Skip Navigation
Resource

Law Enforcement Access to Smart Devices

More and more devices are becoming part of the ‘internet of things.’ Here’s what they are, what they collect, and what police might get.

Published: December 21, 2020

This resource details the poten­tial privacy issues for numer­ous inter­net-connec­ted devices. They include connec­ted cameras (door­bells, indoor, and outdoor cameras), smart speak­ers and digital assist­ants, phys­ical activ­ity track­ers, ther­mo­stats, in-car systems, and auto­mated license plate read­ers.

The summar­ies include how the devices work and who makes them, what kinds of data are collec­ted and how long it’s retained, possible uses of device data by law enforce­ment, trans­par­ency reports, and relev­ant legal cases and further read­ing.

The resource is a compan­ion to our related expert brief, which covers privacy and civil rights concerns, the legal frame­works for data access, how law enforce­ment access works in prac­tice, and conclu­sions about how to improve privacy protec­tions.

I. Connected Cameras (Doorbells and Indoor and Outdoor Cameras)

How they work and who makes them

  • Who makes them: Compan­ies selling this tech­no­logy include Google (Nest), Amazon (Ring), SimpliSafe, eufy, and Arlo.

What kinds of data are collec­ted and how long data is retained

  • Data about the owner: Name, home address, loca­tions where the cameras are placed, and credit card inform­a­tion may be stored by these connec­ted cameras. foot­note6_kjlz2j3 6 See, e.g., “Ring Privacy Notice,” last updated Octo­ber 9, 2020, https://shop.ring.com/pages/privacy-notice; and “Privacy State­ment for Nest Products and Services,” accessed Decem­ber 16, 2020, https://nest.com/legal/privacy-state­ment-for-nest-products-and-services/. In some situ­ations, users can also share their social media handles, demo­graphic inform­a­tion, interests, hobbies, gender, and age. foot­note7_mrqemkp 7 See, e.g., “eufy Privacy Policy,” accessed Decem­ber 16, 2020, https://www.eufylife.com/privacy-policy#1 (“We may ask you to submit the follow­ing types of Personal Inform­a­tion: first and last name, coun­try, email address, product serial number, date of purchase, tele­phone number, mail­ing address, and proof of purchase. We may also collect addi­tional personal inform­a­tion such as your interests or hobbies, your gender or age.”); and “SimpliSafe Privacy Policy,” last updated Febru­ary 2020, https://simplisafe.com/privacy-policy (“Types of personal inform­a­tion we collect when you become a customer and provide it to us include . . . demo­graphic inform­a­tion about you.”).
  • Data about others: Video and audio record­ings of resid­ents, guests, employ­ees, service work­ers, and others who may enter the camer­a’s capture radius can be captured and stored. Depend­ing on where a camera is placed, it may also record events that occur on the streets and even in homes surround­ing the device — for example, when the camera can see a neigh­bor’s window.
    • Compan­ies such as Google and eufy offer facial recog­ni­tion data that captures “face images and under­ly­ing face prints,” allow­ing device owners to track anyone that comes into contact with the camera. foot­note8_sma4xae 8 “Learn about famil­iar face detec­tion,” Google Nest, accessed Decem­ber 16, 2020, https://support.google.com/google­n­est/answer/9268625?co=GENIE.Plat­form%3DAndroid&hl=en (facial recog­ni­tion). Google directs owners to notify “guests” that their faces may be captured. See Privacy State­ment for Nest Products and Services (“Depend­ing on where you live and how you config­ure the Products and Services, you may need to get expli­cit consent to scan the faces of people visit­ing your home.”).
    • Compan­ies such as SimpliSafe also main­tain lists of the number of adults and chil­dren living in a home, as well as the name and tele­phone number of a friend or family member to be aler­ted in case of an alarm. foot­note9_3owcez9 9 See SimpliSafe Privacy Policy, last updated Febru­ary 2020, https://simplisafe.com/privacy-policy (“Types of personal inform­a­tion we collect when you become a subscriber to monit­or­ing services and you provide it to us include . . . the number of adults and chil­dren living at the loca­tion where the alarm will be installed . . . name and tele­phone number for friends or family you would like to be contrac­ted in the event of an alarm”).
    • Compan­ies also capture a running list of motions and alerts, includ­ing which camera captured the inform­a­tion; the date and time; envir­on­mental data such as the temper­at­ure of the device and ambi­ent light sensors; and tech­nical inform­a­tion such as the model and serial number, soft­ware version, and Wi-Fi signal strength. foot­note10_ambzoxw 10 See, e.g., Leo Kelion, “Amazon’s Ring Logs Every Door­bell Press and App Action,” BBC, March 4, 2020, https://www.bbc.com/news/tech­no­logy-51709247.
  • Reten­tion: The reten­tion period for foot­age may depend on the plan obtained by a user. For example, Nest Aware Plus stores 60 days’ worth of “event video” (record­ings triggered by activ­ity that a camera detects) history in the cloud, and stores 24/7 record­ings for a period of 10 days. foot­note11_p87h­p5p 11 “Don’t Miss a Thing with the New Nest Aware,” Google Store, accessed Decem­ber 16, 2020, https://store.google.com/us/product/nest_aware; see also Ring Protect. By compar­ison, some compan­ies offer local reten­tion using tradi­tional memory cards which can store months’ worth of record­ings but would not be directly avail­able to anyone other than those with access to the phys­ical card. foot­note12_6o29ycl 12 See, e.g., “eufyCam,” accessed Decem­ber 16, 2020, https://www.eufylife.com/products/vari­ant/eufycam/T88011D1. “eufyCam does­n’t require any monthly fees to use, and comes with a 16GB microSD card that stores up to one-years’ worth of record­ings. Cloud stor­age service optional.”

