Forget privacy. It’s gone. The barn door was left open long ago. What remains is to try to control how government and, at least as important, private commercial interests use the data they harvest by the terabyte.
The latest intrusion is the license plate readers that seem to be becoming ubiquitous. Police use the license plates to search for stolen vehicles and owners with warrants outstanding. But they also save all the plate information without any specific urgency other than building a database that may help later to solve a crime. Businesses use them to build their own databases of driver habits they can market for profit.
The Wall Street Journal has reported that the U.S. Drug Enforcement Administration is building a national database of license plates to track the movement of vehicles around the United States. The paper said the DEA is using data from its own readers as well as those operated by state, local and other federal law enforcement agencies.
It’s all legal. The same law that allows a citizen to take photographs while standing on public property allows the same for everybody else. The differences are in the availability of high-tech equipment, the motivation to use it and the ability to track the movements of millions of Americans, whether they like it or not and whether they even know it or not. It’s that ability to track, profit from and even abuse that personal information that should worry Americans and, with them, their state and federal representatives.
Governments seem, at this point, mainly to be using the data responsibly. There are exceptions, such as the police officers in Minnesota who looked up the driver’s license record of a female colleague hundreds of times, according to the Minneapolis newspaper City Pages.
For the most part, though, law enforcement agencies appear to use this data with discretion. Of 164,000 license plates that police scanned in Rhinebeck over a three-month period, for example, only eight were of interest in police matters, according to the New York Civil Liberties Union. In Erie County, the vast majority of scans captured are held for one year and then purged. That seems like a sensible policy, assuming it is reliably followed.
Still, rules can be insufficient to the need and, as the Minnesota example underscored, even disregarded. There need to be formal restrictions in place – rules for the circumstances under which such data can be accessed and, for those who would violate those rules, penalties sufficient to deter abuse.
Something similar needs to be put in place regarding the private use of personal data swept up on the streets that Americans use. The ability for companies to collect that data legally is clear, but it is sensible to implement rules, if for nothing else than at least to define the purposes for which it can be used.
It’s an awkward situation. The data collection is clearly legal and, as far as anyone knows, being used for legal purposes. But the world has changed and the law needs to keep up. We’re not talking about individuals taking pictures, but the tracking of human activity, to satisfy government or business interests.
In a potentially hostile landscape of license plate readers and hovering drones and face-recognition technology and fingerprint readers and Internet tracking and GPS data and dozens of other double-edged swords, both enabling and threatening, the country needs to establish common standards that do something to ensure that the relentlessly collected data is handled carefully and used ethically.
Powerful forces will array themselves against any such restrictions. Count those forces among the reasons the rules are needed.