Article

Constraining Big Brother: The Legal Deficiencies Surrounding Chicago’s Use of the Strategic Subject List

Aaron Tucek

B.A. 2015, Emory University; J.D. Candidate 2019, The University of Chicago Law School.

Many thanks to Professor Aziz Huq for his insightful feedback and helpful critiques. Thank you as well to The University of Chicago Legal Forum for the opportunity to develop this research and the tireless editorial support.

TABLE OF CONTENTS

I. Introduction

In August 2013, the Chicago Tribune ran a story describing the consequences of a new predictive analysis strategy used by the Chicago Police Department (CPD) to prevent violence.1 The predictive strategy it describes feels almost Kafkaesque—unknown government analysts use a mysterious computer program to estimate the risk someone will be involved in violence, then send in police officers to surprise that unsuspecting person and threaten them with consequences if they do not change their ways:

Robert McDaniel was puzzled when the Chicago police commander dropped by his West Side home unannounced last month. The visit was cordial, but Barbara West’s message was clear: Don’t commit any more crimes or face the consequences. McDaniel, who has multiple arrests on suspicion of minor offenses but only one misdemeanor conviction, learned to his surprise that he had made the so-called “heat list” with more than 400 others across the city who have been deemed by the department to be most prone to violence — either as a perpetrator or victim. Interviewed at his Austin home, McDaniel said he was offended at being singled out by West, commander of the Austin police district. All the attention made him nervous because his neighbors noticed, leading them, he feared, to wonder if he was a police snitch. Two officers waited outside on the porch while the commander and a criminal justice expert spoke to McDaniel in his home. A 17-year-old girl was shocked to learn she was among a handful of women on the list.2

The new predictive strategy described by the Chicago Tribune was an early iteration of the Strategic Subject List (SSL). The SSL represents Chicago’s contribution to the cutting edge of modern law enforcement: predictive policing. If this early usage of the program is disconcerting, its expansion in the years since is shocking: as of 2016, the Chicago Police Department used the SSL to monitor nearly 400,000 Chicago residents.3

This Comment examines the legal implications of such an expansive and intrusive regime of predictive analytics. It first describes the background of predictive policing in Chicago by summarizing the publicly available knowledge regarding the SSL. It then examines the SSL using three different legal frameworks: the Fourth Amendment, the Due Process Clause of the Fourteenth Amendment, and the Illinois Civil Rights Act.

This analysis reveals several constitutional and statutory defects in the current usage of the SSL. Chicago police almost certainly cannot use the SSL as a basis for reasonable suspicion or probable cause. Placing someone on the SSL may constitute an unreasonable search in violation of the Fourth Amendment, depending upon how current doctrine continues to evolve. Placing someone on the SSL also violates the Fourteenth Amendment by depriving that person of protected liberty interests in information privacy and avoiding stigma without due process of law. Finally, by disproportionately burdening Chicago’s African-American and Latino communities, current usage of the SSL results in a racially disparate impact in violation of the Illinois Civil Rights Act. In light of these numerous deficiencies, the City of Chicago should at a minimum provide individuals on the SSL with notice and the opportunity to be heard; the city should also reform the program to eliminate its racially disparate impact. However, disbanding the SSL program altogether would best protect the substantial privacy interests of Chicago residents.

II. Predictive Policing in Chicago

This Comment seeks to answer an important question for Chicago residents: is the Chicago Police Department using the SSL in a manner consistent with the rights of the city’s citizenry? The first step towards answering this question requires understanding the factual circumstances surrounding Chicago’s usage of the SSL. Consequently, this section endeavors to explain the concept of predictive policing and its application in the City of Chicago, the relevant technical aspects of the SSL, and the manner in which Chicago police use the SSL.

A. Predictive Policing Generally

Although the term “predictive policing” encompasses a broad umbrella of police strategies, it primarily characterizes any approach that seeks to utilize modern computing power to better prevent crime. As the National Institute of Justice explains:

Predictive policing tries to harness the power of information, geospatial technologies and evidence-based intervention models to reduce crime and improve public safety. This two-pronged approach—applying advanced analytics to various data sets, in conjunction with intervention models — can move law enforcement from reacting to crimes into the realm of predicting what and where something is likely to happen and deploying resources accordingly.4

Thus, unlike traditional policing strategies that react to crime, predictive policing seeks to move the focus to proactively preventing crime.5 Such approaches build upon patrol officers’ local knowledge of their beat6 and the “CompStat” systems developed in the 1990s that popularized the use of crime data in policing decisions.7 Predictive policing innovates over these earlier methods by using of computer algorithms to analyze large datasets.8 That said, predictive policing is not limited to describing “the application of computer modeling to historical crime data to predict future criminal activity.”9 Predictive policing is best understood as “any crime fighting approach that includes a reliance on information technology (usually crime mapping data and analysis), criminology theory, predictive algorithms, and the use of this data to improve crime suppression on the streets.”10

There are two general categories of predictive policing: place-based and person-based.11 The place-based method takes a “heat map” approach,12 which involves “drawing on crime data, geography, weather information, consumer financial records, property records, and other data to predict where and when future crime is most likely to occur.”13 By contrast, the person-based method seeks to predict who will be involved in future criminality.14 This technique can involve a “social network analysis,” in which a computer program seeks to “identify likely criminality based on the role an individual plays within a social network,”15 as well as compiling lists of “individuals [police] predict will commit crimes in the future or are involved in ongoing criminal activity but have not yet been caught.”16 Although multiple jurisdictions have experimented with both types of predictive policing strategies,17 place-based strategies are more common.18

The Chicago Police Department utilizes both place-based and person-based predictive strategies. In the place-based category, Chicago police use technologies known as “HunchLab” and “ShotSpotter.”19 HunchLab “combines crime data with factors including the location of local businesses, the weather, and socioeconomic information to forecast where crime might occur,” while ShotSpotter “uses sensors to locate the source of gunshots.”20 As part of a pilot program aimed to deploy police resources more effectively and reduce response times, these technologies are currently operated out of “Strategic Decision Support Centers” in six districts.21 The Police Department credits these support centers, which operate as “‘hyperlocal’ intelligence hubs support[ing] a predictive deployment of officers,”22 as directly contributing to a decline in violence in the districts where they are operational.23 Within this person-based category lies this Comment’s primary focus, the SSL, which Chicago police have used since 2012.24

B. The Strategic Subject List

The Chicago Police Department describes the SSL as a tool used “to rank individuals with a criminal record according to their probability of being involved in a shooting or murder, either as a victim or an offender.25 The algorithm involved, based initially on work done by Yale sociologist Andrew Papachirstos,26 considers a variety of factors mostly related to a person’s criminal history.27 Although the precise factors used have evolved in subsequent iterations of the software,28 the most recent publicly available version of the SSL29 took eight factors into consideration: “[1] number of times being the victim of a shooting incident, [2] age during the latest arrest, [3] number of times being the victim of aggravated battery or assault, [4] number of prior arrests for violent offenses, [5] gang affiliation, [6] number of prior narcotic arrests, [7] trend in recent criminal activity and [8] number of prior unlawful use of weapon arrests.”30 Using these factors, the algorithm calculates “a score from 1 to 500, with higher scores representing greater risk for future involvement with a shooting or murder.”31

Chicago police have not been forthcoming regarding the weight which the algorithm gives each of these eight factors when calculating a final score.32 Nevertheless, by using linear regression analysis, the New York Times was able to estimate the likely impact of each factor.33 Journalists concluded that age and victimhood were the two elements with the greatest impact on the SSL risk score:34

Factor	Marginal Increase in Risk Score
No. of assault or battery incidents (as victim)	+34
No. of shooting incidents (as victim)	+17
No. of arrests for violent offenses	+15
Trend in criminal activity	+14
No. of unlawful use of weapon arrests	+12
No. of narcotics arrests	+5
Gang affiliation	+4
Age (per decade)	–41

However, police have acknowledged that the algorithm has changed since the public release of this data: the program no longer considers gang membership,35 and less weight is now given to gun and drug arrests.36 Unless police have added additional factors that have not been made public, these changes suggest the current algorithm relies even more heavily upon victimhood and age.

Age is the only demographic category included in the risk score calculations. Police describe the algorithm as “not us[ing] any information about where the person lives, or race or gender, only the pattern of criminal activity.”37 That said, the database includes information on gender, race, residency, and the location of most recent arrest.38 And the police statement that the SSL risk score reflects only “the pattern of criminal activity”39 is not strictly accurate. If the New York Times estimates are correct, then the inclusion of the age variable “[p]ractically limits the list to young people: No one older than 30 falls within the highest-risk category with a score at or above 480.”40 Furthermore, if victim experiences have the next largest impact, then each risk score would seem to reflect the criminal behavior of others more than that of the individual to which the score is given. Finally, the extent to which the data captures “criminal activity” is questionable. The SSL calculations use data on arrests, not convictions.41 Given the presumption of innocence, arrest data is at best, an imperfect measure of criminal activity.

