The cameras are watching. Nobody wrote the rules.
Blackford County has license plate readers tracking every car that passes. Indiana has no law governing what happens to that data.
If you've driven through Hartford City or across Blackford County in the past two years, a camera has probably photographed your car, read your license plate, and uploaded that information to a searchable database. You were not suspected of a crime. You were not notified. And no law — state or local — governs what happens to that record of where you were and when.
The cameras are Flock Safety automated license plate readers, or ALPRs. The Blackford County Commissioners approved camera placements in county road rights-of-way on May 20, 2024 and again on August 5, 2024. Hartford City Police Department also requested at least one camera placement. Both approvals were routine items in the Highway Superintendent's report. There was no recorded discussion of data retention, data sharing, access controls, or privacy policy, and no public comment.
The Blackford County Ledger has been unable to locate any ordinance, resolution, or published policy — from either Hartford City or Blackford County — governing the use of these cameras or the data they collect. Neither agency maintains a public transparency page of the kind that peer Indiana agencies, including Lafayette PD, Fort Wayne PD, Michigan City PD, and the rural Warrick County Sheriff's Office, publish through Flock's own transparency portal.
Indiana state legislation doesn't fill that gap. The state has no statute regulating automated license plate readers. There is no state-level retention limit, no required use policy, no data-sharing restriction, and no public-records exemption or inclusion. According to the National Conference of State Legislatures, at least 16 states have enacted some form of ALPR regulation. Indiana is not among them.
That means the cameras in Blackford County operate in a complete policy vacuum — no local rules, no state floor, nothing.
What the cameras collect
An ALPR camera photographs every vehicle that passes, reads the license plate, and logs the plate number along with the date, time, and location. Some systems also capture vehicle make, model, color, and distinguishing features. That data is uploaded to a centralized database where authorized users can search it — either in real time, to receive alerts when a flagged vehicle passes a camera, or retroactively, to find out where a particular plate has been over the past 30 days.
ALPR data has helped agencies recover stolen vehicles, locate missing persons, and develop leads in serious crimes including homicides. Departments across Indiana, from Indianapolis to Michigan City, credit the technology with measurable investigative results.
ALPRs are also, by design, a mass-collection system. They don't photograph suspects. They photograph everyone. The overwhelming majority of plates captured belong to people who are not connected to any criminal activity. According to data from the Los Angeles Police Department's ALPR system, only about 0.1 percent of stored plate scans have ever generated a match against a hot list. The rest are records of ordinary people driving to work, school, church, the doctor, a protest, or a gun show — stored in a searchable database, accessible to authorized users, for as long as the retention policy allows.
You don't have to be a criminal to be a target
The history of tracking systems — in this country and others — shows a consistent pattern: the infrastructure built to watch one group eventually gets turned on another, and "who counts as a target" changes with whoever holds power.
In the 1940s, the U.S. Census Bureau provided neighborhood-level population data on Japanese Americans to the War Department. That data helped the government forcibly relocate approximately 120,000 people, two-thirds of them U.S. citizens, to internment camps. The census was designed to count people, but here it was used to remove them.
In the 1950s and 1960s, the FBI's COINTELPRO program used wiretaps, informant networks, and association records to surveil civil rights leaders, anti-war activists, and political organizations the government considered subversive. Martin Luther King Jr. was monitored for years. The program was not disclosed until activists broke into an FBI field office in 1971 and leaked the documents.
In 2013, the Snowden disclosures revealed that the National Security Agency had been collecting phone metadata — who called whom, when, and for how long — on virtually all domestic calls. The legal theory was the same one that underlies Flock's current model: collect everything, search when needed, trust the access controls.
The pattern has continued into the present, and it has crossed party lines.
Under the Obama administration, the IRS used keyword screening to flag conservative organizations applying for tax-exempt status, subjecting groups with names including "Tea Party" or "patriot" to heightened scrutiny. A Treasury Inspector General report confirmed the targeting was real.
In 2021, under the Biden administration, an FBI field office memo identified traditional Catholic parishes as potential sites of domestic terrorism recruitment. The memo was rescinded after it leaked and drew bipartisan criticism. The document itself showed federal law enforcement using religious practice as a filter for surveillance attention. Separately, a Department of Justice memo on threats against school board members led to FBI "threat tags" being applied to parents who attended contentious school board meetings, using a counterterrorism-style tracking label for what were, in many cases, heated but lawful political speech.
Under the Trump administration, Immigration and Customs Enforcement has accessed commercial ALPR databases — including data flowing through the same Flock national network that Blackford County's cameras connect to — to track vehicles associated with undocumented immigrants deep in the U.S. interior. The ACLU has documented cases where Flock data reached immigration enforcement despite local agencies' stated policies against sharing. In 2022, a Marin County, California sheriff was sued by the EFF and ACLU for illegally sharing ALPR data with ICE and Customs and Border Protection. The sheriff settled and agreed to stop.
