(SAN FRANCISCO, CA) -- Millions of drivers pass automated license plate reader (ALPR) cameras every day. In San Francisco, nearly 500 of these cameras are operated by Flock Safety, the country's largest ALPR manufacturer.
While law enforcement says that they have contributed to a massive reduction in crime in the city, these cameras remain highly controversial for a variety of reasons, including federal access security breaches, police misuse, and the ripe potential for cyberattacks.

Photo Credit: City of Kettering
What do Flock Cameras Record?
Flock Safety cameras do more than read license plates.
Each time a vehicle passes, they can record:
License plate number
Date and time
GPS location
Direction of travel
Vehicle make
Model
Color
Body style
Visible features such as roof racks, bumper stickers, or vehicle damage
The cameras capture still images, not continuous video. Flock states they do not use facial recognition.
ALPR cameras are designed to make vehicle records searchable, so investigators can determine where a vehicle has previously been seen.
The images disappear from the SFPD’s database after 365 days if they are not involved with a crime. While Flock’s default setting is deletion after 30 days, SFPD’s specific policies allow it to remain for a year.
How Are the Cameras Used?
Police typically search the database after a crime has occurred. Common investigations include homicides, robberies, missing persons, and carjackings. Flock cameras are not designed to measure vehicle speed or monitor for minor traffic violations.
Officials widely credit ALPR technology with contributing to a massive drop in citywide crime since their deployment in March 2024, including a 44% reduction in major crimes and a 54% decrease in car thefts in 2025.
Despite this, ALPR systems have an accuracy rate of 93%, meaning they misread or fail to capture about 7% of passing plates. This has contributed to some cases of innocent drivers being stopped or investigated.
How Many Cameras Are in San Francisco?
Today, the city operates approximately 468 cameras, making it one of California's larger municipal ALPR systems. Over 100,000 Flock cameras are installed across the United States, with more than 5,000 publicly funded law enforcement agencies using Flock Safety.
Thousands of private organizations also operate cameras.
The network extends across cities, suburbs, and rural communities, allowing investigators to follow vehicles across jurisdictional boundaries.
Where Are the Cameras Located?
Flock cameras are commonly installed at major intersections, highway entrances and exits, shopping centers, schools, hospitals, and parking lots.
You can access a map of all flock cameras in the country here.

Photo Credit: Map of Flock cameras located in San Francisco.
Who Pays for Flock Cameras?
Funding varies depending on the location.
Public funding
In San Francisco, the initial deployment was funded through a California Board of State and Community Corrections grant focused on organized retail theft.
Other cities commonly use state governmental funding or grants.
Private funding
Across the country, many cameras are purchased by:
Homeowners associations
Shopping centers
Apartment complexes
Hospitals
Universities
Business improvement districts
Private companies
These organizations often purchase cameras to reduce theft, improve security, provide evidence to police, lower insurance costs, and increase perceptions of safety.
Because private owners can voluntarily share camera data with police, law enforcement gains broader investigative coverage without paying for every camera.
What Are California's Data-Sharing Rules?
California law places significant restrictions on how ALPR data can be shared. San Francisco policy generally limits access to authorized users for legitimate law enforcement purposes. The city's policy also prohibits personal use, political use, searches without a legitimate investigative purpose, and unauthorized sharing with agencies that are not legally permitted to receive the data.
Flock Safety's own acceptable-use policies similarly prohibit users from conducting searches for personal reasons or accessing data without an official law enforcement purpose.
Violations can result in account suspension or termination. While these regulations are theoretically sound, they are often violated in reality.
Security Breach of Flock in San Francisco?
In June 2026, San Francisco disclosed the results of an internal audit. The city found 299 unauthorized searches of its Flock database over approximately one year.
According to Police Chief Derrick Lew, the improper searches occurred through the Northern California Regional Intelligence Center (NCRIC), a fusion center that allows participating agencies to share investigative information.
The audit found unauthorized searches conducted by agencies, including:
Drug Enforcement Administration (DEA)
Internal Revenue Service (IRS)
U.S. Marshals Service
Law enforcement agencies in Idaho
Law enforcement agencies in Oregon
California law generally prohibits this type of access because San Francisco's ALPR data is not intended to be broadly searchable by out-of-state agencies through NCRIC. After discovering the issue, San Francisco disconnected the database from the intelligence center while investigations were launched by the Department of Police Accountability and the Human Rights Commission.
City officials also acknowledged they could not guarantee information obtained by one federal agency was never shared with another agency after the breach occurred.
Misuse by Law Enforcement
San Francisco is not the only jurisdiction to experience misuse.
Across the United States, audits have documented cases where officers improperly searched ALPR databases for personal reasons, including a Kansas police chief who used Flock cameras to track his ex-girlfriend's vehicles for more than four months. He accessed flock data 228 times and even followed her and her new boyfriend in his police car.
Several officers nationwide have been disciplined or terminated after audit logs revealed unauthorized searches.
Privacy advocates argue these incidents demonstrate why searchable location databases require continuous auditing rather than relying solely on internal policies.
Vulnerability to Cyberattacks
Security researchers have identified vulnerabilities affecting connected surveillance systems more broadly.
While there have been no cyberattacks on record yet, videos have circulated in which hackers showcased how easy it was for them to access live video feeds from Flock cameras.

Photo Credit: Benn Jordan explains he was able to hack the cameras in 30 seconds.
The Bottom Line
The technology has become a significant investigative tool for solving crimes, but audits have shown that data-sharing controls have not always worked as intended.
The central question is whether data can remain limited to the legal and policy boundaries established by state law and Flock Safety itself, or whether federal law enforcement and private abuse will lead to the much-feared occurrence of a Flock surveillance state.
0
0
Comments