Late last year, shortly before Flock started filing takedown notices, the Houston Investigative Support Center and Investigative Research Team put together an “Officer Safety Situational Awareness Bulletin” about this project, recommending Flock users keep the reasons they enter as vague as possible (“e.g., ‘Investigation’”). The FBI’s Gang division in Atlanta forwarded it to the FBI’s broader “intelligence community.”

The FBI agent provided a summary of the bulletin in his email (emphasis added):

The website lists the total number of searches by an officer, when those searches were conducted, case numbers, the officer’s work schedule, how long they have been employed by the agency, and partial personal identifying information. This poses a significant officer safety risk to law enforcement personnel because suspects can determine if they are the target of a criminal investigation and potentially retaliate against law enforcement and/or those cooperating with law enforcement. Flock has committed to removing officer usernames from future audits.

Under Federal Pressure

This email was sent shortly after Flock’s email blast announcing reduced audit capabilities (“Flock has committed to removing officer usernames from future audits”). The agent who sent the email is based in Atlanta (as is Flock’s HQ). Flock used the same “officer safety” language.

Flock’s removal of critical auditing capabilities was clearly done in coordination with the FBI.

The FBI-endorsed bulletin recommends that, in configuring data sharing, agencies “exclude the states/agencies that release their audit logs.”

Information exchange happens on an ongoing reciprocal basis; the proposal is, in effect, to reduce the operational capabilities of the Flock system for states with effective open record laws, and specifically for agencies in compliance with those laws.

The FBI encourages agencies to violate the law by quietly threatening retaliation against those who don’t.

Follow the law, lose network access.

The Good Recommendations

Recipients of this bulletin should ensure that their agency Flock Administrators check that the agency Flock settings have limited searches to sharing within state only or exclude the states/agencies that release their audit logs. … Flock users should also limit their searches to “My Network” or draw a geofence around the area they wish to search. This will mitigate the risk of information being released by an outside agency that has different criteria as to what is redacted when responding to FOIA requests.

Agreed. Police should not default to pulling nationwide location histories for reasons like “graffiti”, “trespassing,” or “expired tag.” They should not be pulling any location history, of course, but current scopes are especially hard to justify as serving a legitimate investigative purpose.

The nationwide lookup is often cited as a “why we need Flock.” Apparently, when faced with a risk of oversight, that need evaporates. Police seem to prefer less intelligence over more accountability.

Regardless, although the reasons for wanting to reduce the scope and breadth of warrantless searches differ, we can at least agree this outcome is an improvement.

To further improve its recommendation, the FBI might consider suggesting following its own security policy. If the data and audit logs Flock stores are in fact CJI—as Flock and agencies claim whenever convenient—access and dissemination would be strictly limited to those with prior approval and a particularized “need to know.”

That does not include haveibeenflocked.com. It also does not include Flock or random users on the nationwide network (i.e. “paying customers Flock says are probably cool.”)

The Bad Recommendations

Flock Administrators/users should ensure that the reason for the query be as vague as permissible (e.g., “Investigation”).

This is one to take to your city council.

Elected officials have been promised that agencies have the ability to see the reasons for a search. The FBI is now telling agencies across the country not to enter meaningful reasons.

We’ve long known that entered reasons are borderline meaningless, but now, in addition to Flock’s new anti-transparency measures, it is federal policy.

The Ugly Recommendation

[A]gency Flock Administrators should coordinate with their respective Legal Departments to ensure that law enforcement sensitive information is redacted prior to releasing information.

The information on this website is lawfully obtained via public records. This isn’t in dispute: even after filing its takedown requests stating the opposite, Flock admits as much.

Additionally, there is a basic legal reality that license plates are not categorically exempt from open records requests. If Flock (a private corporation) can have access to the data, so can you.

Houston HIDTA appears to agree. Its recommendation is not “you should never release license plates.” Its phrasing signals an awareness that license plates are not categorically “law enforcement sensitive” or confidential for the purpose of public records requests.

At no point does the bulletin suggest that logs were leaked or improperly redacted.

