Last fall, we told you about the widespread use of license plate readers -- cameras deployed by government agencies to scan and track plates as cars move across town and across the country.
License plate readers can be put to great use finding stolen vehicles or hunting down kidnappers. The problem is, there aren't any officially established "best practices" when it comes to collecting, maintaining, and deleting all the data that readers collect. And generally speaking, the law is on the side of the government, not consumers.
But really, how pervasive are these cameras? How bad can it be?
The American Civil Liberties Union did some snooping, and in today's spirit of whistleblowing or wikileaking or domestic terrorism (take your pick), the organization has released the results of nearly 600 freedom-of-information requests filed in 38 states and the District of Columbia. The ACLU wanted to know how government agencies at the federal, state, and local levels use and dispose of the data they acquire through license plate readers.
Put on your tinfoil hats, people, because the news isn't encouraging. Among the findings revealed in the final 26,000-page document:
- There are no nationwide standards setting limits on who can use license plate scanners.
- There are no nationwide standards setting limits on how scanned data can be used.
- There are no nationwide standards setting limits on how long data can be held before being deleted.
As a result, there are now huge repositories of license plate data stored on government computers. (Anyone want to guess how secure those computers are?) In Jersey City, New Jersey, 2.1 million plates were recorded in 2012, and there are roughly 10 million in city databases. However, that data is deleted every five years.
On the other hand, there's Grapevine, Texas (population 47,385), which has over 2,000,000 tracking records and no policy on when data should be deleted.
After reviewing the nationwide disarray of information collection and storage, the ACLU has suggested five rules to standardize license plate data collection:
1. License plate readers may be used by law enforcement agencies only to investigate hits and in other circumstances in which law enforcement agents reasonably believe that the plate data are relevant to an ongoing criminal investigation.
2. The government must not store data about innocent people for any lengthy period. Unless plate data has been flagged, retention periods should be measured in days or weeks, not months and certainly not years.
3. People should be able to find out if plate data of vehicles registered to them are contained in a law enforcement agency’s database.
4. Law enforcement agencies should not share license plate reader data with third parties that do not follow proper retention and access principles. They should also be transparent regarding with whom they share license plate reader data.
5. Any entity that uses license plate readers should be required to report its usage publicly on at least an annual basis.
For more about the ACLU's findings, check out the disturbing/informative slideshow below. (Warning: it takes a second to load. Be patient.)