How Britain Exported Next-Generation Surveillance

Thousands of cameras, millions of photographs, terabytes of data. You’re tracked, wherever you go.

James Bridle
Dec 18, 2013 · 29 min read

IT WAS A COOL, QUIET MONDAY EVENING in northeast England when the computer first told them about Peter Chapman. The clock read a little after five, and two officers from Cleveland police were cruising in their patrol car. A screen lit up next to them: the on-board computer was flashing an alert from the local police network. The message told them the target was a blue Ford Mondeo and gave them its registration number.

It was only a few minutes before they came across the car and pulled it over with a sounding of their siren. Inside was Chapman, a 33-year-old convict wanted for questioning in connection with a string of offences, including arson and theft. The officers verified his identity and took him to a station just a few miles away.

At 5:07 p.m. on October 26, 2009, just 20 minutes before he was arrested, Chapman had driven past an Automatic Number Plate Recognition (ANPR) camera stationed next to the road. As his car passed, the camera recorded its registration number, together with the time and location, and sent the information to Cleveland Police’s internal computer network, where it was checked against a hotlist downloaded from Britain’s central police database.

There was a hit: a request to detain anyone driving Chapman’s car had been entered into the system three days earlier. Once the computers had processed their search — a matter of fractions of a second — the command to apprehend the driver was broadcast to local officers, who stopped and arrested Chapman as soon as they were able.

This feat was made possible by the continuous operation of a vast automated surveillance network that sits astride Britain’s roads. The technology — known as License Plate Recognition (LPR) in the US, where it is also used — captures and stores data on up to 15 million journeys in the UK each day.

It is the most extensive system of its kind in the world.

Yet the true extent of the network, the areas it covers, and the locations of the cameras, is a matter of secrecy. In order to function fully, say the police, such details cannot be revealed. As a result, we do not know precisely how the technology is used, nor how it is abused.

It is only in cases like Peter Chapman’s that this secret system becomes visible.

WHEN CHAPMAN’S CAR triggered that alert on the evening of October 26, it took the police just 20 minutes to find and stop him. But, as a later investigation discovered, it was not the first warning that had been issued. In fact, a total of 16 ANPR alerts had been put out over the previous three days — including four on the day he was arrested.

The combined area covered by Cleveland, Durham, and North Yorkshire police forces is over 10,000 square kilometers. It is policed by close to 5,000 officers and home to almost two million people — similar in size to Houston, Texas, but spread across an area 10 times greater. The report for Chapman’s vehicle said the driver was “to be immediately stopped”, but it was only graded as medium priority. In truth, the alerts were just a tiny handful of those that tumble onto police computers in a never-ending avalanche of data: in Cleveland alone, roadside cameras generate around 2,500 alerts every day. Officers were sent to find his car six times, but for four days attempts had proved futile. After all, knowing where a vehicle had been 10 minutes earlier is not necessarily enough to find it on Britain’s crowded road network.

In the space of three days, 16 alerts were generated by Chapman’s car. Each one urged police to arrest the driver.

There is a reason so much is known about Chapman’s arrest: it was the subject of an extensive investigation by Britain’s law enforcement watchdog, the Independent Police Complaints Commission. The reason for their inquiry was that Chapman’s capture, rather than being a striking model of efficient police work, was a disaster.

Chapman had been wanted for arson and theft, but he was also a convicted rapist. And after his arrest he made a startling confession: he had murdered Ashleigh Hall, a 17-year-old student from the nearby town of Darlington. Chapman had met her on Facebook, posing as a teenager in order to win her trust. On Sunday evening, two days and eight alerts after the request to apprehend Chapman had been made, Hall told her mother she was spending the night at a friend’s house.

On Tuesday, Chapman led police officers to her body, hidden in a field by the roadside just a few miles away from where they had pulled him over.

ANPR IS A BRITISH INVENTION: created, developed, and tested in the UK. Its first major outing was in 1984, when police scientists set themselves up in a small, unmarked cabin on a bridge overlooking the busy M1 motorway.

The road is one of the country’s most important north-south arteries, running 193 miles between London and Leeds. Inside the cabin, video cameras were trained on every lane of traffic. As cars passed beneath, the cameras captured their registration numbers and sent the data along a cable to a hut hidden a hundred meters away and out of sight of the road, where a computer checked a list of stolen vehicles. This was Britain’s first fully functioning ANPR installation.

