US-CaliforniaAre license plate reader records protected by California privacy law?
Yes, license plate reader (LPR) records are protected under California’s Automatic License Plate Reader Privacy Act, which limits collection, use, retention, and sharing of such data.
What the Law Says
California’s Automatic License Plate Reader Privacy Act — enacted as Assembly Bill 287 in 2015 — establishes strict rules for how law enforcement agencies may collect, store, share, and audit ALPR data.
The law applies to all state and local law enforcement agencies that operate automatic license plate readers. It defines 'ALPR data' as images of license plates, timestamps, GPS coordinates, and associated vehicle information captured by these systems.
Under the law, agencies must adopt written policies governing ALPR use, publicly post those policies, and submit annual reports to the California Department of Justice. They must also conduct annual audits of their ALPR data practices.
Crucially, the law imposes hard limits on how long data can be retained: non-hit data (records not linked to an active investigation or warrant) must be destroyed within 30 days; hit data (records tied to a specific investigation, arrest, or court proceeding) may be retained up to 2 years — unless extended by court order or statute.
Statutory TextAll ALPR data that is not associated with an active investigation, arrest, citation, or judicial proceeding shall be destroyed not later than 30 days after the date of acquisition.
— Civil Code § 1798.90.04(a) — Automatic License Plate Reader Privacy Act
Statutory TextALPR data that is associated with an active investigation, arrest, citation, or judicial proceeding may be retained for not more than two years after the date of acquisition, unless a court order or other provision of law requires longer retention.
— Civil Code § 1798.90.04(b) — Automatic License Plate Reader Privacy Act
Statutory TextEach agency that operates an ALPR system shall conduct an annual audit of its ALPR data practices and submit a report to the Attorney General.
— Civil Code § 1798.90.05 — Automatic License Plate Reader Privacy Act
What Courts Have Said
Courts have affirmed that ALPR data implicates significant privacy interests under both the California Constitution and statutory privacy protections.
Held that prolonged, suspicionless collection of ALPR data across vast geographic areas raises reasonable expectations of privacy and requires judicial oversight under article I, section 1 of the California Constitution.
Recognized that ALPR data, when aggregated over time, reveals intimate details about personal life — including religious, political, and medical activities — and thus warrants heightened privacy protection under California law.
What to Do
Review your local law enforcement agency’s publicly posted ALPR policy (required under Civil Code § 1798.90.03).
File a Public Records Act (PRA) request with the agency to obtain their most recent ALPR audit report.
Contact the California Attorney General’s Office if you believe an agency is retaining or sharing ALPR data in violation of Civil Code § 1798.90.04–05.
Advocate for local ordinances that impose stricter limits than state law — some cities (e.g., Oakland, Santa Cruz) ban municipal ALPR use entirely.
Sources
Not legal advice. This article is general information based on publicly available sources, written for educational purposes. Laws change and individual situations vary. Consult a licensed attorney in your jurisdiction before acting on anything you read here. Last reviewed: 2026-06-08.