Law enforce­ment access

  • Access via user: The person purchas­ing the cameras can choose to share record­ings directly with law enforce­ment.
  • Access via device manu­fac­turer: Law enforce­ment can request access to data directly from the company.
    • Compelled Disclos­ure: Depend­ing on factors such as the sens­it­iv­ity of the data or if a request relates to the content of commu­nic­a­tions, a warrant or subpoena may be legally required. Company privacy policies typic­ally note that they will disclose user data where required by law. foot­note16_85ic2bn 16 See, e.g., “Ring Privacy Notice.” (“We also may disclose personal inform­a­tion about you (1) if we are required to do so by law or legal process (such as a court order or subpoena.”); and “Privacy State­ment for Nest Products and Services.” (“We will share personal inform­a­tion with third parties if we have a good faith belief that access, use, preser­va­tion or disclos­ure of the inform­a­tion is reas­on­ably neces­sary to (i) meet any applic­able law, regu­la­tion, legal process or enforce­able govern­ment request.”) However, in situ­ations where legal oblig­a­tions are unclear, it may be up to the company to make indi­vidual decisions about whether to push back against an over­broad request.
    • Volun­tary Disclos­ure: Company privacy policies note that in situ­ations such as emer­gen­cies or when the company believes it is neces­sary to protect against harm to the rights, prop­erty, or safety of the company, its users, or the public, they may volun­tar­ily hand over data to law enforce­ment. foot­note17_55pz­a9y 17 See, e.g., Privacy State­ment for Nest Products and Services; Ring Privacy Notice; SimpliSafe Privacy Policy; and “Arlo Terms and Condi­tions,” last updated August 26, 2020, https://www.arlo.com/en-us/about/terms-and-condi­tions/. However, depend­ing on the nature of the company and the specific func­tion­al­ity of their product, there may be no legal restric­tions that limit a company’s volun­tary disclos­ure of data to law enforce­ment.

Possible uses of device data by law enforce­ment

  • Review video and audio record­ing of an incid­ent.
  • Review foot­age of a person or their car or other mode of trans­port­a­tion.
  • Estab­lish a rela­tion­ship between people and between a person and a given resid­ence.
  • Eval­u­ate a person’s alibi or version of events.
  • Run still images through police facial recog­ni­tion systems.

Trans­par­ency reports

Relev­ant legal cases and further read­ing

End Notes

II. Digital Assistants

How they work and who makes them

  • How they work: Digital assist­ants are voice-enabled devices that perform a vari­ety of tasks based on preset commands. foot­note1_o7zuw0n 1 See Richard Bagu­ley and Colin McDon­ald, “Appli­ance Science: Alexa, How Does Alexa work? The Science of Amazon Echo,” CNET, August 4, 2016, https://www.cnet.com/news/appli­ance-science-alexa-how-does-alexa-work-the-science-of-amazons-echo/. They can be used to perform inter­net quer­ies, display connec­ted camera streams, control speak­ers and tele­vi­sion sets, and more. foot­note2_edrj6rx 2 Stacey Gray, Always On: Privacy Implic­a­tions of Micro­phone-Enabled Devices, Future of Privacy Forum, April 2016, https://fpf.org/wp-content/uploads/2016/04/FPF_Always_On_WP.pdf. Amazon allows users to set up their devices to detect sounds such as smoke alarms or glass break­ing, and they can be programmed to “deter” unwanted visit­ors by turn­ing on lights or play­ing the sound of a dog bark­ing. foot­note3_b50x­alt 3 See “Intro­du­cing Alexa Guard Plus,” Amazon, accessed Decem­ber 16, 2020, https://www.amazon.com/b?ie=UTF8&node=18021383011.
  • Who makes them: Some of the compan­ies selling this tech­no­logy include Google (Google Assist­ant), Amazon (Alexa), and Apple (Siri). They integ­rate this tech­no­logy into a vari­ety of differ­ent hard­ware devices, such as the Google Nest Hub, Amazon Echo, and Apple HomePod.

