 All right. We ready? Excellent. Hi. My name is Dave Moss. I am here to talk to you today about automated license plate readers. I think it was actually two or three years ago that I was here last, but it was the same issue and a lot has changed since then. I'm a senior investigative researcher at the Electronic Frontier Foundation. For those who aren't familiar with us, we are a nonprofit based in San Francisco that works to defend our civil liberties and rights as technology advances across society. I work on our street level surveillance project, which means I focus on researching and advocating on issues related to police surveillance technology. So just a quick brief on what automated license plate recognition and automated license plate reader technology is. In short, it's a mass surveillance technology that involves a series of cameras that capture license plates, then uploads those license plates along with information about where they were seen when they were seen to a central searchable database. And then police will use these camera databases to do things like put in a license plate and see where that car traveled over a period of time, or maybe they'll put in an address of a location and see what vehicles visited that location. Maybe they'll use something called the hot list where they add a vehicle to this watch list. So when they're driving around, they will know when one of these cars are in proximity to them. Or maybe they will put somebody on a hot list and get real-time alerts on where that car is as it travels through a city. Or they can do things like, it's just a long list of things you can do with license plate readers, but you can do things like figure out what cars are seen next to each other on a regular basis. And some of the folks out there who offer this technology offer the ability to predict where somebody is going to be based on their historic travel patterns. Some of the technology out there can also allow people to search based on the make and model of a vehicle or even text on the vehicle. Like if there's a phone number for an exterminator on the side of a car or there's bumper stickers. There's a lot of possibilities for this license plate reader technology. As far as my background at EFF and license plate readers, I have been part of a project to aggregate license plate reader policies across California. We have collected 188 of them. That is not anywhere close to what I even think was probably half of what's out there right now, but it is a lot. And then along with an organization called Muckrock, we filed 500 Freedom of Information Act and local public records requests across the country to examine how much data is being collected, who it's being shared with, and what kind of policies, governance use. And so filing these records, I mean, we filed more than 500, but we haven't necessarily gotten responsive records back from all of them, but we ended up with a really big number and a really small number. And the really big number is 2.5 billion. And that is the number of license plates that were scanned over a two year period by these 173 agencies. Now the really small number is 0.5%. That's not 5%, but half of a percentage point. And that's the number of vehicle, the percentage of vehicles that are actually flagged as relevant to an investigation at the time the license plate was captured. So in other words, 99.5% of the license plates that are captured in the world by these license plate readers have no relevance to a crime at the time that they're actually collected. I want to tell you about a couple of the different kinds of technology that is being used and to help you understand what Oakland is using. So there's a category of license plate reader that we often refer to as stationary license plate readers. These are cameras that are in one place or maybe, like you see on the right, they're on a trailer and they're generally in one place until they get moved. And these cameras capture what's passing by. The other kind is what we call a mobile ALPR. And these are license plate reader cameras that are attached to vehicles, like police cars, and drive around and collect. And I'll talk a little bit more about this in a second. The other thing that you have to know is that you don't actually have to have license plate reader cameras to access license plate reader data. There are companies that are collecting this information and putting it in a database and selling it to you. So if your department can't afford them, then you just buy access to these data sets. Now, these data sets that are sold by private companies, these private companies also sell them onto corporations. They might sell them onto law enforcement, sure, but they'll also send it onto lenders, to insurance companies, to debt collectors, to private investigators, a whole range of markets out there for license plate reader data. There's a big difference between stationary license plate readers and mobile license plate readers. As I mentioned before, stationary license plate readers collect vehicles and move these generally cars that are passing by a particular point. But mobile ALPR not only collects vehicles that are in movement, but it also collects parked vehicles. It collects passively wherever the vehicle happens to travel. So if you went through a with a license plate reader vehicle and you went through a parking garage, you could capture all the cars in the parking garage. If you