C.J.I.S. COUNCIL CODIFICATION - S.B. 133 (S-3): FIRST ANALYSIS


Senate Bill 133 (Substitute S-3 as passed by the Senate)

Sponsor: Senator Loren Bennett

Committee: Judiciary


Date Completed: 5-30-01


RATIONALE


Executive Reorganization Order No. 1998-1 created the Criminal Justice Information Systems (CJIS) Policy Council within the Department of State Police. The executive order transferred all the statutory authority, functions, and responsibilities of the Automated Fingerprint Identification System (AFIS) Policy Council and the Law Enforcement Information Network (LEIN) Policy Council to the CJIS Policy Council. The executive order also mandates that the CJIS Policy Council advise the Department Director on issues related to information management systems that facilitate the rapid exchange of information between components of the criminal justice system. Since the 1998 executive order abolished the LEIN Policy Council and the AFIS Policy Council as individual entities, combining them into a single CJIS Policy Council, it has been suggested that the CJIS Policy Council should be codified in statute to reflect the measures implemented under the executive order. Currently, separate statutes govern the LEIN Policy Council and the AFIS Policy Council.


Also, while the L.E.I.N. Policy Council Act requires the policy council to establish policy and promulgate rules regarding operational procedures, and the A.F.I.S. Policy Council Act requires that policy council to establish procedures to be followed by agencies using AFIS, some people feel that the CJIS Policy Council should have broader policy-making authority governing access, use, and disclosure of information from the various criminal justice information systems. In addition, the L.E.I.N. Policy Council Act prohibits the unauthorized disclosure of information from LEIN and subjects violators to criminal penalties. Some believe that improper access and use, as well as disclosure, of information from LEIN or AFIS also should be prohibited and that the penalties should apply only when those actions involve nonpublic information and are taken for personal use or gain.


CONTENT


The bill would amend the L.E.I.N. Policy Council Act to do all of the following:


-- Replace the LEIN Policy Council with the CJIS Policy Council, which would have an expanded membership.

-- Require the council to establish policy and promulgate rules governing information in criminal justice information systems.

-- Require the council to advise the Director of the Department of State Police on issues concerning criminal justice information systems.

-- Prohibit a person from gaining access to, using, or disclosing nonpublic information governed under the Act for personal use or gain (which would replace the current prohibition against disclosing LEIN information to a private entity for any purpose); and apply the criminal penalties only to intentional violations.

-- Prohibit the disclosure of AFIS and other criminal justice system information (as well as LEIN information) in an unauthorized manner.

-- Allow the policy council to suspend or deny use of or access to information by an agency or individual who violated the council's policies or rules.

-- Repeal the A.F.I.S. Policy Council Act (MCL 28.151-28.158).

The bill also would change the Act's official title to the "C.J.I.S. Policy Council Act".


Council Composition


According to the Act, the LEIN Policy Council comprises the following members:


-- The Attorney General, or his or her designee.

-- The Secretary of State, or his or her designee.

-- The Director of the Department of Corrections, or his or her designee.

-- The Commissioner of the Detroit Police Department, or his or her designee.

-- Three representatives of the Department of State Police, appointed by the Director of that Department.

-- Three representatives of the Michigan Association of Chiefs of Police, appointed annually by that association.

-- Three representatives of the Michigan Sheriffs' Association, appointed annually by that association.

-- Three representatives of the Prosecuting Attorneys Association of Michigan, appointed annually by that association.


The bill would include those members as well as the following in the CJIS Policy Council:


-- The Director of the Department of State Police, or his or her designee.

-- A fourth representative of the Michigan Sheriffs' Association.

-- A representative of the Michigan District Judges Association, appointed by that association.

-- A representative of the Michigan Judges Association, appointed by that association.

-- The State Court Administrator, or his or her designee.

-- An individual who was employed in or engaged in the private security business, appointed by and serving at the pleasure of the Governor.

-- An individual who represented human services concerns in Michigan, appointed by and serving at the pleasure of the Governor.


The bill also would refer to the "chief", rather than the "commissioner", of the Detroit Police Department.



The bill would delete the requirement that the representatives of the police chiefs', sheriffs', and prosecutors' associations be appointed annually. Under the bill, council members representing the Department of State Police, private security businesses, human services concerns, and the police chiefs', sheriffs', prosecutors', district judges', and judges' associations would serve two-year terms and could be reappointed.