“At the moment there is no intention of using it for anything other than detecting stolen cars”, a police spokesperson noted at the time.

Scientists had been working on the system for eight years, but the M1 set-up was the most advanced deployment to date: not only was it capable of tracking moving cars but, using infrared, it could read plates at night.

Concerns about the new technology were raised immediately, including from within the government. A 1984 report for the Greater London Council Police Committee warned that the system made every car a potential suspect and handed policy on mass surveillance to the police. “This possibility in a democracy is unacceptable,” it concluded.

Democratically unacceptable or not, the development of networked ANPR continued.

DURING THE 1990s, thousands of cameras, including plate readers, were installed to form a so-called “ring of steel” around the City of London, a massive operation aimed at ending the string of Irish Republican bombings in the financial district. Laws were changed to make the technology more effective: legislation enacted in 2001 required characters used on plates to be displayed in a font that made them easier for ANPR cameras to recognize.

In the same year, the government decided to deploy “spectrum vans” — mobile units with multiple ANPR cameras, connected by radio to local control stations — across every police force in England and Wales. The success of the scheme led to Project Laser, a 2005 plan to deploy more than 2,000 fixed cameras nationwide, and to the creation of the National ANPR Data Centre, which is tasked with handling the information collected.

Since that time, the system has been continually, if largely invisibly, expanded throughout the UK. In 2012 the Metropolitan Police, which patrols Greater London, announced its own ANPR bureau, and rolled out a new fleet of dedicated “ANPR interceptors”: at least 110 police vehicles on London’s roads, each equipped with mobile camera equipment and a live link to the central computer.

Meanwhile, local governments and private businesses have been installing their own ANPR systems for parking security, fuel station payments and to catch speeding drivers. Some of these systems, too, have been absorbed into the police network. By 2005, more than 50 local authorities — almost one sixth of the country — had agreed to use their traffic cameras for monitoring purposes.

Many of these systems were sold to local residents using promises that were quickly broken.

One example is the London Congestion Charge, which was introduced in 2003 as a traffic-reduction scheme. The charge zone, which covers 20 square kilometers of the capital, is monitored by a ring of almost 700 cameras that are trained on every road in and out. As vehicles drive in, their plates are read and checked against the payment records; those that have paid are deleted from the system’s database the following day. Data on those with outstanding fees may be retained for no longer than 13 months. These restrictions were designed in part to assure the public that the congestion cameras were not going to become a system for spying on Londoners.

In 2007, however, the government signed a certificate of exemption that granted the Metropolitan Police full, real-time access to the zone’s cameras. The certificate gives the Met all the data they can gather, where that data relates to “the safeguarding of national security”.

We have made repeated requests for more information on how their system works, but a Met spokesman would only say that the service “manages ANPR data in accordance with the Data Protection Act and all relevant ACPO [Association of Chief Police Officers] policies”.

This is despite the fact that the data in question is specifically exempted from these laws. He refused to comment further on the specific details of how these records are kept separate from the police’s own network of ANPR camera data, or even whether they are kept separate at all.

BRITAIN IS ONE OF THE MOST surveilled countries in the world. Studies put the number of operational CCTV cameras at between two and four million, for a population of 60 million people. The country’s national DNA database holds records on six million people. Telecoms companies are mandated to store logs of all mobile-phone calls and text messages for 12 months, and to make the data available to government at all levels.

In many cities, closed-circuit cameras have built-in loudspeakers that allow operators — mainly local government employees — to speak directly to those they see live on-screen and suspect of foul behavior. As a result, British people are accustomed to the sight of cameras fixed to the outside of buildings, and on poles by the side of the road.

These are mostly of two kinds: standard CCTV cameras, in various sizes, perched like inquisitive birds on lamp posts and shopfronts; and speed cameras: boxy, painted yellow, which flash brightly when triggered by a speeding motorist.