What kinds of data are collec­ted and how long data is retained

  • Data about the owner: Voice record­ings, name, address, email address, nick­name, tele­phone number, credit card inform­a­tion, and more. foot­note4_61l95s5 4 See, e.g., “Amazon Privacy Notice,” Amazon, last updated Janu­ary 1, 2020, https://www.amazon.com/gp/help/customer/display.html?nodeId=GX7N­JQ4ZB8M­H­FRNJ. Digital assist­ants may also access loca­tion history, search history, device contacts, website activ­ity, calen­dar data, and more. foot­note5_7e080kn 5 Anyone within the range of a digital assist­ant may be able to activ­ate the device and learn inform­a­tion about the person whose account is asso­ci­ated with the device (e.g., calen­dar, contacts, email, and more). By aggreg­at­ing one policy for vari­ous services, compan­ies like Google make it diffi­cult to fully under­stand the universe of data collec­ted, stored, and shared by its digital assist­ant product. See, e.g., “Google Privacy Policy,” last updated Septem­ber 30, 2020, https://policies.google.com/privacy.
  • Data about others: Voice record­ings of indi­vidu­als who inter­act with the digital assist­ant or whose voices are audible in a record­ing.
  • Reten­tion: Amazon retains voice record­ings and tran­scripts indef­in­itely, until a user deletes them. foot­note6_cgia8bk 6 Brian Huse­man (Amazon) to Senator Coons, June 28, 2019, https://www.coons.senate.gov/imo/media/doc/Amazon%20Sen­ator%20Coons__Response%20Let­ter__6.28.19[3].pdf. (“We retain custom­ers’ voice record­ings and tran­scripts until the customer chooses to delete them.”) Google says that it does not retain audio record­ings by default; users can elect to store record­ings and can set up auto­matic dele­tion. foot­note7_xe4a6z3 7 “Data Secur­ity and Privacy on Devices that Work with Assist­ant,” Google Nest Help, accessed Decem­ber 16, 2020, https://support.google.com/google­n­est/answer/7072285?hl=en. Apple stores record­ings using a random iden­ti­fier for six months (making it diffi­cult to connect the record­ings to a person’s account) and then stores them without any iden­ti­fier for up to two years. foot­note8_dibg2z1 8 See “Ask Siri, Dicta­tion & Privacy,” Apple, accessed Decem­ber 16, 2020, https://support.apple.com/en-us/HT210657. (“Your request history is asso­ci­ated with the random iden­ti­fier for up to six months. Your request history may include tran­scripts, audio for users who have opted in to Improve Siri and Dicta­tion, and related request data such as device specific­a­tions, device config­ur­a­tion, perform­ance stat­ist­ics, and the approx­im­ate loca­tion of your device at the time the request was made. After six months, your request history is disso­ci­ated from the random iden­ti­fier and may be retained for up to two years to help Apple develop and improve Siri, Dicta­tion, and other language processing features like Voice Control. The small subset of requests that have been reviewed may be kept beyond two years, without the random iden­ti­fier, for ongo­ing improve­ment of Siri.”)

Law enforce­ment access

  • Access via user: Law enforce­ment can ask the owner of the device to turn over data volun­tar­ily.
  • Access via device manu­fac­turer: Law enforce­ment can also request access to data directly from the company.
    • Compelled Disclos­ure: Depend­ing on factors such as the sens­it­iv­ity of the data or if a request relates to the content of commu­nic­a­tions, a warrant or subpoena may be legally required. Company privacy policies typic­ally note that they will disclose user data where required by law. foot­note9_qdyw2ke 9 See, e.g., “Amazon Privacy Notice.” (“We release account and other personal inform­a­tion when we believe release is appro­pri­ate to comply with the law; enforce or apply our Condi­tions of Use and other agree­ments; or protect the rights, prop­erty, or safety of Amazon, our users, or others”); “Google Privacy Policy.” (“We will share personal inform­a­tion outside of Google if we have a good-faith belief that access, use, preser­va­tion, or disclos­ure of the inform­a­tion is reas­on­ably neces­sary to . . . meet any applic­able law, regu­la­tion, legal process, or enforce­able govern­mental request”); and “Apple Privacy Policy,” last updated Decem­ber 31, 2019, https://www.apple.com/legal/privacy/en-ww/. (“It may be neces­sary − by law, legal process, litig­a­tion, and/or requests from public and govern­mental author­it­ies within or outside your coun­try of resid­ence − for Apple to disclose your personal inform­a­tion. We may also disclose inform­a­tion about you if we determ­ine that for purposes of national secur­ity, law enforce­ment, or other issues of public import­ance, disclos­ure is neces­sary or appro­pri­ate.”) However, in situ­ations where legal oblig­a­tions are unclear, it may be up to the company to make indi­vidual decisions about whether to push back against an over­broad request.
    • Volun­tary Disclos­ure: Company privacy policies note that in situ­ations such as emer­gen­cies or when the company believes it is neces­sary to protect the rights, prop­erty, or safety of the company, its users, or the public, the company may also volun­tar­ily hand over data to law enforce­ment. foot­note10_9gxk­sxs 10 See, e.g., “Amazon Privacy Notice”; “Google Privacy Policy”; and “Apple Privacy Policy.” However, depend­ing on the nature of the company and the specific func­tion­al­ity of their product, there may be no legal restric­tions that limit a company’s volun­tary disclos­ure of data to law enforce­ment.

Possible uses of device data by law enforce­ment

  • Identify a suspect, victim, or witness through voice record­ings.
  • Eval­u­ate a person’s alibi or version of events.
  • Estab­lish a rela­tion­ship between people and between a person and a given resid­ence.

Trans­par­ency reports

  • Amazon, Google, and Apple publish summar­ies incor­por­at­ing all disclos­ures of user data into an over­all report that gives numbers across each company’s entire suite of products. These docu­ments do not break down the number of law enforce­ment requests for data from digital assist­ants or specify the type of data provided. foot­note11_ibig7qr 11 See “Amazon Trans­par­ency Report”; “Google Trans­par­ency Report”; and “Apple Trans­par­ency Report,” accessed Decem­ber 16, 2020, https://www.apple.com/legal/trans­par­ency/us.html.
    • Trans­par­ency reports do not account for situ­ations where users volun­tar­ily turn over data to law enforce­ment.

Relev­ant legal cases and further read­ing

End Notes

III. Activity Trackers

How they work and who makes them

  • How they work: Activ­ity track­ers are personal devices that are used to track an indi­vidu­al’s move­ments and health data. This data can be accessed via a mobile applic­a­tion or other personal device. foot­note1_gbn604w 1 See, e.g., Robbie Gonza­lez, “Science Says Fitness Track­ers Don’t Work Anyway,” Wired, Decem­ber 25, 2017, https://www.wired.com/story/science-says-fitness-track­ers-dont-work-wear-one-anyway/.
  • Who makes them: Compan­ies selling this tech­no­logy include Fitbit, Garmin, Amazon, and Apple.

