I'm curious what you think the solution is?<p>Taking a photograph of a car with its license plate is legal. As is selling a photo you've taken, whether it has a license plate or not.<p>Therefore taking millions of photos in public of cars, and turning their license plate numbers into a database is legal, as is selling that information. It's all data gained in public.<p>Obviously it's now scary that you're being tracked. But what is the solution? We certainly don't want to outlaw taking photos in public. Is it the mass aggregation of already-public data that should be made illegal? What adverse consequences might that have, e.g. journalists compiling public data to prove governmental corruption?
<i>> Taking a photograph of a car with its license plate is legal. As is selling a photo you've taken, whether it has a license plate or not.</i><p><i>> Therefore taking millions of photos in public of cars, and turning their license plate numbers into a database is legal, as is selling that information. It's all data gained in public.</i><p>One absolutely does not follow the other; there are all sorts of things that are legal only if done for certain purposes, only below a certain scale, etc. The idea that we must permit both or neither is a false dichotomy.
E.g. I have the personal liberty to host card game for money at my house. But if I require a house take, now I'm running a gambling business.
But that's literally the question I'm asking. Where do you draw the line in a way that stops what we consider to be abuses, but doesn't stop what we think of as legitimate uses by journalists, academics, etc.?<p>E.g. city employees who need to better understand traffic patterns originating from one neighborhood, to plan better public transit. Journalists who want to expose the congestion caused by Amazon delivery trucks. And so forth.<p>Is it database size? Commercial use? Whether license plates are hashed before storing? Hashed before selling the data to a third party? What about law enforcement with a warrant? Etc.
> But that's literally the question I'm asking. Where do you draw the line in a way that stops what we consider to be abuses, but doesn't stop what we think of as legitimate uses by journalists, academics, etc.?<p>I think the wrong assumption you're making, is that there is supposed to be a simple answer, like something you can describe with a thousand words. But with messy reality this basically never the case: Where do you draw the line of what is considered a taxable business? What are the limits of free speech? What procedures should be paid by health insurance?<p>It is important to accept this messiness and the complexity it brings instead of giving up and declaring the problem unsolvable. If you have ever asked yourself, why the GDPR is so difficult and so multifaceted in its implications, the messiness you are pointing out is the reason.<p>And of course, the answer to your question is: Look at the GDPR and European legislation as a precedent to where you draw the line <i>for each instance and situation</i>. It's not perfect of course, but given the problem, it can't be.
Generally, you do want the general principle of something like this to be explainable in a few sentences, yes.<p>Even if that results in a bunch of more detailed regulations, we can then understand the <i>principles</i> behind those regulations, even if they decide a bunch of edge cases with precise lines that seem arbitrary.<p>Things like the limits of free speech <i>can</i> be explained in a few sentences at a high level. So yes, I'm asking for what the equivalent might be here.<p>The idea that "it's so impossibly complicated that the general approach can't even be summarized" is not helpful. Even when regulations are complicated, they start from a few basic principles that can be clearly enumerated.
This is not how things ever work in practice in representative democracy. The world is too complex, and the many overlapping sets of political groups in a country/provice/city have different takes on what the policy should be, and more importantly, each group have different tolerances for what they will accept.<p>Because everyone has different principles by which they evaluate the world, most laws don't actually care about principles. They are simply arbitrary lines in the sand drawn by the legislature in a bid to satisfy (or not dissatisfy) as many groups as possible. Sometimes, some vague sounding principles are attached to the laws, but its always impossible for someone else to start with the same principles and derive the exact same law from them.<p>Constitutions on the other hand seem simple and often have simple sounding principles in them. The reason is that constitutions specify what the State institutions can and cannot do. The State is a <i>relatively</i> simple system compared to the world, so constitutions seem simple. Laws on the other hand specify what everyone else must or must not do, and they must deal with messy reality.
This is not just unhelpful (and overly cynical), but it is untrue.<p>Courts follow the law, but they also make determinations all the time based on the underlying principles when the law itself is not clear.<p>Law school itself is largely about learning all the relevant principles at work. (Along with lots of memorization of cases demonstrating which principle won where.)<p>I understand you're trying to take a realist or pragmatic approach, but you seem to have gone way too far in that direction.
The principle is that you should be able to casually document what you see in public, but you should not be able to intrude on the privacy of others.
Emphasis on casual, IMO. It is perfectly reasonable to decide that past norms which evolved in the absence of large scale computing power, digital cameras, and interconnected everything do not translate to the right to extrapolate freedom of casual observation into computer-assisted stalking.
