SB-1000 Law enforcement agencies: radio communications

[medic9351301]

The bill includes some funding to cover potential costs.

COOL

 

[marcotor]

Once Chief Fennessy saw the quote ($2+ Million) from OCComms for removing E from OCFA radios, he sorta stopped considering it.

 

[norcalscan]

In spite of what many think, there is no "switch to flip".

Except there could have been, relatively speaking, with decent thought put into programming and an attempt at future-proofing. But that isn't good for business now is it. That's what's frustrating. I can spot a billed-by-the-radio code plug a mile away. Just as easy as spotting a billed-by-the-incident business IT outsource solution. The bar is set at "good enough" and never goes higher. It's sad. I'd rather have a local deputy or firefighter who knows just enough to get the radio programmed do the job; faithfully attempting their "best," than an outside professional advising their client of what's best for them, with no neutral 3rd party to determine if that advice was given in good faith.

 

[Markb]

Once Chief Fennessy saw the quote ($2+ Million) from OCComms for removing E from OCFA radios, he sorta stopped considering it.

That's a buttload of man-hours!

 

[inigo88]

Except there could have been, relatively speaking, with decent thought put into programming and an attempt at future-proofing. But that isn't good for business now is it. That's what's frustrating. I can spot a billed-by-the-radio code plug a mile away. Just as easy as spotting a billed-by-the-incident business IT outsource solution. The bar is set at "good enough" and never goes higher. It's sad. I'd rather have a local deputy or firefighter who knows just enough to get the radio programmed do the job; faithfully attempting their "best," than an outside professional advising their client of what's best for them, with no neutral 3rd party to determine if that advice was given in good faith.

You’re exactly right. There IS a switch, it’a the code plug, and it must be switched many many times.

My personal opinion only and not that of radioreference.com, but there seems to be a minority of RR forum users that are system techs/managers who come here to gloat about how much fun it is for them to strap every talkgroup encrypted. Perhaps if you guys had planned ahead a little better and left some possibility for an unencrypted future (clear zone at the end of the radio, user-selectable encryption, etc) then you wouldn’t be in this predicament to begin with.

I think while some were honest interpretations, a lot of agencies took advantage of the DOJ memo to implement the strictest possible encryption without backward compatibility. That was not terribly smart in a state that values public transparency.

 

[mmckenna]

You’re exactly right. There IS a switch, it’a the code plug, and it must be switched many many times.

My personal opinion only and not that of radioreference.com, but there seems to be a minority of RR forum users that are system techs/managers who come here to gloat about how much fun it is for them to strap every talkgroup encrypted. Perhaps if you guys had planned ahead a little better and left some possibility for an unencrypted future (clear zone at the end of the radio, user-selectable encryption, etc) then you wouldn’t be in this predicament to begin with.

I think while some were honest interpretations, a lot of agencies took advantage of the DOJ memo to implement the strictest possible encryption without backward compatibility. That was not terribly smart in a state that values public transparency.

The comments about the quality of codeplugs is dead on. Setting up radios properly takes a lot of work, and some people don't put a lot of effort into it. Most good radio shops/techs will spend a lot of time going over codeplugs before releasing them. Some will just throw in a new channel at the bottom of the list and call it done. I think we've all run across radios set up like that.

As for programming in channels both with and without encryption, there's some risks with that.
CADOJ was clear with the requirement. Setting up both encrypted and unencrypted channels raises some risks for some user screwing things up by being on the wrong channel/zone. Sure, it would work, but we live in a society where packs of roaming lawyers are just looking for a reason to start a class action lawsuit against anyone and everyone. Just watch daytime or late night TV and you'll see what I mean.

As someone who programs radios for public safety, I have to take all that into account. There's a lot of work that goes into producing codeplugs that don't have errors, don't introduce ways for end users to get lost, and prevent possible issues like traffic that should be encrypted getting passed in the clear. Any major changes get vetted through one of the sergeants to make sure it's something that makes sense and won't confuse the users.

