HomeMy WebLinkAboutItem 8.2 Report on Public Data Security
STAFF REPORT
CITY COUNCIL
Page 1 of 5
Agenda Item 8.2
DATE: March 3, 2026
TO: Honorable Mayor and City Councilmembers
FROM: Colleen Tribby, City Manager
SUBJECT:
Report on Public Data Security
Prepared by: Victor Fox, Police Chief and Steve Windsor, Chief
Information Security Officer
EXECUTIVE SUMMARY:
The City Council will receive a report on how the City protects the public data it collects in the
course of normal business operations.
STAFF RECOMMENDATION:
Receive the report.
FINANCIAL IMPACT:
None.
DESCRIPTION:
During Item 9 of the December 2, 2025 meeting, the City Council requested a report on how
the City protects the public’s data.
Background
The City collects and utilizes information from a variety of technological sources encompassing
public safety, finance, business, recreation, property, infrastructure as part of the normal
course of providing community services. This report addresses the protection protocols around
the two major categories of information collected and utilized in Dublin – public safety data
collected by Dublin Police Services, and data collected by the City through internal systems
and third parties to provide general community services and programs.
Data Collected by Dublin Police Services
Dublin Police Services (DPS) utilizes technology systems to support law enforcement
operations while maintaining strict controls over how public data is accessed and used. The
primary technologies used by DPS that collect and/or use electronic data are the Flock Safety
82
Page 2 of 5
camera system and the Peregrine Technologies data integration system. DPS also uses its
own internal systems in the completion of routine daily business. The following is a discussion
of key components of the department's data protection practices across all systems.
Automated License Plate Reader and Situational Awareness Cameras (Flock Safety)
DPS has deployed Automated License Plate Reader (ALPR) and situational awareness
camera (sitcam) equipment and technology since 2017. In October 2024, the City Council
approved an agreement with Flock Safety for the purchase and installation of 82 ALPR
cameras and sitcams. This transition improves image quality, reliability, and real-time alert
capability while maintaining existing governance and compliance policies.
Flock’s camera systems capture vehicle data only and are used exclusively for defined law
enforcement purposes such as vehicle recovery, suspect identification, emergency notification
alerts, and investigative leads. Specifically, ALPR technology supports real-time incident
management and aids in investigations and monitors high traffic intersections, including
ingress/egress points. This data is not used for generalized surveillance or any type of
monitoring without a law enforcement purpose.
There are several laws and policies that govern the retention, access, and use of the data
collected through ALPR technology, and with which DPS is in compliance:
Senate Bill (SB) 34 (2016). Governs ALPR access, retention, audit logging, and
sharing limits. Specifically, it prohibits police from circulating ALPR data with the federal
government and agencies in other states.
Alameda County Sheriff’s Office Policy 5.42 (ALPR). Governs the use of ALPR
systems, including usage, data collection, training, and security.
SB 54 (The California Values Act, 2018). While this law does not specifically discuss
the use of ALPR data, it restricts state and local law enforcement from using resources
(which would include technological resources such as ALPR systems) for federal
immigration enforcement.
CJIS Compliance. Electronic data collected by DPS systems, including ALPRs, is also
compliant with the Federal Bureau of Investigation’s Criminal Justice Information
Services (CJIS) Security Policy. This requires federal, state, and local agencies and
contractors to implement controls such as encryption, multi-factor authentication,
auditing, and background checks to protect data.
Real-Time Crime Center (RTCC) and Investigative Data Integration (Peregrine Technologies)
Dublin Police Services’ RTCC is a centralized hub that integrates data from a variety of
sources, such as ALPRs and sitcams, calls for service, and crime analytics, to give officers
instant, actionable intelligence for faster response times, better situational awareness,
increased suspect identifications, and safer outcomes. As part of its RTCC operations, DPS
uses Peregrine Technologies, a web-based software-as-a-service that consolidates data from
existing law enforcement systems into a single point of access for analysis, reporting, and
oversight. Peregrine does not independently collect or retain data, and all information remains
the property of the City. Peregrine’s data security protocols include end-to-end encryption,
granular access and usage control, and audit trails.
83
Page 3 of 5
In addition, the Peregrine system in compliance with CJIS, supports Health Insurance
Portability and Accountability Act (HIPAA) requirements, and has achieved high-level security
certifications, including the Federal Risk and Authorization Management Program (FedRAMP)
High. The FedRAMP control system is one of the most stringent cybersecurity frameworks in
existence, with a compliance structure relies on three distinct levels. The “High” certification
gives organizations the strongest protections, particularly for those that handle national
security, law enforcement, and critical infrastructure data.
General DPS Systems
In addition, DPS employs the following controls related to the data it collects across all
systems.
Data ownership and retention. All data collected through DPS systems is owned by
the City. Camera data is automatically deleted after 30 days and cannot be extended by
the vendor. Data is not sold, shared, or repurposed beyond its intended law
enforcement use.
