The other public safety agencies that we sometimes forget

I’ve been working with law enforcement agencies for a long time now, and have interacted with several federal law enforcement agencies, a number of state agencies, and a number of county/parish/city agencies.

(I really shouldn’t do this again. I really shouldn’t do this again. I really shouldn’t do this again.)

In fact, as Ed McMahon would say, those interactions mean that I have interacted with all of the levels of law enforcement in the United States.

And, as can be expected, Johnny Carson steps in to correct this mistaken assumption.

By Johnny_Carson_with_fan.jpg: Peter Martorano from Cleveland, Ohio, USAderivative work: TheCuriousGnome (talk) – Johnny_Carson_with_fan.jpg, CC BY 2.0,

Because, you see, there are other law enforcement agencies in the United States that are outside of the jurisdiction of the states.

By Presidentman – Own work, CC BY-SA 4.0,

Forensic Magazine recently reminded us of this in its article “DOJ Gives Nearly $1 M to NamUs to Support American Indians, Alaska Natives Cases.” But before I get into these other law enforcement agencies, let’s look at why the National Missing and Unidentified Persons System (NamUs) work with Native Americans is important.

“Our research tells us that American Indians and Alaska Natives experience violence at rates well above those of many other groups, a disparity that is sadly reflected in reports of missing and unidentified Native Americans,” said Jennifer Scherer, Acting Director of the National Institute of Justice, the division of the Justice Department’s Office of Justice Programs that manages NamUs.

So about a million dollars is going to the NamUs system. But like other federal systems, the DOJ doesn’t work alone.

Since 2017, NamUs staff have provided training and outreach to American Indian and Alaska Native communities through more than 50 events and webinars. To encourage tribal law enforcement participation…

Allow me to pause right here.

Yes, there are over 200 tribal law enforcement agencies that are outside of the control of the states.

Tribally operated law enforcement agencies provide a broad range of public safety services. They respond to calls for service, investigate crimes, enforce traffic laws, execute arrest warrants, serve process, provide court security, and conduct search and rescue operations. 

So let’s go back to NamUs and see how it works with these agencies.

To encourage tribal law enforcement participation, the NamUs system is pre-loaded with information on more than 300 federally-recognized tribal law enforcement agencies so officers can quickly access cases and share information. 

(Over 200, over 300, we’ll figure the real number out later.)

In many cases, the relevant federal agencies merely operate as clearinghouses so that tribal, state, or other agencies can seamlessly work together to solve crimes. Because crime often crosses state (or reservation) borders, this collaboration is crucial. It lets the relevant law enforcement agencies achieve their common purpose:

…to increase the chances of case resolution.

FindBiometrics didn’t find THIS biometric

On Monday, FindBiometrics posted its annual “year in review” survey of biometrics professionals, asking a number of questions.

FindBiometrics asked about face and finger, the most commonly used biometric modalities. But there were also questions that touched upon voice biometrics, behavioral biometrics, and several other biometric modalities.

You could echo the late Ed McMahon and say that FindBiometrics covered EVERY meaningful biometric modality in its 2021 year in review survey.

Allow me to play the Johnny Carson role and say that Ed was WRONG.

By Johnny_Carson_with_fan.jpg: Peter Martorano from Cleveland, Ohio, USAderivative work: TheCuriousGnome (talk) – Johnny_Carson_with_fan.jpg, CC BY 2.0,

Or let me play the role of Steve Jobs and say that there’s ONE MORE THING.

By mylerdude – Flickr, CC BY 2.0,

So, what did FindBiometrics miss in its year in review? Only the “one more thing” that will revolutionize law enforcement forever.

Two announcements that changed law enforcement booking (in some states, anyway)

By Mauroesguerroto – Own work, CC BY-SA 4.0,

I’ve written about rapid DNA before (for example, after the Surfside building collapse). Rapid DNA is a process that automatically generates a DNA profile in less than two hours, as opposed to more manual-intensive procedures that could take much longer, especially when huge backlogs result in many months’ wait before DNA can be processed.

Rapid DNA cannot be used for every DNA application (commingled DNA is “an extremely critical challenge” and very difficult to process automatically), but there’s one instance in which DNA can technically be used, and that’s in the arrest/booking process.

By U.S. Immigration and Customs Enforcement (Department of Homeland Security) –, Public Domain,

What if, at the same time that an arrested person provides the state with his or her fingerprints, the person also provides a DNA sample?

Then, at the same time that the fingerprints are searched against local, statewide, and national databases to verify the person’s identity and (via “reverse searches”) see if the person is responsible for additional crimes, the DNA can also be searched against various databases.

However, even in states that authorized DNA collection for some arrests, the U.S. Federal Bureau of Investigation wouldn’t allow rapid DNA profiles collected in a booking environment (as opposed to a crime laboratory) to be searched against its database.

