In January, after a Joplin police officer was fired for stalking via Flock’s license plate reader system, I wrote about why I publish unredacted audit logs. The argument was simple: as long as Flock can collect this information without restriction, the public must be able to see how it’s used.
Today, the ACLU has joined EFF in calling for laws that would make that oversight illegal. It did so on the same day that criminal charges were filed against a Milwaukee police officer for misuse of the system — as a direct result of the very thing the ACLU is trying to ban.
The ACLU’s Position
ACLU and EFF’s assertion that records documenting police activity should be kept behind lock and key in a police station is, frankly, preposterous. The suggestion has no business coming from organizations that purport to fight for civil rights and police accountability.
In making its recommendation, ACLU misrepresents the actions of police and the contents of the logs:
The release of this kind of data is a significant privacy problem. To be clear, web sites have every right to publish data that has been released by government agencies or that they have otherwise legitimately obtained; the fault here is the police departments that collected this data on innocent drivers not suspected of any wrongdoing and then released it unredacted. But this kind of data could be used by all manner of parties to find out things about the lives of those they’re interested in — everyone from abusive romantic partners and stalkers, to political or business rivals, to everyday busy-bodies and who-knows-who-else.
Characterizing audit logs as data the police collects on innocent drivers is flat out wrong. Yes, police do collect data on innocent drivers. But that is not the data that’s in the audit logs.
What’s in the audit logs is what a Flock user—possibly, but not necessarily, a police
officer—entered into the “search” box. For example, there is a result for the plate “-.”
Probably not a valid plate anywhere. I’ve also had to block a few novelty plates, like
HOONIGAN, from reports because cops keep looking it up.
What is in the logs is search terms being entered into a privately owned and operated, and largely unregulated, database. Even if you were to make sharing those logs illegal, it does not solve the issue—the information, by the very nature of the system, is in the hands of a private third party.
The ACLU then tries to compare records of government officials’ search queries to bodycam footage of private citizens. Video footage of people interacting with police and evidence that someone typed the word “investigation” into a search box are not the same thing.
Following those dubious claims, the author walks the statement back by saying that “any logs by officers of the purposes of their searches (which would be subject to existing open-records exemptions for active investigations) should be considered public records.”
This is exactly how we end up with audit logs like the ones currently served up by Flock’s ironically-named transparency portals:
Flock summarizes it correctly in its form email: “There is nothing the public can gain from this report.” (“However, if you find your department’s users are not consistently searching off of incident/case numbers, that may be a reason to hide the Search Audit.”)
The Contradiction
The whole system hinges on not containing sensitive information. According to Flock and police, there are no privacy concerns when you take millions of photos of license plates on public roads. It’s why a private company can collect the information under color of law and process it without having probable cause or oversight, and it’s why police can search that same data without warrants.
That framework simply can’t co-exist with the idea that that same information is somehow too sensitive for public consumption. To claim otherwise is, at best, mistaken.
As it says in this site’s FAQ: I am willing to accept the premise that all of this audit data is too sensitive to publish, but, if accepting that premise, then the actual photos must be too sensitive as well. Ban neither or both, but don’t mistake a defense of public oversight for a defense of this website’s right to exist.
The Alternatives Don’t Work
Hiding audit logs for vague privacy concerns is a lazy approach. This website does not display license plate numbers anywhere. Instead, it provides “identifier” numbers that correspond to license plates. It’s not a complete solution, but it’s one that’s adequate for identifying patterns of misuse and abuse.
Flock knows this. It previously took a similar approach to usernames in its transparency portal logs: instead of identifying a user by name, it identified users with a string of numbers and letters. While you may not see that Officer Jones did something suspicious, if Officer AF983-90D43 did, that’s still something that can be investigated.
Flock removed those IDs from the logs.
The ACLU’s recommendation that “people should be able to request their own data” is equally shortsighted. The data is, at least on paper, owned by 6,000 different agencies. Should we all be doing monthly open records requests to those agencies? Without an up-to-date customer list, how would we even know where to file the requests? How do we prove to Flock that it’s “our” data? Do we send Flock, a private mass surveillance company, a photo copy of our ID and car registration?
Meanwhile, police departments across the country write policies saying they will manually audit hundreds of thousands of searches by downloading a CSV, going through it line-by-line, and making tens of thousands of phone calls to other departments to ask whether the “investigation” at 4:37pm last Wednesday was a legitimate search. Closing the chief’s office door won’t get him to suddenly make the calls.
