OFFICE OF THE ATTORNEY GENERAL STATE OF ILLINOIS Lisa Madigan XFI ORNE1 OENERAI. February 10, 2017 Via electronic mail Mr. Mick Dumke Staff Reporter Chicago Sun - Times 350 North Orleans, 10th Floor Chicago, Illinois 60654 mdumke@suntimes. com Via electronic mail Ms. Charise Valente General Counsel Chicago Police Department 3510 South Michigan Avenue Chicago, Illinois 60653- 1020 pacola@chicagopolice. org RE: FOIA Request for Review — 2016 PAC 43924; CPD No. P051374 Dear Mr. Dumke and Ms. Valente: This is determination letter is issued pursuant to section 9. 5( 0 of the Freedom of Information Act ( FOIA) ( 5 ILCS 140/ 9. 5( 0 ( West 2014)). For the reasons discussed below, the Public Access Bureau concludes that the Chicago Police Department ( CPD) violated the requirements of FOIA by denying in its entirety the August 25, 2016, FOIA request submitted by Mr. Mick Dumke and Mr. Chris Fusco. On that date, Mr. Dumke and Mr. Fusco, on behalf of the Chicago Sun -Times, submitted a FOIA request to CPD seeking: A copy of the Strategic Subject List with personal identifiers — including names and IR numbers — removed or redacted. This should include the SSL scores; age; race; gang affiliation; block number; community area or police district of 500 South Second Street, Springfield, Illinois 100 West Randolnh Street Chicaan. Illinois 62706 • ( 60601 • 217) 782- 1090 • 13121814- 3000 • TTY: ( 877) 844- 5461 • TTY: ( R001964- 3013 • Fax: ( 217) 782- 7046 Fax: ( 31 21 R14 - 1R06 Mr. Mick Dumke Ms. Charise Valente February 10, 2017 Page 2 residence; and other relevant data, possibly including arrest/ conviction history and whether they have been shooting victims.'" On August 30, 2016, CPD denied the request in its entirety, citing sections 7( 1)( c), 7( 1)( d)( v), 7( 1)( d)( vi), 7( 1)( f), and 7( 1)( v) of FOIA ( 5 ILCS 140/ 7( 1)( c), ( 1)( d)( v), ( 1)( d)( vi), ( 1)( f), ( 1)( v) West 2015 Supp.), as amended by Public Act 99- 642, effective July 28, 2016). CPD asserted, in pertinent part: The Strategic Subject List ( SSL)] is a unique and specialized investigative technique developed by CPD in response to a significant increase of fatal incidents within the city of Chicago involving firearms and other dangerous weapons. Disclosing this record would enable offenders to anticipate and thwart police response strategies, exposing officers and the public to risk of harm. * * * Given the imminent and ongoing nature of gun violence on city streets, the release of such documents would compromise sensitive law enforcement data, the effectiveness of the techniques and systems, and jeopardize the physical safety of citizens of Chicago. t21 On September 7, 2016, Mr. Dumke and Mr. Fusco submitted the above -captioned Request for Review contesting CPD' s denial. On September 12, 2016, this office sent a copy of the Request for Review to CPD and asked it to provide an unredacted copy of the responsive record for this office' s confidential review, together with a detailed explanation of the legal and factual bases for the asserted exemptions. On November 30, 2016, CPD issued a written response in which it provided explanations in support of the applicability of only sections 7( 1)( c) and 7( 1)( d)( v) of FOIA, electing to drop its assertions that the other exemptions that it had cited in its denial would apply. On December 2, 2016, CPD provided this office with an unredacted copy of the responsive record. On December 5, 2016, Mr. Dumke submitted a reply maintaining that FOIA requires CPD to provide him with responsive information. On December 7, 2016, CPD provided this office with a spreadsheet describing each SSL column heading. 25, 2016). E- mail from Mick Dumke and Chris Fusco to Chicago Police Department FOIA officer ( August Letter from P. O. Zuniga, # 10919, Freedom of Information Officer, Chicago Police Department, to Mick Dumke, Chicago Sun -Times ( August 30, 2016). Mr. Mick Dumke Ms. Charise Valente February 10, 2017 Page 3 BACKGROUND In its response to this office, CPD stated the following about the SSL: The SSL is an investigative technique developed to offer services to individuals assessed to most likely become the victim or perpetrator of violence. The SSL is comprised of program codes, algorithm, specific selection criteria, and inputs that are inextricably utilized to compile a predictive listing of individuals assessed to become a potential party to a violent crime. The system generates and assigns a number or " score" to the compiled list based on an individual' s past history of unlawful conducts in conjunction with other personal factors unique to each