The year closed with a reckoning for Flock Safety. Independent investigators and civil liberties groups documented how a once-local tool for parking lots and neighborhood watch programs grew into a national, networked surveillance infrastructure with real world harms — tracking protesters, enabling discriminatory queries, and surfacing data tied to reproductive healthcare and immigration enforcement. These findings are not theoretical. They come from extensive audits and leaked logs that show patterns of misuse and design choices that make abuse trivial to execute.

Shortly after those investigations landed in public view, Flock announced it would pause pilot programs with federal homeland security partners and promised tighter controls on national searches. That pause matters. It acknowledges two facts regulators and advocates have been warning about for years: Flock’s architecture makes cross-jurisdictional, large scale queries easy, and vendor-side controls and poor communication created pathways for federal access without robust local oversight.

None of this happened in a policy vacuum. Venture capital poured fuel on Flock’s expansion. In March 2025 the company raised a major growth round that valued it in the multibillion dollar range, accelerating deployments to thousands of jurisdictions and pushing the product set beyond license plate readers into gunshot detection and drone capabilities. Rapid growth changed the negotiation power between vendor and city and raised the stakes for procurement decisions.

Local pushback has followed. Public hearings, resignations from advisory bodies, and contract fights cropped up in multiple cities as communities learned that data from local cameras had been accessed by outside agencies. Some municipalities moved to pause or terminate deployments. Other cities doubled down, citing solved auto thefts and trafficking cases. The debate is no longer about whether the technology works. It is about who controls the data, who can query it, and what safeguards are legally and technically enforceable. Oakland’s December vote to renew a contract despite acute concerns about federal access crystallized the tension between a stretched public safety system and a community demanding accountability.

Meanwhile, regulatory and legal risks are emerging on the vendor side. State investigations and licensing reviews in Texas highlighted administrative lapses and raised questions about the admissibility of evidence and the legality of operation when a private security license is in question. Those developments turn procurement headaches into potential courtroom liabilities for agencies that relied on the tool without sufficient oversight.

What does this mean in practice for city officials, procurement teams, and community organizers? The answer is simple and urgent: pause, audit, and harden guardrails. Pausing means moratoria on new deployments until independent audits have validated vendor claims about access controls, audit logging, and search scope. Auditing must include vendor supplied logs, transparency about federal partnerships, and technical verification that flagged searches and blocked keywords are enforced at query time. Hardening guardrails means contractually demanding the ability to revoke access, to receive real time alerts for cross-jurisdictional queries, and to require warrant gating for historical data older than a very short retention window.

Here are concrete steps cities should adopt now:

  • Require public, machine-readable logging of every search and every user ID that performed that search, with logs retained under municipal custody for independent review.
  • Ban national or blanket network searches unless a court order is produced and verified. Allow one-to-one, agency-to-agency queries with supervisory approval and a recorded legal justification.
  • Insert automatic legal filters that reject queries containing explicit medical or immigration terms, and demand independent testing of those filters’ effectiveness.
  • Enforce short retention for raw plate reads and metadata unless a documented crime investigation justifies longer retention; default retention should be measured in days, not years.
  • Build contract clauses giving municipalities immediate suspension and termination rights if vendor misconfigurations expose data to outside agencies.
  • Mandate independent, public audits every 12 months and require vendors to pay for them as a condition of contract renewal.
  • Prefer systems with local custody of raw data when possible, and where feasible evaluate open source or interoperable alternatives to avoid vendor lock in.

Advocates and legal counsel should press parallel strategies. Civil rights groups need to continue pushing for legal action where logs show discriminatory searches. Defense attorneys should challenge prosecutions that rely on data collected under a vendor’s irregular licensing or without proper warrants. State legislatures and attorneys general should close statutory loopholes that allow cross-jurisdictional data pulls without clear legal process.

Technology alone will not fix these problems. Feature changes like keyword blocks and labeled federal accounts are necessary, but they do not change the fundamental risk: a nationwide network of plate readers and audio sensors centralizes location data at scale and creates incentives for mass queries. Meaningful reform must combine technical constraints, binding contractual obligations, public transparency, and statutory protections that enshrine limits on how and why data can be used.

The final months of 2025 delivered a clear lesson. Municipalities that accepted surveillance systems because they promised crime-fighting wins now face hard choices about oversight, liability, and community trust. Cities can and should have tools to protect residents, but those tools must be bounded by privacy-preserving design, public governance, and enforceable contracts. If your city is negotiating or renewing a deal with a vendor like Flock, do not treat the vendor as merely a supplier. Treat it as a critical infrastructure partner whose access must be limited, audited, and reversible.

If communities want safer streets without surrendering civil liberties, they will need to demand procurement that prioritizes oversight over features, accountability over marketing, and proven independent validation over vendor assurances. The alternative is the slow creep of normalized surveillance that produces short-term headlines and long-term harms. That outcome is avoidable. It will take policy clarity, political will, and technical vigilance to ensure public safety technology protects communities without undermining the rights it is supposed to defend.