Cloud offers feds access to police data

Officers in the Interior Department’s Fish and Wildlife Service have led the way in testing a commercial infrastructure that gives federal officers the same access to law enforcement databases that their state and local counterparts have had for years.

Until recently, the only way these officers had of doing criminal record checks on individuals, checking vehicle registrations and looking up other law enforcement data was to go through the dispatchers of state and local police departments. “We don’t have our own dispatch system,” said FWS zone officer David Nicely. “Our officers primarily work alone because there aren’t that many of us [and] we tie up their systems.”

But for the past year, officers in the FWS’ Northeast Region 5 have been able to use a suite of mobile applications from InterAct Public Safety to access law enforcement databases directly through laptops in their cars and through their BlackBerry phones.


Related coverage:

Taking criminal justice resources into the wild

Virtual security a 'hair-raising' challenge for law enforcement net

National police network plans switch to faster speeds



This is no big deal for state and local police who have been able to do this for years, but federal agencies traditionally have been shut out of the state-run network that links law enforcement databases. So while patrolmen in Muncie, Ind., and Joplin, Mo., have access to the FBI’s National Crime Information Center as well as resources from any other state, most federal law enforcement officers do not.

To open up the federal market for its smart-phone PocketCop and in-car InterAct Mobile applications, InterAct worked with FWS Region 5 to create and test the InterAct Law Enforcement Data Delivery Service.

“ILEDDS is the infrastructure that the federal agencies were lacking,” said InterAct’s ILEDDS Program Director Roger Karr. It is a cloud-based service that links federal agencies and the National Law Enforcement Telecommunications System (NLETS), a nonprofit network owned and run by the 50 states.

Boundaries removed

“Without ILEDDS, PocketCop and Mobile have to go through a state switch,” which the states have been reluctant to allow for agencies from other jurisdictions, Karr said. “ILEDDS removes jurisdictional and geographical boundaries” by providing a separate dedicated infrastructure for feds.

NLETS is a public-safety network providing connectivity between state, federal and some international law enforcement databases. The network has points of presence with routers in each state’s criminal information center. It is primarily a message-switching and routing service that lets officers in state and local departments query databases throughout the country for everything from motor vehicle and driver's license data to criminal histories and immigration records. This often is done by a dispatcher at the request of officers in the field, but officers equipped with the laptop or smart-phone applications can get direct access to the state switch and make their own queries over NLETS.

An essential part of this service is the translation of queries and responses between the various protocols used by the different agencies.

An officer making a traffic stop in Muncie or Joplin, for instance, would check the vehicle registration and driver’s license data either by radioing the request to the dispatcher or by using a laptop with wireless connectivity in the car. The request is routed from the local police department to the state criminal information center, and from there through the NLETS point of presence to the databases in the appropriate state or states. NLETS translates the query into the proper protocol for that database, and the response is translated back to the protocol the officer is using.

Because of the sensitive data accessed through NLETS, which includes the FBI’s NCIC, the state access points must be certified and regularly audited for compliance with the FBI’s Criminal Justice Information System security requirements.

The states are not eager to have officers or agencies from other jurisdictions accessing law enforcement information through their switches because of the need for security auditing. At the same time, federal agencies do not have the resources to build out their own infrastructures.

“Federal agencies were clamoring for the same criminal justice information access that state and local agencies had,” Karr said. InterAct wanted to provide the access, but “we needed to have a champion agency.”

Champion emerges

The champion was FWS Region 5.

“We’ve been trying to get things off the ground since 2006,” Nicely said. FWS officers are federal game wardens, but they also are responsible for all types of law enforcement on federal wildlife refuges. “More and more we’re getting into police work.”

And they are spread thin. Region 5, the Northeast region, stretches from Maine through New England, west to Lake Erie and south through the Mid-Atlantic to West Virginia and Virginia. Some officers are assigned to a specific refuge. Nicely is a zone officer who patrols three refuges in Pennsylvania by himself, relying on state and local departments for backup and for communications beyond his BlackBerry.

“Being a zone officer, it’s common to travel overnight,” he said. “I work out of my vehicle quite a bit.”

Nicely and fellow zone officer Don Lima worked with InterAct to put a system in place to gain access to NLETS for FWS agents using the PocketCop and Mobile apps. InterAct formed a strategic partnership with NLETS to provide its own CJIS-certified access point. And because Region 5 is based in Hadley in western Massachusetts, InterAct set up a pilot program hosted in the Massachusetts state access point. InterAct assumed responsibility for the CJIS auditing and ensuring that its FWS users complied with security requirements.

The pilot program began with the seven Region 5 zone officers using the mobile application on their laptops, adding PocketCop to agency-issued BlackBerrys a little later. “It covered everything we needed,” Nicely said of the tools.

