SF4739

Purpose

This bill tightens how automated license plate reader (ALPR) data is collected, stored, used, and shared in Minnesota. It creates a central management system under the Bureau of Criminal Apprehension (BCA), adds privacy protections for individuals, and regulates both government and private use of ALPR systems.

Key definitions (selected)

• Automated license plate reader (ALPR): a device (mounted on a patrol car or fixed) that records vehicle data and photos to compare with law enforcement databases. Includes devices operated by non-government entities if data are shared with law enforcement. Traffic safety cameras are not ALPRs.
• Bureau of Criminal Apprehension (BCA): now acts as the central repository for ALPR data.
• Data types: data must generally be limited to license plate numbers, date/time/location data, and pictures of plates/areas around vehicles.
• Active criminal investigative data: data relevant to ongoing investigations.
• Private data / public data / nonpublic data: how data are classified under Minnesota privacy laws.

Main provisions

• Central data management
  • All ALPR data collected, created, or received must be stored and managed by the BCA, on a server located in Minnesota.
  • The BCA may allow access to this data for law enforcement agencies, under the bill’s rules.
• Data collection limits
  • Data collection is restricted to: (1) license plate numbers, (2) date/time/location data, and (3) pictures of license plates and surrounding areas.
  • Other collected data are prohibited unless explicitly allowed.
  • A central state repository of ALPR data is allowed only if explicitly authorized by law.
• Data matching and use
  • Data may be matched with the Minnesota license plate data file, and additional data sources may be used only if they relate to an active criminal investigation.
  • Data about individuals or their vehicles cannot be shared or sold without consent, a court order, or a judicial warrant.
• Privacy protections and access controls
  • Data are private/nonpublic unless public or active investigative data.
  • Access to ALPR data requires written authorization and a documented, legitimate law enforcement purpose.
  • Access is limited by role-based permissions, with an audit trail recording all data queries and actions.
  • Data cannot be accessed or shared outside Minnesota unless required by a court order or warrant.
• Private use of ALPRs
  • Private ALPR users must post clear signs informing drivers that ALPRs are in use.
  • Data from private ALPRs is personal data and cannot be sold or disseminated without consent, court order, or warrant.
• Retention and destruction
  • Data not related to an active investigation must be destroyed within about 60 days (specific wording in the bill).
  • If a person is the subject of a pending charge, data may be preserved until the case is resolved.
  • Data linked to program participants (if applicable) must be destroyed at collection or upon request unless they are active investigative data.
  • Inactive investigative data must be destroyed according to the state retention schedule.
• Data access outside the state
  • ALPR data may not be accessed, disseminated, or shared outside Minnesota unless required by a court order or warrant.
  • “Outside the state” includes federal agencies, other states, or private entities under cross-state agreements.

Data storage, transfer, and implementation

• Transfer deadline
  • By December 1, 2026, agencies using ALPR must transfer all ALPR data to the BCA, unless the data are active or inactive criminal investigative data.
• Placement and contracts
  • The BCA administers and stores all ALPR data; all related contracts must comply with this law and section 13.824.

Significant legal changes

• Establishes the BCA as the central repository for all ALPR data, shifting from dispersed storage to centralized management.
• Introduces strict data collection limits, enhanced privacy classifications, and mandatory access controls with audit trails.
• Requires signage and explicit consent procedures for private ALPR use.
• Sets a firm deadline to transfer existing ALPR data to the BCA.
• Tightens restrictions on sharing ALPR data outside the state and outside official warrants.

Implementation considerations

• Agencies will need to implement new data governance, storage, and access procedures.
• Private ALPR operators must comply with signage and data protection requirements.
• A formal process will be needed for warrants and exigent circumstances to access data in active investigations.

Relevant Terms - Automated license plate reader (ALPR) - Bureau of Criminal Apprehension (BCA) - Minnesota Statutes section 13.824 - Private data / public data / nonpublic data - Active criminal investigative data - Court order / judicial warrant - Exigent circumstances - Role-based access - Data audit trail - Minnesota license plate data file - Data retention and destruction - In-state data storage / server location within Minnesota - Central repository - Private ALPR use / signage requirements - Data sharing outside Minnesota - Public access to audit trails - Data matching and data sources for investigations - Consent requirements for data dissemination