Skip Navigation

A Roadmap for Implementing Rules on Racial Profiling

The Justice Department’s new guidelines contain some improvements, but the Biden administration must do more to stop discrimination.

Last Updated: September 5, 2023
Published: September 5, 2023
Department of Justice building
Jacquelyn Martin/AP

This article was first published by Just Security. 

Earlier this year, on the third anniversary of the murder of George Floyd, the Justice Department (DOJ) updated its guidance on the use by federal law enforcement agencies of race, religion, and other protected characteristics. The guidance covers only DOJ, although other agencies are encouraged to adopt it as well. The Department of Homeland Security (DHS) has already done so and charged its civil rights office to lead an effort to update the department’s own flawed rules, including those for operations the DOJ guidance does not cover, such as its border interdiction activities and screening programs for travelers and immigrants.

The new rules replace the DOJ’s prior guidance from nearly a decade ago, and include some welcome improvements – they now protect people with disabilities and explicitly cover more officials, including those supporting law enforcement and intelligence activities. Unfortunately, the revised rules continue to afford law enforcement broad latitude to consider traits like race or religion when deciding whom to target, leaving the door open for decisions driven by bias rather than credible evidence of wrongdoing. The Biden administration should take additional steps to rein in this risk, which we outline below.

New Rules Leave Too Much Discretion to Profile 

The new guidance permits officials to consider characteristics such as race and religion when deciding whom to surveil or investigate as long as: 1) there is relevant and “trustworthy” information that contains “context- and content-specific details” relating to factors such as time, place, and method; 2) that ties a person or group with a protected trait to a criminal activity, national or homeland security threat, immigration violation, or authorized intelligence activity; and 3) officials reasonably believe what they are doing is merited under the circumstances.

Although this standard bars the most obvious cases of biased decision-making (e.g., an officer pulling someone for a traffic infraction because they are Latino), it imposes few other practical limits on racial and other forms of profiling. Consider an example from the guidance itself. According to the DOJ, if a terrorist group located in southeast Asia mainly made up of a particular ethnic group releases poison gas overseas in an area which many American tourists visit, the FBI can permissibly focus on members of that ethnic group in developing sources to provide intelligence about potential threats to the United States. The relevant and trustworthy requirement of the guidance applies to information tying the group to the overseas activity and its ethnic make-up. But there is no similar requirement of relevant and trustworthy information linking the particular individuals targeted in the United States and any criminal activity or security threats. As the guidance itself states , their shared ethnicity with the foreign group, along with other information that hardly bears on threat and is instead common among the relevant diaspora community (e.g., travel to southeast Asia), would be sufficient . The guidance—and this example in particular—thus validates longstanding biased practices, such as the FBI’s scrutiny and questioning of people in diaspora Muslim communities in the wake of violence overseas, sowing fear and confusion among thousands.

The guidance also validates reliance on previous crime data to focus policing efforts on minority neighborhoods, on the theory that doing so is “not based on race, but rather on trustworthy data and information.” But by now it is beyond well-documented that such data reflects historical prejudices in policing practices. Using such information to allocate law enforcement resources only perpetuates a feedback loop that amplifies the biased policing the guidance purports to prevent.

As communities of color and civil rights advocates have repeatedly pointed out, profiling rules that allow law enforcement to define politically loaded terms such as “threat” without safeguards have long contributed to an environment in which certain groups of people–including Muslim-Americans (as potential members of al -Qaeda or ISIS), Black activists (as potential “Black Identity Extremists”), and Asian-Americans (as potential spies for the Chinese Communist Party)–have been targeted because of their race, religion, or ethnicity.

Preventing Abuse of Discretion

The new DOJ guidance does attempt to address some of this potential for abuse, requiring the department to train covered personnel on its “substance and application” within six months and set up a regular, ongoing training program within a year; collect data and study its implementation; and ensure accountability for violations. This framework requires extensive development to serve as a bulwark against the discretion bestowed by the guidance. Below we provide recommendations for doing so.

Training. Training is the easiest implementation step agencies can take. But training works best when standards are clear, and the “context- and content-specific” weighing that the DOJ guidance requires of agents is hardly that. Nonetheless, training can provide an opportunity for staff to probe the limits of the discretion permitted by the guidance and—importantly—to affirm agency leadership’s commitment to elevating anti-profiling rules as a core consideration in carrying out their duties. Training should be conducted in person, not relegated to an online course that too easily becomes a box checking exercise.