It’s where you decouple the vehicle information (make, model, plate) from the PII (registered owner information)
License plate numbers are generally considered PII in their own right. A tuple of make, model, color, and year range is getting awfully close to an equivalent on its own as well.
no they're not. PII has to be able to identify an individual.<p>anyone can in theory be driving a car. is it my wife, or me, or my kid taking the station wagon out this weekend?<p>it's also why red light cameras and speed camera send tickets to the registered owner, not necessarily who is driving. my sister in law borrows the car and I get the ticket
Generally "I wasn't driving then" is actually a defense to the automated cameras. The registered owner things is just the first pass like any other lazy investigation.<p>In the broader context PII is a looser concept, and can be thought of like browser fingerprinting. The legal system hasn't formalized it nearly to the same degree, but does have the concept of how enough otherwise public information sufficiently correlated can break into the realm of privacy violations. I. The browser fingerprinting world that's thought of pretty explicitly in terms of contributions of bits of entropy, but the legal system has pushed back on massive public surveillance when it steps into the realm of stalking or a firm of investigation that should require a warrant.
PII isn’t limited to SSNs. By your logic, First name can’t be PII, and last name with no accompanying info wouldn’t be PII. Different types of data have different risk profiles. When multiple records about an individual are collected the risk grows exponentially. Location is absolutely PII when combined with other risky data, like license plate.
One big easy line to draw is personal+individual versus commercial+corporation. There should be sweeping privacy laws that individuals can use to prevent information about them (including government issued identifiers) from being recorded, processed, and stored. Then for private vs private, a de minimis exception for individuals doing it noncommercially on a small number of people.<p>Delivery trucks are operated by corporations so don't have privacy protection (although the individuals driving them would from things like facial recognition). Traffic patterns can be studied without the use of individual identifiers. Law enforcement is moot because the juicy commercial surveillance databases won't be generated in the first place, and without them we can have an <i>honest</i> societal conversation whether the government should create their own surveillance databases of everyone's movements.<p>These aren't insurmountable problems. GDPR gets these answers mostly right. What it requires is drawing a line in the sand and iterating to close loopholes, rather than simply assuming futility when trying to regulate the corporate surveillance industry.
[dead]
I see so I can follow you around and continuously 24x7 video tape and document your actions as long as it’s in public this should be fine.
This is literally what private detectives do when they tail someone. So yes, this is legal as long as it's not harassing or there's a restraining order or something. Did you think it was not?
> Did you think it was not?<p>Not OP, but yes, I think it is not. At least, not legal in the same expansive way that you are implying. AFAIK private detective work is very much regulated, most likely because it is otherwise known as stalking.
stalking implies harassment, threats, and real or perceived potential for danger<p>it is illegal because it means the stalker will attack / rape / otherwise damage or harass the victim.<p>however watching or tracking someone in public is plenty legal, and actual PIs have ethical and legal obligation to weed out stalkers and dubious behavior
The purpose and intention matters a lot. A stalker has very different intentions to a private detective.
So I know you're saying that's too much, but honestly even if the bar was set at that level it would fix mass surveillance. If it takes one hour of labor to track one person for an hour, things work out fine.
That is what the church of Scientology does with people they don't like. 24/7, people standing outside your house, recording you.
> <i>curious what you think the solution is?</i><p>Require a warrant for law enforcement to poll these databases. And make the database operators strictly liable for breaches and mis-use.<p>For all we know, "suspicious" travel patterns may include visiting a place of religious worship or an abortion clinic. For a future President, it may be parking near the home of someone who tweeted support for a J6'er.<p>(And we haven't even touched the national security risk Flock poses [1].)<p>[1] <a href="https://techcrunch.com/2025/11/03/lawmakers-say-stolen-police-logins-are-exposing-flock-surveillance-cameras-to-hackers/" rel="nofollow">https://techcrunch.com/2025/11/03/lawmakers-say-stolen-polic...</a>
> Require a warrant for law enforcement to poll these databases.<p>This seems so uncontroversial I don't know why we haven't collectively decided to implement it. Though I get that the folks in power probably don't support it. We could easily decide that law enforcement data gathering warrant requirements are not so simple to circumvent. Maybe we should largely abolish third party doctrine.
Collectively decide and easily are carrying lots of weight here.<p>Americans (citizens that is) have held fairly consistent opinions on healthcare, guns, education, war and yet very little changes because all voices are in fact, not equal. We are not collectively deciding. There are massive thumbs on the scale, often in favor of private profit that keep things as they are now.<p>Some might even, surprise surprise, be owned by the companies investing in the companies that use this technology.<p>This is, as the OP noted, a gross invasion of privacy and not avoidable in a country that largely requires cars and their registration for day to day life.
> Collectively decide and easily are carrying lots of weight here.<p>I agree. The problem is that we do not decide collectively on issues, we decide on representatives. And while a supermajority might agree, for example, that single payer healthcare is good, they may not all prioritize it the same way amongst a number of issues they are concerned about. And in the end, they get a very limited number of candidates to choose from, none of whom are likely to 100% match their priorities and choices.<p>So the politicians focus on the few issues that really will get people to pull the lever for them. Abortion being an obvious one. Health care doesn't have a strong enough consensus and priority combo to make it happen.
> Americans (citizens that is) have held fairly consistent opinions on healthcare, guns, education<p>We have? That’s news to me on all three topics.<p>The bubble of Americans an individual commonly associates with might have fairly aligned opinions, but Americans as a set don’t hold a consistent/aligned opinion in these areas IME.
