Law Enforcement Access to Smart Devices
More and more devices are becoming part of the ‘internet of things.’ Here’s what they are, what they collect, and what police might get.
This resource details the potential privacy issues for numerous internet-connected devices. They include connected cameras (doorbells, indoor, and outdoor cameras), smart speakers and digital assistants, physical activity trackers, thermostats, in-car systems, and automated license plate readers.
The summaries include how the devices work and who makes them, what kinds of data are collected and how long it’s retained, possible uses of device data by law enforcement, transparency reports, and relevant legal cases and further reading.
The resource is a companion to our related expert brief, which covers privacy and civil rights concerns, the legal frameworks for data access, how law enforcement access works in practice, and conclusions about how to improve privacy protections.
I. Connected Cameras (Doorbells and Indoor and Outdoor Cameras)
How they work and who makes them
- How they work: Connected cameras record preset areas in and around a home.
footnote1_u40jlun
1
See, e.g., “How to Set Up and Use Activity Zones,” Google Nest Store, accessed December 16, 2020, https://support.google.com/googlenest/answer/9207697?hl=en&co=GENIE.Platform%3DiOS.
These recordings are stored online and can be retained, clipped, and shared based on the user’s settings and subscription model.
footnote2_qo6hyc6
2
See, e.g., “Don’t Miss a Thing with the New Nest Aware,” Google Store, accessed December 16, 2020, https://store.google.com/us/product/nest_aware.
Recordings can be accessed via a mobile app, home console, or other personal device.
footnote3_0w4alz7
3
See, e.g., “Ring Protect,” Ring, accessed December 16, 2020, https://shop.ring.com/pages/protect-plans.
Connected cameras can be set to trigger alerts that are delivered to the device owner and other users. footnote4_k5n8za7 4 See, e.g., Megan Wollerton, “How to Set Up Motion Zones on Your Ring Security Camera or Doorbell,” CNET, October 9, 2019, https://www.cnet.com/how-to/how-to-set-up-motion-zones-on-your-ring-security-camera-or-doorbell/. These can be based on facial recognition, motion triggers, or other settings selected by the person or persons who control the device. footnote5_27csjtc 5 See “Learn About Familiar Face Detection and How to Manage Your Library,” Google Nest, accessed December 16, 2020, https://support.google.com/googlenest/answer/9268625?co=GENIE.Platform%3DAndroid&hl=en (facial recognition); See “Understanding Notifications for Ring and Motion Events,” Ring, DATE ACCESSED/MODIFIED TK, https://support.ring.com/hc/en-us/articles/210052646-Understanding-Notifications-for-Ring-and-Motion-Events (motion triggers); See, e.g., “Understanding Notifications for Ring and Motion Events,” Ring, accessed December 16, 2020, https://support.ring.com/hc/en-us/articles/210052646-Understanding-Notifications-for-Ring-and-Motion-Events (examples of settings that can be adjusted by users).
- Who makes them: Companies selling this technology include Google (Nest), Amazon (Ring), SimpliSafe, eufy, and Arlo.
What kinds of data are collected and how long data is retained
- Data about the owner: Name, home address, locations where the cameras are placed, and credit card information may be stored by these connected cameras. footnote6_a7ebi05 6 See, e.g., “Ring Privacy Notice,” last updated October 9, 2020, https://shop.ring.com/pages/privacy-notice; and “Privacy Statement for Nest Products and Services,” accessed December 16, 2020, https://nest.com/legal/privacy-statement-for-nest-products-and-services/. In some situations, users can also share their social media handles, demographic information, interests, hobbies, gender, and age. footnote7_7t2w1wq 7 See, e.g., “eufy Privacy Policy,” accessed December 16, 2020, https://www.eufylife.com/privacy-policy#1 (“We may ask you to submit the following types of Personal Information: first and last name, country, email address, product serial number, date of purchase, telephone number, mailing address, and proof of purchase. We may also collect additional personal information such as your interests or hobbies, your gender or age.”); and “SimpliSafe Privacy Policy,” last updated February 2020, https://simplisafe.com/privacy-policy (“Types of personal information we collect when you become a customer and provide it to us include . . . demographic information about you.”).
- Data about others: Video and audio recordings of residents, guests, employees, service workers, and others who may enter the camera’s capture radius can be captured and stored. Depending on where a camera is placed, it may also record events that occur on the streets and even in homes surrounding the device — for example, when the camera can see a neighbor’s window.
- Companies such as Google and eufy offer facial recognition data that captures “face images and underlying face prints,” allowing device owners to track anyone that comes into contact with the camera. footnote8_qzxccgc 8 “Learn about familiar face detection,” Google Nest, accessed December 16, 2020, https://support.google.com/googlenest/answer/9268625?co=GENIE.Platform%3DAndroid&hl=en (facial recognition). Google directs owners to notify “guests” that their faces may be captured. See Privacy Statement for Nest Products and Services (“Depending on where you live and how you configure the Products and Services, you may need to get explicit consent to scan the faces of people visiting your home.”).
- Companies such as SimpliSafe also maintain lists of the number of adults and children living in a home, as well as the name and telephone number of a friend or family member to be alerted in case of an alarm. footnote9_f37fual 9 See SimpliSafe Privacy Policy, last updated February 2020, https://simplisafe.com/privacy-policy (“Types of personal information we collect when you become a subscriber to monitoring services and you provide it to us include . . . the number of adults and children living at the location where the alarm will be installed . . . name and telephone number for friends or family you would like to be contracted in the event of an alarm”).
- Companies also capture a running list of motions and alerts, including which camera captured the information; the date and time; environmental data such as the temperature of the device and ambient light sensors; and technical information such as the model and serial number, software version, and Wi-Fi signal strength. footnote10_zxkpfye 10 See, e.g., Leo Kelion, “Amazon’s Ring Logs Every Doorbell Press and App Action,” BBC, March 4, 2020, https://www.bbc.com/news/technology-51709247.
- Retention: The retention period for footage may depend on the plan obtained by a user. For example, Nest Aware Plus stores 60 days’ worth of “event video” (recordings triggered by activity that a camera detects) history in the cloud, and stores 24/7 recordings for a period of 10 days. footnote11_zus0c7g 11 “Don’t Miss a Thing with the New Nest Aware,” Google Store, accessed December 16, 2020, https://store.google.com/us/product/nest_aware; see also Ring Protect. By comparison, some companies offer local retention using traditional memory cards which can store months’ worth of recordings but would not be directly available to anyone other than those with access to the physical card. footnote12_nwybn1d 12 See, e.g., “eufyCam,” accessed December 16, 2020, https://www.eufylife.com/products/variant/eufycam/T88011D1. “eufyCam doesn’t require any monthly fees to use, and comes with a 16GB microSD card that stores up to one-years’ worth of recordings. Cloud storage service optional.”
Law enforcement access
- Access via user: The person purchasing the cameras can choose to share recordings directly with law enforcement.
- Companies like Ring partner with law enforcement to simplify requests for camera recordings, including offering advice on best practices to successfully request footage. footnote13_ar0ont2 13 Caroline Haskins, “Amazon is Coaching Cops on How to Obtain Surveillance Footage Without a Warrant,” Vice, August 5, 2019, https://www.vice.com/en/article/43kga3/amazon-is-coaching-cops-on-how-to-obtain-surveillance-footage-without-a-warrant. Ring facilitates police requests through the app’s Control Center, though users can disable this feature so they do not receive law enforcement requests. footnote14_gcm1scs 14 Todd Haselton, “How to Stop Police from Asking for Videos from Your Amazon Ring Doorbell,” CNBC, February 3, 2020, https://www.cnbc.com/2020/02/03/how-to-stop-police-from-asking-for-videos-from-ring-doorbells.html.
- Law enforcement may also be able to access videos that users share to public channels. For example, Ring has a feature that allows users to share clips to public social media, which are then available to any viewer, including law enforcement. footnote15_ydbylrz 15 See “Shared Video Management,” Ring, accessed December 16, 2020, https://support.ring.com/hc/en-us/articles/360045097612-Shared-Video-Management. “Shared Event video links are created when you choose to share a private video on the Ring app or ring.com, via email, social media (Neighbors app, Facebook, Nextdoor, etc.), or by text.”
- Access via device manufacturer: Law enforcement can request access to data directly from the company.
- Compelled Disclosure: Depending on factors such as the sensitivity of the data or if a request relates to the content of communications, a warrant or subpoena may be legally required. Company privacy policies typically note that they will disclose user data where required by law. footnote16_ltpclx9 16 See, e.g., “Ring Privacy Notice.” (“We also may disclose personal information about you (1) if we are required to do so by law or legal process (such as a court order or subpoena.”); and “Privacy Statement for Nest Products and Services.” (“We will share personal information with third parties if we have a good faith belief that access, use, preservation or disclosure of the information is reasonably necessary to (i) meet any applicable law, regulation, legal process or enforceable government request.”) However, in situations where legal obligations are unclear, it may be up to the company to make individual decisions about whether to push back against an overbroad request.
