Police use of number plate tracking technology has increased to around 15,000 uses a month. Photo / Wang Gang
Five police officers are facing internal integrity inquiries after being found to have improperly used the automatic number plate recognition system - including two who used the system’s real-time tracking ability to carry out surveillance on cars they owned.
There were another 120 officers found to have used the systemto track their own vehicles, but police still don’t know if they were using it in an improper way or to learn how the system works, even though six months have passed since the audit began.
It is the first time police have carried out an audit into the use of two large, privately-owned networks of CCTV cameras, even though a privacy impact assessment in 2017 recommended constant monitoring and reporting of use be introduced along with the system.
The network pulls in and stores images of number plates from petrol stations, supermarkets, shopping malls and a host of other retail outlets across the country. Police can then opt to search for “historical” images - those that aren’t live - or to carry out real-time tracking.
In the four years it has been operating, the number of police searches went from dozens a month to around 15,000 searches. Of that wider number, the use of more intrusive real-time tracking has gone from about nine times a month in 2018 to 194 times a month in the second half of 2022.
The issue emerged when the Herald revealed police had falsely reported vehicles as being stolen so they could engage the real-time tracking system during the hunt for women suspected of carrying Covid-19 into Northland in 2021.
Police admitted it was not the first time that officers had done so, with another incident occurring in 2020.
It is unknown whether the new data about the misuse of the system includes those cases previously identified. Police headquarters has been asked, but has yet to respond.
Assistant Commissioner Mike Johnson of the police’s ANPR Steering Group said the small number of people found to have misused the system should give “general confidence” the system is being used appropriately.
The police audit released this afternoon showed the extent to which the tool was being used by police, with 6150 police staff able to access the system, 990 of whom could use it for real-time tracking.
It said the 120 police employees who searched for their own vehicles “most plausibly because they have used their own vehicle details to test the capabilities of the system” or because “their own vehicles have been stolen”.
The report said more than 350,000 uses of the system were checked in the audit of which four cases involving five police staff required a “specific follow‐up by the National Integrity Unit”. That included those who had carried out real-time surveillance on cars they owned. No other information was offered in the report about that use.
The audit had also identified changes that could be made to improve control of the system, such as making sure authorisation for certain requests was properly recorded.
The report said some of those changes took place while the audit was under way, and “some system enhancements have already been made”. It was now “clearer and more intuitive what level of supporting information needs to be recorded, as well as reinforcing expectations around responsible usage”.
There were also ideas around how police could boost confidence in appropriate use - as outlined in the 2017 privacy impact assessment - which were being discussed with the two companies that owned the networks, Auror and Safer Cities.
Other changes - including training police on what to do and what not to do if they become victims of crime - were with police governance for a final decision.
“The aim, as far as possible, is to design out the risk of any inappropriate use of these systems,” the report said.
Johnson said police had noted the “increase in use identified over a fairly short period”.
“Of the many thousands of transaction records reviewed during the audit, only a small handful of cases gave any cause for follow‐up questions, where it appeared staff may have operated inconsistently with policy.”
He said the audit results would be used to “drive” immediate and longer‐term actions for further improvement.
Police access the privately owned CCTV networks through deals with Auror and Safer Cities. As the systems are not owned by police, privacy impact assessments into their use were carried out by the companies - not police - which have not released the information.