The Chicago Police Department has also been misleading about the size of the SSL. Early statements by police officials to the media suggested that the list contained only about 1,400 names.42 Yet a lawsuit by the Chicago Sun Times, which forced the Police Department to disclose information regarding the SSL to the public, revealed that the list “includes more than 398,000 entries—encompassing everyone who has been arrested and fingerprinted in Chicago since 2013.”43 Police officials have since argued that the 1,400 figure referred only to “individuals who score 480+ which are the highest risk to become a suspect or victim of gun violence.”44 However, this statement is not accurate per the publicly available data. In this data, only 285 people have a risk score of 480 or higher.45 Reaching the 1,400 figure requires looking at all those who have scores of 429 and above.46 While it is true that people in this group were disproportionately likely to be involved in a shooting or murder, the New York Times found “that [this] disproportionate share amounted to less than 20 percent of the total gun violence in Chicago in 2016.”47 Rather, the majority of gun violence involved individuals with risk scores in the range from 300-420.48

Furthermore, the list mainly tracks men of color. Although the algorithm does not consider race in calculating risk scores, this does not mean that the actual distribution of individuals on the list is blind to race. African-Americans account for more than half of the individuals on the list.49 Furthermore, Chicago Magazine reports that 56 percent of black men aged 20-29 and 23% of Latino men aged 20-29 residing in Chicago have an SSL score, compared to only 6% of white men in the same age range.50 Additionally, the Chicago Sun Times reports that “the vast majority of people with the highest score—85 percent—were African-American men.”51 Considering this demographical data in light of the importance of age in determining risk score discussed above, the SSL serves largely to identify young African-American men as being particularly at risk for violence.

C. Uses of the Strategic Subject List

The Chicago Police Department uses the SSL for two purposes: intervention and enforcement. The intervention prong proceeds through the use of a “Custom Notifications” system. Unfortunately, very little is known publicly about how the SSL factors into CPD enforcement activities. Chicago police have largely refused to disclose any information regarding how they use the list.52 Nevertheless, enough information is available to draw reasonable conjectures as to how the data is being employed.

1. Intervention

One use of the SSL is to provide social services to those particularly at risk of violence through a program known as “Custom Notifications.”53 As Police Department policy explains:

The custom notification will identify those at-risk individuals and reach out to advise them of the risks and consequences of their actions should they engage in criminal conduct. The goal is to ensure the individual is not only informed of the law enforcement consequences for deciding to engage or continue in gun violence, but also of the devastating impact of gun violence within their community. Opportunities for seeking assistance will also be provided during the custom notification. However, it is ultimately the decision of the individual to choose not to engage in criminal activity.54

Review of the SSL is a primary tool used by District Intelligence Officers to identify individuals eligible to receive a custom notification.55 As CPD policy further explains, once an individual is identified, they will be contacted by a “Custom Notifications Team” formed specifically to get through to the individual.56 This team then delivers a “Custom Notifications Letter” to the identified individual and explains the contents of the letter.57 According to the Police Department,

The Custom Notification Letter will be used to inform individuals of the arrest, prosecution, and sentencing consequences they may face if they choose to or continue to engage in public violence. The letter will be specific to the identified individual and incorporate those factors known about the individual inclusive of prior arrests, impact of known associates, and potential sentencing outcomes for future criminal acts.58

Chicago police frequently tout the role the SSL plays in this Custom Notifications process, noting that “police use the list to identify the most at-risk people and reach[] out to community organizations to help them in ‘finding success in life outside of crime.’”59 However, the Custom Notifications process fundamentally remains a law enforcement deterrence tool. Department policy clearly states that “custom notifications serve as notice that law enforcement action will not be random, but rather targeted and specific to the individual, and the failure to follow the clear and consistent message to cease participating in gun violence will have specific and cognizable penalties, as contained within the custom notification letter.”60 During visits by a Custom Notifications team, “the police bluntly warn that the person is on the department’s radar,”61 and make clear that “further criminal activity, even for the most petty offenses, will result in the full force of the law being brought down on them.”62 CPD policy makes clear exactly what “full force of the law” means in such circumstances: “[t]he highest possible charges will be pursued for any individual in the Custom Notification Program.”63

Although inclusion in the Custom Notifications Program can thus result in serious consequences, the small scope of the program limits its impact. As Chicago Magazine reports, “in 2016, 1,024 notifications were attempted, 558 were completed, and only 26 people attended a call-in.”64 Furthermore, in the three years prior to 2016, police attempted only 1,300 custom notifications of individuals with SSL scores.65 Thus, the great majority of individuals on the SSL will not interact with the Custom Notifications program.

2. Enforcement

Beyond simply delivering Custom Notification, however, Chicago police also use the SSL for enforcement purposes. Although the CPD has told the media that “the SSL is a simply a tool that calculates risk [and] is not used for enforcement,”66 official documents contradict this characterization. The policy directive establishing the SSL unambiguously states that “Department members may use the SSL as an investigative resource.”67 Other documents imply that police officers do indeed use the SSL for investigatory purposes68 and that the Department actively seeks to integrate use of the SSL into mission assignments.69

Although police do likely use the SSL for enforcement purposes, the Department has imposed limits on such use. A person cannot be arrested simply because their name appears on the list.70 Furthermore, “[p]lacement on the SSL is not a factor for consideration of reasonable suspicion or probable cause and a subject’s score will not be included on any case or arrest reporting documentation.”71 Thus, CPD use of the SSL lies somewhere between using it for enforcement and not using it to establish reasonable suspicion.

Publicly available information suggests police strike this balance by using the SSL as a tool to aid in initial phases of investigation and to monitor individuals on the list. The New York Times reports that “[t]he risk scores have been used numerous times to guide large-scale roundups.”72 Furthermore, CPD has hired the University of Chicago Crime Lab to conduct a “[t]otal overhaul of mission assignments to use predictive analytics and SSL on offenders.”73 If the SSL is used in mission assignments and has guided “large-scale roundups,” but cannot be used for establishing probable cause, then it stands to reason that police use the list to help identify targets of investigation. Unfortunately, the influence of an SSL score on investigatory decisions remains unknown.

Additionally, the SSL likely serves a “monitoring” function. The sheer size of the list, and the fact that it includes “everyone who has been arrested and fingerprinted in Chicago since 2013,”74 suggests that one purpose behind the SSL is a desire to track every person with whom police have had a prior crime-related interaction. The police statement that “[i]ndividuals only really come on our radar with scores of 250 and above” supports this inference.75 The statement implies that there is a qualitative difference between how CPD views someone with a score below 250 and how it views someone with a score above 250. Indeed, the choice of phrase, “come on our radar,” suggests that once an individual’s score exceeds 250, police start paying attention to that individual.76 Furthermore, this threshold is inconsistent with public statements discussed above, which contend that the list seeks only to identify the 1,400 or so people most at risk for gun violence. Quite to the contrary, at least 270,000 individuals have an SSL risk score exceeding 250.77 Moreover, police can use the SSL to access a host of information regarding every individual on the list, including demographic and identification information and verified social media identities.78 With easy access to such a wide range of information, it seems likely that police use the SSL to keep track of a wide swath of the city and facilitate criminal investigations of persons on the list.

D. The Need for Legal Analysis

Given this discussion, an evaluation of the constitutional rights implicated by the SSL deserves close examination. A number of factors raise red flags about the SSL, such as the size of the list, the overrepresentation of communities of color, and the algorithm’s focus on age and victimhood. All suggest the concern that the risk score calculated for a given individual stems from arbitrary factors unrelated to that person’s propensity to commit crime. The lack of transparency regarding how the SSL is used in enforcement is even more worrisome. Beyond a mere unwillingness to reveal to the public how police use the SSL, statements by police officials have consistently misstated facts regarding the program. This tendency provides little reason to trust that the sparse public comments made regarding enforcement provide the full story of police activity. Considering Chicago’s long history of abusive police practices,79 and the likelihood that Chicago police use the SSL for investigatory purposes, this secretive practice by the Department merits close legal scrutiny.

III. The Fourth Amendment and the Strategic Subject List

The Fourth Amendment provides the logical starting point for an analysis of the constitutionality of an enforcement-related police practice, as this area of the Constitution deals most directly with law enforcement. The Fourth Amendment provides that:

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.80

Two Fourth Amendment questions are relevant for the Chicago Police Department’s use of the SSL: First, can the SSL be used as a foundation for probable cause? Second, does the inclusion of an individual onto the SSL itself constitute an unreasonable search? The answer to both questions is likely no. However, the doctrine regarding unreasonable searches is currently in a state of flux. If the Supreme Court commits to the doctrinal change signaled by five justices in United States v. Jones,81 then placement on the SSL may very well fall into the scope of unreasonable searches under the Fourth Amendment.

A. The SSL as a Foundation for Probable Cause or Reasonable Suspicion

The Fourth Amendment requires a finding of probable cause to support the issuance of a warrant, and it imposes a reasonableness requirement for searches and seizures conducted without a warrant.82 In other words, “to interfere with a person’s Fourth Amendment rights, law enforcement officers must have either probable cause to search or reasonable suspicion to seize an individual.”83 Probable cause exists when “the facts and circumstances within [the officers’] knowledge and of which they had reasonably trustworthy information [are] sufficient in themselves to warrant a man of reasonable caution in the belief that an offense has been or is being committed.”84 Reasonable suspicion exists when “the facts available to the officer at the moment of the seizure or the search warrant a man of reasonable caution in the belief that the action taken was appropriate.”85 Reasonable suspicion presents a less rigorous standard than probable cause.86 If the SSL cannot constitutionally provide a basis for reasonable suspicion, it necessarily follows that it cannot provide a basis for probable cause.

