Barely more than a year after publicly cancelling a request for bids on the construction of a national database of vehicle location data compiled from commercial and government-operated license-plate reader (LPR) cameras, the DHS has quietly revealed that it is once again seeking to buy access to commercially-aggregated LPR data, and that some DHS component field offices are already doing so.
Cameras combined with optical character recognition software allow for automated logging of the license-plate number (and of course the associated time, date, plate, and direction of travel) of every passing vehicle. “Some LPR systems also capture within the image the environment surrounding a vehicle, which may include drivers and passengers,” the DHS acknowledges in its latest Privacy Impact Assessment for DHS use of commercial LPR data.
The only apparent difference between the proposal supposedly nixed in February 2014 and the plans revealed in the March 2015 PIA is that the DHS’s own LPR vehicle, driver, and passenger tracking data won’t be completely merged with LPR data from commercial sources and aggregators — at least not by the DHS itself. The PIA describes a scheme in which the DHS will pay for query-based access to commercially-aggrgated LPR data and the ability to set flags that will generate real-time alerts to the DHS whenever license-plate numbers of interest are observed.
Only the LPR alerts and the responses to LPR queries will be retained in the DHS’s own database, but those will be kept for many years, or in some cases indefinitely.”Retention of data in ICE criminal investigative files is governed by NARA-approved retention schedules, which provide for investigative case files to be retained for at least 20 years and sometimes longer depending on the nature of the case. Immigration enforcement case files are retained in the Enforcement Integrated Database for 75 years.” License-plate reader data is also retained by DHS in the CBP Automated Targeting System. “Information maintained in ATS that is linked to an active law enforcement matter will be retained for the duration of that law enforcement matter.”
The real story, however, is hidden behind a footnote in the PIA: “This PIA does not apply to ICE’s use of LPR cameras to collect information directly, or its use of LPR databases available when its law enforcement personnel are detailed to other agencies, fusion centers, or task forces.” [emphasis added]
“Fusion centers”, “joint task forces”, and other inter-agency law enforcement operations — often involving all levels of Federal, state,, and local entities — have been black holes of government transparency and accountability. Documents released to the ACLU in response to FOIA requests, and made public earlier this year, show that the DHS is encouraging and funding the aggregation of government and commercial LPR data by interagency and Federal-state-local fusion centers and task forces, as part of a “National LPR Initiative”.
Outsourcing the construction of a distributed national ID database to a commercial “hub” indirectly funded by DHS grants channeled through state motor-vehicle departments allows the DHS to deny that it is operating a national ID-card system.
Similarly, outsourcing the aggregation of government and commercial LPR data to fusion centers, task forces, or their contractors (indirectly funded by DHS grants to state and local participants in these joint ventures) gives the DHS “plausible deniability” as to its role in the compilation and exploitation of this dragnet surveillance system.
But the latest DHS scheme for vehicle, driver, and passenger surveillance is no better than the one the DHS was pressured to publicly disavow last year, and deserves just as strong public condemnation.