Category: County Emails

I am sharing the emails that I send to Deschutes County Commissioners in hopes that it will one day be beneficial to others who wish to get involved in local governance.

  • Written Comment: Contract No. 2026-0327 — Axon Body-Worn Cameras, Fleet Cameras, and Tasers (BOCC, June 3, 2026)

    <!DOCTYPE html>





    Written Comment — Contract No. 2026-0327 — Bend Privacy Alliance


    To: Deschutes County Board of Commissioners
    Re: Contract No. 2026-0327 — Axon Body-Worn Cameras, Fleet Cameras, and Tasers
    Date: June 3, 2026
    From: Jonathan Westmoreland, Bend Privacy Alliance

    Commissioners Chang, DeBone, and Adair:

    I write in support of accountability tools for the Deschutes County Sheriff’s Office. Body-worn cameras, governed properly, serve the public interest. This Board knows that. What I am writing about today is what governing them properly actually requires — and what this two-page staff report does not address.

    The Legal Framework Has Changed Since This Item Was First Scheduled

    When the BOCC deferred Contract No. 2026-0327 on May 27, I submitted written comment identifying the absence of an ALPR policy as a threshold concern. In the two weeks since that deferral, nothing has changed on DCSO’s end. The agency’s published policy manual — available at sheriff.deschutes.org/about/administration/policies — has not been updated since September 23, 2025. It contains no ALPR-specific policy today.

    In that same two-week window, two Oregon statutes have come into force that bear directly on this contract.

    SB 1516 (Effective March 31, 2026) — ALPR Framework

    Oregon’s ALPR law is not aspirational guidance. It is mandatory statutory law.

    Oregon SB 1516 — Section 7

    Before deploying or using an automated license plate recognition system or captured license plate data, a law enforcement agency shall establish and publish policies and procedures governing that use — including authorized uses, data retention, access controls, audit requirements, and data sharing limitations consistent with the Act.

    SB 1516 further provides that after March 31, 2026, a law enforcement agency may not enter into a new contract with an ALPR vendor unless the agency and the contract comply with the Act.

    The fleet camera in this contract is the Axon Fleet 3. The contract also includes purchased licenses for Axon Auto-Transcribe (unlimited service, 105 units) and Axon Evidence Auto-Tagging (105 units) — software services that provide AI-powered analytics on footage, including vehicle and license plate recognition functions. These are active purchased line items, not future options. The staff report does not address whether these features will be activated or restricted, and no governing policy exists.

    Compounding this: the Service Level Agreement attached to this contract provides that firmware updates to Axon devices “are pushed from Axon Cloud Services” and “customer interaction is not required.” Axon can activate or modify device capabilities — including Auto-Tagging and Auto-Transcribe — through a firmware push at any time after contract execution, without a separate authorization from DCSO or this Board. No policy governing that capability exists today.

    SB 1587 (Effective June 5, 2026 — Today) — Data Broker Prohibition

    Oregon SB 1587, Chapter 96, prohibits public bodies from disclosing personally identifiable information to a data broker unless the data broker provides a written attestation that the information will not be sold or transferred to any entity to enforce federal immigration law. This law took effect today — the same day this contract is scheduled for a vote.

    I have reviewed the complete contract, including the Axon Cloud Services Privacy Notice attached as an exhibit. No SB 1587 attestation exists anywhere in this document. The privacy notice authorizes Axon to share data with “subsidiaries, legal entities, third party service providers and other partners” for product development, analytics, and security purposes, with no restriction on federal law enforcement access beyond what applicable law requires. The County should require a written SB 1587-compliant attestation from Axon — binding on Axon and its sub-processors — as a condition of contract execution.

    Vendor-Held Encryption — A Data Sovereignty Condition the Board Should Accept on the Record

    In a February 14, 2026 letter to Senator Prozanski and the Senate Committee on Judiciary, Oregon State Chief Information Security Officer Ben Gherezgiher confirmed that while Axon’s platform is built on FedRAMP-authorized Microsoft Azure Government Cloud and meets CJIS security requirements, Axon does not employ end-to-end encryption architecture. As a SaaS provider, Axon maintains encryption keys on behalf of its law enforcement subscribers — meaning DCSO would not retain encryption keys to its own data.