It's important to keep in mind that SB1000 does not prohibit encryption. It only will require that radio traffic be made available to the public. It doesn't need to be in real time, and it doesn't need to be over the radio. Redacted transcripts or recordings would meet the requirements of the law. It is entirely possible that some agencies will keep encryption and require the public to make requests for radio recordings. It's also totally legal for those agencies to charge requestors a reasonable amount of money to recover costs of producing said recordings.

I don't agree with encrypting 100%, but encryption absolutely has its place in the industry. Ultimately, it's not always up to me. Our chief can tell me to encrypt all their traffic, and that's what I'll do. On my trunked system, I'm running encryption where it's appropriate: anywhere that personal information, health information or anything sensitive might get shared.

 

[KK6ZTE]

I'd rather have a local deputy or firefighter who knows just enough to get the radio programmed do the job; faithfully attempting their "best," than an outside professional advising their client of what's best for them, with no neutral 3rd party to determine if that advice was given in good faith.

As someone who has had to clean up after this very situation, I'd have to respectfully disagree with your assessment.

I can understand where you're coming from, but there's more to it. For instance, a lot of FAEs or deputies that get handed the radio programming don't understand much about the radios, especially on more complex radios. There's a lot of settings that can interact and that can bite you if you don't know about it.

For example, one police department I had to fix had one of their senior officers program some Kenwood NX-5000 portables. He saw some cool stuff in the programming software and decided to check boxes (or uncheck boxes) as he thought might work. The issues: The radio had a 16-channel stopper in the channel knob, but the radio thought it had a free-running knob. The result? Every time you powered up the radio you could end up on the wrong channel. Even worse, you could get to a situation where you could never get back to channel 1. The other issue was he decided to enable the scrambler on their second channel. The issue: there were only 5 NX portables in the fleet. All of the other officers (and dispatch) didn't have a way to unscramble. Customer complaint? Digital sounding noise on the channel.

All the barking at system administrators is misdirected. Most, if not all, are simply following orders. Those are coming from Police Chiefs, Fire Chiefs, and other pencil pushers who do not care about the details--they have more important $$$ things to deal with. If they want something, they are always right, and they will get it. For example, one local PD can't wait for their new mix-mode UHF channel so they can encrypt to prevent jamming. Doesn't change the fact they'll still get jammed as they aren't changing frequency...

 

[norcalscan]

Absolutely Inigo.

Discussion keeps getting dragged into the minutiae (because we're techs, we thrive in minutiae) and miss the bigger picture of what some of us are trying to convey. Of course there's firefighters screwing up an NX load or playing with fancy features, of course there's orders coming from 4-starred collars, of course legal risks abound. All I hear for some of those though, is still just the good-enough response. Where's the passion (and trust from your superior) to stand up and educate the 4-star? Be the SME they hired you for and help educate them. Say yes, I'll do this knee-jerk decision, but be advised, it goes well against the bigger trend which is going in X direction, so I'm going to design/plan accordingly to be able to come back to that trend more efficiently if/when it does happen, saving us $$. If you don't have the ears and trust of the 4star, you're in the wrong dept. If you don't have that foresight, you're in the wrong career or have lost your passion.

Hiding behind training or legal excuses is again "good enough". I'm currently in a situation where I've engaged lawyers and members at the US State Dept to help mitigate a massive "legal risk" in my industry, a risk that has a big enough financial bite if actually engaged, but has never ever been engaged and very likely will not. Some lawyer found it though, freaked out, and is trying to have us spend quarter-million a year to "mitigate" the risk. My superior and I both called BS, and went around them to the top to get the real picture. Don't be afraid of lawyers and what-if's. We could what-if all day and live in a bubblewrap room, throwing dollars at 'risk", or we could get out and make the world turn. Show initiative, show intent at meeting the wording of the law, then get $h7!* done. A lot of "risk" is mitigated for example by hiding the zone button a layer or two deep, then putting the "open" zone back near the "I-Op" zone (because we all know, god forbid a cop can find the interop zone.) You can hide behind "training" or you can learn to write a dept-wide memo saying "hey, at this date time dispatch is moving to X, do this task on your radio to get you to X. If you need help, see me" If they can't follow that task, read their dept memos, etc, then tell the managers to (gasp!) manage. Society needs to pull up their GD big-boy pants. Failure happens, we are all human. Stop trying to avoid failure, and instead, build capacity so you have room to fail safely. When you have that capacity, you get to then focus on what matters. Trapeze artists get to enjoy and share their art when capacity to fail is in place. Failure then transforms into further improvement. Without capacity, trapeze artists are only focused on not dying, not being an artist.

