"You can’t boil the ocean when it comes to CX," Evan Davis said, underscoring a discipline at the heart of the FBI’s Criminal Justice Information Service (CJIS) modernization push.
CJIS: scale, stakes, and a customer-centric mandate
CJIS supports three named stakeholder groups — citizens, state and local law enforcement, and intelligence agency partners both domestically and internationally — and fields "millions of inquiries" each day, according to the source. Most of those inquiries must be completed "accurately within seconds of being received," and in law enforcement contexts a "fair percentage" can carry life-or-death consequences. Those operational realities are the immediate motive for the CJIS 2030 strategy, which Assistant Director Tim Ferguson has prioritized to transform how data and services are delivered to partners and the public.
Automation in practice: firearm adjudications and the tipline
CJIS has applied narrowly focused automation to concrete workflows and measured rapid gains. When the bureau automated certain parts of the firearm purchase authorization process, 94 percent of adjudications were completed within 15 minutes, with only 6 percent routed to humans for additional review. For the FBI’s public tipline, all calls are now transcribed and "automatically delivered to the examiner in the correct format for handoff to law enforcement." The tipline also uses AI to triage calls, identifying the most urgent or significant tips for expedited attention.
Both examples illustrate a recurring theme voiced by participants in the conversation: sensible, limited use of automation — with "strong human-in-the-loop oversight" — yields time savings and operational efficiencies without fully replacing human judgment.
Cloud, single sign-on, and a data mesh as architectural choices
Ferguson’s CJIS 2030 blueprint includes familiar federal modernization elements such as "moving to the cloud to facilitate data interoperability and accessibility." The plan also prioritizes a single sign-on environment for law enforcement and a "sophisticated data mesh" designed to let data "live where it is and be applied where it is needed." The approach ties technical architecture to a customer-centric concept: enable access and decision support closer to the point of need rather than forcing centralized workflows to absorb all traffic.
The source notes that some features are in effect today while others are "planned for release in the next four years," reflecting a phased rollout interleaving present capability with near-term modernization goals.
Security, governance, and the threat of shadow AI
Speakers flagged data protection as central to CJIS modernization. The conversation covered securing sensitive information, including personally identifiable information (PII) and protected health information (PHI), and the role of governance in managing risk. The source specifically recommends a governance board to ensure use cases remain "mission-aligned" and to prevent "shadow AI" from penetrating agency networks and introducing security vulnerabilities.
Those governance controls are presented not as optional compliance exercises but as operational enablers: they keep automation targeted, maintain human oversight where it matters, and reduce the risk that ad-hoc AI tools create openings for data loss or corrupted workflows.
How citizens, law enforcement, and agency technologists will respond
- Citizens: Will see alternative channels such as a deployed text-to-web system for reporting tips, which "eliminates the need to call the FBI and attempt to navigate the phone system, which is routinely overwhelmed."
- State and local law enforcement: Stand to gain from faster, higher-confidence responses through single sign-on access and faster adjudication or triage of inquiries that previously required protracted human processing.
- Agency technologists and security teams: Must design and enforce governance boards and human-in-the-loop checkpoints to protect PII and PHI, and to prevent unchecked "shadow AI" deployments from undermining enterprise security.
A practical conclusion and an open question
The CJIS story is emphatically practical: targeted automations and cloud-enabled architectures have already accelerated adjudications and improved tip handling, while governance is positioned as the blunt instrument against shadow AI and data risk. As Tim Ferguson has placed contact-center modernization at the center of CJIS 2030, the coming four years will test whether carefully scoped automation, single sign-on, and a data mesh can scale across millions of time-sensitive queries without eroding human oversight. The concrete question left by the record is whether governance mechanisms will keep pace with the planned technical rollout — and with what cadence those controls will be exercised as CJIS shifts more decision-support into automated workflows.