In May 2025, 404 Media reported that a Texas sheriff's deputy used Flock's national ALPR network to search across 83,000 cameras and more than 6,800 law enforcement networks for personal use, tracking a woman. The stated reason logged in the system's audit trail was that the woman had obtained an abortion.
The government aren't the only prying eyes
ALPR data, like any concentrated record of where people go and when, is valuable to anyone who wants to find, follow, or profile someone — including people who are not in government.
In 2024, the U.S. Cybersecurity and Infrastructure Security Agency issued warnings about seven major security vulnerabilities in Motorola's Vigilant ALPR systems, including default Wi-Fi passwords, unencrypted data, and unrestricted remote access. Independent security researchers have separately demonstrated the ability to access Flock camera feeds and administrative controls without authentication. In 2019, a Customs and Border Protection contractor was hacked, and more than 100,000 license plate scans and 184,000 traveler images were leaked.
A data broker, a hacker, or a bad actor inside any agency on the network doesn't need to break the law in a dramatic way. They need access to a database that already exists and already contains the information. From there, a stalker can learn when someone leaves for work every morning. A burglar can learn when a house is reliably empty. A debt collector, a private investigator, or anyone willing to pay can build a pattern-of-life profile from records that were collected for public safety but stored without meaningful restriction on who could query them or why.
The worst-case model already exists. China's social credit system combines surveillance cameras, facial recognition, license plate readers, financial records, and social media monitoring into a unified tracking infrastructure. Citizens who fall afoul of the system's scoring can have their bank accounts frozen, their travel restricted, and their access to housing, education, and employment curtailed — not by a court, but by an algorithm. No single component of that system, taken alone, was designed to control a population. The danger is in the aggregation — in building a comprehensive record of daily life and then deciding, after the fact, what to do with it.
Once a mass-collection system exists, the only thing that stands between its current use and its potential misuse is policy. Without written, enforceable rules, the restraint depends entirely on the good judgment of whoever holds the keys today and whoever holds them tomorrow.
What other states require
Other states have addressed this. California enacted its ALPR Privacy Act in 2015. That law requires any public agency to hold a public comment opportunity before starting an ALPR program, publish a written usage and privacy policy, maintain access logs, and limit data sharing to other in-state public agencies. Violations carry a private right of action with minimum damages of $2,500 per person harmed. Virginia enacted retention limits in 2025. Oregon signed a comprehensive ALPR framework into law in March 2026, requiring vendor audits published within two days of receipt.
In Indiana, none of that exists. No retention limit. No required use policy. No public hearing before deployment. No restriction on cross-jurisdiction data sharing. No audit requirement. No enforcement mechanism. The 2026 legislative session produced more than 150 new laws taking effect July 1. One of them, HEA 1150, prohibits homeowners' associations from installing license plate readers. None set any regulations on law enforcement use of ALPRs.
Blackford County's cameras were approved through routine Highway Department reports. The public had no notice that a vehicle-surveillance system was being installed, no opportunity to comment, and — as far as the public record shows — no assurance about what would happen to the data.
Flock's own network raises the stakes
The policy vacuum matters more because Flock cameras don't operate in isolation. They connect to a national network. According to Flock's own transparency portals for other agencies, Blackford County Sheriff's Office data is accessible to — or shared with — hundreds of other law enforcement agencies across the country. Hartford City PD appears on those same network lists.
The Fort Wayne City Council, an hour north, is currently debating whether to renew its own Flock contract. Council members there discovered that the Fort Wayne Police Department could not provide a single, consistent number for how many outside agencies had access to Fort Wayne's data — the department gave three different figures depending on the source. Fort Wayne has 36 cameras. It has a full-time police department, a city legal office, and a council with subpoena authority, and it still cannot answer the basic question of who can see its residents' data.
Blackford County is smaller, with fewer cameras and far fewer resources to independently audit a national vendor's network architecture. If Fort Wayne cannot answer the question, it is worth asking whether Blackford County has tried.
The question
A vehicle-surveillance system is operating in Blackford County and Hartford City with no governing ordinance, no published data policy, and no state law setting minimum standards for retention, access, sharing, or oversight. Citizens who drive past these cameras have no publicly available information about how long their location data is kept, who can search it, whether it is shared with agencies outside the county or outside the state, or what recourse they have if it is misused.
At least 16 states have decided that question is important enough to answer in statute. Indiana has not. And in Blackford County, the question isn't even being asked.
Have information about Flock cameras in Blackford County? Contact the Ledger at help@theblackfordledger.com.