were to go through the parking lot of a mosque, you could capture everybody who visited at the mosque. It also allows for instead of targeting the entry points and exit points of a neighborhood or like high traffic intersections, having it on a vehicle allows a patrol car to canvas entire neighborhoods to collect data on certain populations. A lot of times you'll hear law enforcement refer to license plate readers as a force multiplier and what they mean by that is it allows them to do more with less people and they'll make this this comparison. They'll say that license plate readers, you know, it's not really different than having a police officer standing on the corner writing down people's license plates. I tend to object to that because I think that, you know, when you think about a police officer standing on a corner, you think about that as a stakeout. Whereas license plate readers are more like a dragon. And I think that if you went to the public and you said, hey, how would you feel like, you know, feel about having a police officer on every corner writing down every single car that goes by? Or how would you feel if there was a police officer killing you everywhere you went? People would feel pretty weird about that, especially if it was happening to everybody all the time. And that's what I think is going on with license plate readers. And to kind of show you a couple of years back in 2014, 2015, we got a week's worth of license plate reader data from the Oakland Police Department. And at the time, we could only identify two to three vehicles that had that had a license plate reader on them. Not sure how many were in the entire fleet, but looking over the course of a week, there was very rarely more than one vehicle on the road at a time. Nevertheless, in just one week, you could see that these one to three cars were able to capture basically the entire city, 63,000 license plate scans in a week. I understand that we're up to about 35 cars now. And so I can only imagine what this would look like if we had the same data from one week. To give you another look at it, this is what it looks like as a heat map, the kinds of neighborhoods if you're familiar with Oakland that are that are getting covered than others, getting covered more than others. We also sort of noticed a disproportionate impact. So we overlaid it over census data related to income. And, you know, our hypothesis was you would end up seeing more license plate reader data being collected for lower income neighborhoods. That turned out to be true. We also hypothesized that there would be a a racial element as well. And sure enough, black populations had more license plate reader data collected on them than other populations. Specific to what this mobile ALPR system or a patrol based ALPR, there are a few big specific risks. And one is that it's disproportionate, like I said, that people who live in certain areas are going to have more surveillance conducted on them than others. So innocent people who live, say, near a house that has problems with drugs or domestic violence or a neighborhood that has a lot of, you know, there's a liquor store that has some problems. People who are innocent who live in that neighborhood are going to have more data collected on them than other people, even if they're not doing anything wrong. Then there's a danger of a feedback loop. If a patrol is going to a neighborhood to respond to a crime is going to collect more data on that crime, then that data is going to feed into more investigations, sending patrol cars back to that neighborhood where they're going to collect more data. And there's just going to be this cycle of data patrolling, data patrolling, data patrolling. And then there's also a danger of what I call a priority drift, where a police officer who's driving around who has this device in his car and is getting alerts all the time on his hot list may start focusing more on what the computer is telling him to do than what is actually the needs of the community and what his public safety priorities might be. Another risk to look out for is what happens when there's an error. In San Francisco, we had a fairly high profile situation where a license plate reader misread somebody's license plate. The police did not double check to make sure that the license plate that was on the vehicle was actually the one in the system. And they ended up pulling over a government employee named Denise Green and putting her through a fairly harrowing police stop and counter. I'm sure that's a totally strange experience to some people on the Privacy Advisory Committee. But as a result, not only was this terrible for Denise Green, it wasn't great for the city of San Francisco either because the city had to pay out a half a million dollar settlement not to mention all of the staff time that went into litigating this case. So some of the more general risks for ALPR that apply fairly across the board, sorry, I've kind of gotten lost here, is misuse and abuse. You have a database system, you are always going to have some sort of person who has access to the system who's going to misuse it for their personal purposes, whether that's stalking an ex-spouse, looking up a journalist, taking out retribution on a neighbor that they don't like, adding somebody to a hot list that shouldn't be on the hot list to harass them. There's many ways that things can be misused and abused. And we see it across law enforcement