
A California mall operator is sharing license plate tracking data with ICE - srameshc
https://techcrunch.com/2018/07/10/alpr-license-plate-recognition-ice-irvine-company/
======
blitmap
I wonder where we're supposed to go from here. After 9/11 I worried about
having something as convenient as Google Maps. Now we have more real-time
surveillance and going outside I know I will be tracked and collected and
bought and sold to private companies and the government. There's a
psychological cost to knowing you're watched/exploited every time you go
outside. In the past this was limited to what _people_ might have seen you do
in the public view. Now there are large distributed systems in place to
collect an itinerary of your movements - even if you're not the focus of a
search. I was born in California, and I don't feel like these systems keep me
safer. It makes me want to participate in society less. Maybe I'm just
paranoid. I wonder what this at scale, alongside other tracking systems, will
do - and how it changes our behavior. I feel harmed by this.

~~~
vinchuco
> Maybe I'm just paranoid

This common saying.

I'd rather be paranoid and informed than blissfully ignorant. But a person can
only process so much while carrying on with their lives.

The jewel beetle attempts to mate with an amber glass bottle it finds
attractive until it dies from exhaustion.

[https://www.npr.org/sections/krulwich/2013/06/19/193493225/t...](https://www.npr.org/sections/krulwich/2013/06/19/193493225/the-
love-that-dared-not-speak-its-name-of-a-beetle-for-a-beer-bottle)

We increasingly manufacture our own deception. Deep fakes, targeted
advertising, you name it. We are both the beetle and bottle designers. It is
definitely worth thinking about.

It's much easier to design glass bottles than to save beetles from the best
and worst time of their lives.

Now, as crafty bottle designer, think of all the stuff you could do, given the
necessary resources.

------
JumpCrisscross
“California malls” is too forgiving a headline. It’s one company, Irvine
Company, a group with locations in the Bay Area [1]. They have phone numbers
on their websites [2]. Reaching out to their retailers, particularly those
with locations in Mexico, couldn’t hurt either.

It might not be a bad idea to also compile a list of their retailers’ investor
relations and Twitter accounts and tweet this article to them (here's their
store directory [3]). I just started e-mailing the brands I know.

[1]
[https://www.shopirvinecompany.com/centers/](https://www.shopirvinecompany.com/centers/)

[2]
[https://www.shopirvinecompany.com/about/contact/](https://www.shopirvinecompany.com/about/contact/)

[3] [https://www.shopirvinecompany.com/directory/store-
directory/](https://www.shopirvinecompany.com/directory/store-directory/)

~~~
ipsin
Given this news, I'm going to contact some other large mall chains (e.g.
Westfield), in the hopes that they'll confirm that they don't give out license
plate data to third parties.

I'll be interested to see how they respond.

~~~
s73v3r_
Better yet, ask them to confirm that they don't track this stuff in the first
place.

~~~
JumpCrisscross
> _ask them to confirm that they don 't track this stuff in the first place_

I could see a reasonable case being made for collecting these data, storing
them for a few weeks, and then deleting them, to protect against thieves.

The problem here is that for the government to collect these data, they would
need to follow certain processes. A private actor who isn't following those
processes is placing those data with the government, thereby circumventing a
critical check on police power.

~~~
williamscales
This seems to be the latest trick. The same thing was happening with the cell
phone location data. We should start referring to this as "data laundering".

~~~
inetknght
> _" data laundering"_

Don't mind if I do start referring to online abuses of privacy as such

------
narrator
I read articles like this and I think that one's opinion on this is directly
correlated with whether one thinks that immigration laws should be enforced. I
don't think most people are calling for immigration laws to be eliminated and
anyone who manages to make it here should be allowed to stay indefinitely.

What I don't get is the whole selective enforcement of laws thing. If someone
somehow managed to get across the border that gets the person some sort of
award for sneaking past the border patrol and thus a right to stay here for
being a particularly sneaky lawbreaker? The legal reasoning behind all this
just strikes me as ridiculously convoluted.

~~~
test6554
I feel like there are two types of people, those who respect property rights
and those who don't.

You might say that one type of person wants everyone to be like docker
containers, not interfering with one-another and another type of person wants
to be like a monolithic application where anyone's problem becomes everyone's
problem, but free resources are to be shared.

~~~
hartator
That’s a very bad analogy.

------
Skunkleton
To me the issue here is that this data is collected in the first place. It
seems wrong to me that private corporations are tracking my every move.

~~~
sverige
How is anyone in SV going to eat if private corporations can't track our every
move? I mean, not everyone takes cab rides or rents private homes when they
travel, but almost everyone uses the internet for _something._ And those
people need to be tracked, or there's no money to be made.

