Parallels: License Plate Readers & Tracking in the Virtual World
The American Civil Liberties Union has come out with a report on the privacy implications of the diffusion of license plate readers called “You Are Being Tracked: How License Plate Readers Are Being Used to Record Americans’ Movements”. It’s an interesting report on the potential abuse of data recorded by license plate readers based on an analysis of over 26,000 pages of documents received from law enforcement agencies. It is also fascinating how it parallels many of the concerns raised by tracking in the virtual world.
Anyone who has watched a police drama is familiar with the scene where the police pull over a car and an officer radios in the license plate information. License plate readers are image sensors designed to automate this, basically high speed cameras combined with image analysis software. While most of these are specialized devices, according to the ACLU, smartphone technology has progressed to the point where apps are now available to capture license plate data.
Certainly we can all agree with the need for these devices. When police officers pull over a car, they are put in a potentially dangerous position and need whatever information they can get on the car and its occupants as quickly as possible. No argument here. What the ACLU is concerned is about what happens to the data after it is captured. After all, since these devices are not only being attached to police cars but bridges and overpasses, it is easy to see how license plate data can be abused to track people’s movements through unobtrusive passive monitoring. The ACLU outlines several potential abusive scenarios, such as a journalist reporting on police corruption based on information from a police department source could find that source fired after police management tracks the source’s car’s visits to the journalist’s office. There are some real-life examples as well, such as an anti-war protester in the UK pulled over by the anti-terror police after a license plate reader brought up data showing he was placed in a “hot list.”
Data Retention Periods/Co-mingling of Databases
Other issues pointed out by the ACLU include inconsistent license plate data retention policies. One law enforcement department requires this data to be destroyed after 48 hours, others have policies ranging from 21 days to 5 years and some departments seem to have no limits on data retention at all. A further complicating factor is license plate data collected by law enforcement agencies is increasingly being fed into larger databases. Not only does that increase the geographical areas over which license plate data can be analyzed, it is not clear if these larger databases will honor the data retention policies of the agencies supplying the data. A further complication is that there are private companies, usually associated with agents who repossess cars, that maintain databases of data from license plate readers and also work with law enforcement agencies.
From our perspective, one of the interesting elements of the ACLU report is how closely it tracks many of the same issues often raised about tracking in the virtual world. Look at the text above and replace the words “marketer” for “law enforcement agency” and “GPS enabled smartphone” for “license plate reader” and you’ll get the idea. An issue that often comes up with privacy in the virtual world is it is often hard for people to visualize the issues since so much of it takes place over unseen computer networks. Hopefully, as the ACLU’s report on this more visceral method of potential abusive tracking gets out in the popular press, people will also reflect on the parallels in the virtual world.