City Of Boston Left License Plate Data Unprotected And Unencrypted

from the the-city-invites-you-to-perform-vanity-searches-on-its-ALPR-servers dept

If you want a rough estimate on how much respect law enforcement agencies (and the contractors they hire) have for your personal information, all you have to do is take a look at how well they protect the vast amount of data they slurp up.

Investigative reporter Kenneth Lipp has been digging up documents and data left unguarded by government contractors for several months now. While researching the use of ALPRs (Automatic License Plate Readers) in Boston, Lipp came across a publicly-accessible database of plate scans and motor vehicle records. The problem is: it wasn't supposed to be publicly-accessible.

Prior to two weeks ago, when this reporter alerted authorities that they had exposed critical data, anyone online was able to freely access a City of Boston automated license plate reader (ALPR) system and to download dozens of sensitive files, including hundreds of thousands of motor vehicle records dating back to 2012. If someone saw your shiny car and wanted to rob your equally nice house, for example, they could use your parking permit number to obtain your address. All they had to do was find the server’s URL.

This data wasn't being housed by Boston law enforcement. Instead, it was in the hands of its contractor, Genetec, which owns the popular ALPR brand, AutoVu. As Lipp points out, the city of Boston's first ALPR deployments were no big secret. The camera system was mounted on the roofs of Transportation Department vans along with sodium lights. The surveillance was no secret, but the data collected certainly was -- which was why it was left in the hands of a private corporation.

ALPRs were eventually noticed by watchdogs, and in 2004 spurred a public records request, which was denied by the BTD [Boston Transportation Department] on the grounds that the database was privately owned and “on loan” from AutoVu.

Ten years later, the city is still putting its faith (and its un-FOIA-able records) in Genetec. Not that Genetec deserves it. When Lipp pointed out its unguarded portal, it denied any responsibility for its carelessness.

Reached by email for this story, the company’s Vice President of Marketing and Product Management Andrew Elvish wrote that the server in question was a “location used by a customer to transfer data to be used in a parking or law enforcement patrol car, equipped with a Genetec system.” The data, Elvish added, was “not gathered by a Genetec AutoVu ALPR system … [which is] automatically encrypted.”

Lipp investigated further and found that the server was actually run by a Xerox subsidiary. Two hours after being notified of the security hole, the company closed it.

This would normally be the end of the story. But it goes on from there. What was uncovered during Lipp's foray into a supposedly secured and encrypted server points to further dishonesty, going beyond Genetec's disowning of a database it has (or had) direct access to.

As the ACLU's Kade Crockford points out, autogenerated notifications found on the server point to Boston law enforcement continuing to utilize a program it had previously told the public it would be abandoning.

I was surprised to discover these records because in 2013, in the wake of local reporter Shawn Musgrave's expose on privacy and civil liberties problems with the department’s license plate reader program, the Boston Police told the public that it was scrapping the program altogether. The Xerox records suggest scrapping isn’t at all what occurred. Indeed, the automated emails from BTD’s license plate reader program to the Boston Police, left on the Xerox server for anyone to download at will, appear to have started at around the same time the cops told the public they’d stopped using license plate readers. That's to say, instead of scrapping the program as the police told the public they would, BPD appears to have bootstrapped their license plate reader program from BTD data.

The government may claim license plate data has no expectation of privacy (unless you ask for it…) but people hardly expect their records to be exposed to the public at large. And they certainly don't expect them to be accessible from the web and stored in plaintext. Even if the public is willing to accept the portrayal of plate/location data as nothing more than the digital equivalent of human eyeballs on public streets, it will be far less likely to forgive the government's apparent disinterest in ensuring these records received even a minimal level of protection.

Filed Under: alpr, boston, license plate data, license plates, privacy, security
Companies: autovu, genetec

Cop Fights State Agency For Right To Place '0INK' License Plate On His Own Vehicle

from the this-is-why-the-word-'humorless'-often-precedes-'bureaucrat' dept

Vehicle vanity plates are a form of expression -- albeit one often severely limited by the arbitrary decisions of state agencies. Last year, we covered a man's battle against New Hampshire's Dept. of Motor Vehicles for the right to be subjected to increased police harassment attach a "COPSLIE" license plate to his car. He won (but probably also lost), in part because his backup vanity plate application -- for a government-hugging "GR8GOVT" -- was approved by the agency.

This put to lie the agency's claim that it only forbade plates that would be "offensive" to a "reasonable person." Many more people would disagree with the sentiment that government is "great" than would find the thought of cops lying "offensive." It didn't help that the agency also pointed out in its rejection paperwork that individual employees found his "COPSLIE" plate insulting -- thereby inserting the agency as a proxy for the average New Hampshirean.