~~~
walrus01
> How is anyone in SV going to eat if private corporations can't track our
> every move?

I work for an ISP and we do not track our customers. At all. We bill them and
they receive a reliable service that performs as advertised. Maybe we could go
back to the oldschool model of actually selling a product or service,
delivering it to the customer, and keeping the customer happy?

~~~
jefurii
Which ISP is this? (interested)

~~~
pubutil
I’m not walrus01 but I know of a few ISPs in the Bay Area that put an emphasis
on net neutrality and users’ privacy, on top of running a good service: Wave
on the SF/Daly City side, and Sonic’s running fiber in the East Bay. Both have
impressed me, especially Sonic which provides their own VPN and runs a public
wiki that rivals my company’s internal IT wiki. I’ve also heard good things
about LMI but I have no personal experience with them.

------
ggg9990
The headline is completely misleading and actually understated the problem.
One California mall developer is sharing their license plate data with one
third party company which may or may not be sharing this data with other
parties. This is worse because

1) companies have gotten so big that one company can control a huge number of
shopping malls

2) huge-scale data collection and transmission is so easy/cheap that one
decision by one person can affect the privacy of hundreds of thousands of
people

3) the “service” model of software delivery makes it much harder to know what
is or isn’t being done with the data that you’re generating by using that
software

------
nerdponx
The fact that private malls are even tracking license plates to begin with is
disturbing. Obvious in hindsight, but disturbing.

~~~
tomohawk
Many malls are high crime areas. Car theft is often much higher at malls, for
example. The owners of these malls have a responsibility to provide a safe
environment.

There have been a few malls in our area that closed after gang related
activity and violence in their vicinity became known. If you are a mall owner
and have this happen, would you not be remiss to take measures to try to know
who is visiting your property and using it as a place to conduct illegal
activities?

If a car shows up that is registered to someone on a warrant for a violent
crime, should the mall owner do nothing? Not their business?

What about a car registered to someone who lost their license due to DUI? What
if that person frequents the mall and kills someone with their car?

~~~
jsjohnst
You need to lay off the FUD! The reason these are installed generally has
nothing to do with crime (outside parking enforcement at most). It’s done for
marketing and tracking purposes. Brick and mortar stores are desperate for the
kind of data that online retailers have access to about customers and the
folks making the purchasing decisions generally don’t have the first clue
about privacy implications.

Source: I worked for a company doing something vaguely similar (we covered the
inside of stores, not the parking lot). I spent my time there working to
provide best in class anonymization to only allow aggregate data.

As to your specific fear mongering questions:

> If a car shows up that is registered to someone on a warrant for a violent
> crime, should the mall owner do nothing? Not their business?

1) that data isn’t generally publicly available to them

2) that’s why you hire security guards

> What about a car registered to someone who lost their license due to DUI?
> What if that person frequents the mall and kills someone with their car?

1) again, not generally publicly available

2) what makes you think the drivers licenseless person could be the only
driver

------
npi
I'm not sure why all of the furor exists over a group of commercial properties
doing this. The reality is that there are so many entities collecting this
same information at so many places, and selling it to private parties, and
keeping historical records for years - that there's not a good way to unring
this bell. We just happened to find out about this one and the media is
highlighting that ICE purchases the data.

Scores of police departments and other government agencies run ALPR cameras,
and share the results with Vigilant and other companies so that they can have
access to all of the results that Vigilant holds. Philadelphia PD even ran
unmarked vehicles with ALPR equipment bearing a Google Maps logo a few years
back.[1]

Repo companies and others are sending out drivers in vehicles with ALPR
cameras who patrol mall parking lots, apartment complexes, etc and then upload
all of that data to one of several companies including Vigilant. These folks
can scan 15,000 plates a day without a lot of effort.

Homeowner associations and apartment complexes (or their security companies)
also frequently have these ALPR cameras along the paths of ingress or egress.

Universities are using ALPR for parking enforcement (and then selling the data
to companies.)

[1][https://motherboard.vice.com/en_us/article/kb77dm/philly-
pol...](https://motherboard.vice.com/en_us/article/kb77dm/philly-police-admit-
they-disguised-a-spy-truck-as-a-google-streetview-car)

------
grizzles
That was fast:

 __“Irvine Company is a customer of Vigilant Solutions. Vigilant employs ALPR
technology at our three Orange County regional shopping centers. Vigilant is
required by contract, and have assured us, that ALPR data collected at these
locations is only shared with local police departments as part of their
efforts to keep the local community safe.” __

From:[https://www.irvinecompany.com/press-release/irvine-
company-s...](https://www.irvinecompany.com/press-release/irvine-company-
statement-regarding-erroneous-report-about-alpr-technology-use/)