With the success of the program, ILEDDS was built out nationwide to provide NLETS access for authorized users, and the agency rolled out access to all FWS officers in Region 5 about a year ago.

Deals to come

InterAct has responsibility for compliance with CJIS and NLETS security policies for its access to NCIC. ILEDDS customer agencies also must comply with security requirements, which can slow the rollout. A memorandum of understanding between the FBI, CJIS, NLETS and  Interior has been negotiated, and four of the nine FWS regions now are using the service. InterAct also is working with other Interior agencies, including the Bureau of Indian Affairs and the National Park Service. Meanwhile, InterAct is in the early stages of working with the Bureau of Land Management.

Agreements with other departments to use the system are expected to follow.

ILEDDS has opened a new market for InterAct’s products and services and provides NLETS access for federal agencies without the capital costs of creating and managing their own infrastructures. The typical model for using PocketCop and Mobile is for the agency to license the software and pay a hosting fee for the service. But InterAct now can also sell the service directly to officers, who can pay for it on their government credit cards.

The company also is deploying these products and services in a software-as-a-service model. FWS Region 2, the Southwest, is using ILEDDS with this model, paying a flat $480 subscription fee per year per unit.

The next major expansion in the system will be enabling use by the Federal Motor Carriers Safety Administration. This is a regulatory, rather than a law enforcement, agency, so it does not have access to FBI CJIS information or driver’s license and vehicle registration databases. InterAct is in the early stages of delivery to enable FMCSA access to data via ILEDDS.

Reader Comments

Wed, Dec 28, 2011 the1

exactly, this is not a 'cloud'. It is a sneaky way the vendor has gotten access to data that has been protected and has controlled access by the states that support NLETS. The vendro is going to do an audit process. Sure what entity is going to perform theri triennial audits required by the FBI. Many of the federal agencies cannot even keep their desktops updated with AV and MS updates. I surely do not believe these are going to be kept up to date and there will be a proper CJIS audit performed on these. I think the feds messed up on this one, just opening it up and no oversight.

Mon, Nov 7, 2011 rak

With all due respect, I believe you are in fact mistaken. This solution consists of MANY high powered servers running complex server side software in a highly secured cloud environment. These systems operate within a CJIS compliant, Network Operations Center (Nlets NOC), and all processing is done by interconnected servers within the cloud, which do the heavy lifting of query/response processing from many sources of information, also connected to the cloud. In addition to complex server side software running as a service, these servers also process and route FIPS 140-2 compliant information to and from the client with added encryption done at multiple levels. Trained and certified users of the system are monitored from the point of logon to logoff. Two Form Factor (2FF) Authentication is mandatory and strictly enforced (again, all processing and validation is done at the server level, as a service). A very large number of LE data sets are queried, based on a complex set of routing tables which direct the requests and responses to and from the client (typically thin clients). There is no client processing, it is all done at the Cloud service level as a shared resource. The issue of sensitive data has been (and is required) addressed through the dissemination of CJIS Training and Certifications, FBI Security Policy compliance (v5.0), Nlets, and company security policies (audited and approved) which monitors and mitigates misuse. In these policies, it is made clear that the LE Officer or Agent is responsible for proper use and protection of information as it relates to officer safety, efficiency, and effectiveness. In the event of misuse, as required by FBI CJIS, the system provides complete and full audit capabilities to include but not limited to, date and time stamps of incident, location, user, device, and other important information through complex server side logging. The 'owners' of these data sets are Federal, State, and local Law enforcement agencies. They have been 'owned' like this forever, and the ‘owners’ are never expected to change. There is no need for an 'exit strategy’ if I understand your statement correctly. There are very few, out of the MANY data sets accessed, resident within the cloud.

The definition of a cloud is: Cloud computing is the delivery of computing as a service rather than a product, whereby shared resources, software, and information are provided to computers and other devices as a utility (like the electricity grid) over a network (typically the Internet).

Wed, Nov 2, 2011

Agree that this is not much of a "cloud" but is a good example of effective technology integration of consumer grade mobiles into an integrated data fusion system. Nice to see that vendors can do work better than demonstrated by the Google adventure with CJIS data for the Los Angeles system.

Wed, Nov 2, 2011 Don

This is NOT a "cloud" - though I encourage any corrections if I am mistaken. This appears to be an outsourced database shared between the agencies participating (a configuration which has been done since the 80's with varying degrees of success and failure). This system appears to be a success thus far. The issues these agencies should monitor closely (due to the sensitivity of their data) are the contractual terms (esp. ownership of data and legal liability if problems occur) - exit strategy (if they ever want to change systems - otherwise these agencies are "owned") - and any control over data and who can access it (agencies should document their requirements and include in contract).

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above