Last week, the Howard County Department of Fire and Rescue Services (HCDFRS) released an Internal Safety Review Board report regarding the Line of Duty Death of Lieutenant Nathan Flynn. CHHS is honored to have worked closely with the Internal Safety Review Board throughout its eleven month investigation, providing project management and writing support. Senior Law & Policy Analyst Maggie Davis worked closely with the ISRB throughout the writing and revision process, providing on-site project management support, and was assisted by former Senior Law & Policy Analyst Jonathan Lim and Research Assistance Kyle Clevenger. Additionally, Public Safety Technology & Communications Director Christopher Webster was part of the Peer Review committee during the revision process. The report provided both analysis of the factors contributing to Lieutenant Flynn’s untimely death as well as a safety review of the entire department. CHHS commends the ISRB for their professionalism and exemplary work ethic throughout the difficult process.
Despite the rising death toll in the Democratic Republic of Congo, last week the World Health Organization (WHO) declined for the third time to declare the current Ebola outbreak as a global public-health emergency. The WHO based their decision on the finding that the risk of spread of Ebola outside the Congo was low and that any public health emergency declaration would have a negative economic impact by forcing the Congo to suspend trade and flights and close their borders.
The current outbreak in the Congo is the world’s second-deadliest Ebola epidemic with the first being the 2014 outbreak in West Africa that killed more than 11,000 people in Guinea, Liberia, and Sierra Leone. Since the current Ebola outbreak was declared in August 2018, at least 2,108 people have contracted the disease. Of those 2,108 people, 1,411 have died. Although three cases of Ebola have been identified in Uganda, officials do not expect the Ugandan outbreak to worsen because of Uganda’s strong central government and organized health care system. Additionally, the spread to Uganda is considered unlikely because Uganda has prepared extensively for an Ebola outbreak by taking preventative measures including vaccinating front-line health workers and building training facilities.
For now, the greatest area of concern is the East Congo. Due to increased violence in the area, distrust of health officials, and a shortage of Ebola vaccines, standard strategies like case identification, vaccination, and treatment of Ebola are difficult to implement. In the East Congo, about half of those individuals who have died from Ebola had no contact with doctors. Therefore, health officials are often unable to provide vaccinations and contain the further spread of the disease because the infected patients die before reaching a clinic.
With the Ebola outbreak currently contained to the Congo, the WHO declined to deem the outbreak dire enough to constitute a global public health emergency. While the WHO found the current outbreak not significant enough for such declaration, other global health experts argue that such declaration must be issued to raise international support, enhance diplomatic, public health, security, and logistic efforts, and to increase financial resources. Despite the availability of an effective vaccine and containment protocol, the current Ebola outbreak in the Congo remains largely uncontrolled and poses security risks to other countries.
Hassan Sheikh is a Law & Policy Analyst for CHHS, and works full-time assisting the Baltimore City Department of Public Health.
Measles can present in a patient anywhere between 10 to 14 days after initial exposure to the virus. Symptoms can include fever, dry cough, runny nose, sore throat, inflamed eyes, or a skin rash. Although cases have become rare due to vaccination efforts (with the United States averaging about 60 cases of measles a year from 2000 to 2010), the CDC has reported 555 individual cases of Measles between January 1st to April 11, 2019, in over 20 different states.
Measles outbreaks, defined as 3 or more cases, are currently ongoing in New York State (Rockland County), New York City, Washington, New Jersey, California (Butte County), and Michigan. The majority of individuals who developed measles were unvaccinated.
Measles is highly contagious, and can be found in the air after an infected patient coughs or sneezes. The virus can remain contagious on surfaces for up to 2 hours; an individual can spread measles from 4 days before to 4 days after the signature rash develops. Any person who is in close contact with someone who has measles should be notified of the exposure, determine if they are susceptible to getting the disease, and receive treatment if necessary. A vaccination given within 72 hours of measles exposure may provide some protection from developing measles in some cases.
Measles can be prevented with a measles vaccine. Two doses of the vaccine are recommended for children, starting at 12 to 15 months of age. In Maryland, all school children in Kindergarten through Grade 12 must be vaccinated. Women should not get the vaccine if they are pregnant, or plan to get pregnant within 4 weeks after getting the vaccine. For more information regarding the vaccine, please click here.