Are you also going to require a warrant for paramilitary insurgent groups to poll these databases? Maybe you intended to propose for them to be abolished entirely.
paramilitary insurgent groups are abolished, actually. it is illegal to operate a paramilitary insurgent group. this is the main way they prevent groups from doing paramilitary insurrection.<p>that, and most military actions are also illegal, if you're not a member of the military following lawful orders. so there's not much paramilitary stuff one can do. and insurgency is like... outlawed
> <i>Are you also going to require a warrant for paramilitary insurgent groups to poll these databases?</i><p>No. Because this is a straw man.<p>> <i>Maybe you intended to propose for them to be abolished entirely</i><p>Banks operate with liability for losses resulting from breaches. Unless Flock <i>et al</i> are routinly losing their entire database, this shouldn't be exisential.
> Banks operate with liability for losses resulting from breaches.<p>Not enough.<p>> Unless Flock et al are routinly losing their entire database, this shouldn't be exisential.<p>The risk of misuse by future governments is too great even if Flock's security was perfect. And allowing anything less than routinely losing the entire database is unreasonably lax even if you don't believe Flock is too risky to exist.
It isn't a straw man; paramilitary insurgent groups will just look like normal customers to Flock <i>et al.</i>, except when they're stealing their entire database, which will indeed happen routinely.
Why not also require a permit for gathering the data in the first place? Tied to a very specific purpose of what to do with the data obtained?
Owning a baseball bat is completely legal. Swinging it in your immediate vicinity is completely legal. Standing within baseball bat range of other people is completely legal.<p>But you'll quickly find yourself detained if you try to practice this innocent collection of legal activities together. The whole is different from the sum of its parts. It's a very common occurrence.
I think we have a mass re-assessment coming for how we think about data collected in public spaces. The realities of mass surveillance and mass data correlation come to very different outcomes than they did when we established our current rules about what is allowed in public spaces.<p>I don't really know what a better system looks like - but I suspect it has to do with the step where the info is provided to a third party. We can all exist in public and we can all take in whatever is happening in public - but it's not clear that passing that observation on to a third party who wasn't in public is an important freedom. Obviously this cuts both ways and we need to think carefully about preserving citizens rights to observe and report on the behavior of authorities (though also you could argue that reporting on people doing their jobs in the public space is different than reporting on private citizens).
> [I]t's not clear that passing that observation on to a third party who wasn't in public is an important freedom.<p>It's not hard to imagine a restriction on reporting one's observations failing any number of First Amendment challenges.
> we can all take in whatever is happening in public<p>People have the right to take in what is in public, but maybe cameras should not?<p>This could apply to everyone in public spaces. No video, audio or surveillance without obtaining permission. Better blur anything you share, or you might get busted. The least we could do is restrict corporations from possessing such data.<p>Similar to what Germany does with doorbell cameras, making it illegal to film anything outside of your property, like a public sidewalk or the neighbors house. It is my understanding that people there will confront someone taking pictures of them without their consent.
<p><pre><code> > People have the right to take in what is in public
</code></pre>
You write this as if it is a fundamental human right. I disagree. I could imagine this could be treated differently in different cultures. As an example, Google Maps has heavily censored their Street View in Germany to scrub any personal info (including faces). Another common issue that is handled very differently in different cultures: How to control video recording in public places.
> Google Maps has heavily censored their Street View in Germany to scrub any personal info<p>I remember when this first launched in the UK, automated face-scrubbing was in place. It was about 90% accurate on scrubbing faces from pictures. One of its best screwups was showing people's faces as they were standing outside a branch of KFC but blurring out the Colonel.
>You write this as if it is a fundamental human right. I disagree.<p>It's more common sense than any real sense of law. If something is a public space, how do you stop people from "taking it in"?<p>Recording is a different matter, but people existing is what comprises the "public".
> how do you stop people from "taking it in"<p>Please take a moment to draw for us detailed faces of all the people you've "taken in" today while you were outside. Use a sketch artist if you need to. Now compare those results with what you'd have if you did the same with a photocamera. And for good measure, add in the amount of effort it took you to recall, and the effort it will take you to describe to every reader on HN who you saw today.<p>Do you really not see any difference between the human process and what a digital camera can do?
I think we're agreeing but our frequencies are mixed. I was just saying "you can't stop people from using their eyes in public".photography and recording laws are very different.<p>for more context, the chain started with this:<p>>People have the right to take in what is in public, but maybe cameras should not?<p>and then the direct reply disagreed with this notion. I just wanted to distinguish between "taking in" and cameras, because it appears that user made a similar mistake.
I dunno - I think there are uses of surveillance in pursuit of enforcing laws that I don't think are harmful. Like...maybe you can record the public and pass it on to the police when there's a specific request for a time and place that a crime was allegedly committed? Like - if an organization has a legitimate interest in what happened there you can pass on your recording. But you can't just sell it to some random data broker, because they don't have a specific reason to want a recording of that place at that time.
