Courts always have the power to require data be preserved, ever since an Assyrian vendor smashed his clay tablets with a hammer to keep the captain of the guard from seizing them (;-))
They also have to specify exactly what's to be preserved, to avoid causing an unintentional denial-of-service attack on the recipient of the order, and they can require they be sealed, preserved in particular forms, or handed over to the court.
1982, Partners in Ecocide: Australia’s Complicity in the Uranium Cartel by V. G. Venturini (Venturino Giorgio Venturini), (Epigraph facing the title page), Rigmarole Book Publishers, Clifton Hill, Australia. (Verified with scans; thanks to John McChesney-Young and the University of California, Berkeley library system)
France has examining judges, Canada and the U.S. have special prosecutors, in part to ensure that political pressure can't shut down a prosecution. Examining judges are mostly automatic of serious crimes, but special prosecutors are rare and unusual, and appointing one often take considerable political power.
Solved problem in jusrisprudence, just not our jurisprudence!
You approach closer and close to the "absolute truth", but never get there, and every pi microns there is an e chance that there will be a step function and the whole convergence has to start again.
And then the cylons show up (;-))
The difference is that the repo company is using your information commercially, rather similarly to the photographic case, and you're required by law to display your license plate. The body requiring you to do the displaying has a duty of confidentiality toward you, and. for example, may be failing in it by not restricting what commercial entities do with the information.
It's technically a "vexed problem", but not necessarily an insoluble one.
Making it even harder is the question of scale. As Joseph Stalin once said, "quantity has a quality all it's own", a problem the courts have not been very forward in addressing.
Thinking about mostly legalistic issues, although this is really a public policy question. Our lawgivers haven't been terribly forward in addressing those, you understand!
Generally, a business, such as a repo company, can retain your information during the period in which you're doing business with them. If I were to consent to being scanned, then they could keep the scan only so long as it takes to see if I'm on the list of cars to be repossessed.
Since I haven't consented to the collection of "personal information" ("personally identifying information" in the US), and that information is a regulated government-issued identifier, then there's a case to be made that the repo company variously
- * isn't entitled to the information
- * requires a licence to use it under controlled circumstances
- * is entitled only to compare it to a list. or
- * is entitled to retain it only until it has been compared.
Similar logic applies to facial recognition: the right to photograph is stronger, but the right to retain is weaker.