Subscriber Discussion

Should Government Security System Contracts Be Exempt From Disclosure?

Carlton Purvis

02/27/14 02:19pm

In May, we showed you how to obtain government surveillance contracts using FOIA. We routinely use FOIA to get copies of contracts and RFPs that we review on IPVM. Most state and local FOIA regulations have provisions that exempt them from disclosing documents related to security, but they don't use them because contracts and agreements are usually looked at as fiscal documents rather than security documents.

Last June I received my first rejection from a local government using a security exemption. The entity cited an exemption that protects information that would "jeopardize the security of a public agency."

I'd like to know your opinions:

If so, why?

If not, do you worry the information could "fall into the wrong hands?"

Avatar

Ari Erenthal

Chesapeake & Midlantic
02/27/14 03:34pm

What, just a list of equipment and amount paid? How could that jeopardize anything? It's not like you're asking for locations, after all. Maybe it would be different if anyone invented analytics that actually worked, and you could figure out how to spoof the analytics based on known capabilities. Or something.

Avatar

Luis Carmona

Geutebruck USA
IPVMU Certified | 02/27/14 06:33pm

I agree with Ari, they should not be allowed to dismiss requests out of hand citing the too broad reason of "security concerns".

When I requested the winning contract for the 2012 Republican National Convention I got a redacted copy, which I understood, but it still had enough information to give me what I was looking for, which was what were the brands used, who did the work and how much it cost.

Sad thing is sometimes agency employees either don't know what legally they have to or not have to disclose, or maybe they don't want to bother so they just say "I can't disclose that". It's not their money if there's a challenge so sometimes the only way to get info is to get a lawyer and file suit.

Carlton Purvis

In reply to Luis Carmona | 02/27/14 10:10pm

Luis, what about this rejection above? Would you say the one was too broad?

It's also worth mentioning that the house just passed a new FOIA bill. The Reporter's Committee for Freedom of the Press sums it up pretty well here:

"H. B. 1211 creates a presumption of openness, allowing a document to be withheld only if an agency 'reasonably foresees that disclosure would cause specific identifiable harm to an interest protected by an exemption, or if disclosure is prohibited by law.' Current FOIA law simply instructs agencies to release non-exempt information, rather than starting from the presumption that all information should be released and only then applying narrow exemptions."

Carlton Purvis

02/27/14 10:06pm

It looks like there were some yes votes. I'd be interested in hearing more from those. Feel free to comment undisclosed.

Avatar

Ari Erenthal

Chesapeake & Midlantic
In reply to Carlton Purvis | 02/27/14 10:13pm

Some people still believe in security through obscurity, I guess.

John Honovich

IPVM | In reply to Carlton Purvis | 02/27/14 10:17pm

I know a lot of people in the business don't want others to know the details of what they charge, sell and do made public.

Would you like an example? Avigilon Fanbois Freak Out At Carlton's Post on Dallas Airport

Carlton Purvis

In reply to John Honovich | 02/27/14 10:29pm

That brings up another good point. Once a long time ago, I requested a contract from a city agency and instead of providing the information, the agency contacted the company and gave them a heads up.

In turn, the company tried to get an injunction to block the release of the records saying that it contained private information (exec addresses and cell phone numbers) and proprietary information. In the end the documents were still released, but redacted. But companies will sometimes go great lengths to block the release of information. That wasn't the first time I've heard of that tactic.

To be honest, I'm surprised no one has tried to do that to IPVM when we request contracts.

Jim Hall

In reply to John Honovich | 03/04/14 03:37am

Just finished reading that epic codec caper of an article on love field. One thing presents itself though, unless I'm reading it wrong, it lists at least 48 2u avigilon nvr's for 500 cameras. Now i know that jpeg2000 takes a whole heap more a storage that h.264(who could read that thread and forget that?!) but why so many of them servers? Do they have a limitation on storage per nvr? I read how Avigilon was roundly condemned here for only 32 nvrs per 1000? This one is 48 for 500! Isn't that the biggest over spec of all?

p.s. this probably isn't the right slot for this comment but I didn't want re-ignite those two threads and get burned.