Now, the shoe's on the other foot (to a certain extent...) and the battle is being fought in a different state. First off, it's a cop who's being denied his request for a vanity plate. The common ingredient is a highly-arbitrary rejection process. Here's a very brief summary, from Martha Neil's article for the ABA Journal.

An Indiana cop may be on the verge of regaining his treasured 0INK vanity plate.

The state’s top court heard arguments Thursday on a class action pursued by Greenfield police officer Rodney Vawter, with the help of the American Civil Liberties Union of Indiana, after his renewal application for the 0INK license plate was denied, the Associated Press reports.

Vawter, a rare self-effacing law enforcement officer, had the plate for three years before the state suddenly revoked it, claiming it was "offensive." Of course, the state seems to have no idea what is or isn't offensive, and simply rolls dice/throws darts/flips coins when dealing with vanity plate applications, as Tim Evans of the Indy Star pointed out earlier this year.

What's the difference between the words HATER and HATERS?

Nothing other than the letter "s" — unless you ask the Indiana Bureau of Motor Vehicles.

The BMV denied a personalized license plate request for "HATER" but approved one that said "HATERS."

It also denied "SXY" but approved "BIGGSXY." "FOX LIES" was rejected, but "FOX NEWS" was given a thumbs-up. "CNCR SUX" was a no-no, but "WNTR SUX" was A-OK.

The ACLU, which is representing Vawter in his license plate battle, found even more examples of the impossible (and impossibly flexible) "standard" the state's Bureau of Motor Vehicles applies to plate applications.

Ken Falk, the ACLU's legal director, cited plates the BMV has allowed that also might be deemed offensive, such as "BLK JEW," ''HATE" and "FOXY GMA."

It's this sort of thing that led to a county Superior Court judge declaring the BMV's inconsistent policy unconstitutional back in May. Nevertheless, the state's Solicitor General says the BMV retains the right to reject "offensive messages" -- which apparently covers Vawter's joking self-disparagement. It's taking this all the way to the state's Supreme Court. And rather than approve the "UNHOLY" license plate requested by a KISS fan (after approving others like "BIBLE4ME" and "GODTHANKS"), the BMV has simply chosen to stop issuing vanity plates until the Supreme Court makes a final decision.

Quite obviously, Vawter's plate would offend roughly zero people -- certainly far fewer than other plates the agency has issued. The fact that Vawter had the plate for three years before the BMV decided to claw it back only adds to general untrustworthiness of the BMV's slippery approval process. As it stands, the system is obviously (and almost flagrantly) unconstitutional. Hopefully, the state Supreme Court will make a final determination and force the BMV to give Vawter back his in-joke/vanity plate. And hopefully this determination will curb the number of rejections handed out by overly-sensitive bureaucrats with more power than skin thickness.

Filed Under: 01nk, free speech, indiana, license plates, new hampshire, police
Companies: aclu

City of San Jose Looking To Attach Automatic License Plate Readers To Garbage Trucks

from the proxy-police dept

Because automatic license plate readers just aren't efficient enough -- what with their ability to capture hundreds, if not thousands, of plate scans per hour -- San Jose's city government is looking to deputize other businesses and their vehicles in its quest to achieve 100% coverage of the city.

Mayor Sam Liccardo and Councilmen Johnny Khamis and Raul Peralez proposed that the city consider strapping license plate readers to the front of garbage trucks, allowing them to record the plates of every car along their routes. The data would be fed directly to the Police Department from the privately operated trash trucks, prompting an officer to respond to stolen vehicles or cars involved with serious crime.

"We can cover every street at least once a week and possibly deter thieves from coming into our city," Khamis said. A committee chaired by Liccardo that sets the council's agenda voted Wednesday to continue exploring the idea.

San Jose won't be the first city to use non-police vehicles to do its plate scanning. As was covered here earlier this year, Hampton, Virginia has mounted an ALPR to a "city van" and uses the data collected to chase down the city's tax evaders -- a term that includes anyone who owes $5 or more to the city. Another town doesn't even use a city vehicle. Isle of Wight completely outsources its plate scanning efforts, putting it solely in the hands of a private company with its own plate scanners.

While it's true that a vehicle parked on a public street (or one that can be viewed from a public street) has no expectation of privacy, the amount of data gathered still raises privacy-related concerns. It's one thing to view a vehicle on a public street with a set of human eyes. It's quite another when this set of "eyes" compiles thousands of plate-location records and stores them for weeks or months. Once that happens, it's no longer just random cars on random streets. It's long-term tracking.

