A surveillance company called Leonardo is developing an upgrade to automatic license plate reader (ALPR) infrastructure that would extend its data capture well beyond vehicle identification — adding sensors capable of harvesting the unique device identifiers broadcast by mobile phones, AirPods, smartwatches, and other Bluetooth and Wi-Fi enabled hardware passing within range, according to a report published June 9, 2026 by 404 Media.

The functional implication is significant: a roadside camera that today logs a vehicle's plate, timestamp, and GPS coordinates would, under this scheme, simultaneously fingerprint the personal devices carried by the vehicle's occupants — creating a correlated record that links a specific human's device identity to a specific vehicle at a specific time and place.

What Leonardo Is Building

The addition consists of passive RF sensor hardware co-located with existing ALPR camera units. These sensors listen for the probe requests, advertisement packets, and other ambient RF emissions that Bluetooth and Wi-Fi stacks continuously broadcast as part of normal device operation — even when a device is not actively pairing or connecting to anything.

From those emissions, the system extracts device identifiers: MAC addresses in the Wi-Fi case, and Bluetooth device addresses in the other. Both are unique at the hardware level, though both are also subject to the MAC randomization mitigations that Apple, Google, and others have rolled out over the past several years in iOS, Android, and related platforms. The degree to which those mitigations actually frustrate this class of passive collection in real-world conditions remains contested; earlier research has repeatedly demonstrated that randomization schemes can be partially de-anonymized through timing correlation, device fingerprinting via probe request content, or behavioral pattern analysis.

ALPR networks themselves are operated by a mix of law enforcement agencies and private companies. Vigilant — one of the dominant commercial operators — maintains a nationwide camera grid whose data is made available to subscribing agencies. Leonardo's proposed sensor augmentation would slot into this kind of infrastructure, turning what is already the most pervasive fixed surveillance network on American roads into something qualitatively different: a joint vehicle-and-person tracking system.

The Data Layer This Creates

Consider what the resulting dataset looks like at scale. An ALPR hit today produces a tuple: plate, timestamp, location, possibly a camera image. The Leonardo upgrade appends to that tuple one or more device identifiers observed within Bluetooth and Wi-Fi range at the moment of capture. Over time, as the same device identifier appears across multiple ALPR captures at different locations, a mobility trace emerges — one that is anchored not to a vehicle that might be sold, borrowed, or rented, but to a persistent personal device.

That mobility trace is, functionally, a person's movement history. It is linkable to identity through any number of downstream data sources: carrier records, app analytics data, advertising ID graphs, or simply the fact that a phone's Bluetooth name is often set to the owner's real name by default.

The architecture also creates a secondary attribution layer. Where a vehicle plate identifies the registered owner — who may or may not be the current driver — the device identifiers captured in the same pass identify whoever is physically present in or near the vehicle. Multiple device hits per capture start to resolve occupancy: how many people, traveling together, recurrently. Fleet operators, investigators, and data brokers would each have distinct uses for that kind of inference.

MAC Randomization and Its Limits

It is worth examining the technical defense layer here directly. Apple introduced MAC address randomization for Wi-Fi probe requests in iOS 8 in 2014; Android followed more gradually, with robust per-network randomization landing in Android 10. The intent was precisely to prevent the kind of passive tracking this sensor architecture attempts.

In practice, the protection is partial. Several research teams have demonstrated that even randomized MACs can be correlated across captures using the sequence numbers embedded in 802.11 management frames, the specific information elements a device includes in probe requests (which vary by firmware and chipset in ways that survive address rotation), and — critically — the tight temporal correlation available when a sensor array observes the same device at closely spaced capture points. Bluetooth Low Energy (BLE) advertisement randomization has similar structural weaknesses under targeted analysis.

AirPods and smartwatches add a layer of complexity: these devices pair continuously with a primary phone and emit their own BLE advertisements on a distinct cadence. Even if a phone's randomization holds, the peripheral device identifiers may not rotate on the same schedule, providing a secondary anchor point for correlation.

The upshot is that MAC randomization raises the engineering cost of passive tracking but does not eliminate it — particularly for a well-resourced operator with access to correlated data from multiple capture points.

Regulatory and Legal Context

The United States has no federal statute that directly governs the collection of passive RF emissions in public spaces. The third-party doctrine, as traditionally applied, offers limited protection for data that a device voluntarily broadcasts into the air. State-level biometric and location privacy laws — Illinois BIPA, California's CPRA, Washington's My Health MY Data Act — address overlapping but not identical data categories; none squarely pre-empts this architecture.

The Fourth Amendment question is more live. Carpenter v. United States (2018) established that long-term, comprehensive location tracking by the government requires a warrant, explicitly departing from the third-party doctrine for cell-site location information. Whether passive ALPR-coupled RF collection constitutes an equivalent intrusion — given the granularity and persistence of the data — has not been litigated to resolution at the federal appellate level.

Worth flagging: the private-company structure of ALPR networks like Vigilant's creates a deliberate jurisdictional gap. A government agency conducting this collection directly would face Fourth Amendment scrutiny; a private company collecting and then licensing the data to agencies operates in a substantially less constrained environment, at least until Congress or the courts say otherwise. Leonardo's product fits neatly into that structure.

A Pattern the Industry Has Seen Before

We have seen this pattern before. In the early 2010s, retail analytics companies began deploying Wi-Fi and Bluetooth sensors inside stores — Euclid Analytics, RetailNext, and others — to track shopper dwell time and movement patterns via the same passive probe request harvesting that Leonardo is now proposing to deploy roadside. The backlash was swift enough that several major retailers quietly pulled the systems, and the FTC issued guidance. But that episode was contained to enclosed private spaces where operators had at least nominal notice obligations to entrants. The open road carries no such framing.

The roadside deployment removes every limiting assumption that made in-store tracking even marginally bounded. There is no posted notice. There is no opt-out mechanism short of leaving your devices at home. The capture happens to every passer-by regardless of whether they have any relationship with the operator. And the data persists in commercial repositories whose retention policies are set unilaterally by the vendor.

What Comes Next

Leonardo has not, as of the date of this article's publication, announced a commercial deployment timeline. The 404 Media report describes the capability as planned, not yet operational at scale.

But the engineering is not novel — the sensor components are commercially available, the integration with ALPR infrastructure is straightforward, and the economic incentive is clear. A dataset that correlates vehicle identity with device identity with location over time is worth considerably more than a vehicle-only dataset to the data broker market, to law enforcement customers, and to insurance and fleet intelligence buyers.

The immediate watch items are whether any state legislatures move to explicitly regulate passive RF collection in public spaces, whether any of the major ALPR customers — county sheriffs, municipal police departments, federal agencies — publicly address their intent to subscribe to the enriched dataset, and whether Apple, Google, or chipset vendors accelerate or strengthen their randomization schemes in response.

The history of surveillance infrastructure suggests that once a capability is deployed, restraint in its use depends entirely on policy guardrails that in this domain have consistently lagged the technology by years.