What Happened With Surveillance Technology Oversight in San Diego

San Diego's downtown skyline is shown at night with motion-blurred objects appearing on the water
Photo Credit: Chris Grafton

San Diego's new Surveillance Technology Oversight ordinance made a big splash this week as people became aware the law had quietly received final approval on August 2, 2022. Local and national news organizations eventually caught on, hailing the ordinance as a victory for San Diegans who are taking back control of mass surveillance.

But since then, several people have asked me some form of the same question.

What does San Diego's new surveillance ordinance actually do?

Fair enough. Even though I and other TRUST SD groups have been working on this for almost 3 years, it is brand new to many others. So now may be a good time to re-introduce the ordinance to a wider audience.

Article 10 of Chapter 2 of the San Diego Municipal Code, relating to the Transparent and Responsible Use of Surveillance Technology.

Here's a link to the law as passed on August 2. They named the law after our coalition, which we thought was a very kind nod to the community. I'll be referring to sections in the law below for those who want to tie out the steps to the actual wording.

Our New Process for Reviewing Surveillance Technology

๐Ÿ’ก San Diego city staff think they have a great idea to use surveillance technology.  

  1. Prior to acquisition or a change of capability of surveillance technology (which is defined in ยง210.0101(m)), City staff must write a policy that will formally control how and when the technology will be used. ยง210.0102(e)(1)

    The policy is called a "Surveillance Use Policy" and the policy is required to contain the items specified in ยง210.0101(o). This document must be a public record and must be posted publicly and kept up to date. ยง210.0103(c) and (d).

  2. City staff must hold at least one meeting in each City Council district where they propose to deploy the technology. ยง210.0102(e)(2)

  3. City staff must study how the technology will impact San Diegans and then write a "Surveillance Impact Report."

    Specific categories of information must be included, as described in ยง210.0101(n). This document must be a public record and must be posted publicly and kept up to date. ยง210.0103(c) and (d).

  4. With community meetings done, and with Use Policy and Impact Report written, the City staff must submit those documents to San Diego's new Privacy Advisory Board (PAB) for review. ยง210.0102(e).

  5. Through a process of public deliberation, the PAB may recommend the project be approved, modified, or rejected. The board has 90 days after City staff submit the use policy and impact report to do so. ยง210.0102(e)(3) and (4).

  6. The surveillance proposal will then advance to City Council for consideration at a normal meeting. City Council must consider the recommendation of the board. They also must meet other review requirements in order for the project to be eligible for their approval. ยง210.0103(b)(2)

  7. City Council may approve or reject the proposal. They also may condition their approval on additional community outreach. ยง210.0102(f)(2)

For the sake of surveillance technology in the city that already exists (existence being defined in ยง210.0109), it will be treated as new and be subject to the same process above, but it will be given a 1 year grace period from when the law takes effect, so that it can continue operating without approval only for that period of time. ยง210.0109.

There is an annual reporting requirement for each surveillance technology that is in use. ยง210.0105(a). City staff must author, and the PAB must review, the Annual Surveillance Report, which must contain information defined in ยง210.0101(a). The City staff must subsequently submit the report and the PAB's post-review recommendation to the City Council. City Council must annually reconsider the costs and benefits of using the technology, and whether improvements to the Surveillance Use Policy are needed, or whether the use of technology should stop. ยง210.0105(c).

There is a provision for use of unapproved surveillance technology in exigent circumstances, which triggers additional reporting and actions by all parties. See ยง210.0104 for more on that.

I will follow up shortly with another post regarding some of my analysis about why this law is really promising in some regards and also troubling in other regards.

But for now, if you wanted to know what just happened regarding surveillance technology oversight in San Diego, now you know.

Updated:

Seth Hall is a founding member of San Diego Privacy. In 2017, he founded Tech Lead San Diego, and he is a member of the TRUST SD Coalition's steering committee. Email: techlead@protonmail.com.

You may also like:

A lit pedestrian bridge in San Diego is pictured at night time. A long exposure leaves tail lights from cars streaking across the photograph's canvas.

The Latest on San Diego's Privacy Advisory Board

This is a "live post" that will be updated with new information as San Diego advances through the process…

How San Diego's Privacy Law Stacks Up Against 16 Others

This informative whitepaper from Berkeley sheds very helpful light on how San Diego's new surveillance ordinance would stack up…

A silhouette sits atop a lifeguard tower with an orange, white and blue sunset over the ocean in the background

What is San Diego Privacy?

We're a community group of people who are interested in discussing and working on privacy topics. Here are some…