Automated License Plate Readers Threaten Abortion Access. Here's How Policymakers Can Mitigate the Risk

Over the last decade, a vast number of law enforcement agencies around the country have adopted a mass surveillance technology that uses cameras to track the vehicles of every driver on the road, with little thought or respect given to the ways this technology might be abused. Now, in the wake of the U.S. Supreme Court’s Dobbs ruling, that technology may soon be turned against people seeking abortions, the people who support them, and the workers who provide reproductive healthcare.

We’re talking about automated license plate readers (ALPRs). These are camera systems that capture license plate numbers and upload the times, dates, and locations where the plates were seen to massive searchable databases. Sometimes these scans may also capture photos of the driver or passengers in a vehicle.

Sometimes these cameras are affixed to stationary locations. For example, if placed on the only roads in and out of a small town, a police department can monitor whenever someone enters or leaves the city limits. A law enforcement agency could install them at every intersection on major streets to track a person in real time whenever they pass a camera. 

Police can also attach ALPRs to their patrol cars, then capture all the cars they pass. In some cities police are taught to do “gridding,” where they drive up and down every block of a neighborhood to capture data on what cars are parked where. There is also a private company called Digital Recognition Network that has its own contractors driving around, collecting plate data, and they sell that data to law enforcement.

For years, EFF and other organizations have tried to warn government officials that it was only a matter of time before this technology would be weaponized to target abortion seekers and providers. Unfortunately, few would listen, because it seemed unthinkable that Roe v. Wade could be overturned. That was clearly a mistake. Now cities and states that believe abortion access is a fundamental right must move swiftly and decisively to end or limit their ALPR programs.

How ALPR Data Might Be Used to Enforce Abortion Bans

ALPR technology has long been valued by law enforcement because of the lax restrictions on the data. 

Few states have enacted regulations and, consequently, law enforcement agencies collect as much data as possible on everyone, regardless of any connection to a crime, and store it for excessively long periods of time (a year or two years is  common). Law enforcement agencies typically do not require officers to get a warrant, demonstrate probable cause or reasonable suspicion, or show really much proof at all of a law enforcement interest before searching ALPR data. Meanwhile, as EFF has shown through hundreds of public records requests, it is the norm that agencies will share ALPR data they collect broadly with other agencies nationwide, without requiring any justification that the other agencies need unfettered access. Police have long argued that you don’t have an expectation of privacy when driving on public streets, conveniently dodging how this data could be used to reveal private information about you, such as when you visit a reproductive health clinic.

That means there’s very little to stop a determined police investigator from using either their own ALPR systems to enforce abortion bans or accessing the ALPR databases of another jurisdiction to do so. If a state or city wants to protect the right to seek an abortion, they must ensure that places that have criminalized abortion cannot access their data.

Here are a few examples of how this might play out:

Location Searches: Many ALPR software products, such as Motorola Solutions’ Vigilant PlateSearch, offer a “Stakeout” feature, which an investigator can use to search for vehicles seen or regularly seen around a specific location. It would be relatively easy for an investigator to query the address of an abortion clinic to reveal the vehicles of patients, doctors, and others who visit a facility. Once obtained, those license plates could be used to reveal the person’s identity through a DMV database. Or the license plates could be entered back into the system to reveal the travel patterns of those vehicles, including where they park at night or whether they crossed state lines. Remember, with so many agencies sharing data across state lines, an investigator in a pro-ban jurisdiction can easily query the data from an agency in a jurisdiction that supports abortion access.

Hot Lists: Most ALPR products used by law enforcement allow officers to create a “hot list,” essentially a list of license plates that are under suspicion. Whenever a hot-listed plate is spotted by an ALPR, officers are alerted in real-time of its location. These hot lists are frequently shared across jurisdictions, so that police in one jurisdiction can intercept cars that have been flagged by another jurisdiction.

If a state were to create a registry of pregnant people, they could build a hot list of their license plates to track their movements. If a state has criminalized providing, assisting, or giving material support for out-of-state abortions, investigators could create a hot list of “abetter” vehicles. For example, they could scrape public medical licensing databases, retrieve information from an anti-abortion activism website that publishes dossiers on medical professionals, or infiltrate a private Facebook group to obtain the identifies of members providing resources to abortion seekers. Then they could query DMV databases to obtain the license plates of those individuals. With a hot list of those plates, ban-enforcement investigators would get an alert when a target has crossed into their state and can be intercepted for arrest.

