In that case, the defendant was arrested because of an error in a police database, and a search incident to arrest yielded drugs and a gun, which the Supreme Court said should not be excluded from evidence. Murphy's piece offers one of the best big-picture analyses on the implications of that decision vis a vis computer databases that this writer has seen, though it should be said the Texas Court of Criminal Appeals already had created the same exception to our statutory exclusionary rule years before. Anyway, suffice it to say the same issues arise in Texas state and federal law.
Murphy emphasizes a point I think very few people, even (perhaps especially) those working in the system, ever consider: Eighteenth-century constitutional restrictions in the Bill of Rights which are supposed to regulate modern police conduct were written decades before the first professional police department was ever created, even in London, much less the United States, and use of modern databases in law enforcement has transformed the profession in radical ways just since the turn of the 21st century. Here's a bit of a lengthy excerpt providing some of that little-discussed history:
The criminal justice system's reliance on databases is both old and new. As many know, the formal, organized, public police first emerged as a concept around 1829, when Robert Peel organized the London bobbies. The first detective unit in the United States was formed shortly after in 1846 in Boston, at a time when tracking down criminals largely remained a private sector gig. Dominated by companies such as the (in)famous Pinkertons, the unit's work consisted largely of pounding the pavement (and suspects). Indeed, many of the modem tools of detecting -- "[s]ophisticated criminal investigation techniques-well-organized crime records systems, fingerprints, crime labs -- did not appear until the twentieth century." Even Alphonse Bertillion's pioneer anthropometrical system of identification in the late 1800s depended largely upon manual recording and comparison of measurements.The first truly modern, searchable databases, says Murphy, most prominently the one for fingerprints (AFIS), didn't appear till 1999, but they've quickly proliferated. These databases have transformed law enforcement, Murphy argues. Instead of developing suspicion, then using data held by law-enforcement to confirm, today suspicion is often developed based on the databases themselves, whether or not the information is accurate.
The first primitive databases emerged around the same time, at the turn of the century. For instance, as early as 1919, the California State Bureau of Identification introduced a punch-card system for storing and retrieving modus operandi information. But perhaps the watershed moment of government databasing occurred in the early 1930s, around the time that J. Edgar Hoover opened the Federal Bureau of Investigation's first criminal evidence laboratory, which included fingerprint processing capacities, hair, blood, and firearm analysis. As part of the new emphasis on forensic science, FBI implemented its first fingerprint database-a card sorter that capitalized on the technology created to tabulate the census and that led to the formation of IBM."
Just a little over a decade later, the development of the mainframe computer in 1946 and the replacement of punch cards with magnetic tape significantly advanced databasing possibilities,' but it remained a largely primitive technology. By as late as 1984, the federal fingerprint database the most advanced forensic database available-still depended primarily on manual recording and retrieval. At best, it served as an efficient means of organizing cards for retrieval, rather than for generating leads or links. Linking two fingerprints required manual comparison of an unknown scene sample with, for instance, the 23 million criminal cards on file with the FBI.'
The 1980s, however, initiated a period of rapid change. Personal computers became commonly available. Law enforcement began to recognize and harness the potential of electronic storage and retrieval. And then, remarkably, the Internet was born. Connectivity became possible in ways previously unimagined, and storage capacity reached new heights. The foundations for the modem criminal justice databases had been set.
Why might that be a concern? Writes Murphy: "The true risk is a leaping-to-conclusions, or confirmation bias. It is the fear that the individual will be sucked into a morass of suspicion from which escape is arduous or impossible - Kafka's The Trial, not Orwell's Big Brother." You can't cross-examine a database and often the information they contain comes from many different, frequently untraceable sources that may not be correct or complete.
In Texas this is a particularly salient issue because many jurisdictions have a bad habit of reporting arrests to the statewide data system but fail to report the outcome of the cases. So if someone is arrested and charged with a crime but charges are later dismissed, the dismissal doesn't always make it into the system. The Governor's office recently threatened to withhold federal grant money from counties that don't quickly improve their data entry rates for dispositions in older cases.