The Supreme Court has given further definition to the requirements of reasonable suspicion in two instances. First, the Court has imposed the threshold requirement that investigatory stops “must be justified by some objective manifestation that the person stopped is, or is about to be, engaged in criminal activity.”87 Second, the Court has explained that the “man of reasonable caution” test adopted in Terry v. Ohio88 requires a consideration of the “totality of the circumstances.”89 Thus, reasonable suspicion depends on both “the content of information possessed by police and its degree of reliability.”90 This creates a sliding scale—a greater quantity of information from an unreliable source or a lower quantity of information from a more reliable source can both establish a reasonable suspicion.91

The Supreme Court has offered direction regarding how to assess the reliability of a source. In United States v. Ventresca,92 the Court found that “[o]bservations of fellow officers of the Government engaged in a common investigation,” are reliable sources of information.93 Furthermore, police officers may consider “relevant characteristics of location,” such as the stop occurring in a “high crime area,” as long as “[a]n individual’s presence in an area of expected criminal activity” does not form the sole basis for reasonable suspicion.94 Finally, the Court found in Florida v. J.L95 that anonymous tips given to police may provide a basis for reasonable suspicion if “suitably corroborated [to] exhibit[ ] sufficient indicia of reliability.”96 To suitably corroborate a tip, it must provide predictive information against which police can test the anonymous informant’s knowledge or credibility, and simply describing a person’s “readily observable location and appearance” does not meet this standard.97

With these precedents in mind, it is unlikely that the SSL could independently establish reasonable suspicion. As an initial matter, the SSL cannot satisfy the temporal element of the reasonable suspicion test. Under Terry, the existence of reasonable suspicion depends upon “the facts available to the officer at the moment of the seizure or search.”98 The SSL provides no information about any person’s likelihood of engaging in crime at any particular time. Although the List purports to identify people with a greater risk of either being the perpetrator or victim of gun violence, it makes no temporal prediction as to when that violence will occur. As a result, a police officer who sees someone with an SSL score walking down the street would have no reason to believe, based only upon the SSL score, that criminality was present in that moment.

That said, one might argue that the SSL seems most similar to an anonymous tip, in that it offers information about an individual without allowing police the opportunity to have a direct conversation with the source. The use of the SSL, however, could not meet the suitably corroborated standard for anonymous tips as established in Florida v. J.L.99 While the SSL does provide information particularized to an individual, the information is not predictive in a Fourth Amendment sense. The SSL score represents the level of risk that an individual will be involved in gun violence as either the perpetrator or the victim. As a result, a high-risk score does not mean that a person on the list is likely to commit a crime. Furthermore, the information produced by the SSL is inherently incapable of independent police observation. An individual’s SSL score represents a mathematical estimate of risk calculated by the police. The police create the list. It is exogenous to the person, and thus cannot be corroborated through observation of the individual. Consequently, the SSL almost certainly cannot independently give rise to a reasonable suspicion.

Furthermore, even if one considers use of the SSL as more akin to a “high crime area” analysis, the SSL would likely add no value to the reasonable suspicion calculation. Illinois v. Wardlow permitted officers to consider whether the stop occurred in a “high crime area” because it is a “relevant contextual consideration.”100 In other words, location is an independent fact about the world that informs police judgment. The SSL, however, is a police creation. It calculates the risk scores in the manner that it does because police tell it to do so. The list cannot inform police judgment in the same way location might because the SSL is itself, already a product of police judgment. At least based upon publicly available information, it appears to reveal no new or independent facts about the world. Or in other words, the SSL thus seems to offer no additional relevant context that might support a finding of reasonable suspicion. If the underlying factors of the SSL would contribute to finding reasonable suspicion in a given situation, then the SSL score does no work. On the other hand, if the underlying factors would not give rise to reasonable suspicion in those circumstances, then they cannot be made to do so by using a fancy algorithm.

As a result, courts would likely exclude the SSL risk score from reasonable suspicion calculations. Alternatively, one can imagine a world where courts permit police to include SSL score as a factor only when the traditional methods of showing reasonable suspicion do all the work in making the determination. Put differently, it is conceivable that courts might permit an SSL score to support a finding of reasonable suspicion if the support it provides is de minimis. In either case, even the use of the SSL as one factor among many likely could not constitutionally offer any substantive support for reasonable suspicion.

Consequently, police probably cannot constitutionally use the SSL to support a showing of reasonable suspicion. Use of the SSL as the sole source of reasonable suspicion would therefore likely violate the Fourth Amendment prohibition on unreasonable searches and seizures. Use of the SSL as a factor in showing reasonable suspicion would probably also be impermissible. These concerns may explain why CPD policy makes clear that “[p]lacement on the SSL is not a factor for consideration of reasonable suspicion or probable cause and a subject’s score will not be included on any case or arrest reporting documentation.”101 As long as Chicago police follow this directive, their use of the SSL in investigations likely remains within the boundaries of the Fourth Amendment.

B. The Creation of the SSL as Constituting a Search

The second key Fourth Amendment question is whether the inclusion of an individual on the SSL itself constitutes an unreasonable search. The controlling case in this context is Katz v. United States.102 In Katz, the Supreme Court held that the warrantless invasion of areas in which an individual has “a reasonable expectation of privacy” is “presumptively unreasonable.”103 Katz thus presents two questions: First, has the individual “exhibited an actual (subjective) expectation of privacy?”104 Second, is the expectation “one that society is prepared to recognize as ‘reasonable?’”105

In applying this test, the Court in Katz described places such as homes, offices, hotel rooms, or telephone booths as areas in which individuals may have a reasonable expectation of privacy.106 However, such an expectation does not necessarily arise from these areas: “[w]hat a person knowingly exposes to the public, even in his own home or office, is not a subject of Fourth Amendment protection.”107 The Supreme Court has subsequently elaborated on this “knowing exposure” exception, finding that: facial characteristics, handwriting, and the sounds of voice are not protected by the Fourth Amendment,108 and fingerprints may not be protected.109 Additionally, private information voluntarily revealed to third parties is not protected, including business records,110 the phone numbers a person dials,111 and a person’s movement on public thoroughfares.112

Despite this history, the Supreme Court’s recent decisions in Jones and United States v. Carpenter113 call into question the continued vitality of the “third-party doctrine” described in the preceding paragraph. In Jones, five justices agreed that “longer term GPS monitoring in investigations of most offenses impinges on expectations of privacy.”114 As Justice Alito explains: “society’s expectation has been that law enforcement agents and others would not—and indeed, in the main, simply could not—secretly monitor and catalogue every single movement of an individual’s car for a very long period.”115 And the Supreme Court in Carpenter explicitly adopted the view that the contours of the third-party doctrine should change to reflect the sweeping capabilities of modern surveillance technology.116 In that case, the Court continued down the path it began to blaze in Jones by holding that using historic cell site data to track a person’s location violates the Fourth Amendment.117

Whether the Court decides to continue moving away from a strict adherence to the third-party doctrine will likely matter for determining whether placement on the SSL constitutes a Fourth Amendment search. Following the traditional application of Katz and the third-party doctrine, placement on the SSL likely does not violate a person’s reasonable expectation of privacy. However, following the updated approach emerging from Jones and Carpenter likely leads to the opposite result.

1. Third-party doctrine analysis

Under the traditional application of the third-party doctrine, “a person has no legitimate expectation of privacy in information he voluntarily turns over to third parties.”118 This rule appears to cover almost all of the information used by the SSL in its calculation of risk score. The publicly available version of the SSL calculates risk scores based on eight factors: “[1] number of times being the victim of a shooting incident, [2] age during the latest arrest, [3] number of times being the victim of aggravated battery or assault, [4] number of prior arrests for violent offenses, [5] gang affiliation, [6] number of prior narcotic arrests, [7] trend in recent criminal activity and [8] number of prior unlawful use of weapon arrests.”119 The five factors related to arrest (factors 2, 4, and 6–8) involve easily accessible public records.120 The two factors related to victimhood (factors 1 and 3) must necessarily stem from communication with police, as victims play a crucial role in initiating police investigation. All seven of these factors therefore involve information voluntarily turned over to third parties, bringing it squarely within the confines of third-party doctrine. As for factor five, it seems extremely unlikely any court would find an objectively reasonable expectation of privacy in gang membership. On this account, therefore, placement on the SSL would not invade a reasonable expectation of privacy under Katz.

2. The impact of Jones and Carpenter

However, analyzing placement on the SSL under the more expansive standard suggested by Jones and Carpenter likely leads to the opposite result.121 As discussed above, the decisive factor for the five concurring and dissenting justices in Jones and the Court in Carpenter was the expansive “degree of intrusion” enabled by the respective technologies in those cases.122 Likewise, the predictive algorithm used by the SSL enables government intrusion to a similarly worrying degree by using victim status as a factor in calculating risk score and creating an institutionalized machine of long-term surveillance.

