404 Media

2025-11-21 00:00:09

Cops Used Flock to Monitor No Kings Protests Around the Country

Police departments and officials from Border Patrol used Flock’s automatic license plate reader (ALPR) cameras to monitor protests hundreds of times around the country during the last year, including No Kings protests in June and October, according to data obtained by the Electronic Frontier Foundation (EFF).

The data provides the clearest picture yet of how cops widely use Flock to monitor protesters. In June, 404 Media reported cops in California used Flock to track what it described as an “immigration protest.” The new data shows more than 50 federal, state, and local law enforcement ran hundreds of searches in connection with protest activity, according to the EFF.

This post is for subscribers only

Become a member to get access to all content
Subscribe now

Cops Used Flock to Monitor No Kings Protests Around the Country

^{Joseph Cox (404 Media)}

404 Media

2025-11-11 15:03:08

DHS Is Deploying a Powerful Surveillance Tool at College Football Games

A version of this article was previously published on FOIAball, a newsletter reporting on college football and public records. You can learn more about FOIAball and subscribe here.

Last weekend, Charleston’s tiny private military academy, the Citadel, traveled to Ole Miss.

This game didn’t have quite the same cachet as the Rebels' Week 11 opponent this time last year, when a one-loss Georgia went to Oxford.

A showdown of ranked SEC opponents in early November 2024 had all eyes trained on Vaught-Hemingway Stadium.

Including those of the surveillance state.

According to documents obtained by FOIAball, the Ole Miss-Georgia matchup was one of at least two games last year where the school used a little-known Department of Homeland Security information-sharing platform to keep a watchful eye on attendees.

The platform, called the Homeland Security Information Network (HSIN), is a centralized hub for the myriad law enforcement agencies involved with security at big events.
CREDIT: Ole Miss/Georgia EAP, obtained by FOIAball
According to an Event Action Plan obtained by FOIAball, at least 11 different departments were on the ground at the Ole Miss-Georgia game, from Ole Miss campus police to a military rapid-response team.

HSINs are generally depicted as a secure channel to facilitate communication between various entities.

In a video celebrating its 20th anniversary, a former HSIN employee hammered home that stance.“When our communities are connected, our country is indeed safer," they said.

In reality HSIN is an integral part of the vast surveillance arm of the U.S. government.

Left unchecked since 9/11, supercharged by technological innovation, HSIN can subject any crowd to almost constant monitoring, looping in live footage from CCTV cameras, from drones flying overhead, and from police body cams and cell phones.

HSIN has worked with private businesses to ensure access to cameras across cities; they collect, store, and mine vast amounts of personal data; and they have been used tofacilitate facial recognition searches from companies like Clearview AI.

It’s one of the least-reported surveillance networks in the country.

And it's been building this platform on the back of college football.

Since 9/11, HSINs have become a widely used tool.

A recentInspector General report found over 55,000 active accounts using HSIN, ranging from federal employees to local police agencies to nebulous international stakeholders.

The platforms host what’s called SBU, sensitive but unclassified information, including threat assessments culled from media monitoring.

According to aprivacy impact study from 2006, HSIN was already maintaining a database of suspicious activities and mining those for patterns.

"The HSIN Database can be mined in a manner that identifies potential threats to the homeland or trends requiring further analysis,” it noted.

In anupdated memo from 2012 discussing whose personal information HSIN can collect and disseminate, the list includes the blanket, “individuals who may pose a threat to the United States.”

A 2023 DHS “Year in Review” found that HSIN averaged over 150,000 logins per month.

Its Connect platform, which coordinates security and responses at major events, was utilized over 500 times a day.

HSIN operated at the Boston Marathon, Lollapalooza, the World Series, and the presidential primary debates. It has also been used at every Super Bowl for the last dozen years.

DHS is quick to tout the capabilities of HSINs in internal communications reviewed by FOIAball.

In doing so, it reveals the growth of its surveillance scope. In documents from 2018, DHS makes no mention of live video surveillance.

But a 2019annual review said that HSINs used private firms to help wrangle cameras at commercial businesses around Minneapolis, which hosted the Final Four that year.

