1221.00 Smart Phone Issuance and Usage
Refer:
- ORS § 162.305, Tampering with Records
- DIR 317.40, Authorized Use of Bureau Resources
- DIR 614.50, Release of Information
- DIR 640.02, Photography and Digital Imaging
- Application Request Review Process Outline
- Portland Police Bureau Intranet
- Portland Police Bureau Smart Phone Sustainment Plan
Definitions:
- Evidentiary Information: Any written correspondence, photo, recording or other information taken, created or documented in the ordinary course of police business that either is evidence of a crime, or that is reasonably likely to lead to the discovery of further evidence of a crime, whether that information pertains to either the possible guilt or innocence of a subject. Such information should be preserved both for investigation reasons and reasons related to the resolution of any charges in the criminal justice system.
Policy:
1. This policy provides guidance to Bureau members about the issuance process for Bureau-issued smart phones, the appropriate uses of Bureau-issued smart phones, and technology prohibitions and considerations related to smart phone use.
2. The Bureau recognizes the technological capabilities of smart phones to document and gather information; however, smart phones shall not be treated or used as body worn cameras.
3. Any member assigned a smart phone shall carry or have available that device while on duty or off duty but in paid on call status, in a manner in which it is accessible. The RU manager may grant temporary exceptions to this for specific missions or assignments.
Procedure:
1. Issuance and Replacement of Smart Phones.
1.1. A list of the work units and positions authorized to receive smart phones is located on the Intranet. Any variance from the established list requires written or email approval from the Assistant Chief of Services.
1.2. Members will contact their designated unit phone coordinator for new and replacement phone requests.
1.3. Designated phone coordinators from each unit will review and manage each member’s request.
1.3.1. The phone coordinator will submit requests to the Management Services Division (MSD) Communications Coordinator, or designee, who is the approving authority for all phone requests.
1.3.2. Phone coordinators will process replacement requests in the same manner as the issuance of new phones.
1.4. The MSD Communications Coordinator will track the replacement cycle of assigned phones and notify the RU phone coordinators when members can receive a replacement.
1.5. Members will be issued iPhones, with the exception of callout units. Callout unit members have the option of using either iPhones or Android phones. (Android phones provide prolonged notification until the user confirms receipt).
1.5.1. Members are reminded that Bureau-issued phones are City property; therefore, members shall utilize a phone case that is designed to protect the phone. Members may use the phone case that is issued with the phone or they may purchase a personal phone case at their own expense.
1.6. Callout unit members authorized to use Android phones include: Critical Incident Commanders, Crisis Negotiation Team, Explosive Disposal Units, and Special Emergency Reaction Team.
1.6.1. Members assigned to callout units who choose to swap from an iPhone to an Android will work with their phone coordinator who will then arrange the transfer of data to the new phone.
1.7. Members receiving a smart phone will retain the initial phone number assigned, regardless of the type of phone issued.
1.8. Members who have phones that are eligible for an upgrade or have phones that are unable to meet operational needs will contact their phone coordinator.
1.9. Members who retire or separate from the Bureau may request authorization from the Bureau’s Information Technology Division (ITD) to port the phone number assigned to their Bureau smart phone to their own personal phone account.
2. Reporting Lost or Stolen Phones.
2.1. Members will immediately notify their phone coordinator during business hours or the Bureau of Technology Services (BTS) Helpdesk at 503-823-5199, prompt 3, after-hours.
2.2. Members will work with ITD to identify the current location.
2.2.1. When reporting a lost or stolen phone, members must communicate what kind of information was stored or handled on the phone, and specify if it contained confidential or sensitive data (e.g., Criminal Justice Information System (CJIS) information, crime scene photos, etc.).
2.3. Members will notify their RU manager of the loss or theft as soon as practical but no later than 24 hours after discovering the loss.
2.4. Members will write a General Offense (GO) report to document the theft of a Bureau-issued phone.
2.5. Members will send a memo to their branch Assistant Chief, through channels, explaining the circumstances under which the phone went missing.
2.6. Members will coordinate with their phone coordinator to receive a new phone.
3. Members will return their smart phones to MSD upon separation before or on their last day of employment at the Bureau or on their first day of a new assignment that does not warrant a smart phone.