At this point, the plan is still in its proposal stage. City officials say at least one sanitation company is already on board with the proposed program.

Khamis said Wednesday's action is only the first step in a long process. The proposal calls for city officials to explore the "feasibility, legality and civil liberties implications" of garbage-truck mounted license plate readers. Questions the council members asked the city to consider include the process of transferring license data from the private garbage trucks to the police, whether they would be subjected to the same or different policies governing police car license readers and whether other cities have taken similar measures and how they worked.

Beyond the civil liberties implications, the city needs to examine the reality of what it's doing: using public funds to purchase law enforcement equipment to place on private vehicles. And it needs to ask itself whether the people providing these funds -- taxpayers -- are on board with the use of private companies as an extension of law enforcement. It also needs to examine its motives thoroughly. Just because there's no expectation of privacy doesn't necessarily mean government bodies should strive for 100% exploitation of these areas.

Filed Under: alpr, garbage trucks, license plates, privacy, san jose

Philly PD Declares All Drivers To Be 'Under Investigation' While Denying Request For License Plate Reader Data

from the the-REAL-wretched-hive-of-scum-and-villainy dept

We've all heard nasty things about the citizens of the apparently ironically-named "City of Brotherly Love." They'll boo Santa Claus. They throw batteries at opposing baseball players... and their own. And that's just the sports fans.

More bad news has just arrived on the "We're all not that terrible" PR front: according to Philly's police department, each and every car owner whose vehicle's license plate has had the misfortune of being scanned by the PD's license plate readers is some sort of criminal. Charges TBD.

The City of Philadelphia does not want you to know in which neighborhoods the Philadelphia Police Department (PPD) is focusing their use of powerful automatic license plate readers (ALPR), nor do they want disclosed the effectiveness (or lack thereof) of this technology, as they continue to fight a Declaration public records request filed in January with MuckRock News.

City officials argue in their response that every metro driver is under investigation, in an effort to exempt so-called criminal investigatory records from release under PA’s Right-to-Know Act:

Moreover, records “relating to or resulting in a criminal investigation” are exempt from disclosure under the Act, in particular “[i]nvestigative materials, notes, correspondence, videos and reports.” 65 P.S. § 67.708(b)(16)(ii). Such individual license plate readings and accompanying information are investigative materials that relate to individual criminal investigations, and, as your request indicates, these investigations may result in vehicle stops, arrests, or other police actions. Therefore, the individual license plate reading data is exempt from disclosure under the Act.

Investigative reporter Dustin Slaughter and The Philly Declaration have been battling the city for access to two weeks of raw ALPR output and, after multiple appeals, have been told every scan is exempt because every scan is part of a criminal investigation. This bizarre claim echoes the Los Angeles Police Department's public records request-thwarting declaration: all scans are, and always will be, tied to investigations.

The Declaration is seeking this data to see if deployment patterns signal any sort of bias or prejudicial treatment. What it has managed to pry free from law enforcement are the following facts: At least 10 ALPRs are in steady use. Non-hit data is retained for a year. Data actually related to investigations is held indefinitely. (Which would mean -- if the PD's stated logic holds -- that all scans are held indefinitely...)

The PD did hand over some summary data "pertaining to the time period requested," but it must have grabbed the wrong figures or misread Dustin Slaughter's request. He asked for data for a two-week period (Jan. 1-14, 2015). These are the numbers the PD handed over.

Number of Tags Read: 22,810,687
Terror Watch Reads: 77
Stolen Autos Recovered: 420
Stolen Plates Recovered: 23
Felony Arrests Made: 19
Misdemeanor Arrests Made: 9
Total Read Hours ALPR Fleet: 81,197

While it's theoretically possible 22 million plates could be scanned in two weeks, there's no way the Philly PD racked up 81,197 read hours during that time period, even if distributed across multiple vehicles. If this is a two-week period summary, the PD would need 241 units running 24 hours a day to hit the quoted "read hours."

But even if these numbers are a lifetime summary of the the ALPR program, they're still pretty impressive… at least in terms of scanning efficiency.

The department launched its ALPR program in or around 2011, according to Newsworks’ reporter Tom MacDonald.

This means the department is raking in around 7 million scans per year. On the other hand, if 22 million scans have only generated 19 felony arrests, you have to start wondering about the return-on-investment -- something that doesn't exactly back up Commissioner Charles Ramsey's claim that the ALPRs are "highly effective crime fighting tools." While it's nice to see the department is recovering around 140 stolen vehicles every year, it's a bit more disheartening to hear that it's only led to 28 total arrests -- especially when it considers every single one of these 22 million scans to be part of criminal investigations.

