Flock Safety Cameras Are Packaged In Lies

By Tom Ritter – NJ Criminal Podcast

Episode & Related Links

Full episode on YouTube: https://youtu.be/YTEHdObW-Z0?si=mUhljx6gOKlDVmSs

Episode page – NJ Criminal Podcast: https://www.njcriminalpodcast.com/flock-safety-dunwoody-and-new-jersey-the-hidden-surveillance-infrastructure-no-one-voted-for/

LinkedIn article on this topic: https://www.linkedin.com/posts/legal-content-marketing_flock-activity-7447983529965105152-KdDU

Summary

Across New Jersey, small black boxes have quietly appeared on poles at neighborhood entrances, intersections, parks, and commercial corridors.

They are Flock Safety cameras – marketed as simple license plate readers that help find stolen cars and missing kids. In reality, they are nodes in a privately run surveillance network that can track vehicles, watch people, and share data far beyond what most residents – or even many council members – realize.

This article expands on my long-form episode of the New Jersey Criminal Podcast, leveraging my background in legal marketing and EEAT-driven content to unpack Flock’s technology and the verified internal logs obtained from Dunwoody, Georgia. Those logs reveal that:

• Dunwoody was told only two neighboring agencies could view its live cameras, while audit data shows over 1,200 external agencies with live-view permissions and hundreds allowed to record streams.
• Private camera networks at the Marcus Jewish Community Center (MJCC) – labeled “Do Not Share” – were nevertheless shared with outside agencies, including live, recorded, and download access.
• Named Flock employees and internal entities like “Flock Intelligence” ran hundreds of searches and live-view sessions on Dunwoody’s cameras, including pools, gyms, preschool hallways, and a gymnastics room.
• Phantom accounts (“Invalided user uuid”) and automated users (“Auto-approved”) performed high-impact role changes and data sharing, undermining claims of robust audit trails.

The same vendor, same architecture, and same sales narratives are now operating in New Jersey. This piece is written to help attorneys, journalists, policymakers, and residents move beyond the marketing and ask the only questions that matter: Who else is watching? What can they see? And how would we ever prove it – or stop it – if something goes wrong?

Table of Contents

1. Introduction: From “Smart Cameras” to a Quiet Surveillance Network
2. What Flock Safety Actually Is (Beyond the Sales Pitch)
3. Dunwoody, GA: What the Internal Logs Reveal
4. Named Flock Employees and Their Viewing Patterns
5. The New Jersey Risk Surface
6. Questions Every New Jersey Town Should Answer in Writing
7. FAQ
8. Source Index & Further Reading

1. Introduction: From “Smart Cameras” to a Quiet Surveillance Network

Flock Safety arrived in New Jersey the way most police technology does: through a reassuring story. Local officials were told they were getting “automatic license plate readers” – ALPRs to help find stolen vehicles, hit-and-run drivers, and missing children. The messaging emphasizes public safety, not surveillance.

The legal and marketing language is carefully chosen. ALPR. LPR. “Valuable tool in deterring crime.” In Monroe Township, for example, the mayor’s column described Flock license plate readers as a way to protect neighborhoods, with little public detail on data retention or sharing practices.
Source: Monroe Township Mayor’s Column – “Flock License Plate Readers – A Valuable Tool in Deterring Crime,” 24 Mar 2025.
https://www.monroetwp.com/index.php/mayor-council/the-mayor-s-column/1882-flock-license-plate-readers-a-valuable-tool-in-deterring-crime

But as privacy researchers, civil-liberties lawyers, and local organizers have started to uncover, Flock is not just a camera vendor. It is a nationwide data platform that links local cameras into a shared, searchable network. Its ALPRs can be upgraded into always-on live-view cameras. Its cloud software, FlockOS, allows thousands of agencies to run queries across each other’s data. And in at least one city – Dunwoody, Georgia – internal logs show Flock employees treating a real community like a live testbed.

To understand what this means for New Jersey, we need to start with the technology, then move into the evidence.