individual assessed. The SSL collects data from public sources. Primarily, data is collected from CPD arrest records over the last four years?: In addition, CPD officials have provided information about the contents of the SSL to the public via the media on multiple occasions. For instance, based on an interview with Jonathan Lewin, Deputy Chief of CPD's technology and records group, the Chicago Tribune reported: The department will not reveal all the risk factors that go into the algorithm or the weight given them, saying to do so would allow criminals to undercut its effectiveness. But at police headquarters in mid-July, Lewin discussed some of the key factors: an individual' s criminal history, especially any weapons offenses or crimes of violence; their age at their first arrest; whether the nature of their arrests escalated over the years; if they had been the intended targets of shootings or the victims of violence; and if those they' ve been arrested with had themselves been shot?) Lever from Juren Ekwejunor- Etchie, Associate Staff Attorney, Chicago Police Department, Office of Legal Affairs, to Joshua M. Jones, Supervising Attorney, Office of the Attorney General ( November 1, 2016), at 2. Jeremy Gomer, With violence up, Chicago police focus on a list of likeliest to kill, be killed, Chicago Tribune ( July 22, 2016, 3: 54 PM), http:// www. chicagotribune. com/ news/ ct- chicago- police- violencestrategy- met- 20 1 60722- story. htm I. Mr. Mick Dumke Ms. Charise Valente February 10, 2017 Page 4 Further, the New York Times quoted CPD Superintendent Eddie Johnson as stating that the SSL has nothing to do with your race, your background. It' s just all about the contacts you have with law enforcement." 5 ANALYSIS It is a fundamental obligation of government to operate openly and provide public 140/ 1 ( expediently and efficiently as possible in compliance with [ FOIA]." 5 ILCS West 2014). Under section 1. 2 of FOIA ( 5 ILCS 140/ 1. 2 ( West 2014)), "[ all] records in records as the custody or possession of a public body are presumed to be open to inspection or copying." When a responsive record contains both information that is exempt from disclosure and information that is not exempt from disclosure, " the public body may elect to redact the information that is exempt[,]" but " shall make the remaining information available for inspection and copying." ( Emphasis added.) 5 ILCS 140/ 7( 1) ( West 2015 Supp.), as amended by Public Act 99- 642, effective July 28, 2016. In addition, a public body that wishes to withhold information " has the burden of proving by clear and convincing evidence" that it is exempt from disclosure. 5 ILCS 140/ 1. 2 ( West 2014). Section 7( I)( d)( v) of FOIA Section 7( 1)( d)( v) of FOIA exempts from disclosure: Records in the possession of any public body created in the course of administrative enforcement proceedings, and any law enforcement or correctional agency for law enforcement purposes, but only to the extent that disclosure would: r+ v) disclose unique or specialized investigative techniques other than those generally used and known or discloseinternal documents of correctional agencies related to detection, observation or investigation of incidents of crime or misconduct, and disclosure would result in demonstrable harm to the agency or public body that is the recipient of the request[.] 5Monica Davey, Chicago Police Try to Predict Who May Shoot or Be Shot, N. Y. Times ( May 23, 2016), https:// www. nytimes. com/ 2016/ 05/ 24/ us/ armed- with- data- chicago- police- try- to- predict- who- may- shoot- orbe- shothtml? r0. Mr. Mick Dumke Ms. Charise Valente February 10, 2017 Page 5 When construing a statute, the primary purpose is to ascertain and give effect to the intent of the General Assembly. Southern Illinoisan v. Illinois Department of Public Health, 218 III. 2d 390, 415, 844 N. E.2d 1, 14 ( 2006). " The best evidence of legislative intent is the language used in the statute itself, which must be given its plain, ordinary and popularly understood meaning." Nelson v. Kendall County, 2014 IL 116303, ¶ 23, 10 N. E. 3d 893, 988 2014). When a term is undefined in a statute, it is entirely appropriate to use a dictionary to help determine its meaning. Lacey v. Village of Palatine, 232 III. 2d 349, 363, 904 N. E. 2d 18, 26 2009). The term " harm" is defined as: " Injury, loss, damage; material or tangible detriment." Black' s Law Dictionary ( 10th ed. 2014), available at Westlaw BLACKS. Accordingly, in order to withhold requested information under this exemption, a public body must prove that it would suffer injury, loss, or