Filed Under: alpr, investigations, license plate readers, license plates, philadelphia, philadelphia pd, philadelphia police, privacy

DHS Takes Another Stab At License Plate Database, But This Time With More Privacy Protections And Transparency

from the it-can-be-taught dept

About a year ago, the DHS -- seemingly completely oblivious to the fact that domestic surveillance programs were being collectively frowned upon in the wake of the Snowden leaks -- began soliciting quotes on a nationwide license plate reader database. Within a week, DHS head Jeh Johnson had shut down the plan, claiming the rogue solicitation had somehow escaped into the wild without a proper official approval and had nothing to do with the backlash it had generated upon discovery.

Not that the disappearance of this solicitation changed anything. The DHS (and ICE) already have access to the many ALPR databases maintained by a variety of private companies. All this would have done was provide the DHS with estimates on subscription fees and perhaps some help on developing a DHS/ICE-specific front end for access.

Nearly a year past the mini-debacle and the DHS is back in the license plate database business. This solicitation, however, is far more specific than last year's botched attempt. (via The Hill)

Immigration and Customs Enforcement (ICE) intends to issue a solicitation to obtain query-based access to a commercially available License Plate Reader (LPR) database.

ICE seems far more interested than usual in alleviating any concerns that this will be yet another domestic surveillance program.

ICE is neither seeking to build nor contribute to a national public or private LPR database. ICE will use LPR information obtained in response to queries of the commercial database to further its immigration enforcement missions. ICE law enforcement personnel will query the LPR database using known license plate numbers associated with the aliens who are immigration enforcement priorities, based on investigative leads, to determine where and when the vehicle has travelled within a specified period of time. The results of the queries can assist in identifying the location of aliens who are immigration enforcement priorities, to include aliens with certain criminal convictions, absconders, illegal re-entrants and those that pose a public safety or national security risk.

Rather than build new databases and grant open access to ICE agents, the agency is only looking to search known plate numbers. While this end will remain targeted, it doesn't do anything limit the collection efforts. Vigilant -- the largest ALPR provider -- claims to be adding more nearly 100 million plate/location records every month. The only thing "limited" about this plan is DHS's access. And even that may not be as limited as the previous paragraph implies.

ICE will also use LPR information obtained from the commercial database to further its criminal law enforcement mission, which includes investigations related to national security, illegal arms exports, financial crimes, commercial fraud, human trafficking, narcotics smuggling, child pornography, and immigration fraud.

So, it's not just immigration and customs enforcement. It's pretty much everything the ICE thinks it should have an active part in.

To its credit, it has at least compiled a Privacy Impact Assessment ahead of its ALPR database plans, rather than allow this to trail implementation by months or years. But within this assessment are hints that ICE's access won't be quite as limited as its earlier statement implies. For one, ICE already operates its own LPR cameras, so it won't solely be making use of preexisting data. It also has no controls in place to limit access when working with outside law enforcement agencies and using their access to LPR databases.

There are indications that the DHS and ICE are attempting to keep this access from being exploited or abused. The assessment notes that agents will be informed (and reminded) that a license plate "hit' cannot be the "sole basis" for law enforcement action. But the limits it's imposing on itself are still a bit too flexible. Plate info will only be allowed to be accessed for a "limited" amount of time, but that "limited" time frame is partly tied to the statute of limitations for the underlying crime. In most cases, the assessment notes, ICE agents will be able to access five years of historical plate/location data -- which it notes is approximately the average amount of time a person owns a particular vehicle.

The assessment also notes that the "Alert List" must be frequently updated to remove plates tied to closed investigations or when a person [but a license plate isn't a person?] is no longer a suspect. While some agents will be more proactive than others, the assessment only suggests an update be performed "at least annually."

The better news is that the DHS and ICE are making moves towards greater transparency, as well as demanding the winning vendor provide "robust audit trails" on any agency database use. Of course, a "robust audit trail" is only as good as the consequences for misuse, and the government in general has never been big on meaningful enforcement of its internal policies. Unfortunately, that's really the only thing preventing this targeted access from becoming the "unwarranted surveillance" the agency's Privacy Impact Assessment claims it's trying to avoid.

That being said, getting out ahead of the program with an impact assessment is almost unheard of in the law enforcement/intelligence field, so the DHS deserves some credit for realizing its past effort in this area was badly mishandled.