Access Control. Access to DPS systems is restricted by role, and every search for
data requires a registered user identification and documented reason for the search.
Permanent audit logs are maintained for all system access and searches.
Artificial Intelligence (AI)
Where AI features are used, they are limited to informational functions such as summarization.
Content generated via AI is clearly labeled, linked to source data, and does not initiate
enforcement actions or automate decisions. All operational decisions re main human-directed.
Data Collected by City Departments
In the course of daily operations, the City collects data in two ways: with internal or City-
controlled systems, and through third-party software. Data protection protocols for both are
described below.
City-Controlled Systems
The Information Technology (IT) Department employs a layered security approach to
protecting systems that are accessed through the City’s network and the data they contain.
The primary systems that collect and maintain sensitive information are: 1) Tyler Munis,
Dublin’s Enterprise Resource Planning (ERP) software, which includes finance, human
resources, payroll, and permitting modules; and 2) Laserfiche, which digitizes, secures, and
organizes documents and workflows.
The following areas represent the key components of Dublin's information security program
that is utilized with Tyler Munis, Laserfiche, and all other City-controlled information databases.
Data Protection and Encryption. The City uses industry-standard encryption to protect
data both in storage and during transmission. Encrypted backups are maintained in
secure cloud environments.
Identity and Access Management. Access to City systems is restricted through
84
Page 4 of 5
granular, role-based access controls and multi-factor authentication. System
permissions are managed to ensure employees have access only to the information
necessary for their role. Physical access to City facilities is managed through a strict
electronic badging system that is monitored and controlled remotely.
Network and Threat Protection. City networks are protected by enterprise firewalls
and 24/7 security operations monitoring. Endpoint protection is deployed on all City
devices to defend against malware and other threats.
Monitoring and Logging. City systems are continuously monitored for unusual activity.
Centralized logging and alerting allow staff to identify and investigate abnormal behavior
in real time.
Incident Response. The City maintains a formal incident response plan that is tested
annually. In the event of a security incident, response efforts are coordinated between
IT, DPS, the City Attorney, and City leadership.
Transparency and Privacy. The City balances public access to information with the
protection of personal data. Legal review and redaction are applied to public records
requests to ensure compliance with applicable privacy laws.
Employee Training. All City employees participate in ongoing security awareness
training, including phishing simulations, to reduce the risk of human error.
Third-Party Vendors
The City works with a number of third-party vendors that handle City data, such as software
and apps like ActiveNet (for registering in City programs), HomeKeeper (for managing client
data and tracking properties), and FixIT Dublin (for reporting maintenance issues). All third-
party vendors are required to complete a security review and meet contractual security
requirements related to data privacy before approval.
Transparency and SB 272
In 2015, Senate Bill 272 was signed into law, requiring local agencies (excluding school
districts) to create catalogs of all enterprise systems that store information about the public,
and to post this catalog on their websites. This law, codified in California Government Code
Section 6270.5, is designed to increase transparency about the data collected by government.
An enterprise system as a software application or computer system that collects, stores,
exchanges, and analyzes information that the agency uses that is a multi-departmental
system or system that contains information collected about the public and a system of record
(a system that serves as an original source of data within an agency).
For each enterprise system included in the catalog list, agencies must disclose:
o Current system vendor and product
o The purpose of the system
o What kind of data is stored in it
o The department that serves as the system's primary custodian
o How frequently system data is collected and updated
Dublin’s SB 272 inventory can be found at https://dublin.ca.gov/1852/ESCT-SB-272 and is
included as an attachment to this Staff Report.
85
Page 5 of 5
STRATEGIC PLAN INITIATIVE:
None.
NOTICING REQUIREMENTS/PUBLIC OUTREACH:
The City Council Agenda was posted.