4. Use of Internet-Based Social Media Applications (Apps) and Websites.
4.1. Members may access social media sites currently allowed on Mobile Data Computers (MDCs) and desktops; however, members should refrain from accessing personal social media accounts on Bureau equipment.
4.2. Members should contact ITD if they are unsure whether accessing a certain website is allowed. Unless necessary for a specific duty related function, members will not enter suspicious or questionable websites.
5. Apps, Settings, and Software Compliance and Prohibitions.
5.1. Smart Phone Settings.
5.1.1. Members are prohibited from factory resetting or modifying a Bureau-issued phone’s operating system. Members shall refer to Directive 317.40, Authorized Use of Bureau Resources, for additional guidelines.
5.1.1.1. In the event the phone is reset or modified, ITD will notify the respective division manager of the incident and immediately lock and wipe the member’s phone if it is altered.
5.1.2. Members are prohibited from disabling their smart phone’s location services (i.e., GPS), as this allows ITD to locate a member’s phone in the event that it is lost or stolen. The Mobile Device Management program that ITD utilizes continually updates the last known GPS location of a member’s smart phone; however, the GPS location services function does not keep or create record of these GPS updates. The GPS location services function does not permanently store or actively track a member’s smart phone GPS coordinates, nor does it create or provide GPS historical data sets. This function shall remain inactive unless one of the circumstances under 5.1.2.1 through 5.1.2.3 occurs.
5.1.2.1. Upon a member’s notification to ITD of a lost or stolen phone, ITD will pull the last known location reported to the Mobile Device Manager in an attempt to obtain the current location in an effort to recover the member’s lost or stolen smart phone.
5.1.2.2. The Chief of Police, or a designee, may authorize ITD to pull the last known location of an individual member’s smart phone in a situation that the Chief of Police reasonably believes that a member is or may be in imminent danger of serious injury or death.
5.1.2.3. In a criminal investigation, the investigating authority would be required to follow all applicable laws and rules regarding the seizure of records pertaining to a member’s smart phone historical data. This data is not stored by ITD and is not accessible by members of ITD. In such an investigation, a court order will be obtained that authorizes the activation and monitoring of the GPS location services of a member’s assigned smart phone. This court order would be required to be served to the service provider of the cellular phone and would be limited by the capabilities of the service provider.
5.1.3. Members are prohibited from using iCloud or similar cloud-based storage because it renders the Bureau out of compliance with CJIS. ITD may provide an alternative CJIS compliant option for file sharing upon appropriate request, based on work necessity.
5.1.4. Members are prohibited from forwarding information related to Criminal Justice Information (CJI) (e.g., calls, texts, images, recordings) to a personal phone. Members who do forward information violate Criminal Justice Information System (CJIS) regulations.
5.1.5. Secure communications are enabled on a member’s phone through the Virtual Private Network (VPN) or “mobility” function. While the default setting is set to “on,” this feature may become disabled when the phone is powered off. Members must ensure mobility remains turned on each time they power their phone. Members will not intentionally turn off the mobility function. Members can search the Intranet for instructions on how to turn Mobility on by searching key words: smart phone or Mobility.
5.1.5.1. Members shall not connect to public Wi-Fi because accessing public networks will turn this function off. Once mobility is disconnected, members will lose information and phone contacts synchronized with Bureau related data.
5.2. Software Updates.
5.2.1. Members will only update their smart phone’s operating system when ITD sends an official notification approving an OS update. Members should contact their phone coordinator when uncertain if a received notification is legitimate.
5.2.1.1. Members will install updates while in a police facility and through the Bureau’s secure Wi-Fi. The update process requires five to ten minutes and is completed once the phone initiates an automatic reboot and restart.
5.2.2. Members are prohibited from disabling Smarsh, which is software that automatically downloads a member’s text messages in real time to a CJIS compliant archiving system that is maintained by ITD. Members do not need to bring their phone to the MSD Communications Coordinator to download messages.
5.2.2.1. ITD will be notified when members decline Smarsh functionality and will communicate the incident to the respective division manager.