databases all over the place. We see it with clets, the law enforcement database. We see it with databases at the border. It happens all the time. There can also be a chilling effect on First Amendment activities. This technology can result in surveillance of protests, surveillance of journalists, surveillance of religious centers. And then there's also just the way that you might institute license plate readers thinking this is going to be used to solve car theft or being used to solve amber alerts, but ends up being used for other things. So for example, in the county of Sacramento, the welfare office was using it to investigate recipients, benefits recipients, people who were receiving food stamps or welfare or other government aid, and using it to invade their privacy on a regular basis. In Texas, they actually set up a system where they would feed a list of people who owed court fines into their license plate reader system, and then constables would drive around. And when they saw somebody who owed them money, they would pull them over and basically shake them down. Say either we found you, either you pay us now with our little credit card reader with a 25% markup, or you're going to jail today. A lot of talk about immigration enforcement these days, and that certainly comes into play with license plate readers. There's kind of two ways for ICE to get access to license plate reader data. One is through the front door, where an agency actually gives them direct access to the data they've collected. But maybe an agency says, hey, we're not going to share with ICE. We're just not going to do it. Well, if you're sharing with 150 or 200 or 500 other agencies, there's a very good chance that one of those other agencies has also given access to ICE. So for example, it's fairly common for agencies in California to share with the Long Island Police Department, not the Long Beach Police Department, because they're in California. It's another California entity. But lo and behold, it turns out that Long Beach gave user accounts to two CBP, sorry, three DH officers, one was ICE and two were CBP, and they ran hundreds of searches looking like they were Long Beach users. There are also cybersecurity issues with having this technology. You see a lot of police departments acquire technology and not actually invest in the measures to protect them. So for example, what you're seeing here on the screen is from a couple of years ago, myself and one of our technologists at EFF had found that there were hundreds of license plate readers connected to the internet without any kind of security. These images that you see here just involved us going to a web page. And on the left, we had access to all of the controls for the camera. And then you can hit a button and launch the window on the right where you could see the data coming in live. And you can actually watch the live video. Now the California legislature recognizing some of these problems did pass a law in 2015 called SB34 regulating to a small extent the use of automated license plate readers. And it applies to there's regulations for two different groups. One is the folks who run the license plate reader systems, and then one is the folks who access the license plate reader data. The city of Oakland is both and has to abide by the regulations for both. So going through some of the mandates of SB34, you have to take, you have to maintain some reasonable security practices. You need to implement a privacy policy that is consistent with, and this is, you know, should be in quotations, with consistent with respect for individuals, privacy and civil liberties. I mean, that's really key. Like, you know, every agency that uses license plate readers needs to have a policy that is consistent with privacy and civil liberties. They need to publish this policy online. They need to keep a record of every time somebody accesses the data. They need to have a public meeting on the program, and then they can only share data with other state agencies, counties, cities. Now one of these, these license plate reader policies that they're supposed to implement and publish also have a lot of requirements. They need to state very specifically, and as I read these down, I think that when you evaluate city of Oakland's ALPR policies, you need to go through all seven of these and really evaluate how well they address each of these questions. So the questions are, what are the authorized purposes for accessing the data? Like, is there only specific crimes? Is it only violent crimes? Is it only car theft, or is it just anything that they think is related to an investigation? And a lot of the policies we see out there just say, the authorized purposes are authorized purposes, and you're not allowed to use it for unauthorized purposes without really getting into much more depth. You have to say, who is authorized to access the data, and how will they be trained? You need to say, how will you monitor the system to make sure it's not abused, and what kind of audits will you conduct? You need to say, who is the bottom liner who is in charge of the ALPR system? You need to spell out how you're going to ensure that the data in the system is accurate, and how you're going to go about correcting errors when it's found to be inaccurate. You need to say, what are the restrictions on sharing the data? Who are we not sharing the data with? And then if we are going to share data with