------
sixdimensional
The malls in Southern California also use machine vision to detect your
gender, approximate age, sentiment and unique facial structure through unique
identifier tracking. If they have you from your license plate, to when you’re
in the mall, as well as any information they can glean from your cell phone
signal... yikes. Or at least there was an article some time ago how they were
testing it.

~~~
sixdimensional
Ah, here’s the article:
[https://www.forbes.com/sites/blakemorgan/2018/06/25/a-vision...](https://www.forbes.com/sites/blakemorgan/2018/06/25/a-vision-
of-the-future-mall-four-innovation-scenarios/)

------
pimmen
For comparison: in Sweden there was a chain of gas stations who installed
plate recognition cameras to record people who didn't pay for the gas (if you
opt to pay cash, you get to fill your car first and pay later, with this
system in place the clerks could refuse that you got to fill up your car first
if your plate showed up in a search).

The Swedish agency of data regulation was able to challenge the system in
court and got the chain to dismantle the system, and with fines added to that.
This was a couple of years ago, long before GDPR.

Something like this would absolutely not fly on this side of the pond, and I'm
very glad about that.

------
darpa_escapee
This data is collected, as well as shared with, the DEA, repo companies, debt
collectors, etc.

This has been the case for at least 5+ years, now.

------
danhorner
I'm a little confused about the mall operator's incentive to do this.

Are they using ALPR for their own security and voluntarily sharing the reads?
Is the provider giving them a discount to do so or paying to place cameras or
something?

~~~
Spooky23
The government will just ask. Security types crave the opportunity to do a
favor for the cops, and voluntary cooperation is not a legal issue.

I served on a jury where the police were able to gather footage covering like
14/24 hours of the defendants time from a variety of camera feeds (up to 40 I
think).

After torturing us with introducing dozens of these videos to build the
timeline, the case was fucked up (and defendant found not guilty) because they
couldn’t explain NTP in the context of a camera used as the primary time
reference point.

~~~
reaperducer
In some cities, the police departments have programs to allow the cops to tap
directly in to people's internet cameras at their homes, or to immediately
turn over recordings to the police that their home cameras have made. People
willingly join the program.

Here's one called Vegas SafeCam: [https://www.lvmpd.com/en-
us/Pages/VegasSafeCam.aspx](https://www.lvmpd.com/en-
us/Pages/VegasSafeCam.aspx)

"You’ve purchased a home surveillance system and have registered your system
with the LVMPD. Several weeks later, a Patrol officer comes to your door and
informs you of a recent burglary in your neighborhood. The Patrol Officer has
used the database for this program in their patrol car, and has gone to your
residence for follow-up. The Patrol officer asks you if it would be possible
for you to review your video for a suspicious person or vehicle between the
listed times of the event."

The Las Vegas one isn't real-time, but I believe Chicago's might be. Then
again, about 10 years ago, CPD was bragging about having 3,000 cameras around
the city. It must be 300,000 by now.

Max Headroom wasn't campy sci-fi. It was a warning.

------
OceanKing
This article takes a distinctly negative tone towards this practice. What’s
the problem here? License plate data is public information, it’s the same as
if a person standing on the street saw your plate and told someone else. There
should not be any expectation of privacy in regard to one’s license plate or
the location of its sighting.

~~~
mikeash
Let’s say we’re neighbors. I keep a close watch on your house, and every time
you come and go I phone the local police and tell them, “OceanKing just got
home” or whatever. Would you be ok with that?

~~~
maxerickson
I want legal reforms that enhance privacy, but your scenario happens all the
time, private surveillance is willingly handed over to police after some
incident.

It doesn't have the goofball repeatedly calling the police aspect, but that's
the less interesting part to me.

~~~
mikeash
I agree, it does happen all the time.

My question remains: if it were happening to you, would you be ok with it?

------
User23
This happens at every gun show too.

~~~
chrissnell
I go to gun shows and I've never seen it. What is your proof?

------
justboxing
> A hallmark of Vigilant’s solution, the ability for agencies to share real-
> time data nationwide amongst over 1,000 agencies and tap into our exclusive
> commercial LPR database of over 5 billion vehicle detections, sets our
> platform apart.

5 Billion vehicle detections seems like an awfully high (and possibly made up)
number. Even if you allow for the same vehicle to be detected 5 or 10 times,
the total number of registered vehicles in US was barely around 300
million.[1]

Or did I mis-interpret that statement / claim ?

[1] [https://www.statista.com/statistics/183505/number-of-
vehicle...](https://www.statista.com/statistics/183505/number-of-vehicles-in-
the-united-states-since-1990/)

~~~
Spooky23
You could get to that just via chokepoints.