If you suspect you may be in contact with someone who has developed measles, please contact your doctor or local health department immediately to be tested. The Baltimore Sun reports that anyone who has visited the following locations at these times may have been exposed;
- 4000 Old Court Rd in Pikesville on Sunday, April 14 from 10:30 a.m. to 1:30 p.m.
- Market Maven (1630 Reisterstown Road, Pikesville) on Sunday, April 14 from 11:45 a.m. to 2:30 p.m.
- Seven Mile Market (201 Reisterstown Road, Pikesville) on Sunday, April 14 from 12:45 p.m. to 3:15 p.m.
There have been two clinics in Baltimore wherein the measles vaccine was administered without cost to concerned individuals. There is no current word on whether there will be another clinic. Additional information regarding measles, including instructions on what to do if you think you may have been exposed can be found here.
On July 19th, 2019, the Prince George’s County Emergency Preparedness Program and Partners will facilitate a Full Scale Exercise to practice mass medication dispensing capabilities. We are currently seeking volunteers to serve as clients to walk through a point of dispensing (POD) at Largo High School. Volunteers will be needed from 9:00 am until 12:00 pm. Please sign-up below:
By CHHS Extern Alec Prechtel
The NCAA Men’s Basketball Tournament concluded Monday night, in host city Minneapolis, with a thrilling overtime victory by the University of Virginia. Lost in the bright lights and confetti of Virginia’s victory however, were the immense security measures taken by the city of Minneapolis and event partners to ensure that the Final Four went off without a hitch. While events of this magnitude can bring tremendous publicity and economic windfall to the host cities, there are an incredible amount of security measures that need to be taken to prepare for a party of this size.
The Final Four drew a massive amount of people to downtown Minneapolis. 72,711 fans attended Saturday’s Final Four games alone, which notably does not include those without tickets who came downtown to participate in the festivities. For a city of only 422,000 people, a remarkable amount of coordination and planning is required to handle this influx in population. Security planning for a Final Four often spans longer than a year and across many state and private entities. Thirty different law enforcement agencies worked together to ensure the safety of the event. This year, law enforcement made an emphasis to have a large presence of uniformed officers to make attendees feel safe.
Security for an event of this magnitude can be expensive too, with an estimated cost of $1.3 million for the Final Four security enhancements. Minneapolis is no stranger to hosting large events, as the city recently hosted Super Bowl LII. However, there are fewer federal resources made available for hosting the Final Four. In order to help fill this gap, planners relied on a large number of volunteers, security cameras, and partnerships with private security firms. Law enforcement also relied on coordination with local bars and restaurants, and on attendees themselves, who were encouraged to speak up if they noticed anything suspicious.
Changes were made this year to attempt to provide a more fan friendly atmosphere for the Final Four as compared to the Super Bowl. The National Guard presence as well as some of the other increased security measures needed to host a Super Bowl made some notice the distinct “military feel” during the Super Bowl festivities. An event like the Final Four typically receives a Level III SEAR (Special Events Assessment Rating), which is a lower level rating than a Super Bowl, but a step up from a regular season professional sporting event. Still, the FBI had an estimated fifty to sixty local special agents, analysts, and support staff responsible for the Final Four.
While the level of security may have been lower than a Super Bowl, authorities still made sure to have a robust law enforcement presence and to make public safety a top priority. Fortunately, this preparation allowed the Final Four to go on without any major public safety issues. The weekend was considered to be a large success, with Minneapolis receiving a lot of praise for the event.
by CHHS Extern Jiah Park
In 2013, Edward Snowden, a former Central Intelligence Agency (CIA) employee and former employee of Booz Allen Hamilton, a National Security Agency (NSA) contractor, leaked information regarding the United States’ (U.S.) government’s surveillance practices, which were used on both its own citizens and foreign individuals. Through different programs, the NSA collected both content and metadata of private communications. Notable programs include PRISM, governed by Section 702 of the Foreign Intelligence Surveillance Act (FISA), and the telephone records program, conducted pursuant to Section 215 of the United and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT) Act.