My jaded AF crystal ball called history says that these things never change until the petite-bourgeoise (I'm no Marx fan, but I think he did a good job with that part of his social class classification system) are seriously harmed by it. The rulers don't care. The poor have real problems. This sorts of crap happens or doesn't happen at the behest of the materially comfortable people in the middle. And it seems like they never learn except the hard way.
Simply, the scale of observation matters. Making observations at scale is categorically different than manual observations. And yes, there is a spectrum. But the important thing is that there is a difference between the ends of that spectrum.<p>The solution is to recognize that ease of observation interacts with expectation of privacy and legislate what can be done at each point on the spectrum. I have no expectation that someone won't take a picture with me in the background while I'm in public, but I would find it jarring to be filmed at every public location I went, have that video indexed to my name in a database, and have all my behaviors tagged. You write the law so that the latter thing is illegal and the former thing isn't. When there's a dispute about what's illegal, you have it resolved by the courts like every other law.
>Making observations at scale is categorically different than manual observations.<p>No it isn't. It's evidenced by the fact that you will need to decide some exact scale at which surveillance becomes illegal and under which it is legal<p>>When there's a dispute about what's illegal, you have it resolved by the courts like every other law.<p>Okay, but what ought they resolve to? That is what we are debating.
> need to decide some exact scale at which surveillance becomes illegal and under which it is legal<p>Surveillance of specified individuals should be allowed, but just random surveillance of the public should be declared illegal except for very particular events and purposes (e.g. searching people for entry to a music gig). If there is public surveillance in an area, it should be made clear with signs etc unless it's for the express purpose of locating specified individuals (e.g. tracking a criminal's movements on public transport).
No, you are simply wrong but ignorance of scaling properties is the spirit of the day.<p>I suspect in the future a word will evolve for the stupidity of believing if a person can walk 3 miles in an hour then that scales to walking 500 miles in a week.<p>I encounter this form of stupidity all the time.
>But what is the solution?<p>The best time to plant a tree is 20yr ago. The second best time is today.<p>The best time to ostracize, ridicule and marginalize the people who support the growth of the surveillance state is a generation ago. The second best time is today.<p>I say we ostracize the crap out of the people who peddle, justify and facilitate these activities. It worked for wife beating, worked for drunk driving, worked for overt racism.<p>This is not a technical problem. This is not a law problem. This is a social norms and acceptability of certain actions problem. Applications of technology and law follow norms.
This is a law problem though. This is clear violation of 4th amendment. You’re being unreasonably searched when a set of traffic observation cameras turn into surveillance of a particular individual. This is not that hard to understand, observing traffic flow != tracking YOU in particular. That should require a probable cause and proper warrant, we want to identify this individuals movements because …
There are no social norms problems. Social norms are always a response to technology and not the other way around.
Require commercially used photos to not contain identifying information (face license plate) without consent of the owner (of the license plate/face).<p>This already happens a lot on Google street view.
Ride a bike! I half-kid, but it's interesting to consider that cycling is a right which can't be taken away in the US, while driving is a privilege that can be revoked.
How does it stop you from being observed by cameras? These cameras log more than just the plate numbers, they take note of the appearance of drivers, all sorts of things.
> cycling is a right which can't be taken away in the US<p>Why not ?
Practically, because bicyclists aren't licensed. It is true that in some jurisdictions cyclists have to register or license their bicycles, so potentially failure to do so could get you fined or even have your bike impounded.
you're missing that this is the land of the free where us drivers are being detained at will<p>why do you think bicyclists are exempt from this abusive behaviour ?
what jurisdictions are these? show me
If riding a bike was as common as a car it'd be regulated all the same.<p>You already see "certain demographics" that suspiciously always seem to feature prominently in any given decade's policy failings screeching about how e-bikes need registration because they let people they don't like have easy geographic mobility.
Nope.<p>Regulation of cars , like anything, is expensive. It’s worthwhile for cars for safety reasons, but bikes are cheaper, and also way less dangerous in general, so need a lighter hand.<p>The current cutoff in EU is probably right, above a certain power level, e bikes are l, broadly, treated an motorcycles (licensing, type approval, insurance etc) , below that and with non-e bikes, is really just about the basics, eg are the wheels firmly attached and do the brakes and lights work?
> a right which can't be taken away<p>It's not licensed until it is. Cars and airplanes were once unlicensed.
When I tell folks that I come to HN to see a particular kind of take, this is what I'm talking about.<p>Here is a premise: you can decompose any illegal action into legal actions, therefore according to your logic laws cannot not exist.
Hacker solution: open/crowd source a pirate camera network. People submit feeds of traffic from whatever camera they have. We build tiny/concealable cameras to plant all over state capitals. Client-side software detects plates and reports only those on the target list. That list: every elected leader. The next time they hold a privacy-related hearing, we read out the committee chairperson's daily movements for the last month.<p>Other idea: AI-enabled dashcam detects and automatically reports "emergency vehicles" to google maps hands free. Goodbye speed traps.
They just might write a law that makes the act of publicly disseminating travel data for future and past official's illegal.