The bill specifies that a majority of the council members would constitute a quorum to conduct business at council meetings.


Policy and Rules


The Act requires that the council establish policy and promulgate rules regarding the operational procedures to be followed by agencies using LEIN. The bill would require instead that the council establish policies and promulgate rules governing access, use, and disclosure of information in criminal justice information systems including the LEIN system, the AFIS, and other information systems related to administering criminal justice or enforcing laws.


Among other matters, the Act requires that the policy and rules ensure access to locator information obtained through LEIN by State and Federal agencies and the Friend of the Court for enforcement of child support programs as provided under State and Federal Law, and ensure access to information of an individual being investigated by a State or county employee who is engaged in the enforcement of Michigan's child protection laws or rules. The bill, instead, would require that the policy and rules do the following:


-- Ensure access to information by a Federal, State, or local government agency to administer criminal justice or enforce any law.

-- Ensure access to information provided by LEIN or AFIS by a government agency engaged in the enforcement of child support laws, child protection laws, or vulnerable adult protection laws.


The Act requires the council to establish minimum standards for terminal sites and information. The bill instead would require that the council establish minimum standards for equipment and software and its installation. The Act allows the council to remove terminals if the agency or entity controlling a terminal fails to comply with the council's policies and rules. Under the bill, the council could suspend or deny the use of and access to information, or remove terminals from an agency, if that agency violated the council's policies and rules.


The bill also would require that a person who had direct access to nonpublic information in criminal justice information systems submit a set of fingerprints for comparison with State and Federal criminal history records. A report of the comparison would have to be provided to the person's employer.


Prohibitions and Penalties


The Act prohibits a person from disclosing information from LEIN to a private entity for any purpose, including the enforcement of child support programs. A first offense is a misdemeanor punishable by up to 90 days' imprisonment, a maximum fine of $500, or both. A second or subsequent offense is a felony punishable by up to four years' imprisonment, a maximum fine of $2,000, or both.


The bill, instead, would prohibit the access, use, or disclosure of "nonpublic information" governed under the Act for personal use or gain. Under the bill, the criminal penalties would apply to a person who "intentionally" violated the prohibition and the maximum penalty for a first conviction would be increased from 90 days' imprisonment to 93 days. ("Nonpublic information" would mean information that had restricted access, use, or dissemination imposed by any law or rule of this State or the United States.)


In addition, the Act prohibits disclosing information from LEIN in a manner that is not authorized by law or rule. The bill would refer to disclosure of information governed by the Act in that prohibition.


Use or Access Suspension or Denial


The Act allows the LEIN Policy Council to remove LEIN terminals if the agency or entity controlling the terminals fails to comply with the council's policies or promulgated rules.


The bill, instead, would allow the CJIS Policy Council to do either of the following:


-- Suspend or deny the use of and access to information or remove terminals from an agency if the agency violated the council's policies or rules.

-- Suspend or deny the use of and access to information to an individual who violated the council's policies or rules.


State Police


The bill would require the council to exercise its prescribed powers, duties, functions, and responsibilities independently of the Director of the Department of State Police. The council's budgeting, procurement, and related management functions, however, would have to be performed under the Director's direction and supervision. In addition, the executive secretary of the council would have to be appointed by the Director, subject to the council's approval.


MCL 28.211 et al.


BACKGROUND


The LEIN Policy Council was established by Public Act 163 of 1974 to create policy and promulgate rules regarding the operational procedures to be followed by agencies using LEIN, to review applications for network terminals and approve or disapprove the applications and the sites for terminal installations, and to establish minimum standards for terminal sites and installations.

The AFIS Policy Council was established by Public Act 307 of 1988 to create policy and promulgate rules regarding the operation and audit procedures to be followed by agencies using AFIS, to design and provide for statewide identification of individuals using an AFIS, to establish minimum standards for AFIS sites and installations, to review proposed applications for AFIS and approve or disapprove the applications and the sites for system installations, and to establish policy and promulgate rules restricting the dissemination of identification information to individuals and agencies.


Prior to the 1998 executive order, the membership of the LEIN Policy Council was entirely represented on the AFIS Policy Council.



ARGUMENTS


(Please note: The arguments contained in this analysis originate from sources outside the Senate Fiscal Agency. The Senate Fiscal Agency neither supports nor opposes legislation.)


