I. Policy Statement
The Administrative Vice Chancellor is designated as the Campus ALPR Authority. The Administrative Vice Chancellor may delegate the role of Campus ALPR Authority, but the role may not be redelegated.
A. Authorized Uses
Operation of ALPR Systems and/or access to or use of ALPR Information must only be for the following official business purposes:
Parking Services:
- For the purpose of parking management, occupancy counting, violation location, and rule enforcement. ALPR Information is retained in both anonymized and raw form for these business purposes.
Campus Safety:
- To identify a vehicle in a campus parking facility when UCPD identifies a lawful public safety or law enforcement need, including the detection of a vehicle (or person associated with that vehicle) wanted pursuant to a criminal investigation, in violation of a court order, in violation of an official campus stay-away order, or which poses a threat to one or more members of the campus community.
- Other use permitted under applicable law and University policy, only upon prior written approval by the Campus ALPR Authority.
In no case shall the ALPR system be used for any purpose other than parking operations, legitimate law enforcement, or public safety purposes.
B. Authorized Users
Operation of ALPR Systems and/or access to or use of ALPR Information requires prior written authorization by the Campus ALPR Authority.
Authorized personnel must operate ALPR Systems or access or use ALPR Information only for the purpose(s) specified in the authorization and as appropriate within the authorized personnel’s job function. Any other operation, access, or use is unauthorized and may result in disciplinary action under university policies or, as applicable, collective bargaining agreements.
All authorized personnel must complete training on ALPR Systems and Information prior to active use and be provided with applicable University policies and procedures. Training must include:
- Systems operations to ensure the safeguarding of ALPR Information
- Specific uses for which ALPR Systems and/or ALPR Information has been authorized
- The requirements for ALPR Information set forth below ALPR Information Requirements and the procedures to implement them
- Annual UC Cyber Security training certification
C. Authorization for UC Berkeley Parking & Transportation
The Campus ALPR Authority authorizes the following roles within UC Berkeley Parking & Transportation to operate ALPR Systems and use ALPR Information: Parking Enforcement Officer, Parking Enforcement Manager/Assistant Manager, Director of Parking & Transportation, and positions required for the continued operation of normal parking enforcement, event, and occupancy counting operations; and UCPD sworn personnel and emergency dispatchers. Any additional positions must be authorized as per Authorized Users.
II. Definitions
For the purposes of this Policy:
Campus ALPR Authority is the campus official authorizing operation of ALPR Systems and use of ALPR Information.
Additionally, the following terms have the same meaning as defined in CA Civil Code § 1798.90.5:
Automated License Plate Recognition (ALPR) Information means information or data collected through the use of an ALPR system.
Automated License Plate Recognition (ALPR) System means a searchable computerized database resulting from the operation of one or more mobile or fixed cameras combined with computer algorithms to read and convert images of registration plates and the characters they contain into computer-readable data.
III. Scope of Policy
This policy applies to the following roles within UC Berkeley Parking & Transportation to operate ALPR Systems and use ALPR Information: Parking Enforcement Officer, Parking Enforcement Manager/Assistant Manager, Director of Parking & Transportation, and positions required for the continued operation of normal parking enforcement, event, and occupancy counting operations; and UCPD sworn personnel and emergency dispatchers. Any additional positions must be authorized as per Authorized Users.
IV. ALPR Information Requirements and Procedures
ALPR Information is classified at Protection Level 3 and Protection Level 4 (depending on the specific combinations of data at issue) (UC Protection Level Classification Guide). UC Berkeley departments with authorized personnel who utilize ALPR Information are responsible for ensuring systems and processes are in place for its proper collection, storage, and disposal in compliance with UC Business and Finance Bulletin IS-3.
ALPR Information is defined as personal information by CA Civil Code § 1798.29(g)(1)(F). A breach of the security of an ALPR System is subject to policy Protection of Computerized Personal Information. Any suspected unauthorized acquisition of ALPR Information must be immediately reported to the campus Information Security Office and a Campus Incident Response Plan must be filed immediately with the Information Security Office.