Under PRISM, the government can obtain a FISA order from a Foreign Intelligence Surveillance Court (FISC), requiring an Internet services provider to disclose the contents of communications of a foreign individual. However, FISA orders are not search warrants under the Fourth Amendment, which require probable cause, and do not require a showing of probable cause that the target of the surveillance committed a crime. In fact, there is no requirement that the government have a reasonable suspicion that the target is involved with terrorist activities. Rather, the government must establish only that “a significant purpose of the acquisition is to obtain foreign intelligence information.”
Although PRISM “has not been as controversial  in the U.S., because it does not target Americans, . . . some content from Americans’ communication gets caught in the dragnet.” The program collects private communications of Americans “incidentally” when Americans communicate with foreign targets. Furthermore, according to Section 702 of FISA, FISA orders may be authorized to “target[ ] persons reasonably believed to be located outside the United States.”
Despite outcry from privacy advocates, PRISM, which was set to expire, was renewed in January 2018.
Another controversial surveillance method is the phone records program, in which the NSA collects metadata in bulk from telecommunications companies. Metadata includes information such as when you made the call, whom you called, the duration of the call, and all the same information if you received a call.
Although seemingly less invasive than disclosing the contents of a call, metadata can be just as, if not more useful to the government. While “content generally requires labor-intensive human analysis to become meaningful to the intelligence agencies,” metadata can be analyzed by a computer, “easily provid[ing] a complete [profile] of all your personal associations and interests,” says Shayana Kadidal from the Center for Constitutional Rights. This profile can be so detailed, it can be more informative than the content of the communication itself. Additionally, this metadata is collected in bulk, meaning that, in the program’s original form, which was authorized by the USA PATRIOT Act, phone companies had to disclose all logs they collected about all customers. However, in 2015, Congress passed the Uniting and Strengthening America by Fulfilling Rights and Ending Eavesdropping, Dragnet-collection, and Online Monitoring (FREEDOM) Act, which renewed many portions of the USA PATRIOT Act that were set to expire, but with limits concerning bulk collection, due to backlash from the Snowden leaks. Under the FREEDOM Act, phone companies no longer have to automatically provide the government with all of their records. Instead, phone companies retain their records, and the NSA may request access to the records from a FISC under a “reasonable articulable suspicion” standard.
The Freedom Act has decreased the number of records collected, but the NSA still collects hundreds of millions of records per year—151 million call records in 2016 related to 42 terrorism suspects, and 534 million call records in 2017 related to 40 suspects.
Although PRISM is still in effect, portions of the USA PATRIOT Act that authorize metadata collection are set to expire in December 2019, and the NSA is considering allowing its expiration because the program lacks operational value, according to people familiar with the matter.
Furthermore, technical issues may have resulted in the unauthorized collection of information, forcing officials to “purge hundreds of millions of call and text logs [from the agency’s database that] it got from phone companies . . . .”
According to a podcast segment with Luke Murray, a national-security adviser for Republican congressional leadership, the program has not been used in six months and the NSA may not seek renewal of the portions of the USA PATRIOT Act that authorize it. Lack of use of the program and lack of interest in preventing its expiration seriously undermines the NSA’s previous claims that metadata collection is vital to national security.
However, deliberations are still in the early and informal stages, and earnest debate is not expected to begin until the fall. Furthermore, any final decision about whether to end the program would be made by the White House. Nevertheless, there are a multitude of reasons that support nonrenewal.
In 2014, the Privacy and Civil Liberties Oversight Board (PCLOB) released a report regarding the phone records program. In its report, the PCLOB recommended that the government end the program, in part due to the fact that the program has not contributed in a demonstrable way to the effort to safeguard the nation from terrorism. Out of fifty-four counterterrorism events in the summer of 2013, only twelve incidents involved the use of the 215 program. The PCLOB found that the program primarily provides value to the NSA in two ways, both of which relates to information already known by law enforcement. Furthermore, the PCLOB could not identify “a single instance involving a threat to the United States in which the telephone records program made a concrete difference in the outcome of a counterterrorism investigation.”
