SB 1013 contains a one-paragraph legislative intent directing the Legislature to impose privacy protections on cities, counties, and other entities that use automated license plate recognition (ALPR) data. The text also states a policy against public agencies selling or sharing ALPR information — including through collaborations with private contractors — for the specific purposes of arrest, imprisonment, detainment, or deportation in immigration enforcement.
The measure, as written, does not create operative prohibitions or enforcement mechanisms; it frames the policy direction lawmakers want to take. For practitioners, the bill matters because it narrows the range of acceptable data-sharing practices the Legislature intends to target and highlights private contractors as a likely focus of future regulation or contracting changes.
At a Glance
What It Does
SB 1013 declares the Legislature's intent to require privacy protections for entities that collect or use ALPR data and to prohibit public agencies from selling or sharing ALPR information for immigration enforcement purposes, including when that information is shared in partnership with private contractors. The bill's text is an intent statement rather than operative statutory language.
Who It Affects
Municipalities and counties that operate ALPR systems, law enforcement agencies that access or manage ALPR datasets, private vendors and contractors that host or analyze license-plate data, and communities concerned about law enforcement data flows to immigration authorities. Contract managers and compliance officers at local governments will be particularly affected if future implementing legislation follows this direction.
Why It Matters
The bill signals a legislative push to close perceived loopholes—especially transfers that occur via private vendors—that allow ALPR data to be used in immigration enforcement. Even without immediate legal force, the statement will shape contract language, procurement practices, and drafting of future, enforceable rules.
More articles like this one.
A weekly email with all the latest developments on this topic.
What This Bill Actually Does
SB 1013 is short and specific in its aim: it tells the Legislature that it should adopt privacy protections for entities that use automated license plate recognition systems and that public agencies should not sell or share ALPR data for immigration enforcement purposes. The text calls out not only direct transfers between agencies but also information shared in collaboration with private contractors for the purposes of arrest, imprisonment, detainment, or deportation.
Because the bill contains only a legislative intent clause, it does not itself change existing statutory duties or create penalties. That means no immediate compliance obligations flow from SB 1013 alone; instead, it establishes the policy foundation for later bills that would put requirements, definitions, exceptions, oversight, and enforcement into law.
Practically, the intent language telegraphs the Legislature’s priorities to local governments and vendors, which commonly respond by adjusting contract terms, data-retention policies, and access controls ahead of formal regulation.The provision’s focus on private contractors is notable. Much ALPR data is processed, stored, or analyzed by third-party vendors; by singling out contractor collaboration, the text suggests future rules will target contract clauses, vendor access controls, and perhaps contractual prohibitions on onward sharing with federal immigration authorities.
But the bill leaves critical terms undefined — for example, what counts as "collaboration," how long ALPR data may be retained, who would enforce a prohibition, and what exceptions (if any) public safety agencies would have.For local compliance officers, this bill should trigger a review of existing ALPR-related contracts and memoranda of understanding. Even in the absence of immediate legal force, procurement teams and counsel will likely see pressure to add privacy-focused clauses, limit contractor authority to share data, and prepare to implement retention and access controls that mirror the policy the Legislature has signaled.
The Five Things You Need to Know
The bill’s sole operative text is a legislative intent statement — it does not itself amend statutes or create enforceable prohibitions.
SB 1013 explicitly targets ALPR data sharing for the purposes of "arrest, imprisonment, detainment, or deportation" in the context of immigration enforcement.
The language covers sharing "in collaboration with private contractors," making third-party vendors an explicit focus of the proposed policy.
The scope named in the bill centers on cities, counties, and other entities that use ALPR systems rather than on a single statewide agency.
The text does not define key terms (for example, "ALPR information," "collaboration," retention periods, or enforcement mechanisms), leaving substantive details to future legislation.
Section-by-Section Breakdown
Every bill we cover gets an analysis of its key sections.
Legislative intent to impose privacy protections for ALPR users
This single section states the Legislature’s intent that privacy protections should apply to cities, counties, and other entities that use ALPR data. Because the clause is declaratory intent, it signals policy direction without creating regulatory duties, funding, or sanctions. Practically, an intent clause functions as a blueprint for future bills and influences how local governments and vendors prepare contracts and policies in the near term.
