Flock Camera Controversies

Flock Camera Audit Logs Explained

Audit logs are the part of a Flock camera program that turns trust into evidence. They can show who searched the system, when they searched, and whether the search matched the policy residents were promised.

The short version

A Flock camera audit log is a record of system use. Flock says every search is recorded, tied to a specific user, and reviewable by agencies. That matters because ALPR oversight is not just about where cameras sit. It is about who can search the plate database after the cameras collect data.

Good audit logs can answer basic questions: who ran the search, when it happened, what offense type or reason was entered, what case number was attached, how many cameras or networks were searched, and whether outside agencies accessed local data. Weak audit access leaves residents with a promise instead of a paper trail.

What the logs can show

Flock's own transparency material says every search creates a reviewable record, including who ran it, when they ran it, and the offense type. Flock also says its Transparency Portal can publish a public-friendly search audit with fields such as case number, search reason, offense type, anonymized user identifier, and the number of cameras or networks searched.

Have I Been Flocked's public-records guide separates the logs into three practical buckets: organization audit logs for an agency's own users, network audit logs for other agencies searching through sharing agreements, and portal or public audit logs that may be more heavily redacted. Its guide says organization logs can include operator names, license plates searched, case numbers, reasons, filters, search time, search type, text prompts, and moderation fields.

Why audit logs became a live issue

The audit-log question moved from abstract privacy theory to city-hall reality because communities started finding gaps between written guardrails and actual access. Palo Alto Online reported in March 2026 that Palo Alto was considering a $30,000 outside audit of its Flock contract after Mountain View disclosed unauthorized access to license plate data and disabled its ALPR fleet.

The same Palo Alto report said the city's local policy already required the police department to audit the ALPR system at least once a year, with the internal audit reviewed by the chief and retained on file. That is the practical point. Internal audits may exist on paper, but the public still needs to know what was reviewed, what was found, and whether network-sharing settings matched the city policy.

The difference between internal and public audit logs

Internal logs are useful for supervisors because they can connect searches to named users and specific investigations. Public logs are usually different. They may redact names, plates, case details, or search reasons. That can protect active investigations and personal information, but it can also make the log too vague to prove whether the system was used properly.

A city should not treat a redacted dashboard as the whole oversight system. The better model is layered access: detailed logs for authorized auditors and supervisors, summarized public reporting for residents, and clear rules for what gets redacted and why.

What residents should request

A useful public-records request should ask for organization audit logs, network audit logs, search logs, usage reports, search reasons, case numbers, user identifiers, sharing settings, agency-sharing agreements, annual audit reports, and any written ALPR policy or surveillance use policy.

Ask for the records in the original electronic format, such as CSV or Excel, when possible. Have I Been Flocked notes that Flock audit logs may be available through the agency's Flock admin dashboard on the Insights tab and that customers may download logs as spreadsheets in 31-day increments. That detail matters when an agency says it does not know how to pull the records.

What city officials should check before renewal

Before renewing or expanding a Flock contract, a city should answer the audit questions in public. Who reviews the logs? How often? Are network searches reviewed, or only the local agency's own searches? Are search reasons standardized? Are case numbers required? Are federal, out-of-state, or non-law-enforcement searches blocked unless the city has approved them?

The city should also say what happens when a search violates policy. Flock says permanent audit logs help agencies identify misuse and support accountability. That only works if the agency actually reviews the records, documents findings, and has consequences when the rules are broken.

The checklist

A serious Flock audit should cover organization searches, network searches, user permissions, role-based access, hotlist alerts, sharing settings, search reasons, case-number quality, retention settings, redactions, outside-agency access, and whether any searches conflict with local sanctuary, privacy, or surveillance policies.

The standard should be simple: if the city cannot explain who searched what, why, and under which rule, the audit system is not strong enough. Audit logs do not make ALPR harmless. They make the program testable.

Sources used

Flock Safety, Privacy, Data & Civil Liberties Policies: https://www.flocksafety.com/trust

Flock Safety, How Flock Builds Transparency into Public Safety Technology: https://www.flocksafety.com/blog/how-flock-builds-transparency-into-public-safety-technology

Flock Safety, What Happens if a Law Enforcement Officer Misuses the Flock System?: https://www.flocksafety.com/blog/what-happens-if-law-enforcement-misuses-the-flock-system

Have I Been Flocked, How to Request Audit Logs: https://haveibeenflocked.com/about/audit-logs

Palo Alto Online, Palo Alto looks to audit Flock license plate cameras after breaches in other cities, March 6, 2026: https://www.paloaltoonline.com/public-safety/2026/03/06/palo-alto-looks-to-audit-flock-license-plate-cameras-after-breaches-in-other-cities/