ATTACHMENTS:
1) City of Dublin SB 272 Inventory
86
Vendor Product Purpose Data Stored Custodial Dept Collected/Updated
Tyler Technologies MUNIS ERP City-wide financial management, payroll, HR, and procurement Financial transactions, vendor data, purchase orders, contracts, public-facing billing/AR records FIN Daily
Tyler Technologies EnerGov Permitting, licensing, inspections, and code enforcement Permit applications, inspection records, license data, code cases, public applicant info FIN / PLN Daily
Tyler Technologies Tyler Cashiering Payment processing for city services Payment transactions, receipt records, payer information FIN Daily
Laserfiche Laserfiche RIO Enterprise document management and records retention Official city records, public documents, images, retention schedules CLK Daily
Granicus, LLC Peak Agenda, Media Manager, Swagit Streaming/Captioning Public meeting agenda creation, minutes, streaming, captioning Meeting agendas, minutes, video recordings, public comments CLK As needed (per meeting cycle)
NeoGov Governmentjobs.com Online recruitment, job postings, applicant tracking Job applications, resumes, candidate evaluations from the public HRM Daily
Netfile E-filing System Electronic filing of campaign finance and economic interest disclosures Financial disclosure statements, campaign contributions, filer info CLK As needed (per filing period)
OpenGov Budgeting and Planning Suite (incl. Open Town Hall)Budget development, financial planning, public engagement Budget data, public survey responses, community feedback FIN Daily / As needed
Salesforce / Grounded Solutions HomeKeeper (Sales & Service Cloud)Affordable housing program management and compliance Homeowner/applicant records, property data, income verification HSG Daily
ElectricBaby, Inc Online Homeownership Application (Salesforce)Online application portal for homeownership programs Public applicant personal info, income data, eligibility docs HSG As needed
ActiveNetwork ActiveNet Recreation registration, facility reservations, activity management Public registrant info, class enrollments, facility bookings, payments PCS Daily
Esri ArcGIS (Enterprise GIS)Geographic information system for spatial analysis and public data Parcel data, zoning, infrastructure layers, spatial datasets ISS / PWK Daily
DocuSign DocuSign Electronic signature and agreement management Signed contracts, agreements, signatory info (public parties)CMO Daily
CivicPlus Website Hosting and Support Website hosting, forms, ADA compliance Public forms, website content, ADA reports CMO Daily
CivicPlus SeeClickFix Public service request and issue reporting Service requests, location data, photos, public requestor info CMO / MKT Daily
CivicPlus Next Request Public records request tracking and fulfillment Records requests, public requestor info, response documents CLK As needed
CivicPlus ArchiveSocial Social media archiving for records compliance Archived public-facing social media posts, comments, messages MKT Daily (automated)
Omnigo Software (Quetel)Physical Evidence Management Law enforcement evidence tracking and chain of custody Evidence records, case associations, chain of custody logs DPS Daily
KAM Software Technologies Crossroads Traffic collision investigation and reporting Collision reports, witness/party info, vehicle data, scene diagrams DPS As needed (per incident)
Cellebrite Cellebrite UFED Digital forensics for law enforcement investigations Extracted digital evidence, case files, forensic reports DPS As needed (per case)
Everbridge, Inc Nixle Engage Mass public notification and community engagement Resident contact info, subscriber lists, notification history MKT Daily
CoStar CoStar Realty Information Commercial real estate market data and analysis Property listings, sales data, market analytics, tenant info EDD Daily
ZOOMGRANTS Zoom Grants Online grant application and management Grant applications, public applicant info, award amounts, reports PCS As needed (per grant cycle)
iCityWork iCityWork Public-facing development activity website and project information Development project details, status, maps, public documents PLN / PWK As needed
Amobius Group LLC Veribook Online appointment scheduling for passport appointments and Livescan fingerprinting Public appointment records, scheduling data, requestor info DPS Daily
REVEAL DATA CORP Logikcull eDiscovery and public records search Litigation documents, public records search results (verify if public data stored)CLK As needed
Interactive Data IDI Core Data Investigative data lookup for law enforcement Person records, address history (verify if Dublin stores originals or query-only)DPS As needed
LEHR Investigative Data Platform (IDP)Commercial data for law enforcement investigations Person/entity records (verify if storing originals or query-only)DPS As needed
Callyo Investigations Law enforcement call recording Recorded calls with public, communication logs (verify if system of record)DPS As needed
CaseGuard Body Worn Camera Redaction Software Video redaction for BWC footage prior to public release Redacted video of public interactions (verify if system of record)DPS As needed
Teamsideline Sports Schedule and Roster App Sports league scheduling and roster management Public participant names, team rosters (verify depth of public data)PCS Seasonally
EPACT Signature/Emergency Contact Software Participant emergency contact and medical info Public participant emergency contacts, medical info, waivers PCS As needed
HydroApps Aquatic Forms and Log Software Pool safety logging and compliance Safety inspections, incident reports (verify if public injury/incident data stored)PCS Daily
General Code Publishing Co.Municipal Code Updates Online Municipal Code Proprietary Offsite Database Codified local laws and ordinances CMO As needed
Attachment 1
87
Report on Public Data
Security
March 3, 2026
88
Executive Summary
•The City collects and utilizes information from a variety of
technological sources.
•This report addresses the protection protocols around the
two major categories of information collected and utilized in
Dublin:
•Public safety data collected by Dublin Police Services
•Data collected by the City through internal systems and third
parties
89
DPS Data Protection
90
Cameras and Investigative Technology
•Automated License Plate Reader (ALPR) and Situational Awareness
Cameras (Sitcams) in use since 2017 –Vehicle recovery, suspect ID,
investigative leads.
•82 cameras approved by Council (Oct 15, 2024) to
modernize and expand coverage.