You don't even need something so complicated. Those Flock cameras are so vulnerable you can easily make a botnet from them and make them serve your own malicious purpose.
You ban monetization of the data. The federal government has the power to regulate interstate commerce.<p>States can ban this behavior as well.<p>Furthermore, legislators can create a right to privacy in the law, letting people sue companies who collect this data. And to top it off, states and the federal government can make corporate officers personally liable for collecting this information without consent.<p>With Lina Khan biding time in NYC, I do believe we are going to see this change very soon. I don't think there will be any public sympathy for tech companies in the next political cycle.
I think the solution is simple - make it legal to hide your license plate, but make the hiders required to be remotely openable by an authorized law enforcement user. The plate hider should keep an audit log of the time, name, and badge number of the cop that required it to be opened. Anyone who wants to read license plates for a private purpose (not law enforcement) can either ask you nicely to open the hider, or screw off.
It is a matter of law that no digital database of firearms data can be made. The friction is a feature. I'd propose something surrounding license plates, phone info, SIM's and VIN's may be needed. Of course, LE and tax authorities would scream bloody murder, but if we didn't see such flagrant abuse of sensitive identifiers, then maybe they could be trusted with nice things.
IDK that I even have a problem with such a database existing (just like I don't really care about a firearms db existing). What I care about is access to the data. It should absolutely require a warrant before it can be accessed. That means the agency that wants to access it needs to prove to a judge that the person they are trying to track has done something wrong or worth invading their privacy over.<p>As it stands, we allow joe bob to access that database so he can harass brown people working on my roof.
If it exists then people will use it legally and illegally. Sometimes you find out about the illegal activities years later, sometimes you don't.
No, no, no.<p>>just like I don't really care about a firearms db existing)<p>You might not care, but even before computers were a big thing, and people thought "Computer" and IBM mainframes were synonymous, it was put forth in law that no central digital registry of firearms was to be made available to the Federal Government.<p>View regulations under<p><a href="https://www.congress.gov/crs-product/IF12057" rel="nofollow">https://www.congress.gov/crs-product/IF12057</a><p>In short, NFA, GCA, and FOPA basically synergize to outlaw centralized registries of firearms owners in the U.S. due to the recognition of the particular temptation and value in organizing activities resulting in disarming the populace.<p>It is absolutely the case other identifiers and activity can be restricted to prevent foreseeable abuse, and to be honest, that this type of abuse wasn't foreseen is frankly testament to either our forebearers being comfortable with a surveillance dystopia or just being so disconnected from technical possibilities that they didn't understand the fire we were working with.
Isn't the law that the federal government can't create a digital database of firearm ownership?<p>Presumably many FFLs hold records digitally tracking their sales/transfers, as do manufacturers. And several states require firearm registration.
Correct, but FOPA prohibits those records from entering the custody of BATFE/DoJ, and even if handed off, no funding can be provided to digitize them.
The law didn't stop them. The feds made one anyway and used tortured logic to pretend like they didn't. Many states have their own little ones because "hurr durr it's a tax not a registration"
>Therefore taking millions of photos in public of cars, and turning their license plate numbers into a database is legal, as is selling that information<p>Very typical engineer thinking. The world doesn't work that way. Laws and social norms don't abide by formal logic.
Doing this as a private citizen is one thing. When the government does it the implications are vastly different. That is kind of the whole point of the constitution.
> Taking a photograph of a car with its license plate is legal.<p>And perhaps it was legal because before mass surveillance and automatic license plate readers it was difficult to impossible to abuse that.<p>Perhaps it shouldn’t be legal in the same way anymore.<p>These days they can just photograph everyone and then go back later and figure out where they were when that person is of interest. It’s pre-emptive investigation of innocent people for future use.
> Taking a photograph of a car with its license plate is legal. As is selling a photo you've taken, whether it has a license plate or not.<p>Because when those laws were enacted the technology to do so at scale wasn't there or wasn't cost-efficient. So it made sense to make it legal because nobody could realistically abuse it.<p>Nowadays this is no longer the case, so maybe the law should be amended. Of course, with the lawmakers being the ones benefiting from such abuses it's unlikely.<p>> We certainly don't want to outlaw taking photos in public.<p>Some countries (Germany I believe) actually do outlaw it; I believe taking a picture is ok but publishing it requires consent of everyone in that picture.<p>> journalists compiling public data to prove governmental corruption?<p>You could allow free public disclosure, but disallow <i>selling</i> of that data. Meaning journalists can still conduct mass-surveillance for the public interest since the results of that would be published free-of-charge, while destroying the business model of those surveillance-as-a-service companies.
> Taking a photograph of a car with its license plate is legal. As is selling a photo you've taken, whether it has a license plate or not.<p>Does it have to be?<p>What if selling more than 1,000 license plates with location and time in any calendar year starts down a path of increasingly severe penalties proportional to the gross income gained? What are the negative ramifications that I'm missing which would be hard to solve by following how other laws work?<p>Example: If you exclude location but effectively have an agreement with someone else that sells corresponding location data, then you can both be found guilty with a penalty multiplier for attempting to evade the law.<p>We write laws against stalking individuals, and we can write laws against similar behavior towards groups.
