Vigilant Solutions FAQs
What data is included in a license plate capture? Can officers see my medical history, social security number, or other personal data?
License plate captures include a color image of the vehicle, an infrared image of the license plate, the license plate read as interpreted by the system, a time and date stamp, GPS coordinates of the vehicle making the license plate capture, as well as information on the operator and the camera making the capture. There is no personally identifiable information contained in a license plate capture. In fact, only with permissible purpose under the Federal Driver’s Privacy Protection Act (DPPA) may an officer connect a license plate to an individual by accessing other systems. License plate reader data, by itself, is completely anonymous.
If I use Vigilant’s hosted solution, how long is my data stored?
As any data collected by a law enforcement agency remains the property of the agency, it is held according to the retention policy set forth by the Agency Manager in their LEARN account settings. Retention policies may be adjusted by the Agency Manager at any time, and different retention policies may be set for “detections” and “hits” to allow for consistency with any agency policy in place and/or legislation. Even if an agency chooses to share its data to the National Vehicle Location Service (for nationwide law enforcement use) or to specific agencies, the data retention policies set by the Agency still apply. Data is automatically deleted from the system based on the retention policy, and Vigilant keeps no record of data after deletion.
Is License Plate Recognition (LPR) considered tracking? Is a warrant needed?
LPR is unlike GPS devices, RFID, or other technologies that may be used to track. LPR is not ubiquitous, and only captures point in time information. And the point in time information is on a vehicle, not an individual. Individual drivers are already protected under the Federal Driver’s Privacy Protection Act (DPPA). In the event that a vehicle becomes of interest in an investigation, it is still up to the officer to place a driver with the vehicle at the time of the crime. LPR data is an investigative lead only.
In a recent meeting, a well known user of LPR took exception to the use of the word “tracking.” She highlighted that, with permission, she ran the Mayor’s plate in the LPR system and had seven sightings over the last year. Paraphrasing, she said, “That’s seven seconds in the course of a year. Over 31 million seconds in a year. We knew where the Mayor’s vehicle was for 0.00002% of the year, and we don’t know if the Mayor was driving. Is that tracking?”
If I use Vigilant’s hosted solution, is my data sold or shared outside of law enforcement?
No. All law enforcement data is viewed as such and held securely on the Vigilant Solutions hosted server with access only to credentialed law enforcement. Vigilant is merely a steward of data for law enforcement agencies using its hosted solution. The data remains the property of the agency, and the agency controls its sharing permissions within LEARN.
How secure is the Vigilant Solutions hosted server?
The Vigilant Solutions hosted server houses over 1.4 billion license plate reads, and grows at roughly 50 million reads each month, as of September 2013. This server and the services for hosting are managed by Verio, a wholly owned subsidiary of NTT Communications, and a Microsoft Gold Certified Partner. Certified ISO 9001:2008 and compliant with SAS70 Type II, Verio is recognized as a world leader in hosted data and many Federal agencies and Fortune 500 companies use the services of Verio. The data center itself is located just outside of Washington, DC, where Verio is headquartered. The data center itself features redundant power sources, redundant fiber connectivity, redundant disk arrays, environmental monitoring, secure access control, physical escorts for onsite visitors, multiple diesel fuel backup generators, active fire prevention and suppression, and onsite system administrators and engineers.
Due to sensitivities around LPR data, the entire network is secured by a Cisco router with firewall firmware compliant with PCI, HIPAA, and SOX IT governance requirements. The Cisco firmware is also configured with Intrusion Protection Services offering deep packet inspection of all inbound traffic.
Is the solution scalable, and how can I guarantee uptime?
The solution is already capable of handling many more LPR systems and concurrent users than the present time (over 825 million reads and 25,000 users as of August 2012). The system is architected for almost infinite scalability under the management of Verio, and is guaranteed at greater than 99% uptime.