Data protection and surveillance: Swapping the speed camera for ANPR?
The great LibCon privacy test
When on holiday in the Dordogne two weeks ago (feels like two months now!), I picked up a Sunday Times newspaper which stated that the government was reducing grant-funding for speed cameras. This was given the thumbs-up by the paper which reported that many motorists see such cameras as a tax first and a life-saver second.
Some speed cameras are already history. Conservative-controlled Swindon Borough Council switched off its cameras in April this year, whilst a funding shortfall of £600,000 is causing Oxfordshire’s Road Safety Partnership to consider whether to shut down 72 of the county's speed cameras. Naturally, road-safety campaigners and some police officers are saying that this decision will ultimately cost lives.
So what has this to do with data protection and surveillance? Answer: the Sunday Times report omitted that the speed camera removal policy is likely to result in the installation of more “average speed cameras” which depend on Automated Number Plate Reading (ANPR) technology.
I am sure you have met these “average speed cameras” on many of our main trunk roads, usually where there are speed restrictions caused by roadworks. All they do is record your car number plate and the time it takes to pass between two cameras. If your vehicle takes below a pre-calculated time difference, you must have been speeding; hey presto, a nice letter inviting a “contribution to the Exchequer” arrives in the post the following week.
ANPR technology uses the fact that the surface of vehicle number plates, except for the lettering, is covered in tiny inverted hemispheres that cause any light radiation to be reflected back to the source. Infrared radiation is used (so cameras can avoid interference from ordinary light) and this allows ANPR cameras to be used 24/7. There has to be an infrared source adjacent to the camera to illuminate the image and the system is completed by processing technology that converts the reflected image to usable code which can be transmitted to other computers. (Relax - the physics lesson is over!)
If a vehicle number plate data is then linked to identity of the registered vehicle keeper (or other possible driver) then the data are personal data and the Data Protection Act becomes engaged.
ANPR surveillance arises as the personal data can be cross-checked in real-time against databases, including the Police National Computer, the DVLA databases, uninsured drivers, and police intelligence records, both locally and regionally, to identify vehicles of interest. If a registration plate is flagged up on a database, the system alerts the operator with both a visual and audible signal, providing details of which database has triggered a hit. The ANPR operator could then call for officers to intercept the vehicle and question the driver.
According to Kable “the police have more than 10,000 ANPR cameras” and that “forces in England and Wales are passing up to 14 million reads per day from automatic numberplate recognition cameras to a national database”. Kable also reports that “6,600 ANPR units run by the Highways Agency and Traffic master but these do not transmit full number plates, as they are used to calculate the speed of traffic over sections of road”.
According to a Devon and Cornwall Police document (pdf), the police can use recorded ANPR records for any general police inquiry for 90 days but after that access is restricted. The normal retention period of ANPR data on camera hits is two years but this might increase to five years when sent to the National ANPR data centre, which currently holds over 7.6 billion read records. If there is a “hit” with another police database, six-year retention is allowed.
Security Service access to these personal data at the ANPR data centre can be assumed to be on demand, and one can also assume the use of sophisticated searching tools to extract intelligence. It is a prime example of the previous government’s database state-surveillance which is subject to very little oversight. The wide national security exemption (S.28) effectively excludes oversight from the Information Commissioner, and the Surveillance Commissioner has no remit because overt use of ANPR (or any related database) is not covert or directed surveillance as defined by RIPA. See also the blog of 6 October 2009, where I discuss the streaming of ANPR images from Transport for London cameras to the national security agencies.
ANPR technology, like CCTV, will become ubiquitous and already CCTV installers are making quotes such as: “ANPR is probably the next growth product to take off in the UK, and the world; in fact, it is already beginning to be the biggest potential earner for installation companies.”
So there you have it. I think that as more speed cameras are removed, more and more accidents will occur. Over time, there will be increased public pressure to do something to counter the rising accident rate and ANPR installations (which only need a few cameras) will be the technological fix of choice.
In this way, specific surveillance of an accident black spot by a speed camera (which only captures the image of speeding cars breaking the law) is replaced by general surveillance of all vehicles passing the cameras (where records of date, time, driver details, location are all retained for possibly up to five years). Perhaps privacy advocates who are against ANPR should start having public love-ins with privacy-friendly speed cameras near their home?
To be serious for a moment, the government has promised forthcoming legislation on CCTV and this legislation will also apply to ANPR. The legislation will determine, by law, the use and retention of CCTV/ANPR images.
In Nine principles for assessing whether privacy is protected in a surveillance society, I argue that the use of legislation in this way can undermine the Data Protection Act. This is because when legislation dictates that CCTV can be installed for purpose X, and the images can be retained for Y years and disclosed to person Z, then use X, retention Y and disclosure Z all become lawful processing operations.
Additionally, the Information Commissioner has no effective power to regulate these processing operations – this is especially the case if he continues to be reluctant to use his powers in relation to lawful processing (see blog of 20th April 2010: Information Commissioner should enforce Article 8 privacy rights).
In other words, the text of the forthcoming CCTV legislation will be an early test of this government’s claim that it intends to redress the balance between state surveillance and individual privacy.
This story originally appeared at HAWKTALK, the blog of Amberhawk Training Ltd.
Sponsored: Today’s most dangerous security threats