First, the use of victim status as a factor in calculating risk scores impermissibly invades a privacy interest. The Carpenter Court establishes that the third-party doctrine “consider[s] the nature of the particular documents sought to determine whether there is a legitimate expectation of privacy concerning their contents.”123 Crime victims in Illinois are presumed to have a strong expectation of privacy and generally have their identities protected from public disclosure.124 Unlike the limited personal information revealed by pen registers in Miller or the negotiable instruments in Smith,125 crime victim status reveals sensitive, intimate information about a person to which the third-party doctrine should not mechanically apply.126

Additionally, when people report that they have been the victim of a crime, they do so in order to summon the coercive power of the state to seek justice on their behalf. By calling the police, crime victims trigger the state’s fundamental obligation to protect its citizens. People do not anticipate that their calls for help could potentially be used years later to identify them as a target for police enforcement. It makes “no meaningful sense” to consider people in a democratic society availing themselves of their right to the state’s protection of “voluntarily assum[ing] the risk” of turning over information for the government to use surveilling them.127 On a policy level, this Hobson’s choice would likely incentivize at least some people at the margins to avoid calling the police when they need help—as a result producing a probable net loss in public safety. Just as in Jones, where “relatively short-term monitoring of a person’s movements on public streets accords with expectations of privacy that our society has recognized as reasonable,”128 so to do crime victims expect to relinquish some privacy during the investigation and prosecution of the perpetrator. But “the fact of diminished privacy interests does not mean that the Fourth Amendment falls out of the picture entirely.”129 Victims do not expect that some of the worst days of their lives may be accessed repeatedly by police to potentially target them for criminal investigation in the indefinite future. Placement on the SSL therefore violates a reasonable expectation of privacy.

Furthermore, the SSL’s structure suggests that it facilitates and enables widespread surveillance on an industrial level. This inference begins by considering how the predictive technology behind the SSL must function. For the algorithm to produce meaningful, up-to-date risk scores, the data for each individual on the list must be continually updated. Thus, the nature of the SSL requires a constant passive monitoring of everyone on the list for changes in relevant variables. On top of this foundation, consider how the list is populated: it includes every person arrested and fingerprinted in the City of Chicago since 2013.130 As of the public release of data in July 2016,131 the SSL contained 398,000 entries.132 The number of individuals on the list has likely grown even higher since this release. Thus, the constant background monitoring involved in maintaining the SSL affects hundreds of thousands of Chicagoans.

Moreover, consider the impact of the risk scores. Police have indicated that they begin paying attention to individuals who have a risk score above 250.133 With the 2016 list, this corresponds to approximately 270,000 people.134 How police pay attention to this group remains unknown; however, included in the SSL database is a host of demographic, identification, and social media information135 —everything police would need to conduct more detailed monitoring and surveillance activities of these individuals. While it is reasonable to assume that police attention continues to increase in parallel with a heightened SSL risk score, the threshold score of 250 must have some meaning for CPD to so specify it. In the absence of more transparency from the City, one can imagine a system where some sort of occasional surveillance begins at this threshold and then increases in frequency and depth as the score increases. The SSL therefore appears to set up a two-tiered system of basic “data maintenance” monitoring and more intensive “criminal enforcement” monitoring. And because no mechanism currently exists to remove a name from the SSL, this two-tiered system of monitoring may occur at the discretion of police for the indefinite future.

Again, just as in Jones, people may reasonably expect “relatively short-term monitoring” by police.136 Depending on the reason for their arrest, they may even reasonably expect a greater-than-usual amount of monitoring for some period following their release. But, like Jones, where the “line [at which police behavior became a search] was surely crossed before the 4–week mark;”137 so too here, the line is surely crossed before police surveil hundreds of thousands of people for an indeterminate number of years. The SSL strongly resembles the sweeping and retrospective surveillance the Court worries about in Carpenter.138 Following the logic of Jones and Carpenter, such police behavior violates a reasonable expectation of privacy.

Although the Chicago Police Department may not use the SSL as a foundation for probable cause or reasonable suspicion, placing individuals on the list may violate the Fourth Amendment depending upon how case law develops. This uncertainty makes relying on the Fourth Amendment to challenge the usage of the SSL unwise. The Supreme Court may back away from Jones and Carpenter and return to the third-party doctrine. Or the Court may continue to limit the reach of the third-party doctrine in light of modern technological developments, but adopt a test that would still exclude the SSL. Nevertheless, the SSL provides a good argument that the Supreme Court should adopt an expansive rule of the Fourth Amendment that more robustly protects privacy interests.

The SSL represents one of America’s early experiments with predictive policing; as data sciences continue to improve, the quality and intrusive reach of programs like the SSL will continue to grow. Already the SSL involves the continuous monitoring of hundreds of thousands of people for an indefinite period and judges those people in part by peering into their misfortune of being crime victims. Most people would likely view this as a serious breach of privacy, and so too should the law.

IV. Procedural Due Process Analysis

Although the SSL and other methods of predictive policing clearly deal with law enforcement, thinking of them solely in terms of Fourth Amendment search doctrine ignores the broader implications of this underlying technology. Predictive data aggregations of the type exemplified by the SSL could have uses for many aspects of government, and it is not difficult to imagine a regime in which these sorts of “lists with consequences” impact access to social services. China provides an extreme example of the possibilities—beginning in 2020, the Chinese government will produce trust scores for all citizens by peering deeply into their private lives.139 People with higher trust scores will be rewarded with a variety of social service and commercial benefits, while those with lower scores will see penalties.140 While it is nearly impossible to imagine such a pervasive system ever gaining traction in the United States, the China example helps illustrate the need to view the SSL as more than a law enforcement tool. Rather, the SSL should also be viewed as one variety of this broader category of “lists with consequences.”

Considering the SSL from this angle reveals an additional constitutional deficiency: placement on the SSL by the Chicago Police Department likely works a deprivation of liberty without due process of law in violation of the Fourteenth Amendment. To reach this conclusion, this section provides: an overview of procedural due process jurisprudence, examines the application of procedural due process in airline no-flight list cases, and finally, analyzes the SSL under this doctrine.

A. Overview of Procedural Due Process

The Fourteenth Amendment provides that “no state shall deprive any person of life, liberty, or property, without due process of law.”141 Constitutionally adequate process minimally requires notice and the opportunity to be heard.142 Further determining the precise procedures required in a given situation is a fact-intensive process. As the Supreme Court held in Mathews v. Eldridge,143 due process requires the consideration of three factors:

First, the private interest that will be affected by the official action; second, the risk of an erroneous deprivation of such interest through the procedures used, and the probable value, if any, of additional or substitute procedural safeguards; and finally, the Government’s interest, including the function involved and the fiscal and administrative burdens that the additional or substitute procedural requirement would entail.144

When the Mathews balance weighs in favor of the government, no additional process is required; however, adequate due process requires additional procedures when the balance weighs toward the individual.

The recent movement of courts to apply Mathews balancing in airline no-fly list cases suggests the propriety of using this reasoning in the context of the SSL. In Latif v. Holder,145 the District Court of Oregon held that “the absence of any meaningful procedures to afford Plaintiffs the opportunity to contest their placement on the No-Fly List violates Plaintiffs’ rights to procedural due process.”146 While courts had dismissed earlier due process challenges to the No-Fly List on jurisdictional grounds,147 the Ninth and Sixth Circuits led the way in rejecting such reasoning beginning in 2012.148 With the jurisdictional hurdle cleared, the District Court’s holding in Latif spurred the Transportation Security Administration (TSA) to undertake significant reforms.149 To satisfy the requirements of due process, the Latif court required that “the plaintiffs must receive notice of their No Fly List status and a statement of reasons that would enable them to submit responsive evidence.”150 In reply, the government subsequently pledged to so update its procedures and apply them to a class of individuals beyond the specific plaintiffs in the case.151 Although difficult questions remain as to the precise requirements of procedural due process in the No Fly List context,152 Latif provides a good example of how procedural due process applies in situations where the government uses a list to track members of the populace.

B. The Latif v. Holder Example

As Latif demonstrates, the first prong of the Mathews balancing test—a private interest affected by placement on the government list—provides the threshold inquiry in procedural due process cases. If placement on the list adversely affects no private liberty or property interest, then the Constitution requires no process. In Latif, the Court determined that Mathews balancing was appropriate because “Defendants’ inclusion of Plaintiffs on the No–Fly List has deprived Plaintiffs of their constitutionally-protected liberty interests in travel and reputation.”153 Having made this determination, the Latif court then proceeded to weigh these liberty interests against the risk of erroneous deprivation, the probable value of additional safeguards, and the government’s interest, as required by the remaining two prongs of the Mathews test.154

The court found that the TSA’s procedures carried a high risk of erroneous deprivation and that the probable value of additional safeguards was high. Although the government used a “reasonable suspicion” standard to initially place a person on the No-Fly List and had some procedure for challenging one’s inclusion, the court concluded these procedures were insufficient. The procedures carried a high risk of erroneous deprivation because the government refused to tell passengers who were denied boarding and submitted inquiries whether they were on the No-Fly List or why they were placed on the List.155 As a result, the court worried that easily correctable errors would remain unfixed.156 The court further found that “additional procedural safeguards would have significant probative value” because “notice of the reasons for inclusion on the No–Fly List as well as an opportunity to present exculpatory evidence would help ensure the accuracy and completeness of the record [and] would provide aggrieved travelers the opportunity to correct ‘simple factual errors’ with ‘potentially easy, ready, and persuasive explanations.’”157 As a result of these two conclusions, the District Court held that the second Mathews factor weighed heavily for the plaintiffs.158

Next, the court found that significant government interests were at stake. Indeed, the court quickly concluded that “the governmental interests in combating terrorism and protecting classified information are particularly compelling.”159 As a result, the District Court held that the third Mathews factor weighed heavily in the government’s favor.160

After analyzing each factor individually, the Latif court finally balanced the Mathews factors against one another, ultimately concluding that the Constitution required additional process.161 Although the District Court was sympathetic to the government’s compelling interest in national security, the lack of notice to individuals placed on the No-Fly List proved decisive162 :