At first glance, ANPR cameras resemble CCTV: indeed, many systems, such as the London Congestion Zone, run on repurposed standard cameras. Newer systems often incorporate two or three distinct lenses — “multiple eyes” — to capture wider areas at greater resolution, for better license plate recognition. But ultimately, the cameras are of many makes and many designs; there’s no way to tell what they’re being used for unless the operators choose to divulge that information. And the British police, the largest users of ANPR in the country, are reluctant to do so.

In 2009, a House of Lords report described the explosion of surveillance technologies as one of the most significant changes to Britain since the Second World War. It noted:

“Mass surveillance has the potential to erode privacy. As privacy is an essential pre-requisite to the exercise of individual freedom, its erosion weakens the constitutional foundations on which democracy and good governance have traditionally been based in this country.”

This has been described as an acceptable price to pay for greater security, but studies of surveillance technology fail to support that argument.

One review of 44 separate CCTV studies, published the same year as the House of Lords report, showed that the more than £500 million ($780 million) spent on CCTV in Britain in the decade up to 2006 had produced only modest benefits. The report’s most damning conclusion found that where CCTV was at its most effective — preventing vehicle crime in car parks — the same results could be achieved simply by improving lighting in the parking area.

Advocates of surveillance technology also highlight the legal safeguards that govern its use, but this argument is open to criticism too. It is true that some data logs are subject to strict restrictions: security video from rail stations, for example, is kept for just 14 days. But police data procedures are very different. The National ANPR Data Centre stores a full two years of vehicle records, which are accessible to anyone with ANPR authorization for 90 days. This is possible because Britain’s privacy laws do not consider vehicle records to be personal data, a bizarre stance given that the vast majority of vehicles are registered to individuals.

Even when the privacy safeguards designed to prevent the abuse of surveillance technology kick in, the systems can still survive.

In July 2013, the Information Commissioner’s Office (ICO), which is responsible for overseeing Britain’s privacy laws, issued an enforcement notice regarding Hertfordshire Police’s use of ANPR around the small town of Royston.

Despite having a population of just 15,000 and a relatively low crime rate, the town was encircled in 2011 by ANPR cameras that record every vehicle that enters and leaves, 24 hours a day. Following a complaint by privacy groups, the ICO ruled that the system had not taken privacy into account, making it a violation of the Data Protection Act. The town’s police force reacted by saying that while they will work with the commissioner, they would continue using the cameras, and monitoring the citizens of Royston, for the foreseeable future.

BY 2010, THE NATIONAL ANPR system was capturing up to 12 million records per day, using over 5,000 cameras. Internal police figures show that increasing to 15 million reads in 2011, while access to private camera data doubled the size of the network. What is not known is how many of the UK’s 34 million registered vehicles are captured, and at what rate. Also unknown is the true reach of the system, which areas it covers and what the distribution of cameras is. This opacity, it turns out, is entirely deliberate: the police have repeatedly and forcefully rejected efforts to understand the true magnitude of the network.

In August 2009, MATTER’s SA Mathieson filed a Freedom of Information request on behalf of The Guardian, asking for the locations of ANPR cameras used by police in Devon and Cornwall, two large but sparsely populated counties that make up much of England’s south-west peninsula. The idea was to explore how the force had configured its cameras to cover such a large area.

But instead of being processed as normal, the request became the subject of a tug of war that lasted three years.

First the application was turned down by Devon and Cornwall Police, and then by the Information Commissioner’s Office. That decision was taken to the Information Rights Tribunal, where it was appealed and the earlier decision subsequently overturned. However, the police counter-appealed and had the reversal struck down. In June 2012, a final tribunal conclusively dismissed the application: the attempt to force the disclosure of camera locations had failed.

Despite the extensive, convoluted efforts by the police to keep the data out of the public domain, their push for secrecy was not entirely successful. While they kept camera locations under wraps in order to make their case, the police were forced to disclose hundreds of pages of evidence on the workings of ANPR. These included information on how some criminals were avoiding and sabotaging the very system the police were trying so hard to protect.

In the evidence, the police detailed how professional criminals were aware of the location of many ANPR installations, and had developed ways to avoid detection. These include changing the way they drive “a properly trained driver can adopt a particular driving style that will greatly reduce the chance of the vehicle being detected by ANPR,” said one statement, “and modifying plates so that they are harder to read.” These sections of the documents were blacked out until their redaction was successfully challenged in court.