John Honovich

IPVM | In reply to Jim Hall | 03/04/14 03:51am

Jim, that's just another one of the benefits of JPEG2000!

The massive bitrate per cameras not only drive storage costs but also shrinks how many cameras a server can handle. Fundamentally, server capacity is driven by throughput and throughput is based on bitrate, ergo very few super high bandwidth JPEG2000 cameras can be handled by servers.

And, yes, while Avigilon dealers go nuts about this, being able to analyze real world projects and pricing makes it far easier to understand key tradeoffs.

Jim Hall

In reply to John Honovich | 03/04/14 06:06am

So should that other discussion be rebranded from "32 nvrs for 1000 cameras" to "jpeg2000: here we go again?", though I suppose we should give them credit for getting their cameras per nvr up to 30 as opposed to 10 on the love field job.

Its a long thread but it didn't seem to finger jpeg2000 as the culprit.

John Honovich

IPVM | In reply to Jim Hall | 03/04/14 06:08am

On a new project like that (32 recorders for 1000 cameras), it is unlikely that there are many JPEG2000 cameras, simply because most have been discontinued. That said, it certainly could be a factor but shame on anyone who is using MJPEG or JPEG2000 for recording surveillance in 2013 / 2014.

Jim Hall

In reply to John Honovich | 03/04/14 06:21am

Hold up! I think you solved the mystery then, it was a h.264 job using the old jpeg2000 capacity planning matrix!

Avatar

Luis Carmona

Geutebruck USA
IPVMU Certified | In reply to Carlton Purvis | 03/03/14 01:07pm

I think some of those yes votes you got presumed if there was sensitve information that could jeapordize security, then if should air on the side of secuurity. While those that answered no presumed that any compromising information would be removed or redacted, and thta you could not dismiss requests out of hand.

I think if you had a third vote option along the lines of "No, expect for security sensitive or security compromising parts are ok to be redacted", that would have gotten the most votes in my opinion.

Joe Walker

03/02/14 06:03pm

This is sensitive information and could be used to compromise the system.

Avatar

Marty Major

FLIR Security
In reply to Joe Walker | 03/02/14 07:43pm

Who gets to make that determination? 'Sensitive' is a very subjective term.

"It could be used to compromise the system" is a nice sentence where literally anything could be substituted for 'it'.

The new FOIA Bill that Carlton mentions speaks to subjective determinations:

"...allowing a document to be withheld only if an agency 'reasonably foresees that disclosure would cause specific identifiable harm.."

Can you be more specific, Joe...? :)

Carlton Purvis

In reply to Joe Walker | 03/03/14 09:48pm

What is sensitive?

Here is an interesting news segment from last year out of Oklahoma that illustrates the need for better open records laws and what happens when agencies use some arbitrary definition of sensitive. There is now an exemption to Oklahoma public records laws for highway patrol dashcam video because it's "sensitive." They actually wrote the exemption into the law after the Department of Public Safety asked for it. Pretty much every agency sees dashcam video as public, but for some reason in Oklahoma it'll be a problem if the public gets a hold of it.

The Highway Patrol says they keep the video secret to protect the privacy of people in the videos.

Top Comment Votes - Past 3 Months
  • 1. John Honovich - 1383
  • 2. Dwayne Cooney - 435
  • 3. Brian Rhodes - 385
  • 4. Michael Miller - 331
  • 5. Brian Karas - 318
  • 6. Andrew Myers - 301
  • 7. Marty Major - 289
  • 8. Ethan Ace - 175
  • 9. Ross Vander Klok - 173
  • 10. Lynn Harold - 157
  • 11. Matt Bischof - 153
  • 12. Shannon Davis - 147
  • 13. Greg Cortina - 117
  • 14. Hans Kahler - 111
  • 15. Scott Zuniga - 103
  • 16. Jerome Miller - 93
  • 17. Mert Karakaya - 91
  • 18. Ryan King - 89
  • 19. Jacob Hengel - 86
  • 20. Carsen Whiteside - 85
Manufacturers
Tools

BestMatch

Design Calculator

Online Shows

Camera Finder

F-Stop Calculator

Chat

Integrator Finder

News Spider

Camera Comparison

Quizzes

Pages

About

Contact