Resident of the world, traveling the road of life
69493 stories
·
21 followers

How Cops Use Flock to Track People, Not Cars

1 Share
How Cops Use Flock to Track People, Not Cars

Police departments around the country have used Flock cameras at least hundreds of times to search for specific people, not cars, using searches such as “heavy-set male with a black and white hat,” “person on skateboard,” and “person wearing orange vest and construction hat,” according to data reviewed by 404 Media. Sometimes searches reference a target’s race or signs of their political affiliation.

The searches highlight that while most people associate Flock cameras with scanning license plates and tracking vehicles, some of the cameras are also capable of following the movements of particular people or groups of people. Flock’s nationwide network of cameras lets police officers in one state search for a vehicle across many other states at once; the people searches do a similar thing, typically on a smaller scale, sometimes querying many hundreds of cameras at once. These are called “FreeForm” searches, and allow cops to use Flock’s system as though they would use a search engine, with Flock’s AI and image recognition interpreting what footage and which people are relevant to a police officer’s search.

“Much of the world hasn’t quite caught up yet to how much more powerful a surveillance camera is today compared to a few years ago. AI video analytics means that giant oceans of video data can now be searched the same way big text files can be, including for sensitive content such as t-shirts, tattoos, and bumper stickers. Even without face recognition, that’s a significant increase in surveillance capability,” Jay Stanley, senior policy analyst for the American Civil Liberties Union’s (ACLU) Speech, Privacy, and Technology Project, told 404 Media in an email.

“This is a classic bait-and-switch. Your town was pitched a tool to catch stolen cars and find missing kids,” Tom Bowman, policy counsel, security & surveillance, at the Center for Democracy & Technology, told 404 Media in a statement. Instead, cops now have the capability to search for a specific person or description of a person across a wealth of camera networks at once. “It's like being sold a smoke detector and only later finding out it's been recording every conversation in your house.”

💡
Do you know anything else about Flock? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.

The searches sometimes stretch across dozens or even nearly a hundred networks of Flock cameras at once. Sometimes the searches are so vague that they can pull up images of innocent or unrelated people. Other examples in the data reviewed by 404 Media include:

  • Dunwoody GA PD looking for someone wearing a “backpack,” and later “person walking” and “black sweatshirt.” The latter two searches were across nine networks of cameras each
  • Pocatello ID PD searching for “a male on foot” across 38 cameras. Another search was “atlanta falcons,” referencing the NFL team
  • Corona CA PD searching for “american flag shirt” and “dodger shirt.”
  • Milford CT PD looking for “male with tattoos,” “male with brown hair,” and “woman blue shirt,” across more than a hundred cameras
  • The California Highway Patrol looking for someone wearing a “gray shirt” across 274 cameras
  • The Texas Department of Public Safety searching 96 networks of cameras for “man weasring [sic] a black t-shirt and shorts.”
  • Florence SC PD looking for “person with gun” across 61 cameras
  • Chamblee GA PD searching 85 camera networks for “white woman wearing grey shirt, blonde hair, black shorts with blue and white shoes.” The agency also searched for “female with ugg boots.”
  • Brookhaven GA PD looking for “tall man.”

Some searches referenced the race of the person authorities were looking for. The California Highway Patrol was “Looking for a white male about 6ft 1in tall, longer brown hair almost to his shoulders, slender build, will have been wearing blue jeans, boots with white paint stains on the toes and possibly carrying a black helmet.” Atlanta GA PD searched for “non caucasion [sic] male wearing blue shirt blue pants white hat.”

Some searches are part of an “investigation,” according to the “reason” field in the data. Others are part of a missing persons case. In some it is not clear what the reason for the search was because it is redacted.

“Unfortunately, this ability to search cameras as though doing a search engine inquiry is increasingly common for surveillance cameras,” Beryl Lipton, senior investigative researcher at the Electronic Frontier Foundation, told 404 Media. “AI-enabled video analysis across reams of footage exacerbates the risk that law-abiding people minding their own business end up with police observing them without their knowledge and opens them to possibly being implicated in a crime or being treated as a criminal. Imagine how many people at any given moment may be walking on foot, wearing a backpack, or existing with brown hair. It wasn’t that long ago that Trayvon Martin was murdered by someone who could argue that wearing a hoodie justified suspicion and a claim of self-defense.”