Until February 2021.

Effective February 1, 2021, ANDE received approval from the FBI for its technology to be deployed in booking stations to support processing of DNA samples from qualifying arrestees and the automatic upload and searching of these DNA IDs against the National DNA Index System (NDIS). 

ANDE (formerly NetBio) is one of two manufacturers of rapid DNA systems. The other manufacturer, Thermo Fisher Scientific (formerly the independent company IntegenX), followed with its own announcement in July.

The U.S. Federal Bureau of Investigation (FBI) has approved Thermo Fisher Scientific’s Applied Biosystems RapidHIT ID DNA Booking System for use by law enforcement booking stations to automatically process, upload and search DNA reference samples from qualifying arrestees against the U.S. National DNA Index System (NDIS) CODIS database.

This means that today’s multimodal booking environments, which already support capture of friction ridges (fingerprints and palmprints), faces, and occasionally irises, can now also capture DNA.

Now I’ll grant that the continued expansion of mobile driver’s licenses to more states, as well as the final approval of the ISO/IEC 18013-5 standard, will have a greater impact on society at large. After all, the number of people with driver’s licenses is much larger than the number of people who get arrested. (Currently.)

But quadmodal booking biometrics deserves a mention. If we’re going to talk about quadmodal learning, let’s talk about quadmodal biometrics (finger, face, iris, DNA) also.

Maybe FindBiometrics will devote more time to DNA in its 2022 year in review.

OK, two MORE things

By the way, if you want more information about when the FBI authorizes rapid DNA and when it does not, as well as the standards that apply, check this page.

The FBI did not have anything to do with this video, which is tangential to the topic at hand, but I’m sharing it because Bob Mothersbaugh not only has a tasty guitar solo, but also a prominent singing part.

Putting your finger on the distribution of latent prints (the 30% palm estimate)

Back when automated fingerprint identification systems (AFIS) were originally expanded to become automated fingerprint/palmprint identification systems (AFPIS), a common rationale for the expansion was the large number of unsolved latent palmprints at crime scenes.

By Etan J. Tal – Own work, CC BY-SA 3.0,

The statistic that everyone cited was a statistic that 30% of all latent friction ridge prints at crime scenes were from palmprints. Here’s a citation from the National Institute of Justice.

Anecdotally, it is estimated that approximately 30% of comparison cases involve palm impressions.

Note that the NIJ took care to include the word “anecdotally.” Others don’t.

It is estimated that 30 percent of latent prints found at crime scenes come from palms.

But who provided the initial “30% of latents are palms” estimate long ago? And what was the basis for this estimate? This critical information seems to have been lost.

By Apneet Jolly – originally posted to Flickr as Candy corn contest jar, CC BY 2.0,

Now I don’t have a problem with imprecise estimates, provided that the assumptions that go behind the estimate are well-documented. I’ve done this many times myself.

But sadly, any assumptions for the “30% of latents are palms” figure have disappeared over the years, and only the percentage remains.

Is there any contemporary evidence that can be used to check the 30% estimate?


The blind proficiency study wasn’t blind regarding the test data

Latent print quality in blind proficiency testing: Using quality metrics to examine laboratory performance.

A Center for Statistics and Applications in Forensic Science study (downloadable here) was published earlier this year. Although the study was devoted to another purpose, it touched upon this particular issue.

The “Latent print quality in blind proficiency testing: Using quality metrics to examine laboratory performance” study obviously needed some data, so it analyzed a set of latent prints examined by the Houston Forensic Science Center (HFSC) over a multi-year period.

In the winter of 2017, HFSC implemented a blind quality control
program in latent print comparison. Since its implementation, the
Quality Division within the laboratory has developed and inserted
290 blind cases/requests for analysis into the latent print comparison unit as of August 4, 2020….

Of the 290 blind cases inserted into casework, we were able to
obtain print images for 144 cases, with report dates spanning approximately two years (i.e., January 9, 2018 to January 8, 2020)….

In total, examiners reviewed 376 latent prints submitted as part
of the 144 blind cases/requests for analysis.

So, out of those 376 latent prints, how many were from palms?

The majority of latent prints were fingerprints (94.3%;
n = 350) or palm prints (4.9%; n = 18). Very few were joint impressions or unspecified impressions (0.8%; n = 3)….

The remaining 5 of 376 prints were not attributed to an anatomical source because examiners determined them to be of no comparative value and did not consider them to be latent prints.

For those who are math-challenged, 5 percent is not equal to 30 percent. In fact, 5 percent is much less than 30 percent. (And 4.9% is even less, if you want to get precise about it.)