While that might seem a bit far fetched, we would remind policy makers that overturning Roe also once seemed highly unlikely. These are threats we need to address before they become an everyday reality.

What Policy Makers Can Do About ALPR

Through EFF’s Atlas of Surveillance project, we have identified nearly 1,000 law enforcement agencies using ALPRs, but we believe this to be a significant undercount. In California, which has taken a hardline stance in favor of abortion access, at least 260 agencies are using ALPRs.

Policymakers in states that support abortion access may be looking for easy solutions. The good news is there is one super easy and instant way to protect data: don’t use ALPRs at all. A prosecutor bent on prosecuting abortions can’t access your data if you don’t collect it.

Unfortunately, few lawmakers have found the courage to take such a solid, strong stance for the privacy rights of their constituents when it comes to ALPRs. And so, we have compiled a few other mitigation methods that lawmakers and agencies can consider.

1. Forbid ALPR Data for Ban Enforcement. Government agencies should explicitly prohibit the use of their ALPR data for abortion ban enforcement, as the city of Nashville recently did. An agency that seeks to protect abortion access could even go so far as to declare using data for ban enforcement as a form of official “misuse,” subject to penalties. Another approach is to limit ALPR use to only certain, very specific serious felonies. 

California state law also requires agencies to only use ALPR data in ways that are consistent with privacy and civil liberties. Since abortion access has long been a privacy right in California, agencies should already be doing this.

2. Limit Sharing with External Agencies. Governments should prohibit sharing with external agencies, especially agencies in other states, in order to protect abortion seekers crossing state lines and to protect providers in their state from being investigated by other states. EFF research has found that agencies will frequently give hundreds of other agencies across the country open access to their ALPR databases. Pro-choice municipalities in states with bans should also ensure their data is not being shared with neighboring law enforcement agencies.

An agency that wants to access ALPR data should be required to sign a binding agreement that it will not use data for abortion ban enforcement. Violations of this agreement should result in an agency’s access being permanently revoked.

In California, it is illegal for agencies to share ALPR data out of state; nevertheless, many agencies are careless and do not vet the agencies they share with. EFF and the ACLU of Northern California successfully sued the Marin County Sheriff’s Office on behalf of community activists over this very issue in a case settled earlier this year. 

On a similar note, law enforcement agencies should not accept hot lists from any agency that has not agreed—in writing—to prohibit the use of ALPR data for abortion ban enforcement. Otherwise, a law enforcement agency in a pro-choice jurisdiction risks alerting an anti-choice jurisdiction of the whereabouts of abortion seekers or reproductive health providers.

3. Reduce the Retention Period. Governments should reduce the retention period dramatically. Many agencies hold data for a year, two years, or even five years. There’s really no reason for this. Agencies should consider taking New Hampshire’s lead and reduce the retention period to three minutes, except for vehicles already connected to a non-abortion-related crime

4. No ALPRs Near Reproductive Health Facilities. Law enforcement agencies should not install ALPRs near reproductive health facilities. Agencies should either prohibit their officers from using patrol-vehicle mounted ALPRs to canvass areas around reproductive health facilities, or require them to turn ALPRs off when approaching an area with such a facility.

5. Mitigate the Risk of Third Party Hosting. Agencies should be aware of the risks when they store ALPR data with a cloud service provider. Investigators enforcing an abortion ban may go straight to the cloud service provider with legal process to access ALPR data when they think a pro-choice agency won’t voluntarily provide it. Addressing this is complicated and will depend on the resources available to the law enforcement agency. At a minimum, an agency should implement sufficient encryption practices that only allow the intended user to access ALPR data and prevent third parties, such as vendor employees and other unauthorized parties, from accessing the data. One avenue to explore is locally hosting the ALPR data on servers controlled by the agency, or by a collaborative network of like-minded local agencies. However, agencies should be careful to ensure they are capable of implementing cybersecurity best practices and standards, including encryption and employing staff who are qualified to protect against ever-evolving security threats. Another option is to seek a cloud provider that offers end-to-end encryption, so that the company’s employees can’t access the encrypted data. This may result in an necessary tradeoff of some software features to protect targeted or vulnerable populations, such as abortion seekers.