2. What Flock Safety Actually Is (Beyond the Sales Pitch)

2.1 Hardware: From ALPR to full-motion surveillance

Flock’s core devices fall into two broad categories:

• Automatic License Plate Readers (ALPRs)
  These cameras capture high-resolution images of passing vehicles, extract plate numbers, and log date, time, and GPS coordinates. They also generate a “vehicle fingerprint” – make, model, color, body style, visible damage, roof racks, decals – enabling searches even when the exact plate is unknown.
• Live-view video cameras
  Branded under products like Condor, these are full-motion video cameras deployed at parks, dog parks, trails, intersections, city facilities, HOAs, schools, religious campuses, and private campuses. They often include pan–tilt–zoom and low-light capabilities.

In practice, many “LPR-only” deployments have been quietly upgraded to live-view, without a fresh public vote or contract debate. Residents who thought they were approving a plate scanner now live under an integrated video grid.

2.2 Software: FlockOS, Vehicle Fingerprints, and cross-agency search

The real power of Flock is in its software layer, FlockOS. That platform allows authorized users to:

• Search by full plate, partial plate, or vehicle fingerprint attributes.
• Map vehicle sightings over time, creating detailed travel histories.
• Identify vehicles that frequently appear together in space and time (“convoy” or association analysis).
• View live and recorded video from any camera the agency has access to or that has been shared by another organization.

Flock strongly encourages agencies – and even private partners – to share their networks with each other. That means a small suburb’s cameras can become part of a much larger search space. A vehicle passing through New Jersey may be queried by agencies across the country, depending on how sharing is configured.

This model has already triggered legal challenges in other states. In California, for example, a class action lawsuit alleges that Flock violated state ALPR law by allowing out-of-state and federal agencies to search California drivers’ data millions of times, without proper local authorization.
Sources:
KTVU – “Class action lawsuit alleges Flock license plate readers violate CA law, privacy residents.”
https://www.ktvu.com/news/class-action-lawsuit-alleges-flock-license-plate-readers-violate-ca-law-privacy-residents
Gibbs Mura – “Flock License Plate Cameras Face Class Action Lawsuit by Gibbs Mura A Law Group.”
https://www.classlawgroup.com/flock-license-plate-cameras-face-class-action-lawsuit-by-gibbs-mura-a-law-group

3. Dunwoody, GA: What the Internal Logs Reveal

Dunwoody is a suburban city north of Atlanta with parks, a thriving commercial core, and the Marcus Jewish Community Center (MJCC) – a major hub for families, fitness, and preschool programs. It also embraced Flock’s vision of an integrated “Real Time Crime Center.” Flock’s own marketing has celebrated Dunwoody as a flagship deployment.
Source: Flock Safety – “Dunwoody Police Department Unveils Real Time Crime Center Powered by Flock,” 7 Aug 2025.
https://www.flocksafety.com/blog/dunwoody-police-department-unveils-real-time-crime-center-powered-by-flock

What makes Dunwoody unique is not just the deployment – it’s the documentation. Thanks to a series of Georgia Open Records Act requests, internal Flock logs and configuration exports from Dunwoody’s system have been made public. These include:

• Organization and network audit logs (who searched what, when, and from which org).
• Shared-network configurations (which agencies had access to which cameras and data).
• User exports and IT security assessments.

The site Have I Been Flocked? has published detailed analyses of these logs, making Dunwoody one of the clearest windows into how Flock’s platform functions in the real world.
Sources:
Have I Been Flocked – “Data update: Dunwoody GA (Mar 2026).”
https://haveibeenflocked.com/news/dunwoody-ga-mar2026
Have I Been Flocked – “Data update: Dunwoody GA (Apr 2026).”
https://haveibeenflocked.com/news/dunwoody-ga-apr2026

3.1 “Only two agencies” vs. 1,200+ with access

In a March 2026 city council meeting, Dunwoody police leadership publicly stated that only two neighboring agencies – Brookhaven and Chamblee – had live-camera access, and that any live-view usage was “strictly reviewed and on a case-by-case basis.”

