Denver Council ALPR Email

As a Denver resident and someone with over thirty years of experience in the tech industry, I urge you to vote NO on the proposed Flock Safety ALPR contract. Beyond questions of cost and effectiveness, these systems pose a very real (and well-documented) threat to vulnerable people, especially migrants and women seeking reproductive healthcare.

These are not abstract fears. Over the course of my career, I’ve seen firsthand how systems like Flock’s are architected in ways that almost invite misuse, even if that misuse is unintentional. Before casting your vote, I hope you’ll seriously consider the following:

• Data doesn’t stay local. Despite what’s claimed, Flock openly promotes its API and data-sharing features, allowing for easy integration with third-party tools. This means that agencies like ICE—or out-of-state law enforcement—can potentially access Denver’s data without any meaningful oversight or accountability.

• Retention policies sound good, but fall apart on contact with reality. Sure, the system might be configured to delete data after 30 days. But what about backups? What about integrations that duplicate or store that data? What happens when someone misconfigures a setting, or exports it manually? What if someone runs a report to the screen and simply uses a cell phone to take a picture of it? Retention without enforceability is just a marketing point.

• We’ve already seen how court orders can compel access. Companies like Google, Facebook, and Twitter have all been forced to turn over location and search history data. In states hostile to reproductive rights, this kind of information has been used to identify and investigate people seeking abortions.

• Audit logs are often held up as a safeguard—but in practice, they’re weak. In many systems I’ve worked with, audit logs are never reviewed, are easily manipulated, or rely on easily-bypassed manual inputs. For example, asking someone to simply type in a reason for accessing data—without verification—isn’t a serious deterrent.

• I’ve worked with the DoD and other high-security industries. When the stakes are high, there are strict controls, sometimes requiring data to be accessed only inside a SCIF (Secure Compartmentalized Information Facility). Why would we treat residents’ movements, data that can reveal where they live, worship, seek care, or protest with less care?

• There are Fourth Amendment concerns. In Carpenter v. United States, the Supreme Court ruled that long-term location tracking, considered as 30 days or more, constitutes a “search” and requires a warrant. That likely explains why Flock is so eager to highlight its 30-day retention limit, but again, that assumes perfect enforcement. And 30 days is still plenty of time to build a map of someone’s life.

Let me be clear: voting NO on this contract is not a vote against law enforcement. It’s a vote against building more infrastructure that can (and as the current political environment shows will) be weaponized against people who are simply trying to live safely and access basic rights.

I’ve included a list of resources and graphics to help explain what is at stake, and I’m happy to discuss any aspect of this with you. Please do the right thing. Vote no.

• ACLU Whitepaper on Flock
• Grassroots Pushback Against Flock
• EFF Case Study
• EFF Technology Brief