A 404 Media investigation documents at least 18 incidents of U.S. police officers abusing Flock's automated license plate reader system to track romantic partners and exes, with one Florida officer running more than 100 searches. Flock, which logs 140,000 monthly active users across thousands of departments, calls the abuse rare and is fighting both warrant requirements and the public-records site that surfaced most of these cases.
A new report from 404 Media documents at least 18 cases in which U.S. police officers used Flock's AI-assisted automated license plate reader (ALPR) network to surveil current or former romantic partners, and the publication argues the documented incidents represent only a fraction of the actual abuse. Officers across at least five states have been fired, and some arrested, after their search histories surfaced patterns that had nothing to do with active investigations.
The distinction matters because Flock is not a single camera. It is a national, networked database. Individual ALPR cameras capture plate images, timestamp them, geotag them, and push the records into a shared system that participating agencies can query across jurisdictional lines. A single search can return a vehicle's movement history pulled from cameras owned by dozens of separate departments. That cross-jurisdictional reach is the product's selling point, and it is exactly what turns a casual lookup into a continuous tracking tool.
How the abuse works
The report opens with Jarmarus Brown, an Orange City, Florida officer who, according to investigators, looked up his ex-girlfriend's plate and those of her close family members more than 100 times while on patrol. Colleagues noticed the activity and asked him to stop. He said he would, then kept going. When authorities caught him, Brown admitted he had been "dumb" and attributed the behavior to his emotional state. Investigators describe a broader pattern of controlling conduct, including demands that his partner remain on FaceTime during work hours and an AirTag placed in her wallet.
The technical lesson sits underneath that personal story. Flock's interface is built for speed and low friction, which is appropriate for officers working time-sensitive cases but removes most of the natural barriers that would otherwise slow down misuse. There is no warrant gate, no second-party approval, and no per-search justification that an automated system enforces before returning results. A plate query takes seconds and returns location data that, aggregated over weeks, amounts to a movement profile.
404 Media outlines similar cases in Wisconsin, Missouri, Georgia, and Kansas. The structure repeats: an officer queries an ex's plate repeatedly over months or years, and the conduct surfaces only when the target files a complaint or runs their own public-records investigation. As the report puts it, a plate hit "is the start of an investigation, not the end of one," which means each lookup can branch into associates, family vehicles, and frequented locations.
The numbers, and what they hide
Flock Security cites 140,000 monthly active users and characterizes abuse as "rare." That framing depends entirely on the denominator. The 18 documented cases are not the result of systematic auditing. They are the cases that escalated far enough to end careers or trigger arrests, which is a small and self-selected sample. 404 Media argues this is "almost certainly a vast underreporting," and the mechanism behind that claim is straightforward: departments rarely flag their own officers, so most complaints originate from victims who reconstructed the abuse from public records they obtained themselves.
That detail points to the real accountability gap. The audit trail exists. Every Flock query is logged. But the logs are not proactively reviewed against any standard of legitimate use, so the system records the abuse without surfacing it. Accountability depends on a victim already suspecting surveillance, knowing public-records law, and filing the request.
The regulatory fight
Flock is contesting lawsuits and proposed regulations that would require police to obtain a warrant before running queries. A warrant requirement would insert exactly the friction that the current design omits, forcing a documented, externally reviewed justification before any search. The company's resistance to that standard, combined with its stated position that abuse is rare, places the burden of proof on victims rather than on the system operator.
The report also notes that HaveIBeenFlocked.com, a searchable database of Flock ALPR inquiries assembled from public-records releases, lets people enter their own plate number to check whether they have been queried. 404 Media reports that Flock Security has "repeatedly tried to get that website taken down," which puts the company in the position of fighting the one tool that lets potential victims verify the surveillance its own logs already record.
The broader pattern here is familiar to anyone tracking the deployment of networked surveillance infrastructure. The capability scales nationally, the safeguards remain local and discretionary, and the audit data exists but goes unexamined until an outside party forces the question. Until query logs are reviewed against an enforced standard, or a warrant requirement is imposed at the point of search, the system's design will keep producing exactly the cases this report describes. The full investigation is available at 404 Media.
Comments
Please log in or register to join the discussion