Now I’ll grant that this is just one study, and other latent examinations may have wildly different percentages. At a minimum, though, this data should cause us to question the universally-accepted “30%” figure.

As any scientific institute that desires funding would proclaim, further research is needed.

And I’ll grant that. Well, I won’t grant it, but some government or private funding entity might.

Friday thoughts on expungement

The act of looking at something changes it., The Observer Effect: Seeing Is Changing
By Dhatfield – Own work, CC BY-SA 3.0,

(I am not a lawyer. I figure that I should say that up front.)

As an automated fingerprint identification system (AFIS) product manager, and in other roles related to AFIS, I have dealt with the concept of expungement.

The American Bar Association (ABA) defines expungement as follows:

In law, “expungement” is the process by which a record of criminal conviction is destroyed or sealed from state or federal record. An expungement order directs the court to treat the criminal conviction as if it had never occurred, essentially removing it from a defendant’s criminal record…

This post looks at various aspects of expungement, including its applicability outside of government (both in the US and in GDPR-land), the difference between sealing and destruction of records, how your (above) average technology product manager deals with expungement, and my huge philosophical question regarding the DOCUMENTING of expungement.

You can’t expunge the public record

Now obviously there are limits to the effects of expungement. If the California court system were to declare that some notorious criminal’s conviction were to be expunged, it would be impossible to treat the conviction “as if it had never occurred,” at least in the public eye. Millions of websites, newspaper and magazine articles, and books would have recorded the conviction for posterity, and it isn’t like you can go from house to house and remove every copy of the relevant People magazine article or New York Post article that mentioned the conviction.

New York Post, “OJ does ‘lard’ time!”

Well, at least you can’t remove them in my country.

Or maybe you can

It’s a different matter in the countries where the General Data Protection Regulation (GDPR) is in force, where at least the online public record of a conviction CAN be removed. Article 17 of the GDPR (the “right to erasure” or the “right to be forgotten”) says in part:

The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies…

…the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject…

So in this case an expungement order CAN be extended beyond government records.

Or at least to the online search record. In late 2019, Google was ordered to remove record of three 1999 Der Spiegel articles that mentioned a convicted murderer.

But in a 2018 case, web archives did NOT have to remove records of a 1991 murder.

But perhaps there are dark web samizdat records that detail all of these non-forgotten facts, far from the prying eyes of the enforcers in Brussels.

The difference between sealing and destroying a record

Let’s return to government records in the U.S.

Because expungement is (mostly) a state process, the specific details of expungement differ from state to state. As the ABA notes, different states have different definitions of how records should be expunged.

  • The ABA notes that in Kentucky, it is sufficient to seal the record, which means that only certain privileged people can view the record, but the record still exists. (I was unable to independently confirm that this is still the case in Kentucky, but it appears that Arkansas generally only offers sealing, with the exception of juvenile records.)
  • The state of Washington, however, requires all expunged records to be destroyed so that NO ONE can see them. RCW 13.50.270 details how and when records should be destroyed when destruction is required.

How to implement expungement

As an AFIS product manager, I had to think about the consequences of expungement. For a live AFIS, the method for handling this varied.

  • In the cases where it was sufficient to seal a record, the whole process could be handled by role based access control. My products (Omnitrak and Printrak BIS) had long lists of access privileges, and different access privileges could be assigned to different roles. So, for example, the privilege to view a sealed record could be given to a “supervisor” role, but denied to a “trainee” role.
  • In the cases where you actually needed to destroy an expunged record, you would of course handle things differently. Someone whose role had the privilege to delete records would simply go to the record in question, double-check and triple-check to make sure that the right record was selected, ask the system to delete the record, and answer the inevitable “Are you sure?” question to actually delete the record.

Note that the descriptions above apply to a live AFIS. If you REALLY wanted to be thorough about this, you’d need to think about the backups. Any critical system such as an AFIS is backed up on multiple levels, with the backups stored in different areas. So perhaps an underground bunker several hundred miles from the AFIS site might contain a year old backup that may include an expunged record. Something to think about.

How to document expungement

But these concerns paled in comparison to the philosophical one that surrounds any mention of expungement.

Let’s say that I was convicted of burglary, my state allows me to expunge my burglary conviction, and my state is one of the states that requires destruction of expunged records. (For the record, I was never convicted of burglary. But how would you know?)

To start the process, I or my lawyer would have to fill out a form (here’s Illinois’ form) listing the case numbers of the records that I want expunged.

After I (or my lawyer) submitted my request, some process would need to take place to approve the request to expunge.

After that, the records would be expunged in accordance with the relevant state laws.

So far so good.

But what happens next?

From my perspective, I would want to make sure that the records were expunged as I requested. From the state’s perspective, the state would want to ensure that the expungement order was carried out.