404 Media reviewed data collected by HaveIBeenFlocked.com, a website that collates Flock search-related data obtained through public records requests. Since 404 Media revealed local police were performing Flock searches on behalf of Immigration and Customs Enforcement (ICE), journalists, activists, and residents across the country have requested “Network Audits” from their local police departments. These spreadsheets show in granular detail when an officer searched Flock cameras, how many cameras they queried, and the stated reason why.

A sometimes overlooked part of those audits is a field called “text_prompt.” This relates to a feature in Flock called FreeForm search, which lets officers search cameras not by typing in a license plate but with a natural language phrase. Sometimes these FreeForm searches are descriptions of vehicles, but they often include descriptions of people.

Flock primarily advertises its FreeForm as a feature for its Condor video cameras, which are separate from its automatic license plate reader (ALPR) cameras. These video cameras have “people detection alerts,” and “Guardian Mode” automatically zooms in on people and vehicles. “Deploy AI-powered video where it matters most—no blind spots, no hassle, and fully integrated into Flock,” the company’s website reads. But the AI-analyzed feeds are not entirely divorced from ALPR; Flock has designed the systems to work in tandem. Kevin Cox, a Flock consultant who previously worked for the Grand Prairie Police Department in Texas, previously said, “video combined with the LPR evidence of placing a vehicle at the scene or nearby is an incredibly game changing experience into the prosecutorial chain of events.”

tFlock launched FreeForm in February 2025, although the company’s announcement at the time focused on searches related to vehicles. Some FreeForm searches 404 Media reviewed indicate a target’s potential political affiliation, such as the Anne Arundel County MD PD searching 198 networks for “white jeep with trump flag.” 

One example search Flock gives on its website is for “camo hat orange vest.”

Flock told 404 Media in a statement “FreeForm is designed to help investigators quickly search through large amounts of footage when they are working with limited information, such as a witness description of a person or vehicle.”

“FreeForm is not facial recognition. Flock’s products do not have facial recognition, and we have no facial recognition technology in development. FreeForm cannot identify a person by name, verify someone’s identity, or search for a specific face,” the company added. Flock said authorities used FreeForm searches in a September 2025 AMBER alert case and in Emporia, Kansas, when an elderly man left an assisted living facility.

Flock said FreeForm searches have “guardrails,” including users not able to search attributes such as “race, ethnicity, religion, nationality.” When they do, an alert is generated and sent to the agency’s administrators, Flock said. Some of the searches 404 Media found did discuss someone’s race.

Stanley from the ACLU added, “Imagine that your police department stationed officers on corners around your community writing down notes on where you are at what time, but also what you’re wearing every day, what objects you might be carrying — and writing down those details on everybody, 24/7. You would ask, why are they keeping notes on everybody? That’s pretty intrusive. But that’s basically what these systems do.”

“All this goes to show that Flock is eager not just to expand its surveillance of drivers across America through license plate readers, but to expand into every new kind of surveillance that technology makes possible. And then to link these data streams together to capture even more information about how everybody is living their lives. I don’t think most Americans want to live under that kind of constant automated surveillance,” he wrote.

In May 2025, 404 Media revealed Flock planned to use hacked data as part of a massive people lookup tool. The idea was to use information from data brokers and data breaches to “jump from LPR [license plate reader] to person,” according to internal Flock meeting audio 404 Media previously obtained. Flock scrapped the plan to use hacked data after 404 Media’s coverage and internal pressure.

In December 2025, 404 Media reported Flock left at least 60 of its people-tracking cameras exposed to the wider internet, letting anyone watch their feeds in real time. Those were Flock Condor cameras, and not its more widespread license plate reading cameras.

Read the whole story
mkalus
5 minutes ago
reply
iPhone: 49.287476,-123.142136
Share this story
Delete

Hack Reveals Suno AI Music Generator Scraped YouTube, Deezer, and Genius

1 Share
Hack Reveals Suno AI Music Generator Scraped YouTube, Deezer, and Genius

The AI music generation tool Suno scraped millions of songs and lyrics from YouTube Music, Deezer, and Genius, as well as from the stock music libraries Pond5, Jamendo, Freesound, the International Music Score Library Project, and podcasts via RSS feeds, according to a hacker who breached the company and shared data about Suno’s training libraries with 404 Media. The hacker was also able to access user information for hundreds of thousands of Suno’s customers, as well as Stripe payment information, they said.