- Voluntary Disclosure: Company privacy policies note that in situations such as emergencies or when the company believes it is necessary to protect against harm to the rights, property, or safety of the company, its users, or the public, they may voluntarily hand over data to law enforcement. footnote17_dgnmrl0 17 See, e.g., Privacy Statement for Nest Products and Services; Ring Privacy Notice; SimpliSafe Privacy Policy; and “Arlo Terms and Conditions,” last updated August 26, 2020, https://www.arlo.com/en-us/about/terms-and-conditions/. However, depending on the nature of the company and the specific functionality of their product, there may be no legal restrictions that limit a company’s voluntary disclosure of data to law enforcement.
Possible uses of device data by law enforcement
- Review video and audio recording of an incident.
- Review footage of a person or their car or other mode of transportation.
- Establish a relationship between people and between a person and a given residence.
- Evaluate a person’s alibi or version of events.
- Run still images through police facial recognition systems.
Transparency reports
- Google and Amazon publish summaries incorporating all disclosures of user data into an overall report that gives numbers across each company’s entire suite of products. These documents do not break down the number of law enforcement requests for data from connected cameras or specify the type of data provided.
footnote18_oo05x6r
18
“Google Transparency Report,” accessed December 16, 2020, https://transparencyreport.google.com/user-data/overview?hl=en; “Amazon Transparency Report,” accessed December 16, 2020, https://www.amazon.com/gp/help/customer/display.html?nodeId=GYSDRGWQ2C2CRYEF.
- Transparency reports do not account for situations where users voluntarily turn over data to law enforcement.
- SimpliSafe, Arlo, and eufy do not publish transparency reports.
Relevant legal cases and further reading
- Police in Jackson, Mississippi, Want Access to Live Home Security Video, Alarming Privacy Advocates (NBC News)
- Judge: Audio Rrom Ring Doorbell Can Be Used as Evidence In Rochester Shooting Case, (New Hampshire Union Leader)
- Cop Accused of Peeping on Breastfeeding Mom Via iPhone App (Engadget)
- How An Amateur Rap Crew Stole Surveillance Tech That Tracks Almost Every American (Forbes)
- State v. Rogers, No. 20180842-CA, 467 P.3d 880 (Utah 2020). After a home was burglarized, a neighbor provided the homeowners and a police officer with video footage and a still image from the video of a person who had been recorded on the neighbor’s doorbell camera. At trial, the neighbor identified the defendant as the person recorded by the doorbell camera.
End Notes
-
footnote1_u40jlun
1
See, e.g., “How to Set Up and Use Activity Zones,” Google Nest Store, accessed December 16, 2020, https://support.google.com/googlenest/answer/9207697?hl=en&co=GENIE.Platform%3DiOS. -
footnote2_qo6hyc6
2
See, e.g., “Don’t Miss a Thing with the New Nest Aware,” Google Store, accessed December 16, 2020, https://store.google.com/us/product/nest_aware. -
footnote3_0w4alz7
3
See, e.g., “Ring Protect,” Ring, accessed December 16, 2020, https://shop.ring.com/pages/protect-plans. -
footnote4_k5n8za7
4
See, e.g., Megan Wollerton, “How to Set Up Motion Zones on Your Ring Security Camera or Doorbell,” CNET, October 9, 2019, https://www.cnet.com/how-to/how-to-set-up-motion-zones-on-your-ring-security-camera-or-doorbell/. -
footnote5_27csjtc
5
See “Learn About Familiar Face Detection and How to Manage Your Library,” Google Nest, accessed December 16, 2020, https://support.google.com/googlenest/answer/9268625?co=GENIE.Platform%3DAndroid&hl=en (facial recognition); See “Understanding Notifications for Ring and Motion Events,” Ring, DATE ACCESSED/MODIFIED TK, https://support.ring.com/hc/en-us/articles/210052646-Understanding-Notifications-for-Ring-and-Motion-Events (motion triggers); See, e.g., “Understanding Notifications for Ring and Motion Events,” Ring, accessed December 16, 2020, https://support.ring.com/hc/en-us/articles/210052646-Understanding-Notifications-for-Ring-and-Motion-Events (examples of settings that can be adjusted by users). -
footnote6_a7ebi05
6
See, e.g., “Ring Privacy Notice,” last updated October 9, 2020, https://shop.ring.com/pages/privacy-notice; and “Privacy Statement for Nest Products and Services,” accessed December 16, 2020, https://nest.com/legal/privacy-statement-for-nest-products-and-services/. -
footnote7_7t2w1wq
7
See, e.g., “eufy Privacy Policy,” accessed December 16, 2020, https://www.eufylife.com/privacy-policy#1 (“We may ask you to submit the following types of Personal Information: first and last name, country, email address, product serial number, date of purchase, telephone number, mailing address, and proof of purchase. We may also collect additional personal information such as your interests or hobbies, your gender or age.”); and “SimpliSafe Privacy Policy,” last updated February 2020, https://simplisafe.com/privacy-policy (“Types of personal information we collect when you become a customer and provide it to us include . . . demographic information about you.”). -
footnote8_qzxccgc
8
“Learn about familiar face detection,” Google Nest, accessed December 16, 2020, https://support.google.com/googlenest/answer/9268625?co=GENIE.Platform%3DAndroid&hl=en (facial recognition). Google directs owners to notify “guests” that their faces may be captured. See Privacy Statement for Nest Products and Services (“Depending on where you live and how you configure the Products and Services, you may need to get explicit consent to scan the faces of people visiting your home.”). -
footnote9_f37fual
9
See SimpliSafe Privacy Policy, last updated February 2020, https://simplisafe.com/privacy-policy (“Types of personal information we collect when you become a subscriber to monitoring services and you provide it to us include . . . the number of adults and children living at the location where the alarm will be installed . . . name and telephone number for friends or family you would like to be contracted in the event of an alarm”). -
footnote10_zxkpfye
10
See, e.g., Leo Kelion, “Amazon’s Ring Logs Every Doorbell Press and App Action,” BBC, March 4, 2020, https://www.bbc.com/news/technology-51709247. -
footnote11_zus0c7g
11
“Don’t Miss a Thing with the New Nest Aware,” Google Store, accessed December 16, 2020, https://store.google.com/us/product/nest_aware; see also Ring Protect. -
footnote12_nwybn1d
12
See, e.g., “eufyCam,” accessed December 16, 2020, https://www.eufylife.com/products/variant/eufycam/T88011D1. “eufyCam doesn’t require any monthly fees to use, and comes with a 16GB microSD card that stores up to one-years’ worth of recordings. Cloud storage service optional.” -
footnote13_ar0ont2
13
Caroline Haskins, “Amazon is Coaching Cops on How to Obtain Surveillance Footage Without a Warrant,” Vice, August 5, 2019, https://www.vice.com/en/article/43kga3/amazon-is-coaching-cops-on-how-to-obtain-surveillance-footage-without-a-warrant. -
footnote14_gcm1scs
14
Todd Haselton, “How to Stop Police from Asking for Videos from Your Amazon Ring Doorbell,” CNBC, February 3, 2020, https://www.cnbc.com/2020/02/03/how-to-stop-police-from-asking-for-videos-from-ring-doorbells.html. -
footnote15_ydbylrz
15
See “Shared Video Management,” Ring, accessed December 16, 2020, https://support.ring.com/hc/en-us/articles/360045097612-Shared-Video-Management. “Shared Event video links are created when you choose to share a private video on the Ring app or ring.com, via email, social media (Neighbors app, Facebook, Nextdoor, etc.), or by text.” -
footnote16_ltpclx9
16
See, e.g., “Ring Privacy Notice.” (“We also may disclose personal information about you (1) if we are required to do so by law or legal process (such as a court order or subpoena.”); and “Privacy Statement for Nest Products and Services.” (“We will share personal information with third parties if we have a good faith belief that access, use, preservation or disclosure of the information is reasonably necessary to (i) meet any applicable law, regulation, legal process or enforceable government request.”) -
footnote17_dgnmrl0
17
See, e.g., Privacy Statement for Nest Products and Services; Ring Privacy Notice; SimpliSafe Privacy Policy; and “Arlo Terms and Conditions,” last updated August 26, 2020, https://www.arlo.com/en-us/about/terms-and-conditions/. -
footnote18_oo05x6r
18
“Google Transparency Report,” accessed December 16, 2020, https://transparencyreport.google.com/user-data/overview?hl=en; “Amazon Transparency Report,” accessed December 16, 2020, https://www.amazon.com/gp/help/customer/display.html?nodeId=GYSDRGWQ2C2CRYEF.