•Peregrine Technologies consolidates law enforcement data –All systems
under strict legal compliance.
91
ALPRs
•Capture license plates and vehicle descriptors only. No personal
identifying information or demographic data is collected.
•Human verification required before any enforcement action.
•Support stolen vehicle recovery, emergency notification alerts (AMBER,
Silver,Ebony, etc), criminal investigations, at-risk missing persons, and
officer safety.
Flock Safety —Data Uses
92
Situational Cameras (Sitcams)
•Support real-time incident management and aid in investigations.
•Monitors high traffic intersections, including ingress/egress points.
•Not used for generalized surveillance or any type of monitoring
without a law enforcement purpose.
•DPS operates these cameras under Policy and Procedure 5.26.
Flock Safety —Data Uses
93
•Data 100% owned by DPS -never sold; auto-deleted after 30 days by
default.
•Every search is logged with user ID and case reason (permanent audit
trail).
•Flock has no access to personally identifiable information.
•DPS decides who to share data with, not Flock Safety.
Flock Safety —Data Security
94
•No public IP; data is CJIS-compliant AWS GovCloud with end-to-end
encryption.
•Achieved 10 security certifications, including CJIS.
•Multi-factor authentication, role-based access.
Flock Safety — Data Security
95
•Deactivated the ability for out-of-state and federal agencies to
request data from California agencies (March 2025).
•Created a search filter that blocks any search reason appearing to
include immigration enforcement or reproductive care (July 2025).
• Created the ability to audit whether or not a search query yielded any
results (August 2025).
Flock Safety — Data Security
96
Legal and Policy Compliance
•SB 34 (2016) – Governs ALPR access, retention, audit logging, and sharing
limits.
•SB 54 (The California Values Act, 2018) – Restricts state and local law
enforcement from using resources for federal immigration enforcement.
•ACSO Policy 5.42 (ALPR) – Governs usage, data collection, training, and
security.
•CJIS Compliance – Requires encryption, multi-factor ID, audting, etc
97
Peregrine — Data Uses
•Consolidates existing RMS, CAD, and CRIMS data into a single point
of access for analysis, reporting, and oversight.
•Not predictive policing – No risk scores, targeting, or automated
enforcement.
98
Peregrine — Data Security
•Does not independently collect data.
•DPS owns all data – Not sold or shared; auto-removed when expunged
at source.
•CJIS compliant and has achieved high-level security certifications,
including FedRamp High.
99
Peregrine — Data Security
•AI features are informational only, do not initiate enforcement actions,
automate decisions, or operate without human oversight.
•Peregrine does not build or train its own AI models.
100
General Privacy and Anti-Bias Safeguards
•Role-based access to systems, full audit logging, data encryption,
and automated data deletion after 30 days.
•No demographic profiling by race, ethnicity, or any protected
characteristic.
•Monthly supervisory audits.
101
General Accountability and Oversight
•Departmental policy governs all data collection, interpretation, and
action.
•Platform tools support transparency, auditing, and compliance
reporting.
•Regular audits ensure adherence to policy and law.
102
Summary
•ALPR and Situational Awareness cameras in use since 2017 — Flock
Safety and Peregrine improve operational capability with strong
protections of data privacy.
•All systems comply with SB 34, SB 54, DPS Policy 5.26, and ACSO
Policy 5.42.
•DPS is committed to transparent, lawful, and equitable use of public
safety technology.
103
Questions?
104
City IT Data Protection
105
Data Protection and Encryption
•Industry-standard encryption protects data in storage and
during transmission.
•Encrypted backups are maintained in secure cloud
environments.
106
Identity and Access Management
•System access is restricted through granular, role-based
controls and multi-factor authentication (MFA).
•Employees have access only to the information necessary for
their role (Least Privilege).
•Physical access to City facilities is electronically managed and
monitored.
107
Network and Threat Protection
•Enterprise firewalls protect City networks from external threats.
•24/7 security operations monitoring detects and responds to
threats in real time.
•Endpoint malware protection is deployed on all City devices.
108
Monitoring and Logging
•City systems are continuously monitored for unusual activity
(SOC).
•Centralized logging and alerting identify abnormal behavior.
109
Incident Response
•Incident response plan is documented and tested annually
(Tabletop).
•Response coordination includes IT, Police, Legal, and City
leadership.
110
Transparency and Privacy
•Public access to information is balanced with protection of
personal data (redacting).
•Legal review and redaction are applied to public records requests
(PRA Review).
•Practices comply with applicable state and federal privacy laws.
111
Employee Training
•All City employees receive mandatory security awareness
training.
•Ongoing phishing simulation testing reinforces employee
readiness.
•Training reduces the risk of human error as an attack vector.
112
Vendor Risk Management
•Third-party vendors complete a security review before handling
City data.
•Contractual security requirements are required for approval.
113
Questions?
114