“Public safety partners use HSIN Connect to share live video streams from stationary cameras as well as from mobile phones,” it said. “[HSIN communities such as] the Minneapolis Downtown Security Executive Group works with private sector firms to share live video from commercial businesses’ security cameras, providing a more comprehensive operating picture and greater situational awareness in the downtown area.”

And the platform has made its way to college campuses.

Records obtained by FOIAball show how pervasive this technology has become on college campuses, for everything from football games to pro-Palestinian protests.

In November 2023, students at Ohio State University held several protests against Israel’s war in Gaza. At one, over 100 protesters blocked the entrance to the school president’s office.

Areport that year from DHS revealed the protesters were being watched in real-time from a central command center.

Under the heading "Supporting Operation Excellence," DHS said the school used HSIN to surveil protesters, integrating the school’s closed-circuit cameras to live stream footage to HSIN Connect.

“Ohio State University has elevated campus security by integrating its closed-circuit camera system with HSIN Connect,” it said. “This collaboration creates a real-time Common Operating Picture for swift information sharing, enhancing OSU’s ability to monitor campus events and prioritize community safety.”

“HSIN Connect proved especially effective during on-campus protests, expanding OSU’s security capabilities,” the school’s director of emergency management told DHS. “HSIN Connect has opened new avenues for us in on-campus security.”

While it opened new avenues, the platform already had a well-established relationship with the school.

According to aninternal DHS newsletter from January 2016, HSIN was utilized at every single Buckeyes home game in 2015.

“HSIN was a go-to resource for game days throughout the 2015 season,” it said.

It highlighted that data was being passed along and analyzed by DHS officials.

The newsletter also revealed HSINs were at College Football Playoff games that year and have been in years since. There was no mention of video surveillance at Ohio State back in 2015. But in 2019, that capability was tested at Georgia Tech.

There, police used “HSIN Connect to share live video streams with public safety partners.”

A2019 internal newsletter quoted a Georgia Tech police officer about the use of real-time video surveillance on game days, both from stationary cameras and cell phones.

“The mobile app for HSIN Connect also allows officials to provide multiple, simultaneous live video streams back to our Operations Center across a secure platform,” the department said.

Ohio State told FOIAball that it no longer uses HSIN for events or incidents. However, it declined to answer questions about surveilling protesters or football games.

Ohio State’s records department said that it did not have any documents relating to the use of HSIN or sharing video feeds with DHS.

Georgia Tech’s records office told FOIAball that HSINs had not been used in years and claimed it was “only used as a tool to share screens internally." Its communications team did not respond to a request to clarify that comment.

Years later, DHS had eyes both on the ground and in the sky at college football.

According to the 2023 annual review, HSIN Connect operated during University of Central Florida home games that season. There, both security camera and drone detection system feeds were looped into the platform in real-time.

DHSsaid that the "success at UCF's football games hints at a broader application in emergency management.”

HSIN has in recent years been hooked into facial recognition systems.

A 2024report from the U.S. Commission on Civil Rights found that the U.S. Marshals were granted access to HSIN, where they requested "indirect facial recognition searches through state and local entities" using Clearview AI.

Which brings us to the Egg Bowl—the annual rivalry game between Ole Miss and Mississippi State.

FOIAball learned about the presence of HSIN at Ole Miss through a records request to the city’s police department. It shared Event Action Plans for the Rebels’ games on Nov. 9, 2024 against Georgia and Nov. 30, 2024 against Mississippi State.

It’s unclear how these partnerships are forged.

In videos discussing HSIN, DHS officials have highlighted their outreach to law enforcement, talking about how they want agencies onboarded and trained on the platform. No schools mentioned in this article answered questions about how their relationship with DHS started.

The Event Action Plan provides a fascinating level of detail that shows what goes into security planning for a college football game, from operations meetings that start on Tuesday to safety debriefs the following Monday.

Its timeline of events discusses when Ole Miss’s Vaught-Hemingway Stadium is locked down and when security sweeps are conducted. Maps detail where students congregate beforehand and where security guards are posted during games.