Meanwhile, a statement from the Police Service of Northern Ireland — operators of an extensive camera network which is not counted among the estimates for England and Wales — provided even more evidence that camera positions are widely known by those who take a direct interest in finding them.

“There has been a concentrated effort by criminals to damage a number of our sites,” it said. “One such site has been damaged and rendered non-effective three times in the past few months, the cost to repair, apply counter measures and re-install has amounted to over £12,000. Another site has been set on fire and completely destroyed; the cost to repair and apply counter measures has amounted to over £24,000.”

Despite evidence that criminals are already familiar with the system and its weaknesses, the police contend that knowledge of ANPR locations decreases the efficacy of the whole system. But the physical locations, and their obscurity, stand in for a wider obfuscation of the system, as well as the often-mistaken public perceptions of it.

In their deposition to the Freedom of Information case, Devon and Cornwall police referred to a burglary case that was dropped because it would have required them to divulge the location of an ANPR camera. Instead, they said, it was preferable to withdraw the prosecution “so that the integrity of that camera could be maintained for future use.” In this case, and an unknowable number of others, the covert operation that is apparently required for the system to function to its full potential is in direct conflict with that potential.

Thus a system shrouded in secrecy is compelled to prioritize that secrecy over the full exercise of the law, degrading justice in the same manner in which secret courts and secret intelligence have led to the gradual erosion of ancient legal rights, among them habeas corpus.

This culture of secrecy surrounding technology-led policing is corrosive in other ways.

In 2010, Birmingham City Council and West Midlands Police announced Project Champion, an initiative to combat anti-social behavior and street crime. Over 150 ANPR cameras and almost 50 CCTV cameras were installed in and around the neighbourhoods of Washwood Heath and Sparkbrook. Forty were classified as covert, most likely hidden in trees and walls. The result was another version of the ring of steel, preventing local residents from entering or leaving the area without their cars being tracked.

Washwood Heath and Sparkbrook both have large Muslim populations, and Birmingham councillors were concerned that the program would unfairly target their Muslim constituents and damage community relations. Their misgivings were dismissed by West Midlands Police, who repeatedly said the scheme was in place for public “reassurance” and “crime prevention.”

But in June 2010, an investigation revealed that the £3 million ($4.6 million) camera network had actually been funded entirely by a national anti-terrorism initiative. The object was not to protect local residents: it was to create a “vehicle movement net” that would allow operators to covertly watch potential terrorism suspects.

It was a public relations disaster, and West Midlands Police and the city council were forced to apologize for masking the true intentions of the system. Residents voiced their anger at public meetings, graffiti on local walls declared “you are now entering a police state” and bags were placed over the cameras to prevent them from being used.

THE NATIONAL NETWORK DOES NOT just observe in real time: it can be used to look back through history, too. Take one routine traffic stop in June 2012 as an example.

It was a Saturday afternoon, and a South Yorkshire police officer pulled over an ageing Renault Laguna on the M1. When the man at the wheel gave conflicting answers to the officer’s questions, the registration details were run through the police computer; the car, it emerged, was not insured. According to procedure, the vehicle was impounded, and the occupants, two young men named Omar Khan and Jewel Uddin, were sent to the nearest train station to get home.

The following Monday, the police received a call from the pound: inside the car, workers had discovered an arsenal that included knives, swords and shotguns, as well as a homemade explosive device adapted from a firework that contained 350 nails and almost 100 ball bearings. Officers were shocked by the discovery, and a massive counter-terrorism operation swung into action. The aim was to track down not just Khan, 27, and Uddin, 26, but anyone who might have been associated with whatever plot they were involved in before they could destroy evidence or leave the country.

Earlier on the day they were stopped, it emerged, Khan and Uddin had travelled from Birmingham to Dewsbury, where they planned to attack a rally by the English Defence League, a controversial far-right group. They had prepared carefully, building their stash of weapons, purchasing the Laguna at short notice and leaving their mobile phones at home to avoid leaving a trail of data. But the trip did not go as planned: the EDL march, lacking speakers, finished early, and the group’s supporters had dispersed by the time the men arrived. Instead of launching an attack, they dropped into a local shop for fish and chips, before getting back into their car for the trip home.