The logs tell a different story. According to the Mar 2026 data update:

• Over a 12-month period, more than 3,500 organizations ran queries on Dunwoody’s network.
• Flock’s own analytics show that at least 1,200+ external agencies had been granted live-view and/or network access of some kind.
• There were over 23 million network audit entries for Dunwoody’s Flock data in that period – an enormous volume relative to the city’s size.

Local coverage has picked up the disconnect between public assurances and actual network behavior. Rough Draft Atlanta, for example, reported on community concerns about data sharing and council decisions to delay Flock contract renewals while they investigate.
https://roughdraftatlanta.com/2026/03/30/flock-data-sharing-concerns/

3.2 MJCC “Do Not Share” networks that were shared anyway

One of the most troubling findings involves the Marcus Jewish Community Center network. Inside Dunwoody’s Flock configuration, MJCC cameras appear with labels such as:

“Dunwoody GA PD – Atlanta JCC Avigilon (Do Not Share)”

Despite that explicit label, the logs and shared-network exports show that on multiple occasions:

• MJCC camera networks were shared with external agencies.
• Permissions included canViewLiveStream, canViewRecordedStream, and canDownloadRecordedStream.

In other words, outside agencies could:

• Watch live video from MJCC pools, gyms, and interior spaces.
• Review recorded footage.
• Download clips and remove them from the system.

Yahoo News has reported that Flock cameras “inadvertently shared live footage from the Marcus Jewish Community Center … despite settings meant to prevent sharing,” noting that this contributed to contract renewal delays and local controversy.
https://www.yahoo.com/news/articles/flock-safety-cameras-made-georgia-154027068.html

Atl Press Collective likewise documented that Dunwoody PD “shared MJCC camera data despite the network being labeled ‘do not share’,” and that council deferred the Flock 911 contract over security, data, and privacy concerns.
https://atlpresscollective.com/2026/03/26/dunwoody-flock-safety-contract-march-update/

3.3 Phantom and automated users

The Dunwoody exports also reveal serious issues with user accountability:

• A system account labeled “Invalided user uuid” appears in the logs performing role changes and other high-impact tasks, even though this is not a human-readable, attributable identity.
• An automated or system user named “Auto-approved” conducted roughly 1,900–2,000 automatic shares of Dunwoody data with external agencies, without evidence of individualized human review.
• Named users such as “John Watson” appear in event logs tied to configuration changes but do not appear in the official user-export, which should list all current and historical accounts.

When you combine these findings with the volume of external access and the sharing of “Do Not Share” networks, the picture that emerges is not one of a tightly controlled, fully audited system. It is a platform where large categories of activity are hard to attribute, and where “no one is looking at this except for legitimate law enforcement use” is no longer credible.

4. Named Flock Employees and Their Viewing Patterns

Perhaps the most unsettling aspect of Dunwoody’s logs is the behavior of Flock-affiliated entities themselves – including “Flock Safety – Admins,” “Flock Safety – Engineering,” and an internal org called “Flock Intelligence.” These entities collectively performed hundreds of searches on Dunwoody’s cameras, including AI-driven freeform queries like “chicken truck,” “cattle truck,” and “lawnmower.”
Source: Have I Been Flocked – “The Platform: Flock Safety Is Running on Promises, Not Policy.”
https://haveibeenflocked.com/news/the-platform

Local coverage and my own review of the logs also show named Flock employees with business and executive titles accessing live-view cameras in patterns that are hard to reconcile with any clear investigative need.

