A request for proposals (RFP) published on the City of Boston’s website in April, first reported by DigBoston, raises extremely alarming concerns about the expansion of a surveillance camera network throughout Eastern Massachusetts. The RFP comes as the City Council in Boston is in the final stages of working to pass a surveillance oversight ordinance that would place decisions about matters like this before the public, in the hands of the City Council. Please take action now to tell Acting Mayor Janey to withdraw the RFP and wait until the City Council passes the surveillance oversight ordinance before embarking on costly, potentially dangerous expansions of government surveillance like this one.
To understand the significance of this RFP, and the threats it poses to the safety and privacy of residents of Boston and surrounding communities, we need some background.
For the past few years, the ACLU of Massachusetts has been trying to understand the City of Boston’s plans to link government-owned surveillance cameras throughout the metropolitan Boston region. We have filed countless public records requests with various government agencies, because we have been concerned that the City has been planning to link thousands of cameras together through technology that would allow, say, a police officer from Quincy to see what’s happening on streets in Boston and vice versa. Unfortunately, while we have received some documents, the City has failed to adequately respond to those requests. But thanks to the publication of this RFP, we now know at least some of what they’re planning—and we must stop it before a contract is signed June 2.
The City’s plans are laid out in a 31-page RFP issued by the City of Boston Office of Emergency Management—and they are extremely frightening. The plan would link over 1,000 surveillance cameras into one all-seeing eye, accessible to potentially thousands of police officers throughout Eastern Massachusetts. Meanwhile, this RFP process is unfolding behind the scenes at City Hall at the very same time the Boston City Council is working on an ordinance that would put control over surveillance in Boston in the hands of the City Council and the public. It’s not clear that Acting Mayor Janey—a lead sponsor of the surveillance ordinance when she was City Council President—knew about the City’s plans to link all of these surveillance devices in one system. But now that she knows, she must withdraw this RFP, and wait for the City Council to finish its work on the surveillance ordinance.
The City of Boston plans to build a regional surveillance camera network—inviting abuse, misuse, and hacking threats
The City of Boston is the central node in something called the Metro Boston Homeland Security Region (“the Region” or MBHSR). Since the mid-2000s, this Region has worked together to obtain federal and state homeland security grants, coordinated expenditures and training exercises, shared information, and has planned surveillance operations as a group. The Region is made up of Boston, Brookline, Cambridge, Chelsea, Everett, Quincy, Revere, Somerville, and Winthrop, with Boston serving as the hub. The City of Boston’s Office of Emergency Management is the coordinating agency that provides bureaucratic stability and staffing for the Region as a whole, including by serving as the organization that applies for, receives, and distributes federal grant money through the Department of Homeland Security’s Urban Areas Security Initiative grant program.
For the past few years, the City of Boston has been organizing meetings to discuss surveillance camera strategy. The ACLU of Massachusetts has obtained some documents describing the discussions at these meetings. The notes and agendas from the meetings make clear that the City is working to establish a surveillance camera network to include cameras from various different agencies with a presence in the City of Boston, including the MBTA (which has over 5,000 cameras in its network alone), the Boston Housing Authority, and the Boston Transportation Department, among others.
The RFP published by the Office of Emergency Management appears to be a parallel effort—this one aimed at linking all the DHS-funded cameras in the nine cities and towns that make up the Region.
Networked surveillance poses serious threats to privacy, security, and safety
Video surveillance poses different threats to privacy, security, and safety depending on the details of the systems at issue, with the severity of the threats hinging largely on the answers to three core questions. First, how many cameras are connected to the network? Second, how many people have access to the camera network? And finally, what types of technologies are integrated with the network?
The system the City of Boston is proposing in its April 2021 RFP raises extremely serious concerns on all three counts.
First, the system aims to integrate over 1,000 surveillance cameras, ShotSpotter devices, and license plate readers throughout the nine cities and towns in the Region into one seamless surveillance system. This means that anyone with login access to the system may be able to view real-time and recorded data from any of its thousands of cameras and devices.
