(CAPITOLA, CALIFORNIA) Capitola’s police chief said the department made a “mistake” by allowing federal immigration authorities to tap into the city’s automated license plate reader system, acknowledging that access ran from 2024 into early 2025 and led to more than three million searches by federal and out-of-state agencies. The admission marks a public reversal for a small coastal city that, like others across California, must comply with the California Values Act, a state law that restricts local cooperation with federal immigration enforcement and bars sharing local data for immigration purposes.
What happened and how it conflicts with policy
The department’s written policy already forbids sharing license plate reader information with U.S. Immigration and Customs Enforcement (ICE) or Customs and Border Protection (CBP). Still, records show ICE access occurred at scale, with queries exceeding three million, undercutting both the city’s internal rules and state law.
The police chief characterized the situation as unintended and said ICE access was a “mistake,” signaling the department did not authorize or vet the data connections that made the searches possible.
Why license plate reader (LPR) access matters
Local plate scans can reveal:
– Where people drive
– Where they spend time
– Who they visit
When this data flows to agencies involved in immigration enforcement, immigrant communities can face heightened fear and may avoid routine travel out of concern their movements might be flagged. Even indirect sharing creates risk because license plate databases often connect through regional and national systems, letting faraway agencies run searches within seconds.
“A single misconfiguration can replicate across networks,” which is why departments in other states paused external connections after similar revelations.
Broader context and precedent
Capitola’s situation echoes problems seen in other states. In multiple jurisdictions—including Washington—local departments later learned federal immigration enforcement had accessed their plate reader systems without the agencies’ knowledge or explicit consent.
Typical responses elsewhere have included:
– Shutting down outside connections
– Tightening audit controls
– Pausing all third-party access while reviewing vendor contracts
Capitola now faces similar pressure to explain how federal users obtained credentials, why oversight failed, and what steps will keep ICE access from returning.
Legal framework: California Values Act
The California Values Act—outlined in Government Code sections including 7282.5 and 7284.2—does the following:
– Limits local law enforcement from using resources for immigration enforcement
– Bars agencies from sharing personal information when the purpose is immigration enforcement, except under narrow circumstances
Capitola’s policy was built around that framework. Yet the volume of queries since 2024 suggests a technical or contractual pathway remained open, allowing external agencies to pull Capitola scans at scale. Officials have not detailed whether this pathway came through:
– A vendor default setting
– A regional sharing hub
– A separate alignment between agencies
For the official code language, see: California Government Code § 7282.5 and California Government Code § 7284.2.
Key outstanding questions
A central question is how many of the three million-plus queries were tied to immigration enforcement versus non-immigration criminal investigations. The department has not publicly parsed that figure.
Because the city’s policy explicitly forbids sharing LPR data with federal immigration agencies, the presence of ICE access itself signals a policy breach.
Typical corrective actions other agencies have taken
Public agencies that have faced comparable issues often move quickly to:
1. Audit who accessed what, when, and for what stated reasons
2. Restrict connections to in-state partners only
3. Limit data retention periods
4. Require supervisor-level approvals for any external data request
Additional technical and administrative steps include:
– Strengthening user authentication
– Building automated alerts for policy-violating searches
– Cutting off out-of-state data pipelines
– Requesting vendors provide data maps showing every external user
Community impact
Community trust is central to public safety. The potential consequences include:
– People hesitating to report crimes
– Avoidance of driving to work or school
– Skipping medical appointments
This chill effect can harm public safety. Police chiefs often argue they need community trust to solve crimes, and any perception of indirect immigration enforcement can erode that trust. The California Values Act was designed to prevent those outcomes by drawing clear lines between local policing and federal immigration.
Legal and contract implications
If a department’s policy mirrors state law and then the department allows ICE access anyway, affected residents might pursue legal challenges—particularly if data was used to support immigration enforcement activities.
Vendors that manage LPR networks typically offer:
– Permission controls
– Audit logs
– Geographic restrictions
But the effectiveness of those tools depends on how local agencies set them up and monitor them. The admission of three million-plus queries suggests oversight gaps that will require:
– A formal review
– Contract updates
– Clear accountability measures
What Capitola and neighboring cities may do next
Capitola’s next steps will be watched closely by neighboring cities that rely on shared databases. Departments that invest in plate reader technology often cite stolen car recoveries and case leads as reasons to maintain broad sharing—but state law sets limits when it comes to immigration.
Likely actions across the region could include:
– Audits of external connections
– Vendor demands for complete access maps
– Verification that ICE access is blocked across all sharing hubs and federated systems
– Publication of regular transparency reports showing who accesses the system and how often
Immediate concerns for residents
For Capitola residents, the immediate questions are:
– Has federal access been shut off?
– Will the department publish an audit and a corrective plan?
Leaders have acknowledged the problem but have not publicly detailed their corrective plan. The episode underscores how a quiet configuration setting can carry sweeping consequences—more than three million queries in a year—and why clear lines around immigration enforcement must be enforced both on paper and inside every database that touches local policing.
Additional reporting and analysis
According to analysis by VisaVerge.com, similar plate reader disputes have drawn attention elsewhere, prompting agencies to implement stronger technical safeguards and auditing. Given Capitola’s public admission of a “mistake,” advocates will likely press for:
– Regular transparency reports
– Clear timelines of when access began and ended
– Evidence that corrective measures have been implemented and tested
This Article in a Nutshell
Capitola’s police chief confessed that federal and out-of-state agencies accessed the city’s ALPR system—resulting in over three million searches spanning 2024 to early 2025—despite departmental and California Values Act prohibitions on sharing data with ICE and CBP. Officials describe the access as an unintended “mistake” and face pressure to audit access, tighten vendor and technical controls, and publish transparency reports. The episode raises concerns about privacy, community trust, and whether queries supported immigration enforcement or routine criminal investigations.
