If you drive in San Francisco, your license plate has almost certainly been photographed, timestamped, and geolocated by one of the city’s Flock cameras. The pitch for that system was always that the data stays local, stays controlled, and stays out of the hands of anyone California law says shouldn’t have it. An internal SFPD audit just poked a fairly large hole in that promise.
Check This Out: Best Dash Cams of 2026: How to Choose the Right One for Your Vehicle
According to the department, the audit turned up 299 improper searches of San Francisco’s automated license plate reader network over roughly a year, all run on behalf of out-of-state and federal agencies. Police Chief Derrick Lew disclosed the findings at the June 17 Police Commission meeting. That’s not a rounding error or a handful of curious cops in another state. That’s a search nearly every weekday, for a year, into a database that under California law is supposed to be walled off from exactly those users.
How data supposedly locked to San Francisco ended up in Sacramento, Nevada, and beyond
Here’s the mechanical part that actually matters, because it explains how this happens without anyone hacking anything. SFPD didn’t hand ICE a login. According to the department, no out-of-state or federal agency ever had direct access to its Flock system. Instead, SFPD had granted access to NCRIC, the Northern California Regional Intelligence Center. NCRIC describes itself as the Bay Area’s “all major crimes” intelligence fusion center, one node in the national network of fusion centers that the Department of Homeland Security helps coordinate. It sits at the seam between local police and the federal apparatus, and its entire job is moving information across jurisdictions.
So the vulnerability wasn’t technical. It was structural. Give a clearinghouse whose reason for existing is inter-agency sharing a key to a database that legally can’t be shared across those lines, and the outcome is predictable. The searches were run through NCRIC on behalf of agencies that had no lawful path to the data themselves. Once Lew learned what the audit showed, he cut off NCRIC’s access to the ALPR system and opened an internal review.
What the law actually says
California is unusually specific here, and it’s worth reading the statute rather than the summary. Civil Code section 1798.90.55(b), added by SB 34 back in 2015, states that a public agency “shall not sell, share, or transfer ALPR information, except to another public agency, and only as otherwise permitted by law.” That last clause is the trapdoor everyone forgets. Sharing with another public agency isn’t automatically fine; it still has to be independently permitted by law. Sharing plate-reader data outward to out-of-state and federal agencies falls outside those permissions, which is why “improper” is the operative word in SFPD’s own account.
The practical takeaway for anyone building or overseeing one of these systems: the legal exposure isn’t the camera on the pole, it’s the account permissions in the back end. A single authorized intermediary with broad reach can generate hundreds of violations without a single new camera being installed.
The two searches everyone was bracing for
The politically loaded question in San Francisco was never really “did the feds look,” it was “did the feds look for immigrants or for people seeking reproductive care.” California has spent the last several years specifically hardening its data-sharing rules around both. SFPD’s answer is that neither showed up. In its statement the department said the audit “did not find any inquiries referencing immigration enforcement or reproductive rights investigations,” and it named Immigration and Customs Enforcement and the Department of Homeland Security as agencies that were not involved.
That’s a meaningful distinction, and it’s worth taking seriously rather than waving away. But it’s also a narrower reassurance than it first sounds. “The audit found no inquiries referencing” those topics tells you what the search labels said, not necessarily what the requesting agency ultimately did with a hit. An ALPR query is a lever; the label attached to it is entered by the person pulling it. So the finding is real and it’s better than the alternative, but it rests on the honesty and precision of the metadata, which is a thin thing to hang civil-liberties assurances on.
The vendor’s position
Flock Safety, whose cameras and software underpin the network, has denied that federal agencies directly accessed San Francisco’s system. That’s consistent with SFPD’s own framing, and technically both can be true at once: no direct federal login, but a permitted local intermediary through which federal-interest searches flowed anyway. It’s a useful reminder that “no direct access” and “no access” are not the same sentence, and the gap between them is where 299 searches lived.
Why this should matter to you even if you’ve never set foot in San Francisco
ALPR networks are quietly becoming default street furniture in American cities, and the interoperability that makes them powerful for solving a stolen-car case is the same interoperability that makes containment nearly impossible. The Flock model in particular leans on the ability to search across participating agencies, which is fantastic when you’re chasing an Amber Alert and corrosive when the guardrails on who counts as an eligible searcher are set once and then never re-audited.
There are a few durable lessons buried in the San Francisco numbers. First, audits work, but only after the fact; this problem ran for about a year before anyone counted it. Second, the weakest link in a surveillance data chain is almost never the sensor, it’s the sharing agreement. Third, if you’re a resident wondering whether your local department has similar exposure, the question to ask at a public meeting isn’t “do you have cameras,” it’s “who has query access, is that access logged, and when was it last audited.” Under California’s surveillance ordinances, agencies like SFPD are already required to publish annual reports detailing who received their ALPR data and under what legal authority, which means the paper trail to ask about already exists.
Read Next: The 10 Best Outdoor Knives of 2026: Top-Rated Picks for Hunting, Camping, and Survival
San Francisco caught this one. The uncomfortable part is how ordinary the failure was, no breach, no exploit, just a permission that should never have been granted, quietly doing exactly what permissions do.