In any case, in instances in which phone records may be necessary to an investigation, there are alternative methods by which the government may gain access to the records, such as court orders, subpoenas, and national security letters (“NSL”), authorized by the Electronic Communications Privacy Act (“ECPA”). In addition, technological changes and advancements have also made the program less useful since its introduction, such as the major shift from landline to cellular technology.
Finally, the program has serious implications on peoples’ privacy and civil liberties. As mentioned above, metadata has the ability to “reveal intimate details about a person’s life, particularly when aggregated with other information and subjected to sophisticated computer analysis.” Permitting the government to collect such data “fundamentally shifts the balance of power between the state and its citizens.”
By CHHS Extern Jaime McCoy
Big tech companies are currently self-regulated, but that could soon change. With members of Congress being younger and more diverse than ever before, it seems to be the perfect time to address the regulation of technology. Congress is currently holdings oversight hearings, and lawmakers are proposing new regulations in a crackdown on how big tech companies’ use and resell their customers’ personal information. The need to know what big tech companies are doing with consumers data is a growing need that policymakers have not adequately addressed in the past. Rep. Jan Schakowsky (D-Illinois) told NPR, “In the last two weeks alone, we learned that Facebook exposed individuals’ private health information that consumers thought was in a protected closed group, and collected data from third-party apps…on issues as personal as woman’s menstrual cycles and cancer treatment.”
The main motivation for stricter privacy regulations is that people want to know how these big tech companies are using their data. The more people are relying on technology and entrusting these companies with their private information, the clearer it becomes that Congress needs to step in and hold these companies accountable.
In the context of the current divisive political climate, it is rare for privacy regulation of tech companies to garner bipartisan support. On Tuesday, March 12, 2019, GOP Senator Josh Hawley (R-Missouri), questioned Google’s senior privacy counsel, Will DeVries, about Google’s tracking policy for the company’s Android mobile devices. It might be surprising to learn that even when users turn off their location tracking services, or even turn off their phone, the company is still gathering data about that devices’ location. DeVries defended this action by stating, “gathering location data is what makes maps work, what makes routing of calls work, and other functions.”
Hawley criticized this defense by responding, “Any robust definition of consumer welfare must acknowledge that [Google and Facebook] have harmed consumers by conditioning participation…on giving away enormous—and growing—amounts of personal information.”
This issue is not exclusive to mobile devices. Social media platforms are constantly gathering data from its users as well. Social media platforms offer free access to users, once they agree to the terms and conditions. But are these services actually free? Big tech companies make billions of dollars each year by selling advertisers insight information from the data users share on their platforms. This data is gathered from the website users visit, the posts users like on social media, and even users locations.
Most users do not normally read the Terms of Conditions before agreeing to their terms. These terms are normally lengthy, filled with legal jargon and updated frequently, making it difficult for the average user to fully understand what they are agreeing to. Tech companies should be required to inform their users upfront what data they will be collecting and what they plan on doing with that information.
Currently, some states have taken it upon themselves to enact privacy legislation that is lacking at the federal level. However, due to the global reach of technology, separate state legislation would eventually be problematic for tech companies and consumers. Dave Grimaldi of the Interactive Advertising Bureau said, “The Internet is global, it most certainly goes over state lines. And I think that changing or altering the Internet experience to state to state would be something that would be a giant turnoff to consumers and just wouldn’t help anyone.”
Unfortunately, it is very unlikely that big tech companies will stop gathering data from users. Furthermore, having states coming up with their own solutions to this issue is not the answer, as it would create greater problems for tech companies and consumers. The best resolution would be for Congress to require big tech companies to disclose what they are doing with the data collected. Congress should also consider putting requirements in place for how and what information these companies can disclose to advertisers. In regards to the terms and conditions, companies should be mandated by Congress to simplify the wording for the common user that does not have a technology background. This standard could be in line with the reasonable person standard. It is important that Congress begin to regulate big tech companies in regards to the data they are collecting from users and what they are doing with that information. Without this regulation, users are disclosing more information than the may realize to data consumers who could potentially disclose that information in the long run.
Disclaimer: The views and opinions expressed in this article are those of the author and do not
necessarily reflect the views of the Center for Health and Homeland Security.
