Takoma Park's police currently have three mobile license plate readers that they attach to police cars and use while on patrol. These readers help detect stolen vehicles, vehicles that are the subject of some sort of regional alert (for example, an Amber Alert where a vehicle has been associated with an abducted child), and vehicles that have expired license plates.
Years ago, Takoma Park was one of the first jurisdictions in the area to adopt a policy to govern the use of the data captured by those readers. Currently, our policy provides the authority to store data captured by the readers for 30 days, after which it must be deleted.
The proposed policy creates a new statement of policy that only allows data to be used for law enforcement purposes. The proposed policy maintains the limit that data would be kept by Takoma Park for only 30 days and then deleted from City files or computers. The policy newly allows the automatic transfer of data to the Maryland Coordination and Analysis Center (Coordination Center) where it could be kept for up to 1 year. This is similar to the policy in place in the City of Rockville and I understand that Prince Georges County and Montgomery County are having discussions about passage of similar policies.
What would automatic transfer of our data to the state Coordination Center and their retention of the data for one year mean?
The Coordination Center is governed and overseen by state and other legislatures. In fact, it is a helpful bill authored by our State Senator Jamie Raskin and passed by the Maryland legislature this year that makes some of these changes possible. The bill is named SB699 and was passed unanimously by both the Maryland House and Senate. The new state law mandates that:
- law enforcement agencies can only request data for legitimate law enforcement purposes and defines those purposes,
- creates fines and penalties for violation of data use (up to 1 year in jail),
- prohibits data from being subject to Maryland Public Information Act disclosure,
- requires the Coordination Center and State Police to report back annually to the Senate and House Judicial committees on the number of readings collected and requests for data made from the system (by each agencies) and whether those requests resulted in release of information and whether there were any data breaches ;
- establishes reporting and audit requirements to ensure that data requests by individual police agencies or individual officers are tracked and can be audited,
- requires development of an audit procedure for the state database
The Standard Operating Policies of the Coordinating Center for License Plate Readers and data requests are here. Their policy establishes a one-year retention limit on data storage unless the data will become evidence in a criminal or other law enforcement investigation.
The ability to link license plate data to personal information (i.e. identifying the owner of a vehicle) is also regulated under the federal Drivers Privacy Protection Act. This law was authored by Congressman Jim Moran (D- Virginia) and Senator Barbara Boxer (D-California) and signed into law in 1994 by President Clinton.
The ACLU's statement supporting SB699 can be found here and note that it supports the bill but indicates a preference for 30-day retention of the data or limits on the number of readers used in the state. The ACLU put out a policy last summer that you can find here and our policy (in conjunction with the new state policy) meets 8 out of 9 of their recommendations, the exception being the 1-year retention of data.
Why is retained data useful?
I have been on Council for about 3 years and during that time there have been a number of waves or hot spots of crimes like home break-ins that have occurred over many months. Hypothetically, if there was evidence after months linking a suspect to earlier crimes, I understand how our police department's ability to ask for license plate reader information to find out if the suspect's car was in the area during the earlier crimes could be helpful in solving such cases. There are many other scenarios associated with police efforts to solve crimes that I can think of or that our Police Chief has described, that would benefit from a similar ability to request specific data associated with active criminal investigations.
The legislation led by Senator Raskin and passed by the legislature creates safeguards and audits on the use and storage of data that simply didn't exist before, including criminal penalties for inappropriate use of the data.
The proposed policy has already received public testimony at one Council meeting and is scheduled for another work session this Monday night and public comment on the issue at the beginning of the meeting.
I support the proposed policy change although I propose that we add a requirement for our police department to report back to Council on an annual basis on the number and type of their requests for data from the state Coordination Center database.