I hate being the SME, because it means I'm the only one in the room that knows something, and I can't leave to go to the dang bathroom. It also means everyone else in the room talks to me at ankle level and I waste a bunch of energy interpreting their "idea" of my subject, into reality. Educate them so they at least meet you halfway, you don't have to spend much energy interpreting, they feel more comfortable with the "black magic" of radio, or IT, or whatever, and they'll engage you more and everyone gets the ball further down the field. Being the SME should be freaking scary for us, not a control/power play that some of us so often like to wield.

 

[norcalscan]

And would you look at that, very large law enforcement mutual aid orders being placed right now for Siskiyou County in California due to the extreme critical spread of the McKinney fire that started last night, with further threat this weekend of extreme fire weather.

Here I am 4 years later, still hoping encrypted Yreka PD had the foresight to build capacity in their radio loads to fail safely. I hope I'm not up there this weekend cleaning that mess up.

 

[mmckenna]

I hate being the SME, because it means I'm the only one in the room that knows something, and I can't leave to go to the dang bathroom. It also means everyone else in the room talks to me at ankle level and I waste a bunch of energy interpreting their "idea" of my subject, into reality. Educate them so they at least meet you halfway, you don't have to spend much energy interpreting, they feel more comfortable with the "black magic" of radio, or IT, or whatever, and they'll engage you more and everyone gets the ball further down the field. Being the SME should be freaking scary for us, not a control/power play that some of us so often like to wield.

You bring up some excellent points. There is a serious balancing act between giving the end users what they want, and preventing them from doing themselves harm. It is an absolute challenge. I can't go into meetings with the attitude that I'm the only SME in the room. There's just too many subjects to be an expert in all of them. I have to balance the needs of the agency with the rules of DOJ, FCC, and everything else. The department/chief has to be their own SME when it comes to the procedural parts. My job isn't to stand in the way of their procedures, but to find ways that the radio system can compliment those needs.

Unfortunately, some scanner listeners don't understand the requirements, and a few are, unfortunately, unable to understand the alternate points of view. I get it, I started off with a scanner when I was young, and I'm sure my opinions back then would not have jived with what I have to do now.

Some of what you said, though, seems to be from the point of view that encryption is bad. I know it is a hot button topic, and I respect most of the points of view on the subject. Encryption is here. There's a ton of good reasons to have it in place. There are absolute requirements that go all the way back to the access agreements that agencies signed when they received CLETS access.

But, excellent points and I really do welcome a constructive and respectful discussion on the subject. We all have things we can still learn from each other.

 

[norcalscan]

Some of what you said, though, seems to be from the point of view that encryption is bad. I know it is a hot button topic, and I respect most of the points of view on the subject. Encryption is here. There's a ton of good reasons to have it in place. There are absolute requirements that go all the way back to the access agreements that agencies signed when they received CLETS access.

I wholeheartedly agree encryption has its time and place. It's not bad, unless used where not appropriate or not implemented with capacity to fail. And my arguments here the last 5-10 years convey that. The entire argument around legal standing of CLETS and agreements and such requiring this though falls flat on the face. It is exactly the same argument as what I'm dealing with in my day job today, a legal rule put in place decades ago, meant to address one real risk but inadvertently spills over to other places where risk is minimal and the law has never ever even glanced at enforcing it in our industry (but the technicality of the law still exists). A lawyer found it, freaked out about the costs of violating the technicalities of that law, and we're now forced to calm everyone down and get the answer straight from the horse's mouth in DC. I'm realizing how analogous it is to the DOJ memo situation. If the legal risk of CLETS PII etc was there this whole time, why all of a sudden now is everyone freaking out? The timing of taking the blinders off to the risk that has been there this whole time, is suspiciously political.

edit:
And the knee-jerk solutions to address the sudden DOJ memo, introduces major operational changes and new risks to the officers especially if implemented without foresight, just as the solutions required to mitigate the supposed legal risk in my day-job, would force massive operational changes, and financial demands, which can have direct impact on public safety response across the entire US.