The document includes contingency plans for extreme heat, lightning, active threats, and protesters. It also includes specific scripts for public service announcers to read in the event of any of those incidents.

It shows at least 11 different law enforcement agencies are on the ground on game days, from school cops to state police.

They even have the U.S. military on call. The 47th Civil Support Team, based out of Jackson Air National Guard Base, is ready to respond to a chemical, biological, or nuclear attack.

All those agencies are steered via the document to the HSIN platform.

Under a section on communications, it lists the HSIN Sitroom, which is “Available to all partners and stakeholders via computer & cell phone.”

The document includes a link to an HSIN Connect page.

It uses Eli Manning as an example of how to log in.

“Ole Miss Emergency Management - Log in as a Guest and use a conventional naming convention such as: ‘Eli Manning - Athletics.’”

On the document, it notes that the HSIN hosts sensitive Personally Identifiable Information (PII) and Threat Analysis Documents.

“Access is granted on a need-to-know basis, users will need to be approved prior to entry into the SitRoom.”

“The general public and general University Community is not permitted to enter the online SitRoom,” it adds. “All SitRooms contain operationally sensitive information and PII, therefore access must be granted by the ‘Host’.”

It details what can be accessed in the HSIN, such as a chat window for relaying information.

It includes a section on Threat Analysis, which DHS says is conducted through large-scale media monitoring.

The document does not detail whether the HSIN used at Ole Miss has access to surveillance cameras across campus.

But that may not be something explicitly stated in documents such as these.

Like Ohio State, UCF told FOIAball that it had no memoranda of understanding or documentation about providing access to video feeds to HSINs, despite DHS acknowledging those streams were shared. Ole Miss’ records department also did not provide any documents on what campus cameras may have been shared with DHS.

While one might assume the feeds go dark after the game is over, there exists the very real possibility that by being tapped in once, DHS can easily access them again.

“I’m worried about mission creep,” Matthew Guariglia, a senior policy analyst at the Electronic Frontier Foundation, told FOIAball. “These arrangements are made for very specific purposes. But they could become the apparatus of much greater state surveillance.”

For Ole Miss, its game against Georgia went off without any major incidents.

Well, save for one.

During the second quarter, asquirrel jumped onto the field, and play had to be stopped.

In the EAP, there was no announcer script for handling a live animal interruption.

Scoop: Inside DHS's vast college football surveillance effort

Documents obtained by FOIAball reveal how the feds surveil SEC, Big Ten games.

^{David Covucci (FOIAball)}

404 Media

2025-11-10 16:52:55

Our New FOIA Forum! 11/19, 1PM ET

It’s that time again! We’re planning our latest FOIA Forum, a live, hour-long or more interactive session where Joseph and Jason will teach you how to pry records from government agencies through public records requests. We’re planning this for Wednesday, November 19th at 1 PM Eastern. That's in just over a week away! Add it to your calendar!

This time we're focused on our coverage of Flock, the automatic license plate reader (ALPR) and surveillance tech company. Earlier this year anonymous researchers had the great idea of asking agencies for the network audit which shows why cops were using these cameras. Following that, we did a bunch of coverage, including showing that local police were performing lookups for ICE in Flock's nationwide network of cameras, and that a cop in Texas searched the country for a woman who self-administered an abortion. We'll tell you how all of this came about, what other requests people did after, and what requests we're exploring at the moment with Flock.

If this will be your first FOIA Forum, don’t worry, we will do a quick primer on how to file requests (although if you do want to watch our previous FOIA Forums, the video archive is here). We really love talking directly to our community about something we are obsessed with (getting documents from governments) and showing other people how to do it too.

Paid subscribers can already find the link to join the livestream below. We'll also send out a reminder a day or so before. Not a subscriber yet? Sign up now here in time to join.

We've got a bunch of FOIAs that we need to file and are keen to hear from you all on what you want to see more of. Most of all, we want to teach you how to make your own too. Please consider coming along!

This post is for subscribers only

Become a member to get access to all content
Subscribe now

Our New FOIA Forum! 11/19, 1PM ET

Come learn how researchers and others learned what cops were using Flock's nationwide network of cameras for, including searches for ICE.