Defendants’ failure to provide any notice of the reasons for Plaintiffs’ placement on the No–Fly List is especially important in light of the low evidentiary standard required to place an individual in the TSDB in the first place. When only an ex parte showing of reasonable suspicion supported by “articulable facts taken together with rational inferences” is necessary to place an individual in the TSDB, it is certainly possible, and probably likely, that “simple factual errors” with “potentially easy, ready, and persuasive explanations” could go uncorrected. See Al Haramain, 686 F.3d at 982. Thus, without proper notice and an opportunity to be heard, an individual could be doomed to indefinite placement on the No–Fly List. Moreover, there is nothing in the DHS TRIP administrative or judicial-review procedures that remedies this fundamental deficiency. The procedures afforded to Plaintiffs through the DHS TRIP process are wholly ineffective and, therefore, fall short of the “elementary and fundamental requirement of due process” to be afforded “notice reasonably calculated, under all the circumstances, to apprise interested parties of the pendency of the action and afford them an opportunity to present objections.” See Mullane, 339 U.S. at 314, 70 S.Ct. 652.163

To remedy this lack of due process, the court ordered the government to provide the plaintiffs “with notice regarding their status on the No–Fly List and the reasons for placement on that List,” such that they could “submit evidence relevant to the reasons for their respective inclusions on the No–Fly List.”164

C. Application to the Strategic Subject List

Although Latif is only a district court case within the Ninth Circuit, it provides a useful lens through which to analyze Chicago’s use of the SSL because of the facial similarity between the No-Fly List and the SSL:

1. Both mechanisms involve government lists of people.

2. Consequences follow for the people on each list.

3. In neither case did the people on the list have notice of their inclusion.

4. The government interest in each situation deals with public safety concerns (national security in Latif and reducing violent crime in the SSL context).

5. Finally, the government’s decision to not appeal the Latif order and to instead expand their procedural reforms to a class of people beyond the named plaintiffs in the case165 suggests that the government believed the district court’s ruling was reflective of the likely outcome on appeal.

Latif thus provides a good starting point for understanding how a court would approach a procedural due process claim against CPD’s use of the SSL. Although different liberty interests are at stake than in Latif, placement on the SSL likely violates at least two protected liberty interests. Furthermore, the second and third Mathews factors likely weigh heavily against the government. As a result, the Fourteenth Amendment almost certainly requires individuals placed on the SSL to receive notice and the opportunity to be heard.

1. Deprivation of liberty

Compared to Latif, the question of whether placement of a person on the SSL deprives that person of a protected liberty or property interest is less straightforward. The harm resulting from a person’s placement on the No-Fly List is very concrete: the inability to board an airplane. The consequences of an individual’s placement on the SSL are less immediately visible, making identifying the protected liberty interests involved more difficult. Nevertheless, it is clear that the Chicago Police Department’s use of the SSL deprives the people placed on the list of their protected interests in information privacy and avoiding stigma.

a. Interest in information privacy

In Whalen v. Roe,166 the Supreme Court described an “individual interest in avoiding disclosure of personal matters.”167 Although the Supreme Court has not fully developed this constitutional right to information privacy,168 the Seventh Circuit recognizes this right.169 In the Seventh Circuit, the existence of a privacy interest in information “depends upon whether [there is] a reasonable expectation of privacy in the information.”170 This test is virtually identical to that used in Katz; as a result, the same considerations apply as in the Fourth Amendment context.171 Consequently, the extent of the privacy interest will again depend on the evolution of the ideas expressed by the five concurring and dissenting justices in Jones.

However, the test here does go slightly further than in the Fourth Amendment context: because it explicitly focuses on information, the question arises whether an individual on the SSL has a reasonable expectation of privacy in the risk score generated for them? The answer to this question seems to be unambiguously yes. The risk score purports to predict a person’s likelihood to be involved in violent crime. This is incredibly sensitive personal information. As displayed by the Chicago police’s own behavior in using the SSL as an investigative resource, the common inference people draw from learning someone’s risk score is one of criminality. As a person’s risk score increases, the inference correspondingly shifts to one of violent criminality. Any person would want this information to remain as private as possible. Indeed, disclosure of the information may have serious consequences for the individual in their dealings with neighbors, employers, and police. As a result, a person would reasonably expect privacy in their SSL risk score.

Therefore, use of the SSL violates the “individual interest in avoiding disclosure of personal matters.”172 Unlike in Whalen, where the personal data was heavily fortified and a grand total of only forty-one people had access to the information,173 here risk scores are widely accessible by police officers.174 Presumably the Chicago police could give access to other government officials or even make risk scores public. But the wide access by police is enough—the ability of any member of the Police Department to look up a risk score, draw a negative inference of the individual based on that risk score, and potentially share that risk score to others in the community, means disclosure is probably fairly widespread. As a result, the use of the SSL invades a constitutionally protected liberty interest.

b. Interest in avoiding stigma

In Wisconsin v. Constantineau,175 the Supreme Court found a protected liberty interest in “a person’s good name, reputation, honor, or integrity.”176 As the Seventh Circuit has elaborated: this “stigmatic harm must take concrete forms and extend beyond mere reputational interests” for the deprivation of a protected liberty interest to occur.177 Stigmatic harms flowing from placement on the SSL clearly meet both the “concreteness” and “beyond reputational interests” prongs of this test. Inclusion on the list likely results in: 1) some level of police monitoring, which may include monitoring social media accounts; 2) an increased police assumption that the individual is likely to commit criminal acts (as evidenced by the apparent use of the SSL to inform investigatory decisions); and 3) an increased likelihood that the person will be placed in the Custom Notifications program (which carries with it the threat of severe punishment for any subsequent arrest).

Furthermore, once on the list, the amount of police scrutiny an individual receives depends on factors largely beyond their control, namely: age, victimhood status, past arrests, and even police decisions to change the risk calculation formula. Thus, upon placement on the SSL, an individual may have limited ability to reduce their visibility to police. Moreover, the absence of any mechanism for escaping these consequences effectively turns placement on the SSL into a life sentence. Consequently, the list has the effect of cleaving the city in two: (1) a portion not on the list and presumed to be law-abiding; and (2) the other portion on the SSL and confronted with frequent suspicion by police.178 Therefore, placement on the SSL results in numerous concrete stigmatic harms, thus depriving persons on the list of a protected liberty interest.

2. Risk of erroneous deprivation and probable value of safeguards

The risk of erroneous deprivation of these liberty interests is very high. Currently, individuals placed on the SSL receive exactly zero process—a person can be placed on the list, have a risk score calculated, and become the target of police monitoring and enforcement behavior with no notice at any point and no opportunity to contest their presence on the list. Moreover, police use no evidentiary standard to determine who gets placed on the list; to the contrary, any person arrested and fingerprinted in Chicago is entered into the database. At least in Latif the government had some evidentiary basis for including a person on the No-Fly List, and some limited procedures existed for challenging one’s inclusion on this list. If the likelihood of erroneous deprivation was high in that case, then it must be even higher in circumstances where not even such limited safeguards exist. Considering the size of the SSL, the list is likely filled with people who pose no risk of involvement in violent crime, regardless of the risk score the algorithm calculates for them.

Additional safeguards would have a great deal of value in reducing this risk. Indeed, given the status quo of no safeguards, adding almost any procedures would reduce the likelihood of error. In particular, procedures that gave individuals notice of their inclusion on the list and some opportunity to contest that inclusion would go a long way. Just as in Latif, notice and the opportunity to be heard would provide “the opportunity to correct ‘simple factual errors’ with ‘potentially easy, ready, and persuasive explanations.’”179 Considering that factors beyond individual control—namely age and victimhood status—heavily drive the algorithmic calculation of risk scores, many people could likely easily and persuasively explain why a concern that they will commit violent crime is unfounded. Because the risk of erroneous deprivation and the probable value of additional safeguards are both so high, the second Mathews factor appears to weigh more strongly in favor of a person on the SSL than it did in favor of the Latif plaintiffs.

3. Government interest

The government likely has a lesser interest in the SSL context than it did in Latif. The government undoubtedly has a valid and compelling interest in reducing violent crime. However, the link between the SSL and crime reduction is much less straightforward than between the No-Fly List and national security. By preventing suspected terrorists from getting on airplanes, the No-Fly List theoretically functions to proximately prevent acts of terror in air travel. The causal link between the SSL and crime reduction is much more attenuated. While the steps that formulate the SSL—creating a dragnet list of every person arrested in the city, developing a predictive algorithm, applying that algorithm to everyone on the list to estimate risk of involvement in a shooting or murder, then using that list to guide intervention and enforcement activity—plausibly provides some assistance to the police in their efforts to reduce gun violence, the marginal impact of the SSL on gun violence appears to be much smaller than the marginal impact of the No-Fly List on terrorism. In fact, the only published empirical study of the SSL called into doubt the predictive power of an early version of its algorithm.180 As a result, the City’s interest in the SSL is less than the federal government’s interest in the No-Fly List described in Latif.

Within the SSL context then, the second Mathews factor weighs more heavily toward an individual on the list, and the third Mathews factor weighs less heavily toward the government than in Latif. Considering how the lack of notice proved decisive for the Latif court, a complete lack of any process in the SSL context and a Mathews balance less favorable to the government should make this an easy procedural due process case. As the Supreme Court has stated, “[w]here a person’s good name, reputation, honor, or integrity is at stake because of what the government is doing to him, notice and an opportunity to be heard are essential.”181 So too here: the Due Process Clause of the Fourteenth Amendment likely requires Chicago police to provide individuals whose names are placed on the SSL with notice and the opportunity to be heard.