damage if the information were to be disclosed. In support of its assertion of section 7( 1)( d)( v), CPD asserted: While the information contained within the SSL are publicly available, the manner and circumstance in which the data is compiled, analyzed, organized, searched and reported is a novel and specialized technique that is not generally known[.] * * * Disclosure of SSL information would unavoidably disclose the SSL' s inner workings. Thus, disclosure of the SSL score, algorithm, program codes, or its categorical fields would reveal a CPD investigative technique and could reasonably frustrate future investigations and operations by exposing the details and type of information CPD uses in the course of its operations. Specifically, individuals identified can be expected to alter their behavior rendering the predictive nature of the SSL as a tool ineffective for future investigations. Individuals armed with this knowledge can be expected to devise countermeasures to actively evade CPD' s detection and hinder CPD operations. 161 CPD also argued that section 7( 1)( d)( v) is equivalent to exemption ( 7)( E) of the Federal FOIA ( 5 U. S. C. § 552( b)( 7)( E) ( 2016)), which exempts from disclosure law enforcement records that " would disclose techniques and procedures for law enforcement investigations or prosecutions, or would disclose guidelines for law enforcement investigations or prosecutions if such disclosure could reasonably be expected to risk circumvention of the law." Under this provision, " information pertaining to law enforcement techniques and procedures properly is Letter from Juren Ekwejunor- Etchie, Associate Staff Attorney, Chicago Police Department, Office of Legal Affairs, to Joshua M. Jones, Supervising Attorney, Office of the Attorney General ( November 1, 2016), at 2, Mr. Mick Dumke Ms. Charise Valente February 10, 2017 Page 6 withheld * * * where disclosure reasonably could lead to circumvention of laws or regulations." Skinner v. United States Dept ofJustice, 893 F. Supp. 2d 109, 112 ( D. D. C. 2012). For example, in Miller v. United States Dept ofJustice, 562 F. Supp. 2d 82 ( D. D. C. 2008), a Federal District court held that forms used by the FBI to develop psychological profiles of criminals were properly withheld based on the agency' s explanation of how suspects could use the information to circumvent the effective use of techniques for developing profiles. However, " vague and conclusory" assertions that give " no explanation of how the information, if released, could risk circumvention of the law, no explanation of what laws would purportedly be circumvented, and little detail regarding what law enforcement purpose is involved" are inadequate to "justify withholding records under the FOIA." American Civil Liberties Union of Southern California v. United States Citizenship & Immigration Services, 133 F. Supp. 3d 234, 243- 44 ( D. D. C. 2015). CPD cited multiple Federal cases that it claims to be instructive here, as discussed below. In reply, Mr. Dumke stated that he is not seeking " the ' program codes, algorithm, selection criteria' or other information showing how exactly the scores were computed[,]" but rather " data that would essentially show what types of people are on the list." 7 Further, Mr. Dumke contended: I] n a year in which more than 700 people have been murdered and thousands of others shot in Chicago, it' s hard to buy the argument that at -risk individuals would be overly concerned with deceiving the police for the purpose of lowering their SSL scores. Besides, how would someone convicted of carrying an illegal weapon -- to cite one possible example -- somehow block the police from acquiring that information and factoring it into his SSL score? And isn' t the purpose of the SSL to get potential victims or perpetrators of violence to alter their behavior? 181 Having closely examined the SSL and considered CPD' s arguments, this office finds no basis to conclude that disclosure of the SSL would cause demonstrable harm to CPD. Although CPD claims that individuals would be identified by disclosure of the SSL, Mr. Dumke' s request expressly permits CPD to redact personally -identifying information, obviating that concern. To the extent that the remaining information could lead to the identity of a person, CPD has not demonstrated that the information could be used to impede CPD' s performance of its public duties in any manner, nor to otherwise cause CPD injury, loss, or damage. The claim E- mail from Mick Dumke to Josh Jones, Supervising Attorney, Public Access Bureau, Office of the Illinois Attorney