Flock Cameras: Inside the Automated Flaw That Surrounded an Auto Journalist With Four Squad Cars

A single flawed California plate entry triggered armed stops across multiple states, exposing Flock Safety’s unchecked substring-matching at scale

Nikshep Myle Avatar
Nikshep Myle Avatar

By

Image: Screenshot Plymouth Police Department | Edited by: Gadget Review

Key Takeaways

Key Takeaways

  • Flock Safety’s AI matched partial plate entries, flagging innocent drivers across multiple states repeatedly.
  • Flock’s 99% accuracy still produces roughly 200 million misreads monthly, causing armed police confrontations.
  • At least 30 jurisdictions canceled Flock contracts, while a fix distinguishing partial matches remains undeployed.

Four squad cars converged on a Kohl’s parking lot in Plymouth, Minnesota. Officers approached with hands on holsters, ordering an automotive journalist and his wife out of a $155,000 Range Rover press loaner. Not because of anything he did. Months earlier, a Los Angeles Sheriff’s Department deputy had entered a plate — “34 03 DTM,” lost during a Jaguar Land Rover photo shoot — into the National Crime Information Center (NCIC) database as simply “34 DTM,” dropping the middle digits because they print smaller on the physical plate. Flock Safety’s AI cameras ingested that partial entry and matched it to every plate containing those three characters. The journalist got flagged every time he passed a camera. For days.

This is what happens when automated surveillance inherits human mistakes and propagates them like a corrupted file syncing across every device on iCloud.

One Bad Data Entry, Nationwide Consequences

A partial plate entered in California turned every similar manufacturer plate in America into a suspect vehicle.

Plymouth runs 18 Flock cameras that read over 580,000 plates in a recent 30-day window, generating 14,800 hotlist hits. The journalist’s car was among them — repeatedly. Officers never manually verified the full plate “34 10 DTM” against NCIC before escalating to a box-and-pin takedown. Flock’s Chief Communications Officer Joshua Thomas told the journalist the machine learning “correctly read what it was supposed to read.” The system performed exactly as designed. That’s the problem.

Days later, auto journalist Tim Esterdahl was pulled over in Scotts Bluff, Nebraska, driving a Range Rover Sport on plate “34 08 DTM.” Plymouth police had already predicted it would happen. Any New Jersey manufacturer plate in the “34 ## DTM” series would keep triggering alerts, because the bad partial string remained active in NCIC and Flock kept matching against it.

The repeatable failure chain looks like this:

  • One partial-plate NCIC entry propagates instantly across every Flock-connected jurisdiction nationwide.
  • Flock alerts fire on substring matches with no flag distinguishing partial hits from full matches.
  • Officers then routinely treat those alerts as probable cause — guns drawn, K-9s deployed, families detained — despite Flock’s official position that hits are investigative leads, not certainties.

Flock claims 99% accuracy across 20 billion monthly reads, but by their own math that still means roughly 200 million misreads per month. Independent testing by surveillance research firm IPVM found state misclassification in roughly 1 in 10 reads. In Toledo, a “7” read as “2” led to Brandon Upchurch being mauled by a police K-9. In Morristown, Tennessee, an O-to-zero misread put guns on a family with a 3-year-old in the car.

We Read What We Were Given

Flock blames human error upstream and downstream, but the architecture connecting those failures is entirely theirs.

Thomas acknowledged the system should distinguish substring matches from full-plate matches — calling it “fair feedback” for engineering. That fix doesn’t exist yet. Plymouth Police Chief Erik Fadden conceded his officers “didn’t get it right,” but noted that with over 8,000 plate formats nationwide, visual verification is genuinely difficult. He added that even a manual NCIC check would have returned the same erroneous “stolen” result, because the bad entry was already in the federal database. In Oak Park, Illinois, 40% of 25 Flock-triggered stops turned out to be mistakes caused by bad hotlist data or verification failures.

The feedback loop is clear: flawed database entry, automated amplification at massive scale, officer overreliance on blunt alerts — and the result is a coordinated armed response against people who have done nothing wrong. Much like cases where apps have been caught secretly tracking users without meaningful consent, the architecture connecting those failures is entirely theirs.

At least 30 jurisdictions — including Cambridge, Eugene, and Santa Cruz — have canceled or deactivated Flock contracts, citing surveillance overreach and data-sharing concerns. The Electronic Frontier Foundation argues the problem isn’t individual misuse; it’s the architecture itself. Flock says it’s working with FBI officials to flag bad NCIC data more clearly. If you’re driving a press loaner on a manufacturer plate right now, that fix hasn’t shipped yet — and the “34 ## DTM” plates are still on the road.

Share this

At Gadget Review, our guides, reviews, and news are driven by thorough human expertise and use our Trust Rating system and the True Score. AI assists in refining our editorial process, ensuring that every article is engaging, clear and succinct. See how we write our content here →