A. Retention
ALPR Information is to be retained for no longer than 7 days unless it is specifically necessary to do so in support of parking violation enforcement, citation appeal adjudication, scofflaw enforcement, or law enforcement investigation. Storage duration limitations and data destruction will be facilitated via settings in the ALPR System and/or through the destruction of physical media, conformant with the UC Institutional Information Disposal Standard.
B. Anonymization
ALPR Information may be anonymized on a scheduled basis for legitimate business and/or research needs. ALPR Information that has been anonymized is not subject to the 7-day retention limit. Anonymization shall meet reasonable standards to prevent re-identification, which standards will be reviewed periodically.
C. Record Keeping
A record must be kept of access to non-anonymized ALPR Information, including who received access, the date and time of access, the purpose for the access, and the license plate number or other data element(s) used to query the ALPR System.
D. Sharing
ALPR Information may be shared within UC Berkeley as well as with outside law enforcement agencies and other public agencies as required by law or in accordance with applicable law and after consultation between the Campus ALPR Authority, campus legal counsel, and the campus privacy officer, in support of law enforcement investigations, academic research, or other legal purpose.
Any sharing of ALPR Information requires (a) written authorization from the Campus ALPR Authority and (b) a written agreement between requestor and ALPR Information holder that complies with the provisions of UC Appendix DS – Data Security and Privacy with Protection Level 3 or 4 requirements, as applicable to the specific data set. The requestor must make a written request that includes: 1) the name of the agency 2) the name of the person requesting 3) the intended purpose of obtaining the information.
E. Prohibition on Sale
ALPR Information will not be sold under any circumstances. The provision of data hosting or towing services shall not be considered the sale, sharing, or transferring of ALPR Information (CA Civil Code § 1798.90.55).
F. Audit
Access to, and use of, ALPR data is logged for audit purposes. Audit reports will be provided periodically and on request to supervisory personnel.
Any discovered intentional misconduct will lead to further investigation, possible disciplinary action up to and including termination.
Reasonable measures will be taken to ensure the accuracy of ALPR data. The auditing data will be used to identify systemic issues, inadvertent misuse, and requirements for policy changes, training enhancements, or additional oversight mechanisms.
V. Privacy
This Policy governs the ALPR System operated by University of California, Berkeley, and applies to its employees, customers, and camera and data hosting affiliates.
The images stored in the system are collected from areas visible to the public where there is no reasonable expectation of privacy.
Compliant with CA Civil Code 1798.90.53, this Policy shall be implemented and publicly published on pt.berkeley.edu.
VI. Responsibilities
The Campus ALPR Authority (or designee) shall:
- Be the official custodian of the ALPR system and as such have the overall responsibility and authority for enforcing and implementing the policy in accordance with California Civil Code sections 1798.90.5 et seq.
- Establish and implement operating procedures and guidelines governing the management and administration of ALPR systems and associated equipment.
- Be responsible for properly managing and maintaining all data and images captured by the ALPR systems in accordance with this policy.
- Review and grant or deny access to ALPR systems. Ensure training is provided to Authorized Users.
Authorized Users shall:
- Read and abide by this policy.
- Complete ALPR training.
- Sign a department approved acknowledgement form.
VII. Consequences of Policy Violations
Authorized personnel must operate ALPR Systems or access or use ALPR Information only for the purpose(s) specified in the authorization and as appropriate within the authorized personnel’s job function. Any other operation, access, or use is unauthorized and may result in disciplinary action under university policies or, as applicable, collective bargaining agreements up to and including termination.
Access to the ALPR system by unauthorized users is strictly prohibited and will result in disciplinary action under university policies or, as applicable, collective bargaining agreements up to and including termination.
VIII. Related Policies and Procedures
- CA Civil Code §§ 1798.90.5 – 1798.90.55
- UC Berkeley Protection of Computerized Personal Information
- UC Protection Level Classification Guide
- UC Institutional Information Disposal Standard
IX. Revisions
- August 6, 2025: The document as a whole was revised to conform to the campus’s updated policy template. No text was added or omitted.