CBP Has Access To Billions Of License Plate Images Collected By Private Companies

from the too-much-is-never-enough dept

The Customs and Border Patrol (CBP) has a thirst for license plate images. It wants as many as it can get. And as far inland as it can get without straying from the areas it's really supposed to be keeping its eyes on: the nation's borders. Two consecutive Privacy Impact Assessments of the agency's automatic license plate reader program came to the same conclusion: if you don't want to get your plate read, don't drive anywhere. Sure, it may seem easy to avoid the border, but the agency is allowed to do its border protecting stuff up to 100 miles from any border, which includes coastlines and international airports.

But it's not enough that the CBP has an unknown number of plate readers in operation. The information captured by its camera network apparently isn't comprehensive enough. So it's been buying access to other license plate image databases. As Joseph Cox reports for Motherboard, the CBP is making use of plate images gathered by private companies to round out its surveillance of Americans.

The PIA [Privacy Impact Assessment] did not name the specific commercial database. But a source in the private investigator industry, which makes use of commercial license plate databases, suggests the supplier is likely Vigilant Solutions and its sister company DRN which collects the license plate data in the first place.

"DRN is the only one I know that collects the data. The other companies that advertise this service as a search buy from DRN," Igor Ostrovskiy, principal at private investigator firm Ostro Intelligence, who has used the DRN system, told Motherboard. With the consent of the target, a source previously tracked a target for Motherboard using DRN's vast license plate reader system.

Vigilant is home to what is likely the largest database of plate images in the business. The company sells access to an unknown number of law enforcement agencies. Some agencies get free access in exchange for a cut of any fines and fees collected by law enforcement as the result of plate reader hits. As of a half-decade ago, Vigilant was home to two billion license plate photos, with 100 million more being added daily by its network of cameras.

But Vigilant's network isn't just its hundreds of law enforcement owned plate readers. It's also the hundreds run by private companies that allow Vigilant to sell access to the plate images they've collected. As Cox reports, this has turned two billion images (as of 2015) to nine billion images -- much of this "crowd-sourced" from hundreds of repo men using Vigilant equipment.

So, the CBP's Privacy Impact Assessment isn't accurate. It may be accurate as far as suggesting not driving is the only way to prevent your license plate from ending up in the CBP's database. But to suggest staying out of areas "impacted" by CBP activity might allow you to elude this collection is patently false. If the CBP has access to this database, plate/location info from drivers nowhere near the CBP's enforcement areas is still making its way to the CBP via Vigilant's numerous private company contributors.

And this collection isn't subject to the CBP's rules, which limit searches to five years of plate/location data and removes cached, non-hit searches within 24 hours. The CBP may not have control of this collection -- it remains solely in the hands of Vigilant -- but claiming (as the CBP does in Cox's article) that query-only access is somehow a completely different thing is disingenuous. While it may make exploitation of the database more difficult for the CBP, it's still access to billions of plate records the CBP hasn't shown it should legally or logically have access to. The CBP can dip into it whenever it wants and operate outside of its own ALPR guidelines while doing it. There are no downsides. The CBP gets access to billions more plate images without having to deal with the infrastructure side of it. More plates, lower costs, fewer headaches. Win win win.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: 3rd party doctrine, 4th amendment, cbp, license plate images, privacy
Companies: drn, vigilant solutions


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Anonymous Coward, 25 Jul 2020 @ 1:42am

    Re: What about "no expectation of privacy in public"?

    The problem is not the photographs, but rather the databases they end up in. Being photographed or filmed by lots of cameras where the images and films are kept separate does not a universal tracking system make. Yes such a system allows someone's actions and movement to be traced after some event, if their is a reason to expend the man power needed to obtain and analyse all the photos and videos.

    Th real privacy invasion comes when everything is put into a single database, and where automatic means, such as number plate recognition, or facial recognition are used to identify vehicles and people.

    The cause of the problem is not the camera, but rather large scales databases.


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Special Affiliate Offer

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.