The hacked data is a rare look at exactly how AI models and tools are built. Suno is one of the largest AI music generation tools on the internet, and has been the subject of several major lawsuits from the record industry, which accused the company of training on millions of copyrighted songs. As part of these legal proceedings, Suno previously admitted that it was trained on “essentially all music files of reasonable quality that are accessible on the open internet,” which included a total of “tens of millions of recordings.” Suno has been making the argument that it is allowed to train on copyrighted works as fair use in those cases, one of which has been settled. 

The lawsuits have made clear that Suno did train on huge amounts of copyrighted works, but the hacked data shared with 404 Media sheds more light on how Suno scraped songs from the internet and where it took them from. The Recording Industry Association of America accused Suno of ripping songs directly from YouTube; the hacked data seen by 404 Media confirms this.

The hacked material includes source code that appears to be from 2023 and 2024 that includes scraping instructions and details about the scope of at least some of the scraping. For example, the comments in one file note that they will pull from “genius_hq, youtube_music, freesound, jamendo, imp, deezer, ytm_tagged,” and that “non-music will be filtered out.” A file called “youtube_music” notes that at the time the file was last updated, it had ingested “2,013,545 music clips.” Another file contains comments about different datasets Suno had created, which included “113,879 hours of youtube_music,” “17,615 hours of genius_hq,” “410 hours of free sound,” “19,514 hours of imslp,” “3,726 hours of jamendo,” “62,117 hours of pond5_music,” “12,287 hours of deezer,” “152,162 hours of ytm_tagged,” and “103 hours of musescore_lyrics.” In total, this is at least decades worth of music. 

Hack Reveals Suno AI Music Generator Scraped YouTube, Deezer, and Genius

Other code the hacker shared with 404 Media appeared to look specifically for vocals by searching specifically for acapella versions of songs on YouTube. The code also suggested that Suno was using proxies to scrape songs from YouTube through a company called Bright Data, which sells scraping tools, infrastructure, and data services. Additional code shows that with the help of an online tool called PodcastIndex, Suno identified 420,000 different podcasts that had at least five, 30-minute episodes and sought to download roughly 1 million hours of podcasts.

It is unclear from the files seen by 404 Media exactly how Suno scraped files from each of the other platforms. Pond5 is a stock music and sound effects library owned by Shutterstock in which customers pay to access songs individually or can access a limited number of songs per month with a subscription. Pond5 claims it has 2.5 million music tracks; Suno’s data suggests that it scraped a substantial amount of the entire library. Genius, meanwhile, does not host songs directly on its website but allows Apple Music subscribers to play music through the website or to play samples of songs through Apple Music. 

Hack Reveals Suno AI Music Generator Scraped YouTube, Deezer, and Genius

In one of its lawsuit filings, Suno said that its “training data includes essentially all music files of reasonable quality that are accessible on the open internet, abiding by paywalls, password protections, and the like, combined with similarly available text descriptions,” and that it was “constructed by showing the program tens of millions of instances of different kinds of recordings gathered from publicly available sources.” 

“For Suno specifically, this process involved copying decades worth of the world’s most popular sound recordings and then ingesting those copies into Suno’s AI models so they can generate outputs that imitate the qualities of genuine human sound recordings,” the RIAA wrote in its lawsuit against Suno. “And to make matters worse, Suno obtained those copies in the first instance by unlawfully ‘stream ripping’ them from the popular streaming platform YouTube, and circumventing the technological measures designed specifically to prevent such unauthorized copying.”

In a statement, a Suno spokesperson said “As we have stated in public filings and disclosures, Suno’s AI models have been trained on publicly available music files and related metadata accessible on third-party websites on the open Internet. In November of 2025, we determined that Suno had been the subject of a limited security incident that was quickly contained. At the time, we immediately conducted an investigation and verified that the incident primarily involved outdated source code that is no longer in use at Suno and that no sensitive personal information was compromised. Importantly, Suno does not have access to customers’ full credit card numbers in Stripe.” 