> I'm curious what you think the solution is?<p>The solution is simple. If there's a judge that signed off on a warrant to track a <i>particular</i> vehicle or person, cameras should be permitted to track its movements.<p>Otherwise, cameras should only be allowed to track people <i>actively</i> breaking the law - such as sending tickets to people running red lights. They should not record or retain any information about drivers that are following the rules.<p>Fishing expeditions are illegal and immoral. Mass tracking of innocent people is immoral.<p>---<p>Judicial warrants exist as a counterbalance between two public needs (The need to not be harassed by the police for no good reason, and the need for the police to be able to conduct active, targeted investigations of a particular crime.)
There is a huge overlap between legal and immoral
Eliminating license plates would be a good step. As I understand it, license plates were established as a compromise between privacy and accountability: they made it possible to track down evildoers without entirely eliminating anonymity in public. Now, due to advances in computer technology, they entirely eliminate anonymity in public. Therefore we should abolish them and invent an alternative that strikes a better balance between these concerns. Encrypted radio beacons, for example, which beep to alert the driver when they are being probed.
> Encrypted radio beacons, for example, which beep to alert the driver when they are being probed.<p>That thing would ping so often that everyone would just turn it off. You'd also want to require it to always be on so that, for example, someone can't do a hit and run.<p>The problem that needs to be addressed is the fact that the american police force has WAY too much power and funding. Particularly the DHS.<p>The tracking sucks, but what sucks more is the police using that tracking in pretty much any way imaginable.
You'd need to have some causal pathway from it pinging too often through people getting irritated to removing the scanners that were doing the excessive tracking.<p>Police forces are not the only ones who can use this information. Foreign intelligence agencies, violent insurgencies, and drug cartels can also use it.
The rub is that the information is something that regular drivers need access to.<p>If I get into a car accident, I need some way to know who hit me in the case they bolt from the scene.<p>And that's what makes this a hard problem. I don't think there's a solution that allows me to address a hit and run and would prevent the groups you mention from similarly tracking people.
As I said in another subthread, it would be surprising if the solution were not worse in some way than the status quo ante; after all, we're looking for a solution to the new problem of mass surveillance, not taking advantage of a new opportunity.
Instead of pieces of metal physically on the car, you want all cars to have a radio transceiver attached to a computer with crypto?<p>That doesn't seem like a privacy win.
>Encrypted radio beacons, for example, which beep to alert the driver when they are being probed.<p>And when "encrypted radio beacons" are placed everywhere that Automated License Plate Readers (ALPR) exist, that changes things exactly how -- instead of identifying cars (and, by extension, their owners) by their license plates, you do so with these hypothetical "beacons."<p>How is that any different than what folks are doing today and why would that be less invasive for governments and corporations to collect en masse to track folks wherever they go?
With network of cameras large enough you can trivially profile and identify all cars without license plates.
It's possible that you could learn to recognize every individual car from things like the pattern of scratches on their hoods, yes, but this ability has not been demonstrated and may prove more difficult than you think.
What you're talking about was being done a decade ago in the skies over Iraq.<p><a href="https://www.northropgrumman.com/what-we-do/mission-solutions/radars/an-zpy-5-vader-vehicle-and-dismount-exploitation" rel="nofollow">https://www.northropgrumman.com/what-we-do/mission-solutions...</a><p>I don't know jack about the algorithms because classified and not my job, but I can tell you that however good you think it was, it was better. I don't know if it's real or just marketing BS but what we said publicly was that differences in antennas, mirrors and trim were key in re-identifying vehicles after they leave the observable area (e.g. two silver Camry's go into a garage, come back out, how do you keep track which is which).
License plates were always about taxation/revenue first. Creating some level of identifiability without putting people's names on their cars was how it was sold to the general public.
License plates are there not to "catch evildoers". They're there because cars are heavy and kill people even when non-evildoers are operating them. The problem is not that cars can be tracked, it's that we design cities to mandate people travel in heavy metal boxes that kill people. When we made walking inconvenient, we also surrendered our rights.<p>In other words, cars were a fascist[0] long-con - a project of societal engineering to deliberately control Americans[1] by offering the illusion of freedom. I don't even think the panopticon of license plate readers was in the thoughts of the people who designed this nonsense, but all the major figures involved with the institutionalization of cars would have <i>loved</i> being able to bulldoze those pesky 4A/5A rights.<p>[0] Fords and Volkswagens are the original model swasticars.<p>[1] And, arguably, make segregation survive the Civil Rights Act - but that's a different topic for another day. Look up what Robert Moses did to highways on Long Island if you want to know more.
If non-evildoers kill people with their cars, they will make extreme efforts to make amends, not flee the scene.
