Perceptics

Perceptics LLC is a developer and manufacturer of automated license plate recognition (LPR) equipment based in Farragut, Tennessee, founded in approximately 1978. John Dalton is the CEO. A large hack of their data exposed their operations, as well as the locations of installations.

Their technology is used by the U.S. Customs and Border Protection (CBP) at 43 border crossings, both to Mexico and Canada, as part of a partnership with Unisys Federal Systems. Perceptics is the exclusive license plate recognition provider for CBP. Perceptics operated as a subcontractor to Unisys for the license plate reader contract, worth $229 million over several years. As of 2019, Perceptics has worked on CBP contracts for "nearly 30 years". They also provide "under-vehicle surveillance systems", and have contracts with the Drug Enforcement Administration checkpoints, the Canada Border Services Agency, United Arab Emirates, and Saudi Arabia's Special Forces, and the Jordanian army.

Perceptics was previously a subsidiary of Northrop Grumman. They have been filling CBP contracts since 1982 and license plate readers since 1997. In 2002 the equipment cost was approximately $90,000 per lane.

Perceptics also discussed promoting their license plate reading technology for use on a congestion pricing scheme to MTA in New York City in a presentation titled "Smart Imaging Solutions for New York City Congestion Pricing". They demoed the technology to MTA's Bridges and Tunnels division. The Perceptics system provides much more capabilities than license plate reading, such as "Vehicle Occupancy Imaging System", which can identify drivers and passengers, as well as tracking car locations and driver behavior as a profile. Perceptics and Unisys were also involved in a CBP trial project called the "Vehicle Face System", involving facial recognition of car occupants.

Perceptics used Amazon Rekognition as of August 2018.

Canadian operations
Data from the hack revealed the Canada Border Services Agency had at least two dozen installations, as widespread as the Sumas–Huntingdon Border Crossing in British Columbia, to the Fort Fairfield–Andover Border Crossing in New Brunswick, worth $21 million CND in contracts. Traffic weigh stations in Canada, run by International Road Dynamics, also use Perceptics. Halifax Harbour Bridges trialed the technology. The Buffalo and Fort Erie Public Bridge Authority as purchased Perceptics cameras, they are administered by the US CBP. Canada Revenue Agency had contracts with the company until 2014.

Data breach
On May 13, 2019, Perceptics discovered they were hacked. They notified the FBI within 24 hours, and they notified Unisys on May 17. The hack was revealed by The Register on May 23. The CBP learned of the data breach on May 31, over three weeks after the discovery of the hack. CBP acknowledged a breach on that date but didn't reveal the contractor involved, but the Microsoft Word document title pointed to Perceptics. CBP also stated CBP said "as of today, none of the image data has been identified on the dark web or internet."

Identifiable information such as faces were stolen. Somewhere under 100,000 images were taken, which were part of a 45-day dataset from one port of entry. The data was transferred off of the CBP's systems to Perceptics's systems, a violation of CBP policy. The Register showed that data was available on Tor, and included images, HR records, databases, DHS manuals, signed NDAs, and business plans. Distributed Denial of Secrets mirrored the data to the open web, making it more easily accessible. Later, The Register identified images taken at border crossings at Santa Teresa, New Mexico, and Columbus, New Mexico, and Hidalgo, Texas.

Perceptics demoed the technology for the Pennsylvania Turnpike, and 50 gigabytes of photos over two months in 2017 were identified in the hack and published on Vice News's Motherboard.

CBP suspended the contract, citing "conduct indicating a lack of business honesty or integrity". Suspensions are a rare action. In September 2019, Perceptics and CBP signed an agreement, where CBP stated the collection of data was "completely unacceptable" but not unethical or illegal, and Perceptics agreeing to security reforms and monitoring.

A hacker claimed to have access to Perceptics's systems for four months and demanded a ransom. The data was made publicly available by Distributed Denial of Secrets.

The breach led to scrutiny from Sen. Rick Scott, Sen. Edward J. Markey, Sen. Ron Wyden, Rep. Bennie Thompson, and privacy advocates.

Lobbying
Perceptics engaged lobbyists such as Lucia Alonzo of Ferox Strategies to lobby on their behalf, and the hack of Perceptics showed this influence. Cristina Antelo at Podesta Group also lobbied Democrats on their behalf, joining Ferox Strategies after Podesta Group closed.

In emails to Perceptics, Alonzo confirmed that both top alternatives in a 2018 immigration reform bill included provisions with $125 million for "LPR modernization" and $175 million for a border cargo LPR project in Laredo, Texas, presumably benefitting Perceptics as the exclusive provider of LPR equipment to the CBP. The text of the provisions in both alternatives was nearly identical.

Alonzo also supplied talking points to Tennessee's Republican Chuck Fleischmann to use in a session with the head of CBP. After the exchange, Alonzo emailed Perceptics, confirming Fleischmann "asked about CBP's plan to modernize its LPRs as we asked his office to do".

Later, Texas Sen. John Cornyn, included the same Laredo border cargo LPR project and "LPR modernization" projects and figures in two late-2017 Senate immigration bills. Alonzo suggested that Perceptics CEO John Dalton donate money to Cornyn, and Antelo was previously on Cornyn's staff.

In 2014 and 2015, Podesta Group emails said the Podesta staff would "preemptively meet if necessary to ensure LPRs do not get drawn further into the privacy conversation" and about building a "possible coalition against LPR bans". In 2018, Antelo, at Podesta, described meetings with California Democratic congressman Peter Aguilar, Colorado Democratic Sen. Michael Bennet, New Jersey Democratic Sen. Bob Menendez.

In February 2020, connections to conservative Texas Democratic Rep. Henry Cuellar were published, tracing his involvement with Perceptics back to at last 2009, through Antelo and Podesta Group. He was described as "our Cuellar firepower" and by Perceptics CEO Dalton as a "friendly congressman". Cuellar was involved in the same "talking points" event as Fleischmann, and Cuellar asked other talking points recommended by Perceptics and lobbyists, with Alonzo emailing a report about Cuellar asking "about pilots going on at Laredo that sound a lot like Perceptics’".

Perceptics and Podesta Group lobbied against competitor Axiompass in 2012, as presentations and reports indicated. A 2014 Podesta Group report identified dozens of PACs connected to politicians to make donations to.