×
×
homepage logo

Libertas Institute releases privacy protection proposal to limit government surveillance

By Connor Richards daily Herald - | May 18, 2020
1 / 7

A surveillance camera is posted at the Fourth Judicial District Courthouse on Monday, May 18, 2020, in Provo. Isaac Hale, Daily Herald

2 / 7

A surveillance camera is posted at an apartment complex in Orem on Monday, May 18, 2020. Isaac Hale, Daily Herald

3 / 7

Surveillance cameras are posted at the Fourth Judicial District Courthouse on Monday, May 18, 2020, in Provo. Isaac Hale, Daily Herald

4 / 7

A surveillance camera is posted at an apartment complex in Orem on Monday, May 18, 2020. Isaac Hale, Daily Herald

5 / 7

A surveillance camera is posted at the Fourth Judicial District Courthouse on Monday, May 18, 2020, in Provo. Isaac Hale, Daily Herald

6 / 7

A surveillance camera is posted at an apartment complex in Orem on Monday, May 18, 2020. Isaac Hale, Daily Herald

7 / 7

A surveillance camera is posted at the Fourth Judicial District Courthouse on Monday, May 18, 2020, in Provo. Isaac Hale, Daily Herald

A Lehi-based libertarian think tank is calling on the Utah State Legislature to take steps to protect the privacy of citizens by regulating the ways government agencies can utilize data from computers, smart phones, social media security cameras and other sources.

“This information is frequently used in ways that individuals did not intend nor authorize,” Libertas Institute staff wrote in a proposal on Thursday. “Government uses our driver license data for facial recognition and cancer research; our movements and social media posts for ‘live time’ surveillance; our blood for health analysis; our DNA for identifying relatives in criminal investigations; our face or fingerprint to access the entire contents of our mobile devices; our private health information to monitor potential drug abuse; and more.”

The think tank proposed a two-phase “Privacy Protection Act” to address the “intrusion into privacy” that it said “changes the relationship between government and citizen, and often happens without oversight or public buy-in, let alone explicit consent by those whose information it is.”

The first phase of the proposal consists of “setting up a process whereby information can be gathered, use of private information can be scrutinized, and recommendations (can be) made regarding policy reforms,” according to its text.

Specifically, the proposal asks the Legislature to create and fund a “State Privacy Officer” position that would be appointed by and housed within the state auditor’s office. The Office of the State Auditor would also assemble a “Personal Privacy Oversight Committee” made up of a half dozen “volunteer tech/privacy experts/advocates,” as well as one or two law enforcement representatives.

The State Privacy Officer would be responsible for developing the privacy law and data security standards to be used by the oversight committee and “field(ing) requests from individuals to review a government agency/entity’s use of technology/software/process that implicates privacy,” as stated in the proposal.

If a request merited review, the officer would draft an analysis detailing how the technology and data are used, how the data is stored and who it is shared with, how information is anonymized and whether the technology “adequately protects individuals’ privacy.”

Every year, the State Privacy Officer would be responsible for requiring at least 10 agencies, entities or local governments to provide details about any personally identifying information that they collect or store “and with that information perform an analysis to determine if the agency/entity is adequately protecting information.”

The Personal Privacy Oversight Committee, meanwhile, would review technology or software flagged by the privacy officer and provide “any reports/analyses each year to the Legislative Management Committee for referral to the Judiciary Interim Committee.”

In 2021 only, the committee would review the synthesis of audio and video feeds, bulk analysis of social media feeds and use of biometrics by law enforcement, including facial recognition technology and public or private DNA databases, and make recommendations to the Legislature.

The proposal stated that a government agency or entity “may not use a technology/software/process that the Personal Privacy Oversight Committee has recommended against using unless the relevant legislative body enacts a law specifically authorizing its use” and that each favorable recommendation would be re-reviewed within two years.

As part of the second phase of the proposal, the Judiciary Interim Committee would hold meetings in fall 2021 to discuss the Personal Privacy Oversight Committee’s recommendations.

Then, during the 2022 general session, the Legislature would consider “an omnibus privacy reform bill that enacts necessary reforms, restricting government use of private information to better protect privacy and ensure information is used consistent with the purposes for which it was created,” according to the proposal.

The proposal was released following increased scrutiny of Banjo — a Park City-based surveillance technology company that partners with law enforcement agencies to reduce emergency response times — after a report that the company’s CEO and founder, Damien Patton, was affiliated with the Ku Klux Klan as a teenager.

In an op-ed published by The Salt Lake Tribune on Friday, Libertas Institute President Connor Boyack said he and others had been “monitoring its (Banjo’s) work for some time” and were “concerned about the ramifications of applying artificial intelligence to our information in order to help the government.”

“While Banjo sparked the latest round of concerns, these issues are not new, and they are far larger than any one company,” wrote Boyack. “We believe it’s time to substantively address them.”

The Utah Attorney General’s Office suspended the state’s contract with Banjo on April 28 and Patton resigned as CEO on May 8. Banjo suspended all its Utah contracts on April 29 pending the completion of an independent third-party audit into the company’s technology.

Newsletter

Join thousands already receiving our daily newsletter.

I'm interested in (please check all that apply)