The real problem isn’t that there is an attempt at public oversight — it’s that every other oversight mechanism is failing. State and local governments, police agencies, Flock, the FBI, the EFF, and the ACLU could all actually be working on this problem.
This website shows that national searches are impossible to keep up with due to sheer volume. The underlying cause is a system that is disproportionate by default—one that encourages getting nationwide 30-day location histories for the slightest of reasons, or no reason at all.
It also shows that some form of oversight may be possible, if we want it to be possible. But we need to ditch Flock and solve the actual problems.
ACLU & EFF’s changing position
In 2014, ACLU SoCal and EFF sued the Los Angeles Police Department and Los Angeles Sheriff’s Department for ALPR records.
The organizations sought actual ALPR data rather than audit logs, and, after their request for the data was denied under California’s Public Records Act, they wrote (emphasis mine):
[T]he intrusive nature of ALPRs and their potential for abuse creates a strong public interest in disclosure of data that would help shed light on how police are actually using the technology.
…
The data will reveal whether police seem to be targeting political demonstrations to help identify protestors, or other locations such as mosques, doctors’ offices or gay bars that might yield highly personal information.
Californians can only properly weigh in on whether police should be using ALPRs and what policies might be necessary if they understand how police actually use the technology.
It has been twelve years — we still don’t have that necessary transparency.
ACLU and EFF reversing their position is inexplicable.
179 Searches, Zero Oversight
On the same day the ACLU published its recommendation, a criminal complaint was filed in Milwaukee against MPD police officer Josue Ayala. An excerpt:
Through the website www.haveibeenflocked.com, VICTIM ONE became aware that City of Milwaukee Police Officer Josue Ayala used the Flock system, a license plate recognition platform, to run the license plate on VICTIM ONE’S personal vehicle to obtain location information for VICTIM ONE on numerous occasions. VICTIM ONE believed that Officer Ayala ran VICTIM ONE’S license plate over 100 times.
City of Milwaukee Police Detective Tehrangi Chapman conducted follow up investigation by having an audit trail run in the FLOCK system for the time frame of March 26, 2025, through May 26, 2025. During that time frame City of Milwaukee Police Officer Josue Ayala ran the license plate of VICTIM ONE a total of 55 times. The audit trail revealed that Officer Josue Ayala also conducted a search of a second license plate number belonging to VICTIM TWO a total of 124 times during the same time frame. During the time frames that Officer Ayala conducted the searches of each license plate, Officer Ayala was on duty working for the City of Milwaukee Police Department.
The Flock system requires the user to enter a reason for the license plate search. On each occasion that Officer Ayala used the Flock system to search for license plate of VICTIM ONE or VICTIM TWO, Officer Ayala listed the reason for conducting the search as “investigation”
I’ll spare the technical details here, but the discrepancy between the victim’s reported number (over 100) and the audit’s number (55) is explained by redactions; the inaccuracy is a direct consequence of deliberate obfuscation.
The policy violation should have been caught by Milwaukee PD during its regular audits.[1]
If the CJIS framework applies, which Flock often implies, this should have been caught by the Wisconsin Department of Justice, which oversees Milwaukee PD. If the DOJ had missed it, the FBI’s CJIS division should have caught it.
If these were state or nationwide searches, as most searches are, this should also, independently, have been caught by all the other involved departments.
No independent auditors exist, nor does Flock audit anything.
In fact, the FBI and Flock’s recent changes were explicitly designed to make it more difficult to catch exactly this type of violation.
Nobody in an ostensibly multi-layered system of oversight caught the problem; once again it was a private citizen—the victim in this case—who had to do the job public officials promised they’d do. And again, the problem came to light as a result of complete, unredacted audit log information—including license plate numbers.
In January, public audit logs got an officer fired. Today, they got one criminally charged. The ACLU wants to make sure there isn’t a third time.
Now that Flock has deleted the information that made both cases possible, any future similar incidents will almost certainly go unnoticed. As long as there are no alternatives for effective oversight, and as long as there is unregulated privatized surveillance, public audits are the best we can hope to do.
I will continue advocating for exactly that.
Note
Update 2/25 11pm: The ACLU of Wisconsin issued its own response to the Ayala charges, calling for transparency standards including “annual public reporting on surveillance technology acquisition and use across the state.” The statement cites a Wisconsin Examiner report that MPD logged “investigation” as its search justification over 1,000 times in 2025 — a statistic derived from the same audit log data the national ACLU wants exempted from public records.
2/28/2025: Updated with ACLU/EFF lawsuit information.
I’m simply assuming Milwaukee PD has a policy to regularly audit logs. If not, it does not diminish the point. ↩︎