"w up.



Memorandum mi." 



{arthem Califmmnia
Regional intelligeimm Cm?iw

Sheriff Greg Munks
San Mateo County Sheriff's Office

Vice-Chair
Northern California High intensity Drug Trafficking Area Executive Board

 

Captain Michael Sena

Director
Northern California Regional intelligence Center 8:

High intensity Drug Trafficking Area

 

Page 1 NCRIC MOU

NORTHERN CALIFORNIA REGIONAL INTELLIGENCE CENTER

MEMORANDUM OF UNDERSTANDING

This Memorandum of Understanding (hereinafter or ?Agreement?} is made and entered
into on this 23"1 day of March 2015 by and between the parties below and all future signers of
this agreement, known collectively as "Member Agencies" or individually as a ?Member

Agency.?

WHEREAS, the Member Agencies provide public safety services within their jurisdictions; and

WHEREAS, the Member Agencies are dedicated to the most efficient utilization of their
resources and services in public safety endeavors within theiriurisdictions; and

WHEREAS, the Member Agencies are committed to complete cooperation and coordination in
providing the highest level of safety services to the public, guided by the principle that
cooperative efforts are in the pubiic?s best interest; and

WHEREAS, the Member Agencies desire to facilitate the sharing of information contained within
their electronic data systems, including but not limited to: Records Management Systems,
Computer Aided DiSpEtch Systems, Automated License Plate Readers, intelligence Management
Systems, Jail Management Systems, and Law Enforcement Data Sharing Systems - which may
include aggregated information collected from multiple individual or regional sources - into
commercially available and custom developed data integration systems; and

WHEREAS, the Member Agencies desire to share data owned, aggregated, or collected by the
Member Agency under the conditions set forth in this and

NOW, THEREFORE, the Member Agencies hereby agree:

Page 2 name MOU

Mission

The Northern California Regional Intelligence Center (NCRIC) is a mum-jurisdictional public
safety information fusion center comprised of the Northern California High Intensity Drug
Trafficking Al'ea (NCHIDTA) investigative Support Center and the NCRIC Homeland Security
Programs. The NCRIC is managed Under the NCHIDTA Executive Board. The NCRIC was created
to assist local, state, federal and tribal public safety agencies and critical infrastructure locations
with the collection, analysis and dissemination of all crimes and threat information.

It is the miss on of the NCRIC to protect the citizens of the counties within its area of
responsibility from the threat of narcotics trafficking; organized crime; international, domestic
and street terrorism related activities through information sharing and technical operation

support to ppblic safety agencies.

The NCRIC Uliata Sharing Partnership (NCRIODSP) is formed in support of this mission, under the
leadership 0 the NCRIC, its Executive Board, and regional stakeholders, to develop, establish,
and maintain an integrated system of information technology that maximizes the sharing of data
and communication between Member Agencies in support of law enforcement and public
safety, while.I maintaining the confidentiality of privileged or otherwise protected information

I
shared throUgh the system, and protecting privacy and civil liberties in accordance with

applicable law.

Purpose

This agreement outlines the duties and responsibilities of each Member Agency, de?nes the
working relationships and lines of authority for Member Agencies within the and
provides for the addition ofother eligible entities in the data-sharing program created by this

Memorandurn of Understanding (hereinafter 

Page 3 NCRIC MOU

 

1)

2i

De?nitirjns and other Terminology
NCRIC Data Sharing Partnership the collective group of Member Agencies
sharing data or utilizing shared data, as governed by this MOU

Systems: the collective group of information technology systems via which
shared data from multiple sources is aggregated, federated, replicated, standardized, or
otherwise consolidated for access to Authorized Users from Member Agencies.

Authorized Users: personnel from the Member Agencies that have the appropriate
clearance and authority to utilize and access shared data as a function of their employment.

Data: electronic records, analyses, images, and other information associated with incidents,
persons?or objects, existing in a Member Agency system or database, and potentially
shared with other Member Agencies via the Sharing System.

 

Host: the entity providing the facilities, labor, and expertise used to maintain, operate,
manageqland expand one or more Systems, under the direction of the Host?s
governance and in compliance with the policies set forth in this agreement.

Membe Agency: 3 law enforcement or public safety organization, whose leadership has
signed tEis agreement, and actively participates in information sharing with other Member

Agencie via the 
i

Membeii Agency Rights, Powers and Authority

This Agreement does not limit the rights, powers, and authority of Member Agencies. Each
Membeq Agency eXpressly retains all of its rights, powers, and authority including, but not
limited to,'financing, planning, developing, constructing, maintaining, repairing, managing,
operating, and controlling equipment, facilities, properties, projects, and information that it
deems, ilh its sole discretion, to be necessary for its own information system needs.