^{Joseph Cox (404 Media)}

404 Media

2025-10-31 13:47:10

You Can't Refuse To Be Scanned by ICE's Facial Recognition App, DHS Document Says

📄
This article was primarily reported using public records requests. We are making it free to read as a public service. FOIA reporting can be expensive, please consider subscribing to 404 Media to support this work. Or send us a one time donation via our tip jar here.

Immigration and Customs Enforcement (ICE) does not let people decline to be scanned by its new facial recognition app, which the agency uses to verify a person’s identity and their immigration status, according to an internal Department of Homeland Security (DHS) document obtained by 404 Media. The document also says any face photos taken by the app, called Mobile Fortify, will be stored for 15 years, including those of U.S. citizens.

The document provides new details about the technology behind Mobile Fortify, how the data it collects is processed and stored, and DHS’s rationale for using it. On Wednesday 404 Media reported that both ICE and Customs and Border Protection (CBP) are scanning peoples’ faces in the streets to verify citizenship.

This post is for subscribers only

Become a member to get access to all content
Subscribe now

You Can't Refuse To Be Scanned by ICE's Facial Recognition App, DHS Document Says

^{Joseph Cox (404 Media)}

404 Media

2025-09-15 13:14:17

Airlines Sell 5 Billion Plane Ticket Records to the Government For Warrantless Searching

📄
This article was primarily reported using public records requests. We are making it available to all readers as a public service. FOIA reporting can be expensive, please consider subscribing to 404 Media to support this work. Or send us a one time donation via our tip jar here.

A data broker owned by the country’s major airlines, including American Airlines, United, and Delta, is selling access to five billion plane ticketing records to the government for warrantless searching and monitoring of peoples’ movements, including by the FBI, Secret Service, ICE, and many other agencies, according to a new contract and other records reviewed by 404 Media.

The contract provides new insight into the scale of the sale of passengers’ data by the Airlines Reporting Corporation (ARC), the airlines-owned data broker. The contract shows ARC’s data includes information related to more than 270 carriers and is sourced through more than 12,800 travel agencies. ARC has previously told the government to not reveal to the public where this passenger data came from, which includes peoples’ names, full flight itineraries, and financial details.

“Americans' privacy rights shouldn't depend on whether they bought their tickets directly from the airline or via a travel agency. ARC's sale of data to U.S. government agencies is yet another example of why Congress needs to close the data broker loophole by passing my bipartisan bill, the Fourth Amendment Is Not For Sale Act,” Senator Ron Wyden told 404 Media in a statement.

💡
Do you know anything else about ARC or the sale of this data? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.

ARC is owned and operated by at least eight major U.S. airlines, publicly released documents show. Its board of directors includes representatives from American Airlines, Delta, United, Southwest, Alaska Airlines, JetBlue, and European airlines Air France and Lufthansa, and Canada’s Air Canada. ARC acts as a bridge between airlines and travel agencies, in which it helps with fraud prevention and finds trends in travel data. ARC also sells passenger data to the government as part of what it calls the Travel Intelligence Program (TIP).

TIP is updated every day with the previous day’s ticket sales and can show a person’s paid intent to travel. Government agencies can then search this data by name, credit card, airline, and more.

The new contract shows that ARC has access to much more data than previously reported. Earlier coverage found TIP contained more than one billion records spanning more than 3 years of past and future travel. The new contract says ARC provides the government with “5 billion ticketing records for searching capabilities.”

Screenshots of the documents obtained by 404 Media.

404 Media obtained the contract through a Freedom of Information Act (FOIA) with the Secret Service. The contract indicates the Secret Service plans to pay ARC $885,000 for access to the data stretching into 2028. A spokesperson for the agency told 404 Media “The U.S. Secret Service is committed to protecting our nation’s leaders and financial infrastructure in close coordination with our federal, state, and local law enforcement partners. To safeguard the integrity of our work, we do not discuss the tools used to conduct our operations.” The Secret Service did not answer a question on whether it seeks a warrant, subpoena, or court order to search ARC data.