What kinds of data are collec­ted and how long data is retained

 Law enforce­ment access

  • Access via user: Law enforce­ment can ask the owner of the device to turn over data volun­tar­ily.
  • Access via device manu­fac­turer: Law enforce­ment can also request access for data directly from the company.
    • Compelled Disclos­ure: Depend­ing on factors such as the sens­it­iv­ity of the data or if a request relates to the content of commu­nic­a­tions, a warrant or subpoena may be legally required. Company privacy policies typic­ally note that they will disclose user data where required by law. foot­note35_hqqjyxk 35 See, e.g., “Garmin Privacy Policy”; “Fitbit Privacy Policy.”  However, in situ­ations where legal oblig­a­tions are unclear, it may be up to the company to make indi­vidual decisions about whether to push back against an over­broad request.
    • Volun­tary Disclos­ure: Company privacy policies note that in situ­ations such as emer­gen­cies or where the company believes it is neces­sary to respond to threats to the secur­ity of the services or the phys­ical safety of any person, compan­ies such as Fitbit may also volun­tar­ily hand over data to law enforce­ment. foot­note36_zzl31pr 36 See “Fitbit Privacy Policy.”  However, depend­ing on the nature of the company and the specific func­tion­al­ity of their product, there may be no legal restric­tions that limit a company’s volun­tary disclos­ure of data to law enforce­ment.

 Possible uses of device data by law enforce­ment

  • Approx­im­ate a person’s loca­tion or move­ments during a given time frame.
  • Eval­u­ate a person’s alibi or version of events.
  • Approx­im­ate a person’s time of death.

Trans­par­ency reports

  • No trans­par­ency reports iden­ti­fied.

 Relev­ant legal cases and further read­ing

End Notes

IV. Connected Thermostats

How they work and who makes them

What kinds of data are collec­ted and how long data is retained

  • Data about the owner:
  • Data about a resid­ence and its inhab­it­ants:
    • These devices can collect indoor and outdoor temper­at­ure, smoke and carbon monox­ide levels, humid­ity, ambi­ent light, move­ment, and more. foot­note41_jktc8tt 41 See “Data Protec­tion Notice,” Bosch Ther­mo­tech­no­logy.
    • They may also gather usage data, includ­ing the status and runtime of heat­ing and air condi­tion­ing in the home and the over­all home elec­trical usage. foot­note42_h91gyuf 42 See LUX Privacy Policy,; “Resideo Connec­ted Home End-User License Agree­ment and Privacy State­ment,” Resideo, last updated June 1, 2020, https://www.resideo.com/us/en/corpor­ate/legal/eula/english-gb/#_PRIVACY_RESIDEO.
    • Some devices store inform­a­tion based on inter­ac­tions with third party devices, such as home computers. foot­note43_pflahil 43 See “Resideo Connec­ted Home End-User License Agree­ment and Privacy State­ment;” “LUX Privacy Policy.”
  • Reten­tion: The reten­tion period for data varies. For example, Google says it may retain some data indef­in­itely, whereas other data is deleted after a “prede­ter­mined period.” However, there is no specific reten­tion period by each data type. foot­note44_025s6m3 44 See “Nest Reten­tion State­ment,” Nest, accessed Decem­ber 16, 2020, https://nest.com/data-reten­tion/.

Law enforce­ment access

  • Access via user: Law enforce­ment can ask the owner of the device to turn over data volun­tar­ily.
  • Access via device manu­fac­turer: Law enforce­ment can also request access for data directly from the company.
    • Compelled Disclos­ure: Depend­ing on factors such as the sens­it­iv­ity of the data or if a request relates to the content of commu­nic­a­tions, a warrant or subpoena may be legally required. Company privacy policies typic­ally note that they will disclose user data where required by law. foot­note45_afls­d8t 45 See, e.g., “Privacy State­ment for Nest Products and Services”; “Amazon Privacy Notice”; and “LUX Privacy Policy.”  However, in situ­ations where legal oblig­a­tions are unclear, it may be up to the company to make indi­vidual decisions about whether to push back against an over­broad request.
    • Volun­tary Disclos­ure: Company privacy policies note that in situ­ations such as emer­gen­cies or when the company believes it is neces­sary to protect against harm to the rights, prop­erty, or safety of the company, its users, or the public, the company may also volun­tar­ily hand over data to law enforce­ment. foot­note46_t5oinlt 46 See, e.g., “Privacy State­ment for Nest Products and Services”; “Amazon Privacy Notice”; and “LUX Privacy Policy.”  However, depend­ing on the nature of the company and the specific func­tion­al­ity of their product, there may be no legal restric­tions that limit a company’s volun­tary disclos­ure of data to law enforce­ment.

Possible uses of device by law enforce­ment

  • Verify a person’s alibi or version of events.
  • Eval­u­ate move­ments that may contra­dict a person’s state­ments.
  • Verify whether someone was inside a home.

Trans­par­ency reports

  • Google and Amazon publish reports incor­por­at­ing all disclos­ures of user data into an over­all summary that gives numbers across each company’s entire suite of products. These docu­ments do not break down the number of law enforce­ment requests for data from connec­ted ther­mo­stats or specify the type of data provided. foot­note47_zn32e4l 47 See “Amazon Trans­par­ency Report”; “Google Trans­par­ency Report.”
    • Trans­par­ency reports do not account for situ­ations where users volun­tar­ily turn over data to law enforce­ment.
  • Honey­well, Lux Kono, and Bosch do not publish trans­par­ency reports.