Nothing in this Agreement shall be construed to require a Member Agency:

a) t:o disclose any information that the Member Agency determines, in its sole
discretion, it does not have the ability or authority to disclose; 0R
b) 0 do any act that the Member Agency determines, in its sole discretion, is contrary
0 law or public policy; OR
c) to provide personnel, equipment, or services to the OR
d) to modify, restrict, or inhibit utilization of information systems independent of the
system.

Membe Agencies may modify, upgrade, or otherwise alter any internal systems or
processes withom approval or notification of the NCRIC, as long as those modifications do
not inhibit the systems or exchange ofdata implemented and/or funded by prior action of
the NCRIC, unless such modifications are mandated by law.

Page 4 MOU

3)

4)

5)

in gathering and sharing information, and in all other respects in performing acts related to
this Agreement, the parties will comply with all applicable laws, rules, and regulations.

Effective Date and Term of MOU

This agreement shall remain in effect until terminated and shall be reviewed by the NCRIC
every tvxlelve months to consider any recommended modifications to the Member Agencies.
The agreement can only be terminated as provided in this Agreement.

Data Shari 

All Member Agencies agree to promote comprehensive, timely, and accurate data sharing
with other Member Agencies via NCRIC-DSP systems. data shall only be shared
with Me 'nber Agencies, and only to authorized users of those agencies who possess a need
to know and right to know the shared data towards fulfillment of assigned law enforcement

or public safety duties.

Member Agencies are not required to contribute data to the system.

 


Any data: shared by a Member Agency to Systems that the Member Agency later
declareslshould not be shared, shall be withdrawn by all Hosts from all NCRIC-DSP Systems
within 48 hours, including deletion of any replications of the data.

Each Meimber Agency shall determine, within its sole discretion, which data records are to
be shardd with the and shall maintain the databases or other sources that
contain the applicable information.

9m

Data ex hange and user access shall be achieved using data private networks, or
other co. figurations that follow current best practices for information technology, are
acceptable to both the Member Agency sharing data and the Host receiving data or
providing user access, and adhere to current policies set forth by the Federal Bureau of
investigation Criminal Justice information Services (CJIS) and California Department of

Justice.

Systems shall be generally available. Hosts agree to inform other Member
Agencies in advance, whenever possible, of scheduled maintenance or other periods of

inaccessibility.

Page 5 MOU

5)

7)

Information Ownership and Release

MemberAgencles remain the official custodian of all information contributed to the NCRIC-
DSP. To 'the fullest extent permissible by law, all requests for information, California Public
Records Act, or Freedom oflnformation Act, will be referred to the Member Agency that is
the owner of the requested data, and the Member Agency that is the owner of the
requested data will be responsible for responding to the request.

Prior to eleasing data in furtherance of its statutory and constitutional obligations relating
to the CH covery process, a Member Agency shall seek written permission from the fellow
Member Agency who is custodian of that data.

 

In any instance where the custodian declines to grant such disclosure permission, the
involved Member Agencies shall confer to reach agreement on possible limitations on
disclosure (including the seeking ofjudicial protective orders] in an attempt to protect the
originatihg agency?s specific concerns while allowing the prosecuting agency to meet its
statutory and constitutional criminal discovery obligations.


Authoriied User Access and User Resoonsibllities

Each Me ber Agency is responsible for management of its Authorized User accounts.
Federated identity solutions will be utilized whenever possible.
I .

Each Meimber Agency agrees that all Authorized Users shall be current employees in good
standingland be authorized to review data for legitimate purposes. if for any reason a user is
no long Ir eligible for such access, or ends his/her employment with the agency, the agency
will folioI appropriate procedure and/or make necessary contacts to ensure access is

removed accordingly.


Each user agrees that Systems and the information contained therein are to be
used solely for authorized purposes consistent with the law. Authorized users shall not use
or sharegthe information for any unauthorized purposes, and Member Agencies agree that
such actions may result in the offending Member Agency or its offending Authorized User
being reyoked access to the system.

Users mlay not access any NCRIC-DSP Systems by using a name, password, common access
card, VP token, SSL certificate, or any other authentication mechanism that is assigned to

anotherluser. Users may not share passwords with other persons, nor allow another userto
utilize the system under their credentials.

