The Los Angeles Police Department and three other California law enforcement agencies have not provided sufficient privacy protections for the hundreds of millions of images collected by automated license plate readers and shared with other jurisdictions, the state auditor said Thursday.
Most of the images collected by the devices are unrelated to criminal cases. The audit found that 99.9% of the 320 million images the LAPD stored came from vehicles that were not on a list of those involved in criminal investigations when the image was made by the automated license plate readers, or ALPR.
State Auditor Elaine Howle said in a letter to Gov. Gavin Newsom and the Legislature that changes were needed to better safeguard the privacy of license plate data collected by the Fresno Police Department, Marin County Sheriff’s Office, Sacramento County Sheriff’s Office and LAPD.
State Sen. Scott Wiener (D-San Francisco), who requested the audit, said he would write legislation to address the problems, including the need for more privacy safeguards and stronger state enforcement to ensure local law enforcement agencies have proper policies.
“I am horrified,” Wiener said Thursday. “We believed that there were problems with the ALPR program, but I did not anticipate the scale of the problem — the fact that we have so many law enforcement agencies that are not complying with state law, including LAPD.”
Wiener had asked for the audit of what he called “mass surveillance” systems, concerned that the information collected might indicate where someone worships or goes to the doctor, or where the person sleeps. He said the systems were supposed to be used for the narrow purpose of identifying crimes.
“Instead, we have law enforcement agencies retaining the data for years and disseminating it broadly,” Wiener said. “It’s very disturbing.”
The findings will likely have consequences far beyond the four agencies examined. Howle said a survey by her office found that 70% of all law enforcement agencies in California either operated or planned to operate an ALPR system.
“This raises concerns that these agencies may share the deficiencies we identified at the four agencies we reviewed,” the audit said.
LAPD Chief Michel Moore said in a letter responding to the audit that his agency had “the utmost respect for individuals’ privacy and currently has policies and procedures in place to safeguard personal information” but that the department was taking additional steps to address the auditor’s concerns.
The automated camera systems mounted on street light poles and patrol cars collect and store license plate images of vehicles passing in their view and enable law enforcement to track a vehicle’s movements over time. The images are compared with a list of vehicles of interest, including stolen cars and those used in crimes, and officers are alerted in real time to their location.
State law requires that agencies adopt policies and safeguards to prevent misuse by describing the system’s purpose, who may use it, how the agency will share data, how the agency will protect and monitor the system, and how long the agency will keep the data.
“However, the agencies we reviewed either did not have ALPR policies or their policies were deficient, and they had not implemented sufficient safeguards,” the audit found. “For example, none had audited searches of the ALPR images by their staff and thus had no assurance that the searches were appropriate.“
Privacy concerns have been raised by groups including the American Civil Liberties Union, which has questioned the collection and storage of data on those not suspected of crimes, including associates and neighbors of suspects.
The audit found that LAPD policy is to retain the license plate data for at least five years. But Mohammad Tajsar, a staff attorney for ACLU of Southern California, said data not involving criminal investigations should be disposed of immediately.
“This audit confirms what we have long suspected: The LAPD treats its license plate reader program like it’s in the Wild West,” Tajsar said. “The LAPD collects an extraordinary amount of license plate hits, keeps them for far longer than most agencies across the country, doesn’t delete the 99.9% of records that aren’t related to a criminal investigation, and has no policy that safeguards the extremely sensitive information that its technology generates.”
The Fresno, Sacramento County and Marin County agencies share their images with hundreds of law enforcement entities throughout the country, the audit said, but they could not provide auditors with evidence that the other entities had a right or need to access the images.
“We are concerned that unless an agency conducts verifying research, it will not know who is actually using the ALPR images and for what purpose,” the audit concluded.
The Los Angeles Police Department shares license plate data with 58 law enforcement agencies in Southern California, including those in San Fernando, Anaheim and Thousand Oaks, and does a better job of recording and controlling which images are shared, the audit found.
Although the vast majority of images stored by the LAPD are not related to vehicles on a so-called “hot list,” the auditors said the stored images could “provide value beyond immediate hit alerts,” allowing officers to search the database to gather information on vehicles present at particular locations and “to track vehicles’ movements at particular times in order to gather or resolve leads in investigations.”
Howle recommended that the state Department of Justice develop a model policy to protect privacy that could be adopted by local law enforcement agencies. She said the state agency should also have the power to make sure agencies complied with policies.
Fresno officials told Howle they will use the audit to help them achieve their goal of building trust in the community. Sacramento County sheriff’s officials said they have already begun implementing many of the recommendations but dispute some of the audit findings.
Moore said in his written response that the LAPD provided extensive training to its employees on accessing the data and that information was only provided on a need-to-know basis. But he said other steps were being taken.
“Although our dedication to protecting individuals’ privacy is covered in our day to day operations and procedures, the department is currently working on an ALPR policy to ensure that the protection of those rights is also memorialized in our Department Manual,” Moore wrote. He said he hoped the department would complete that work by April, and the new document will detail who can access the information and how long it can be stored.
Moore also promised to perform periodic audits to make sure the information is collected and handled properly.