Using Data Governance and Data
Management in Law Enforcement
Building a Research Agenda That Includes Strategy,
Implementation, and Needs for Innovation
John S. Hollywood, Dulani Woods, Samuel Peterson, Michael J. D. Vermeer,
BrianA. Jackson
EXECUTIVE SUMMARY
RESULTS
• Develop tools and training that can make non-
traditional data—especially free text in database
comments and community surveys—available for
decisionmaking.
• Federal or state standards or guidelines for vendors
should be expanded to include data shareabil-
ity, data ownership, data usage provisions, and
transferability.
• Establish model policies on performing technology
audits that can identify the key security, privacy, and
civil rights risks of new technologies and identify
mitigation strategies.
• Develop model policies and auditing for methods
that identify certain people as high risk, prejudging
people before they have committed crimes. Any
such method should be transparent, require a crimi-
nal predicate, and include due process.
• Disseminate model roles and responsibilities for
persons accountable for data (who might not be in
police departments).
• Develop common contract language that includes
such critical data governance requirements as data
privacy, data ownership, legal and regulatory com-
pliance, and transferability.
SELECTED PRIORITY NEEDS
Law enforcement officers at all levels, as well as policymak-
ers and community safety partners, are strongly dependent on
data to make decisions. However, both experts and assessments
have repeatedly identified major problems with the quality and
interoperability (both broadly defined in this report) of law
enforcement data, with the result sometimes being the hamper-
ing of law enforcement decisionmaking and operations.
e fields of data governance and data management (DG/
DM) specifically address approaches to making data better
by improving the quality and interoperability of data. Data
governance concerns the control (planning and management)
of actions, including policies, organizational structures, and
formal procedures. Data management concerns the execution
of those actions, including technical, educational, and cultural
efforts, to improve data. DG/DM also include stakeholder
engagement, which covers practices to identify what an orga-
nization’s internal and external stakeholders need for data and
to build support within the organization to make changes to
address those needs. DG/DM address organizational, policy,
and procedural requirements, as well as the strategy and man-
agement of technical activities to improve data, but not the
completion of the technical activities themselves.
On behalf of the National Institute of Justice, the Police
Executive Research Forum and RAND convened a work-
shop on April 18 and 20, 2023, to solicit input from experts
on law enforcement information technology; DG/DM; and
privacy, constitutional law, and data law to identify the most-
pressing needs to leverage DG/DM knowledge to enable
major improvements in the quality and interoperability of law
enforcement data.