If your lawyer isn't listening to you, get a new one. Thankfully ours is listening (or calming down at least) and letting us take a methodical approach to this newfound "risk" instead of making a deadline 2 months out...

 

[mmckenna]

why all of a sudden now is everyone freaking out? The timing of taking the blinders off to the risk that has been there this whole time, is suspiciously political.

Lawyers.
IT is learning the risks of not protecting PII. That's spilling over into all kinds of things. I think that's good.

Agencies signed the agreements years ago. Now they are being held to it. I personally am happy to see when agreements/contracts are enforced.

But, I get what you are saying. Done right, encryption is fine. Problem is, most don't take the time to do it correctly. There are groups that are addressing interop with encryption. It's do-able, but takes a lot of coordination that many chief's are not good at, and some stand actively in the way of.

I'm working with our adjoining agencies to develop a plan to share encryption keys. Others are doing the same thing. There's some documents over on the NorCal APCO page. I don't agree with some of their stuff, but at least they are working on it.

As for the rest of it, I'm not an attorney, and don't plan on becoming one. We have consul that does this stuff. Right now they are saying that we need to encrypt and follow the DOJ requirements. That's what I have to do. We can still meet the SB1000 with that in place.

 

[tsalmrsystemtech]

Isn't this news story from June 13th? Hardly makes it NEWS THAT JUST HIT.

I have a feeling if this passes the Assembly and Gov. signs it, there will be a boon to Broadcastify. Be relatively easy for an agency to provide an "Official Feed" and meet the requirements while maintaining the integrity of the system, and not having to reprogram, rekey, etc.

In spite of what many think, there is no "switch to flip".

This all goes back in time when broadcastify went live on the internet it killed this community. Its a double edge sword. California and big E suck. Plus if you see now CHP on CRIS is having encryption now

 

[scannerboy02]

Just a reminder, the measure is scheduled for a hearing in the Appropriations committee today starting at 9am.

Assembly Daily File | California State Assembly

www.assembly.ca.gov

S.B. No. 1000 is 34th on the list.

Video: Assembly Internet
Call-in Number: (877) 692-8957 (PIN: 18501100)

 

[marcotor]

This all goes back in time when broadcastify went live on the internet it killed this community. Its a double edge sword. California and big E suck. Plus if you see now CHP on CRIS is having encryption now

I am certain Lindsay would disagree with you, from the posts at the beginning to now, the community appears to be thriving. I know you would like to think BC killed everything, but Orange County LE went encrypted ("full, end-to-end encryption" to use your words) long before RR was a thing. Santa Monica and others as well. You can keep claiming the sky is falling, we all know well your rants against encryption.

 

[scannerboy02]

Next hearing has been scheduled for Thursday, August 11th.

 

[scannerboy02]

Just a reminder, the bill is set for another Appropriations committee hearing after the regular floor session today.

Today's Events | California State Assembly

www.assembly.ca.gov

 

[jland138]

State bill on police radio encryption dies in committee | News | Palo Alto Online |

 

[mmckenna]

It was discussed briefly at APCO for the CA statewide meeting. A -lot- of people against it and I doubt it really stood a chance.
Hopefully we can stick a fork in this and move on.

 

[techman210]

It was discussed briefly at APCO for the CA statewide meeting. A -lot- of people against it and I doubt it really stood a chance.
Hopefully we can stick a fork in this and move on.

This is almost as entertaining as the Orange County Fire “remove encryption” thread 😀