Share this page!

Jackie 👁 Profile picture
Twitter logo
14 Oct, 53 tweets, 17 min read
“It has also damaged our company's enterprise value causing our stock price to fall”, Shotspotter CEO Ralph Clark told The Daily Beast

And fall, it did. But is this really @VICE's fault? Or has word been getting around about their #surveillance tech's ineffectiveness?

Hmm 🧵
First of all, what is ShotSpotter? Here's how they describe their technology & process.

Essentially, their technology wiretaps neighborhoods in an attempt to alert police in the event of a gunshot detection.

Ninety (90) U.S. cities were already using this technology as of 2017.
The primary article they're complaining about in the lawsuit against VICE dropped on July 26th and describes outright fabrication of evidence (fraud) in one specific case and suggests this may have occurred in other cases.

vice.com/en/article/qj8…
Here's the statement from S.T.O.P.'s Executive Director @FoxCahn about these allegations of evidence tampering.

stopspying.org/latest-news/20…
A seventh-grader, Adam Toledo, was killed in Chicago in March when ShotSpotter picked up a sound and dispatched Police.
As you can see by this chart, their stock price did begin to drop around the time of the article's release, and hasn't recovered.
When an issue involves a public company, I like to look at what the financial analysts have to say about the stock's trend, and what the company itself tells shareholders both in their Quarterly Earnings Calls and in their income/operating statement.
Here is a transcript of their most recent earnings call.

seekingalpha.com/article/444798…
Here's what the CEO led with:

"Quarterly adjusted EBITDA was $2.9 million compared to $3.4 million last year."

Read: "Our revenue dropped this quarter compared to the same quarter last year
"The decrease was largely due to unbudgeted marketing and legal spend associated with addressing a 'defund the police' variant intended to falsely smear the efficacy of our real-time acoustic gunshot detection and post incident forensic services."

Read: "Not our fault"
"Although distracting this misguided effort for now appears to have had little to no impact on our short-term to medium-term revenue growth prospects."

Read: "Don't worry, even though I led with this, none of it matters, stay calm, hold/buy more of our stock)
"However, we intend to vigorously defend our long-term brand reputation and are carefully evaluating our strategic options, including legal actions going forward."

Read: "Heads up: We're going to have a spend a lot more money on lawyers to raise the stock price again."
The worst thing here is that the CEO decided to use fallen police officer Ella French's name to market his company and gain sympathy amongst the shareholders.
Here's Adam, who was 13 when he was chased and gunned down by police due to a ShotSpotter dispatch.

He had no bullets. Someone else fired the shots which were detected. Either way, extrajudicial murder should never be condoned.

We are a country of laws, and we failed Adam.
On August 24th, the Chicago nonpartisan watchdog agency, Office of Inspector General, released a comprehensive report about ShotSpotter's ineffectiveness.

Industry analysts took note.

seekingalpha.com/pr/18447592-ch…
"The inspector general’s office found that between Jan. 1, 2020, and May 31 of this year, over 50,000 ShotSpotter alerts were confirmed as probable gunshots, but that actual evidence of a gun-related crime was found in about 4,500 instances, or only about 9%"

NINE percent?!
Imagine dispatching police - expending limited resources - sending people armed with badges, tasers, nightsticks, and guns - to investigate a "threat" which has a 91% chance of being NOTHING.
In the world of information security, a 9% effectiveness rate would mean a complete scrapping of the detection technology in question.

No organization can AFFORD to spend that kind of time on what are essentially false positives.
Here's the OIG report [PDF]: igchicago.org/wp-content/upl…

Scroll to page 22-23 to read their conclusion that the system doesn't work.
@RonWyden agrees. This technology is actively HARMING people. Especially brown and Black communities.

People are getting thrown in jail over bad or potentially fabricated evidence. It's not OK.

When pressed about potential errors from the company’s algorithm, ShotSpotter CEO Ralph Clark declined to discuss specifics about their use of artificial intelligence, saying it’s “not really relevant.”

^^^
This topic is also relevant to #EthicsinAI! Very relevant!
65-year old Michael Williams sat behind bars for almost a year, accused of murder, before a judge dismissed the case against him last month at the request of prosecutors, who said they had insufficient evidence.

While in jail, Michael made concrete plans to take his life.
Prosecutors said ShotSpotter indicated Williams shot and killed the man.