II. Digital Assistants
How they work and who makes them
- How they work: Digital assistants are voice-enabled devices that perform a variety of tasks based on preset commands. footnote1_qhlc61d 1 See Richard Baguley and Colin McDonald, “Appliance Science: Alexa, How Does Alexa work? The Science of Amazon Echo,” CNET, August 4, 2016, https://www.cnet.com/news/appliance-science-alexa-how-does-alexa-work-the-science-of-amazons-echo/. They can be used to perform internet queries, display connected camera streams, control speakers and television sets, and more. footnote2_d4xgm3m 2 Stacey Gray, Always On: Privacy Implications of Microphone-Enabled Devices, Future of Privacy Forum, April 2016, https://fpf.org/wp-content/uploads/2016/04/FPF_Always_On_WP.pdf. Amazon allows users to set up their devices to detect sounds such as smoke alarms or glass breaking, and they can be programmed to “deter” unwanted visitors by turning on lights or playing the sound of a dog barking. footnote3_k1b2tmj 3 See “Introducing Alexa Guard Plus,” Amazon, accessed December 16, 2020, https://www.amazon.com/b?ie=UTF8&node=18021383011.
- Who makes them: Some of the companies selling this technology include Google (Google Assistant), Amazon (Alexa), and Apple (Siri). They integrate this technology into a variety of different hardware devices, such as the Google Nest Hub, Amazon Echo, and Apple HomePod.
What kinds of data are collected and how long data is retained
- Data about the owner: Voice recordings, name, address, email address, nickname, telephone number, credit card information, and more. footnote4_uddp7j5 4 See, e.g., “Amazon Privacy Notice,” Amazon, last updated January 1, 2020, https://www.amazon.com/gp/help/customer/display.html?nodeId=GX7NJQ4ZB8MHFRNJ. Digital assistants may also access location history, search history, device contacts, website activity, calendar data, and more. footnote5_62pqcbp 5 Anyone within the range of a digital assistant may be able to activate the device and learn information about the person whose account is associated with the device (e.g., calendar, contacts, email, and more). By aggregating one policy for various services, companies like Google make it difficult to fully understand the universe of data collected, stored, and shared by its digital assistant product. See, e.g., “Google Privacy Policy,” last updated September 30, 2020, https://policies.google.com/privacy.
- Data about others: Voice recordings of individuals who interact with the digital assistant or whose voices are audible in a recording.
- Retention: Amazon retains voice recordings and transcripts indefinitely, until a user deletes them. footnote6_un4kxjm 6 Brian Huseman (Amazon) to Senator Coons, June 28, 2019, https://www.coons.senate.gov/imo/media/doc/Amazon%20Senator%20Coons__Response%20Letter__6.28.19[3].pdf. (“We retain customers’ voice recordings and transcripts until the customer chooses to delete them.”) Google says that it does not retain audio recordings by default; users can elect to store recordings and can set up automatic deletion. footnote7_iu5g1hk 7 “Data Security and Privacy on Devices that Work with Assistant,” Google Nest Help, accessed December 16, 2020, https://support.google.com/googlenest/answer/7072285?hl=en. Apple stores recordings using a random identifier for six months (making it difficult to connect the recordings to a person’s account) and then stores them without any identifier for up to two years. footnote8_9cfdrou 8 See “Ask Siri, Dictation & Privacy,” Apple, accessed December 16, 2020, https://support.apple.com/en-us/HT210657. (“Your request history is associated with the random identifier for up to six months. Your request history may include transcripts, audio for users who have opted in to Improve Siri and Dictation, and related request data such as device specifications, device configuration, performance statistics, and the approximate location of your device at the time the request was made. After six months, your request history is dissociated from the random identifier and may be retained for up to two years to help Apple develop and improve Siri, Dictation, and other language processing features like Voice Control. The small subset of requests that have been reviewed may be kept beyond two years, without the random identifier, for ongoing improvement of Siri.”)
Law enforcement access
- Access via user: Law enforcement can ask the owner of the device to turn over data voluntarily.
- Access via device manufacturer: Law enforcement can also request access to data directly from the
company.
- Compelled Disclosure: Depending on factors such as the sensitivity of the data or if a request relates to the content of communications, a warrant or subpoena may be legally required. Company privacy policies typically note that they will disclose user data where required by law. footnote9_q7x7ho1 9 See, e.g., “Amazon Privacy Notice.” (“We release account and other personal information when we believe release is appropriate to comply with the law; enforce or apply our Conditions of Use and other agreements; or protect the rights, property, or safety of Amazon, our users, or others”); “Google Privacy Policy.” (“We will share personal information outside of Google if we have a good-faith belief that access, use, preservation, or disclosure of the information is reasonably necessary to . . . meet any applicable law, regulation, legal process, or enforceable governmental request”); and “Apple Privacy Policy,” last updated December 31, 2019, https://www.apple.com/legal/privacy/en-ww/. (“It may be necessary − by law, legal process, litigation, and/or requests from public and governmental authorities within or outside your country of residence − for Apple to disclose your personal information. We may also disclose information about you if we determine that for purposes of national security, law enforcement, or other issues of public importance, disclosure is necessary or appropriate.”) However, in situations where legal obligations are unclear, it may be up to the company to make individual decisions about whether to push back against an overbroad request.
- Voluntary Disclosure: Company privacy policies note that in situations such as emergencies or when the company believes it is necessary to protect the rights, property, or safety of the company, its users, or the public, the company may also voluntarily hand over data to law enforcement. footnote10_dbpdmme 10 See, e.g., “Amazon Privacy Notice”; “Google Privacy Policy”; and “Apple Privacy Policy.” However, depending on the nature of the company and the specific functionality of their product, there may be no legal restrictions that limit a company’s voluntary disclosure of data to law enforcement.
Possible uses of device data by law enforcement
- Identify a suspect, victim, or witness through voice recordings.
- Evaluate a person’s alibi or version of events.
- Establish a relationship between people and between a person and a given residence.
Transparency reports
- Amazon, Google, and Apple publish summaries incorporating all disclosures of user data into an overall report
that gives numbers across each company’s entire suite of products. These documents do not break down the number
of law enforcement requests for data from digital assistants or specify the type of data provided.
footnote11_6usn720
11
See “Amazon Transparency Report”; “Google Transparency Report”; and “Apple Transparency
Report,” accessed December 16, 2020, https://www.apple.com/legal/transparency/us.html.
- Transparency reports do not account for situations where users voluntarily turn over data to law enforcement.
Relevant legal cases and further reading
- Can Amazon’s Alexa Provide Murder Clues? Digital Assistants Could Aid Prosecutions (ABA Journal)
- Amazon’s Alexa May Have Witnessed Alleged Florida Murder, Authorities Say (NBC News)
- Arkansas Prosecutors Drop Murder Case That Hinged On Evidence From Amazon Echo (NPR)
- Judge Orders Amazon to Turn Over Echo Recordings in Double Murder Case (TechCrunch)
- Audio From Amazon Echo Dot Could Sway Investigation Into Woman Killed By Spear (ABC News)
End Notes
-
footnote1_qhlc61d
1
See Richard Baguley and Colin McDonald, “Appliance Science: Alexa, How Does Alexa work? The Science of Amazon Echo,” CNET, August 4, 2016, https://www.cnet.com/news/appliance-science-alexa-how-does-alexa-work-the-science-of-amazons-echo/. -
footnote2_d4xgm3m
2
Stacey Gray, Always On: Privacy Implications of Microphone-Enabled Devices, Future of Privacy Forum, April 2016, https://fpf.org/wp-content/uploads/2016/04/FPF_Always_On_WP.pdf. -
footnote3_k1b2tmj
3
See “Introducing Alexa Guard Plus,” Amazon, accessed December 16, 2020, https://www.amazon.com/b?ie=UTF8&node=18021383011. -
footnote4_uddp7j5
4
See, e.g., “Amazon Privacy Notice,” Amazon, last updated January 1, 2020, https://www.amazon.com/gp/help/customer/display.html?nodeId=GX7NJQ4ZB8MHFRNJ. -
footnote5_62pqcbp
5
Anyone within the range of a digital assistant may be able to activate the device and learn information about the person whose account is associated with the device (e.g., calendar, contacts, email, and more). By aggregating one policy for various services, companies like Google make it difficult to fully understand the universe of data collected, stored, and shared by its digital assistant product. See, e.g., “Google Privacy Policy,” last updated September 30, 2020, https://policies.google.com/privacy. -
footnote6_un4kxjm
6
Brian Huseman (Amazon) to Senator Coons, June 28, 2019, https://www.coons.senate.gov/imo/media/doc/Amazon%20Senator%20Coons__Response%20Letter__6.28.19[3].pdf. (“We retain customers’ voice recordings and transcripts until the customer chooses to delete them.”) -
footnote7_iu5g1hk
7
“Data Security and Privacy on Devices that Work with Assistant,” Google Nest Help, accessed December 16, 2020, https://support.google.com/googlenest/answer/7072285?hl=en. -
footnote8_9cfdrou
8
See “Ask Siri, Dictation & Privacy,” Apple, accessed December 16, 2020, https://support.apple.com/en-us/HT210657. (“Your request history is associated with the random identifier for up to six months. Your request history may include transcripts, audio for users who have opted in to Improve Siri and Dictation, and related request data such as device specifications, device configuration, performance statistics, and the approximate location of your device at the time the request was made. After six months, your request history is dissociated from the random identifier and may be retained for up to two years to help Apple develop and improve Siri, Dictation, and other language processing features like Voice Control. The small subset of requests that have been reviewed may be kept beyond two years, without the random identifier, for ongoing improvement of Siri.”) -
footnote9_q7x7ho1
9
See, e.g., “Amazon Privacy Notice.” (“We release account and other personal information when we believe release is appropriate to comply with the law; enforce or apply our Conditions of Use and other agreements; or protect the rights, property, or safety of Amazon, our users, or others”); “Google Privacy Policy.” (“We will share personal information outside of Google if we have a good-faith belief that access, use, preservation, or disclosure of the information is reasonably necessary to . . . meet any applicable law, regulation, legal process, or enforceable governmental request”); and “Apple Privacy Policy,” last updated December 31, 2019, https://www.apple.com/legal/privacy/en-ww/. (“It may be necessary − by law, legal process, litigation, and/or requests from public and governmental authorities within or outside your country of residence − for Apple to disclose your personal information. We may also disclose information about you if we determine that for purposes of national security, law enforcement, or other issues of public importance, disclosure is necessary or appropriate.”) -
footnote10_dbpdmme
10
See, e.g., “Amazon Privacy Notice”; “Google Privacy Policy”; and “Apple Privacy Policy.” -
footnote11_6usn720
11
See “Amazon Transparency Report”; “Google Transparency Report”; and “Apple Transparency Report,” accessed December 16, 2020, https://www.apple.com/legal/transparency/us.html.
