Feds grab police traffic cam data: Alarming but no surprise | Opinion
Civil libertarians have long warned about the risks of allowing law enforcement agencies to track people through license plate readers as a tool for criminal investigations. One of their arguments: how can we be sure we’ll know when other government agencies access this data?
Turns out, that wasn’t paranoia, or even a hypothetical.
On Tuesday, researchers at the University of Washington Center for Human Rights published findings that U.S. Border Patrol accessed data from the license plate readers of multiple law enforcement agencies in Washington. The data comes from special cameras sold by Flock Safety. The chiefs of two of those agencies, both in Pierce County, told The News Tribune they hadn’t known that capability was turned on.
Police departments are accountable to state law, which bars them from cooperating with federal immigration agencies. They’re also accountable to their local communities. At the very least, they should be able to say to residents and lawmakers: We’re using this technology, and we’re confident that we understand the ways it will store and share your data.
This research shows that’s not the case in Lakewood or Eatonville, the two cities where authorities apparently weren’t aware the data was available to federal immigration authorities.
It should be horrifying to everyone that law enforcement agencies could have this capability turned on without realizing it. But it shouldn’t be surprising. This is the predictable result of years of tech companies failing to create effective ways for customers to control where their data goes.
If covering online privacy as a reporter from 2015 to 2021 taught me anything, it’s that the companies making connected devices don’t prioritize locking down data. They prioritize connectivity. After all, that’s the innovation they’re bringing with their devices, and it’s their value proposition for selling them. Easy access.
We’ve learned repeatedly that this mindset can lead to brazen privacy violations.
In 2019, hackers gained access to regular people’s Ring cameras inside their homes by guessing their passwords, and then went on to be complete creeps. One told a little girl he was Santa and said she should break things in her bedroom. Others harassed people or set off home alarm systems.
I and others told Amazon it should require people to use two-factor authentication on Ring cameras. Companies had resisted this idea for years because it made their products a little bit harder to use. But it was the best way to make sure hackers couldn’t access the cameras with a password alone.
Once the security risk became undeniable, Amazon implemented the change. I wish I could say that marked a sea change for tech companies, in which tech executives and investors searched their souls and realized they needed to make it easier for people to control and protect their own data.
Unfortunately, it was much more of an exception than a rule. It’s par for the course that a law enforcement agency would wind up opted into poorly explained data sharing.
Federal agencies shouldn’t access unintentionally exposed data
Here’s where I respond to those who say, “Well, good. I’m glad federal agencies like U.S. Border Patrol and ICE have access to this data so they can do their job.”
That is not the point.
Ten years ago, this country was engaged in a lively debate about the limits of government power when it came to internet-enabled surveillance. I had a front row seat to it, covering stories like a new federal law that made it easier for tech companies to share cybersecurity data with federal agencies.
Back then, the tech industry and privacy advocates publicly debated whether fighting hackers was worth the risk of centralizing internet user data for government agencies to access. It was a given that any new data sharing system needed to separate data from specific users, and for the government to agree to limit its use of the information for specific purposes.
That thread has been lost. Now, instead, we’re somehow debating whether the ends justify the means of federal agencies grabbing data that law enforcement agencies never meant to share.
Default settings that leave data exposed and force users to be experts in tech privacy to keep information where they want it — those remain as wrong as they ever were. The point of a system that lets people to opt into data sharing has always been to make sure they know what is happening with their data.
This applies to regular consumers, but also to law enforcement agencies that buy surveillance technology with a community’s approval. Perhaps even more so, because public debate is essential in deciding how much access a government has to information about our daily habits.
That’s the bare minimum when it comes to data privacy and the government, and there is absolutely no reason to cheer when that standard isn’t met.
This story was originally published October 23, 2025 at 5:00 AM.