4.1 Business development and executive access to pools, gyms, and preschool areas

Among the sessions documented in Dunwoody’s logs:

• A Flock business development manager for 911 products, based out of state, was granted live-view access and used it to:
  • Click through traffic cameras.
  • Park on a library camera for an extended period.
  • On another day, cycle through MJCC baseball fields, gym cameras, and a pool camera labeled “Main Pool Right,” with no further activity for hours.
• A Flock vice president for strategic relations logged in to view a single camera in the MJCC gymnastics room and did not touch any other cameras that day, with the next recorded activity more than a week later on a skate park feed.
• Other Flock staff sessions show tours of:
  • MJCC pools and pool interiors.
  • Fitness studios and weight rooms.
  • Preschool entrances and hallways.
  • City Hall holding cells and interior corridors.

Again, the logs show what happened; they do not state motive. But from a governance and civil-liberties standpoint, the question is not “what were they thinking?” It is “why did they have this access at all, and how would anyone know if it was abused?”

4.2 Flock’s public privacy claims vs. logged behavior

Flock’s own “Trust” page emphasizes that:

• Agencies own their data.
• Employee access is strictly limited and logged.
• Local agencies remain in control of sharing settings and usage.

Yet, in Dunwoody:

• Flock-affiliated orgs and employees were actively running searches on city data and live-view cameras.
• “Do Not Share” networks were shared and accessed.
• Automated and phantom accounts were performing high-impact operations with limited visibility.

This gap between promise and practice is a core theme of both the podcast episode and this article. When a vendor’s architecture enables broad, hard-to-audit access, marketing claims about “privacy by design” should be treated as assertions to verify, not guarantees to assume.

Source: Flock Safety – “Privacy, Data & Civil Liberties Policies.”
https://www.flocksafety.com/trust

5. The New Jersey Risk Surface

New Jersey is particularly vulnerable to the risks exposed by Dunwoody because it is structurally well-suited for Flock’s model:

• Dense, overlapping road networks (Turnpike, Parkway, major bridges, commuter routes).
• Suburban bedroom communities feeding into New York and Philadelphia.
• High concentrations of malls, warehouses, HOAs, gated communities, schools, and religious institutions.

In a state like this, even a relatively small number of Flock cameras can create:

• Comprehensive vehicle travel histories for commuters.
• Detailed maps of visits to sensitive locations (clinics, synagogues, mosques, political meetings, protests).
• Patterns of association between vehicles and households over time.

The r/newjersey community has already flagged concerns about Flock cameras, cross-jurisdictional sharing, and the potential use of these systems to bypass warrant requirements.
https://www.reddit.com/r/newjersey/comments/1cgpsj5/flock_cameras/

But to date, most official messaging in New Jersey mirrors Monroe Township’s: strong on “deterring crime,” vague on:

• Exact retention periods.
• Full lists of external agencies with access.
• Live-view vs. ALPR-only deployments.
• Vendor employee access and technical controls on misuse.

6. Questions Every New Jersey Town Should Answer in Writing

If your town has Flock cameras, the Dunwoody case study and the national lawsuits are more than cautionary tales – they are prompts for concrete oversight. At minimum, local officials should be able to provide clear, written answers to:

6.1 Retention

• What is the exact retention period for Flock data (plates and video)?
• Has that period ever been extended? If so, when and why?

6.2 Access & sharing

• Which agencies (local, state, out-of-state, federal) can:
  • Search our plate data?
  • View our live-view cameras?
• Are any fusion centers, task forces, or federal entities included?

6.3 Vendor access

• Under what conditions can Flock employees access our data or live cameras?
• Are employee accounts individually named and attributable (no generic “invalid” or “auto” accounts)?
• Are support sessions auditable by the agency, not just by Flock?

6.4 Audit & accountability

• Can the agency independently export and review audit logs showing:
  • Who accessed which data.
  • When they accessed it.
  • For which case or incident identifier.
• Can the system distinguish between a quick camera check and extended viewing sessions?

6.5 Private networks

• Are any private networks – schools, religious institutions, HOAs, JCCs, campuses – integrated into Flock?
• How are those networks labeled (e.g., “Do Not Share”), and what technical enforcement backs that label?

7. FAQ

8. Source Index & Further Reading