Instead, the bulletin recommends agencies “coordinate with their legal departments.” On this too, we can agree, but for different reasons. The question posed to lawyers should be if sending “law enforcement sensitive” information to an unregulated private company to be disseminated through a “nationwide sharing” network where tens (if not hundreds) of thousands of people have access, would violate state law and federal regulations.

The question should not be the one implied—how agencies can get away with disclosing “sensitive” information to a group of individuals managed exclusively by Flock, while keeping it hidden from “activists” and “self-styled privacy advocates.”

The “Self-Styled Advocates”

A group of self-styled privacy advocates have filed a series of Freedom of Information Act (FOIA) requests with law enforcement agencies around the country to obtain agency Flock audit logs.

In context, “self-styled” is a deliberate pejorative. It is spook-speak used to delegitimize. It implies those seeking accountability aren’t experts or journalists, but meddling hobbyists.

Police use the language of counter-terrorism to describe citizens exercising a statutory legal right. In their framing, a citizen with a PDF reader is a “threat actor,” and a public record is a “vulnerability.”

At the same time, everything, including the actual surveillance data can be disclosed without restriction to Flock, everyone on the national network (as managed by Flock), Flock’s subcontractors, Flock’s gig-workers in the Phillipines, and the Danish corporation Flock uses to record user sessions.

We’re coming up on a year since several P1 CJISSECPOL violations were reported to Flock. Flock still hasn’t announced a patch. A vulnerability exposing real-time locations for officers went unfixed for months. If we are to take the FBI at its word, these vulnerabilities pose less of a threat to officers than public accountability.

Maybe the actual security problem here is the government contracting out the creation of a massive surveillance database based on a company’s claim that it has a “CJIS ACE Compliance Seal” (provided by Diverse Computing, Inc., of Tallahassee, FL).

Regardless, I want to assure the FBI that there is no “group of self-styled privacy advocates.” A handful of individuals have sent me audit logs, and I’ve pulled a few directly off Muckrock. The persistent belief that this project publishes information from many sources is mistaken.

Although as of right now there are 93M records in the database, they cover a limited time period and were sourced from a handful of releases. At the bottom of the daily statistics pages you can see the number of sources that cover a given month, and the number of search records for that month.

In months with more sources we see significantly more searches logged, yet out of the ~6,000 or so agencies using the system, we have logs from maybe a dozen for any given month.

This information is continuously being disseminated to Flock and by Flock. Anyone with access to the Flock system can get more complete, and more accurate, logs than this project has.

If your position is that “a group of self-styled privacy advocates”—which is really one developer in rural Iowa and the folks who have sent him emails—can use inaccurate, incomplete data to derive so much information that it “poses a significant officer safety risk,” what do you think a Flock employee or contractor—or someone exploiting documented, unpatched security vulnerabilities—could do with realtime access to accurate information?

Agencies are right to be worried. They’re wrong to worry about the messenger while ignoring the problem.

What You Can Do

Get Answers from Public Officials

• Does your PD follow the FBI’s recommendation to enter vague search reasons like “Investigation,” or does it require specific reasons and case numbers for every query?
• Has your PD stopped searching data from jurisdictions that comply with public records laws?
• Since Flock has removed officer usernames from audit logs, how does your city verify that individual officers aren’t using this system for personal or other impermissible reasons?
• Do Flock or the FBI have the right to dictate which public records your city is allowed to release?

Get Answers from the Public Record

Even without the logs, it’s worth finding out if your city complies with open records laws, if only so the FBI will continue to recommend that your city be excluded from future searches.

The FBI suggesting consequences for complying with transparency laws underscores the need to remind these self-appointed surveillance authorities that, in free societies, we don’t treat the rule of law as optional for police.

Tired of Self-Styling? Get Self-Certified

Demanding transparency, speaking at local meetings, and writing your representatives is a lot of work. You may want to be more than just a self-styled privacy advocate.

That’s why haveibeenflocked.com is offering you the opportunity to become a Certified Privacy Advocate. If the government is going to pathologize transparency, you might as well have the credentials to back it up.

This certificate is every bit as legitimate as a commercial CJIS seal and it may even fit in a frame if you print it correctly.

Get certified today!

Pay what you want to print as many certificates as you like, or don’t pay at all. If you frame it and hang it anywhere good, send me a picture.