V. The Illinois Civil Rights Act

In addition to the constitutional concerns posed by the SSL, the Chicago Police Department’s use of the list also raises issues under the Illinois Civil Rights Act. The Act provides that:

No unit of State, county, or local government in Illinois shall: (1) exclude a person from participation in, deny a person the benefits of, or subject a person to discrimination under any program or activity on the grounds of that person’s race, color, national origin, or gender; or (2) utilize criteria or methods of administration that have the effect of subjecting individuals to discrimination because of their race, color, national origin, or gender.182

To state a prima facie claim under this statute, “[a] plaintiff must allege that defendant treated the plaintiffs differently because of their inclusion in an identifiable and constitutionally protected class.”183 Once the plaintiff has made and proved such an allegation,

the burden shifts to the City to demonstrate that its policy or practice had ‘“manifest relationship”‘ to a legitimate, non-discriminatory policy objective and was necessary to the attainment of that objective. If the City shows that its actions were justified, then the burden shifts back to Appellants to show ‘a viable alternative means’ was available to achieve the legitimate policy objective without discriminatory effects.184

Importantly, the Illinois Civil Rights Act “does not reference intent of the allegedly discriminatory party.”185

The Chicago Police Department’s use of the SSL likely would support a disparate impact claim under the Illinois Civil Rights Act. Young men of color are overrepresented on the list, and large proportions of the African-American and Latino communities in Chicago find themselves included on the SSL.186 By contrast, only a small proportion of the white community is included on the SSL.187 In light of the two-tiered monitoring scheme discussed above, the impact of these racial disparities translates into the police having a large amount of surveillance penetration into Chicago’s black and brown communities, while exercising very little corresponding penetration into the city’s white community. This race-based discrepancy in policing looks very similar to that described in Central Austin Neighborhood Association v. City of Chicago. The court in Central Austin denied the City’s motion to dismiss, finding that Chicago’s use of “a method of administering responses to 911 calls that ha[d] the effect of subjecting the residents of police districts populated mostly by African-Americans and Hispanics to longer waiting periods, on average, for responses to 911 calls” sufficiently alleged a violation of the Act.188 Therefore, just as in Central Austin, the CPD’s use of the SSL likely “utilize[s] criteria or methods of administration that have the effect of subjecting individuals to discrimination because of their race, color, national origin, or gender” in violation of the Illinois Civil Rights Act.189

The Chicago Police Department may respond that use of the SSL has a “manifest relationship” to the “legitimate, non-discriminatory policy objective” of reducing violent crime.190 However, considering that the SSL is designed to identify people likely to be involved in a violent crime as either the perpetrator or victim,191 the relationship between risk score and actual propensity to commit violent crime must be attenuated at best. Some scholarship on an early version of the SSL even suggests that the algorithm used may lack predictive power altogether.192 Given the resulting high likelihood of sweeping up innocent individuals, it seems simply false to say that use of the SSL, regardless of its racially disparate impact, is “necessary to the attainment” of violent crime reduction.193

Furthermore, it is easy to imagine many “viable alternative means without discriminatory intent.”194 For example, the City could hire more homicide detectives to improve its abysmal and historically low murder clearance rate,195 thereby increasing the deterrence and incapacitation of violent offenders. At any rate, a court need not tell the City exactly how to remedy the racially disparate impact; “the City will retain authority to devise procedures that have no unjustified discriminatory effects.”196 Thus, separate from the program’s constitutionality, the Chicago Police Department’s use of the SSL likely creates a racially disparate impact in violation of the Illinois Civil Rights Act.

VI. Conclusion

This Comment calls into question the legality of the Chicago Police Department’s use of the SSL. The SSL likely cannot be used as a basis for probable cause or reasonable suspicion. Placement on the SSL may itself constitute an unreasonable search under the Fourth Amendment, depending upon whether and how the Supreme Court chooses to limit the third-party doctrine following its decisions in

United States v. Jones197 and Carpenter v. United States.198 Additionally, even if placement on the SSL does not violate Fourth Amendment rights, the List nevertheless invades the liberty interests in information privacy and avoiding stigma of those placed on it. In light of these deprivations and the complete lack of any protective procedures, the balancing test under Mathews v. Eldridge indicates that current usage of the SSL violates the procedural due process rights of individuals placed on the List.199 Finally, independent of these constitutional violations, the racially disparate impact of the SSL likely violates the Illinois Civil Rights Act.

These numerous legal deficiencies suggest that cities in general should proceed carefully with the creation of predictive policing technologies such as the SSL. Ideally, courts will expand Fourth Amendment doctrine in a way that recognizes the pervasive threat predictive analytics poses to individual privacy. Even if it does not, the procedural due process analysis conducted herein suggests that individuals placed on such “lists with consequences” by the government must receive notice and the opportunity to be heard. Additionally, the government should ensure that the predictive technology it uses does not impose racially disparate burdens upon marginalized communities.

As for Chicago in particular, this analysis demands serious accountability for the SSL program. The City should vastly increase its transparency about how it uses the SSL so that the public may explore the full extent of the enforcement, its wide-spread surveillance, and its disparate impact on marginalized communities. More importantly, the City should immediately reform the program to provide notice and the opportunity to be heard to all individuals placed on the list, and to eliminate its racially disparate impact. Yet even if these reforms are made, the SSL still will likely invade the privacy interests of thousands of Chicagoans. Therefore, an end to the SSL would best protect the liberty of the people of Chicago. Chicago police have legitimate authority because of the consent of the governed. They are not Big Brother. A secretive government watch-list that facilitates the indefinite surveillance of nearly 400,000 Chicagoans is simply inconsistent with the ideals and laws of a free society.