“Based on the limited nature of the customer information believed to be involved, we determined that individual notifications were not warranted under applicable privacy laws,” the Suno spokesperson added. Suno also sent a training data disclosure required under California law.

The hacker, ellie.191, told 404 Media they breached the company by hacking an individual employee using the Shai-Hulud worm, a supply chain attack that allowed hackers to harvest GitHub and cloud service credentials. They said they also accessed Suno’s customer list, which included customers’ emails and/or phone numbers and Stripe payment details, depending on what they used to login. The hacker provided a sample of some of the customers, some of whom confirmed to 404 Media they had used their phone number to sign up for Suno and said they were never notified of a breach. The hacker told 404 Media they had no specific motivation for hacking Suno and said “I like to hack anything and everything.”

404 Media has previously reported on leaked materials that showed Nvidia and Runway ML scraped YouTube en masse. For the most part, AI companies no longer deny training on copyrighted materials and instead make the argument that they are allowed to scrape artists’ work under fair use carveouts in copyright law. 

Last month, The Atlantic reported on several music databases that are widely used in AI training, consisting of millions of tracks: “Three of the datasets I found are distributed as a list of links to songs on YouTube or Spotify. AI developers download the actual audio using tools that automate the job, some of which allow developers to bypass logins, advertisements, and mechanisms that might earn money or subscribers for creators. Such tools violate the terms of service of these platforms. (The fourth dataset, the Free Music Archive collection, is distributed with MP3s.),” the author of The Atlantic piece wrote. It is unclear whether Suno used any of these datasets. 

The Suno spokesperson added that the company has worked to try to prevent users from generating songs that sound like existing songs. One of the contentions of several of the lawsuits was that Suno could be used to output songs that are nearly indistinguishable from existing works. “Our goal has always been to help people create original new music, not replicate someone else’s. That’s why we build our models around what we call ‘Original Creation, By Design.’ For example, we intentionally do not use artist names as a category of training metadata because we want our models to help people create brand new songs, not music that replicates other artists’ existing work,” the spokesperson said. “We believe artists deserve both new opportunities and strong protections. That's why we've invested in safeguards designed to help prevent impersonation, and other forms of misuse, while continuing to develop technologies for AI identification.”

Mikey Shulman, the CEO and founder of Suno, said on a podcast last year that he believes the “majority of people don’t enjoy the majority of the time they spend making music.”

Read the whole story
mkalus
18 hours ago
reply
iPhone: 49.287476,-123.142136
Share this story
Delete

Tourists and Traffic on a Street Leading Toward Higashiyama

1 Share

Michael Kalus posted a photo:

Tourists and Traffic on a Street Leading Toward Higashiyama

"Busy street scene leading toward the wooded hills of Kyoto's Higashiyama district with pedestrians, traffic and traditional streetscape. The photograph records an everyday detail of Kyoto beyond the city’s better-known postcard views.

Location: Higashiyama, Kyoto, Japan"



Read the whole story
mkalus
1 day ago
reply
iPhone: 49.287476,-123.142136
Share this story
Delete

Visitors in Kimono at Chion-in

1 Share

Michael Kalus posted a photo:

Visitors in Kimono at Chion-in

"Visitors wearing kimono pause on the approach to Chion-in Temple in Kyoto while others make their way toward the historic temple buildings. The photograph places traditional Japanese dress within the movement and routines of contemporary city life.

Location: Chion-in, Higashiyama, Kyoto, Japan"



Read the whole story
mkalus
1 day ago
reply
iPhone: 49.287476,-123.142136
Share this story
Delete

Coffee Roaster at % Arabica in Black and White

1 Share

Michael Kalus posted a photo:

Coffee Roaster at % Arabica in Black and White

"Monochrome view of the coffee roasting area inside % Arabica Kyoto. The scene documents Kyoto’s contemporary café culture and the visual details of the space.

Location: Kyoto, Japan"



Read the whole story
mkalus
1 day ago
reply
iPhone: 49.287476,-123.142136
Share this story
Delete

Nathan MacDonough @ % Arabica (B&W)

1 Share

Michael Kalus posted a photo:

Nathan MacDonough @ % Arabica (B&W)



Read the whole story
mkalus
1 day ago
reply
iPhone: 49.287476,-123.142136
Share this story
Delete
Next Page of Stories