somebody, what's the process for sharing that data? What kind of agreement do we have to have in place? And then finally, you have to say, how long are you going to hold on to the data, and what kind of considerations you will take in purging the data? Some of the problems we've seen having looked over a whole bunch of these policies, and having filed so many public records requests, is that a lot of agencies are either not writing or not writing and publishing the policies. So I told you about the Sacramento County Welfare Office. They did not have a policy at all until I put in a public records request asking for it, because I saw in another agency's documents that they were sharing data with Sacramento. Los Angeles Police Department still doesn't have a policy on its website. The California Tax Franchise Board did not have a policy on its website until I called and asked the board, and then they started making it. You might see a policy, and the policy just exists to be a policy on the website. It doesn't actually meet all of those seven requirements. You might find that a lot of agencies are using the exact same language. That's because there is a company called Lexapol that generates these policies and gives them out, and says, here, pay us or whatever, and you can use these boilerplate policies. And so they just post them online without actually adjusting them to the community's needs. And then often when these policies are put up, they actually have no intent in following them. It might say, we conduct periodic audits. If I ask for those audits, most of the time, I don't get anything because there's no records that exist. It might have some lines in there that say, if we're going to share data, another agency has to put in a request, that request needs to be reviewed, there needs to be a letter signed, and then it needs to be stored indefinitely. These are often like language that you see across them. There are very few agencies that have been able to produce that documentation. And certainly, I've not come across one that is able to produce a piece of documentation for that for every agency that it's recorded having shared data with. Another thing we see commonly is that when they do maintain, there's this requirement that they need to maintain logs, and those logs need to include who accessed it, when they accessed it, what they accessed, and why. And a lot of times, they just aren't putting in the why. And so that means we don't know whether they're abusing the data because there's nobody actually recording the purposes. Was it related to a kidnapping? Was it related to a car theft? What was the reason for accessing the system? And we'll just find when we look through these log trails that there's just totally left blank. We're also finding the agencies are seriously oversharing. Anytime you share with another agency, you are opening a vulnerability point. You're opening a whole range of other people being able to abuse your system. When we looked at agencies across the country, we found that on average, agencies were sharing with at least 160 other agencies. A lot were sharing with more than 700. For example, the Sacramento County Sheriff was sharing with 838 other agencies. And then many share with a pool called the National Vehicle Locator Service, and they don't actually keep track of who's in that pool or who's not. They just sort of say, share all, and it shares with maybe 500 agencies or so. This on the right is just the first half of a page of what I think is 13 pages of who the Sacramento County Sheriff is sharing with. We're also finding that training in California is very poor. The SB 34 does require that agencies disclose what kind of training people need to receive. There's only one automated license plate reader training that is certified by the California Commission on Peace Officers Standards. We have reviewed this training and we found that since it was written in 2014 and never updated, it doesn't cover the current state law on this. It doesn't mention SB 34 at all. It refers to a whole bunch of cases and marks what the disposition of those cases were in 2014. A lot of those have been resolved opposite to what they are training people on. So for example, we had a lawsuit against the Los Angeles County Police Department and the Los Angeles County Sheriff's Department. Their training says that we lost the case. We won the case in front of the Supreme Court. And finally, this one training is only authorized to be given by a single company named Vigilant Solutions, which also markets license plate reader equipment and data. They are the only ones able to give this training and they are only able to give the training on their version of the technology. And I don't believe Oakland uses Vigilant Solutions, so I'm not sure where Oakland would actually get training that is appropriate to the system that they are using. We also find that there's a lot of inappropriate secrecy. The training that Vigilant Solutions gives tells officers to leave the use of ALPR out of police reports. The same company also makes agencies sign nondisclosure agreements so they can't talk to the press about the technology without going to them first. I've seen very little information about agencies keeping track of how many stops occur with license plate readers and what the outcome of those stops are. And we have very little information on the error rate of this technology. How often is it getting