Relev­ant legal cases and further read­ing

End Notes

V. Connected Cars

(a) Embed­ded Tech­no­logy

How they work and who makes them

  • How they work: Embed­ded tech­no­lo­gies are built-in features that enable cars to perform a vari­ety of tasks. These can include:
  • Who makes them: Compan­ies offer­ing embed­ded tech­no­lo­gies in their vehicles include BMW, Ford, Tesla, Toyota, Subaru, and others.

What kinds of data are collec­ted and how long is data retained

  • Data about the owner: Embed­ded tech­no­lo­gies can collect the owner’s name, address, tele­phone number, date of birth, email address, login inform­a­tion, demo­graphic data, gender, emer­gency contact inform­a­tion, inform­a­tion about the acquis­i­tion and finan­cing of a vehicle, and credit card inform­a­tion. foot­note51_xudo9xa 51 See, e.g. “OnStar Privacy State­ment,” last updated Janu­ary 2020, https://www.onstar.com/us/en/privacy_state­ment/.
  • Data about the car and people inside the car: These tech­no­lo­gies can also record the loca­tion data of a car’s move­ments; audio record­ings (such as voice record­ings of indi­vidu­als that inter­act with a digital assist­ant); car diagnostics (such as tire pres­sure, fuel levels, and odometer read­ings); incid­ent data (such as inform­a­tion about colli­sions, the direc­tion from which a car was hit, which airbags were deployed, and safety belt usage); commu­nic­a­tions with third parties and with employ­ees provid­ing support services; and vehicle data such as a car’s loca­tion within a lane or its aver­age speed. foot­note52_oy9y026 52 See, e.g., “OnStar Privacy State­ment”; “BMW Assist Terms and Condi­tions,” BMW, last updated June 14, 2017, https://www.bmwusa.com/content/dam/bmwusa/connec­ted-drive/pdf/BMWAssist_TERMS_and_CONDI­TIONS_2014_later.pdf; and “Subaru Starlink Privacy Policy,” last updated May 1, 2018, https://www.subaru.com/company/starlink-privacy.html.
  • Reten­tion: Reten­tion peri­ods are unclear; some privacy policies disclose that they retain inform­a­tion as long as neces­sary to provide services and comply with legal oblig­a­tions. foot­note53_i2th0c9 53 See, e.g., “Subaru Starlink Privacy Policy”; “OnStar Privacy State­ment”; and “BMW Assist Terms and Condi­tions.” OnStar warns users that it is their respons­ib­il­ity to delete their inform­a­tion from OnStar systems before they sell or other­wise trans­fer their car to another owner. foot­note54_9s2uyje 54 “OnStar Privacy State­ment.” (“If you sell or other­wise trans­fer your vehicle, it is your respons­ib­il­ity to delete all inform­a­tion (such as contacts, address look-ups, saved map addresses) from the vehicle’s system and contact us to trans­fer or cancel your account. If you do not delete this inform­a­tion, it may remain on the vehicle’s system and may be access­ible to future users of the vehicle. For instruc­tions on how to delete inform­a­tion from your vehicle’s system, please refer to your vehicle owner’s manual.”).

Law enforce­ment access

  • Access via user: Law enforce­ment can ask the car owner to provide inform­a­tion they can access in the car or through a mobile applic­a­tion connec­ted to the car. The owner may be differ­ent from the person who regu­larly oper­ates the car — for example, where an employer, part­ner, parent, or other person is the car owner.
  • Access via car manu­fac­turer: Law enforce­ment can also request data directly from the company.
    • Compelled Disclos­ure: Depend­ing on factors such as the sens­it­iv­ity of the data or if a request relates to the content of commu­nic­a­tions, a warrant or subpoena may be legally required. Company privacy policies typic­ally note that they will disclose user data where required by law. foot­note55_rlsekfc 55 See, e.g., “Subaru Starlink Privacy Policy.” (“We cooper­ate with govern­ment and law enforce­ment offi­cials and private parties to enforce and comply with the law and may be compelled to disclose your inform­a­tion to govern­ment or law enforce­ment offi­cials or private parties in response to a validly-issued subpoena or court order to . . . satisfy any applic­able law, regu­la­tion, subpoenas, govern­mental requests, or legal process . . .”); “OnStar Privacy State­ment.” ("As required or permit­ted by law, such as in conjunc­tion with a subpoena, govern­ment inquiry, litig­a­tion, dispute resol­u­tion, or similar legal process, when we believe in good faith that disclos­ure is neces­sary to protect our rights, your safety, or the safety of others, to detect, invest­ig­ate and prevent fraud, or to conduct screen­ing to ensure you are not on any govern­ment list of restric­ted parties.”); and “BMW Assist Terms and Condi­tions.” (“We reserve the right to disclose your personal inform­a­tion to respond to author­ized inform­a­tion requests from govern­ment author­it­ies, subpoenas or other litig­a­tion process or to protect the interests or safety of the Sites’ visit­ors, custom­ers, employ­ees, or others, to address national secur­ity situ­ations, or when other­wise required by law.”). For example, police have been able to request loca­tion data and real-time wiretap­ping of conver­sa­tions with a warrant. foot­note56_ua2qgmg 56 See, e.g., “Subaru Starlink Privacy Policy”; “OnStar Privacy State­ment”; and “BMW Assist Terms and Condi­tions.” However, in situ­ations where legal oblig­a­tions are unclear, it may be up to the company to make indi­vidual decisions about whether to push back against an over­broad request.
    • Volun­tary Disclos­ure: Company privacy policies note that in situ­ations such as emer­gen­cies or where the company believes it is neces­sary to protect against harm to the rights, prop­erty, or safety of the company, its users, or the public, the company may also volun­tar­ily hand over data to law enforce­ment. foot­note57_ma8jttt 57 See, e.g., “Subaru Starlink Privacy Policy”; “OnStar Privacy State­ment”; and “BMW Assist Terms and Condi­tions.” However, depend­ing on the nature of the company and the specific func­tion­al­ity of their product, there may be no legal restric­tions that limit a company’s volun­tary disclos­ure of data to law enforce­ment.

