2/21/2020California Auditor Slams License Plate Readers
Audit slams California law enforcement for ignoring rules requiring privacy protection policies with the use of license plate cameras.
California State Auditor Elaine M. Howle is not impressed with the way local law enforcement agencies are spying on innocent motorists with automated license plate readers (ALPR, also known as ANPR in Europe).
"Technology gives governments the ability to accumulate volumes of information about people, raising a reasonable question: How is an individual's privacy to be preserved?" Howle asked. "Instead of ensuring that only authorized users access ALPR data for appropriate purposes, the agencies have left their systems open to abuse by neglecting to institute sufficient oversight. Over the years, the media has reported that some individuals within law enforcement used or could use data systems -- and sometimes ALPR systems -- to obtain information about individuals for their personal use, including to locate places they regularly visit, to determine their acquaintances, and to blackmail them based on this information."
The audit report released last week reviewed the use of license plate readers at the Fresno Police Department, Los Angeles Police Department (LAPD), Marin County Sheriff's Office and Sacramento County Sheriff's Office. Of the 320 million images of motorists and their vehicles stored by LAPD, 99.9 percent of the vehicles were not involved in any crime. Those images were stored in a database along with the driver's name, date of birth, address and other personal information.
In Fresno, Marin and Sacramento, the ALPR systems used Vigilant Solution's cloud storage options without any extra effort being taken to verify that adequate security measures were put in place. None of the four agencies were abiding by the 2016 law mandating stricter policies in the use of ALPR data. Each of the agencies had insufficient policies, and LAPD had none at all.
"We asked key officials at the three agencies using the Vigilant system why they had not audited the searches users performed and found that either they were unaware of the auditing requirement in state law or the auditing they did conduct did not include user searches," the report explained.
The auditor found the sensitive law enforcement database had granted access to the Missouri Police Chiefs Association, which is not a public agency. None of the California departments could explain why it had access.
"The lists contain many other entities whose identities and law enforcement purposes are not immediately evident," the report noted. "Unless a law enforcement agency verifies each entity's identity and its right to view the ALPR images, the agency cannot know who is actually using them."
A copy of the report is available in a 5mb PDF file at the source link below.