When the police used ANPR data to study Khan and Uddin’s movements, they uncovered another surprise: the duo hadn’t travelled alone. Officers dug into the national database using a technique called “convoy analysis.” First, every record of Khan and Uddin’s car trip was recalled from the system. Then another set of plate numbers was generated: those of every car that had passed by those same cameras within a few seconds or minutes of the pair. By comparing this set with those at the next camera site, and the next, and the next, the police identified a second car that had travelled in convoy with them from Birmingham to Dewsbury. Within 48 hours, police arrested not only Khan and Uddin, but four further members of the group from the second car. All six men later plead guilty to preparing an act of terrorism, and were sentenced to a total of 111 years in prison.

Mohammed Hasseen, Jewel Uddin, Anzal Hussain, Zohaid Ahmed, Omar Khan and Mohammed Saud were convicted for a total of 111 years

Convoy analysis is not the only advanced technique made possible by the ANPR database. One common criminal tactic for avoiding insurance, speeding tickets, or having a car identified in any way, is to clone the plate of a vehicle that is registered to a different owner. (Most European countries mandate a single national supplier for license plates, but the UK has 40,000 suppliers and virtually no oversight of production quality, or security.)

So, in addition to looking for vehicles already under suspicion, the ANPR system seeks out “impossible journeys” records in the database that should simply not be achievable, such as a car apparently passing two cameras, hundreds of miles apart, in the space of a few minutes. Data like that suggests a cloned plate, and an alert can be issued to find out which vehicle is using the plate illegally.

Other types of algorithmic investigation are being developed all the time. The police now use pattern analysis not just to see where a car has been, but to predict where it might be in the future. Sometimes this is used to re-establish human surveillance of a target who has slipped the net. It is also used to build a list of potential witnesses to an incident by finding those who regularly travel past the spot in question at a specific time. And then, sometimes, it helps law enforcement decide where to wait if they want to stop a car that has produced a hit on the hotlist.

These techniques show the real key to the power of the ANPR network. It is not merely a group of roadside cameras, and it does not just react to what it sees immediately: it is a vast database of historical movements. Every vehicle it captures is saved, analyzed and reviewed. This is what transforms the network from a simple, real-time identification tool into a system of pervasive and algorithmic surveillance.

It’s easy to think that automated, networked surveillance methods such as ANPR, CCTV and internet monitoring could not truly be useful because there is simply too much information to be adequately processed and comprehended. As the Chapman case shows, this can be true. Nobody can watch all of the monitors all of the time or follow up every lead as soon as it is generated. In a great number of cases, ANPR will fail to provide a basis for real-time action.

But the technology is advancing fast enough to push many of these concerns to the side. Thanks to the falling cost of data storage, and the increased sophistication of algorithmic analysis, far more complex operations are becoming possible. And this is the real outcome of ANPR and all other contemporary surveillance technologies. They have the potential to create a comprehensive database of peoples’ activity, that, over time, can be stored, searched, analyzed, and exploited.

OVER THE PAST DECADE, countries all around the world have started to employ the same technologies Britain has been building for 30 years. Australia began fitting mobile ANPR units to its highway patrol vehicles in 2009. The small Belgian city of Mechelen was selected to trial the system in 2011: by the following year, the city was already monitoring a quarter of a million vehicles every month. The results of the program, including the discovery of 224 stolen vehicles, are now being used to justify the installation of high-definition CCTV and facial recognition systems throughout the city center.

Italy, the Netherlands, Ukraine and Turkey: all are among the ever-expanding list of countries now rolling out plate-reading systems at scale.

In the United States, implementations have multiplied many times over in recent years. Thanks to lobbying and financial support from insurance companies, Oklahoma and Arizona, among other states, have introduced extensive ANPR networks aimed at catching uninsured drivers. Other deployments, meanwhile, have a more familiar feeling.

When the city of San Leandro, California, purchased ANPR cameras for its police force in 2009, local resident Michael Katz-Lacabe, using a Freedom of Information request, discovered that his car had been captured by the system more than 100 times in a matter of months. The report generated by the local police department included a photograph of him and his daughters getting out of their car in their own driveway.

The photograph of Michael Katz-Lacabe and his daughters from the local police report

Up and down California, cities are using the ring of steel model to surveil citizens. Just a few miles to the north of San Leandro, another adopter is the upmarket enclave of Piedmont: a tiny city of some 10,000 well-heeled residents that is completely encircled by the larger, poorer and more crime-ridden city of Oakland. Piedmont residents, concerned about a spate of burglaries and robberies in their area, recently voted to install 36 cameras, enough to cover every road into or out of the city.

On the other side of the country, New York state, flush with homeland security funding in the years after 9/11, has installed more than 100 cameras, with no limits to how long the data they collect may be retained. In December 2013, Boston Police halted its license plate collection after it inadvertently released more than 68,000 detailed vehicle records to the public, including plate numbers and GPS locations. Every single police department in the Boston region uses ANPR.

The unregulated nature of ANPR in the United States means that the information regularly leaks out, and can be acquired by third parties — or even sold. Among the vendors is a Texas-based company called TLO, which provides so-called data solutions to law enforcement agencies, lawyers, and private investigators. These “solutions” include individuals’ personal information, addresses, employment, relatives and assets. TLO maintains a vehicle sightings database containing, it claims, one billion location records, with an additional 50 million added each month. For $10, anyone can look up a vehicle’s log to see when and where it has been seen, and even obtain the sort of photographic evidence uncovered by Katz-Lacabe.

In 2013, the American Civil Liberties Union mapped the data retention policies of American police departments.

Not every nation is so enthusiastic about the technology. In Germany, the federal court ruled in 2008 that ANPR systems that keep data without a predetermined reason — such as to track suspected terrorists — violated privacy laws. But this is an isolated position. Complex analysis requires the routine storage of sightings of all vehicles, not just those under immediate suspicion. Indeed, convoy analysis is so powerful that it now comes as a built-in feature of many ANPR systems.

In one of the less-discussed revelations from the recent National Security Agency congressional hearings in Washington DC, the agency revealed that it routinely looks at a network “two or three hops” from any given suspect when analysing the data it picks up. That means it observes not just a person’s direct associates, but associates’ of those associates, and the associates of the associates of the associates.

When dealing with data, it is easy to make connections, which then justifies making further connections. This, in turn, encourages the retention of data for longer and longer periods. The ease of technological analysis makes retention, not deletion, the default option: a subtle twist on the old argument that if you have done nothing wrong, you have nothing to hide.

Today, the legal basis for such searches often lives in the gray areas of existing law. The UK’s privacy legislation, for example, was passed at a time when the focus was on individual access to data, not algorithmic searches. The legal principles around accessing stored data concern who has the right to request particular kinds of information from the database and how far back those searches can go.

What is not considered is how such information may be reviewed automatically, algorithmically, and retrospectively. This failure results in a huge swathe of personal information, supposedly protected information, constantly being accessed by the system itself.

The computerized nature of these searches can make them appear irreproachable: it’s not people looking at the data, just machines. But this is a dangerous assumption, and you do not have to look far to see why: the commissioner who oversees Britain’s warrant-based surveillance recently revealed that six people were wrongfully detained and falsely accused of crimes last year after police and security services incorrectly analyzed their internet use.

DESPITE THE ARGUMENTS made in favor of algorithmic collection and analysis, ANPR’s track record is poor. Unlike many other surveillance systems, no major study of its efficiency has yet been conducted, leaving those who support it with a handful of highly-publicised cases where technological intervention was deemed a success.

Yet even in these instances, ANPR’s success is often nothing of the sort. Peter Chapman may have plead guilty to murdering Ashleigh Hall and received a 35 year minimum sentence for his crime, but it wasn’t murder that the police wanted to stop him for. And it wasn’t ANPR that prevented a tragedy in Dewsbury: it was the incompetence of the would-be attackers. They were arrested after their planned strike, not before — and it was because the group missed their target rally, not because law enforcement had intervened. Likewise, their motives were discovered only because their car was impounded for not being insured. This, it turns out, was because they had entered their details incorrectly when buying insurance online.

In fact, Dewsbury was in many ways a failure of surveillance, not a success: Jewel Uddin had actually been under observation by the West Midlands Counter-Terrorism Unit, a joint team of detectives and MI5 intelligence staff. Just five days before the failed attack, a surveillance officer watched him and Khan enter a home store in Birmingham, where they bought the knives they stashed in the back of the Laguna. But nobody was watching earlier in the month, on the day when Uddin and another plotter, their 22-year-old friend Mohammed Hasseen, went on a reconnaissance trip to Dewsbury, nor when they returned to carry out their grisly mission. Internal enquiries by West Midlands Police concluded that everything that could have been done was done… and yet uncovering the intent of Uddin and his conspirators relied on a daisy chain of good luck and coincidence.

In 2005, Frank Whiteley, then chief constable of Hertfordshire and the man responsible for nationwide implementation of ANPR, was asked what the technology’s long-term effects on policing might be, and whether it might be as as important as the forensic use of fingerprints or DNA profiling.

Whiteley replied: “It has the capability to be as revolutionary. I would describe it as a ubiquitous policing tool. You can use it in all sorts of different ways.”

In fact, both the Dewsbury case and that of Peter Chapman would appear to show that ANPR is neither as ubiquitous, nor as effective, as it is presented by the police. Instead it works best as an adjunct to other investigatory techniques, many of which do not require widespread surveillance of millions of innocent people.

JOHN AND LINDA CATT were driving into central London early one Sunday morning when they were stopped and searched by police officers. At the time of the stop, in July 2005, Linda was 45, and John, her father, was an 80-year-old with a shock of white hair. Officers told them they were being searched under the Terrorism Act. The Catts, who had no criminal convictions, were threatened with arrest if they refused to answer police questions.

Although they didn’t know it at the time, minutes before they were stopped their van had been captured by the ANPR network, which had triggered an alert: “Of interest to Public Order Unit, Sussex police.”

This is why most ANPR stops occur: on the basis of a single, non-specific alert among a flood of thousands issued each day. But the Catts weren’t terrorists or drug dealers or armed robbers. After they filed a complaint about the incident, they discovered what had made them of interest to law enforcement: they had attended a series of legal and peaceful protests against the EDO Corporation, an American arms manufacturer that used to supply weapons systems to the United States and Israel.

Police had spotted their vehicle at protests and decided that it should be tracked, tagging them as “domestic extremists”.

Notes disclosed as a result of John Catt’s complaint showed exactly how extreme he had been: at one protest he had been wearing a T-shirt urging the United States to free Omar Khadr, a 15-year-old boy who had been captured and imprisoned in Guantanamo Bay since 2002, making him the first child to be prosecuted by a military tribunal since the Second World War. Catt, the police file said, was “very quiet” and was “holding up a board with orange people on it”.

In the eight years since they were stopped, Linda and John have tried to get their lawful activities removed from the police databases that track them. Along the way, the police watchdog has said that Sussex Police acted unlawfully by marking his vehicle, and some of the country’s most senior judges have ruled that the Metropolitan Police wrongly interfered with his right to a private life. But the police have fought back every step of the way, and the case is ongoing.

The Catts are not alone. Another man, who spoke to journalists but chose to remain anonymous to prevent further harassment, says he was stopped more than 25 times by police under a variety of pretences after he had attended a peaceful local protest against duck and pheasant shooting. He finally made a formal complaint after police armed with machine guns pulled him over during an evening out with his wife.

The police collect data at other events too, like the 2009 demonstration that took place in fields around Kingsnorth power station, in Kent. After protestors assembled for what they described as “a piece of political theater,” local police confiscated all of their supplies, from tents to clown costumes, and moved mobile ANPR units to the surrounding roads. Local government officials were appalled, but it soon emerged that surveillance and tracking of vehicles associated with legal public protest was not only routine, but actively encouraged by a number of police forces. In a 2008 briefing document, senior officers were instructed to “fully and strategically exploit” the ANPR database for tracking anyone involved in protests, or those who had previous convictions for motoring offences, such as drunk-driving.

What is common to all of these cases is that in each one the police followed established guidelines laid down in laws and public policy documents. The intent was debatable, but it is the regulations that are flawed. It is the regulations that exempted vehicle data from privacy protections, and it is the regulations that do not mention the very real possibilities of harassment, intrusion of privacy and wrongful arrest that are inherent risks of blanket and automated surveillance systems.

The public, of course, is just as susceptible to the glamour of technology as policy-makers are. A separation has long existed in the minds of the public between government and corporate surveillance structures, despite the symmetrical nature of, say, the ANPR network and a private social network like Foursquare — a service that allows people to “check in” and record their locations on their phones. Both are well-distributed systems devised to track individual movements, store that data potentially indefinitely and mine it for useful information.

In contrast to the ANPR database, the social database — one of Facebook connections, Instagram tags, Gmails and much else — is one we have built ourselves, but it does as much as any top-down system to weaken both our expectations and the reality of our privacy.

London riots. Matthew Lloyd/Getty

FOLLOWING THE LONDON RIOTS, the Metropolitan Police held talks with the BBC and other aggregators of user-generated content about how it could best monitor the flow of social data during crisis situations. The New York Police Department’s Facial Recognition Unit, meanwhile, routinely downloads photos from Facebook and Instagram to match against its database of wanted persons. And, as has been revealed in the hundreds of secret documents that Edward Snowden and others have leaked into the public domain, the security services regularly access vast amounts of our data, either by requesting it from information providers, or by tapping directly into the cables that carry it.

A service like Foursquare differs from ANPR in that it has the formal, individual consent of those it tracks, but what is common to both is that the intangibility of contemporary networks conceals the true extent of their operation. This is particularly obvious in the case of ANPR, a system that the police insist must remain partially secret in order to function correctly, even as that secrecy corrodes the laws and social contracts the technology is supposed to uphold. Members of the public, so the argument goes, cannot be allowed to know when and where they are being monitored, while the law cannot be framed in a way that accounts sufficiently for potential future data-mining techniques based on the information gathered.

This invisibility extends through physical, virtual, and legal spaces. British guidelines stipulate that under most circumstances video surveillance must be accompanied by notification: usually visible signage stating the presence of surveillance and the details of who operates it. In practice, such rules are frequently ignored — and even when followed to the letter, they are insufficient. What is required is not only a notice about the ownership of such information, but the ways in which it is used: not just “surveillance is in operation here,” but “data storage and analysis is in operation here, and elsewhere, and will be for some time”.

The failure to adequately explain and signpost these technologies is why the police and intelligence agencies must fight a constant public relations battle over surveillance. It’s also why the public reacts with such shock to revelations about the true nature of the rings of steel around Royston and Birmingham, and of the far more intrusive operations of the NSA and the British equivalent, GCHQ.

This shock stems from a breakdown of consent.

Consent, the bedrock on which the agreement to be policed is based, is meaningless without comprehension, and comprehension is impossible without visibility. It is only when people are brought face-to-face with the reality of surveillance — as the Catts were, and as the people of Washwood Heath and Sparkbrook were — that they see how their privacy, and their right to be presumed innocent, have been affected.

Yet the retention of data by the current ANPR system, and by similar technologies, is not inevitable. Many decisions were made during its implementation, and many can be remade without affecting its primary function. In the United States, where there is no national oversight of license plate scanners, a number of states have proposed laws that would severely curtail data storage. The UK could follow. It has now created a new code of conduct and appointed another watchdog, known as the Surveillance Camera Commissioner, although it has yet to be seen what the results will be.

Technology is a tool: it is a process by which political and human desires are instantiated in the world. What is significant about that instantiation is that it must take a visible form. It may be a written, readable code, or a physical infrastructure in the landscape: servers in data centres, cameras on poles by the roadside, rusting signs on forecourt walls declaring the owner’s intentions.

When there is pressure to obscure that infrastructure — camouflaging cameras, closing down networks, or blocking freedom of information requests — a corresponding pressure is exerted on the very democracy it purports to uphold.

The arguments about privacy and public consent that ANPR stimulates are crucial and necessary, and of concern to us all. They are not abstract, but instead rooted in the environment around us: on street corners, road bridges and city centers, in the everyday.

This story was written by James Bridle, edited by Bobbie Johnson with assistance from SA Mathieson, fact-checked by Lewis Scrafton and copy-edited by Georgia Cool. Penny Scott-Andrews narrated the audio version.

Follow Matter on Twitter | Like us on Facebook | Subscribe to our newsletter


The original flagship publication of Medium

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store