Bullshit. You don't need to track everyone to figure out who done it when something serious happens. You can do "good old fashioned police work" and go look at CCTV footage, ask witnesses, etc. People are happy to help when it's something serious.<p>ALPRs are useful so that mustache twirling evil people can a) have law enforcement more easily unilaterally do enforcement work from their desks without actually having support on the ground from the public b) burn public support doing stuff the public doesn't support without affecting their ability to investigate serious stiff. Neither of those are good.
The solution, from a personal privacy standpoint, could be to obscure your license plate to prevent a proper photograph from being taken. I have read of invisible film and transparent sprays that purport to do just this.<p>There are also very affordable "license plate flippers" which, at the push of a button, rotate both your front and rear plates to different plates.<p>Both of these methods are likely illegal for driving, but may be legal when parked on private property.
> I'm curious what you think the solution is?
>
> Taking a photograph of a car with its license plate is legal. As is selling a photo you've taken, whether it has a license plate or not.
>
> Therefore taking millions of photos in public of cars, and turning their license plate numbers into a database is legal, as is selling that information. It's all data gained in public.
>
Collecting and selling PII without a person's consent is certainly not legal in many places.
Come on, it's not that hard to think of a solution.<p>Pass a law making it illegal to do a combination of collecting and storing personally identifying information, such as a license plate number, in a timestamped database with location data. Extra penalty if it's done for the purpose of selling the data.
Then OCR'ing the camera roll on your phone would be illegal. Every photo is stamped with time and location, and your camera roll is a database.<p>That's why it actually is hard.<p>Plus, what about legitimate purposes of tracking? E.g. journalists tracking the movements of politicians to show they are meeting in secret to plan corrupt activities. Or tracking Ubers to show that the city is allowing way more then the number of permits granted. Or a journalist wanting to better understand traffic patterns.<p>The line between illegitimate usage and legitimate usage seems really blurry. Hence my question.
>Then OCR'ing the camera roll on your phone would be illegal. Every photo is stamped with time and location, and your camera roll is a database.<p>>That's why it actually is hard.<p>Actually, it's not. It's the same idea as having a journalist (or a private investigator or a law "enforcement" agent) surveil a location and take photos of those who come and go on public streets to/from a particular location.<p>It's not the same thing if you put up automated cameras to identify <i>everyone</i> who goes anywhere for no reason, then create a database that allows folks (especially the government, but folks like Flock as well) to track <i>anyone</i> for any (or no) reason wherever they go.<p>That's a difference in <i>kind</i> not one of degree.
They suggested commercial use as a factor. You ignored it.
Not saying I agree with OP, but for the law you described: any photo you take of a license plate on your smartphone would fit that description (unless you’ve explicitly disabled the automatic location and time stamping default).<p>So you’d need to further distinguish to preserve that freedom.
There’s a difference in intent, and you’re aware of that. Aggregating photos of license plates for the express purpose of building a database of license plates with location and other metadata to make profit from granting access to that database is clearly different to most other cases of taking, storing, and even selling photographs. There is no overlap here at all.
Its not hard to distugush individual pictures that contain trackable attributes like a license plate number from building a large scale database of them for sale. Or making such a database not legal to sell access to without removing that information, etc. It doesn't need to center on the contents of a single photo.
> any photo you take of a license plate on your smartphone would fit that description<p>I don't normally do that, unless I'm involved in an accident.<p>> So you’d need to further distinguish to preserve that freedom.<p>And you think it's very hard to do that, legally speaking?
No I don’t think it’s “very hard”. But I also don’t pretend like OP that it’s super simple, only to suggest a law that would make most people criminals.<p>I think regulation is critically needed in this area, but acting like it’s easy to do well is a recipe for laws like the Computer Fraud and Abuse Act that have massive unexpected consequences.
Then make the act of selling it or storing it in a database with the intent to track people illegal?
Basing it around the act of selling data seems like a much better approach to me than what OP suggested, I agree. I imagine there are edge cases to consider around how acquisitions of company assets would work, although it’s not a use case I particularly care to defend.<p>“Intent to track” could be an approach, but the toll bridges near me use license plate scanners for payment, so I could see it not being that clear cut. There are likely other valid use cases, like statistical surveys, congestion pricing laws, etc.
Thing is, I am not /really/ worried about private citizens with access to this. There are just limits to what a private citizen or even massive corporation can do. What concerns me is when governments get involved and aggregate these private databases. The government is the one that can violate your 4A rights. It exists to protect us FROM the government. Not from private citizens and that exposure is very different. A private citizen can't for example, prosecute me, etc.
> There are just limits to what a private citizen or even massive corporation can do.<p>You’re just not being creative enough. Car insurers could increase your premiums if you often travel through dangerous intersections, employers could decide to pass you over for promotion if you’re often at a bar, etc.<p>Even better, make the law flexible enough to encompass all data brokers.
Car insurance can't wait to know everything about you. They will be crafting insurance policies that are specific for you and that will make unregulated insurance a very lucrative business proposition. Not sure if you can even call it insurance at that point.
If not for the government forcing us to buy their product they can't play games with premiums. It all comes back to government force at the end of the day.<p>But yeah, that's a pretty obvious one.