Possible uses of device data by law enforce­ment

  • Eval­u­ate a person’s alibi or version of events.
  • Eval­u­ate a person’s loca­tion or move­ments during a given time frame.
  • Eval­u­ate whether someone was inside a car.
  • Analyze voice record­ings that identify a suspect, victim, and more.
  • Inter­cept commu­nic­a­tions and track loca­tion on an ongo­ing basis.

Trans­par­ency reports

  • No trans­par­ency reports were located.

Relev­ant legal cases and further read­ing

  • Cartap­ping: How Feds Have Spied on Connec­ted Cars For 15 Years (Forbes)
  • Burg­lary Suspect Arres­ted in Camden After OnStar Tracks Stolen Vehicle (Philly Voice)
  • 12-Year-Old Faces Felony Charges After High Speed Chase Through Conroe (The Cour­ier)
  • BMW Remotely Locks Alleged Thief In Car He’s Trying to Swipe (CNET)
  • In the Matter of the Applic­a­tion of the United States for an Order Author­iz­ing the Roving Inter­cep­tion of Oral Commu­nic­a­tions, 2003 in case # 02–15635, the Ninth Circuit allowed the FBI to obtain a court order compel­ling a car manu­fac­turer to use tech­no­logy embed­ded in a car to allow agents to eaves­drop on conver­sa­tions in the car.
  • People v. Oelerich, 78 N.E.3d 992 (Ill. App. Ct. 2017). Defend­ant’s car had OnStar. One piece of evid­ence was a 47-second-long record­ing of the conver­sa­tion between the OnStar oper­ator and the defend­ant, where the oper­ator asked the defend­ant what had just happened and the defend­ant said, refer­ring to a hallu­cino­genic drug, “I was driv­ing because I wanted to have the great DMT trip of my life. And I cannot die….” The prosec­utor used the OnStar record­ing to argue that the defend­ant was delib­er­ate in driv­ing into the other vehicle, while the defense used the record­ing to show that the defend­ant had not been rational and was in a psychotic state.
  • State v. Wilson, 2008-Ohio-2863 (Ohio Ct. App. 2008). Defend­ant purchased a used vehicle equipped with OnStar, but he declined OnStar services. However, the service had not yet been disabled when OnStar received an emer­gency button key press from the vehicle. After the OnStar oper­ator received no response, they reques­ted local police to provide emer­gency assist­ance at the vehicle’s loca­tion. While monit­or­ing the vehicle, the oper­ator over­heard the vehicle occu­pants discuss­ing a possible illegal drug trans­ac­tion and permit­ted the police dispatcher to listen in. The dispatcher noti­fied the officers. The officer who arrived on scene “observed furt­ive move­ment” from the driver of the vehicle (the defend­ant), removed him from the vehicle, and conduc­ted a search, ulti­mately find­ing marijuana. The trial court denied the defend­ant’s motion to suppress, find­ing there was no Fourth Amend­ment viol­a­tion because govern­mental action did not cause the OnStar employee to monitor the conver­sa­tion. The court of appeals affirmed.
  • People v. Jacques, 2016 WL 4482930 (Cal. Ct. App. 2016). Follow­ing a burg­lary where the victim repor­ted the license plate number of the defend­ant, police obtained a warrant to access the loca­tion of the defend­ant’s vehicle through OnStar. After locat­ing the defend­ant’s vehicle, the police planted their own track­ing device on the car to track its loca­tion.

(b) Supple­mental Tech­no­logy

How they work and who makes them

What kinds of data are collec­ted and how long data is retained

  • Data about the device owner: These devices may collect the user’s name, mail­ing address, email address, tele­phone number, and payment inform­a­tion. foot­note63_xa5n­qkm 63 See ““The Rise of the In-car Digital Assist­ant.”
  • Data about the car and people inside the car: They may also gather loca­tion data, video and audio foot­age of what occurs in and around a car, and diagnostic reports about the condi­tion of a car. foot­note64_zsaz4ey 64 See, e.g., “Garmin Privacy Policy”; “Raven Privacy Policy,” accessed Decem­ber 16, 2020, https://raven­con­nec­ted.com/privacy-policy/; “Vivint Privacy Policy,” last updated Decem­ber 15, 2019, https://www.vivint.com/company/policies/privacy; “Google Privacy Policy”; and “Amazon Privacy Notice.”
  • Reten­tion: Reten­tion peri­ods are unclear, with some privacy policies disclos­ing that they retain inform­a­tion as long as neces­sary to provide services. foot­note65_zxht­wz3 65 See, e.g. “JVCK­EN­WOOD USA Corpor­a­tion Privacy Policy,” last updated July 1, 2020, https://policy.us.jvck­en­wood.com/privacy.html. (“JVCK­EN­WOOD USA Corpor­a­tion will retain your Personal Inform­a­tion for the period neces­sary to fulfill the purposes outlined in this Privacy Policy unless a longer reten­tion period is required or permit­ted by for legal, audit­ing, or compli­ance purposes.”); “Raven Privacy Policy.” (“We retain your personal inform­a­tion only as long as neces­sary to facil­it­ate the use of our products and services. When your cancel your subscrip­tion to our services, we will take steps to have your personal inform­a­tion deleted and erased.”)