“I kept trying to figure out, how can they get away with using the technology like that against me?” said Williams, speaking publicly for the first time about his ordeal. “That’s not fair.”
ACLU points out many problems with this opaque, non-peer-reviewed or independently-evaluated product.

"The company turned down a request by the independent security tech research publication IPVM to carry out independent tests of its methodologies."

aclu.org/news/privacy-t…
In addition, many agencies may try to downplay or even hide their use of this technology. Most agencies do not publish a list of the automated technologies they use in the process of policing.

nydailynews.com/opinion/ny-ope…
What we've learned so far:

- There is no evidence this product works
- Evidence may be modified during the analysis process
- A false positive seems to have led to the police killing of a child
- Its effectiveness is not independently evaluated
- Chicago OIG said it doesn't work
- People are being thrown in jail on serious charges which were later dropped due to lack of evidence based on the output of this system
- Police agencies are not typically transparent on their use of this technology
- 20 to 25 microphones per sq. mi. are deployed & monitored
We've also learned that word is out about ShotSpotter's lack of effectiveness as our "criminal justice system outsources some of society’s weightiest decisions to algorithms and computer code", which they claim is a trade secret and won't reveal.

apnews.com/article/techno…
Jonathan Manes, an attorney and adjunct professor at Northwestern Law, released a report earlier this year analyzing ShotSpotter alerts. His numbers look aligned to other analyses, including Chicago OIG

Here's the actual text of the lawsuit against VICE.

shotspottercomplaint.com/gallery/202110… [PDF]
All of the things I've said in this thread are my own opinions only, not S.T.O.P.'s.

But how much editorializing is really needed in order to present the facts as they stand?

Does @AP have a habit of reporting on things that aren't relevant or factual?
@AP Industry analysts were already concerned about the lack of upside and future growth of ShotSpotter's stock back in 2020.

seekingalpha.com/article/435245…
Some communities have investigated ShotSpotter's effectiveness, finding unacceptably high false positive rates, and/or have decided ShotSpotter isn't worth the expenditure.

For example:

kark.com/news/working4y…
Fresno, CA

abc30.com/fresno-police-…
Oakland, CA

smartcitiesdive.com/news/oakland-c…
Pittsburgh, PA

wtae.com/article/critic…
Fall River, MA

heraldnews.com/news/20180420/…
San Diego, CA

"One officer confided to his colleagues in an email that the cost of the program — totaling more than $1m — wasn’t worth it."

voiceofsandiego.org/topics/public-…
So, we know many police departments have used this technology in the last half-decade, with many deciding the data no longer justified the expenditure.

Looks like word was already out on the street about the ineffectiveness of the technology long before VICE wrote about it.
At a trial in 2017, a forensic analyst for ShotSpotter testified in court that the company’s accuracy guarantee had been invented by its marketing team.

That analyst is listed in the VICE lawsuit as one of ShotSpotter's current two forensic experts.

sfexaminer.com/news/courtroom…
“Our guarantee was put together by our sales and marketing department, not our engineers,” Greene said.

“We need to give them [customers] a number,” Greene continued. “We have to tell them something. … It’s not perfect. The dot on the map is simply a starting point.”
Durham, NC

9thstreetjournal.org/2019/11/13/a-t…
Kansas City, MO

smartcitiesdive.com/news/reckoning…
Data concluding this technology is effective was shown to be "elusive" to communities as far back as 2016:
wpr.org/milwaukee-comm…
A Forbes analysis in late 2016 said police were unable to find evidence of gunshots between 30%-70% of the time.

forbes.com/sites/mattdran…
St. Louis, MO

stltoday.com/news/local/cri…
In 2019, a financial analyst noted the technology is not mature and riddled with false positives per the numerous reports nationwide:

"The lack of maturity of the technology is causing several customers to stop their subscription to ShotSpotter services"

seekingalpha.com/article/426899…
Anyway, in the wake of all this evidence that ShotSpotter doesn't work, and leads to poor outcomes, especially in marginalized communities, here is the list of cities in which they operate.

Is your city on the list?

shotspotter.com/cities/
Fun stuff from San Francisco's former contract with ShotSpotter:

sfcoit.org/sites/default/… [PDF]

(This is the only mention of the word "privacy" in the text)
Customers aren't allowed to disclose implementation details, including "your deployment methodology, results, or related facts"
IANAL, and again, my opinions only, but pretty sure we shouldn't be allowing these types of terms in contracts for technologies which provide policing automation.

