In a report released last week, B.C.'s Information and Privacy Commissioner Elizabeth Denham took a stiff shot at the use of Automatic License Plate Recognition (ALPR) technology by the Victoria Police Department. Valuable as Denham's efforts are, however, it will likely take more than just her efforts to bring this ever-expanding surveillance system back in line with privacy law.
The ALPR system, after all, was developed by and remains in the control of the RCMP. Victoria and other police departments use the system under an agreement with the Mounties. The system uses cameras and computers to log about 500 license plates per unit per day, then checks the recorded plate numbers against various lists for things like stolen cars, unlicensed or uninsured drivers, and other types of wrongdoing.
If a scanned plate matches any of the entries on these lists, it registers in the system as a "hit" and is stored on an encrypted flash drive. At the end of the day, the local officer turns that drive over to the RCMP. The problem is that flash drive also includes all the other plates that were scanned during the shift. This is called "non-hit" data and includes such things as the location of a vehicle at the time of scanning.
The RCMP says it deletes the "non-hit" information within 30 minutes of getting the drives back, and Victoria PD says it is not able to delete the data directly. But in recent months, the Mounties have indicated that they want to keep that data for a much longer period of time, claiming that it might be useful for some other purpose in the future.
In her report, Denham pointed out a number of problems with this system of collection, and raised serious concerns about how it works to move us even closer to a surveillance society.
"In recent media reports, law enforcement agencies have openly discussed the possibility of retaining non-hit data," she wrote.
"In my view, the use and disclosure of this information for unspecified purposes would not be justifiable under FIPPA [Freedom of Information and Protection of Privacy Act]. Collecting personal information for law enforcement purposes does not extend to retaining information on the suspicionless activities of citizens just in case it may be useful in the future."
Although she says the use of the ALPR system to collect information specifically and clearly connected to law enforcement efforts can be justified under this province's privacy law, "non-hit" data is not related to law enforcement in any sense, and so its collection can't be justified under FIPPA.
But even the hits are questionable, since the ALPR system doesn't just flag things like stolen cars or uninsured motorists. It also includes as hit data anything that falls into the broad category of "other pointer." This is an exhaustive list and includes everything from people out on parole to those who have threatened or attempted suicide. Denham questioned the relevance of this kind of data to law enforcement efforts, and wisely argued that this category should be cut back considerably to include only what the police actually need.
Finally, she said the system should be reconfigured so that all of the information not related to law enforcement would be deleted immediately, rather than sending all of it to the RCMP.
As Denham points out, though, the RCMP is not under her jurisdiction, so she can't bring them into line. But the RCMP simply shouldn't be running a surveillance system on people who haven't broken any law, and they shouldn't be able to take advantage of the federal-provincial jurisdictional split to do so either.
This means Canada's Privacy Commissioner Jennifer Stoddart is going to have to school the Mounties on what privacy rights really mean, and why setting up a massive "just in case" database is not only a bad idea, it's against the law.