Dear Menlo Park City Council,
Summary Statement
When I presented extensive evidence against ALPR deployment at the May 7, 2024, Council meeting and in my June 19, 2024, letter (copied in this email as well), I warned of specific dangers: privacy violations, data breaches, mission creep, and inefficacy. Recent investigative reports now prove these warnings were not hypothetical but inevitable consequences of ALPR technology itself. The systemic failures documented across California demonstrate that no jurisdiction—regardless of size, intent, or local policies—can prevent these abuses once ALPR infrastructure is deployed.
Conclusion and Demand
The evidence below proves that ALPR dangers are inherent to the technology, not dependent on jurisdiction size or local implementation. These are not "Oakland problems" or "big city issues"—they are fundamental flaws that affect every community using ALPRs. Based on this evidence, I demand that the Menlo Park City Council:
Immediately terminate its contract with Flock Safety or any ALPR vendor
Permanently delete all data collected by these systems
Prohibit future deployment of ALPR technology in our city
Why Menlo Park Is Not Immune to These Documented Dangers
Before detailing the new evidence, I must address a predictable deflection: that Menlo Park is somehow different from larger cities experiencing these abuses. This argument fails for several critical reasons:
Same Technology, Same Vulnerabilities: The CISA advisory I cited in June documented seven critical vulnerabilities in Motorola Solutions Vigilant ALPRs. These technical flaws exist regardless of whether the camera is mounted in Menlo Park or San Francisco.
Same Data Networks: ALPR data flows through the Northern California Regional Information Center (NCRIC), as noted in the Staff Report. Once data enters this system, Menlo Park loses control over its dissemination and use.
Same Vendor Practices: Flock Safetys privacy policy, which I previously analyzed, contains the same vague provisions allowing data sharing "if legally required" or in "good faith belief" regardless of which city signs the contract.
Same Human Factors: The 7,000+ database misuses by California officers in 2023 occurred across jurisdictions of all sizes. Menlo Park is not immune to officers misusing data for personal purposes.
New Evidence Confirming My Prior Warnings
1. Data Sharing Violations Are Systemic, Not Geographic
My June letter warned about uncontrolled data sharing through NCRIC. Now we see Oakland and San Francisco—cities with strong sanctuary policies and oversight mechanisms—still sharing ALPR data with ICE. If larger cities with more resources and stricter policies cannot prevent this abuse, Menlo Parks smaller oversight capacity makes us more vulnerable, not less.
2. The 7,000+ Database Violations Vindicate Privacy Concerns
I previously cited research showing 125+ law enforcement agencies experienced data breaches between 2012-2020. The new report of 7,000+ misuses in 2023 alone proves the problem is accelerating. These violations occurred statewide, in agencies large and small, urban and suburban.
3. ICE Database Integration Confirms Mission Creep
My prior submission warned that retention periods and data sharing create surveillance networks beyond local control. The revelation that ICE aggregates ALPR data nationwide proves this isnt speculation—its current reality. Menlo Parks data inevitably feeds this system through NCRIC.
4. AI Integration Exceeds Prior Warnings
When I testified about surveillance expansion, even I didnt anticipate how quickly AI would magnify these dangers. ICEs integration of ALPR data with AI-powered analytics exponentially increases the privacy violations I initially warned about.
5. Technical Vulnerabilities Remain Unaddressed
The CISA vulnerabilities I detailed in June—including missing encryption and insufficiently protected credentials—remain unfixed. The EFFs latest analysis confirms what I stated: these flaws are inherent to the technology and cannot be patched away.
6. The Piedmont Studys Findings Apply Universally
I previously cited the Piedmont Study showing less than 0.3% of ALPR hits generate investigative leads. This inefficacy isnt unique to Piedmont—its a function of the technologys design. Menlo Park cannot expect different results from the same flawed system.
Addressing the "Small City Exception" Fallacy
The Council might argue that Menlo Parks size or character somehow insulates us from these problems. This is demonstrably false:
Hackers Dont Discriminate by City Size: The CISA vulnerabilities affect all deployments equally. Smaller cities often have fewer cybersecurity resources, making them easier targets.
Vendor Control Is Absolute: Flock Safetys contract terms and privacy policy apply uniformly. They dont offer special protections for smaller cities.
Regional Data Sharing Is Mandatory: NCRIC aggregation means Menlo Parks data mingles with that of larger cities, subjecting our residents to the same surveillance network.