Prohibition against ALPR sharing for immigration enforcement purposes
The text expressly prohibits public agencies from selling or sharing ALPR information for purposes tied to immigration enforcement — specifically arrest, imprisonment, detainment, or deportation. That prohibition is written to include information shared through collaborations with private contractors; the drafter therefore identifies both direct agency transfers and contractor-mediated transfers as policy targets. Because there is no operative statute attached, the phrase describes the intended policy outcome rather than a presently enforceable ban.
Targeting private contractors and intergovernmental transfers
By naming 'private contractors' alongside public agencies, the bill highlights the commercial intermediaries that often host or analyze ALPR feeds. This matters for procurement and contract language: the Legislature’s stated intent implies that future regulation may impose limits on vendor access, data ownership clauses, reporting requirements, or contractual prohibitions on onward sharing with federal immigration authorities. The section does not, however, specify how collaboration will be measured or policed.
This bill is one of many.
Codify tracks hundreds of bills on Privacy across all five countries.
Explore Privacy in Codify Search →Who Benefits and Who Bears the Cost
Every bill creates winners and losers. Here's who stands to gain and who bears the cost.
Who Benefits
- Undocumented immigrants and communities of color: The explicit ban on using ALPR data for immigration-related arrest or deportation aims to reduce the risk that location data will feed immigration enforcement actions.
- Privacy and civil liberties organizations: The Legislature’s stated priority gives these groups leverage to push for concrete rules—such as retention limits, access controls, and audit rights—when implementing legislation is drafted.
- Local residents concerned about location surveillance: Narrower sharing rules and greater transparency would reduce the likelihood that long-term ALPR logs are used in ways the public did not expect.
Who Bears the Cost
- Local law enforcement agencies that have used ALPR data to support immigration-related investigations: The intended prohibition would curtail one avenue for accessing ALPR datasets for immigration purposes.
- Private vendors and contractors that manage ALPR systems: Contracts, business models, and data-sharing practices may require revision, and vendors could face lost revenue if they can no longer provide data to certain government customers.
- City and county procurement and legal offices: Preparing new contract language, performing vendor audits, and documenting compliance could impose administrative burdens and costs if the policy is later implemented into binding law.
Key Issues
The Core Tension
The central dilemma is reconciling stronger privacy protections and the goal of shielding communities from immigration enforcement with public safety needs and operational realities: limiting data flows and contractor access reduces risks of misuse but may hinder investigations and impose significant contractual and technical costs on local governments and vendors; the bill’s intent resolves the direction but not the trade-offs.
The bill creates a clear policy preference but leaves the hard work undone. It does not define the technical or legal contours of covered information, the meaning of "collaboration" with private contractors, or the exceptions that public safety or judicial processes might require.
Those gaps create multiple implementation points where future drafts could diverge: privacy advocates will press for strict retention limits and audit rights, while law enforcement will push for narrowly tailored exceptions for exigent circumstances.
Another unresolved question is enforcement: an intent clause furnishes no private cause of action, civil penalty scheme, or administrative enforcement path. If future legislation mirrors the intent, drafters must decide whether enforcement will fall to a state agency, local civil remedies, or contract-based remedies.
Equally important is how the new policy would interact with federal immigration enforcement requests and with existing statutory exceptions that already allow some agency-to-agency sharing "as otherwise permitted by law." Without clarifying preemption or procedural safeguards, implementation risks litigation over scope and applicability.
Finally, targeting private contractors is sensible in theory but complex in practice. Contractors often operate under varied contractual terms and store data across jurisdictions; forbidding contractor-mediated transfers may push agencies toward in-house solutions, create vendor lock-in around privacy-compliant providers, or encourage technical workarounds that satisfy the letter but not the spirit of the rule.
Those dynamics will influence cost, operational speed, and the feasibility of oversight regimes the Legislature may later adopt.
Try it yourself.
Ask a question in plain English, or pick a topic below. Results in seconds.