Sign in Subscribe

SB 6002 (Driver Privacy Act Flock/ALPR regulation): email and testimony to the Civil Rights & Judiciary Committee

There were over 40 people signed up to testify at this hearing, so I wasn't at all sure I'd get a chance to speak – disappointing since I (and many others) had already been shut out at the previous hearings on SB 6002 and its companion HB 2332, but oh well, it is what it is. So I sent the committee some short email before the hearing, and that night submitted written testimony expanding on the topics I raised in the email.

Written testimony

Chair Taylor, Ranking Member Walsh, members of the committee,

I'm Jon Pincus of Bellevue. I run the Nexus of Privacy Newsletter; I co-chaired the ACM Computers, Freedom and Privacy conference in 2010; and I have worked in bipartisan grassroots coalitions opposing mass surveillance since Get FISA Right in 2008.  My position on SB 6002 is Other.  

Flock and other ALPRs are mass surveillance systems, and regulation is desperately needed. I’m one of those people Sen. Trudeau talked about in today’s hearing who thinks we really should ban them – and more and more cities and counties in Washington and around the country are making good progress on that. That said, my understanding is that the votes for a ban are not yet there in the legislature.  So I greatly appreciate the efforts by the sponsors of SB 6002 (and its companion HB 2332) to put some guardrails in place – and especially appreciate that the legislation is framed as a floor, not a ceiling, allowing cities and counties to put stronger regulations in place if they choose to.  Given the ongoing documented abuses of these systems, if we’re not going to ban them, it’s certainly worth trying to reduce the harms.

Unfortunately, the bill in its current form does not accomplish that.  Others have made the case for specific improvements better than I could, so I won’t go over the list yet again.  Hopefully the committee will be able to make significant progress on these, Transportation will address the fiscal aspects, and that will give enough momentum to make further improvements on the floor. Still, given all the pressure to weaken the bill, it’s hard to be optimistic.  One of the committee members said at his town hall tonight that he thought the likely outcome was that you’d make it a bit stronger … that’s better than further weakening it, but that’s not good enough to protect Washingtonians.

One thing I haven’t heard discussed at any of the hearings is the inconsistency between the framing in the findings and the actual bill.  Section 1 starts with 

"The legislature finds that it plays an important role balancing the need to ensure public safety and an individual's right to privacy under both the federal Fourth  Amendment to the United States Constitution and the broader protection of individual rights guaranteed by Article I, section 7 of the Washington state Constitution."

But the vast majority of the vast majority of the steadily-growing list of authorized uses in the bill have nothing to do with keeping the public safe.  There was an extreme example of this in the hearing where a Mercer Island City Council member asked for an amendment to allow mobile ALPRs to be used at immigration centers, protected health facilities, and schools or “otherwise we’d have to go back to marking tires with chalk.”  Given the obvious public safety risks of ALPRs at these sensitive locations, hopefully it’s clear that using ALPRs there would be worse for both privacy and safety than chalk.  

For that matter, using ALPRs for parking enforcement in general harms both public safety and privacy. Paid parking existed before ALPRs. Why are they needed here?

In the HB 2332 hearing, the lobbyist from Chamber of Progress talked about the potential for a “cybersecurity vulnerability”, and in response to an excellent question from Rep. Entenman clarified that he was talking about the complexity of different retention times for different uses. Obviously “cybersecurity vulnerability” is a wild exaggeration here – and I hope there was a moment of bipartisan unity in laughing at a lobbyist for an organization billing themselves as advocating for “Technology's Progressive Future” signing in CON on a bill to put guardrails around mass surveillance technologies. How progressive!

Still, the underlying point is accurate. The different authorized uses, with different retention times, certainly increases the possibilities for unknowing errors and accidental misconfigurations. And there’s an obvious way of addressing this: reduce the complexity by only authorizing ALPR use in situations where there is a clear public safety benefit.

And even the public safety aspects are a complex balance.  

  • How many crimes do ALPRs really help solve?  I was very pleased to hear Rep. Salahuddin’s request for data on how often ALPRs are used for misdemeanor crimes, and hopefully you will be able to build on that by requesting more data, not only about usage but about impact.  
  • How much of this impact could be achieved with a hotlist-only approach, with a retention time of three minutes or less?  I heard the pushback in the hearing that there isn’t a clear definition of what could go on the hotlist, and it could well be that cleanup is needed there.  Still, a hotlist-only approach significantly improves both privacy and the public safety risk of data abuse.
  • How to weigh that against the horrible impact ALPRs have on the safety of so many people – especially from impacted communities?  Remember, we only know about the abuses that have been detected and reported. How many of the risks would be mitigated by a hotlist-only approach, limiting retention to three minutes or less?

As several people pointed out while talking about different bills in the hearing, CR&J has a well-deserved reputation for excellent staff work.  Please ask them to dig into whatever data you can find here rather than just accepting claims at face value. In Lynnwood, for example, initial law enforcement reports about Flock efficiency had significant errors.  

Hopefully, reframing the thinking in this way can point to opportunities to strengthen the guardrails in ways that benefit both public safety and privacy – and significantly reduce the harms of these systems.   Please let me know how I can help you and your colleagues improve the bill as the session continues.

Jon Pincus, Bellevue