Officer Misconduct Is Universal: Database abuse occurs wherever access exists. Smaller departments often have less robust internal oversight.
The Councils Accountability Failure
During the May 7 meeting, Council members claimed they would hold Flock "accountable." I asked then what this meant, noting that legal frameworks only require "notice" of breaches, not meaningful consequences. The documented abuses across California prove that no city has successfully held ALPR vendors accountable for misuse.
Protecting Menlo Park Requires Immediate Action
These are not theoretical risks or problems unique to other cities. They are documented realities of ALPR technology that no amount of local good intentions can prevent. The only responsible action is complete termination of this program.
I commend Council Member Betsy Nash for her foresight in opposing this technology. I urge the remaining Council members to acknowledge these proven dangers and protect our community by immediately terminating the ALPR program.
The evidence is overwhelming. The dangers are proven. The time for action is now.
Sincerely, Soody Tronson Menlo Park Resident Privacy and Technology Attorney
Citations
Moran, N. (2025, July 14). Oakland, San Francisco share license plate reader data with ICE. San Francisco Standard. https://sfstandard.com/2025/01/14/oakland-san-francisco-ice-license-plate-readers/
Electronic Frontier Foundation. (2025, January). California police misused state databases more than 7,000 times in 2023. https://www.eff.org/deeplinks/2025/01/california-police-misused-state-databases-more-7000-times-2023
Cox, J. (2025). Inside a powerful database ICE uses to identify and deport people. 404 Media. https://www.404media.co/inside-a-powerful-database-ice-uses-to-identify-and-deport-people/
Surveillance Watch. (2025). Mapping surveillance infrastructure. https://www.surveillancewatch.io/
Cox, J. (2025). ICE taps into nationwide AI-enabled camera network, data shows. 404 Media. https://www.404media.co/ice-taps-into-nationwide-ai-enabled-camera-network-data-shows/
Electronic Frontier Foundation. (2025, June). Flock Safetys feature updates cannot make automated license plate readers safe. https://www.eff.org/deeplinks/2025/06/flock-safetys-feature-updates-cannot-make-automated-license-plate-readers-safe
Faife, C. (2025). Airlines dont want you to know they sold your flight data to DHS. Wired. https://www.wired.com/story/airlines-dont-want-you-to-know-they-sold-your-flight-data-to-dhs/
Soody Tronson
Menlo Park Resident
Begin forwarded message:
From: Soody Tronson
Subject: Re: Comments re: Staff Report Number: 24-080-CC (May 7, 2024) || Automatic License Plate Readers (ALPR)
Date: June 19, 2024 at 8:52:50 AM PDT
To: city.council@menlopark.gov
Cc: "Nash, Betsy"
Dear Council
As promised, I have updated my letter, which is attached for your review, along with the citations. If you prefer a different format, kindly advise. I’ve include the introduction here as well (but details are in the attached pdf).

June 19, 2024 <>
Dear Council
I wrote extensively (via a couple of emails) and spoke briefly at the Council meeting on May 7, 2024 (emailed that as well) regarding Staff Report 24-080-CC regarding Automatic License Plate Readers.
Soody Tronson
Menlo Park Resident
Even though I was in attendance at the May 7, 2024, Council meeting, I left the meeting not entirely understanding what the next steps would be.
Issues Raised. On the one hand, many issues were raised about ALPRs, including:
- Negative impact on privacy rights,
- lack of substantiated data to support the expenditure and
- Efficacy (despite some "effectiveness" figures in the Staff Report, it was acknowledged during the meeting that the figures did not distinguish between coincidental correlation and causation).
Insufficient Data. While the Staff Report included statements such as "uptake in crime" etc.:
- There was no actual data on numbers or what type of crimes we were experiencing, nor was it known whether ALPRs would be beneficial to mitigating those "crimes."
- Nor did we hear of the circumstances of the Sharon Heights "burglaries" (e.g., will they have been mitigated with ALPR had they been placed where the City is proposing them to be installed, where the doors locked, were there any private cameras).
However, Council comments left me with the impression that reducing the duration of data storage was all that was needed (from 6 months to 30 days).