Second, according to the RFP, the City wants the system to be accessible to officials from each of the nine cities and towns that make up the Region. It appears as if the granular decisions about access will be made by each participating city and town. Access to the system will be made available through both desktops and mobile applications like phones and tablets, according to the RFP.
Let’s assume each city and town plans to grant system access to each police officer working in those communities.
Here are the approximate numbers of sworn police officers per municipality:
*(Note: Thanks to the City’s work with the ACLU to pass a surveillance oversight ordinance in Somerville, the City of Somerville makes publicly available the location of all SPD surveillance cameras. View the map.)
**(Note: This is an estimate. We were unable to locate any public information about the number of officers, and the Winthrop Police Department did not answer the phone when I called.)
That number omits non-sworn officers like intelligence analysts, who will likely also have access to the system. Furthermore, it does not include members of other local emergency response government organizations, like 9-1-1 dispatchers, EMS employees, or fire fighters. For that reason, the number of authorized users could be substantially higher.
Using this low-ball estimate, it is possible that, were this system to go into effect, nearly 3,400 police officers from communities throughout eastern Massachusetts could have access to information from over 1,000 surveillance devices in the region—even from their personal cell phones—at any time of day, from anywhere in the world with an internet connection.
Third, the surveillance system incorporates invasive tracking technology including cameras, license plate readers, ShotSpotter listening devices, and video analytics software. These technologies, particularly when they are networked in the manner sought by the City of Boston, facilitate dragnet surveillance of millions of people every day, including individuals, cars, and groups. One of the technologies involved, BriefCam, allows police to automatically find individual cars, people, and other objects, across thousands of cameras, in real time and historically. For example, if police wanted to locate a person driving a red truck, they could ask the system to automatically scan the camera footage throughout the Region looking for red trucks, and flag those for the officer. (Check out these promotional videos to see how BriefCam advertises its technology.)
These types of networked surveillance systems, operating on more than one thousand cameras, accessible to upwards of 3,400 people, and powered by advanced tracking technologies like BriefCam, pose profound privacy, security, and safety risks.
Abuse and misuse pose grave threats to all people in Eastern Massachusetts
There are three kinds of risk here: Officially sanctioned misuse or abuse, non-sanctioned official misuse or abuse, and hacking.
Officially sanctioned misuse or abuse occurs when the policies or procedures governing access to a surveillance system do not align with the public’s expectations of how those systems will be used. A good example of this type of abuse is police surveillance of First Amendment-protected activity. The police may view using this system to track Black Lives Matter dissidents as perfectly acceptable, and even justifiable. But the public (and the courts) may disagree.
Non-sanctioned official misuse or abuse occurs when police officers or others with authorized access to the surveillance system use the technology in a way that violates formal policy or police procedure. An example of this type of abuse is a police officer using his or her access to a surveillance system to track the habits, locations, and associations of a personal rival, an ex-partner, or a political opponent. A system with 3,400 authorized users is very difficult to police, meaning it will be nearly impossible to ensure people who have official access don’t use the system for non-authorized purposes.
Hacking is another threat—magnified by the sheer scope of this surveillance proposal. Every day the public learns about another major hack, where government agencies, oil companies, entertainment giants, local police departments, and yes, even surveillance contractors are compromised, their secrets spilling out into the public. Recently, a surveillance camera manufacturer called Verkada was hacked, allowing a non-authorized user to view video feeds from 150,000 cameras across the country, including at least one in a government jail.
The system the City of Boston plans to build would potentially grant access to a vast surveillance network to nearly 3,400 people. It would be relatively trivial for a hacker to perform a social engineering attack on a select number of those people, obtaining access to over one thousand surveillance devices throughout the region. The hacking threat could come from a bored person, someone with an axe to grind, a foreign government, someone seeking money, or even a stalker who wants to piggy-back on the government’s surveillance system to harm someone. Making matters worse, a hack like this may go undiscovered for days, weeks, or even months.
Surveillance isn’t safety. The threats posed by a networked, invasive, and expansive surveillance system like the one planned by the City of Boston are too grave and serious to ignore. Join us in asking Acting Mayor Janey to withdraw this RFP, and calling on the City Council to use their power to make sure this contract is never signed. Privacy can’t protect itself.