404 Media has filed FOIA requests with a wide range of agencies that public procurement records show have purchased ARC data. That includes ICE, CBP, ATF, the SEC, TSA, the State Department, U.S. Marshals, and the IRS. A court record reviewed by 404 Media shows the FBI has asked ARC to search its databases for a specific person as part of a drug investigation.
playlist.megaphone.fm?p=TBIEA2…
The ATF told 404 Media in a statement “ATF uses ARC data for criminal and investigative purposes related to firearms trafficking and other investigations within ATF’s purview. ATF follows DOJ policy and appropriate legal processes to obtain and search the data. Access to the system is limited to a very small group within ATF, and all subjects searched within ARC must be part of an active, official ATF case/investigation.”

An ARC spokesperson told 404 Media in an email that TIP “was established by ARC after the September 11, 2001, terrorist attacks and has since been used by the U.S. intelligence and law enforcement community to support national security and prevent criminal activity with bipartisan support. Over the years, TIP has likely contributed to the prevention and apprehension of criminals involved in human trafficking, drug trafficking, money laundering, sex trafficking, national security threats, terrorism and other imminent threats of harm to the United States.”

The spokesperson added “Pursuant to ARC’s privacy policy, consumers may ask ARC to refrain from selling their personal data.”

After media coverage and scrutiny from Senator Wyden’s office of the little-known data selling, ARC finally registered as a data broker in the state of California in June. Senator Wyden previously said it appeared ARC had been in violation of Californian law for not registering while selling airline customers’ data for years.

Airline-Owned Data Broker Selling Your Flight Info to DHS Finally Registers as a Data Broker

It’s a legal requirement for data brokers to register in the state of California. ARC, the airlines-owned data broker that has been selling your flight information to the government for years, only just registered after being contacted by the office …

^{Joseph Cox (404 Media)}

404 Media

2025-08-13 21:53:37

Trump Administration Outlines Plan to Throw Out an Agency's FOIA Requests En Masse

The Department of Energy (DOE) said in a public notice scheduled to be published Thursday that it will throw out all Freedom of Information Act (FOIA) requests sent to the agency before October 1, 2024 unless the requester proactively emails the agency to tell it they are still interested in the documents they requested. This will result in the improper closure of likely thousands of FOIA requests if not more; government transparency experts told 404 Media that the move is “insane,” “ludicrous,” a “Pandora’s Box,” and “an underhanded attempt to close out as many FOIA requests as possible.”

The DOE notice says “requesters who submitted a FOIA request to DOE HQ at any time prior to October 1, 2024 (FY25), that is still open and is not under active litigation with DOE (or another Federal agency) shall email StillInterestedFOIA@hq.doe.gov to continue processing of the FOIA request […] If DOE HQ does not receive a response from requesters within the 30-day time-period with a DOE control number, no further action will be taken on the open FOIA request(s), and the file may be administratively closed.” A note at the top of the notice says it is scheduled to be formally published in the Federal Register on Thursday.

The agency will send out what are known as “still interested” letters, which federal agencies have used over the years to see if a requester wants to withdraw their request after a certain period of inactivity. These types of letters are controversial and perhaps not legal, and previous administrations have said that they should be used rarely and that requests should only be closed after an agency made multiple attempts to contact a requester over multiple methods of communication. What the DOE is doing now is sending these letters to submitters of all requests prior to October 1, 2024, which is not really that long ago; it also said it will close the requests of people who do not respond in a specific way to a specific email address.

FOIA requests—especially complicated ones—can often take months or years to process. I have outstanding FOIA requests with numerous federal agencies that I filed years ago, and am still interested in getting back, and I have gotten useful documents from federal agencies after years of waiting. The notion that large numbers of people who filed FOIA requests as recently as September 2024, which is less than a year ago, are suddenly uninterested in getting the documents they requested is absurd and should be seen as an attack on public transparency, experts told 404 Media. The DOE’s own reports show that it often does not respond to FOIA requests within a year, and, of course, a backlog exists in part because agencies are not terribly responsive to FOIA.