Accountability. During Council discussions, the Council emphasized that they would hold Flock "accountable." However, it is unclear what the Councils reference to "accountability" exactly means. If Flock fails to protect the data, what consequences will it face? So far, laws only provide for a "notice" requirement and nothing more. That is NOT the same as accountability. For example, sometimes the software will be plain wrong. There is little for the wrongly accused people to clear their names. As for Flock? Its not the companys problem. As its head of marketing states, using the software inappropriately would be a "breach of contract."[1] But that is hardly a mechanism for accountability.
Request. I request clarification on:
- What information (e.g., substantiated data-driven success and failures of the ALPR (related to the "crimes in Menlo Park") does the MPPD have to come back with to support its request to implement fixed ALPRs?
- What is the "accountability" or consequences the vendor or the MPPD will face if either breaches the terms of the "agreement" or laws?
- How do you determine the sufficiency of the data-retention period: 2 hours, 24 hours, 30 days, or six months?New Hampshire, for example, mandates footage of non-hit plates be deleted after three minutes.
- Can we have a report on the usage of various "surveillance technology" tools and military equipment MPPD is using?
ALPR Lack of Efficacy. Further, as provided in more detail below, despite the surge in their popularity, the efficacy of ALPRs has largely evaded serious inquiry. A project by the Secure Justice Org. reviewed the investigative leads generated by the ALPRs and the recovery of stolen cars in the City of Piedmont between 2013 and 2019 while comparing occurrences of motor vehicle theft before and after the ALPRs between 2004 and 2021.[2] In the Piedmont Study, the following observations resulted from the analyzed data, which point to the lack of efficacy of ALPRs:
· The ratio of Piedmonts ALPR systems license plate hits-to-investigative leads for law enforcement is subjectively low; less than 0.3% of hits equate to leads;
· The positive correlation between license plate hits, and investigative leads is weak;
· The positive correlation between plate "hits" and stolen vehicle recoveries is weak, indicating more plate hits do not necessarily entail more vehicle recoveries;
· There is statistical support that vehicle thefts after ALPRs are installed are observed to be lower, and
· The market value of recovered stolen vehicles during the years observed exceeds the Citys costs to purchase the cameras. Still, given the absence of evidence of a causal relationship between ALPRs and recovered vehicles, it is not suggested that the costs to the City have been recuperated.
Vulnerability of ALPR. The Cybersecurity and Infrastructure Security Agency (CISA), a component of the U.S. Department of Homeland Security, released an advisory last week that should be a wakeup call to the thousands of local government agencies around the country that use ALPRs to surveil the travel patterns of their residents by scanning their license plates and "fingerprinting" their vehicles.[3] The bulletin outlines seven vulnerabilities in Motorola Solutions Vigilant ALPRs, including missing encryption and insufficiently protected credentials.[4]
Vast Data & Breach. Its a general tenet of cybersecurity that you should not collect and retain more personal data than you are capable of protecting. More than 125 law enforcement agencies reported a data breach or cyberattacks between 2012 and 2020, according to research by former EFF intern Madison Vialpando.[5] The Motorola Solutions article claims that ransomware attacks "targeting U.S. public safety organizations increased by 142 percent" in 2023. Yet, the temptation to "collect it all" continues to overshadow the responsibility to "protect it all." What makes the latest CISA disclosure even more outrageous is it is at least the third time in the last decade that major security vulnerabilities have been found in ALPRs. There have been numerous data breaches over the previous few years.[6]
Vigilantism. While this particular proposal was for the City to acquire Flock, the whole company (and those similar to it) are problematic, to say the least. The direct marketing of such products by Flock (and others) to individuals raises perhaps the most worrisome concern: encouraging vigilantism. These extralegal movements organized to take the law into ones own hands have long been with us. In his classic 1975 study "Strain of Violence," historian Richard Maxwell Brown observed that American vigilantism is an indigenous and deeply rooted part of our shared history. We have a lot of experience with private citizens meeting out their own versions of justice, and it is largely an ugly one.
Thank you. Meanwhile, I applaud Council Member Betsy Nash for not supporting such a governmental overreach. I also wish to thank Council Member Drew Combs for acknowledging that while a handful of Sharon Heights residents were there to support the implementation of ALPRs, we should not lose sight of the unheard voices of many more residents who were not in attendance. We cannot follow the voice of a handful to abridge the civil rights of the many or to justify such an expenditure throughout the City.
Further. The Staff Report (page H-1.2) stated, "In addition to the ALPR, the MPPD also proposed deployment of gunshot detection technology and its relative pricing as a companion to fixed ALPR deployment."
