Ban Plate Readers - Minnesota

A bill for an act 1.2 relating to relating to data practices; classifying data related to automated license 1.3 plate readers and requiring a governing policy; requiring a log of use; requiring 1.4 data to be destroyed in certain circumstances; requiring a report; amending 1.5 Minnesota Statutes 2014, section 13.82, subdivision 2, by adding a subdivision; 1.6 proposing coding for new law in Minnesota Statutes, chapters 13; 626. 1.7 BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF MINNESOTA: 1.8 Section 1. Minnesota Statutes 2014, section 13.82, subdivision 2, is amended to read: 1.9 Subd. 2. Arrest data. The following data created or collected by law enforcement 1.10 agencies which document any actions taken by them to cite, arrest, incarcerate or 1.11 otherwise substantially deprive an adult individual of liberty shall be public at all times 1.12 in the originating agency: 1.13 (a) time, date and place of the action; 1.14 (b) any resistance encountered by the agency; 1.15 (c) any pursuit engaged in by the agency; 1.16 (d) whether any weapons were used by the agency or other individual; 1.17 (e) the charge, arrest or search warrants, or other legal basis for the action; 1.18 (f) the identities of the agencies, units within the agencies and individual persons 1.19 taking the action; 1.20 (g) whether and where the individual is being held in custody or is being incarcerated 1.21 by the agency; 1.22 (h) the date, time and legal basis for any transfer of custody and the identity of the 1.23 agency or person who received custody; 1.24 (i) the date, time and legal basis for any release from custody or incarceration; Section 1. 1 SENATE STATE OF MINNESOTA EIGHTY-NINTH SESSION S.F. No. 86 (SENATE AUTHORS: LATZ, Kent and Hall) DATE D-PG OFFICIAL STATUS 01/12/2015 54 Introduction and first reading Referred to Judiciary 01/29/2015 139a Comm report: To pass as amended Rule 21, referred to Rules and Administration 02/19/2015 340 Comm report: Amend previous comm report Re-referred to Transportation and Public Safety 03/04/2015 517a Comm report: To pass as amended and re-refer to Finance 05/06/2015 3306 Comm report: To pass 3392 Second reading 05/07/2015 3420a Special Order: Amended 3424 Motion did not prevail to lay bill on the table 3428 Third reading Passed 05/15/2015 3569 Returned from House with amendment 3569 Senate not concur, conference committee of 3 requested 3575 Senate conferees Latz; Kent; Hall 05/16/2015 3592 House conferees Cornish; Scott; Schoen 05/17/2015 3810c Conference committee report, delete everything Senate adopted CC report and repassed bill 3815 Third reading 4254 House adopted SCC report and repassed bill Presentment date 05/20/15 Governor's action Approval 05/23/15 Secretary of State Chapter 67 05/23/15 SF86 REVISOR KLL S0086-4 4th Engrossment 2.1 (j) the name, age, sex and last known address of an adult person or the age and sex 2.2 of any juvenile person cited, arrested, incarcerated or otherwise substantially deprived 2.3 of liberty; 2.4 (k) whether the agency employed an automated license plate reader, wiretaps or 2.5 other eavesdropping techniques, unless the release of this specific data would jeopardize 2.6 an ongoing investigation; 2.7 (l) the manner in which the agencies received the information that led to the arrest 2.8 and the names of individuals who supplied the information unless the identities of those 2.9 individuals qualify for protection under subdivision 17; and 2.10 (m) response or incident report number. 2.11 Sec. 2. Minnesota Statutes 2014, section 13.82, is amended by adding a subdivision to 2.12 read: 2.13 Subd. 31. Use of surveillance technology. Notwithstanding subdivision 25 2.14 and section 13.37, subdivision 2, the existence of all technology maintained by a 2.15 law enforcement agency that may be used to electronically capture an audio, video, 2.16 photographic, or other record of the activities of the general public, or of an individual 2.17 or group of individuals, for purposes of conducting an investigation, responding to an 2.18 incident or request for service, monitoring or maintaining public order and safety, or 2.19 engaging in any other law enforcement function authorized by law is public data. 2.20 Sec. 3. [13.824] AUTOMATED LICENSE PLATE READERS. 2.21 Subdivision 1. Definition. As used in this section, "automated license plate reader" 2.22 means an electronic device mounted on a law enforcement vehicle or positioned in a 2.23 stationary location that is capable of recording data on, or taking a photograph of, a 2.24 vehicle or its license plate and comparing the collected data and photographs to existing 2.25 law enforcement databases for investigative purposes. Automated license plate reader 2.26 includes a device that is owned or operated by a person who is not a government entity to 2.27 the extent that data collected by the reader are shared with a law enforcement agency. 2.28 Subd. 2. Data collection; classification; use restrictions. (a) Data collected by an 2.29 automated license plate reader must be limited to the following: 2.30 (1) license plate numbers; 2.31 (2) date, time, and location data on vehicles; and 2.32 (3) pictures of license plates, vehicles, and areas surrounding the vehicles. 2.33 Collection of any data not authorized by this paragraph is prohibited. Sec. 3. 