What was your last conversation about? Were you sharing coffee with your colleagues and discussing Tom’s recent trip to Spain? Brenda was there too and you both lamented being stuck in the office as you listened to Tom describe his adventures. At any rate, you go back to your desk and have a quick scroll through Facebook and suddenly you see an ad for flights to Spain. What’s going on? Is Facebook listening to you through your phone?
While we can’t know for certain, and Mark Zuckerburg has adamantly denied the accusation, it seems unlikely that Facebook is actively listening to your conversations. The first reason why it’s not likely is that you would notice if your phone’s microphone is constantly on and uploading voice data files to the internet on a regular basis. Application and data settings within both iPhone’s and Android allow you to view how much data an app is sending or receiving. While audio files aren’t particularly large, you would still notice an uptick in data usage. Battery usage would also be a concern as phones with an always listening feature for their voice assistant tend to have SoC chips in order to combat the power draw of listening for a particular phrase. Your phone either doesn’t have this chip, or if it does, Facebook does not have access to root permissions to interface with this chip.
The second reason Facebook probably isn’t listening to you is because of the coverage they would receive. More, and more, and more, Facebook keeps appearing in the news under negative light. It’s surprising how viable they are considering the awful things they’ve been found to partake in. All of these news stories would pale in comparison to actual, irrefutable proof that Facebook has active mics to listen to your everyday conversations. Sure, the trope is around and people make jokes about them listening – but if it came to fruition there would (hopefully) be a mass exodus from the website.
The final reason, and perhaps the most upsetting of the three – is that they don’t really need to listen to you. Voice transcription technology has gotten fairly strong as evidenced by our many voice assistants like Amazon Alexa – but the technical power it would take to comb through hours and hours of raw voice recordings, transcript it all, comb through to find relevant conversations, and then voice match it to the particular person they want to would be exhaustive. Instead of that, Facebook has used a variety of smart techniques to build a profile for you. First, even if you’re not on Facebook – they have a profile for you. Second, Facebook can track you outside of Facebook’s website using cookies. On top of those particularly unsettling realizations, Facebook has your contact list (along with the contact list of most of the people in your contact list), your location at most times, your birthday, your likes, the posts you click on, the ads that interest you, your web searching habits, and so on. With all of this information, Facebook can target you pretty well.
So let’s circle back to our initial scenario. Tom’s trip to Spain? Facebook probably knows you and Tom work together, Facebook probably knows that Tom was in Spain, and maybe Brenda seriously wished she was somewhere warm and beautiful. She Googled Spain – enough to trigger an algorithm to send you an ad about flights to Spain, hoping that you and Brenda purchase some flights (netting Facebook some extra cash).
What does that mean for you? Well, it depends on your personal values and what you as an individual get out of using Facebook. They most likely aren’t listening to you through your phone mic, but the idea that they don’t need to is genuinely more worrisome. As of this writing, Facebook made the news again today by admitting they left “hundreds of millions of passwords in plain text”. I’d leave Facebook if I could, and have essentially stopped posting anything to it (even though they own both WhatsApp and Instagram, but that’s a different story), but I haven’t deleted my account because unfortunately Facebook is still an excellent service to stay connected. My high school reunion was organized through Facebook, my graduate school’s events were organized through Facebook, and Facebook remains the easiest option to quickly message someone I don’t regularly text or call.
I have no doubt that as soon as a viable alternative to Facebook appears, people will hop over to it. The problem is that social networking websites are only as helpful as the amount of people using them, and people don’t want to use new ones since they already have the old, more robust, network (R.I.P Google+). While we wait Facebook out we need to encourage our representatives to take a hard look at how we protect citizen’s privacy and the internet as a utility going forward – however given Ajit Pai and his views on net neutrality, the utter incompetency Congress showed while questioning Mark Zuckerburg, and just the general complete lack of oversight surrounding the internet they’ll need a lot of encouragement.
