness System.
Domain Awareness System: technology deployed in public spaces as part of the counterterrorism program of the NYPD’s Counterterrorism Bureau, including: NYPD-owned and Stakeholder-owned closed circuit television cameras (CCTVs) providing feeds into the Lower Manhattan Security Coordination Center; License Plate Readers (LPRs); and other domain awareness devices, as appropriate.
B. Statement of Purpose
The Domain Awareness System is a counterterrorism tool designed to:
• Facilitate the observation of pre-operational activity by terrorist organizations or their agents
• Aid in the detection of preparations to conduct terrorist attacks
• Deter terrorist attacks
• Provide a degree of common domain awareness for all Stakeholders
• Reduce incident response times
• Create a common technological infrastructure to support the integration of new security technology
The Domain Awareness System will be operated 24 hours a day, seven days a week, in a professional manner and only in furtherance of legitimate law enforcement and public safety purposes.
As with all NYPD operations, no person will be targeted or monitored by the Domain Awareness System solely because of actual or perceived race, color, religion or creed, age, national origin, alienage, citizenship status, gender (including gender identity), sexual orientation, disability, marital status, partnership status, military status, or political affiliation or beliefs.
The Domain Awareness System will be used only to monitor public areas and public activities where no legally protected reasonable expectation of privacy exists.
Facial recognition technology is not utilized by the Domain Awareness System.
All NYPD-owned CCTVs that are part of the Domain Awareness System will have accompanying signage, and the NYPD will recommend that signage accompany each Stakeholder-owned CCTV that is part of the Domain Awareness System.
In certain cases, technologies governed by the Guidelines may utilize or be integrated with systems and technologies deployed by other bureaus and divisions of the NYPD. In such cases, the application of the Guidelines will be controlled by separate memorandum from the Deputy Commissioner of Counterterrorism to the Deputy Commissioner for Legal Matters.
D. Data Storage
Generally, data gathered through the use of the Domain Awareness System will be destroyed as a matter of course at the end of the relevant Pre-Archival Period; any decision to retain certain data possessing evidentiary or other value beyond the Pre-Archival Period must be approved and documented in writing by the Authorized Agent, or a designee approved in writing by the Authorized Agent.
→ The Pre-Archival Period for Video is 30 days. For any decision to retain Video beyond the Pre-Archival Period, the Authorized Agent is the Deputy Commissioner of Counterterrorism. All Video from CCTVs will be recorded.
→ The Pre-Archival Period for Metadata is five years. For any decision to retain Metadata beyond the Pre-Archival Period, the Authorized Agent is the Deputy Commissioner for Legal Matters.
• LPR Data:
→ The Pre-Archival Period for LPR Data is five years. For any decision to retain LPR Data beyond the Pre-Archival Period, the Authorized Agent is the Deputy Commissioner for Legal Matters.
• Environmental Data:
→ Environmental Data will be retained indefinitely.
After the conclusion of five years, Archival Data must be reviewed by the Deputy Commissioner of Counterterrorism and the Deputy Commissioner for Legal Matters for continuing law enforcement or public safety value or legal necessity; all Archival Data determined not to have continuing law enforcement or public safety value or legal necessity will be destroyed as a matter of course.