Supporting Argument

By combining the LEIN Policy Council and the AFIS Policy Council in statute, the bill would codify the measures ordered by the Governor in Executive Reorganization Order No. 1998-1. The Governor noted in that executive order that the mission and goals of the two policy councils were similar and the technologies and system interaction involved with both LEIN and AFIS were closely linked. The order also stated that the two policy councils' functions and responsibilities could be more effectively organized and carried out under the supervision and direction of one governmental body, and that combining the LEIN and AFIS policy councils was "in the interests of efficient administration and effectiveness of government". The combined CJIS Policy Council has been operating as a single body, overseeing both the LEIN system and AFIS, since the implementation of that 1998 executive order, making the current provisions of the L.E.I.N. Policy Council Act and the A.F.I.S. Policy Council Act obsolete. The statutes should be revised to reflect those changes and anticipate the need for oversight of future criminal justice information systems.

Supporting Argument

While the 1988 executive order transferred to the CJIS Policy Council all of the existing authority of the AFIS and LEIN Policy Councils, that statutory authority is fairly restrictive. As the statutes require the separate policy councils to do, the CJIS Policy Council must establish procedures agencies must follow in using LEIN and AFIS, ensure that access to certain information in LEIN is available to certain law enforcement entities, and restrict the dissemination of identification information. The bill would give the CJIS Policy Council broader authority to oversee LEIN, AFIS, and other criminal justice information systems, mandating that the policy council establish policy and promulgate rules governing access, use, and disclosure of information from those systems.

Response: The bill should address a problem that has arisen regarding a law enforcement officer's lack of access to LEIN when enforcing a civil court order. Court officers and deputy sheriffs are not authorized to retrieve LEIN information that may be useful in enforcing civil court orders, such as property seizures, while other officials may receive similar information for other purposes. For instance, the Act allows certain school officials to receive from LEIN vehicle registration information pertaining to vehicles within 1,000 feet of school property, but a court officer assigned to seize a particular vehicle cannot get information regarding that vehicle from LEIN. Ironically, a deputy sheriff working road patrol duty one day has full access to LEIN, but if that deputy is assigned to civil court order enforcement the next day, he or she has no authority to use LEIN. Although the CJIS Policy Council potentially could approve LEIN access for civil court order enforcement under the broadened authority proposed by the bill, these law enforcement officers should have specific statutory authority to use LEIN.


Supporting Argument

The bill would enhance the security of information in LEIN and other criminal justice systems. Currently, unauthorized disclosure of LEIN information can result in criminal penalties. According to testimony before the Senate Judiciary Committee, however, on some occasions people improperly gained access to or used LEIN information but did not disclose it. That is not technically a violation under the current Act, because the information was not disclosed. By specifying that a person could not "access, use, or disclose" nonpublic information from LEIN, AFIS, and other systems for personal use or gain, the bill would more appropriately prohibit an action that should be subject to criminal penalties.


Supporting Argument

The bill would give the CJIS Policy Council greater administrative authority over the use of criminal justice information systems. In particular, the policy council would have the power to impose administrative sanctions on individuals who use information systems improperly. Currently, the policy council establishes minimum standards for terminal sites, and may remove a terminal from an agency if the terminal is used improperly. Some have reported that individual employees of law enforcement agencies sometimes engage in improper access to or use of LEIN information. These actions may not rise to the level of a criminal violation, either under the L.E.I.N. Policy Council Act or the bill, because the information might not be disclosed to another individual or the actions might not be taken for personal gain. In such cases, removing a terminal from that site, thereby imposing a sanction on the entire agency, may be too harsh. As an option, the bill would grant the CJIS Policy Council the authority to suspend an individual's rights to gain access to and use LEIN or AFIS.

Response: Individual agencies are responsible for overseeing the use of information systems by their employees. Granting administrative authority over individual personnel to the CJIS Policy Council could involve it in other ancillary issues such as employment relations and contract negotiation. Those matters are outside the purview of the policy council.


- Legislative Analyst: P. Affholter


FISCAL IMPACT


The bill would have no fiscal impact on State or local government.


- Fiscal Analyst: B. BakerA0102\s133a

This analysis was prepared by nonpartisan Senate staff for use by the Senate in its deliberations and does not constitute an official statement of legislative intent.