Filed Under: alpr, database, dhs, homeland security, license plates, privacy

Automatic License Plate Readers Also Gathering Millions Of Facial Photos Daily

from the THE-DATABASE-IS-MADE-OF-PEOPLE! dept

Every day in the US, millions of license plate photos are scanned and stored in various third-party databases, accessible by hundreds of law enforcement agencies, including those at the federal level. Privacy concerns have been raised by groups like the EFF and ACLU, but these have been brushed off with two assertions:

1. Driving in public is, by definition, not a private activity.

2. The license plate/location data only identifies a vehicle, not a person.

The first point can't really be argued. Your expectation of privacy pretty much ends when you start traveling on public streets. But the massive number of plate photos scanned and stored still creates privacy concerns. Most of the photos stored in law enforcement databases have nothing to do with ongoing investigations, and long-term storage of irrelevant plate/location data allows law enforcement to "track" anyone it wants to. Further concerns arise when agencies troll events like political rallies to add plates to their databases. It may not be a privacy violation, but it does raise questions about surveillance of First Amendment-protected activities.

As for the second argument -- just cars, not people -- that one's apparently completely bogus.

In addition to tracking license plates, the federal government has been taking and sharing photos of drivers and passengers inside the cars, documents obtained by the American Civil Liberties Union show.

License plate readers (LPRs) are designed to provide “the requester” with images of license plate vehicle numbers, in addition to “photos of visible vehicle occupants,” one of the newly released documents reads.

Another document obtained by the ACLU reveals the cameras have the ability to “store up to 10 photos per vehicle transaction including 4 occupant photos.”

The reality of the situation doesn't mesh with law enforcement's statements. And with ALPR manufacturers like Vigilant Solutions hoping to add facial recognition technology to their products, law enforcement agencies will soon have access to millions of individuals' photos, a large majority of which aren't currently under investigation.

The DEA's database alone holds at least 343 million LPR photos. Other law enforcement agencies are adding millions of shots to these shared databases daily. While the expectation of privacy is lowered in public settings, the millions of photos amassed turn these databases into long-term tracking devices. Surveillance of this scope used to be limited by personnel availability. Now, it's as easy as leaving camera running for the entire shift -- day after day after day. This low-effort process builds easy-to-use "maps" of citizens' movements -- where they work, where they live, which businesses they frequent, where they spend their "off" hours, which doctors they use, etc. And it's all at the fingertips of federal, state and local law enforcement agencies.

No law enforcement agencies are willing to talk about the implications of storing millions of "non-hit" photos. Los Angeles law enforcement officials went so far as to claim all captured photos were "relevant" to investigations. What little has been uncovered has been the results of tenacious FOIA requesters or open records lawsuits. The efforts being made to keep this information out of the public eye has very little to do with "protecting law enforcement methods" and everything to do with minimizing the amount of scrutiny or criticism these agencies face.

With the steady improvement of facial recognition technology, law enforcement agencies will soon know not only where your vehicle's been, but who was in it. The push back against this technology isn't so much about preventing its use, but preventing its abuse. Storing records unrelated to criminal activity for years is nothing more than stockpiling of data for its own sake -- nearly completely divorced from the actual business of enforcing laws.

Filed Under: alpr, database, faces, license plates, photographs, privacy

Vermont's Automatic License Plate Readers: 7.9 Million Plates Captured, Five Crimes Solved

from the the-finest-in-haystacking-technology dept

The sales pitch for automatic license plate readers is how great they are at helping cops solve crimes. From hunting down stolen cars to tracking pedophiles across jurisdictions, ALPRs supposedly make policing a breeze by gathering millions of time/date/location records every single day and making it all available to any law enforcement agency willing to buy the software and pay the licensing fees.

The systems come with civil liberties baggage -- privacy issues that aren't completely articulable, at least not in terms of what the courts have held to contain sufficient expectations of privacy. A single photo of a car on a public road isn't a privacy violation. But what about dozens or hundreds of photos that more resemble a passive tracking system than a set of public snapshots? That's a bit more of a gray area -- one that hasn't been fully explored by the courts at this point. Adjacent decisions notwithstanding, ALPRs are mildly intrusive and have troubling implications due to their capabilities, but at this point, they still operate within the confines of the Constitution.

So, if civil liberties are still intact, what's the next point of attack? Maybe it's the alleged efficiency. Are law enforcement agencies getting their money's worth?

It's a trick question. First and foremost, it's the public's money paying for these. In many cases, DHS grants have paid for ALPRs, with local agencies name-checking terrorism and extremism to increase the odds of obtaining funds. Even when paid for out-of-pocket, it's still the public footing the bill.

The systems aren't cheap. And from what VPR (NPR Vermont) has uncovered, they're not really worth the expense. (via Digital Fourth)

Over the past five years, law enforcement agencies in Vermont have invested more than $1 million in technology that gathers millions of data points every year about the whereabouts of vehicles across the state.