While there are hypes about these surveillance tools, such as ShotSpotter, most are not even effective in what they preach. ShotSpotter, a controversial police technology company, uses money, influence, and secrecy to benefit its bottom line. According to ShotSpotter, it supposedly yields a 97% accuracy rate. However, Boston Police records show nearly 70% of ShotSpotter surveillance technology (another technology used by police) alerts led to dead ends.
Senators Markey, Warren, and Rep. Pressleys Letter. On the ShotSpotter surveillance tool which MPPD is considering, on May 14, 2024, Senators Ed Markey and Elizabeth Warren and Rep. Ayanna Pressley issued a letter asking the U.S. Inspector General to investigate DHS grant funding spent on the ShotSpotter acoustic gunshot detection system, including whether ShotSpotters use may lead to violations of Title VI of the Civil Rights Act of 1964.
It seems that the City of Menlo Park is too eager to not only abridge our civil liberties but also waste our money (yes, whether its M.P., State, or Federal money, its all our money, one way or another) on harmful toys.
Government officials across the U.S. frequently promote the supposed, and often anecdotal, public safety benefits of automated license plate readers (ALPRs), but rarely do they examine how this very same technology poses risks to public safety that may outweigh the crimes they are attempting to address in the first place. When law enforcement uses ALPRs to document the comings and goings of every driver on the road, regardless of a nexus to a crime, it results in gargantuan databases of sensitive information, and few agencies are equipped, staffed, or trained to harden their systems against quickly evolving cybersecurity threats.
Widespread Use. While the City touts the widespread adoption of these surveillance tools as justification to purchase and use them, it should actually be a wakeup call to us all that before too long, if we dont object, we will have no more rights left.
For more resources, please see the following sections.
[1] https://www.latimes.com/business/story/2019-09-12/flock-safety-license-plate-readers-los-angeles
[2] https://static1.squarespace.com/static/5edeeebc3032af28b09b6644/t/64a46a417c2a6637212e1ce3/1688496710563/2021_11_30_alpr.pdf
[3] https://www.cisa.gov/news-events/ics-advisories/icsa-24-165-19
[4] https://slate.com/technology/2019/09/flock-automatic-license-plate-readers-neighborhood-surveillance.html
[5] https://www.youtube.com/watch?v=58lICmpJTCk
[6] https://www.eff.org/deeplinks/2024/06/new-alpr-vulnerabilities-prove-mass-surveillance-public-safety-threat
_____________________
On May 7, 2024, at 9:18 PM, Soody Tronson > wrote:
Dear Council
It appears that I mistyped the email address before, so resending.
Here are also my comments (I did not read all of them) … my annotated document is in the pdf below (in form of footnotes to the Staff Report).
Good evening. I’m Soody Tronson, Menlo Park resident and privacy and technology attorney. Unfortunately, I did not get a chance to organize a group to show up so I will speak for me and previous exchanges with other residents of like mind.
The widespread scanning of license plates inevitably involves the collection of data from individuals who are not suspected of any crime. The retention of such data can lead to situations where innocent peoples movements are tracked and stored, potentially for years. This mass surveillance approach goes against the principle that individuals should not be subject to invasive monitoring without just cause. Anecdotal evidence of successful outcomes for use of such readers in vacuum does not do our constitution on which our society was built justice. Cities grow, populations increase and with it, even crime. Reminiscing about good ole times of "safer” communities does not make me feel safer!
This item has appeared at least 3 times on the agenda in recent months that I know of.
In previous comments, I provided a write up and references as to why Flock and other surveillance tools are not only unreliable, but opposed by organizations like ACLU, EFF. I provided a few again today. Instead, while Staff Report makes light of those items in its Report, it never rebuts the concerns raised in these reliable references.
My email today, rather only provided comments regarding the language and unjustifiable inferences drawn by the Staff.
To make it easier, I’ve added them as footnotes to the original Staff Report. Here I will make some random general comments.
The report references existing system NCIC … The NCIC database against which cars are automatically run is problematic because it is exempted from the 1974 Privacy Act, meaning accuracy and timeliness of the data is not required. Additionally, the retention period is dangerous because it can reveal sensitive information like places of worship, medical visits, relationships, and political activities. I recommend the ACLU report that I forwarded to Council before and again today.
The manner in which most of Staff Reports are presented, including the current Report, use conclusory statements and some numbers to justify their position. It provides numbers without showing the underlying circumstances, methodology, other factors, to show what at best is correlation as opposed to causation.