1See Jeremy Gorner, Chicago Police Use ‘Heat List’ as Strategy to Prevent Violence, Chi. Trib. (Aug. 21, 2013),https://perma.cc/PRW2-88MN.
2Id.
3See Mick Dumke & Frank Main, A Look Inside the Watchlist Chicago Police Fought to Keep Secret, Chi. Sun Times (May 18, 2017), http://chicago.suntimes.com/chicago-politics/what-gets-people-on-watch-list-chicago-police-fought-to-keep-secret-watchdogs/ (https://perma.cc/M3TH-7G‌W‌C).
4Predictive Policing, Nat’l Inst. of Justice,(last modified June 9, 2014) https://‌perma‌.cc/3ENZ-PXSL.
5Id.
6See Andrew Guthrie Ferguson, Predictive Policing and Reasonable Suspicion, 62 Emory L.J. 259, 265 (2012).
7See Elizabeth E. Joh, Policing by Numbers: Big Data and the Fourth Amendment, 89 Wash. L. Rev. 35, 43–44 (2014) (“[the CompStat system involved] weekly meetings at the N.Y.P.D. headquarters at which a revolving group of commanding officers around the city gave accountings of themselves for the recent crime data collected in their precinct. By evaluating performance by the rise or fall of crime data within their precincts, CompStat meetings forced accountability upon commanding officers. Such data-driven policing spread to other departments around the United States when crime rates began to fall dramatically within New York City, a result the police attributed to its reliance upon CompStat, along with the adoption of “broken windows” policing and aggressive stop and frisk tactics. CompStat and similar programs inspired by it rely on the collection of crime statistics to inform police decision-making.”); see also, e.g., The Wire: Dead Soldiers (HBO television broadcast Oct. 3, 2004) (Season Three, Episode Three) (depicting the use of CompStat in Baltimore).
8See, e.g., id. at 44 (“The innovation of predictive policing is the application of artificial intelligence to such large data sets.”).
9Id. at 42.
10See Ferguson, supra note 6, at 265.
11Jackson Polansky & Henry F. Fradella, Does “Precrime” Mesh With the Ideals of U.S. Justice?: Implication for the Future of Predictive Policing, 15 Cardozo Pub. L. Pol’y & Ethics J. 253, 257–58 (2017).
12See Laura Myers, Allen Parrish & Alexis Williams, Big Data and the Fourth Amendment: Reducing Overreliance on the Objectivity of Predictive Policing, 8 Fed. Cts. L. Rev. 231, 232 (2015).
13Polansky & Fradella, supra note 11, at 257.
14See Andrew Guthrie Ferguson, Big Data and Predictive Reasonable Suspicion, 163 U. Pa. L. Rev. 327, 372–73 (2015).
15Joh, supra note 7, at 46.
16Ferguson, supra note 14, at 373.
17See Ferguson, supra note 6, at 268–69 (“The Los Angeles and Santa Cruz Police Departments may be ahead of other cities in testing the predictive policing model, but they are by no means the only law enforcement agencies using the technique. Jurisdictions as diverse as Palm Beach County, Florida; Memphis, Tennessee; Chicago, Illinois; Minneapolis, Minnesota; and Dallas, Texas, are testing predictive policing tactics.”); Ferguson, supra note 14, at 373 (identifying Charlotte-Mecklenburg, North Carolina as a jurisdiction which uses the “bad guy list” method).
18See Polansky & Fradella, supra note 11, at 257–58.
19Timothy Mclaughlin, As Shootings Soar, Chicago Police Use Technology to Predict Crime, Reuters (Aug. 5, 2017), https://www.reuters.com/article/us-chicago-police-technology/as-shoo‌tings‌-soar-chicago-police-use-technology-to-predict-crime-idUSKBN1AL08P (https://perma.cc/LK6J-V‌N‌‌LQ).
20Id.
21Matt Masterson, CPD Adds New Predictive Crime Center on West Side, Chi. Tonight (October 26, 2017), http://chicagotonight.wttw.com/2017/10/26/cpd-adds-new-predictive-crime-center-‌west‌-side [https://perma.cc/C24W-8PY7].
22Id.
23See Mclaughlin, supra note 19.
24Yana Kunichoff & Patrick Sier, The Contradictions of Chicago Police’s Secretive List, Chicago Magazine (Aug. 21, 2017), http://www.chicagomag.com/city-life/August-2017/Chicago-Pol‌ice‌-Strategic-Subject-List/ [https://perma.cc/GCZ8-5JAT].
25Chi. Police Dep’t, Spec. Order S09-11: Strategic Subject List (SSL) Dashboard (2016), http://directives.chicagopolice.org/directives/data/a7a57b85-155e9f4b-50c15-5e9f-7742e3‌a‌c‌‌‌8‌b0‌ab2d3‌.html?hl=true [http://perma.cc/9TY5-F5B4] [hereinafter Spec. Order S09-11].
26See Gorner, supra note 1.
27Spec. Order S09-11, supra note 25.
28See Dumke & Main, supra note 3; Office of News Affairs, Chi. Police Dep’t, CPD Welcomes the Opportunity to Comment on Recently Published RAND Review (2016), http://4abpn833c0nr1zvwp7447f2b.wpengine.netdna-cdn.com/wp-content/uploads/2016‌/08‌/RAND‌_Response-1.pdf [https://perma.cc/H9RM-6EXQ] [hereinafter CPD Welcomes the Opport-unity].
29This version contains data from August 1, 2012 to July 31, 2016. Chi. Data Portal, Strategic Subject List (May 21, 2017), https://data.cityofchicago.org/Public-Safety/Strategic-Sub‌ject-List/4aki-r3np [https://perma.cc/89UW-PWWH] [hereinafter Strategic Subject List].
30Id.
31Spec. Order S09-11, supra note 25.
32See Jeff Asher & Rob Arthur, Inside the Algorithm That Tries to Predict Gun Violence in Chicago, N.Y. Times (Jun. 13, 2017), https://www.nytimes.com/2017/06/13/upshot/what-an-algo‌rithm-reveals-about-life-on-chicagos-high-risk-list.html?_r=1 (last visited Mar. 2, 2018); Dumke & Main, supra note 3.
33See Asher & Arthur, supra note 32 (explaining that “[b]ecause the department didn’t release all the information that the algorithm uses, our estimates of the significance of each characteristic are only approximate. But using what was available to us, we could predict risk score very accurately, suggesting that we are capturing much of the important information that goes into the algorithm.”).
34See id. (providing the estimates listed below).
35See id.; Dumke & Main, supra note 28.
36See Dumke & Main, supra note 28
37Spec. Order S09-11, supra note 25.
38See Strategic Subject List, supra note 29.
39Spec. Order S09-11, supra note 25.
40See Asher & Arthur, supra note 32.
41See Strategic Subject List, supra note 29; CPD Welcomes the Opportunity, supra note 28.
42See Dumke & Main, supra note 28; Aamer Madhani, Two Men Charged in Chicago Shooting Death of Dwayne Wade’s Cousin, USA Today (Aug. 28, 2016), https://www.usato‌day.com/story/news/2016/08/28/two-men-charged-chicago-shooting-dwyane-wades-cousin/‌8950‌73‌62/ [https://perma.cc/A94K-NXAZ]; Monica Davey, Chicago Police Try to Predict Who May Shoot or Be Shot, N.Y. Times (May 23, 2016), https://www.nytimes.com/2016/05/24/us/armed-with-data-chicago-police-try-to-predict-who-may-shoot-or-be-shot.html (last visited Mar. 2, 2018).
43Dumke & Main, supra note 28.
44Tanveer Ali, Police Assign ‘Heat Score’ to 398,000 People to Track Violence, DNAInfo Chicago (May 12, 2017), https://www.dnainfo.com/chicago/20170512/austin/police-assign-heat-score‌‌-398000-people-track-violence [https://perma.cc/KD88-UT25].
45Chi. Data Portal, Strategic Subject List – Dashboard (May 1, 2017), htt‌ps‌://‌data‌.cityofchicago.org/Public-Safety/Strategic-Subject-List-Dashboard/wgnt-sjgb [https://‌per‌ma‌.cc/8‌9‌U‌W-PWWH] [hereinafter Strategic Subject List – Dashboard].
46See Asher & Arthur, supra note 32.
47Id.
48Id.
49On a list containing 398,685 entries, 207,847 are coded “BLK,” indicating the individual is African-American. Thus, 52.13% of individuals on the list are African-American. See Strategic Subject List – Dashboard, supra note 45.
50See Kunichoff & Sier, supra note 24.
51Dumke & Main, supra note 28.
52See Kunichoff & Sier, supra note 24 (“[T]here’s very little information available about how police are using the list. Asked to provide details which social services are offered and how, or how the SSL might assist in investigations, city and police officials either declined to comment or referred reporters to other people who could not answer.”).
53Spec. Order S09-11, supra note 25 (“The SSL model drives a custom notification process that identifies potential criminal actors and victims associated with the continuum of violence”).
54Chi. Police Dep’t, Spec. Order S10-05: Custom Notifications in Chicago (2015), http://directives.chicagopolice.org/directives/data/a7a57bf0-1456faf9-bfa14-570a-a2deebf33c‌56ae‌59.html [perma.cc/2RA5-456U] [hereinafter Spec. Order S10-05].
55Id.
56Id.; Kunichoff & Sier, supra note 24 (“[T]he program sends out police officers, community members, and personal friends to convince an individual (typically gang-affiliated) that they are risking their life or their freedom by being involved in violence.”).
57Spec. Order S10-05, supra note 54.
58Id.
59Ali, supra note 44 (quoting policing spokesman Anthony Guglielmi); see also Kunichoff & Sier, supra note 24; Dumke & Main, supra note 28 (“[police spokesman] Guglielmi says the scores are mostly used by police and outreach workers to warn those at risk they could be headed for catastrophe and to offer help finding jobs and counseling”); Gorner, supra note 1 (“[P]olice extend them an olive branch of sorts, an offer of help obtaining a job or of social services.”).
60Spec. Order S10-05, supra note 54.
61Davey, supra note 42.
62Gorner, supra note 1.
63Spec. Order S10-05, supra note 54.
64Kunichoff & Sier, supra note 24.
65See Davey, supra note 42.
66Ali, supra note 44.
67Spec. Order S09-11, supra note 25.
68CPD Welcomes the Opportunity, supra note 28 (“[t]he SSL informs numerous CPD strategies”).
69City of Chi., Department of Procurement Services Non-Competitive Review Board (NCRB) Application: The University of Chicago Crime Lab (2017), https://www.cityof‌chicago‌.org‌/content/dam/city/depts/dps/SoleSource/NCRB2017/Approved‌NCRBUOCcrimelab0217‌‌.pdf‌ [ht‌t‌ps://perma.cc/4LVV-PSTM] [hereinafter NCRB Application] (explaining that a “key activity” for which CPD entered a contractual relationship with the University of Chicago Crime Lab included “[t]otal overhaul of mission assignments to use predictive analytics and SSL on offenders”).