III. Activity Trackers
How they work and who makes them
- How they work: Activity trackers are personal devices that are used to track an individual’s movements and health data. This data can be accessed via a mobile application or other personal device. footnote1_k4uw4zp 1 See, e.g., Robbie Gonzalez, “Science Says Fitness Trackers Don’t Work Anyway,” Wired, December 25, 2017, https://www.wired.com/story/science-says-fitness-trackers-dont-work-wear-one-anyway/.
- Who makes them: Companies selling this technology include Fitbit, Garmin, Amazon, and Apple.
What kinds of data are collected and how long data is retained
- Data about the owner:
- Name, email address, mailing address, phone number, and payment information. footnote31_ajzka04 31 See, e.g., “Garmin Privacy Policy,” last updated June 5, 2020, https://www.garmin.com/en-US/privacy/global/policy/.
- Location data derived from GPS signals, device sensors, Wi-Fi access points, cell tower IDs, and IP addresses. footnote32_4h5t8z7 32 See, e.g., “Fitbit Privacy Policy,” last updated October 8, 2020, https://www.fitbit.com/global/us/legal/privacy-policy.
- Steps traveled, calories burned, weight, heart rate, sleep stages, and time spent in movement. footnote33_ue6hku6 33 See, e.g., “Fitbit Privacy Policy.”
- Retention: Varies by device, but many companies retain data as long as they consider a user to have an active account. footnote34_tph6j5g 34 See, e.g., “Garmin Privacy Policy”; “Fitbit Privacy Policy.”
Law enforcement access
- Access via user: Law enforcement can ask the owner of the device to turn over data voluntarily.
- Access via device manufacturer: Law enforcement can also request access for data directly from the
company.
- Compelled Disclosure: Depending on factors such as the sensitivity of the data or if a request relates to the content of communications, a warrant or subpoena may be legally required. Company privacy policies typically note that they will disclose user data where required by law. footnote35_3uf7zkp 35 See, e.g., “Garmin Privacy Policy”; “Fitbit Privacy Policy.” However, in situations where legal obligations are unclear, it may be up to the company to make individual decisions about whether to push back against an overbroad request.
- Voluntary Disclosure: Company privacy policies note that in situations such as emergencies or where the company believes it is necessary to respond to threats to the security of the services or the physical safety of any person, companies such as Fitbit may also voluntarily hand over data to law enforcement. footnote36_gul0gs6 36 See “Fitbit Privacy Policy.” However, depending on the nature of the company and the specific functionality of their product, there may be no legal restrictions that limit a company’s voluntary disclosure of data to law enforcement.
Possible uses of device data by law enforcement
- Approximate a person’s location or movements during a given time frame.
- Evaluate a person’s alibi or version of events.
- Approximate a person’s time of death.
Transparency reports
- No transparency reports identified.
Relevant legal cases and further reading
- Amazon’s New Health Band Is the Most Invasive Tech We’ve Ever Tested (Washington Post)
- Liars Beware: Fitbit and Other Technology May Expose You (ABA Journal)
- Google Tracked His Bike Ride Past a Burglarized Home. That Made Him a Suspect. (NBC News)
- Female Jogger in Seattle Uses Self-Defense Tactics to Fend Off Brutal Assault (ABC News)
- In Connecticut Murder Case, a Fitbit Is a Silent Witness (New York Times)
- 91-Year Old Accused in Killing Where Fitbit Gave Clue Dies (Associated Press)
- “48 Hours”: The High-Tech Alibi (CBS News)
- Bicycle-Riding Hitman Convicted With Garmin GPS Watch Location Data (Naked Security)
- Commonwealth v. Glenn, No. 2438 EDA 2018, 2020 WL 602331 (Pa. Super. Ct. Feb. 7, 2020). In a murder investigation, police obtained data from the victim’s Fitbit indicating the date and time that the victim stopped moving.
End Notes
-
footnote1_k4uw4zp
1
See, e.g., Robbie Gonzalez, “Science Says Fitness Trackers Don’t Work Anyway,” Wired, December 25, 2017, https://www.wired.com/story/science-says-fitness-trackers-dont-work-wear-one-anyway/. -
footnote31_ajzka04
31
See, e.g., “Garmin Privacy Policy,” last updated June 5, 2020, https://www.garmin.com/en-US/privacy/global/policy/. -
footnote32_4h5t8z7
32
See, e.g., “Fitbit Privacy Policy,” last updated October 8, 2020, https://www.fitbit.com/global/us/legal/privacy-policy. -
footnote33_ue6hku6
33
See, e.g., “Fitbit Privacy Policy.” -
footnote34_tph6j5g
34
See, e.g., “Garmin Privacy Policy”; “Fitbit Privacy Policy.” -
footnote35_3uf7zkp
35
See, e.g., “Garmin Privacy Policy”; “Fitbit Privacy Policy.” -
footnote36_gul0gs6
36
See “Fitbit Privacy Policy.”
IV. Connected Thermostats
How they work and who makes them
- How they work: Thermostats regulate the temperature of a home through a mobile app, a connected speaker, or a home console. footnote37_q93yzae 37 See Erika Rawes, “What Is a Smart Thermostat?” Digital Trends, December 2, 2019, https://www.digitaltrends.com/home/what-is-a-smart-thermostat/. Some models also have artificial intelligence capabilities that learn preferences over time. footnote38_rrwwq3b 38 See, e.g., Frank O’Connell, “Inside the Nest Learning Thermostat,” New York Times, October 3, 2012, https://archive.nytimes.com/www.nytimes.com/interactive/2012/10/04/business/inside-the-nest-learning-thermostat.html.
- Who makes them: Companies that sell this technology include Google (Nest), Honeywell, Lux Kono, Bosch, and Amazon (Ecobee).
What kinds of data are collected and how long data is retained
- Data about the owner:
- These devices may collect the owner’s name, email, telephone number, home address or zip code, credit card information, nationality, and country of residence. footnote39_4cmh263 39 See, e.g., “Privacy Statement for Nest Products and Services”; “Amazon Privacy Notice”; “LUX Privacy Policy,” Lux, last updated October 16, 2017, https://pro.luxproducts.com/privacya/.
- With user permission, devices also collect geolocation information from users’ phones. footnote40_2w435b1 40 See also “Data Protection Notice,” Bosch Thermotechnology, accessed December 16, 2020, https://www.bosch-thermotechnology.com/gb/en/commercial-industrial/data_protection.html.
- Data about a residence and its inhabitants:
- These devices can collect indoor and outdoor temperature, smoke and carbon monoxide levels, humidity, ambient light, movement, and more. footnote41_5u2q568 41 See “Data Protection Notice,” Bosch Thermotechnology.