Yet even with the millions of scans, the system has not led to many arrests or breakthroughs in major criminal investigations, and it hasn’t led to an increase in the number of tickets written for the offenses the technology is capable of detecting.

No one sells a city council (or the general public) on the wonders of ALPRs by highlighting how many unregistered vehicles might be ticketed or pointing out other mundane traffic enforcement benefits they might provide. Probably just as well, considering these systems have had no discernible effect in these areas.

It's the "big ticket" crimes that sell ALPRs and push them past the complaints of those concerned about citizens' privacy and civil liberties. Kidnapping, auto theft, child pornographers, terrorism, etc. These are the sort of thing that put lead in legislators' collective pencils, stirring them to approve funding or sign off on grant requests, and so on. How do Vermont's ALPRs stack up against capital-C "crime?"

In the 18 months leading up to Jan. 1, 2013, the 61 license plate readers operating in the state at the time did a lot of recording. A VPR study of public information from local, state and federal law enforcement showed that during that time period, police across the state logged 7.9 million license plates and stored them in a central, statewide database along with the time and location they were scanned.

Despite the financial investment in the systems, they were helpful in solving fewer than five crimes in 2013. The number of tickets written for driving with a suspended license and driving with an expired registration (two violations that ALPRs can detect) hasn’t gone up since the technology was introduced in mid-2009.

Millions of plates. Five (5) crimes solved. Number of tickets issued flat.

So, what do you do? As a legislator who approved funding for this, do you accept this as part of the learning curve or do you demand more from the technology? Do you tell the public, "We appreciate your input but feel that a literal handful of successful criminal investigations far outweighs any privacy issues or budgetary concerns"?

An interview with an officer who uses the ALPR system adds some nuance to the discussion, including the fact that law enforcement's civil liberties precautions contribute to the perceived inefficiency of the system. But underneath it all, it's viewed as just another "tool" for local law enforcement to use, albeit one that can't seem to pull its own weight. No one wants to say the equipment is non-essential or possibly redundant, but the officer interviewed (Sergeant Cram) makes this damning statement.

Despite the $25,000 tool, Cram says the majority of the Winooski Police Department’s traffic stops are still done the old-fashioned way, with officers stopping drivers for infractions like rolling through a stop sign or failing to yield at a crosswalk.

Still, Cram says the federally-funded ALPR is a valuable tool, even though he doesn’t think the city would have put up $25,000 of its own money to buy one.

The city wouldn't have ended up with one if the DHS wasn't giving them away. That's how extraneous this "tool" is. The lack of successful criminal investigations backs this up. The fact that traffic enforcement has remained stagnant even with the addition of several million plate scans per year is the final nail in the coffin.

No one -- at least not in Vermont -- needs this technology. But if someone else is willing to pay, they'll take it. And they'll use it. And years down the road, they'll likely still have nothing to show for it but a massive database tracking the movement of millions of non-criminals.

Filed Under: alpr, crimes, license plate reader, license plates, vermont

Judge Says Los Angeles Law Enforcement Doesn't Need To Turn Over License Plate Reader Data

from the a-secret-repository-of-public-data dept

Los Angeles law enforcement has been battling privacy activists seeking access to license plate data for over a year now. The plate and location data scooped up by the city's many automatic license plate readers is considered fair game by law enforcement because visible license plates obviously don't carry any sort of expectation of privacy.

This argument only goes one way though. Back in July of last year, the Los Angeles Sheriff's Dept. refused to hand over plate data, citing confidentiality concerns. While using one of side of its mouth to argue that plates aren't personally identifiable information, the LASD used the other side to claim that releasing the data was impossible because even anonymized, non-personal data was too sensitive for public release. Let that argument soak in for a bit, because that's basically what Judge James Challant said in his opinion preventing the release of the data:

"The [LPR] data contains hot list comparisons, the disclosure of which could greatly harm a criminal investigation," Superior Court Judge James Chalfant wrote in his 18-page decision. "It also would reveal patrol patterns which could compromise ongoing investigations, and even fixed point data could undermine investigations. Disclosure could also be used by a criminal to find and harm a third party. Balanced against these harms is the interest in ascertaining law enforcement abuse of the ALPR system and a general understanding of the picture law enforcement receives of an individual from the system, unsupported by any evidence as to how well the ALPR data will show this information. The balancing works in favor of non-disclosure."

So, harvesting license plates and location data is no different than walking around with a camera snapping photos of vehicles driving or parked on public streets. But this very public collection method is somehow also a protected method that could be undermined by the release of data. While some patrol patterns might be ascertained from a week's worth of data, it's unlikely that such a short selection would reveal much. The judge also could have asked for a redacted release, with plates/locations tied to ongoing investigations blacked out, but instead he simply bought into law enforcement's arguments. (Caveat: Los Angeles law enforcement has argued that every plate collected is "relevant" to its investigations.)

