“There is nothing new in the realization that the Constitution sometimes insulates the criminality of a few in order to protect the privacy of us all.”

The late Supreme Court Justice Antonin Scalia authored this line in his majority opinion for United States v. Jones, 565 U.S. 400 (2012), a case in which Justice Scalia—a contextualist who often argued that citizens have no Constitutional right to privacy—stated that attaching a GPS tracker to a vehicle was a violation of the Fourth Amendment and, indirectly a violation of the privacy of an ordinary citizen. In making this statement, Justice Scalia and the majority touched on an ongoing, rhetorical question at the intersection of transportation and the law that states are still grappling with thirteen years later: what rights to privacy do citizens have on public roadways?

With daily headlines featuring concepts such as “artificial intelligence” and “data centers” and modern-day surveillance seemingly ubiquitous throughout public spaces, over a dozen states have begun policing “Big Data” by enacting consumer data privacy laws. Some of these laws, like the Florida Digital Bill of Rights (FDBR, § 501.171), have a more narrow scope of applicability and are drafted to primarily apply to big tech companies who are amassing large quantities of consumer data. Specifically, FDBR targets large companies that, among other things, collect personal data from consumers, determine the means of the process of such data, and have annual revenue of more than $1 billion. Others, like the California Consumer Privacy Act, have broader applicability and apply to much smaller entities including those that have a revenue more than $25 million, buy or sell personal information of 100,000 or more Californian consumers, and derive over 50% of their annual revenue from the sale of data.

How does this tie into transportation? Roadway data collection.

Under laws such as FDBR, big data companies must provide individuals with rights to obtain copies of, correct inaccuracies in, or even have their personal data deleted. In the transportation context, this means that certain large companies can be requested to delete data obtained on roadway cameras—license plate numbers, pictures, and even videos.

An important note regarding the FDBR and similar laws is that government entities or private entities working on behalf of the government are typically exempt. So while “Big Data” can be asked to delete your personal data in some scenarios, entities like state and local law enforcement agencies are generally exempt.

It is important to note that state laws vary on their data privacy “bill of rights” and there are no uniform federal statutes to cover data privacy in the transportation context—yet.

Reach out if you have specific questions or want to speak to a legal professional versed in the transportation or privacy sectors.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Ryan Flynn Ryan Flynn

Ryan Flynn is an associate in Crowell & Moring’s New York office and a member of the Corporate Group. Ryan’s practice focuses on general corporate and securities matters for public and private companies, including mergers and acquisitions, initial and follow-on securities offerings, commercial…

Ryan Flynn is an associate in Crowell & Moring’s New York office and a member of the Corporate Group. Ryan’s practice focuses on general corporate and securities matters for public and private companies, including mergers and acquisitions, initial and follow-on securities offerings, commercial transactions, and corporate governance.

Ryan represents clients across a wide range of industries and at various stages of their lifespan, from emerging growth companies through publicly traded companies. Ryan provides clients with the insight to navigate the disclosure rules and regulations imposed by the U.S. Securities and Exchange Commission, NYSE, Nasdaq, and FINRA.

Prior to joining the firm, Ryan was a member of the corporate and securities group of a New York-based law firm, where he mainly advised companies on initial public offerings, PIPEs, follow-on offerings, and the various regulatory disclosures of the Securities Exchange Act of 1934.

Read more about Ryan FlynnRyan's Linkedin Profile
Show more Show less
Photo of Sarah Rippy Sarah Rippy

Sarah Rippy is an attorney in Crowell & Moring’s Denver office and a member of the Privacy & Cybersecurity Group.

During law school, Sarah was executive editor of the Colorado Technology Law Journal and an active member of the Silicon Flatirons Center. She…

Sarah Rippy is an attorney in Crowell & Moring’s Denver office and a member of the Privacy & Cybersecurity Group.

During law school, Sarah was executive editor of the Colorado Technology Law Journal and an active member of the Silicon Flatirons Center. She joins the firm after a year serving as a Westin Research Fellow at the International Association of Privacy Professionals, where she focused on state law developments, including the California Privacy Rights Act (CPRA), the Colorado Privacy Act (CPA), and the Virginia Consumer Data Protection Act (VCDPA).

Read more about Sarah RippySarah's Linkedin Profile
Show more Show less
Related Posts
Young-businessman-and-woman-signing-a-paper-in-office-The-concept-of-a-successful-business-GettyImages-1045342822-Med
What’s The Contract? The Debate Continues In Michigan, with Consequences Beyond
November 3, 2025
Seal_of_the_United_States_Consumer_Product_Safety_Commission.svg
CPSC Commissioner Nominated
October 6, 2025
Flag-European-Union-GettyImages-1031313036-Med
The European Commission Issues Informal Competition Guidance in the Transport Sector
July 14, 2025