- They may also gather usage data, including the status and runtime of heating and air conditioning in the home and the overall home electrical usage. footnote42_n7s5c3b 42 See LUX Privacy Policy,; “Resideo Connected Home End-User License Agreement and Privacy Statement,” Resideo, last updated June 1, 2020, https://www.resideo.com/us/en/corporate/legal/eula/english-gb/#_PRIVACY_RESIDEO.
- Some devices store information based on interactions with third party devices, such as home computers. footnote43_4bljnk6 43 See “Resideo Connected Home End-User License Agreement and Privacy Statement;” “LUX Privacy Policy.”
- Retention: The retention period for data varies. For example, Google says it may retain some data indefinitely, whereas other data is deleted after a “predetermined period.” However, there is no specific retention period by each data type. footnote44_loawpfh 44 See “Nest Retention Statement,” Nest, accessed December 16, 2020, https://nest.com/data-retention/.
Law enforcement access
- Access via user: Law enforcement can ask the owner of the device to turn over data voluntarily.
- Access via device manufacturer: Law enforcement can also request access for data directly from the
company.
- Compelled Disclosure: Depending on factors such as the sensitivity of the data or if a request relates to the content of communications, a warrant or subpoena may be legally required. Company privacy policies typically note that they will disclose user data where required by law. footnote45_yazuck1 45 See, e.g., “Privacy Statement for Nest Products and Services”; “Amazon Privacy Notice”; and “LUX Privacy Policy.” However, in situations where legal obligations are unclear, it may be up to the company to make individual decisions about whether to push back against an overbroad request.
- Voluntary Disclosure: Company privacy policies note that in situations such as emergencies or when the company believes it is necessary to protect against harm to the rights, property, or safety of the company, its users, or the public, the company may also voluntarily hand over data to law enforcement. footnote46_zd32cgf 46 See, e.g., “Privacy Statement for Nest Products and Services”; “Amazon Privacy Notice”; and “LUX Privacy Policy.” However, depending on the nature of the company and the specific functionality of their product, there may be no legal restrictions that limit a company’s voluntary disclosure of data to law enforcement.
Possible uses of device by law enforcement
- Verify a person’s alibi or version of events.
- Evaluate movements that may contradict a person’s statements.
- Verify whether someone was inside a home.
Transparency reports
- Google and Amazon publish reports incorporating all disclosures of user data into an overall summary that gives
numbers across each company’s entire suite of products. These documents do not break down the number of law
enforcement requests for data from connected thermostats or specify the type of data provided.
footnote47_i61us07
47
See
“Amazon Transparency Report”; “Google Transparency Report.”
- Transparency reports do not account for situations where users voluntarily turn over data to law enforcement.
- Honeywell, Lux Kono, and Bosch do not publish transparency reports.
Relevant legal cases and further reading
End Notes
-
footnote37_q93yzae
37
See Erika Rawes, “What Is a Smart Thermostat?” Digital Trends, December 2, 2019, https://www.digitaltrends.com/home/what-is-a-smart-thermostat/. -
footnote38_rrwwq3b
38
See, e.g., Frank O’Connell, “Inside the Nest Learning Thermostat,” New York Times, October 3, 2012, https://archive.nytimes.com/www.nytimes.com/interactive/2012/10/04/business/inside-the-nest-learning-thermostat.html. -
footnote39_4cmh263
39
See, e.g., “Privacy Statement for Nest Products and Services”; “Amazon Privacy Notice”; “LUX Privacy Policy,” Lux, last updated October 16, 2017, https://pro.luxproducts.com/privacya/. -
footnote40_2w435b1
40
See also “Data Protection Notice,” Bosch Thermotechnology, accessed December 16, 2020, https://www.bosch-thermotechnology.com/gb/en/commercial-industrial/data_protection.html. -
footnote41_5u2q568
41
See “Data Protection Notice,” Bosch Thermotechnology. -
footnote42_n7s5c3b
42
See LUX Privacy Policy,; “Resideo Connected Home End-User License Agreement and Privacy Statement,” Resideo, last updated June 1, 2020, https://www.resideo.com/us/en/corporate/legal/eula/english-gb/#_PRIVACY_RESIDEO. -
footnote43_4bljnk6
43
See “Resideo Connected Home End-User License Agreement and Privacy Statement;” “LUX Privacy Policy.” -
footnote44_loawpfh
44
See “Nest Retention Statement,” Nest, accessed December 16, 2020, https://nest.com/data-retention/. -
footnote45_yazuck1
45
See, e.g., “Privacy Statement for Nest Products and Services”; “Amazon Privacy Notice”; and “LUX Privacy Policy.” -
footnote46_zd32cgf
46
See, e.g., “Privacy Statement for Nest Products and Services”; “Amazon Privacy Notice”; and “LUX Privacy Policy.” -
footnote47_i61us07
47
See “Amazon Transparency Report”; “Google Transparency Report.”
V. Connected Cars
(a) Embedded Technology
How they work and who makes them
- How they work: Embedded technologies are built-in features that enable cars to perform a variety of
tasks. These can include:
- talking to other vehicles that surround them, such as when a car uses driving assist mode to determine when other cars are braking or encroaching on its lane. footnote48_xpyguoj 48 See, e.g., Liz Kim, “What is Hyundai SmartSense?” JD Power, September 8, 2020, https://www.jdpower.com/cars/shopping-guides/what-is-hyundai-smartsense. The car may then alert the driver, depending on the settings available;
- talking to cloud networks to perform services including navigation, to receive alerts, to run diagnostics, and to communicate with emergency responders; footnote49_8leug1g 49 See, e.g., “Subaru StarLink,” Subaru, accessed December 16, 2020, https://www.subaru.com/engineering/starlink/safety-security.html. and
- talking to their environment, such as a car’s communication with a “smart city” to receive information about things such as traffic congestion or fuel station locations. footnote50_frgjfhr 50 See, e.g., “Connected Car. Its History, Stages and Terms,” BMW, June 8, 2020, https://www.bmw.com/en/innovation/connected-car.html.
- Who makes them: Companies offering embedded technologies in their vehicles include BMW, Ford, Tesla, Toyota, Subaru, and others.
What kinds of data are collected and how long is data retained
- Data about the owner: Embedded technologies can collect the owner’s name, address, telephone number, date of birth, email address, login information, demographic data, gender, emergency contact information, information about the acquisition and financing of a vehicle, and credit card information. footnote51_41y2d3a 51 See, e.g. “OnStar Privacy Statement,” last updated January 2020, https://www.onstar.com/us/en/privacy_statement/.
- Data about the car and people inside the car: These technologies can also record the location data of a car’s movements; audio recordings (such as voice recordings of individuals that interact with a digital assistant); car diagnostics (such as tire pressure, fuel levels, and odometer readings); incident data (such as information about collisions, the direction from which a car was hit, which airbags were deployed, and safety belt usage); communications with third parties and with employees providing support services; and vehicle data such as a car’s location within a lane or its average speed. footnote52_bcp0q11 52 See, e.g., “OnStar Privacy Statement”; “BMW Assist Terms and Conditions,” BMW, last updated June 14, 2017, https://www.bmwusa.com/content/dam/bmwusa/connected-drive/pdf/BMWAssist_TERMS_and_CONDITIONS_2014_later.pdf; and “Subaru Starlink Privacy Policy,” last updated May 1, 2018, https://www.subaru.com/company/starlink-privacy.html.
- Retention: Retention periods are unclear; some privacy policies disclose that they retain information as long as necessary to provide services and comply with legal obligations. footnote53_rm9uxln 53 See, e.g., “Subaru Starlink Privacy Policy”; “OnStar Privacy Statement”; and “BMW Assist Terms and Conditions.” OnStar warns users that it is their responsibility to delete their information from OnStar systems before they sell or otherwise transfer their car to another owner. footnote54_ofqmzfl 54 “OnStar Privacy Statement.” (“If you sell or otherwise transfer your vehicle, it is your responsibility to delete all information (such as contacts, address look-ups, saved map addresses) from the vehicle’s system and contact us to transfer or cancel your account. If you do not delete this information, it may remain on the vehicle’s system and may be accessible to future users of the vehicle. For instructions on how to delete information from your vehicle’s system, please refer to your vehicle owner’s manual.”).
Law enforcement access
- Access via user: Law enforcement can ask the car owner to provide information they can access in the car or through a mobile application connected to the car. The owner may be different from the person who regularly operates the car — for example, where an employer, partner, parent, or other person is the car owner.
- Access via car manufacturer: Law enforcement can also request data directly from the company.