Examples: The RFK/Triboro bridge in NYC gets 60M crossings annually. I95 at
the North/Carolina border gets 14M cars a year. State DOTs publish this
information for all interstate and many other highways, so it’s easy to piece
see where the flows are.

Additionally, DMVs sell all sorts of information, and auto repair and
dealerships sell whatever DMV does not. It’s definitely pretty easy to gather
and correlate data like this.

I’d assume that many players, from billboard companies to the feds to fast
food operators are collecting this data. It is too cheap to collect and too
valuable to many parties for that to not be happening.

~~~
HillaryBriss
holy crap. what kind of info are the DMVs selling? who are the buyers?

~~~
Spooky23
Lots of data re vehicle registration and licenses to different groups.
Insurance companies and banks are common but there are many others. Everyone
from towing/repo people to Experian.

New York has a good FAQ. [https://dmv.ny.gov/dmv-records/permissible-uses-
personal-inf...](https://dmv.ny.gov/dmv-records/permissible-uses-personal-
information)

Some states are not so good at protecting data, or rely on an honor system:
[https://dfw.cbslocal.com/2013/02/11/cbs-11-investigates-
your...](https://dfw.cbslocal.com/2013/02/11/cbs-11-investigates-your-
personal-information-for-sale-you-cant-opt-out/)

~~~
HillaryBriss
I like that Texas article particularly. The DMV has a db of 22 million car
registrations, and they sold the trust of their citizenry for a couple million
dollars.

------
nodesocket
Once upon a time Hacker News used to be a community for developers and
startup/technology news. Political stories were quickly removed...

~~~
nstart
And one day the community realised that technical innovations had deeper
ramifications than something to nerd over or some fancy valuation in a startup
with a quirky name.

As an industry, software is still very young. And as it comes of age in the
modern era, its impact continues to reach further and further into the fabric
of society. We are more than ever before making ethical questions part of the
conversation when developing technology.

Politics and policies making their way into HN is therefore an inevitable
evolution. Nothing else.

~~~
nodesocket
Here-in lies the problem, the assumption that HN readers have to all prescribe
to a single political and "social" ideology. I would argue a majority of HN
readers would prefer to stay neutral while on HN. If users want that content,
there is certainly not a shortage of political focused websites.

I am going to debate the fact that the HN community silences opposing opinions
and comments, which won't be popular... But it is evident in the fact that I
challenge you to show a conservative viewpoint post making the front page. I
have personally seen comments and posts silenced by a minority that had the
majority of votes countless times.

Anyway, I digress which is the entire point. In the same vein as I loath
sports pundits that try and always get political because it distracts from the
essence of sports, the same is true of HN.

------
iosDrone
This is the first thing I've read that actually increased my support for the
widespread use ALPR technology. Every illegal alien in this country is a
criminal, by definition.

~~~
FireBeyond
Hopefully you've never gotten a speeding ticket, parking or similar. Because
most of those are classified at the same misdemeanor level as "entering
illegally", which would make you a criminal, too.

~~~
dahdum
Speeding and parking tickets are usually infractions, and are non-criminal.
DUIs, reckless driving, fleeing the scene, and the like are criminal
misdemeanors or felonies.

Illegally entering is a criminal misdemanor, so they aren't the same thing.

~~~
zardgiv
Unlawful presence, which is all anyone at a mall in California could be
charged with, is a civil matter, not a crime.

Unless there's some international border in Sunnyvale I missed, I don't think
the ALPRs will catch any illegal entry.

~~~
dahdum
I wasn't arguing that. Just that illegal entry is not the same as a speeding
ticket was my point. Overstaying on legal entry is civil, and just unlawful
presence. I believe that's a bit less than half the population.

~~~
zardgiv
Unlawful presence is 100% of the offenses you'll be able to catch in a
Sunnyvale mall parking lot, and it disproves the OPs contention that they are
all "criminal, by definition."

~~~
iosDrone
You can use ALPR to track people who are known to have entered illegally or
who have been sentenced to deportation and are avoiding their sentence.
Illegal aliens are criminals.

~~~
zardgiv
I really don't think you understand the difference between unlawful presence
and improper entry. One of these is a crime while the other is not. Restating
your false premise at the end doesn't make it more true; unlawful presence in
the U.S. is not a crime, that's a simple fact.

~~~
iosDrone
Crossing the border without a visa is a crime. You do not understand US law.

~~~
zardgiv
You're missing the point. No one will be caught entering the U.S., with or
without a visa, in a Sunnyvale mall parking lot. All you will likely be able
to catch is unlawful presence, which is a civil matter and not a crime.

