Tuesday, January 8, 2013

Privacy comissioner has ordered the Victoria police to change the way they use automated license plate recognition cameras.

Canada - B.C.’s privacy commissioner has ordered the Victoria police department, and other police forces, to change the way they use automated license plate recognition cameras, amid fears the technology could become a mass surveillance technique.

Commissioner Elizabeth Denham released an investigative report into VicPD’s usage of the cameras Thursday, saying she’s “very concerned” about how police forces might retain and later use the personal information of people who have committed no crime and done nothing wrong.

The cameras, which are mounted on police cruisers, automatically scan the license plates of passing vehicles. The cameras can record 3,000 licence plates per hour, and automatically flag drivers who have outstanding warrants, dangerous criminal histories or expired insurance, among other infractions.

The “non-hit” data on drivers who have done nothing wrong, is still recorded by the machines and later dumped into an RCMP database, where the Mounties say it is later destroyed.

However, Victoria police chief Jamie Graham, and senior RCMP officials, have publicly said they’d like to keep that non-hit data. The RCMP has said it could potentially compile a list of times and locations of innocent people, which can be later used to check their alibis if they are accused of a future crime.

That’s against the law because the police forces aren’t obtaining people’s consent, said Denham.“Collecting personal information for law enforcement purposes does not extend to retaining information on the suspicion activities of citizens just in case it may be useful in the future,” she wrote in her report.

The data on drivers that have done nothing wrong should be automatically and immediately deleted from the license plate recognition computer, said Denham.

Denham also recommended the Ministry of Justice more accurately describe the mandate of the license plate cameras and inform the public about the full scope of the program.

It’s unclear whether Victoria police will follow Denham’s recommendations. If the force chooses not to, Denham said she can make a legally-binding order.

Lawsuit by Florida state trooper raises concerns about protection of state's database of drivers license info.

From PogoWasRight.org:

There’s a case in Florida, where law enforcement personnel improperly accessed a fellow officer’s records – but not just out of idle curiosity, perhaps.

Ed Krayewski reports:
Did you hear the one about the state trooper who pulled over a cop car speeding at more than 120 miles per hour on the Florida Turnpike? (Full video here, excerpts below) The incident happened back in 2011; Donna Watts, a Florida state trooper, pulled over Miami police officer Fausto Lopez, who was off-duty and headed for a second job in his patrol car. His colleagues at the Miami Police Department jumped to his defense, with one union official calling the trooper’s actions “completely unprofessional and very reckless.” Retaliations began soon after. Almost a year later Officer Lopez was finally fired for the incident.
Now, the Sun Sentinel reports that the state trooper has filed a lawsuit related to the retaliation she experienced after the incident.
Read more on Reason. The Sun Sentinel uploaded the complaint here.

One of the issues raised in the complaint concerns access to and security of the D.A.V.I.D. database the defendants allegedly accessed. The complaint alleges that the officers viewed Watts’ private and highly-restricted personal information including her home address, color photograph or image, social security number, date of birth, state of birth, detailed vehicle registration information and description, prior and current home and mailing addresses, emergency contacts and those contacts private and highly-restricted personal information.
So who is responsible for ensuring the security of that database and access to it? According to Watts’ complaint,  both the DHSMV and FDLE have responsibility for the D.A.V.I.D system.

When law enforcement personnel abuse access to a database that contains a lot of personal information, it raises serious questions about privacy and the rule of law.  When states fail to adequately protect and secure such databases, it poses serious risks of identity theft as well as issues of civil liberties.

I asked what Minnesota is going to do about the repeated breaches involving its database of driver’s license information.  We need to ask Florida the same question.

Public not allowed to see who (police) viewed their driver's license data.

The Minnesota Department of Public Safety, which oversees the driver's license database, refuses to tell people the names of users -- generally public employees -- who have looked up their information. Perhaps the most high-profile citizen getting stonewalled by the state is Hennepin County Sheriff Rich Stanek, who is sparring with the department over what he believes were inappropriate queries into his driver's license records.

The Driver and Vehicle Services (DVS) database, which contains addresses, photographs and driving records on nearly every Minnesotan, is protected under state and federal law. State records show that public employees frequently have misused the database by running people's names without a business purpose. That is the subject of a major lawsuit that recently ensnared police officers across Minnesota, as well as a criminal case pending against two Minneapolis employees.

Stanek learned in June that employees at 21 agencies, including his own office, had accessed his records over several years. Some of the queries came from as far away as Wells, Minn., a small town 117 miles south of Minneapolis that he has never visited. The Department of Public Safety would not provide him with the names of the users.

"I believe that some or all of these requests may have been without a legitimate government purpose," Stanek wrote in a December letter to the Department of Administration, asking for an advisory opinion on the matter. The Department of Public Safety "and DVS appear to have purposely created obstacles to deny me an opportunity to track illegitimate access."

Members of the public have rights under the Minnesota Data Practices Act to access government information about themselves.

But the public safety department told Stanek that provisions of the law governing undercover officers and security data prevented it from releasing the names.

In a separate letter a month later, the agency changed its legal reasoning for the refusal and instead cited an obscure section of the law concerning "electronic access data."

A Star Tribune reporter, Randy Furst, had a similar experience when he made a request for recent inquiries into his driver's license file and learned that employees at 16 named agencies had pulled his records over three years.

Several of the lookups took place at the same time Furst had contacted agencies while reporting on the scandal-ridden Metro Gang Strike Force.

The Department of Public Safety cited the "electronic access data" provision in denying a request for the officer names.

Local governments learned this year that financial consequences can accompany employees misusing DVS records when Anne Marie Rasmusson, a former St. Paul police officer, sued agencies across the state alleging misuse. She has won more than $1 million in settlements so far.

Rasmusson, like Stanek, could not get the names of those who accessed her file through state public records requests. She learned almost all of them after filing a lawsuit and using the discovery process.

No comments: