The Great California Firewall

Dave Maass, Electronic Frontier Foundation

Portrait of Dave Maass, by Gretchen Röehrs Dave Maass, by Gretchen Röehrs

The Trump Administration needs data to violate our rights—data about immigrants, Muslims, and anyone else it deems dangerous or undesirable. This kind of information isn’t just collected by federal agencies, but at a state level as well. In fact, states collect significant amounts of data about residents that could be used by the Administration to target certain groups.

Dave Maass is an investigative researcher with the Electronic Frontier Foundation (EFF) who follows the California state legislature closely. He explained to us the various ways that California gathers data about Californians--and how freely it shares that information with the federal government. He also described the EFF’s efforts to curb California’s data sharing with Washington, a campaign that could inspire a broader movement to starve federal agencies of the information they need to fulfill the Administration’s agenda.

I know you devote most of your energy to California. So let’s start by talking about what kind of data is collected by state and local government agencies in California.

It’s hard to say exactly. It's not like law enforcement lets us sit down at the terminal and play around with their criminal information databases and analytical algorithms. Our knowledge of what kind of data is being collected, and how it is being transmitted, usually comes from user agreements, contracts, memorandums of understanding, meeting minutes, training materials, and occasionally an actual privacy policy.

Here’s how I explain it: it's like trying to understand how Facebook works when you've only read Facebook's terms of service. You’ve never actually sat down in front of Facebook and used it.

Still, we do know a fair bit about the range of data that the government is collecting in California—enough to be very concerned.

Can you give us some examples?

One example is California’s gang databases. These are quite controversial. Last year, the state legislature even passed a law restricting their use—and another is on the way. These are databases that contain information on individuals that law enforcement has identified as gang members, or affiliated with gangs, or related to people in gangs. Or at least they’re supposed to be. A state audit sampled the data and found that as many 13% of people in the database had no listed reason for being included.

Another example is license plate reader databases, where law enforcement is constantly collecting license plate information from cameras and geolocating the data. In aggregate, that allows them to piece together people's travel patterns or get instant alerts on where certain individuals are.

The government also collects information from undocumented immigrants who get driver licenses, or obtain medical services, or seek other services from the government.

One of the most controversial systems is something called the California Law Enforcement Telecommunications System (CLETS). It's a bit difficult to explain, but you can think of it as a rudimentary law enforcement internet. It's been around for decades. It’s the backbone connecting dozens of state and federal databases—ranging from criminal history to restraining orders to DMV data. It provides access to users through a single portal and even a handy mobile app. It also includes a messaging service that enables law enforcement personnel from all over California to communicate.

And various agencies within the Department of Homeland Security (DHS) have access to this massive network of databases.

The bottom line is: any interaction you have with state and local governments—including non-criminal things like obtaining a business license—is going to leave a paper trail. And the question is whether the federal government is going to be able to access it.

The federal government’s use of data obtained at a state and local level has always been a cause for concern. But with Trump in the White House threatening to accelerate mass deportations and build a Muslim registry, this issue has acquired a much greater sense of urgency. Tell us about the idea of a “California database firewall.”

A firewall is something that protects your computer. It ensures that only the things you want to get through to your computer can get through, and only the things you want to leave your computer can leave.

The general concept of the California database firewall is that there should be a restriction on how data collected in California is shared with the federal government for purposes that would violate civil liberties and human rights. Bills like California’s S.B. 54 and S.B. 31 were launched to protect data collected in California from being used for mass deportations or to create a Muslim registry. There is also concern that data related to the medical marijuana sector may be used by federal law enforcement agencies to go after patients.

California data belongs to California. The California state government shouldn't be collecting more data than they need to. And they should be limited in how they share it.


This has been a free excerpt from Tech Against Trump, a new book by Logic chronicling the rising tide of anti-Trump resistance by tech workers and technologists.

To read the rest of the interview, head on over to our store and buy the book. Like our work? Subscribe for future issues!

< Back to the Table of Contents