For anyone interested in how well meaning government policies and practices can be subverted or simply mis-implemented, please see the Globe article:
http://www.bostonglobe.com/metro/2013/12/14/boston-police-suspend-use-high-tech-licence-plate-readers-amid-privacy-concerns/B2hy9UIzC7KzebnGyQ0JNM/story.html
*Direct quotes from this article are indicated by trailing asterisk
Summary: The Boston Police operate an automated license plate scanner program. The purpose is to gather as much information as possible and then mine the data for information, such as stolen cars, unpaid tickets, etc. This classic “Big Data” approach is used by the NSA in telephone meta-data extraction (keep all records, just in case you need one, regardless of any privacy concerns).
Some differences:
Given the extra-national nature of the NSA’s records, there’s no implied right to privacy for most of their data, so there’s no retention requirements. The Boston Police, on the other hand, monitor US citizens and actually do have a retention policy. Unfortunately, they don’t follow it. The police inadvertently released to the Globe the license plate numbers of more than 68,000 vehicles that had tripped alarms on automated license plate readers over a six-month period. Many of the vehicles were scanned dozens of times in that period alone.*
The NSA has interdicted multiple terrorist plots, tracked pirates, etc, and has been reasonably successful with their program. Reading the Globe article revels that the Boston Police are not quire as effective — …numerous vehicles repeatedly triggered alarms for the same offenses. One motorcycle that had been reported stolen triggered scanner alerts 59 times over six months, while another plate with lapsed insurance was scanned a total of 97 times in the same span.*
Johnathan Hecht, rep from Watertown, is rightfully concerned.
“It’s not realistic to think that law enforcement will police itself when it comes to technologies like license plate readers,” said state Representative Jonathan Hecht, a Watertown Democrat who has filed a bill to regulate use of scanners and the sensitive data they collect.*
Hecht believes that the scanner technology has “gotten ahead of thoughtful policymaking on its use. . . . From their point of view, more information is always better.” (Hecht’s License Plate Privacy Act would slash the plate scan retention period to 48 hours except by court order and require agencies to report annually on their scanner use.) *
In case you’re wondering where YOU might have been in Boston in the past six months, just ask your Big Brother, the Boston cops, they probably already know “…the records finally released in July were unredacted, revealing full plate numbers and GPS location data for more than 40,000 different vehicles, most of which belonged to private citizens.*”
The net-net is that running big-data operations requires the careful oversight, critical technology and privacy management, costly resources and careful management which State and Local Government are not known for. It also requires a technical data competency which Government in general is clearly not known for.
Getting back to the NSA issue, as a US citizen I expect my Government to do whatever it can to protect me from extra-national terrorism, but at at the same time, I don’t want them spying on me. Them, or the Boston Police, or the Massachusetts State police or any of the 60 other agencies currently spying on me with plate readers. I am still a US citizen and I’m still entitled to some privacy, and I’m willing to have that right even if it makes policing a bit less effective. (and especially if the program itself is just not effective as clearly the Boston program is not).
This is not a new argument. Remember it was Benjamin Franklin who in 1755 said “They who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety.”
For those who feel the same, please contact Rep Hecht at Jonathan.Hecht@mahouse.gov in support of
H.3068 HD1117 By Mr. Hecht of Watertown, a petition (accompanied by bill, House, No. 3068) of Jonathan Hecht and others for legislation to regulate the use of automatic license plate reader systems. Transportation.
Regards,
Rich Carlson, Belmont
PS – Kudos to muckrock.com & the Globe as well
I don’t see the problem, honestly. It’s the same as surveillance cameras everywhere. If you’re in a public space, you don’t have any expectation of privacy. As far as tracking goes, actually, your cell phone is probably much more susceptible.
Furthermore, when you are operating a dangerous motor vehicle, the purpose of the license plates is to give a modicum of accountability to your behavior. Many drivers behave recklessly and menace pedestrians because they know that a disoriented person will not be able to read the license plate in time, and therefore the motorist will suffer no consequences for his or her anti-social behavior.
