They have indexed publicly available data. The privacy was long gone before you even entered a license plate number. Or do you think other actors didn’t have the same data but without a frontend to show it to you?

Entering your licence plate into this site gives the operator your geodata/ip address tied back to your licence plate.

Unless you use a VPN to access the site. Flock has your real location on camera.

This might be referring to k-anonymity where you truncate the hash so that it matches about 1000 hashes, then the client matches against that list. Which makes it so the operator can't really narrow down what exact license plates correspond to which searches.

Some hashing algorithms are tunable into being very expensive and difficult to brute-force even for very short inputs, but I virtually guarantee that whoever designed this system most likely would not even be aware those existed.

Technically true. Flock could present an unfounded argument that I might be brute-forcing my own security and privacy measures.

I think it'd sound pretty dumb.

If the security depends on the person it's supposed to be secure against not trying to break it...

What about doing it all client side? Or perhaps let the user type one or two characters then fetch that from the server for all matches and do the remaining matching client side. There are ways you could truly isolate yourself from the PII.

Being able to say "Our server never sees user-input license plate numbers", even though from a technical perspective the hash is just as identifiable, does have value. Even though it offers no additional privacy, it does let non-technically-minded users and so on feel safer, and that's valuable.

That "value" here lets them mislead policymakers.

The value is being able to mislead your users

Sure, Jan.

Well aware of these, however that would not benefit in this case. Their main protection is against pre computed lookup tables. But since the operator needs to be able to lookup the license plate within their own database, then they would not be using either of these. If the operator really wanted to do this in a safe way for the user then the whole database should exist client side.