For example, how many burglaries were in Sharon Heights, what was taken, was there any precautions the property owner could have taken to reduce the likelihood of burglary (e.g., lock the door? None is provided. And if these readers are placed near major roads (usually less affluent), how do you surveil deep inside Sharon Heights?
Similarly, the Report shows some numbers on property crimes in other cities before and after using Flock. But there is no other information provided so we can’t draw any conclusions.
Staff also makes some outrageous comments that because machines are used, there is no bias. As a technology and privacy attorney, I can confidently say that such statements are severely flawed.
We have to remember that when we put laws in place, we can’t just think of the good actors, like the current Menlo Park police department, but bad actors who may come later. That is having foresight.
What is the return on the investment and what is given up in exchange?
When you say “accountability” what does that mean? If Flock fails in protecting the data, what is the consequence to them? So far, laws only provide for a “notice” requirement and nothing more. Also note that this year alone even government agencies were hacked or had data breaches including IRS, DoD, and USPTO.
As far as costs, the State Grant only covers a short period. And if there are State Grants, does it mean that it’s the correct thing to do and waste more of the City’s money? If we have the funds, why not provide shelter for battered women? We heard from such a fellow resident last time. The Report references “less costly than xyz.” Using such logic skips the key step of need analysis.
And last but not least, while there are some policy changes offered, we should see the actual contract language since Flock’s Government Agency Customer Agreements, are filled with flaws. Flock, especially because it appears to have a monopoly on this system, makes it a non-preferred provider.
Thank you again for giving me the opportunity to address the Council.
Begin forwarded message:
From: Soody Tronson >
Subject: Fwd: Comments re: Staff Report Number: 24-080-CC
Date: May 7, 2024 at 4:22:46 PM PDT
To: City of Menlo Park >
Cc: Betsy Nash >
A few of more references … there are plenty of them.
https://www.acluok.org/en/news/threat-privacy-and-civil-liberties-automatic-license-plate-readers#:~:text=Flock%20maintains%20the%20system%20is,in%20the%20criminal%20legal%20system
https://www.acluok.org/en/news/threat-privacy-and-civil-liberties-automatic-license-plate-readers#:~:text=Flock%20maintains%20the%20system%20is,in%20the%20criminal%20legal%20system
https://www.eff.org/deeplinks/2022/11/rise-police-advertiser
https://www.eff.org/deeplinks/2022/11/rise-police-advertiser
https://slate.com/technology/2019/09/flock-automatic-license-plate-readers-neighborhood-surveillance.html
https://slate.com/technology/2019/09/flock-automatic-license-plate-readers-neighborhood-surveillance.html
https://www.forbes.com/sites/thomasbrewster/2024/02/27/flock-safety-surveillance-broke-state-law/?sh=6d48f4102a8f
https://www.forbes.com/sites/thomasbrewster/2024/02/27/flock-safety-surveillance-broke-state-law/?sh=6d48f4102a8f
https://www.beaconjournal.com/story/news/2022/06/14/norton-rejects-surveillance-cameras-week-after-akron-approval-flock-safety-privacy-hacking-license/7619817001/
https://www.beaconjournal.com/story/news/2022/06/14/norton-rejects-surveillance-cameras-week-after-akron-approval-flock-safety-privacy-hacking-license/7619817001/
https://www.govtech.com/public-safety/vehicle-surveillance-prompts-privacy-concerns-in-wichita-kan
https://www.govtech.com/public-safety/vehicle-surveillance-prompts-privacy-concerns-in-wichita-kan
Begin forwarded message:
From: Soody Tronson >
Subject: Comments re: Staff Report Number: 24-080-CC
Date: May 7, 2024 at 3:40:48 PM PDT
To: City of Menlo Park >
Dear Council
I applaud the Staff on their creative writing skills, yet again. The staff reports always set the stage for a “done deal,” full of conclusory statements without factual support.
In Previous comments, I provided a list of references as to why Flock and other surveillance tools are not only unreliable, but opposed by organizations like ACLU, EFF. I can provide them again if needed.
I have only provided comments regarding the language and unjustifiable inferences drawn by the Staff.
To make it easier, I’ve added them as footnotes to the original Staff Report.
Best
Soody Tronson
Menlo Park Resident
Privacy and Technology Attorney
