SALT LAKE CITY — A new report by the Utah State Auditor recommends a series of measures on data privacy in the aftermath of the controversy surrounding Banjo, the Utah-based company that gathered social media, traffic cameras, 911 information and other government data into a massive monitoring system.
The report, released Monday, is the culmination of an audit requested by the Utah Attorney General's Office surrounding the company, after revelations that the company's former CEO had a past that included ties to the Ku Klux Klan.
FOX 13 first reported on Banjo in 2019, when the attorney general's office went before a legislative committee and lawmakers learned the scale and the scope of the company's $20 million work for the state. Banjo took data gleaned from public and government data sources to create a near-real-time alert system for law enforcement. Utah Attorney General Sean Reyes defended Banjo, insisting it could be valuable for emergency response and insisting the data was anonymized.
Utah State Auditor John Dougall's commission was tasked with looking at questions of privacy and bias in Banjo's systems. Civil liberties groups have repeatedly questioned whether data was truly anonymous, and whether technologies like facial recognition or biometrics unfairly targeted minorities.
The report made a number of recommendations for future dealings with tech companies and questioned claims any collected data was truly anonymous.
"Government entities should fully understand their data. They should limit sharing of sensitive data (private data, PII, etc.) to the greatest extent possible to protect individual privacy and should not share more than is necessary to perform the required task," the report said.
"Data should be filtered and restricted within the government’s systems before being transferred into the vendor’s application. Wherever possible, a government entity should anonymize data, but government entities should recognize that sensitive data can be reconstructed from previously anonymized sources."
Banjo's funding by the state was halted. In a statement to FOX 13, Reyes said he supports the findings.
"The Attorney General’s Office supports the recommendations, standards, and benchmarks in the commission’s final report. This will be valuable to our office, law enforcement statewide, and all levels of government," he said.
"We currently employ many of these principles in our vetting processes and look forward to utilizing the specific benchmark questions presented by the commission.
The AG’s Office remains committed to protecting the privacy and civil rights of Utahns, and appreciates the work and expertise of those who contributed to this report. Within those guidelines, our office also remains committed to innovation and keeping Utah safe with the most effective crime fighting tools available."
In a statement, Dougall said the commission's findings could be applied to future companies that seek government contract work.
"As the depth of expertise on the commission would not be easy to re-create for every potential contract for every agency or entity, these new documents help capture that expertise for use statewide to help protect Utahns’ privacy and prevent discrimination against them," he said.
House Majority Leader Francis Gibson, R-Mapleton, recently introduced a bill to set limits on government data collection including the creation of a statewide "privacy officer."
Read the findings by the Utah State Auditor here: