Subdivision 1. Definition. As used in this section, "automated license plate reader" means an electronic device mounted on a law enforcement vehicle or positioned in a stationary location that is capable of recording data on, or taking a photograph of, a vehicle or its license plate and comparing the collected data and photographs to existing law enforcement databases for investigative purposes. Automated license plate reader includes a device that is owned or operated by a person who is not a government entity to the extent that data collected by the reader are shared with a law enforcement agency.
Subd. 2. Data collection; classification; use restrictions. (a) Data collected by an automated license plate reader must be limited to the following:
(1) license plate numbers;
(2) date, time, and location data on vehicles; and
(3) pictures of license plates, vehicles, and areas surrounding the vehicles.
Collection of any data not authorized by this paragraph is prohibited.
(b) All data collected by an automated license plate reader are private data on individuals or nonpublic data unless the data are public under section 13.82, subdivision 2, 3, or 6, or are active criminal investigative data under section 13.82, subdivision 7.
(c) Data collected by an automated license plate reader may only be matched with data in the Minnesota license plate data file, provided that a law enforcement agency may use additional sources of data for matching if the additional data relate to an active criminal investigation. A central state repository of automated license plate reader data is prohibited unless explicitly authorized by law.
(d) Automated license plate readers must not be used to monitor or track an individual who is the subject of an active criminal investigation unless authorized by a warrant, issued upon probable cause, or exigent circumstances justify the use without obtaining a warrant.
Subd. 3. Destruction of data required. (a) Notwithstanding section 138.17, and except as otherwise provided in this subdivision, data collected by an automated license plate reader that are not related to an active criminal investigation must be destroyed no later than 60 days from the date of collection.
(b) Upon written request from an individual who is the subject of a pending criminal charge or complaint, along with the case or complaint number and a statement that the data may be used as exculpatory evidence, data otherwise subject to destruction under paragraph (a) must be preserved by the law enforcement agency until the criminal charge or complaint is resolved or dismissed.
(c) Upon written request from a program participant under chapter 5B, automated license plate reader data related to the program participant must be destroyed at the time of collection or upon receipt of the request, whichever occurs later, unless the data are active criminal investigative data. The existence of a request submitted under this paragraph is private data on individuals.
(d) Data that are inactive criminal investigative data are subject to destruction according to the retention schedule for the data established under section 138.17.
Subd. 4. Sharing among law enforcement agencies. (a) Automated license plate reader data that are not related to an active criminal investigation may only be shared with, or disseminated to, another law enforcement agency upon meeting the standards for requesting access to data as provided in subdivision 7.
(b) If data collected by an automated license plate reader are shared with another law enforcement agency under this subdivision, the agency that receives the data must comply with all data classification, destruction, and security requirements of this section.
(c) Automated license plate reader data that are not related to an active criminal investigation may not be shared with, disseminated to, sold to, or traded with any other individual or entity unless explicitly authorized by this subdivision or other law.
Subd. 5. Log of use required. (a) A law enforcement agency that installs or uses an automated license plate reader must maintain a public log of its use, including but not limited to:
(1) specific times of day that the reader actively collected data;
(2) the aggregate number of vehicles or license plates on which data are collected for each period of active use and a list of all state and federal databases with which the data were compared, unless the existence of the database itself is not public;
(3) for each period of active use, the number of vehicles or license plates in each of the following categories where the data identify a vehicle or license plate that has been stolen, a warrant for the arrest of the owner of the vehicle or an owner with a suspended or revoked driver's license or similar category, or are active investigative data; and
(4) for a reader at a stationary or fixed location, the location at which the reader actively collected data and is installed and used.
(b) The law enforcement agency must maintain a list of the current and previous locations, including dates at those locations, of any fixed stationary automated license plate readers or other surveillance devices with automated license plate reader capability used by the agency. The agency's list must be accessible to the public, unless the agency determines that the data are security information as provided in section 13.37, subdivision 2. A determination that these data are security information is subject to in-camera judicial review as provided in section 13.08, subdivision 4.
Subd. 6. Biennial audit. (a) In addition to the log required under subdivision 5, the law enforcement agency must maintain records showing the date and time automated license plate reader data were collected and the applicable classification of the data. The law enforcement agency shall arrange for an independent, biennial audit of the records to determine whether data currently in the records are classified, how the data are used, whether they are destroyed as required under this section, and to verify compliance with subdivision 7. If the commissioner of administration believes that a law enforcement agency is not complying with this section or other applicable law, the commissioner may order a law enforcement agency to arrange for additional independent audits. Data in the records required under this paragraph are classified as provided in subdivision 2.
(b) The results of the audit are public. The commissioner of administration shall review the results of the audit. If the commissioner determines that there is a pattern of substantial noncompliance with this section by the law enforcement agency, the agency must immediately suspend operation of all automated license plate reader devices until the commissioner has authorized the agency to reinstate their use. An order of suspension under this paragraph may be issued by the commissioner, upon review of the results of the audit, review of the applicable provisions of this chapter, and after providing the agency a reasonable opportunity to respond to the audit's findings.
(c) A report summarizing the results of each audit must be provided to the commissioner of administration, to the chairs and ranking minority members of the committees of the house of representatives and the senate with jurisdiction over data practices and public safety issues, and to the Legislative Commission on Data Practices and Personal Data Privacy no later than 30 days following completion of the audit.
Subd. 7. Authorization to access data. (a) A law enforcement agency must comply with sections 13.05, subdivision 5, and 13.055 in the operation of automated license plate readers, and in maintaining automated license plate reader data.
(b) The responsible authority for a law enforcement agency must establish written procedures to ensure that law enforcement personnel have access to the data only if authorized in writing by the chief of police, sheriff, or head of the law enforcement agency, or their designee, to obtain access to data collected by an automated license plate reader for a legitimate, specified, and documented law enforcement purpose. Consistent with the requirements of paragraph (c), each access must be based on a reasonable suspicion that the data are pertinent to an active criminal investigation and must include a record of the factual basis for the access and any associated case number, complaint, or incident that is the basis for the access.
(c) The ability of authorized individuals to enter, update, or access automated license plate reader data must be limited through the use of role-based access that corresponds to the official duties or training level of the individual and the statutory authorization that grants access for that purpose. All queries and responses, and all actions in which data are entered, updated, accessed, shared, or disseminated, must be recorded in a data audit trail. Data contained in the audit trail are public, to the extent that the data are not otherwise classified by law.
Subd. 8. Notification to Bureau of Criminal Apprehension. (a) Within ten days of the installation or current use of an automated license plate reader or the integration of automated license plate reader technology into another surveillance device, a law enforcement agency must notify the Bureau of Criminal Apprehension of that installation or use and of any fixed location of a stationary automated license plate reader.
(b) The Bureau of Criminal Apprehension must maintain a list of law enforcement agencies using automated license plate readers or other surveillance devices with automated license plate reader capability, including locations of any fixed stationary automated license plate readers or other devices. Except to the extent that the law enforcement agency determines that the location of a specific reader or other device is security information, as defined in section 13.37, this list is accessible to the public and must be available on the bureau's website. A determination that the location of a reader or other device is security information is subject to in-camera judicial review, as provided in section 13.08, subdivision 4.
2015 c 67 s 3; 1Sp2021 c 11 art 3 s 4
Structure Minnesota Statutes
Chapters 13 - 13C — Data Practices
Chapter 13 — Government Data Practices
Section 13.01 — Government Data.
Section 13.025 — Government Entity Obligation.
Section 13.03 — Access To Government Data.
Section 13.04 — Rights Of Subjects Of Data.
Section 13.045 — Safe At Home Program Participant Data.
Section 13.05 — Duties Of Responsible Authority.
Section 13.055 — Disclosure Of Breach In Security; Notification And Investigation Report Required.
Section 13.06 — Temporary Classification.
Section 13.07 — Duties Of Commissioner; Rules.
Section 13.072 — Opinions By The Commissioner.
Section 13.073 — Public Information Policy Training Program.
Section 13.08 — Civil Remedies.
Section 13.085 — Administrative Remedy.
Section 13.10 — Data On Decedents.
Section 13.15 — Computer Data.
Section 13.201 — Rideshare Data.
Section 13.202 — Political Subdivision Data Coded Elsewhere.
Section 13.203 — Service Cooperative Claims Data.
Section 13.319 — Education Data Coded Elsewhere.
Section 13.32 — Educational Data.
Section 13.321 — Prekindergarten To Grade 12 Educational Data Coded Elsewhere.
Section 13.3215 — University Of Minnesota Data.
Section 13.322 — Postsecondary Education Data Coded Elsewhere.
Section 13.34 — Examination Data.
Section 13.35 — Federal Contracts Data.
Section 13.355 — Social Security Numbers.
Section 13.356 — Personal Contact And Online Account Information.
Section 13.37 — General Nonpublic Data.
Section 13.3805 — Public Health Data.
Section 13.3806 — Public Health Data Coded Elsewhere.
Section 13.381 — Health Regulatory Data Coded Elsewhere.
Section 13.383 — Health Occupations Investigative Data Coded Elsewhere.
Section 13.384 — Medical Data.
Section 13.386 — Treatment Of Genetic Information Held By Government Entities And Other Persons.
Section 13.387 — Health Care Contract Data.
Section 13.39 — Civil Investigation.
Section 13.392 — Internal Auditing Data.
Section 13.40 — Library And Historical Data.
Section 13.401 — Library And Historical Data Coded Elsewhere.
Section 13.41 — Licensing Data.
Section 13.411 — Licensing Data Coded Elsewhere.
Section 13.43 — Personnel Data.
Section 13.435 — Salary Benefit Survey Data.
Section 13.44 — Property Data.
Section 13.441 — Property Data Coded Elsewhere.
Section 13.461 — Human Services Data Coded Elsewhere.
Section 13.462 — Benefit Data.
Section 13.463 — Education Support Services Data.
Section 13.465 — Family And Domestic Relations Data Coded Elsewhere.
Section 13.467 — Foster Care Data.
Section 13.47 — Employment And Training Data.
Section 13.485 — Corporation Data Coded Elsewhere.
Section 13.487 — Trade Regulation And Consumer Data Coded Elsewhere.
Section 13.495 — Lodging Tax Data.
Section 13.4961 — General Tax Data Coded Elsewhere.
Section 13.4963 — Classification And Disclosure Tax Data Coded Elsewhere.
Section 13.4965 — Property Tax Data Coded Elsewhere.
Section 13.4967 — Other Tax Data Coded Elsewhere.
Section 13.51 — Assessor's Data.
Section 13.52 — Deferred Assessment Data.
Section 13.548 — Social Recreational Data.
Section 13.55 — Convention Center Data.
Section 13.552 — Human Rights Data Coded Elsewhere.
Section 13.585 — Housing Agency Data.
Section 13.586 — Housing Agency Data Coded Elsewhere.
Section 13.587 — Emergency Services For Homeless Persons; Private Data.
Section 13.59 — Housing And Redevelopment Data.
Section 13.591 — Business Data.
Section 13.598 — Employment And Economic Development Data Coded Elsewhere.
Section 13.601 — Elected And Appointed Officials.
Section 13.602 — Elected And Appointed Official Data Coded Elsewhere.
Section 13.605 — Legislative Data.
Section 13.606 — Legislative Data Coded Elsewhere.
Section 13.607 — Campaign Finance, Public Disclosure, And Election Data Coded Elsewhere.
Section 13.63 — Retirement Data.
Section 13.631 — Retirement Data Coded Elsewhere.
Section 13.632 — Teachers Retirement Fund Association Data; Certain Cities.