The idea that a criminal could use the database to "find and harm someone" is the most ridiculous statement. (Although the circular reasoning about whether or not the undisclosed information will show abuse by law enforcement comes close. If you can't see it, you can't really look for signs of abuse.) License plates are public information. Anyone with eyes could "find and harm someone" by looking for license plates. (And -- again -- I thought this data wasn't "personally identifiable.") As long as the vehicle isn't parked inside, anyone can see its plate and location. While a dump of license plate data would make it easier, it's not as though withholding the information will have any noticeable effect on that sort of criminal behavior.

The end result is the expected: law enforcement gets access to anything considered "public information" and the public gets nothing in return but second-hand concerns about compromising investigations. It's the same argument, whether it's local law enforcement or the NSA. The public can't logically make the argument that plate readers are a violation of privacy but it has every right to expect that its law enforcement agencies are handling data responsibly and can be held accountable if they aren't. Humoring arguments like "all data is relevant" and "public data is confidential" doesn't achieve that end.

Filed Under: alpr, lasd, law enforcement, license plate readers, license plates, los angeles sheriff's dept., privacy

FOIA Request On Effectiveness Of License Plate Readers Greeted With A Blank Stare By Virginia Police Department

from the I'm-not-familiar-with-the-sort-of-thing-you're-asking-for dept

Law enforcement agencies are generally pretty happy with their automatic license plate readers. It allows them to harvest millions of plate/location records without having to exit their vehicles, much less slow them down. It also allows them to spring from their cruisers with guns out and force non-car thieves into submissive positions while they perform the sort of due diligence that should have been completed long before the cops/guns exited their respective holders.

What they don't seem to like is anyone asking questions about the massive databases they're compiling or whether they've bothered to institute any minimization/privacy policies. When questioned, they usually talk about what a great tool it is for crime-fighting, even if said tool contains millions of useless photos entirely unrelated to criminal activity. Some even claim that every single photo in the database is integral to ongoing investigations and therefore cannot be subjected to minimization procedures, much less the pesky FOIA requests of surveilled citizens.

And sometimes, these agencies are so sure they like the tech that they can't even be bothered to determine whether it's actually doing anything to assist in the business of law enforcement. Stephen Gutowski at the Capitol City Project recently asked the Fairfax County, VA police about the effectiveness of its license plate photo database and got this 'FILE NOT FOUND' statement in response.

This letter is in response to your FOIA request in which you requested the number of ALPR records Fairfax County currently has on file. This number is constantly fluctuating, but as of 05/20/2014 at 1003 hours there were 2,731,429 reads in the system.

You further requested any available metric the county uses to determine the system's effectiveness. It was found that the Fairfax County Police Department does not possess any such responsive materials based on the information you requested.

The assumption here is that the system works. The Fairfax County PD occasionally posts arrests linked to ALPR database hits and… well, beyond that, the PD draws a blank. Presumably a handful of arrests justifies a multi-million image-and-location photo database. But this lack of self-assessment shouldn't be acceptable, not for an agency that has abused its technology in the past.

It came to light late last year that the Fairfax PD trolled political rallies to grab more plate data, racking up nearly 70,000 photos in five days. This abuse prompted a local lawmaker to push legislation aimed at severely limiting, if not completely eradicating, ALPR readers in his district. Not a bad idea, as far it goes.

Virginia law enforcement agencies aren't going to be happy with this move and they'll be able to mobilize a pretty powerful opposition. But these are the same entities that tried to bury info on plate readers back in 2009, simply because they felt the public might try to get the system shut down if they knew what was going on. But the lack of controls or any gauge of the system's effectiveness shouldn't be allowed to escape unnoticed, because the failure to monitor error rates and hits can result in catastrophic consequences for citizens whose plates trigger false hits -- something this system does at twice the rate of recoveries.

The license plate readers demonstrated a high error rate. Four ALPR vehicles used in Fairfax County over the course of five nights in February 2009 scanned 69,281 vehicles. The camera database produced twelve bogus hits and recovered four stolen vehicles, for a recovery rate of 0.6 percent and an error rate of 1.7 percent.

The technology can be used responsibly, but law enforcement agencies with tough minimization policies are almost nonexistent. And as we've seen twice in the last month alone, officers relying on faulty data aren't making an effort to verify database hits before attempting to effect arrests. Someone's going to be hurt or killed because of bad data, and hardly anyone in law enforcement seems to be concerned. If they did, strict policies on verification and disposal of non-hit data would be the rule, rather than the exception.