6. Extra Scrutiny for External Requests for Assistance. Even if a law enforcement agency cuts off other agencies’ direct access to ALPR data, they may still receive requests for assistance in investigations. Officials must scrutinize these requests closely, since the language used in the request may intentionally obfuscate the connection to an abortion ban. For example, what may be described as a kidnapping or attempted murder may actually be an attempt at abortion ban enforcement from a state with a fetal personhood law. Agencies can try to address this by requiring the requestor to attest that the investigation does not concern abortion.

7. Training. Agencies should ensure that reproductive rights are explicitly covered in all ALPR training (and, for that matter, all training regarding surveillance data). Agencies should not allow ALPR vendors to provide the training courses, since many of these companies sell their products (and the promise of interagency data sharing) to law enforcement agencies in abortion-ban jurisdictions.

8. Robust Audits. Agencies should already be conducting strong and thorough audits of ALPR systems, including data searches. These audits should include examining all searches for potential impacts on access to reproductive healthcare. No user should be able to access the system without documenting the reason and, when applicable, the case or incident number, for each search of an ALPR system or hot list addition.

Protecting ALPR-Adjacent Data 

In order for ALPR data to be useful, law enforcement agencies often must also access vehicle registration data or criminal justice information systems. 

Pro-choice government officials, particularly at state-level law enforcement agencies and DMVs, must take a hard look at databases that contain information on drivers and vehicles and how that data is shared out of state, and prohibit other states from accessing that data for abortion ban enforcement. If law enforcement in another state refuses to agree to such a restriction, they should no longer have direct access to the system. 

California has already done this in another context. Following the passage of the California Values Act, the California Attorney General defined accessing the statewide law enforcement database for immigration enforcement as misuse. This resulted in revocation of access from a subset of U.S. Immigration and Customs Enforcement that refused to sign an agreement agreeing to this restriction.

The Problem of Commercial ALPRs

Even if a law enforcement agency takes all these precautions, or shuts down its ALPR program, investigators in abortion ban states still have another avenue to obtain ALPR data: private databases.

For example, Digital Recognition Network (DRN Data), a subsidiary of Motorola Solutions, contracts with private drivers (often repossession companies) to collect ALPR data en masse in major cities around the country. If an officer in an abortion ban state wants to look at ALPR data in a state that guarantees abortion access, but can’t connect to the official law enforcement databases, they can go to this commercial database to obtain information going back years.

What’s worse is that private actors can also access this database. DRN sells access to ALPR data to private investigators, who only need to check a box saying that they’re querying the data for litigation development. With the passage of SB 8 in Texas, private actors now have the ability to sue to enforce the state’s abortion ban. Unfortunately, anti-abortion activists for years have been compiling their own databases of license plates of abortion providers; now they can use that to query private ALPR databases to surveil abortion seekers and reproductive healthcare providers.

This is a difficult problem to solve, since private ALPR operators have often made First Amendment arguments, asserting a right to photograph license plates and sell that information to subscribers. However, many law enforcement agencies—including major federal agencies—also subscribe to this data. A government agency that purports to support abortion access should consider ending its subscription, since it amounts to subsidizing a surveillance network that will one day, if not already, be used to persecute abortion seekers.

Preventing Predictable Threats

Lawmakers who support reproductive rights need to recognize that abortion access and mass surveillance are incompatible. Years of permitting unrestrained access to privacy-invasive technologies that allow police to collect sensitive data on everyone are the proverbial chickens coming home to roost.

Lawmakers in states like California first saw this happen with surveillance technology turned on immigrant communities. To their credit, they rushed to patch the systems, but they failed to look at the horizon to see what was coming next, such as the persecution of abortion seekers or families of youth seeking gender-affirming healthcare. 

Now these leaders must start undoing the dangerous surveillance systems they’ve facilitated. They must reject the collect-it-all claims from the law enforcement community that project public safety miracles without surfacing the potential harms. They must start writing future-looking policies for surveillance that anticipate and address the worst case scenarios.

While our guidance above specifically addresses abortion access, we acknowledge a major weakness. The strongest reforms are not piecemeal protections for whichever vulnerable group is under attack at the moment, but a complete overhaul that protects us all. 

visit original source at eff.org



Categories: Electronic Frontier Foundation

Tags:

Leave a Reply