it wrong? I also want to bring up the issue of California Public Records Act and automated license plate reader data and whether this information can be provided to the public or not. So in the past, Oakland has allowed access to all license plate reader data without redaction. I think they gave ours Technica something like two years worth of data, five years worth of data. We asked for two weeks worth of data and they gave it to us, not redacting anybody's license plates at all. It was all in there. Berkeley will not do that, but Berkeley does something unique that I haven't seen in very many places in that you can actually go to the Berkeley Police Department and show them proof that this vehicle belongs to you and you can see what they've collected on you. The state of Georgia last year actually passed a state law forbidding the release of data to make sure that because they do collect an immense amount of license plate reader data in Georgia, they wanted to make sure that this data which was sensitive was not making it out there into the public and so they actually blocked it under state law. I mentioned hot list before and these are the watch lists that are created. I've yet to see a policy in California that says what the criteria is for adding a vehicle to a watch list. I'm not sure if it's in the current Oakland policy, but I have not seen that anywhere. Nor have I seen anything in policies about how somebody gets off a hot list if they've been inappropriately on it. And I've also never seen any information in a policy about what does an agency consider before it allows another agency's hot list to be applied to their data. For example, Texas might have different standards for a hot list than say Oakland, but should Oakland be letting Texas run its hot list off their data? I don't know. There needs to be a criteria for them. A few assumptions that I want to address is that almost every law enforcement agency I've looked at has a system where the license plate readers are always on, no matter what, that when a car is driving around with a license plate reader on it, it's just assumed that it is passively collecting all the time. And I just wonder why that's actually necessary. Like why can't we come up with a system where we decide when is an ALPR going to be turned on and off? For example, should an ALPR on a police car be turned on when that officer is off duty and just driving their kids to school or doing whatever? Should if a officer is driving onto a private property, say a mall parking lot, should they turn it off? Or should they collect data from people who are no longer on a public city street? If a police officer responds to a situation at a medical clinic, should they turn off the license plate reader before they go into the medical parking lot? Because otherwise they're collecting information on doctors and patients. If that is, say, an oncologist, you might be able to gather information on people's cancer conditions. If it was a Planned Parenthood, you might be able to, you know, get information about people who are seeking reproductive health care. There's also this assumption that you should just collect everything. And maybe you put a retention period that you collect everything but you get rid of it after a year or you get rid of it after two years. But I always wonder why you actually have to collect everything at all? Why can't you just make a watch list? Define it very well and say we're going to only put stolen cars on this and we're going to put, you know, cars that we know, you know, we've reasonable suspicion or related to a kidnapping and we're only going to collect data on those cars and everybody else gets to, you know, we'll just delete it as soon as it comes in. I haven't seen anybody do that, but I also haven't seen anybody explain why that's a problem. Because most of the things that ALPR is trying to solve can be, can be still dealt with by just limiting things to a hot list. I just want to sort of finish up by saying why it's so important to get this right now, why it's so important to really interrogate these ALPR policies and make sure you have them strong. Because we're looking at two things in the future that are going to really accelerate this. And the first is autonomous vehicles. It may not be very long before a police department or a private company starts acquiring autonomous vehicles, outfits them with ALPR technology and just sets them like little rumbas of the roadway on a grid pattern to vacuum up everything on a very systematic way as opposed to just a passive way. The second is that we are looking at biometrics where face recognition is not being just used to, you know, match somebody's identity but could actually be used like a license plate where you could have instead of license plate readers, you have these face recognition cameras that are collecting people's faces and attaching location information, time date, and then you could search for that person based on their face. And so we really need to make sure that we deal with license plate readers now because these problems are going to get worse and they're going to get more invasive. And so if we can deal with it now, we'll know how to deal with these later. I'm here for any questions. We have a website where you can learn more about our work on police surveillance technology. But thank you for having me and letting me talk about this. Really appreciate it, David. Thank you.