Law enforce­ment access

  • Access via user: Law enforce­ment can ask the owner of the device to turn over the data. The device owner may be differ­ent from the car owner — for example, where an employer, part­ner, parent, or other person controls a device attached to a car.
  • Access via device manu­fac­turer: Law enforce­ment can also request access for data directly from the company.
    • Compelled Disclos­ure: Depend­ing on factors such as the sens­it­iv­ity of the data or if a request relates to the content of commu­nic­a­tions, a warrant or subpoena may be legally required. Company privacy policies typic­ally note that they will disclose user data where required by law. foot­note66_c3pk5kf 66 See, e.g., “JVCK­EN­WOOD USA Corpor­a­tion Privacy Policy.” (“JVCK­EN­WOOD USA Corpor­a­tion may share inform­a­tion about you for busi­ness purposes as follows or as other­wise described in this Privacy Policy . . . in response to a subpoena, legal order or offi­cial request, includ­ing lawful requests by public author­it­ies to meet national secur­ity or law enforce­ment require­ments.”); “Raven Privacy Policy.” (“Raven Connec­ted may be reques­ted or required by law to disclose personal inform­a­tion to proper law enforce­ment author­it­ies, even though you might have reques­ted that we do not share such personal inform­a­tion. This inform­a­tion may be neces­sary to identify, contact or bring legal action against anyone who may attempt to cause injury to another’s rights or prop­erty. We may also release your personal inform­a­tion when we believe the release is appro­pri­ate to comply with the law, enforce our policies, or protect ours or others’ rights, prop­erty, or safety.”)  However, in situ­ations where legal oblig­a­tions are unclear, it may be up to the company to make indi­vidual decisions about whether to push back against an over­broad request.
    • Volun­tary Disclos­ure: Company privacy policies note that in situ­ations such as emer­gen­cies or when the company believes it is neces­sary to protect their rights and prop­erty, they may also volun­tar­ily hand over data to law enforce­ment. foot­note67_ccrs7fr 67 See, e.g., “JVCK­EN­WOOD USA Corpor­a­tion Privacy Policy”; “Raven Privacy Policy.” However, depend­ing on the nature of the company and the specific func­tion­al­ity of their product, there may be no legal restric­tions that limit a company’s volun­tary disclos­ure of data to law enforce­ment.

Possible uses of device data by law enforce­ment

  • Eval­u­ate a person’s alibi or version of events.
  • Eval­u­ate a person’s loca­tion or move­ments during a given time frame.
  • Verify whether someone was inside a car.
  • Eval­u­ate voice record­ings to help identify a suspect, victim, and more.

Trans­par­ency reports

  • Apple, Amazon, and Google publish summar­ies incor­por­at­ing all disclos­ures of user data into an over­all report that gives numbers across each company’s entire suite of products. These docu­ments do not break down the number of law enforce­ment requests for data from each product or specify the type of data provided. foot­note68_uw018d7 68 See “Apple Trans­par­ency Report”; “Amazon Trans­par­ency Report”; and “Google Trans­par­ency Report.”
    • Trans­par­ency reports do not account for situ­ations where users volun­tar­ily turn over data to law enforce­ment.
  • Pion­eer, Kenwood, OnStar, Garmin, Raven, and Vivint do not publish trans­par­ency reports.

Relev­ant legal cases and further read­ing

End Notes

VI. License Plate Readers

How they work and who makes them

  • How they work: License plate read­ers use a combin­a­tion of cameras and computer soft­ware to scan and store the license plates as well as photos of every car passing by the device.
    • Through a user inter­face, users can set up “hot lists” to alert them whenever a partic­u­lar car passes by or leaves a neigh­bor­hood.
    • Compan­ies also retain license plate inform­a­tion for future uses. These uses may include data shar­ing with law enforce­ment and with other custom­ers who have “a legit­im­ate commer­cial interest,” foot­note69_xs4fiyi 69 See, e.g., “Vigil­ant Solu­tions Usage and Privacy Policy,” accessed Decem­ber 16, 2020, https://www.vigil­ant­solu­tions.com/lpr-usage-and-privacy-policy. (“The company author­izes collec­tion of LPR data for the use of the company and its custom­ers consist­ent with this policy. The author­ized uses of the ALPR system are . . . (1) By custom­ers to identify or ascer­tain the loca­tion of a specific vehicle under circum­stances when there is a legit­im­ate commer­cial interest . . . (2) By law enforce­ment agen­cies for law enforce­ment purposes . . . (3) By the company to make LPR data avail­able to custom­ers and law enforce­ment agen­cies (LEAs) for the purposes above, and to provide market research inform­a­tion to custom­ers based on aggreg­ated LPR data.”)  such as repos­ses­sion services on behalf of cred­it­ors. foot­note70_7msx5x8 70 See, e.g., Susan Cran­dall,“Vigil­ant Solu­tions Bolsters Commer­cial LPR Data­base through Agree­ment with Plate Locate,” Digital Recog­ni­tion Network, April 19, 2018, https://drndata.com/vigil­ant-solu­tions-bolsters-commer­cial-lpr-data­base-agree­ment-plate-locate/.
  • Who makes them: Compan­ies selling these devices include Flock Safety, Vigil­ant Solu­tions, and Obsidian Integ­ra­tion.