Filed Under: alpr, foia, freedom of information, license plate readers, license plates, police, virginia

License Plate Reader Company Sues Another State For 'Violating' Its First Amendment Right To Build A 1.8-Billion-Image Database

from the we're-really-just-like-some-dude-with-a-point-and-shoot dept

Private companies engaging in large-scale surveillance are pushing back against the push back against large-scale surveillance… by filing lawsuits alleging their First Amendment right to photograph license plates is being infringed on by state laws forbidding the use of automatic license plate readers by private companies.

Now, these laws aren't saying law enforcement agencies can't use these readers. They can. What they do say (or did… Utah's law was amended after a lawsuit by license plate reader company Vigilant) is that private companies, like repossession firms and tow truck services, can't use these readers. But apparently they do, and those who manufacture and support the equipment would like to continue capturing this market.

Cyrus Farivar at Ars Technica reports that Vigilant has filed another lawsuit, this time against the state of Arkansas, arguing that a state law curbing the use of LPRs by private companies tampers with its free speech rights.

In this case, the two firms in question—Digital Recognition Network (DRN) and Vigilant Systems—generate, maintain, and share access to the license plate reader database with law enforcement.

The new Arkansas state law took effect in 2014, and it bans the private collection of license plate reader data while still allowing the cops to use the devices, usually mounted on patrol cars. The two companies say that their First Amendment rights are being violated, as they are allowed to photograph—even under an automated, high-speed process that is then shared with law enforcement—any and all license plates, anywhere.

There's a bit of a disconnect in Viglant's/DRN's logic, but one that's a bit troublesome for the courts to address. By portraying the capture of license plates at a rate of nearly 1,000 per hour as little more than a digital version of someone taking individual photographs of publicly-displayed plates, the companies hope to make its technology look less intrusive than it is.

The troublesome part is that courts have held that privacy violations that don't exist in the singular can't magically be summoned by en masse collections. There are definitely privacy concerns, however, especially when this information is used (and misused) by law enforcement. But the companies argue that there's nothing personally identifiable about a license plate, at least without access to other databases like those held by states' departments of motor vehicles. (Oddly, law enforcement officials have made the same argument, despite having this access.) This is true, but it's of little comfort when the privately-held database contains 1.8 billion records and is growing at the rate of 70 million per month.

Here's the crux of Vigliant's First Amendment assertions.

Plaintiffs' dissemination of license-plate information collected by ALPR systems is speech protected by the First Amendment. Similarly, the use of ALPR systems to collect and create information by taking a photograph amounts to constitutionally protected speech.

The Act is a content-based speech restriction. The illegality of speech under the statute turns on the content of what is being photographed and transmitted through ALPR systems-license-plate information is covered, but other content is not. The Legislature has singled out the collection and dissemination of "images of license plates" and the resulting "computer-readable data." Ark. Code§ 12-12-1802(2), 12-12-1803(a); see also § 12-121082(3). Moreover, the Act's extensive exceptions further demonstrate that it discriminates based on the content of the speech and the identity of the speaker.

This is a tough hurdle for the state to leap and is likely what prompted Utah to heavily amend its state law in exchange for Vigilant dropping the lawsuit. Unfortunately, in Utah's case, the state seems to have overcompensated. The amendment strikes any prohibition of a private entity collecting license plate data and allows these same entities to sell collected data to other third parties, something it expressly forbids government agencies from doing. It also allows for these companies to hold onto the data for as long as nine months, something that was only 30 days in the original bill.

So, Vigilant's point remains that what it does in terms of collection is not a violation of privacy because it does not have access to DMV databases holding personally-identifiable information. It glosses over the fact that it provides access to hundreds of law enforcement agencies around the US, all of which can acquire the connecting data. But that does seem to put the onus on law enforcement agencies to provide adequate privacy protections, including timely disposal of non-hit data. So far, very few agencies have attempted to so. In Utah's case, there are nine months of historic, non-hit data at law enforcement's fingertips, all with time and location info.

In the singular (as Vigilant's argument goes), this isn't a privacy violation -- no different that someone taking a picture of a vehicle in public. But several months of time and location data creates something that can only be achieved through dedicated surveillance, something that does raise privacy questions, especially in light of the recent court decision finding that law enforcement officers need warrants to track cell phone users' locations. This is the same principle. Law enforcement agencies shouldn't be accessing months of plate location/time data unless it's part of an investigation -- and if it is, someone neutral needs to be deciding whether or not every license plate hit is relevant to the situation.

Filed Under: alpr, arkansas, data collection, first amendment, license plate reader, license plates
Companies: vigilant