2 SF86 REVISOR KLL S0086-4 4th Engrossment 3.1 (b) All data collected by an automated license plate reader are private data on 3.2 individuals or nonpublic data unless the data are public under section 13.82, subdivision 2, 3.3 3, or 6, or are active criminal investigative data under section 13.82, subdivision 7. 3.4 (c) Data collected by an automated license plate reader may only be matched with 3.5 data in the Minnesota license plate data file, provided that a law enforcement agency 3.6 may use additional sources of data for matching if the additional data relate to an active 3.7 criminal investigation. A central state repository of automated license plate reader data is 3.8 prohibited unless explicitly authorized by law. 3.9 (d) Automated license plate readers must not be used to monitor or track an individual 3.10 who is the subject of an active criminal investigation unless authorized by a warrant, issued 3.11 upon probable cause, or exigent circumstances justify the use without obtaining a warrant. 3.12 Subd. 3. Destruction of data required. (a) Notwithstanding section 138.17, and 3.13 except as otherwise provided in this subdivision, data collected by an automated license 3.14 plate reader that are not related to an active criminal investigation must be destroyed no 3.15 later than 60 days from the date of collection. 3.16 (b) Upon written request from an individual who is the subject of a pending criminal 3.17 charge or complaint, along with the case or complaint number and a statement that the 3.18 data may be used as exculpatory evidence, data otherwise subject to destruction under 3.19 paragraph (a) must be preserved by the law enforcement agency until the criminal charge 3.20 or complaint is resolved or dismissed. 3.21 (c) Upon written request from a program participant under chapter 5B, automated 3.22 license plate reader data related to the program participant must be destroyed at the 3.23 time of collection or upon receipt of the request, whichever occurs later, unless the data 3.24 are active criminal investigative data. The existence of a request submitted under this 3.25 paragraph is private data on individuals. 3.26 (d) Data that are inactive criminal investigative data are subject to destruction 3.27 according to the retention schedule for the data established under section 138.17. 3.28 Subd. 4. Sharing among law enforcement agencies. (a) Automated license plate 3.29 reader data that are not related to an active criminal investigation may only be shared 3.30 with, or disseminated to, another law enforcement agency upon meeting the standards 3.31 for requesting access to data as provided in subdivision 7. 3.32 (b) If data collected by an automated license plate reader are shared with another law 3.33 enforcement agency under this subdivision, the agency that receives the data must comply 3.34 with all data classification, destruction, and security requirements of this section. Sec. 3. 3 SF86 REVISOR KLL S0086-4 4th Engrossment 4.1 (c) Automated license plate reader data that are not related to an active criminal 4.2 investigation may not be shared with, disseminated to, sold to, or traded with any other 4.3 individual or entity unless explicitly authorized by this subdivision or other law. 4.4 Subd. 5. Log of use required. (a) A law enforcement agency that installs or 4.5 uses an automated license plate reader must maintain a public log of its use, including 4.6 but not limited to: 4.7 (1) specific times of day that the reader actively collected data; 4.8 (2) the aggregate number of vehicles or license plates on which data are collected for 4.9 each period of active use and a list of all state and federal databases with which the data 4.10 were compared, unless the existence of the database itself is not public; 4.11 (3) for each period of active use, the number of vehicles or license plates in each of 4.12 the following categories where the data identify a vehicle or license plate that has been 4.13 stolen, a warrant for the arrest of the owner of the vehicle or an owner with a suspended or 4.14 revoked driver's license or similar category, or are active investigative data; and 4.15 (4) for a reader at a stationary or fixed location, the location at which the reader 4.16 actively collected data and is installed and used. 4.17 (b) The law enforcement agency must maintain a list of the current and previous 4.18 locations, including dates at those locations, of any fixed stationary automated license 4.19 plate readers or other surveillance devices with automated license plate reader capability 4.20 used by the agency. The agency's list must be accessible to the public, unless the agency 4.21 determines that the data are security information as provided in section 13.37, subdivision 4.22 2. A determination that these data are security information is subject to in-camera judicial 4.23 review as provided in section 13.08, subdivision 4. 4.24 Subd. 6. Biennial audit. (a) In addition to the log required under subdivision 5, 4.25 the law enforcement agency must maintain records showing the date and time automated 4.26 license plate reader data were collected and the applicable classification of the data. The 4.27 law enforcement agency shall arrange for an independent, biennial audit of the records 4.28 to determine whether data currently in the records are classified, how the data are used, 4.29 whether they are destroyed as required under this section, and to verify compliance with 4.30 subdivision 7. If the commissioner of administration believes that a law enforcement 4.31 agency is not complying with this section or other applicable law, the commissioner may 4.32 order a law enforcement agency to arrange for additional independent audits. Data in the 4.33 records required under this paragraph are classified as provided in subdivision 2. 