General ( December 5, 2016). E- mail from Mick Dumke to Josh Jones, Supervising Attorney, Public Access Bureau, Office of the Illinois Attorney General ( December 5, 2016). Mr. Mick Dumke Ms. Charise Valente February 10, 2017 Page 7 that "[ i] ndividuals armed with this knowledge can be expected to devise countermeasures to actively evade CPUs detection and hinder CPD. operations" is vague and conclusory. Before analyzing the cases cited by CPD, this office notes that although cases construing provisions of the Federal FOIA may provide guidance in construing similar provisions of the Illinois FOIA,9 they are not dispositive of the meaning of the State Act. CPD relies on several cases interpreting exemption 7( E) of the Federal FOIA. Because Illinois' FOIA was patterned after the Federal Act, these cases may provide some insight into the meaning of the section 7( 1)( d)( v) exemption. However, the validity of CPD' s denial must be determined by the specific language of the State provision. Citing Gordon v. F.B.I.,388 F. Supp. 2d 1028 ( N. D. Cal. 2005), CPD argued that the SSL's program codes, algorithm, selection criteria, categorical fields, score, and compiled list as a law enforcement investigative technique is akin to the FBI' s records pertaining to its nofly or watch lists investigative techniques." In Gordon, the FBI argued that records falling into the following categories were exempt from disclosure under exemption 7( E): "( I) watch list selection criteria; ( 2) procedures for dissemination of watch lists; ( 3) procedures for handling potential/ actual name matches; ( 4) raising/ addressing perceived problems in security measures; and ( 5) compilation of watch lists ( involving such things as the adding or removing of names)." Gordon, 388 F. Supp. 2d at 1035- 36. Thus, the records at issue in Gordon were different from the record at issue here, as the SSL does not set out such procedural mechanisms. Even if information in the SSL is indicative of CPD' s selection criteria, the SSL itself does not reveal how the criteria are applied. The court in Gordon stated that it did not find it hard to believe, based on its in camera review, that " potential terrorists would use the information [ if disclosed] to circumvent the watch lists[,] i19 but here CPD did not provide evidence sufficient to show that disclosure of the responsive portions of the SSL would enable a person to circumvent the SSL's reach or otherwise cause harm to CPD. In particular, this office notes that CPD has previously publicly disclosed portions of the selection criteria such as criminal history and other background information that are static and cannot be altered or othenvise used to avoid inclusion on the SSL. Therefore, Gordon is inapposite. Next, citing Marcusse v. U.S. Dept. ofJustice Office of Information Policy, 959 F. Supp. 2d 130, 147 ( D. D. C. 2013), CPD argued that a record compiled from publicly -available information can be exempt from disclosure under the law enforcement techniques exemption if 9l11inois courts have recognized that because Illinois's FOIA statute is based on the Federal FOIA statute, decisions construing the latter, while not controlling, may provide helpful and relevant precedents in construing the state Act. See Margolis v. Director, Ill. Department of Revenue, 180 111. App. 3d 1084, 1087, 536 N. E. 2d 827, 828 ( 1st Dist, 1989). 1° Gordon, 388 F. Supp. 2d at 1036, Mr. Mick Dumke Ms. Charise Valente February 10, 2017 Page 8 the manner in which the information is searched, organized, and reported is a specialized law enforcement technique not known to the public. In Marcusse, the FBI applied exemption 7( E) of Federal FOIA to " a procedure and technique" used by special agents to collect data from public sources during an investigation. Marcusse, 959 F. Supp. 2d at 147. The court granted summary judgment in favor of the FBI in light of the FBI' s representation that disclosure of the information "' would divulge a specific law enforcement technique that could allow an individual to alter their behavior in order to avoid detection by the particular system or the information that the system captures.' Marcusse, 959 F. Supp. 2d at 147 ( quoting Hardy Decl. ¶ 114). This office agrees that the manner in which publicly -available information is searched, organized, and reported could potentially constitute a specialized law enforcement technique within the meaning of section 7( 1)( d)( v) of FOIA, but, crucially, the public body must prove that the disclosure of such a technique would cause it demonstrable harm in order for that information to be exempt from disclosure. As stated above, CPD has not shown that the responsive portions of the list could be used to harm CPD if disclosed. For the same reason, Sutton v. I.R. S., 99 A. F. T. R. 2d 2007- 387 ( N. D. 111. 