5.3. Smart Phone Applications.
5.3.1. Members will not eliminate any application installed automatically on phones at the time of issuance.
5.3.2. Members are only allowed to install apps from a pre-determined list to include certain social media apps, as approved by the Chief’s Office, ITD, and Fiscal Services. Members are strictly prohibited from installing Apple’s iMessage, Apple’s Siri, Google’s Google Assistant, and Android S Voice onto Bureau-issued smart phones.
5.3.3. Members requesting additional functionality or applications for their smart phone will submit a memo through channels explaining the reason. Members will address specific solution(s) if identified, any costs related to the solution(s), and the added benefit from the expanded functionality.
5.3.3.1. The Adjutant for the Investigations Branch will intake each request and ITD will post the final disposition for each request on the “Smart Phone Application Request Log” file located on the Intranet.
5.3.3.2. Members can conduct a search using the word “Smart” in the File/Search menu to locate the excel spreadsheet.
5.3.3.3. A member requesting an app is responsible for checking the file for final disposition and should only submit a request for status to the Adjunct if the file has not been updated after one month has elapsed.
5.3.4. To prevent security vulnerabilities on the police network, ITD will audit all phones on an ongoing basis. Any unauthorized applications found on a phone will be removed.
5.4. ITD only supports approved applications, services, and functions developed for Bureau-issued smart phones. Members using applications from external open market sources must contact these developers directly for technical assistance.
6. Member Considerations for Using Smart Phones.
6.1. Members should be aware that all information placed on and transactions conducted on a city-issued smart phone are subject to public records laws and rules.
6.2. Information on personal phones used to conduct City business-related functions such as calling, text messaging, and emailing may be subject to Oregon Public Records Laws; all business-related information stored directly on the personal phone where the member is acting under the scope of employment may be deemed discoverable.
6.3. All Bureau-issued phones can be accessed by BTS. Members should use discretion when deciding to store information on their phones.
6.4. In order to prevent loss of contact information in the event the phone is stolen, lost, or transitioned to another phone, members should save information to the Exchange server.
6.5. Members should be aware that government email accounts do not automatically synchronize with smart phones unless members update their network password on both their computer workstation and Bureau-issued smart phone.
6.6. Members shall not synchronize their Bureau-issued smart phones with personal media accounts such as iTunes, Spotify, or Facebook.
7. Trouble-shooting and Technical Assistance.
7.1. Members who are unable to log into their smart phone after repeated failed attempts at passcode entry and receive the one minute warning on the phone’s screen should contact ITD immediately to reset their passcode. Members that need passcode reset assistance after hours should contact the Regional Justice Information Network (RegJIN) support team at
503-823-0085.
7.2. Members in need of trouble-shooting and/or technical assistance with their smart phone should contact ITD. Members can also seek information through the Bureau’s Intranet or by emailing PPBSmartphonesupport@portlandoregon.gov.
7.3. In the event ITD and BTS cannot resolve an issue or the phone is determined to be faulty, members will contact their phone coordinator for a replacement phone.
8. Capturing Evidence from Phones.
8.1. All pictures and videos taken on a Bureau smart phone are official public records and shall be retained. Members shall refer to Directive 614.50, Release of Information, for additional guidelines.
8.2. Members must follow the established processes outlined in Directive 640.02, Photography and Digital Imaging, for uploading evidentiary pictures and videos from their phone to the Digital Image Management System (DIMS).
8.2.1. Members will direct any issues and questions regarding the process to the Forensic Evidence Division’s DIMS coordinator.
8.2.2. If a member uses a phone to record images from another video recording device, the member shall ensure that the original evidentiary video footage is also obtained in accordance with normal evidence collection procedures, when practicable.
8.3. Pictures, voicemail messages, voice recordings/memos, and any other media or communications stored in a phone that is deemed as evidentiary information by law enforcement or judicial entities shall be retained.
8.4. Members are responsible for ensuring that evidence is transitioned to the appropriate system for retention. If there are any questions about what information is defined as evidence, what systems are appropriate, or the method of transitioning information from the phone to the appropriate system, the Bureau member shall contact their division manager.
History:
- Originating Directive Effective: 02/13/17
- Next Review Date: 02/13/19