The Department of Homeland Security’s effort to get its hands on information about the road travels of all Americans is back. In a Privacy Impact Assessment (PIA) issued yesterday about a plan for using license plate reader data, Immigration and Customs Enforcement describes a plan to “procure the services of a commercial vendor of LPR information.” The agency pays lip service to public concerns about license plate readers and offers some improvements to the government’s current more or less unrestrained use of location tracking technology. It does not, however, remedy the fundamental civil liberties problems with such a project.
About a year ago, DHS cancelled its plan to purchase access to a nationwide automatic license plate reader database after its revelation triggered an outcry. The scope of what the government expected from this database had shocked the public and legislators: over two billion location data points, growing at a rate of 70 million scans per month, that were shared with and received from law enforcement agencies and private contractors across the country (although ICE field offices had paid the company Vigilant Video for location information for years and continue to do so).
It’s appropriate to use license plate scanners to check for wanted vehicles, but the technology should never be used to store up databases of the movements of vehicles that are not on any hot lists. Unfortunately, it’s just this kind of mass surveillance of movement that ICE’s proposal relies upon and encourages. The privacy assessment says that such data would be “useful” to ICE. No doubt that will occasionally be the case, as it would be with any surveillance technology used to record the activities of private citizens en masse—but it violates the longstanding tenet that the government not monitor citizens unless it has individualized suspicion of involvement in wrongdoing.
The bottom line is that DHS is incentivizing the growth of an industry whose business model is monitoring the location and movements of Americans en masse and selling it to the government. Whether by government or its contractors, such mass monitoring should not be done in the first place, and should not be encouraged by the government, and its results should not end up in the hands of the government.
If DHS pays a private company to collect data for it (turning that company into an agent of the government), the private company should be bound by the same policies, principles and law that the government would have to follow, if it were to do the work itself. The PIA makes it clear that this is not the case.
While the PIA describes how DHS will access data in a commercial database and transfer the data to its own database, the document does not address the many important decisions that the company makes about collection, accountability, retention, or others. For example, DHS may have a policy and protections against racial profiling (which we think are incomplete), but the PIA doesn’t suggest that Vigilant Video (the most likely company to receive this type of contract) will need one. It would be unconstitutional for an ICE agent to target a location for ALPR surveillance based on race or ethnicity, but the policies outlined in the PIA would not stop its contracted company from doing the same thing. Similarly, ICE may have policies against enforcement around sensitive locations like schools, but the PIA does not stop the contracted company from targeting those same areas for collection.
More notes from the Privacy Impact Assessment:
- We object to ICE buying access to license plate reader data to further target immigration enforcement priorities that are not public safety or national security risks. There are many, many people targeted by ICE that should be neither locked up nor deported. This new contract would only further ICE’s mass deportation regime.
- While it is good that DHS has placed any restrictions at all on how far back in time it can access location records, the limits are too narrow. Five years of location records will likely give law enforcement agents a detailed picture of someone’s life. And this is not a retention policy; the company can retain the records forever. The only limit is on DHS’ ability to query the data—and ICE can make exceptions to this policy and ignore the limits “if approved by a supervisor.”
- The PIA requires the ability to audit DHS’ queries of the private database, but it does not create an audit for additions to a hot list. The document suggests that ICE will create a hot list that it will submit to the private database, which will automatically alert ICE if the plate is detected. DHS should require the same reporting for adding a license plate to the hotlist as it does for querying the database.
- The PIA reminds the public that DHS still has no policy on the use of license plate reader systems that it owns and operates itself.
- The PIA claims that two ICE field offices have current subscriptions to private LPR databases. This may be true currently but many more have had subscriptions or have attempted to get subscriptions.
Some positive notes from the PIA:
- DHS recognizes that that license plate reader data is “Personally Identifiable Information” (PII). There shouldn’t be any doubt about this, but the International Association of Chiefs of Police disagrees.
- The PIA suggests that investigators cannot query the database for a partial plate, or ask to receive a list of all license plates from a certain area or time period. This is an important protection that makes it harder for employees to conduct fishing expeditions.
- The PIA recognizes that LPR data in aggregate may detail individual’s travel over time and provide details about an individual’s private life, such as frequenting a place of worship or participating in protest and meetings, thereby implicating constitutionally protected freedoms.
- ICE says it will not be contributing data to the LPR database, and recognizes the importance of audits and accountability, and of regular review and “cleaning” of hot lists.