2007) does not support CPD' s claims. In that case, the plaintiff sought " all underlying files, work papers, and documents pertaining to" the IRS' s notice of deficiency against him, and in response the IRS withheld discriminant function (" DIF") scores. See Sutton, 99 A. F. T.R. 2d 2007- 387. DIF scoring is the method used by the IRS to identify tax returns that should be examined or audited." Sutton, 99 A. F. T. R. 2d 2007- 387. The court held that none of the information on four specific pages concerning the IRS' s DIF scores could be segregated out without disclosing the DIF scores, and that "[ g] iven that an unscrupulous taxpayer could use DIF information to avoid examination or audit, the determination that disclosure of the DIF scores would seriously impair assessment, collection, or enforcement under the internal revenue laws [ was] not arbitrary and capricious." Sutton, 99 A. F. T.R. 2d 2007- 387. Conversely, there is no evidence that a person equipped with SSL scoring information would be able to use it to harm CPD within the meaning of section 7( 1)( d)( v). Unlike theplaintiff in Sutton, who sought information concerning why he specifically was targeted and penalized by law enforcement, Mr. Dumke is not seeking information concerning particular persons. Moreover, CPD' s assertion that " the. SSL information cannot be segregated as disclosure of its inextricably connected information would reveal the. SSL score"' is contradicted by CPD' s public declarations that the SSL " does not use race, gender, ethnicity, or geography" as scoring components. I2 The fact that such demographic fields Letter from Juren Ekwejunor- Etchie, Associate Staff Attorney, Chicago Police Department, Office of Legal Affairs, to Joshua M. Jones, Supervising Attorney, Office of the Attorney General ( November 1, 2016), at 4. Going Inside The Chicago Police Department' s ' Strategic Subject List', CBS Chicago ( May 31, 2016, 7: 58 AM), http:// chicago. cbslocal.com/ 20I6/05/ 31/ going- inside- the- chicago- police- departments- strategicsubject- Iist/. Mr. Mick Dumke Ms, Charise Valente February 10, 2017 Page 9 in the SSL could be disclosed at a minimum without revealing any SSL scoring factors demonstrates that it was improper for CPD to deny the request in its entirety under section 7( 1)( d)( v) of FOIA. CPD' s citation of Abdelfattah v. U.S. Immigration and Customs Enforcement, 851 F. Supp. 2d 141 ( D. D.C. 2012) is also unavailing, both because in that case the plaintiff did not contest that the redacted information fell within the 7( E) exemption and because there is no indication that the " program codes, investigative notes, and internal instructions" at issue in that case bear any similarity to the type of information withheld here. See Abdelfattah, 851 F. Supp. 2d at 145. 13 Because CPD has not demonstrated by clear and convincing evidence that there is no meaningful portion of the SSL that can be disclosed without causing demonstrable harm to CPD, 14 this office has determined that CPD' s complete denial under section 7( 1)( d)( v) violated the requirements of FOIA. Section 7( 1)( c) of FOIA Section 7( 1)( c) of FOIA exempts from disclosure "[ p] ersonal information contained within public records, the disclosure of which would constitute a clearly unwarranted invasion of personal privacy, unless the disclosure is consented to in writing by the individual subjects of the information." Section 7( 1)( c) defines " unwarranted invasion of personal privacy" as " the disclosure of information that is highly personal or objectionable to a reasonable person and in which the subject' s right to privacy outweighs any legitimate public interest in obtaining the information." A public body' s assertion that the release of information would constitute an unwarranted invasion of personal privacy is evaluated on a case- by- case basis. Chicago Journeymen Plumbers' Local Union 130, U.A. v. Department of Public Health, 327 Ill. App. 3d 192, 196, 761 N. E. 2d 1227, 1231 ( 1st Dist. 2001). The phrase " clearly unwarranted invasion of personal privacy" evinces a strict standard to claim the exemption, and the burden is on the CPD cited two additional cases — Muslim Advocates v. U.S. Dept. ofJustice, 833 F. Supp. 2d 92 D. D. C. 201 1), and McGehee v. U.S. Dept. ofJustice, 800 F. Supp. 2d 220 ( D. D. C. 2011) — in arguing that law enforcement investigative techniques need not be unknown to the public in order for section 7( I)( d)( v) to apply. However, this determination hinges not on whether the techniques involved in the SSL are publicly known, but on whether CPD proved that disclosure of those techniques would cause demonstrable harm to CPD. Therefore, this office finds it unnecessary to further discuss those two cases. 