Aren't individual criminal histories, wanted and missing persons, and stolen firearms, vehicles, and property information already public information? Most of these things can be found with a web search or FOIA request.
Some info may be accessible by using a Freedom of Information Act Request, but not all of the info on CLETS. The information that they are concerned about on CLETS is the PII (Personal Identifying Information), in other words, the stuff that someone could use to steal someones identity.
And those requirements are not new. The mandate to protect CLETS information at all times, both when moving and at rest, has been a requirement for a long time. When agencies signed the agreements to access CLETS, they agreed to follow -all- the rules, including protection of the data. It's not optional, and it's nothing new. The only thing that happened was CADOJ put all the agencies on notice that they were going to start enforcing that part of the agreement that individual agencies signed and agreed to.
"13675. (a) (1) Except as otherwise provided in paragraph (3) and subdivision (b), each law enforcement agency shall, by no later than January 1, 2023, ensure that all radio communications are accessible to the public.
(2) A law enforcement agency may comply with this subdivision in any manner that provides reasonable public access to radio communications including, without limitation, any of the following means:
(A) Use of unencrypted radio communications on a radio frequency that is able to be monitored by commonly available radio scanning equipment.
(B) Online streaming of radio communications accessible through the agency’s internet website.
(C) Upon request and for a reasonable fee, providing access to encrypted communications to any interested person."
While subdivision (A) would be the easiest option for most departments,
"Easiest" doesn't take into account a lot of details.
Some agencies have chosen to keep primary dispatch in the clear and have a separate records channel encrypted for handling PII. That's great for larger agencies that have the money to set up their systems that way. For many smaller agencies that don't have a big budget, you'll find they sometimes only have one channel available. No option for a separate records channel. Requiring officers/dispatch to switch back and forth between encrypted and non-encrypted depending on the traffic isn't something that passes muster with security people and often leads to mistakes.
... those who wish to remain fully encrypted could offer to program the departments encryption key (the use of AES256 would be required) into a
Unication pager for anyone who requests it.
The handling of encryption keys is a big deal. It's not something to be taken lightly.
Often the keys are handled by one person and are not let out of their sight. That means one person would be responsible for handling all these one of requests.
Putting encryption keys into any radio that showed up with a request creates another huge challenge. Who's going to maintain all the programming software, cables, what if's when firmware/software changes. And then you can risk loosing control of the keys because you've now put them in the equipment belonging to a random stranger with no guarantee of the security of the device it's been put in.
This would create a bit of a barrier for those who wish to use the radio traffic for nefarious purposes while also allowing access to those who are interested and would be compliant with subdivision (C) of this law.
This would create absolutely no barrier what so ever. Scanner/pager/whatever gets stolen. Someone loans it to their friend, someone decides to stream it anyway, someone figures out how to hack a non-compliant device and pull the key out. It's essentially putting encryption keys into an uncontrolled device with no chain of custody.
It also fails to support the general public. It would require purchasing of one device from one manufacturer. It would require said agency to have the same software/cables. Now said agency is responsible for programming radio equipment for the average John Q. Public.
Most agencies don't have time/money to do that. They don't want to deal with the risks. They won't want to deal with doing the expensive/time consuming background checks of the owner.
And then what happens when they roll the keys? Will it be up to said agency to track you down to reload new keys into your pager/scanner?
All of that is time consuming and expensive. It also completely releases control over who holds encryption keys and would violate even the loosest interpretations of any security rule that was rooted in anything considered logical.
As for subdivision (B), what happens when the stream goes down?
You deal with it. Same thing that happens when the radio system goes down. When your scanner breaks. When you go out of town and can't listen. Same thing when they roll their keys and don't send someone out to your home code 3 to reprogram your scanner so you don't miss anything. Same thing when your batteries die in your scanner. Same thing when they use the cell phone or terminal to handle the traffic rather than the radio.
This is the wet dream of the scanner listener, that some agency is going to see you, a scanner listener, as "one of them" and happily give you access to their encryption keys, solely because you saved up your money and bought a scanner. It's not going to happen.
This law is poorly written by politicians that wouldn't know which end of the radio to talk into and would more than likely poke their own eye out with the antenna if not supervised.
If this passes, and I'm not sure it will, the best you are going to see is delayed streaming with redacted audio. Delays on their own are not going to negate the need to protect PII.
No agency is going to enter the business of programming pagers/scanners for the general public.
No security expert is going to let said agency hand out encryption keys to anyone who walks in off the street.
No agency is going to waste the considerable amount of money to do the necessary background checks of the individuals who request this.
No agency is going to want to risk being in violation of this law if they need to roll encryption keys due to a lost radio.
Maybe a few key legit press agencies (not the "YouTube/social media press") might get immediate access with a well controlled agency owned radio that is rented to the agency and very close control over it.