Glad to see I'm not the only one that thinks its obvious
Let's call it GDPR. :-)
In your universe, how do I make a hotel reservation?<p>That requires at least my name, a date, and a location.
It's the same question we're asking with scraping. It's legal to read the data off one website. What's in question is mass scraping the entire Internet and bringing hundreds of sites to a halt.<p>Change the scope of the data, and you change your approach to the problem. I see no reason why law should be any different.
In Germany it's legal to take car pictures, but if you publish, you need to black out the licence plate...
Dynamic led plate that are totp. Where you can determine who is who on which date only with central access.
Just like every other discussion about private data violation - the issue is aggregation not one data point.
I think the data itself has to come under attack in a variety of ways. Thinking off the top of my head: Possession of the data could be made illegal. The data could be treated as a public record. Defendants could be guaranteed access to all data about them in the government's possession.
Tracking someone everywhere they go is stalking, but tracking everyone is just good business strategy
> I'm curious what you think the solution is?<p>I believe cars don't have to have license plates readable when parked. Depends on the jurisdiction of course, but I would definitely use a license plate hiding device and hide my license plate when parked.
Not being such a car-dependent society that every single person is forced into a dangerous, personal machine that requires licensing and tracking, to do absolutely any activity outside the house.
Maybe it's time to do away with license plates.<p>Police could switch to using VIN for tracking of warrants and such, which can be obtained after a car is pulled over.<p>Modern technology allows for every citizen to be tracked more comprehensively than the most wanted mob bosses or suspected soviet spies just a few decades ago.<p>Or simply outlaw the mass collection and sale or sharing of the data. We already outlaw sharing copies of music or movies, so I don't want to hear any complaints about enforcement- sure there'd still be <i>some</i> data floating around from random photos with a car in the background, but you wouldn't have repo tow truck drivers scanning 20,000 license plates a night or cameras in parking lots and such.
<a href="https://www.law.cornell.edu/uscode/text/18/2261A" rel="nofollow">https://www.law.cornell.edu/uscode/text/18/2261A</a>
It should be illegal for the government to do so, further make it illegal for businesses to do so AND for city, county, state, federal governments to utilize third party databases.
Restrictions and oversight should increase proportionally to the power an entity has.<p>This is a very under-appreciated concept.
> <i>make it illegal for businesses to do so AND for city, county, state, federal governments to utilize third party databases</i><p>Local control and storage should be a requirement.
Counties with effective privacy laws focus on the control and processing of the data.<p>Regulating data processing like this is common and should not be controversial.
Allow people to secure temporary plates that are just aliases to their normal plate so they can be swapped every x hours. Then people could use paper temp plates and change them frequently while the state still maintains the supeonable connection to the true registration.<p>Knowing the US dmv, this will cost $50 and only be doable twice per year, but it should be offered free of charge to be reprinted at least daily. It's not expensive to maintain a massive data lake of the records.
> But what is the solution?<p>Don't allow the commoditization of public imagery, ie being a tourist is legal and being a business is not.
Remove the legal requirements for license plates or tinted windows.<p>We gimp the ability of the public to obfuscate their vehicle by forcing us to have license plates in the first place, when we already prove our license to drive with VIN and registration.<p>Also, remove the intellectual property protections associated with the appearance of vehicles, thus creating a market of clones that can easily fit in with each other.
You don't have to work this out from first principles, the EU have already done this in the form of GDPR. Building a database mapping people's location and selling it to third parties without their consent would be squarely illegal under GDPR, and result in massive fines given the entire business model is a breach rather than this being an oversight.
Yeah, honestly, GDPR isn't perfect legislation, but it's pretty close. You could just copy-and-paste GDPR into the US and, with actual enforcement behind it, most of the egregious violations would be fixed pretty quickly.
License plate holders that obscure the license plate on private property.
The solution is to wake up and start treating this like it is which is mass stalking. Sousveillance against the people who profit from these disgusting antisocial behaviours should be common place.<p>If an individual was to do this to a single person they'd considered a creep and the cops would rustle them out of a the bushes and seize all their cameras as evidence of their stalking behaviour.<p>The act of incorporating and doing the same thing en masse doesn't make it legal.
Make everybody secure, happy and sane enough that using such powers for ill becomes uninteresting.
The solution is to make it illegal to record individuals in public for the purpose of tracking.
> Therefore taking millions of photos in public of cars, and turning their license plate numbers into a database is legal, as is selling that information. It's all data gained in public.<p>In the US. GDPR forbids sharing or processing it without consent. Maybe the Californian privacy act does too?
Outlaw collecting more than 1,000 photos of license plates in a given city.
Set up 1,000 shell corporations that take 1,000 photos of license plates. Maybe do it as a franchise or something.<p>Make an app where you can install a camera near your house and the users are legally contractors: they get paid ~0.1c for each car that drives by.
There is no solution. A large part of the population wants a borderline fascist dictatorship that hunts down brown people.
Come on man, does this actually stump you? You can't come up with a single possible solution to this problem?
Get rid of license plates.
Ironically, you'll have more privacy in a Waymo than your own car.