But if I file a question with the state that asks whether my burglary conviction was expunged, I am acknowledging within state records that I was convicted for burglary. And if the state produces a report of the records that were expunged, and my burglary conviction is listed on it, then the state is acknowledging within state records that I was convicted for burglary.

I guess the workaround is for me to ask the state, “Hey state, could you provide me with a list of my criminal convictions?” At this point the state would respond, “Here’s your list of criminal convictions…hmm, you don’t have any.”

At this point I would ask, “Are you sure?”

So the state would respond, “Well, let’s check the backups.”


By DC Comics – Two-Face Year One #2, Fair use,

Case studies, revisited

A little over a month ago, I mentioned that Bredemarket was going to be getting some more case study work. And it has.

No, not that type of case! By Michael Kammerer (Rob Gyp) – Own work, CC BY-SA 4.0,

(I’m gonna run my “case” study visual joke all the way into the lost baggage room.)

So how is my client USING these case studies that I am helping the client to create?

To win more business from law enforcement customers.

When my client’s law enforcement customers are pleased with the client’s offering, they’re willing to participate in case studies addressed to OTHER law enforcement customers.

Case studies are effective because they speak to the needs of the readers. The reader has a problem, and the case study tells how a similar entity solved that same problem. In this case, a law enforcement agency learns of a solution that has already worked for another law enforcement agency. “If it worked for my friends in the next county, it will work for me also.”

“Hey, mate, did you read the case study about that software package that Bruce’s agency uses?” By Love Makes A Way –, CC BY-SA 2.0,

The power of case studies doesn’t just work for law enforcement. It can work in any industry where the customers band together to help each other out. E-commerce developers. Security experts. Mobile car washing services.

If you’re a company that provides identity solutions (or technology solutions, or other solutions), and you have customers who will rave about your product to other customers, then you’re a candidate to create a case study. If you want help, contact me.

Case studies: a win-win

I just found out that Bredemarket will be getting more case study work, which I’m looking forward to because case studies can often be enjoyable.

No, not that type of case! By Michael Kammerer (Rob Gyp) – Own work, CC BY-SA 4.0,

While case studies can take a variety of forms, my primary experience with case studies is when a customer explains how a vendor’s solution helped to solve a customer problem. While customers may sometimes want to avoid direct endorsements of a vendor products, a customer can truthfully state how a vendor product helped the customer solve the problem.

If I can use an example that predates my consulting career, I was once involved in a case study in which a law enforcement agency talked about a particular product for law enforcement customers.

  • This type of customer is all too happy to talk about something that keeps the bad people off the streets, since the case study lets the citizens know that the law enforcement agency is taking steps to protect the citizens.
  • And of course the product vendor is all too happy to be associated with this, since it provides a vivid demonstration of how the product works.

A win-win for both customer and vendor, both of whom can look like heroes with the proper case study.

Whenever constructing a case study that features a law enforcement agency or anyone else, it’s important to remember that the vendor’s solution is not the COMPLETE solution to whatever problem is solved in the case study. Again returning to the law enforcement example, the most amazing product gizmo is completely worthless unless a trained person actually applies the gizmo, and knows when to apply the gizmo. And most criminal cases are not solved with a single gizmo, but with multiple gizmos…and a lot of hard work from the law enforcement agency that brings everything together to solve the crime.

Of course, case studies aren’t restricted to law enforcement customers and software products. You can construct a case study out of anything. They can be medical (“Case Study: A Patient with Asthma, Covid-19 Pneumonia and Cytokine Release Syndrome Treated with Corticosteroids and Tocilizumab”), service-related (Direct Travel’s case study of a consumer goods manufacturer), or even relate to adult toys (SEO Design Chicago’s case study for a client who had to overcome advertising challenges due to Google restrictions on sensitive content).

Anyway, I’m looking forward to more case study work…in the biometric, secure document, or technology areas. (I’m not going to cure COVID with novelty items.) In the work I’m about to do, I’ll get to learn about the vendor, and about the vendor’s customer, and how they worked together to solve a particular problem. My part in the process is to help the vendor communicate the story, while emphasizing the benefits that the vendor’s product can provide to customers.

(If you’re interested in understanding benefits, and the difference between benefits and features, take a look at this Hubspot article.)

While brings us to the shameless plug (you knew this was coming after my last post): if you need assistance in coming up with the words for a case study, contact me. I can help with the initial ideas, participate in customer interviews to get information, and draft the words of the case study itself. Bredemarket’s collaborative process ensures that the final written product communicates the client’s desired message. For case studies, this includes mutual agreement on the objective and the outline, and client reviews of the draft iterations of the case study until the final text is delivered.

And even if you don’t use me, business leaders should be thinking about how case studies can help their business, and which of their customers would be willing to participate in a case study…for mutual benefit.