The above history, writes Murphy, makes "two points abundantly clear: first, that there are an enormous number of databases in the criminal justice system, and second, that the database, as it exists today, has really only been around for ten or so years. Any person who has witnessed the past fifteen years of technological advancement knows, without reading a law review article, that online databases have transformed modem life. Yet surprisingly few changes have occurred in actual constitutional doctrine in response to widespread databasing."
Databases don't just record information like putting them in a file drawer but instead transform it, she argues:
the import and the impact of a database occurs less with regard to the moment of the information's acquisition than with all the moments that then may follow. Indeed, acquisition may not represent any kind of threat to individual liberty or privacy at all. Recall the criminal records database at issue in Reporters Committee [an early SCOTUS database-related case] - there, the Court acknowledged that the true significance of the database was not its contents, which were all technically a matter of public record, but the act of compiling and rendering that information accessible in a particular way.For the most part, though, says Murphy, US courts have not applied or created constitutional doctrines to regulate law enforcement database use, but instead most cases focus on statutory interpretation in narrow, individual cases. Murphy argues that databases, by their nature, require structural instead of individualized, case-by-case oversight:
it is arguably impossible to regulate databases substantively - to truly inquire whether a particular series of tests or entries or searches were accurate, fair, and correct. But it is much easier to impose procedural requirements upon databases-to inquire into the existence and thoroughness of protocols for those processes and to presume inadequate or defective any database system maintained without them. Certain structural devices are demonstrably effective in minimizing mistakes, and with greater attention, others would be uncovered. A constitutional doctrine that looks for the signs of good management-think scrutiny of policies for access controls, or regular audits, or blind tests-is far more likely to improve database deployments in society than one that attempts to determine whether a database has failed or not in a case-specific context.In her view:
regulation of databases require constitutional criminal procedure to focus less upon deliberate or intentional abuses of power than upon unintentional omissions, or mere benign neglect. There is always the risk that a malfeasant actor will corrupt or exploit a database system, to be sure. But constitutional regulation of databases aimed at ferreting out intentional harms will be very thin indeed; it is far easier to do harm, and far greater harm can be done, through mere benign neglect of database systems than through intentional manipulation.If the exclusionary rule won't apply to negligent database errors, then there needs to be some other deterrent. Historically, civil liability is the other, obvious legal recourse, but police officers are immune from liability for most negligent, on the job errors. Otherwise, the only other option (and an entirely unsatisfying one) is a special-interest driven patchwork of database-by-database restrictions in statutes or agency rules created over time, which is precisely what we have now.
The split among the Justices in Herring starkly illustrate this distinction. The majority viewed the sole purpose of the exclusionary rule to be deterrence and concluded that applying the rule yielded little deterrent benefit with regard to a negligent recordkeeping error. In contrast, Justice Ginsburg in dissent argued that more than marginal deterrence was possible, in the specific context of database entry, even when the complained of error constituted mere negligence in care.
A more profound understanding of how databases are transforming law enforcement will inevitably require similarly transformative constitutional doctrines that the courts have so far refused to articulate, argues Murphy:
rather than follow an industrial age model reliant upon physical acquisition, constitutional doctrine would transition to an information age approach based on knowledge, creation, and dissemination. Such attentiveness would offer more effective safeguards around the creation and utilization of databases, and be responsive to concerns about insufficient auditing structures and function creep. Viewed as living, evolving organisms rather than as static repositories of discrete bits of information, the lawfulness and constitutionality of a database would more closely correspond to its actual use and deployment.Grits wanted to raise these questions in some depth because, since federal and state courts have punted on the issues, governance of law-enforcement databases for the time being now falls almost exclusively to the states, or to the agencies operating the databases when the states eschew that responsibility. So it'd be appropriate, at this point, to see statutory regulation of law enforcement databases step up over the next few years to fill in the vacuum, probably driven both by episodic scandal and growing demands by the public for protection of electronic privacy. Murphy has performed a mitzvah by outlining the complexities of the problem and articulating underlying principles, if not specific details, for potential reforms.
RELATED: Database errors and the consequences of qualified immunity.