11This office notes that FOIA does not mandate " the separation of disjointed words, phrases, or even sentences which taken separately or together have minimal or no information content." Mead Data Central, Inc. v. U.S. Department of Air Force, 566 F. 2d 242, 261 n. 55 ( D. C. Cir. 1977). Mr. Mick Dumke Ms. Charise Valente February 10, 2017 Page .10 public body having charge of the record to prove that standard has been met. Schessler v. Department ofConservation, 256 Ill. App. 3d 198, 202, 627 N.E.2d 1250, 1253 ( 4th Dist. 1994). In support of its assertion of section 7( 1)( c), CPD asserted: Because the information contained within the SSL is derived predominantly from public sources and inextricably intertwined, its information cannot be segregated. Disclosure of any portion of the SSL would ultimately and unavoidably reveal the whole. Such disclosure would reveal information identifying, inter alia, innocent third parties, witnesses, and victims with past criminal records. Such a disclosure would constitute an unwarranted invasion of personal privacy as third parties identified may not presently be the subject of a criminal investigation. The privacy interests of innocent third parties, witnesses, and victims outweigh any legitimate public interest in the disclosure of the SSL. IIs Mr. Dumke replied that CPD had not shown how " non -personal or composite data" is exempt from disclosure, and he reiterated that he is " not asking for individual names, case numbers, or other personal identifiers.i16 It is well- settled that when personally - identifying information is redacted from a record and it is not otherwise evident to whom the remaining information pertains, disclosure of the record in redacted form would not cause an unwarranted invasion of personal privacy. See, e. g., Bowie v. Evanston Community Consolidated School District No. 65, 128 I11. 2d 373, 380, 538 N. E. 2d 557, 560 ( 1989) ( disclosure of a de -identified record does not cause a clearly unwarranted invasion of personal privacy); State Journal -Register v.. University of Illinois Springfield, 2013 IL App ( 4th) 120881, ¶ 66, 994 N. E. 2d 705, 720 ( 2013) ( because nothing in the content of an e- mail identified a student aside from her name, the e- mail was not exempt from disclosure under section 7( 1)( c) once the student's name was redacted). Disclosure of the SSL with identifying information redacted would not cause an unwarranted invasion of any individual' s personal privacy. Mr. Dumke and Mr. Fusco' s FOIA Letter from Juren Ekwejunor- Etchie, Associate Staff Attorney, Chicago Police Department, Office of Legal Affairs, to Joshua M. Jones, Supervising Attorney, Office of the Attorney General ( November 1, 2016), at 2. 16E - mail from Mick Dumke to Josh Jones, Supervising Attorney, Public Access Bureau, Office of the Illinois Attorney General ( December 5, 2016). Mr. Mick Dumke Ms. Charise Valente February 10, 2017 Page 11 request specifically asked that personal identifiers be removed or redacted. This office' s review of the SSL left no question that responsive information can be disclosed without " ultimately and unavoidably reveal[ ing] the whole[,]" because the individually - identifying information can be separated from the non -individually identifying information. Moreover, there is no support for CPD' s assertion that the " privacy interests of innocent third parties, witnesses, and victims" would somehow be implicated by the disclosure of a de -identified copy of the SSL. Thus, CPD violated the requirements of FOIA by denying Mr. Dumke and Mr. Fusco' s request in its entirety pursuant to section 7( 1)( c). CONCLUSION To remedy its violation of FOIA, this office requests that CPD provide Mr. Dumke and Mr. Fusco with a copy of the SSL after redacting the personally - identifying information. The Public Access Counselor has determined that resolution of this matter does not require the issuance of a binding opinion. This letter closes this matter. If you have any questions, please contact me at ( 312) 814- 8413, jjones@atg. state. il.us, the Chicago address listed on the first page of this letter. Very truly yours, JOSHUA M. JONES Supervising Attorney Public Access Bureau 43924 f 71c improper 71 dv improper pd