Auditing. But training by itself is not nearly enough. Having granted agents so much discretion, the agencies must create systems for auditing their law enforcement and intelligence programs to ensure that discretion is not being misused. In fact, various parts of the DOJ have already conducted ad-hoc audits of sensitive and complicated programs – these can serve as templates for a systematic auditing process. The FBI’s Office of Internal Auditing has audited agents’ queries of data collected without a warrant under Section 702 of the FISA Amendments Act of 2008 to check whether they were justified. It found that thousands of FBI queries of U.S. persons’ data continued to violate the rules even after prior reviews by other parts of the government had revealed, for example, the bureau’s abuse of these authorities to target Black Lives Matters protestors and donors to a congressional campaign. The DOJ’s Civil Rights Division is known for undertaking “pattern-or-practice” investigations to diagnose and remedy systemic discrimination by local police departments. These investigations regularly combine techniques ranging from reviews of how frequently officers had reasonable suspicion or probable cause to evaluations of differences in hit rates among racial and ethnic groups (e.g., the rate at which a stop leads to an arrest) to interviews with community members and police officers, all with the goal of developing a holistic view of a given municipality’s policing practices and identifying any necessary reforms. The DOJ’s Office of the Inspector General has previously reviewed DEA interdiction programs that gave agents significant discretion as to whom to stop, even highlighting the lack of data to determine whether they were being done “impartially or effectively” in light of civil rights concerns.

To gain a more comprehensive understanding of the risk of discriminatory profiling, agencies implementing the guidance should aim to review a range of representative programs. For example, audits should cover some programs that cast a wide net over large numbers of people, and which often rely on a combination of risk assessment tools and watchlists in addition to officer discretion to trigger follow-up action (e.g., the screening of air travelers). Programs that focus on particular people or groups and are handled on a more bespoke basis should also be covered.

An example of a program that entails more bespoke judgments is an “assessment,” a type of FBI investigation that is covered by the guidance and entails a high risk of bias because it does not require a factual predicate as long as an agent has a broadly defined “authorized purpose” (e.g., preventing crimes or national security threats). The FBI’s Office of Internal Auditing could review a sample of documentation – such as standard complaint forms or communications and memos – used to justify the opening of an assessment. The office could examine whether the data suggest that agents tended to focus on people of a certain ethnicity or religion, the degree to which factors like race or religion played a role in conducting an assessment, whether agents complied with the “authorized purpose” standard and relied on trustworthy and relevant information, and the extent to which their decisions are documented. Auditors could also look at how often assessments actually contributed to identifying criminal activity.

In addition to exposing any disparate impacts, audits should provide valuable insight on law enforcement practices that raise a risk of non-compliance with the guidance. With respect to FBI assessments, for example, a failure to document key decisions, particular cases suggestive of profiling, a routine reliance on bad intelligence, repeated complaints of misconduct, or a low rate of progression to full investigations or prosecutions could all provide valuable information that could be used to recalibrate the program.

To bolster the independence and legitimacy of audits and to protect privacy rights, we recommend several measures. First, audits should be conducted by an entity with some distance from the part of the agency being reviewed. Second, audits should be public to the greatest degree possible to let outside stakeholders and experts weigh in on whether they have been conducted rigorously and what their findings mean. Finally, to protect privacy, agencies should rely on data that they already collected to carry out audits. If additional data is absolutely necessary, access should be limited solely for auditing purposes, and the data should be promptly deleted.

Redress. An accessible, independent, and transparent complaints procedure is another critical component of effective implementation. An effective complaints process means giving individuals harmed by an agency’s actions the opportunity to seek redress as well as obtain insight into whether programs are operating in a biased manner. The guidance requires agencies to track complaints of bias but provides no further details and requires significant development.

DOJ and DHS use different mechanisms to report racial profiling, but neither agency has a particularly robust scheme. Profiling complaints relating to DOJ agencies may be made to the agency concerned. But people who believe they have been profiled by an FBI agent, for example, will likely put little store in complaining to the FBI itself. In addition, allegations of “improper profiling or bias” can be reported to the DOJ’s Office of Inspector General, but this mechanism is unlikely to be easily accessible to most people.

DHS nominally has more visible and independent processes. Complaints can be lodged with its Office of Civil Rights and Civil Liberties and may be investigated by either that office or DHS’s Inspector General. But the process is opaque, with little information disclosed to the complainant about how problems they raised have been addressed. Other DHS complaint channels for specific programs, such as Travel Redress Inquiry Program (TRIP) for watchlisting complaints, have been criticized by multiple courts as a “black box” or “black hole” that didn’t do enough to protect complainants’ legal rights. For the most part, neither DOJ nor DHS provide any manner of redress to those who complain about profiling, reducing the incentives for people to complain.

The agencies must do better. They should establish complaint processes that include: an intake channel that is independent from law enforcement operations (i.e., that doesn’t require people to lodge complaints with the very units alleged to be improperly targeting them); clear and accessible information on how to lodge complaints; a transparent process for considering complaints and a meaningful opportunity for the complainant to fully present their grievance; timely resolution of complaints; and an appropriate remedy if a complaint is found to be valid.

Assigning Responsibility. To help drive the change necessary to remove bias from law enforcement and intelligence operations, the head of each agency should charge high-level officials within each unit with responsibility for implementing the guidance. Their names should be published on the agencies’ websites, and they should report regularly — both to the heads of the agencies and the public — on the status of implementation efforts.

The guidance aspires to ensure that “fairness, equality, and impartiality are hallmarks of the American justice system.” This is a laudable goal, but the new DOJ rules leave us too far from the goalposts. Unless the guidance is followed up with robust measures to support accountability, as outlined above, it will fail to meaningfully address discriminatory profiling.