I have trained myself to try and recognize license plates quickly and to remember them in order to be ready for such situations. But in poor levels of light, or with bad sight lines, I won’t be able to do so. It would be nice to have additional observers be able to scan and record the license plate number of a perpetrator after a collision or incident.
Operating a motor vehicle on public streets is a privilege, and there is most certainly no right to do so without a vehicle plate number displayed and available for recognition.
I think there is a legitimate issue about how long random plate location records are retained. I’ve sponsored legislation to address this and other state-level privacy issues. There is always a balancing act, but I think we need to have a conversation about the ramifications of big data and the new transparency and implement appropriate policies.
Not sure about Charlie Card data — not aware of a link between Charlie Card and an individual’s identity. The MBTA knows where the Charlie Card went, but I don’t think they generally who had it.
Does that apply to tracking users of CharlieCards on automated fare collection machines?
I beg to differ, Will. There is a strong link between the Charlie Card and the individual, depending on how it was purchased. Yes, a generic Charlie Card isn’t linked, but any monthly pass bought electronically, is. It’s not proof positive — the pass may have been loaned to someone else or stolen — but one’s general movements can be traced and, at least in NYC, are used for active tracking on “people of interest.”
I’ve got no problem with license plate readers as long as the data is not kept for long (one week seems like plenty of time, unless there is a specific crime where it is thought it might be helpful. This assumes that the police are prompt about reviewing videos when there is a serious traffic accident — the SF and NYC police have recently been pretty terrible about failing to investigate pedestrian and cyclist deaths in a timely fashion, or much at all. Given that risk, I’d say one month, so that injured parties have the time to contact a lawyer who is aware that obtaining these videos could be useful. But NOT indefinitely).
If you have a Bike CharlieCard, it doesn’t work till you activate it over the web, so they might well be able to tie someone to a card pretty directly. Otherwise, if you bought it and only loaded it with cash, I think it is pretty anonymous, though over time they could begin to figure things out (correlate card uses with facial recognition from cameras, take a few dozen samples, they can probably match the face to the card. Out of all the people on the train, how many would take the same one as you 30 days in a row and get on and off at the same stops?)
Lina’s/David’s point well taken — may be possible to link credit card purchased cards to identity.
The ACLU has a well-written and thoughtful article on the issue of automatic license plate readers (ALPRs), and the collection and storage of license plate information. This report is available online at You Are Being Tracked.
Some of the points the report makes are:
• Relatively inexpensive systems commonly available to police are capable of being mounted either in fixed locations (such as highway overpasses and busy city intersections) or on patrol cars.
• These systems can capture and record all of the license plates that come into view, along with a timestamp identifying when and where the plates (and the cars they are attached to!) were seen.
• These records are entered into local databases (e.g. a database maintained by a city), and from there find their way into regional and national databases.
• Using readily-available data processing techniques, individual “snapshots” of a particular license plate can be extracted from one (or multiple) databases to create a comprehensive profile of the locations of the target vehicle over time.
Given how these records are generated (all the vehicles passing a given point; all the vehicles that a patrol car passed) it is inevitable that most of the owner/drivers about which information has been obtained will have violated no laws. It’s also quite possible that a few of the vehicles identified will have been stolen, and/or that a very few of the drivers might be sought by law enforcement agencies for urgent reasons—presumably that’s the point of establishing these systems.
It seems to me that the legitimate law enforcement value of ALPRs can be realized, and the potential abuses minimized, by passing laws enforcing two restrictions:
• limiting the time that ALPR records can be maintained in a database;
• limiting the flow of ALPR records “upstream” from local to regional or national databases;
The first limitation is under active discussion, on this forum and others. I’ve not heard as much discussion about the second point—but it might be as important. There’s no reason that I can think of that particular legitimate search requests for a specific license plate can’t be propagated from national to regional and local agencies, and information about positive “hits” returned, without the wholesale pooling and integration of all ALPR records. The only law enforcement activities that become significantly more difficult with non-integrated databases are “data mining” investigations that depend on having comprehensive surveillance information about large populations.
And it is precisely these data mining projects that I think most Americans would have concerns about.
Rich, thanks for this very thoughtful comment — your point about upstream use is very well taken. We’ll bring this into the conversation.