By CHHS Extern Suhani Chitalia
Per- and polyfluoroalkyl substances (PFAS) are a group of man-made chemicals that include PFOA, PFOS, and GenX. PFAS are commonly found in packaging used for food, commercial household products, industrial work environments, drinking water and living organisms. PFAS presents a threat to public health because most people come into contact with PFAS and the chemicals can accumulate and stay in the human body for a long period. Harvard University researchers have reported that public drinking water supplies serving more than 6 million Americans exceed the EPA suggested threshold for PFAS. Studies indicate that PFOA and PFOS can impact infant birth weights, the immune system, and can cause cancer and thyroid hormone disruption.
On February 14th, the Environmental Protection Agency announced a refined plan to address a set of “forever chemicals” that have long posed a threat to millions to Americans. The PFAS Action Plan establishes three overarching goals: (1) provide both short-term solutions and long-term strategies to address this important issue (2) provide a communication plan to address this emerging environmental challenge and (3) respond to the extensive community engagement inputs and public docket letters. However, many environmental groups and impacted communities have found that the “action plan” falls short in regulating these toxic chemicals. Impacted communities have stated the suggestive measures set forth by EPA are not sufficient and that binding maximum exposure limits should be established and enforced. This initial action by the EPA is merely a start to the process of regulating these harmful drinking water contaminants, and enforceable limits seem to be a distant reality.
Because the regulatory process is often slow and burdensome (experts estimate that setting a federal limit to PFAS exposure under the federal rulemaking process can take as long as ten years), States have been forced to take the lead in addressing PFAS exposure. Thus far, however, only New Jersey has formally adopted PFAS drinking water standards toxic chemicals. New Jersey has set the Maximum Contaminant Level (MCL) to 13 parts per trillion as recommended by the New Jersey Drinking Water Quality Institute. At least another seven states have policies or have indicated that they plan to pursue policies stricter than the EPA’s current health advisory of 70 parts per trillion.
The courts are also serving as an avenue for change and progress to address toxic chemicals. Thus far, courts have focused on Military Sites because they are commonly known to have PFAS contamination. The Department of Defense has identified approximately 400 current or former military sites with known or suspected contamination. This past October, affected communities in Pennsylvania won a major victory in a Third Circuit ruling addressing a lawsuit against the United States Navy. The judicial decision will ultimately allow individuals whose drinking water was contaminated with PFSA chemicals from neighboring Naval military bases to proceed with their lawsuits against the U.S. Navy. The Third Circuit recognized the damaging effects of toxic chemicals released from the military bases, and asks the Navy to pay for medical surveillance of exposed families so that serious health problems associated with exposure to chemicals can be detected early.
PFAS has been around for decades and their toxicity levels and impacts on human health are now being brought to light. It is important that government officials move forward with stringent regulations, and where they are not willing, that state governments step in to protect public health.
Several CHHS staff members will share their expertise with public health preparedness professionals nationwide as presenters at the 2019 Preparedness Summit on March 26th & 27th in St. Louis, MO. Please see the schedule and hyperlinks below for details.
If you are attending the Summit, we hope to see you at our presentations!
Tuesday, March 26, 2019
1:30 PM – 3:00 PM CT
Presentation: When Should a Public Health Crisis be Declared an Emergency? A Look at Using Emergency Powers to Combat Public Health Issues Like the Opioid Crisis
Using the opioid overdose crisis as a case study, this presentation examines state emergency powers, their practical use in combating opioid overdoses, and potential impacts emergency declarations may have on combating this and other public health crises.
Senior Law and Policy Analyst
Public Safety Technology Program Director
Wednesday, March 27, 2019
8:30 AM – 10:00 AM CT
Presentation: A, B, C, Disaster: Increasing Community Resilience through Enhanced Relationships with Early Childcare Providers & Educators
Learn about the critical role childcare providers and educators can play in response and recovery, and how public health officials and emergency responders can utilize and support this key resource to enhance children’s well-being and build community resilience. Workshop ideas, experiences, and best practices with other professionals in the field.
Public Health Program Director
12:00 PM – 3:30 PM CT
The National Capital Region (NCR) assessed its regional vulnerabilities in providing emergency medical countermeasures (MCM) to its population during a widespread biological incident. Other jurisdictions may adopt the NCR’s assessment process to identify and prioritize MCM response vulnerabilities for their future regional preparedness efforts.
Senior Law and Policy Analyst