- Compelled Disclosure: Depending on factors such as the sensitivity of the data or if a request relates to the content of communications, a warrant or subpoena may be legally required. Company privacy policies typically note that they will disclose user data where required by law. footnote55_s3d79ar 55 See, e.g., “Subaru Starlink Privacy Policy.” (“We cooperate with government and law enforcement officials and private parties to enforce and comply with the law and may be compelled to disclose your information to government or law enforcement officials or private parties in response to a validly-issued subpoena or court order to . . . satisfy any applicable law, regulation, subpoenas, governmental requests, or legal process . . .”); “OnStar Privacy Statement.” ("As required or permitted by law, such as in conjunction with a subpoena, government inquiry, litigation, dispute resolution, or similar legal process, when we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others, to detect, investigate and prevent fraud, or to conduct screening to ensure you are not on any government list of restricted parties.”); and “BMW Assist Terms and Conditions.” (“We reserve the right to disclose your personal information to respond to authorized information requests from government authorities, subpoenas or other litigation process or to protect the interests or safety of the Sites’ visitors, customers, employees, or others, to address national security situations, or when otherwise required by law.”). For example, police have been able to request location data and real-time wiretapping of conversations with a warrant. footnote56_6eot2pt 56 See, e.g., “Subaru Starlink Privacy Policy”; “OnStar Privacy Statement”; and “BMW Assist Terms and Conditions.” However, in situations where legal obligations are unclear, it may be up to the company to make individual decisions about whether to push back against an overbroad request.
- Voluntary Disclosure: Company privacy policies note that in situations such as emergencies or where the company believes it is necessary to protect against harm to the rights, property, or safety of the company, its users, or the public, the company may also voluntarily hand over data to law enforcement. footnote57_n5uk5ay 57 See, e.g., “Subaru Starlink Privacy Policy”; “OnStar Privacy Statement”; and “BMW Assist Terms and Conditions.” However, depending on the nature of the company and the specific functionality of their product, there may be no legal restrictions that limit a company’s voluntary disclosure of data to law enforcement.
Possible uses of device data by law enforcement
- Evaluate a person’s alibi or version of events.
- Evaluate a person’s location or movements during a given time frame.
- Evaluate whether someone was inside a car.
- Analyze voice recordings that identify a suspect, victim, and more.
- Intercept communications and track location on an ongoing basis.
Transparency reports
- No transparency reports were located.
Relevant legal cases and further reading
- Cartapping: How Feds Have Spied on Connected Cars For 15 Years (Forbes)
- Burglary Suspect Arrested in Camden After OnStar Tracks Stolen Vehicle (Philly Voice)
- 12-Year-Old Faces Felony Charges After High Speed Chase Through Conroe (The Courier)
- BMW Remotely Locks Alleged Thief In Car He’s Trying to Swipe (CNET)
- In the Matter of the Application of the United States for an Order Authorizing the Roving Interception of Oral Communications, 2003 in case # 02–15635, the Ninth Circuit allowed the FBI to obtain a court order compelling a car manufacturer to use technology embedded in a car to allow agents to eavesdrop on conversations in the car.
- People v. Oelerich, 78 N.E.3d 992 (Ill. App. Ct. 2017). Defendant’s car had OnStar. One piece of evidence was a 47-second-long recording of the conversation between the OnStar operator and the defendant, where the operator asked the defendant what had just happened and the defendant said, referring to a hallucinogenic drug, “I was driving because I wanted to have the great DMT trip of my life. And I cannot die….” The prosecutor used the OnStar recording to argue that the defendant was deliberate in driving into the other vehicle, while the defense used the recording to show that the defendant had not been rational and was in a psychotic state.
- State v. Wilson, 2008-Ohio-2863 (Ohio Ct. App. 2008). Defendant purchased a used vehicle equipped with OnStar, but he declined OnStar services. However, the service had not yet been disabled when OnStar received an emergency button key press from the vehicle. After the OnStar operator received no response, they requested local police to provide emergency assistance at the vehicle’s location. While monitoring the vehicle, the operator overheard the vehicle occupants discussing a possible illegal drug transaction and permitted the police dispatcher to listen in. The dispatcher notified the officers. The officer who arrived on scene “observed furtive movement” from the driver of the vehicle (the defendant), removed him from the vehicle, and conducted a search, ultimately finding marijuana. The trial court denied the defendant’s motion to suppress, finding there was no Fourth Amendment violation because governmental action did not cause the OnStar employee to monitor the conversation. The court of appeals affirmed.
- People v. Jacques, 2016 WL 4482930 (Cal. Ct. App. 2016). Following a burglary where the victim reported the license plate number of the defendant, police obtained a warrant to access the location of the defendant’s vehicle through OnStar. After locating the defendant’s vehicle, the police planted their own tracking device on the car to track its location.
(b) Supplemental Technology
How they work and who makes them
- How they work: Supplemental technologies are external tools that enable cars and drivers to perform a
variety of tasks. These technologies include:
- GPS navigators that provide driving directions; footnote58_358mjao 58 See, e.g., Gretchen Newcomb, “Pioneer AVIC-W8500NEX Review,” PC Magazine, September 19, 2019, https://www.pcmag.com/reviews/pioneer-avic-w8500nex.
- dashboard cameras that record what’s happening inside of a car and can be set up to automatically record when they detect impacts or possible accidents; footnote59_3ndjcoq 59 See, e.g., Dan Seifart, “Ring Announces New Line of Security Cameras for Cars,” The Verge, September 24, 2020, https://www.theverge.com/2020/9/24/21453632/ring-car-alarm-security-camera-connect-tesla-price-specs-features-amazon.
- security devices that track a car’s location and send messages to the user if a car is bumped or moved; footnote60_5jpm9ck 60 See, e.g., Molly McLaughlin, “Cobra CDR 855 BT Review,” PC Magazine, March 3, 2017, https://www.pcmag.com/reviews/cobra-cdr-855-bt.
- other devices that can plug into a car and issue diagnostic reports and driving reports; footnote61_dkzuls6 61 See, e.g., BlueDriver Pro Scar Tool, https://www.bluedriver.com/products/bluedriver-scan-tool. and
- digital assistants that can perform a variety of services based on voice commands. footnote62_eaq1ipm 62 See “The Rise of the In-car Digital Assistant,” Automotive World, October 21, 2019, https://www.automotiveworld.com/special-reports/special-report-the-rise-of-the-in-car-digital-assistant/.
- Who makes them: Companies selling these devices include Google, Apple, Pioneer, Kenwood, OnStar, Amazon, Garmin, Raven, and Vivint.
What kinds of data are collected and how long data is retained
- Data about the device owner: These devices may collect the user’s name, mailing address, email address, telephone number, and payment information. footnote63_lz32f5m 63 See ““The Rise of the In-car Digital Assistant.”
- Data about the car and people inside the car: They may also gather location data, video and audio footage of what occurs in and around a car, and diagnostic reports about the condition of a car. footnote64_354i8cc 64 See, e.g., “Garmin Privacy Policy”; “Raven Privacy Policy,” accessed December 16, 2020, https://ravenconnected.com/privacy-policy/; “Vivint Privacy Policy,” last updated December 15, 2019, https://www.vivint.com/company/policies/privacy; “Google Privacy Policy”; and “Amazon Privacy Notice.”
- Retention: Retention periods are unclear, with some privacy policies disclosing that they retain information as long as necessary to provide services. footnote65_fw6dq63 65 See, e.g. “JVCKENWOOD USA Corporation Privacy Policy,” last updated July 1, 2020, https://policy.us.jvckenwood.com/privacy.html. (“JVCKENWOOD USA Corporation will retain your Personal Information for the period necessary to fulfill the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by for legal, auditing, or compliance purposes.”); “Raven Privacy Policy.” (“We retain your personal information only as long as necessary to facilitate the use of our products and services. When your cancel your subscription to our services, we will take steps to have your personal information deleted and erased.”)
Law enforcement access
- Access via user: Law enforcement can ask the owner of the device to turn over the data. The device owner may be different from the car owner — for example, where an employer, partner, parent, or other person controls a device attached to a car.
- Access via device manufacturer: Law enforcement can also request access for data directly from the
company.
- Compelled Disclosure: Depending on factors such as the sensitivity of the data or if a request relates to the content of communications, a warrant or subpoena may be legally required. Company privacy policies typically note that they will disclose user data where required by law. footnote66_rs0wupq 66 See, e.g., “JVCKENWOOD USA Corporation Privacy Policy.” (“JVCKENWOOD USA Corporation may share information about you for business purposes as follows or as otherwise described in this Privacy Policy . . . in response to a subpoena, legal order or official request, including lawful requests by public authorities to meet national security or law enforcement requirements.”); “Raven Privacy Policy.” (“Raven Connected may be requested or required by law to disclose personal information to proper law enforcement authorities, even though you might have requested that we do not share such personal information. This information may be necessary to identify, contact or bring legal action against anyone who may attempt to cause injury to another’s rights or property. We may also release your personal information when we believe the release is appropriate to comply with the law, enforce our policies, or protect ours or others’ rights, property, or safety.”) However, in situations where legal obligations are unclear, it may be up to the company to make individual decisions about whether to push back against an overbroad request.
