Come on, it's not that hard to think of a solution.
Pass a law making it illegal to do a combination of collecting and storing personally identifying information, such as a license plate number, in a timestamped database with location data. Extra penalty if it's done for the purpose of selling the data.
Then OCR'ing the camera roll on your phone would be illegal. Every photo is stamped with time and location, and your camera roll is a database.
That's why it actually is hard.
Plus, what about legitimate purposes of tracking? E.g. journalists tracking the movements of politicians to show they are meeting in secret to plan corrupt activities. Or tracking Ubers to show that the city is allowing way more then the number of permits granted. Or a journalist wanting to better understand traffic patterns.
The line between illegitimate usage and legitimate usage seems really blurry. Hence my question.
>Then OCR'ing the camera roll on your phone would be illegal. Every photo is stamped with time and location, and your camera roll is a database.
>That's why it actually is hard.
Actually, it's not. It's the same idea as having a journalist (or a private investigator or a law "enforcement" agent) surveil a location and take photos of those who come and go on public streets to/from a particular location.
It's not the same thing if you put up automated cameras to identify everyone who goes anywhere for no reason, then create a database that allows folks (especially the government, but folks like Flock as well) to track anyone for any (or no) reason wherever they go.
Not saying I agree with OP, but for the law you described: any photo you take of a license plate on your smartphone would fit that description (unless you’ve explicitly disabled the automatic location and time stamping default).
So you’d need to further distinguish to preserve that freedom.
There’s a difference in intent, and you’re aware of that. Aggregating photos of license plates for the express purpose of building a database of license plates with location and other metadata to make profit from granting access to that database is clearly different to most other cases of taking, storing, and even selling photographs. There is no overlap here at all.
Its not hard to distugush individual pictures that contain trackable attributes like a license plate number from building a large scale database of them for sale. Or making such a database not legal to sell access to without removing that information, etc. It doesn't need to center on the contents of a single photo.
No I don’t think it’s “very hard”. But I also don’t pretend like OP that it’s super simple, only to suggest a law that would make most people criminals.
I think regulation is critically needed in this area, but acting like it’s easy to do well is a recipe for laws like the Computer Fraud and Abuse Act that have massive unexpected consequences.
Basing it around the act of selling data seems like a much better approach to me than what OP suggested, I agree. I imagine there are edge cases to consider around how acquisitions of company assets would work, although it’s not a use case I particularly care to defend.
“Intent to track” could be an approach, but the toll bridges near me use license plate scanners for payment, so I could see it not being that clear cut. There are likely other valid use cases, like statistical surveys, congestion pricing laws, etc.
Thing is, I am not /really/ worried about private citizens with access to this. There are just limits to what a private citizen or even massive corporation can do. What concerns me is when governments get involved and aggregate these private databases. The government is the one that can violate your 4A rights. It exists to protect us FROM the government. Not from private citizens and that exposure is very different. A private citizen can't for example, prosecute me, etc.
> There are just limits to what a private citizen or even massive corporation can do.
You’re just not being creative enough. Car insurers could increase your premiums if you often travel through dangerous intersections, employers could decide to pass you over for promotion if you’re often at a bar, etc.
Even better, make the law flexible enough to encompass all data brokers.
Car insurance can't wait to know everything about you. They will be crafting insurance policies that are specific for you and that will make unregulated insurance a very lucrative business proposition. Not sure if you can even call it insurance at that point.
If not for the government forcing us to buy their product they can't play games with premiums. It all comes back to government force at the end of the day.
How am I not? He proposes no company may store in a. Database a (PIi, Time, Location) triple. I am responding to exactly the claim he made and do not take kindly to your backseat moderating.
The context was surveillance without consent. Not service with consent. It is not certain they meant their proposal in this context. But it is plausible.
Users reminding other users of the guidelines is common here. I will stop if a moderator says to stop. Your complaint is your problem otherwise.
Pass a law making it illegal to do a combination of collecting and storing personally identifying information, such as a license plate number, in a timestamped database with location data. Extra penalty if it's done for the purpose of selling the data.