70See Dumke & Main, supra note 28; Mitch Dudek, Top Cop Fields Obvious and Frustrating Question, Chi. Sun Times (Jun. 20, 2016), https://chicago.suntimes.com/news/eddie-johnson-chi‌cago‌-police-homicides/amp/ [https://perma.cc/T32W-NTPP].
71Spec. Order S09-11, supra note 25; see also Ali, supra note 44 (“does not establish probable cause for arrest or even questioning”).
72Asher & Arthur, supra note 32; cf. Kunichoff & Sier, supra note 24 (“CPD has stated that 280 individuals with SSL scores were arrested in four gang raids during a six-month span in 2016”).
73NCRB Application, supra note 69.
74Dumke & Main, supra note 28.
75Id.
76A score of 250 is the midpoint in the range produced by the SSL algorithm. See supra note 31 and accompanying text. Considering the secrecy surrounding the algorithm, it is not clear if there is any other reason why police use it as their threshold. What is clear is that it functions as a sorting mechanism: crossing this score seems to trigger the possibility for active monitoring by police (as opposed to exclusively passive tracking by the algorithm).
77See Strategic Subject List – Dashboard, supra note 45.
78Spec. Order S09-11, supra note 25.
79See, e.g., U.S. Dep’t of Justice Civil Rights Division, Investigation of the Chicago Police Department (2017), https://www.justice.gov/opa/file/925846/download, https://perma‌.cc‌/‌3L‌BT-NCNQ]; Julie Bosman and Mitch Smith, Chicago Police Routinely Trampled on Civil Rights, Justice Dept. Says, N.Y. Times (Jan. 13, 2017), https://www.nytimes‌.com‌/2017‌/01/13‌/us‌/chicago-police-justice-department-report.html (last visited Mar. 2, 2018).
80U.S. Const. amend. IV.
81565 U.S. 400 (2012).
82U.S. Const. amend. IV.
83Ferguson, supra note 6, at 286.
84Brinegar v. United States, 338 U.S. 160, 175–76 (1949).
85Terry v. Ohio, 392 U.S. 1, 21–22 (1968).
86See Alabama v. White, 496 U.S. 326, 330 (1990) (“Reasonable suspicion is a less demanding standard than probable cause not only in the sense that reasonable suspicion can be established with information that is different in quantity or content than that required to establish probable cause, but also in the sense that reasonable suspicion can arise from information that is less reliable than that required to show probable cause.”).
87United States v. Cortez, 449 U.S. 411, 417 (1981).
88392 U.S. at 21–22.
89White, 496 U.S. at 330.
90Id.
91See id.
92380 U.S. 102 (1965).
93Id. at 111.
94Illinois v. Wardlow, 528 U.S. 119, 124 (2000).
95529 U.S. 266 (2000).
96Id. at 270.
97Id. at 270–72.
98Terry v. Ohio, 392 U.S. 1, 21–22 (1968) (emphasis added).
99529 U.S. 266, 270–72 (2000); see also Navarette v. California, 572 U.S. 393 (2014) (finding that an anonymous 911 caller complaining about a possible drunk driver provided sufficient indicia of reliability by contemporaneously identifying a specific vehicle using a channel of communication in which they were unlikely to lie).
100528 U.S. at 124.
101Spec. Order S09-11, supra note 25.
102389 U.S. 347 (1967).
103Id. at 360–61 (Harlan, J., concurring).
104Id. at 361 (Harlan, J., concurring).
105Id.
106Id. at 359.
107Id. at 351.
108See United States v. Dionisio, 410 U.S. 1, 14 (1973).
109See Davis v. Mississippi, 394 U.S. 721, 727–28 (1969).
110See United States v. Miller, 425 U.S. 435, 437 (1976).
111See Smith v. Maryland, 442 U.S. 735, 745–46 (1979).
112See United States v. Knotts, 460 U.S. 276, 281 (1984).
113138 S. Ct. 2206 (2018).
114565 U.S. at 415 (Sotomayor, J., concurring); Id. at 430 (Alito, J., dissenting).
115Id. at 430 (Alito, J., dissenting).
116Carpenter, 138 S. Ct. at 2219 (“The Government’s position fails to contend with the seismic shifts in digital technology that made possible the tracking of not only Carpenter’s location but also everyone else’s, not for a short period but for years and years”).
117Id. at 2217 (“Whether the Government employs its own surveillance technology as in Jones or leverages the technology of a wireless carrier, we hold that an individual maintains a legitimate expectation of privacy in the record of his physical movements as captured through [cell-site location information]”).
118Smith, 442 U.S. at 743–44.
119Strategic Subject List, supra note 29.
120See Chi. Police Dep’t, Chicago Police Department Arrest Record Search (2018), http‌://publicsearch1.chicagopolice.org/ [https://perma.cc/QK8R-59JK].
121See, e.g., supra note 116
122See Jones, 565 U.S. at 430 (Alito, J., dissenting); Carpenter, 138 S. Ct. at 2217–18.
123Carpenter, 138 S. Ct. at 2219.
124See, e.g., 5 Ill. Comp. Stat. 140/7(1)(c) (2017) (Exempting from public inspection “[p]ersonal information contained within public records, the disclosure of which would constitute a clearly unwarranted invasion of personal privacy, unless the disclosure is consented to in writing by the individual subjects of the information”); State Journal-Register v. Univ. of Ill. Springfield, 994 N.E.2d 705, 718–19 (Ill. App. Ct. 2013) (finding that revealing the name of a crime victim would constitute an “unwarranted invasion of personal privacy [which] outweighs the public interest” and exempting such disclosure under 5 Ill. Comp. Stat. 140/7(1)(c)).
125See Carpenter, 138 S. Ct. at 2219.
126See id. at 2217–19.
127See id. at 2220.
128See Jones, 565 U.S. at 430 (Alito, J., dissenting).
129Carpenter, 138 S. Ct. at 2219.
130See supra note 43 and accompanying text.
131See supra note 29.
132See supra note 43 and accompanying text.
133See supra notes 75–77 and accompanying text.
134Id.
135See supra note 78.
136See Jones, 565 U.S. at 430 (Alito, J., dissenting).
137Id.
138See Carpenter, 138 S. Ct. at 2218.
139Amulya Shankar, What’s Your ‘Trust Score’? China Moves to Rate Its 1.3 Billion Citizens, USA Today (Nov. 10, 2017), https://www.usatoday.com/story/news/world/2017/11/10/whats-your-‌citizen-trust-score-china-moves-rate-its-1-3-billion-citizens/851365001/ [https://perma.cc/5YK2-2‌R‌‌‌4T].
140Id.
141U.S. Const. amend. XIV., §1.
142See, e.g., Mullane v. Central Hanover Bank & Trust Co., 339 U.S. 306, 313 (1950).
143424 U.S. 319 (1976).
144Id. at 335.
14528 F. Supp. 3d. 1134 (D. Or. 2014).
146Id. at 1161.
147See Shirin Sinnar, Towards a Fairer Terrorist Watchlist, 40 Admin. & Reg. L. News 4, 4 (2015).
148See Chelsea Creta, The No-Fly List: The New Redress Procedures, Criminal Treatment, and the Blanket of “National Security”, 23 Wash. & Lee J. Civil Rts. & Soc. Just. 233, 247-56 (2016); see also Latif v. Holder, 686 F.3d 1122, 1130 (9th Cir. 2012); Mokdad v. Lynch, 804 F.3d 807, 808 (6th Cir. 2015).
149See Sinnar, supra note 136, at 4.
150Id.
151See id.
152See id. at 4–5.
153Latif v. Holder, 28 F. Supp. 3d. 1134, 1148 (D. Or. 2014).
154See id. at 1151–54.
155Id. at 1152–53 (“even simple factual errors may go uncorrected despite potentially easy, ready, and persuasive explanations”).
156Id. at 1153 (quoting Al Haramain Islamic Found., Inc. v. U.S. Dep’t of Treasury, 686 F.3d 965, 982 (9th Cir. 2012)).
157Id. at 1153.
158Id. at 1154.
159Id.
160Id.
161See Id. at 1161–62.
162Id. at 1160–61.
163Id. at 1161.
164Id. at 1162.
165See Sinnar, supra note 136, at 4.
166429 U.S. 589 (1977).
167Id. at 599; see also Nixon v. Adm’r of Gen. Servs., 433 U.S. 425, 457 (1977).
168See Nat’l Aeronautics and Space Admin. v. Nelson, 562 U.S. 134, 138 (2011) (“We assume, without deciding, that the Constitution protects a privacy right of the sort mentioned in Whalen and Nixon.”).
169See Kimberlin v. U.S. Dep’t of Justice, 788 F.2d 434, 438 (7th Cir. 1986).
170Id.
171See discussion supra Section III.B.
172Id. at 599; see also Nixon, 433 U.S. at 457.
173Whalen v. Roe, 429 U.S. 589, 593–95 (1977).
174See Spec. Order S09-11 supra note 67 and accompanying text.
175400 U.S. 433 (1971).
176Id. at 437.
177Hannemann v. S. Door Cty. Sch. Dist., 673 F.3d 746, 753 (7th Cir. 2012).
178Consider also that the racial makeup of those included on the SSL means that those falling in this second category are far more likely to be African-American than white.
179Latif v. Holder, 28 F. Supp. 3d. 1134, 1153 (D. Or. 2014) (internal quotations omitted).
180See Jessica Saunders, et al., Predictions Put into Practice: A Quasi-Experimental Evaluation of Chicago’s Predictive Policing Pilot, 12 J. Experimental Criminology 347, 347 (2016) (“Individuals on the SSL are not more or less likely to become a victim of a homicide or shooting than the comparison group.”).
181Wilson v. Constantineau, 400 U.S. 433, 437 (1971).
182740 Ill. Comp. Stat. 23/5(a) (2017).
183McFadden v. Bd. of Educ. for Ill. Sch. Dist. U-46, No. 05 C 0760, 2006 WL 6284486, at *8 (N.D. Ill. 2006) (internal quotations omitted).
184Cent. Austin Neighborhood Ass’n v. City of Chicago, 1 N.E.3d 976, 980 (Ill. App. Ct. 2013).
185McFadden, 2006 WL 6284486, at *8.
186See supra note 49 and accompanying text; Kunichoff & Sier, supra note 24; Dumke & Main, supra note 28.
187See Kunichoff & Sier, supra note 24.
1881 N.E.3d at 980.
189740 Ill. Comp. Stat. 23/5(a)(2) (2017).
190Cent. Austin, 1 N.E.3d at 980.
191See Spec. Order S09-11, supra note 25.
192See Saunders, et al., supra note 167 at 347 (“Individuals on the SSL are not more or less likely to become a victim of a homicide or shooting than the comparison group”).
193Cent. Austin, 1 N.E.3d at 980.
194Id.
195See Frank Main, Murder ‘Clearance’ Rate in Chicago Hit New Low in 2017, Chi. Sun Times (Feb. 9, 2018) (describing a murder clearance rate of 17.5%), https://chicago.suntimes.com‌/‌chicago‌-‌pol‌itics/murder-clearance-rate-in-chicago-hit-new-low-in-2017/ [https://perma.cc/3CQF-L‌QFE].
196Cent. Austin, 1 N.E.3d at 983.
197565 U.S. 400 (2012).
198138 S. Ct. 2206 (2018).
199See 424 U.S. 319, 335 (1976).