- Voluntary Disclosure: Company privacy policies note that in situations such as emergencies or when the company believes it is necessary to protect their rights and property, they may also voluntarily hand over data to law enforcement. footnote67_62kqp6n 67 See, e.g., “JVCKENWOOD USA Corporation Privacy Policy”; “Raven Privacy Policy.” However, depending on the nature of the company and the specific functionality of their product, there may be no legal restrictions that limit a company’s voluntary disclosure of data to law enforcement.
Possible uses of device data by law enforcement
- Evaluate a person’s alibi or version of events.
- Evaluate a person’s location or movements during a given time frame.
- Verify whether someone was inside a car.
- Evaluate voice recordings to help identify a suspect, victim, and more.
Transparency reports
- Apple, Amazon, and Google publish summaries incorporating all disclosures of user data into an overall report
that gives numbers across each company’s entire suite of products. These documents do not break down the number
of law enforcement requests for data from each product or specify the type of data provided.
footnote68_zxqdjly
68
See
“Apple Transparency Report”; “Amazon Transparency Report”; and “Google Transparency Report.”
- Transparency reports do not account for situations where users voluntarily turn over data to law enforcement.
- Pioneer, Kenwood, OnStar, Garmin, Raven, and Vivint do not publish transparency reports.
Relevant legal cases and further reading
- Dash Cams Can Be Silent Witnesses During Police Traffic Stops and Other Incidents (Consumer Reports)
End Notes
-
footnote48_xpyguoj
48
See, e.g., Liz Kim, “What is Hyundai SmartSense?” JD Power, September 8, 2020, https://www.jdpower.com/cars/shopping-guides/what-is-hyundai-smartsense. -
footnote49_8leug1g
49
See, e.g., “Subaru StarLink,” Subaru, accessed December 16, 2020, https://www.subaru.com/engineering/starlink/safety-security.html. -
footnote50_frgjfhr
50
See, e.g., “Connected Car. Its History, Stages and Terms,” BMW, June 8, 2020, https://www.bmw.com/en/innovation/connected-car.html. -
footnote51_41y2d3a
51
See, e.g. “OnStar Privacy Statement,” last updated January 2020, https://www.onstar.com/us/en/privacy_statement/. -
footnote52_bcp0q11
52
See, e.g., “OnStar Privacy Statement”; “BMW Assist Terms and Conditions,” BMW, last updated June 14, 2017, https://www.bmwusa.com/content/dam/bmwusa/connected-drive/pdf/BMWAssist_TERMS_and_CONDITIONS_2014_later.pdf; and “Subaru Starlink Privacy Policy,” last updated May 1, 2018, https://www.subaru.com/company/starlink-privacy.html. -
footnote53_rm9uxln
53
See, e.g., “Subaru Starlink Privacy Policy”; “OnStar Privacy Statement”; and “BMW Assist Terms and Conditions.” -
footnote54_ofqmzfl
54
“OnStar Privacy Statement.” (“If you sell or otherwise transfer your vehicle, it is your responsibility to delete all information (such as contacts, address look-ups, saved map addresses) from the vehicle’s system and contact us to transfer or cancel your account. If you do not delete this information, it may remain on the vehicle’s system and may be accessible to future users of the vehicle. For instructions on how to delete information from your vehicle’s system, please refer to your vehicle owner’s manual.”). -
footnote55_s3d79ar
55
See, e.g., “Subaru Starlink Privacy Policy.” (“We cooperate with government and law enforcement officials and private parties to enforce and comply with the law and may be compelled to disclose your information to government or law enforcement officials or private parties in response to a validly-issued subpoena or court order to . . . satisfy any applicable law, regulation, subpoenas, governmental requests, or legal process . . .”); “OnStar Privacy Statement.” ("As required or permitted by law, such as in conjunction with a subpoena, government inquiry, litigation, dispute resolution, or similar legal process, when we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others, to detect, investigate and prevent fraud, or to conduct screening to ensure you are not on any government list of restricted parties.”); and “BMW Assist Terms and Conditions.” (“We reserve the right to disclose your personal information to respond to authorized information requests from government authorities, subpoenas or other litigation process or to protect the interests or safety of the Sites’ visitors, customers, employees, or others, to address national security situations, or when otherwise required by law.”). -
footnote56_6eot2pt
56
See, e.g., “Subaru Starlink Privacy Policy”; “OnStar Privacy Statement”; and “BMW Assist Terms and Conditions.” -
footnote57_n5uk5ay
57
See, e.g., “Subaru Starlink Privacy Policy”; “OnStar Privacy Statement”; and “BMW Assist Terms and Conditions.” -
footnote58_358mjao
58
See, e.g., Gretchen Newcomb, “Pioneer AVIC-W8500NEX Review,” PC Magazine, September 19, 2019, https://www.pcmag.com/reviews/pioneer-avic-w8500nex. -
footnote59_3ndjcoq
59
See, e.g., Dan Seifart, “Ring Announces New Line of Security Cameras for Cars,” The Verge, September 24, 2020, https://www.theverge.com/2020/9/24/21453632/ring-car-alarm-security-camera-connect-tesla-price-specs-features-amazon. -
footnote60_5jpm9ck
60
See, e.g., Molly McLaughlin, “Cobra CDR 855 BT Review,” PC Magazine, March 3, 2017, https://www.pcmag.com/reviews/cobra-cdr-855-bt. -
footnote61_dkzuls6
61
See, e.g., BlueDriver Pro Scar Tool, https://www.bluedriver.com/products/bluedriver-scan-tool. -
footnote62_eaq1ipm
62
See “The Rise of the In-car Digital Assistant,” Automotive World, October 21, 2019, https://www.automotiveworld.com/special-reports/special-report-the-rise-of-the-in-car-digital-assistant/. -
footnote63_lz32f5m
63
See ““The Rise of the In-car Digital Assistant.” -
footnote64_354i8cc
64
See, e.g., “Garmin Privacy Policy”; “Raven Privacy Policy,” accessed December 16, 2020, https://ravenconnected.com/privacy-policy/; “Vivint Privacy Policy,” last updated December 15, 2019, https://www.vivint.com/company/policies/privacy; “Google Privacy Policy”; and “Amazon Privacy Notice.” -
footnote65_fw6dq63
65
See, e.g. “JVCKENWOOD USA Corporation Privacy Policy,” last updated July 1, 2020, https://policy.us.jvckenwood.com/privacy.html. (“JVCKENWOOD USA Corporation will retain your Personal Information for the period necessary to fulfill the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by for legal, auditing, or compliance purposes.”); “Raven Privacy Policy.” (“We retain your personal information only as long as necessary to facilitate the use of our products and services. When your cancel your subscription to our services, we will take steps to have your personal information deleted and erased.”) -
footnote66_rs0wupq
66
See, e.g., “JVCKENWOOD USA Corporation Privacy Policy.” (“JVCKENWOOD USA Corporation may share information about you for business purposes as follows or as otherwise described in this Privacy Policy . . . in response to a subpoena, legal order or official request, including lawful requests by public authorities to meet national security or law enforcement requirements.”); “Raven Privacy Policy.” (“Raven Connected may be requested or required by law to disclose personal information to proper law enforcement authorities, even though you might have requested that we do not share such personal information. This information may be necessary to identify, contact or bring legal action against anyone who may attempt to cause injury to another’s rights or property. We may also release your personal information when we believe the release is appropriate to comply with the law, enforce our policies, or protect ours or others’ rights, property, or safety.”) -
footnote67_62kqp6n
67
See, e.g., “JVCKENWOOD USA Corporation Privacy Policy”; “Raven Privacy Policy.” -
footnote68_zxqdjly
68
See “Apple Transparency Report”; “Amazon Transparency Report”; and “Google Transparency Report.”
VI. License Plate Readers
How they work and who makes them
- How they work: License plate readers use a combination of cameras and computer software to scan and store
the license plates as well as photos of every car passing by the device.
- Through a user interface, users can set up “hot lists” to alert them whenever a particular car passes by or leaves a neighborhood.
- Companies also retain license plate information for future uses. These uses may include data sharing with law enforcement and with other customers who have “a legitimate commercial interest,” footnote69_rf2ugod 69 See, e.g., “Vigilant Solutions Usage and Privacy Policy,” accessed December 16, 2020, https://www.vigilantsolutions.com/lpr-usage-and-privacy-policy. (“The company authorizes collection of LPR data for the use of the company and its customers consistent with this policy. The authorized uses of the ALPR system are . . . (1) By customers to identify or ascertain the location of a specific vehicle under circumstances when there is a legitimate commercial interest . . . (2) By law enforcement agencies for law enforcement purposes . . . (3) By the company to make LPR data available to customers and law enforcement agencies (LEAs) for the purposes above, and to provide market research information to customers based on aggregated LPR data.”) such as repossession services on behalf of creditors. footnote70_5bakjli 70 See, e.g., Susan Crandall,“Vigilant Solutions Bolsters Commercial LPR Database through Agreement with Plate Locate,” Digital Recognition Network, April 19, 2018, https://drndata.com/vigilant-solutions-bolsters-commercial-lpr-database-agreement-plate-locate/.