Membe Agencies acknowledge that data maintained in NCRIC-DSP Systems consists of
informa ion that may or may not be accurate. Member Agencies do not warrant nor may
rely upo the accuracy of such information. Member Agencies understand and agree to
convey this caution to their employees who are Authorized Users. it shall be the
responsibility ofthe Member Agency or Authorized User requesting or using the data to
confirm the accuracy of the information before taking any enforcement-related action.

I Page 6 NCRIC MOU

3}

9)

The various Member Agencies agree to use information in Systems as a pointer
system for investigative leads or guidance, and not as the source of probable cause for law

enforcement actions.

An audit log will be maintained for a period of no less than three years to record user access
to shared data, including the name and organization of the user accessing via the 

and the date and time when the data was accessed.

Security Requirements

Member Agencies agree to maintain and enforce security requirements for the system.
Each Member Agency is responsible for the internal security of their records and any
technical support necessary to ensure proper security. All Member Agencies and Hosts
agree to enforce and maintain security, retention, and purge requirements for the
information shared as speci?ed in the information Practices Act, the Public Records Act,
California Attorney General?s Model Standards and Procedures for Maintaining Criminal
intelligence Files and Criminal intelligence Operational Activities, 28 Code of Federal
Regulatibns (CFR) Part 23, FBI Criminal Justice information Services (CJIS) policy, California
Department ofJustice policies, and any other laws or regulations governing applicable data

types. 

 

Connecting with other data sources and analysis platforms

The NCRIC will work to expand the connectivity and membership of the it will
also seek to acquire new analysis systems, and enhance the capabilities of existing
platforms, as to provide optimal value for data shared by Member Agencies.

Membe Agencies grant authority to the NCRIC to execute information sharing agreements
with ne Member Agencies and to incorporate new information sharing systems into the
NCRIC-D- P. Such agreements will not require further review or approval by member
agencie . Such agreements will have no material changes or provisions that would adversely
affect on contradict the policies of this MOU.

10) Admission and Withdrawal of Member Agencies

Addition'al public agencies, or similar regional or statewide sharing systems, may become
Member! Agencies by execution of a written amendment to this agreement by the proper

authority of the new Member Agency.

Existing and future Member Agencies have the right to withdraw from the 
provided written notice to the NCRIC, or may be involuntarily removed upon any breach of

this agrqlement.

Page 7 NCRIC MOU

11) Liability-and Indemnification

Member Agencies agree to indemnify, defend, and hoicl harmless all other Member
Agencies to the fullest extent permitted by law from and against any and all claims, tosses,
and expenses related to this agreement and arising from the negligent or willful misconduct
of an employee, official or agent of the Member Agency.

Each Member Agency takes legal and financial responsibility for the actions of their

employees, officers, and agents. Each Member Agency is solely responsible for any and all
claims, damages, fines, and expenses arising by reason of negligent acts, errors, omissions,

or willful misconduct.

12) No Authority to Act on Behalf of Other Member Agencies

Mem ber Agencies shall have no authority, either express or implied, to act on behaliof any
other signatory in any capacity whatsoever.

13) Costs

 

Member,i Agencies shall be responsible for their own costs associated with establishing,
maintaining, or terminating their access to, or participation with NCRIC-DSP Systems.
Nothing in this agreement shall be construed to mean that Member Agencies are subject to

incurring new costs as a result of participating in the 

14) Amendments

This Agreement may be amended with the unanimous written approval of all Member
Agencies. Provided, however, that no amendment may be made that would adversely
affect the interests of the owners of bonds, letters of credit, or other financial obligations

of the or any Member Agencies.

15) Conflicts of interest

No official, officer, or employee of Member Agencies shall have any financial interest,
direct or.- indirect, in the or any Systems.

16) Partial Invalidity

If any terms or conditions of this Agreement shall to any extent be judged inVaIid,
unenforceable, or void for any reason whatsoever by a court of competent
jurisdiction, the remaining terms and conditions of this agreement shall continue in

foil force and effect.

Page 8 moo

The Member Agencies hereby execute this MOU as of the individual Member Agency?s date of
exacution:

(Mill Valley Police Department 

mg
4W8)  

(Name: J.Angel Berna! Date
Title: Chief of Police
Department/Agency: Mill Valley Police Department

 

 

 

Sheriff of San Mateo Coun behalf of Northern California Regional intolligenw Center
?ail 3/25 45
Greg Munks 1 Date

Sheriff

San Mateo County

Page 9 NCRIC MOU