Oklahoma City police spend $270,000 yearly, totaling nearly $800,000 over a contract period, on automated license plate reader (ALPR) data access through Flock Safety. The system records detailed vehicle data—make, model, damage, even bumper stickers—but lacks basic oversight, audit logs, or transparency rules regarding who accesses this information.
Unchecked Access to Surveillance Data
A local resident’s Freedom of Information Act (FOIA) requests revealed that the Oklahoma City Police Department (OCPD) has no published access controls for the ALPR system. This means anyone with clearance can search vehicle data without violating written policy, as no prohibited-use standards exist. The department also has no disciplinary guidelines for misuse, such as stalking, and doesn’t track who accesses the data or how often.
This absence of oversight is particularly concerning given the system’s capabilities: Flock cameras effectively watch every vehicle passing their locations, compiling a vast database of movements and vehicle details. Without audit trails, it’s impossible to prove misuse—but also impossible to prevent it.
Legal Ambiguity and Privacy Concerns
Oklahoma law restricts ALPR use to insurance enforcement under §47-7-606.1, but doesn’t regulate other ALPR systems operating under separate authority. This creates a legal gray area, allowing the OCPD to operate outside strict limitations.
Nationwide, ALPR cameras have faced criticism due to security flaws and documented misuse by law enforcement: unauthorized access to vehicle data and questionable searches have led to disciplinary action or criminal charges in multiple cases. In these instances, misuse was only uncovered after citizens requested access logs.
Without oversight, surveillance data becomes a tool for abuse, not just enforcement.
The OCPD’s lack of tracking makes proving misuse difficult, but the absence of controls itself raises serious privacy concerns. The department effectively operates a high-tech surveillance system with no formal policy preventing abuse. This is a clear failure of accountability in an era where data privacy is paramount.