- Who makes them: Companies selling these devices include Flock Safety, Vigilant Solutions, and Obsidian Integration.
What kinds of data are collected and how long is data retained
- Data about the owner: These devices may record the name, phone number, email, zip code,
footnote71_xbdf0c8
71
“Privacy Policy for Flock Safety,” last updated July 10, 2020,
https://www.flocksafety.com/legal/privacy-policy.
usernames, affiliated organizations, and IP
addresses of anyone who accesses the license plate reader data.
footnote72_ma5gbff
72
“Vigilant Solutions Usage and
Privacy Policy.”
- Vigilant Solutions logs how its customers use their products, and occasionally audits these logs. footnote73_zhryqjn 73 “Vigilant Solutions Usage and Privacy Policy.”
- Data about cars: Some devices may record video and still images of cars and license plate scans, as well as the date, time, and location associated with this data. footnote74_t95xzt0 74 See, e.g., “Privacy Policy for Flock Safety”; “Vigilant Solutions Usage and Privacy Policy.”
- Environmental data and data about the license plate reader: Some devices collect temperature and ambient light information. footnote75_6r65wb7 75 See “Privacy Policy for Flock Safety.” Additionally, companies maintain records on the serial number, software version, cellular signal strength, and geolocation of their license plate readers. footnote76_yiuuhut 76 See, e.g., “Privacy Policy for Flock Safety.”
- Retention: Flock Safety retains video and audio information for 30 days, although users can save and retain data indefinitely. footnote77_0in0t1p 77 Flock Safety ALPR Policy,” accessed December 16, 2020, https://www.flocksafety.com/alpr-policy. Vigilant Solutions retains data as long as it has “commercial value.” footnote78_thg05mo 78 See “Vigilant Solutions Usage and Privacy Policy.”
Law enforcement access
- Access via user: Law enforcement can ask the owner or any user with access to the data to voluntarily disclose it. Companies like Flock Safety create user interfaces that allow users to either share information with police on a case-by-case basis or to allow the police to have direct access to the system. footnote79_ik8rc7f 79 See, e.g. “Neighborhoods Stop Crime in Their Community with License Plate Readers,” KCTB5 Kansas City, https://www.youtube.com/watch?v=fXqFj4H6XKg (Uploaded by Flock Safety).
- Access via device manufacturer: Law enforcement can also request access for data directly from the
company.
- Compelled Disclosure: Depending on factors such as the sensitivity of the data, a warrant or subpoena may be legally required. Company privacy policies typically note that they will disclose user data where required by law. footnote80_ysc3k1m 80 See, e.g., “Vigilant Solutions Usage and Privacy Policy”; “Terms of Service for Flock Safety.” However, in situations where legal obligations are unclear, it may be up to the company to make individual decisions about whether to push back against an overbroad request. Flock Safety also reserves the right to use and disclose aggregated data the company collects for unspecified “crime prevention efforts.” footnote81_bkskkp6 81 “Terms of Service for Flock Safety.” (“Customer acknowledges that Flock will be compiling anonymized and/or aggregated data based on Customer Data input into the Services (the ‘Aggregated Data’). Customer hereby grants Flock a non-exclusive, worldwide, perpetual, royalty-free right and license (during and after the term hereof) to use and distribute such Aggregated Data to improve and enhance the Services and for other marketing, development, diagnostic and corrective purposes, other Flock offerings and crime prevention efforts.”)
- Voluntary Disclosure: Company privacy policies note that in situations such as emergencies or when the company believes it is necessary to protect against harm to the rights, property, or safety of the company, they may also voluntarily hand over data to law enforcement. footnote82_7q0ohj2 82 See, e.g., “Terms of Service for Flock Safety.” (“For clarity, Flock may access, use, preserve and/or disclose the Footage to law enforcement authorities, government officials, and/or third parties, if legally required to do so or if Flock has a good faith belief that such access, use, preservation or disclosure is reasonably necessary to: (a) comply with a legal process or request; (b) enforce this Agreement, including investigation of any potential violation thereof; (c) detect, prevent or otherwise address security, fraud or technical issues; or (d) protect the rights, property or safety of Flock, its users, a third party, or the public as required or permitted by law, including respond to an emergency situation.”) However, depending on the nature of the company and the specific functionality of their product, there may be no legal restrictions that limit a company’s voluntary disclosure of data to law enforcement.
Possible uses of device data by law enforcement
- Verify cars and people present at the scene of a crime.
- Establish relationships between people.
- Track a particular driver’s location and movement over time.
- Locate cars associated with AMBER alerts for abducted children.
- Cross-reference state and federal databases with information on gang membership and unpaid fines.
Transparency reports
- No transparency reports identified.
Relevant legal cases and further reading
- Neighborhood Watch Has a New Tool: License-Plate Readers (OneZero)
- Looking to Combat Crime, H.B. Gated Community Turns to License Plate Reading Cameras (Los Angeles Times)
- License Plate Tracking For Police Set to Go Nationwide (CNET)
- It’s Not Just the Police: Your HOA May Be Tracking Your License Plate (The San Diego Union-Tribune)
- Twin Cities Neighborhood Association Turns to New Camera Technology to Deter Car, Home Break-Ins (CBS Minnesota)
End Notes
-
footnote69_rf2ugod
69
See, e.g., “Vigilant Solutions Usage and Privacy Policy,” accessed December 16, 2020, https://www.vigilantsolutions.com/lpr-usage-and-privacy-policy. (“The company authorizes collection of LPR data for the use of the company and its customers consistent with this policy. The authorized uses of the ALPR system are . . . (1) By customers to identify or ascertain the location of a specific vehicle under circumstances when there is a legitimate commercial interest . . . (2) By law enforcement agencies for law enforcement purposes . . . (3) By the company to make LPR data available to customers and law enforcement agencies (LEAs) for the purposes above, and to provide market research information to customers based on aggregated LPR data.”) -
footnote70_5bakjli
70
See, e.g., Susan Crandall,“Vigilant Solutions Bolsters Commercial LPR Database through Agreement with Plate Locate,” Digital Recognition Network, April 19, 2018, https://drndata.com/vigilant-solutions-bolsters-commercial-lpr-database-agreement-plate-locate/. -
footnote71_xbdf0c8
71
“Privacy Policy for Flock Safety,” last updated July 10, 2020, https://www.flocksafety.com/legal/privacy-policy. -
footnote72_ma5gbff
72
“Vigilant Solutions Usage and Privacy Policy.” -
footnote73_zhryqjn
73
“Vigilant Solutions Usage and Privacy Policy.” -
footnote74_t95xzt0
74
See, e.g., “Privacy Policy for Flock Safety”; “Vigilant Solutions Usage and Privacy Policy.” -
footnote75_6r65wb7
75
See “Privacy Policy for Flock Safety.” -
footnote76_yiuuhut
76
See, e.g., “Privacy Policy for Flock Safety.” -
footnote77_0in0t1p
77
Flock Safety ALPR Policy,” accessed December 16, 2020, https://www.flocksafety.com/alpr-policy. -
footnote78_thg05mo
78
See “Vigilant Solutions Usage and Privacy Policy.” -
footnote79_ik8rc7f
79
See, e.g. “Neighborhoods Stop Crime in Their Community with License Plate Readers,” KCTB5 Kansas City, https://www.youtube.com/watch?v=fXqFj4H6XKg (Uploaded by Flock Safety). -
footnote80_ysc3k1m
80
See, e.g., “Vigilant Solutions Usage and Privacy Policy”; “Terms of Service for Flock Safety.” -
footnote81_bkskkp6
81
“Terms of Service for Flock Safety.” (“Customer acknowledges that Flock will be compiling anonymized and/or aggregated data based on Customer Data input into the Services (the ‘Aggregated Data’). Customer hereby grants Flock a non-exclusive, worldwide, perpetual, royalty-free right and license (during and after the term hereof) to use and distribute such Aggregated Data to improve and enhance the Services and for other marketing, development, diagnostic and corrective purposes, other Flock offerings and crime prevention efforts.”) -
footnote82_7q0ohj2
82
See, e.g., “Terms of Service for Flock Safety.” (“For clarity, Flock may access, use, preserve and/or disclose the Footage to law enforcement authorities, government officials, and/or third parties, if legally required to do so or if Flock has a good faith belief that such access, use, preservation or disclosure is reasonably necessary to: (a) comply with a legal process or request; (b) enforce this Agreement, including investigation of any potential violation thereof; (c) detect, prevent or otherwise address security, fraud or technical issues; or (d) protect the rights, property or safety of Flock, its users, a third party, or the public as required or permitted by law, including respond to an emergency situation.”)