Section 13.635 — General State Agency Data Coded Elsewhere.
Section 13.64 — Administration; Management And Budget Data.
Section 13.6401 — Administration And Management And Budget Data Coded Elsewhere.
Section 13.643 — Agricultural Data.
Section 13.6435 — Agricultural Data Coded Elsewhere.
Section 13.65 — Attorney General Data.
Section 13.67 — Employee Relations Data.
Section 13.6705 — Employee Relations Data Coded Elsewhere.
Section 13.679 — Public Utility Data.
Section 13.68 — Energy And Financial Data And Statistics.
Section 13.681 — Energy And Utilities Data Coded Elsewhere.
Section 13.685 — Municipal Utility Customer Data.
Section 13.69 — Public Safety Department Data.
Section 13.6905 — Public Safety Data Coded Elsewhere.
Section 13.711 — Department Of Commerce Data; Release Of Complaint To Respondent.
Section 13.712 — Commerce Data Coded Elsewhere.
Section 13.713 — Banking Data Coded Elsewhere.
Section 13.714 — Insurance Trust Data; Private And Nonpublic Data.
Section 13.715 — General Insurance Powers Data; Surplus Line Insurance.
Section 13.716 — General Insurance Powers Data Coded Elsewhere.
Section 13.717 — Insurance; Health Care Cost Containment Data Coded Elsewhere.
Section 13.719 — Miscellaneous Insurance Data.
Section 13.7191 — Miscellaneous Insurance Data Coded Elsewhere.
Section 13.72 — Transportation Department Data.
Section 13.721 — Transportation Data Coded Elsewhere.
Section 13.741 — Pollution Control; Environmental Quality Data.
Section 13.7411 — Pollution Control And Environmental Quality Data Coded Elsewhere.
Section 13.745 — Pari-mutuel Horse Racing Coded Elsewhere.
Section 13.746 — Gaming Data Coded Elsewhere.
Section 13.785 — Veterans Data Coded Elsewhere.
Section 13.79 — Department Of Labor And Industry Data.
Section 13.7905 — Labor And Industry Data Coded Elsewhere.
Section 13.7908 — Bureau Of Mediation Services Data.
Section 13.791 — Rehabilitation Data.
Section 13.7911 — Bioprocess Piping And Equipment Data.
Section 13.792 — Private Donor Gift Data.
Section 13.793 — Natural Resource Data; Mineral Data.
Section 13.7931 — Natural Resource Data Coded Elsewhere.
Section 13.7932 — Logger Safety And Education Program Data.
Section 13.80 — Domestic Abuse Data.
Section 13.805 — Address Confidentiality Data Coded Elsewhere.
Section 13.82 — Comprehensive Law Enforcement Data.
Section 13.821 — Videotapes Of Child Abuse Victims.
Section 13.822 — Sexual Assault Data.
Section 13.823 — Domestic Abuse Or Sexual Assault Programs.
Section 13.824 — Automated License Plate Readers.
Section 13.825 — Portable Recording Systems.
Section 13.83 — Medical Examiner Data.
Section 13.84 — Court Services Data.
Section 13.841 — Court Services Data Coded Elsewhere.
Section 13.85 — Corrections And Detention Data.
Section 13.851 — Corrections And Detention Data Coded Elsewhere.
Section 13.854 — Release Of Arrested, Detained, Or Confined Person; Automated Notification Service.
Section 13.856 — Ombudsperson For Corrections; Data.
Section 13.86 — Investigative Detention Data.
Section 13.861 — Security Service Data.
Section 13.87 — Criminal Justice Data.
Section 13.871 — Criminal Justice Data Coded Elsewhere.
Section 13.873 — Integrated Search Service Data Subject Access.
Section 13.875 — Juvenile Justice Data Coded Elsewhere.
Section 13.876 — Foster Youth Ombudsperson; Data.
Section 13.88 — Community Dispute Resolution Center Data.
Section 13.89 — Dissemination Of Data To Protection And Advocacy Systems.