“If a requester proactively reaches out and says I am withdrawing my request, then no problem, they don’t have to process it,” Adam Marshall, senior staff attorney at the Reporters Committee for Freedom of the Press, told me. “The agency can’t say we’ve decided we’ve gotten a lot of requests and we don’t want to do them so we’re throwing them out.”

“I was pretty shocked when I saw this to be honest,” Marshall added. “I’ve never seen anything like this in 10 years of doing FOIA work, and it’s egregious for a few reasons. I don’t think agencies have the authority to close a FOIA request if they don’t get a response to a ‘still interested’ letter. The statute doesn’t provide for that authority, and the amount of time the agency is giving people to respond—30 days—it sounds like a long time but if you happen to miss that email or aren’t digging through your backlogs, it’s not a lot of time. The notion that FOIA requesters should keep an eye out in the Federal Register for this kind of notice is ludicrous.”

The DOE notice essentially claims that the agency believes it gets too many FOIA requests and doesn’t feel like answering them. “DOE’s incoming FOIA requests have more than tripled in the past four years, with over 4,000 requests received in FY24, and an expected 5,000 or more requests in FY25. DOE has limited resources to process the burgeoning number of FOIA requests,” the notice says. “Therefore, DOE is undertaking this endeavor as an attempt to free up government resources to better serve the American people and focus its efforts on more efficiently connecting the citizenry with the work of its government.”

Lauren Harper of the Freedom of the Press Foundation told me in an email that she also has not seen any sort of precedent for this and that “it is an underhanded attempt to close out as many FOIA requests as possible, because who in their right mind checks the federal register regularly, and it should be challenged in court. (On that note, I am filing a FOIA request about this proposal.)”

“The use of still interested letters isn't explicitly allowed in the FOIA statute at all, and, as far as I know, there is absolutely zero case law that would support the department sending a mass ‘still interested’ letter via the federal register,” she added. “That they are also sending emails is not a saving grace; these types of letters are supposed to be used sparingly—not as a flagrant attempt to reduce their backlog by any means necessary. I also worry it will open a Pandora's Box—if other agencies see this, some are sure to follow.”

Marshall said that FOIA response times have been getting worse for years across multiple administrations (which has also been my experience). The Trump administration and the Department of Government Efficiency (DOGE) have cut a large number of jobs in many agencies across the government, which may have further degraded response times. But until this, there hadn’t been major proactive attempts taken by the self-defined “most transparent administration in history” to destroy FOIA.

“This is of a different nature than what we have seen so far, this affirmative, large-scale effort to purport to cancel a large number of pending FOIA requests,” Marshall said.

Limitations on Use of “Still-Interested” Inquiries

^{www.justice.gov}

404 Media

2025-08-13 12:55:58

LAPD Eyes ‘GeoSpy’, an AI Tool That Can Geolocate Photos in Seconds

📄
This article was primarily reported using public records requests. We are making it available to all readers as a public service. FOIA reporting can be expensive, please consider subscribing to 404 Media to support this work. Or send us a one time donation via our tip jar here.

The Los Angeles Police Department (LAPD) has shown interest in using GeoSpy, a powerful AI tool that can pinpoint the location of photos based on features such as the soil, architecture, and other identifying features, according to emails obtained by 404 Media. The news also comes as GeoSpy’s founder shared a video showing how the tool can be used in relation to undocumented immigrants in sanctuary cities, and specifically Los Angeles.

The emails provide the first named case of a law enforcement agency showing clear interest in the tool. GeoSpy can also let law enforcement determine what home or building, down to the specific address, a photo came from, in some cases including photos taken inside with no windows or view of the street.

“Let’s start with one seat/license (me),” an October 2024 email from an LAPD official to Graylark Technologies, the company behind GeoSpy, reads. The LAPD official is from the agency’s Robbery-Homicide division, according to the email. 404 Media obtained the emails through a public records request with the LAPD.

Upgrade to continue reading

Become a paid member to get access to all premium content
Upgrade

LAPD Eyes ‘GeoSpy’, an AI Tool That Can Geolocate Photos in Seconds

^{Joseph Cox (404 Media)}