What kinds of data are collec­ted and how long is data retained

  • Data about the owner: These devices may record the name, phone number, email, zip code, foot­note71_4atstca 71 “Privacy Policy for Flock Safety,” last updated July 10, 2020, https://www.flock­safety.com/legal/privacy-policy.  user­names, affil­i­ated organ­iz­a­tions, and IP addresses of anyone who accesses the license plate reader data. foot­note72_ga5fkhl 72 “Vigil­ant Solu­tions Usage and Privacy Policy.”
    • Vigil­ant Solu­tions logs how its custom­ers use their products, and occa­sion­ally audits these logs. foot­note73_s03i08l 73 “Vigil­ant Solu­tions Usage and Privacy Policy.”
  • Data about cars: Some devices may record video and still images of cars and license plate scans, as well as the date, time, and loca­tion asso­ci­ated with this data. foot­note74_swlpjdt 74 See, e.g., “Privacy Policy for Flock Safety”; “Vigil­ant Solu­tions Usage and Privacy Policy.”
  • Envir­on­mental data and data about the license plate reader: Some devices collect temper­at­ure and ambi­ent light inform­a­tion. foot­note75_057auge 75 See “Privacy Policy for Flock Safety.”  Addi­tion­ally, compan­ies main­tain records on the serial number, soft­ware version, cellu­lar signal strength, and geoloca­tion of their license plate read­ers. foot­note76_4fm44p0 76 See, e.g., “Privacy Policy for Flock Safety.”
  • Reten­tion: Flock Safety retains video and audio inform­a­tion for 30 days, although users can save and retain data indef­in­itely. foot­note77_sbjr9hu 77 Flock Safety ALPR Policy,” accessed Decem­ber 16, 2020, https://www.flock­safety.com/alpr-policy.  Vigil­ant Solu­tions retains data as long as it has “commer­cial value.” foot­note78_de0jpdc 78 See “Vigil­ant Solu­tions Usage and Privacy Policy.”

Law enforce­ment access

  • Access via user: Law enforce­ment can ask the owner or any user with access to the data to volun­tar­ily disclose it. Compan­ies like Flock Safety create user inter­faces that allow users to either share inform­a­tion with police on a case-by-case basis or to allow the police to have direct access to the system. foot­note79_jnmpytx 79 See, e.g. “Neigh­bor­hoods Stop Crime in Their Community with License Plate Read­ers,” KCTB5 Kansas City, https://www.youtube.com/watch?v=fXqFj4H6XKg (Uploaded by Flock Safety).
  • Access via device manu­fac­turer: Law enforce­ment can also request access for data directly from the company.
    • Compelled Disclos­ure: Depend­ing on factors such as the sens­it­iv­ity of the data, a warrant or subpoena may be legally required. Company privacy policies typic­ally note that they will disclose user data where required by law. foot­note80_bhe9pde 80 See, e.g., “Vigil­ant Solu­tions Usage and Privacy Policy”; “Terms of Service for Flock Safety.”  However, in situ­ations where legal oblig­a­tions are unclear, it may be up to the company to make indi­vidual decisions about whether to push back against an over­broad request. Flock Safety also reserves the right to use and disclose aggreg­ated data the company collects for unspe­cified “crime preven­tion efforts.” foot­note81_88tj7t2 81 “Terms of Service for Flock Safety.” (“Customer acknow­ledges that Flock will be compil­ing anonym­ized and/or aggreg­ated data based on Customer Data input into the Services (the ‘Aggreg­ated Data’). Customer hereby grants Flock a non-exclus­ive, world­wide, perpetual, royalty-free right and license (during and after the term hereof) to use and distrib­ute such Aggreg­ated Data to improve and enhance the Services and for other market­ing, devel­op­ment, diagnostic and correct­ive purposes, other Flock offer­ings and crime preven­tion efforts.”)
    • Volun­tary Disclos­ure: Company privacy policies note that in situ­ations such as emer­gen­cies or when the company believes it is neces­sary to protect against harm to the rights, prop­erty, or safety of the company, they may also volun­tar­ily hand over data to law enforce­ment. foot­note82_7c6cdz0 82 See, e.g., “Terms of Service for Flock Safety.” (“For clar­ity, Flock may access, use, preserve and/or disclose the Foot­age to law enforce­ment author­it­ies, govern­ment offi­cials, and/or third parties, if legally required to do so or if Flock has a good faith belief that such access, use, preser­va­tion or disclos­ure is reas­on­ably neces­sary to: (a) comply with a legal process or request; (b) enforce this Agree­ment, includ­ing invest­ig­a­tion of any poten­tial viol­a­tion thereof; (c) detect, prevent or other­wise address secur­ity, fraud or tech­nical issues; or (d) protect the rights, prop­erty or safety of Flock, its users, a third party, or the public as required or permit­ted by law, includ­ing respond to an emer­gency situ­ation.”)  However, depend­ing on the nature of the company and the specific func­tion­al­ity of their product, there may be no legal restric­tions that limit a company’s volun­tary disclos­ure of data to law enforce­ment.

Possible uses of device data by law enforce­ment

  • Verify cars and people present at the scene of a crime.
  • Estab­lish rela­tion­ships between people.
  • Track a partic­u­lar driver’s loca­tion and move­ment over time.
  • Locate cars asso­ci­ated with AMBER alerts for abduc­ted chil­dren.
  • Cross-refer­ence state and federal data­bases with inform­a­tion on gang member­ship and unpaid fines.

Trans­par­ency reports

  • No trans­par­ency reports iden­ti­fied.

Relev­ant legal cases and further read­ing

End Notes