4.34 (b) The results of the audit are public. The commissioner of administration shall 4.35 review the results of the audit. If the commissioner determines that there is a pattern of 4.36 substantial noncompliance with this section by the law enforcement agency, the agency Sec. 3. 4 SF86 REVISOR KLL S0086-4 4th Engrossment 5.1 must immediately suspend operation of all automated license plate reader devices until the 5.2 commissioner has authorized the agency to reinstate their use. An order of suspension 5.3 under this paragraph may be issued by the commissioner, upon review of the results of the 5.4 audit, review of the applicable provisions of this chapter, and after providing the agency a 5.5 reasonable opportunity to respond to the audit's findings. 5.6 (c) A report summarizing the results of each audit must be provided to the 5.7 commissioner of administration, to the chair and ranking minority members of the 5.8 committees of the house of representatives and the senate with jurisdiction over data 5.9 practices and public safety issues, and to the Legislative Commission on Data Practices 5.10 and Personal Data Privacy no later than 30 days following completion of the audit. 5.11 Subd. 7. Authorization to access data. (a) A law enforcement agency must comply 5.12 with sections 13.05, subdivision 5, and 13.055 in the operation of automated license plate 5.13 readers, and in maintaining automated license plate reader data. 5.14 (b) The responsible authority for a law enforcement agency must establish written 5.15 procedures to ensure that law enforcement personnel have access to the data only if 5.16 authorized in writing by the chief of police, sheriff, or head of the law enforcement agency, 5.17 or their designee, to obtain access to data collected by an automated license plate reader 5.18 for a legitimate, specified, and documented law enforcement purpose. Consistent with the 5.19 requirements of paragraph (c), each access must be based on a reasonable suspicion that 5.20 the data are pertinent to an active criminal investigation and must include a record of the 5.21 factual basis for the access and any associated case number, complaint, or incident that is 5.22 the basis for the access. 5.23 (c) The ability of authorized individuals to enter, update, or access automated license 5.24 plate reader data must be limited through the use of role-based access that corresponds 5.25 to the official duties or training level of the individual and the statutory authorization 5.26 that grants access for that purpose. All queries and responses, and all actions in which 5.27 data are entered, updated, accessed, shared, or disseminated, must be recorded in a data 5.28 audit trail. Data contained in the audit trail are public, to the extent that the data are 5.29 not otherwise classified by law. 5.30 Subd. 8. Notification to Bureau of Criminal Apprehension. (a) Within ten days 5.31 of the installation or current use of an automated license plate reader or the integration 5.32 of automated license plate reader technology into another surveillance device, a law 5.33 enforcement agency must notify the Bureau of Criminal Apprehension of that installation 5.34 or use and of any fixed location of a stationary automated license plate reader. 5.35 (b) The Bureau of Criminal Apprehension must maintain a list of law enforcement 5.36 agencies using automated license plate readers or other surveillance devices with Sec. 3. 5 SF86 REVISOR KLL S0086-4 4th Engrossment 6.1 automated license plate reader capability, including locations of any fixed stationary 6.2 automated license plate readers or other devices. Except to the extent that the law 6.3 enforcement agency determines that the location of a specific reader or other device is 6.4 security information, as defined in section 13.37, this list is accessible to the public and 6.5 must be available on the bureau's Web site. A determination that the location of a reader 6.6 or other device is security information is subject to in-camera judicial review, as provided 6.7 in section 13.08, subdivision 4. 6.8 EFFECTIVE DATE. This section is effective August 1, 2015. Data collected 6.9 before the effective date of this section must be destroyed, if required by this section, no 6.10 later than 15 days after the date this section becomes effective. 6.11 Sec. 4. [626.8472] AUTOMATED LICENSE PLATE READER POLICY. 6.12 The chief law enforcement officer of every state and local law enforcement agency 6.13 that maintains an automated license plate reader shall establish and enforce a written 6.14 policy governing use of the reader. Use of an automated license plate reader without 6.15 adoption of a written policy under this section is prohibited. At a minimum, the policies 6.16 and procedures must incorporate the requirements of section 13.824, and the employee 6.17 discipline standards for unauthorized access to data contained in section 13.09. 6.18 EFFECTIVE DATE. This section is effective August 1, 2015, provided that chief 6.19 law enforcement officers shall adopt the policy required under this section no later than 6.20 January 15, 2016.