The Department of Homeland Security (DHS) has renewed its controversial plan to provide Immigration and Customs Enforcement (ICE) with access to a national license plate tracking system — just a year after DHS cancelled a similar solicitation after a massive debate erupted over privacy concerns.
In a privacy impact assessment issued last week, DHS indicated it is not seeking to build or contribute to a license plate reader (LPR) database. Before the LPR becomes operational, ICE plans to release an updated privacy impact assessment addressing the privacy concerns surrounding use of information obtained by the LPR.
LPR technology—which is used by law enforcement, repossession companies and parking garages, among others—uses high-speed cameras and related equipment to collect information from all vehicles that pass by the camera. Some LPR systems also capture an image of the environment surrounding the vehicle.
Commercial license-plate tracking systems already are used by law enforcement, FBI and Drug Enforcement Administration. Parking garages and repossession companies also have access to LPR technology. ICE plans to use the information obtained from license plate readers as an investigatory tool in support of its criminal investigations and civil immigration enforcement actions.
Currently, ICE Homeland Security Investigations (HSI) have limited access to LPR data, which has supported investigations into national security threats, illegal arms exports, financial crimes, commercial fraud, human trafficking, narcotics smuggling, child pornography or exploitation and immigration fraud.
Having experienced the benefits of LPR in support of ICE’s mission activities, ICE is now seeking bids from third-party vendors that offer an enterprise-wide commercial LPR solution that can provide HSI and Emergency Removal Operations (ERO) offices with uniform access to commercial LPR data.
ICE intends to implement a framework that will mitigate privacy and civil liberties concerns raised by the commercial acquisition and ICE’s use, storage and maintenance of LPR data. ICE will incorporate the requirements of the framework into any solicitation ICE may issue for acquisition of LPR Data.
The framework will include a number of requirements, including that ICE personnel must receive training on the nondiscriminatory use of the commercial system containing the LPR data.
ICE stated that, “ERO and HSI managers will be held accountable for ensuring that personnel with access to commercial LPR data sets are properly trained and use LPR data appropriately.”
Due to concerns that privacy issues are exacerbated the longer information is retained, the LPR framework will also address timeframes for access to historical LPR records.
“These restrictions will provide essential privacy and civil liberty protections, while enhancing our agents’ and officers’ ability to locate and apprehend suspects who could pose a threat to national security and public safety,” DHS spokeswoman Marsha Catron said in a statement.
In addition to this framework, DHS asserted that current agency policies will foster the proper use of LPR data. For example, DHS indicated LPR data will only be collected and used in accordance with ICE Policy 10029.2, which prohibits enforcement actions in sensitive locations, such as schools and churches, unless exigent circumstances exist.
DHS also prohibits racial profiling during the course of investigations. DHS stated that, “LPR data may not be collected, accessed, used or retained to target or monitor an individual solely on the basis of actual or perceived race, ethnicity or nationality.”
To promote transparency, DHS’s privacy impact assessment emphasized a number of risks to privacy and civil liberties posed by the collection of LPR data and how to mitigate them. DHS said, “There should be no system the existence of which is a secret.”
For example, there is a risk that individuals will not receive adequate notice that their license plate information will be collected by commercial license plate vendor services and shared with ICE. To mitigate this risk, ICE must provide detailed notice to the public about the LPR data itcollects from commercial data sources by publishing an updated privacy assessment before ICE begins using this enterprise-wide solution.
Moreover, LPR data obtained in support of an ERO investigation will be filed in the ICE record-keeping system ENFORCE SORN, which alerts the public ICE collects “biographic, descriptive, historical and other identifying data,” as well as “travel and other information.”
Another privacy risk identified by DHS is that individuals may be unable to consent to the retention and use of their license plate data in a commercial database. Consequently, when practical, DHS will seek individual consent for the collection, use, dissemination and maintenance of private information. Moreover, DHS will also provide mechanisms for appropriate access, correction and redress.
To minimize the risk LPR data may be accessed routinely, even when it is not needed, DHS plans will attempt to prevent overcollection and retention of the information. ICE must also maintain audit logs to deter and discover any abuse or misuse of LPR technology or data.
“ICE is mindful of the privacy and civil liberties implications of accessing commercial LPR data and intends to build constraints into any solicitation for LPR data services that will allow the use of this tool in ways that mitigate the privacy and civil liberties concerns,” ICE said in the LPR privacy impact assessment.
However, privacy advocates are still concerned. The Center for Democracy and Technology (CDT) recently published a blog post stating that, “The program raises serious privacy concerns, with the specter of individuals’ location data being collected on a mass scale, stored for a prolonged period and used without effective restrictions.”
CDT acknowledged the privacy assessment does include some positive changes by acknowledging privacy concerns and opening up public dialogue; however, there is significant risk for abuse of the LPR system.
“The license plate reader program described in the PIA [privacy impact assessment] lacks adequate privacy safeguards and there is a risk that it will become a model for other such programs at other agencies as well as for state and local law enforcement,” CDT said.