🚩🚩🚩🚩
@threadreaderapp unroll

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Jackie 👁

Jackie 👁 Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @hackingbutlegal

Jackie 👁 Profile picture
13 Oct
With iOS 15, Apple has ended my ability to link two of my wireless radios to create a hotspot without interference from my wireless service provider, eliminating my choice to work from a coffee shop this morning and to use the hardware I own in the manner I so choose
I can no longer turn on the Hotspot (CONTROL MY OWN HARDWARE RADIOS) without permission from Verizon
This probably has something to do with the fact that I changed off an unlimited plan a few weeks ago, but changed back to it recently. Maybe it isn't iOS 15- it was always a problem, and I'm only noticing because I switched off an unlimited, hotspot-inclusive wireless plan.
Read 4 tweets
Jackie 👁 Profile picture
25 Sep
I want to share something important I learned thru the process of producing NFTs with my partner @0xBanana over the past months

I had a valuable realization stemming from the creation of new things of uncertain value & shipping them to buyers

This is for the #infosec crowd

1/8
Creating art which is then roundly enjoyed by others has helped me with perfectionism.

Intellectually, I know that ‘perfect is the enemy of good’.

Unfortunately, my standards for my own work are often far too high to encourage incremental progress & learning in public.

2/8
Part of the reason why I feel that way is because the security community is so frequently negatively judging. As this is the community I joined from a young age, it has molded my behavior to be far too constrained & limited — in direct opposition to the hacker ethos.

3/8
Read 10 tweets
Jackie 👁 Profile picture
25 Sep
People who cheat & steal harm the rest of us through their actions. These “bad apples” who act in their own self-interest above the common interest tend to rely on secrecy and obfuscation in order to commit their misdeeds.

Open ledgers are hedges against corruption.
One can have privacy without secrecy. This is the model being tested in cryptocurrency now.

If you’re interested in learning about some avant-garde technical work, check out the work done by various groups to advance the concept of Decentralized Autonomous Organizations (DAOs).
It would be really cool to establish HackerDAO. I’ve given it a lot of thought, but ultimately I don’t think that it is an ‘idea whose time has come’ for the majority of folks who follow me. These ideas take time to percolate, and DAOs are still a very niche idea at present.
Read 4 tweets
Jackie 👁 Profile picture
2 Sep
Have you ever wanted to drop out of infosec and become your own defensive consultant? Learn from us and our mistakes.

Some things @0xBanana and I learned running our first startup, a boutique cybersecurity consultancy 2018-2020.

A thread🧵

1/
Having lots of enterprise contacts will only get you so far.

Lg corps who have interesting infosec problems to solve typically won't hire a small consultancy unless they have a decent assurance the risk of doing so is low, and the value which will be gained will be high.

2/
Small to mid-size corps have much, much less interesting infosec problems to solve.

In this category, orgs who happen to have a budget with which to hire infosec mostly need product-focused security engineering support, and some nascent devsecops capability.

3/
Read 44 tweets
Jackie 👁 Profile picture
1 Sep
Australia just passed a nasty surveillance bill:

“When presented with such warrant […] Australian companies, system administrators etc. must comply, and actively help the police to modify, add, copy, or delete the data of a person under investigation”

tutanota.com/blog/posts/aus…
Politicians said the bill is intended to fight child exploitation (CSAM) and terrorism.

However, the bill enables law enforcement to investigate any "serious Commonwealth offence" or "serious State offence that has a federal aspect".
This wording enables the police to “investigate” any offense which is punishable by imprisonment of at least three years, including:

terrorism
sharing child abuse material
violence
acts of piracy (!!!!!)
bankruptcy
company violations
tax evasion
Read 4 tweets
Jackie 👁 Profile picture
31 Aug
This.

Despite all of the “intractable” problems we seem to have, for at least half of these, money gathered in service of our country and Her people, allocated carefully, is the solution.

Raising taxes on the top 1-10% helps solve this.

1/
Republicans refuse to participate in increasing taxation while claiming to be the party of limited government as justification. Excuse me, that ship sailed long ago.

For neocons, or whatever the GOP even are anymore, a small government is no longer a priority.

2/
The main priority of the GOP leadership (and a few Dem leadership as well), based solely on their actions, appears to be the acquisition & maintenance of power for power’s sake. In politics, money drives the machine, so they’ll do whatever is needed to keep it coming in.

3/
Read 7 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @hackingbutlegal has new unrolls!

Check out other threads from @hackingbutlegal!

Read all threads by @hackingbutlegal

:(