    The contract confirms this in structural terms. The Axon Cloud Services Privacy Notice attached to this contract designates Axon as the Data Controller — not DCSO — for all Non-Content Data generated under the contract. This includes device logs, usage patterns, system configurations, service interaction data, and application logs. For this entire category of data, Axon independently determines the purposes and means of processing. DCSO cannot direct how Axon uses it, restrict its disclosure, or require its deletion. Meeting security standards and controlling your own data are distinct conditions. The Board should acknowledge the latter explicitly and on the record before voting, not by silence.

    Additional Contract Findings the Staff Report Does Not Address
    Finding 1 — The Data Processing Agreement Is Missing

    The Axon Cloud Services Privacy Notice attached to this contract references “the Data Processing Agreement entered into between the parties” as the governing document for Axon’s processing of DCSO footage. That document is referenced twice as controlling. It is not attached to Contract No. 2026-0327. The Board is being asked to approve a $2.4 million contract that incorporates by reference a governing privacy document that is not before them.

    Finding 2 — Axon Can Push Firmware to All Devices Without DCSO Authorization

    The Service Level Agreement provides that firmware updates to Axon devices “are pushed from Axon Cloud Services” and “customer interaction is not required.” The SLA also requires that if remote access to DCSO’s environment is restricted, “Axon mandates the setup of a jump server or any other access solution” permitting Axon remote tools to access DCSO’s servers. Axon has contractual authority to push software changes to body cameras, fleet cameras, and Tasers, and to access DCSO’s network infrastructure, without a separate Board authorization.

    Finding 3 — Fusus Is an Active Service Under This Contract

    The SLA’s definition of “Axon Cloud Services” explicitly includes “FUSUS services.” Fusus is Axon’s real-time crime center platform — it aggregates surveillance feeds from cameras, sensors, and third-party data sources into a unified dashboard. The privacy notice confirms Fusus collects motion, event, temperature, and ambient light data from device environments, as well as traffic data, location data, and logs from platform users. The staff report makes no mention of Fusus. The Board should understand what it is authorizing.

    What the County’s Own Internal Auditor Found — And What DCSO Refused

    The December 2025 audit of DCSO’s existing body-worn camera program (Audit Report A0134, published December 1, 2025) is directly relevant to this vote. The Board is being asked to nearly triple the scope and cost of a program the auditor could not fully evaluate — because DCSO refused to provide access to footage.

    Scope Impairment — Audit Report A0134

    The auditor’s primary objective was to verify that deputies were recording interactions as required by policy. DCSO denied access, citing County Legal advice that internal audit review does not constitute a “legitimate law enforcement purpose” under ORS 133.741. No supporting documentation — no memo, no case citations — was provided. The County Internal Auditor could draw no conclusion about whether DCSO deputies are actually recording interactions as required. That gap is unresolved today.

    The staff report characterizes the audit as having “identified operational, regulatory, and policy improvements which cannot be met by the current vendor” — framing it as a procurement justification. That characterization omits the scope impairment, the refused footage access, and management’s formal written disagreement with the recommendation to publish program statistics publicly. The Board deserves the full picture.

    Beyond the scope impairment, the audit identified four substantive findings:

    Quarterly reports not published, preserved, or evaluative (Recommendations 1–3). Reports are issued internally but are not public, not preserved as evidence, and not designed to evaluate program effectiveness. Sheriff Rupert’s management response formally disagrees with the recommendation to publish these reports — the only outright disagreement in the entire management response. That is a stated policy position against public transparency, in writing, six months before this Board votes to expand the program significantly.

    Supervisor review not occurring consistently (Recommendation 4). In the July–September 2025 period, 42 percent of deputies had fewer than the two supervisor reviews per quarter required by policy added in March 2025.

    Information security controls fell short of CJIS standards (Recommendations 6–7). Password requirements, session lockouts, account setup, temporary access, and inventory controls all fell short. No policies and procedures manual exists for the camera information system. Resolution is targeted for June 30, 2027 — contingent on vendor selection. The vendor being selected is the subject of today’s vote.

    Public records requests resulted in zero releases (Recommendation 5). In the auditor’s sample of ten requests, no footage was released — primarily because redaction costs ranging from $86 to $2,315 per request led requesters to abandon them. The program is functionally opaque to the public.

    This Board is being asked to expand a program whose accountability mechanisms are incomplete, whose security controls are deficient by the auditor’s own findings, and whose management has formally declined to publish program statistics publicly. The audit’s unresolved recommendations are not a reason to reject this contract — but they are a reason to condition it.

    My Asks
    1. 1
      Require on-the-record confirmation, before voting, of whether the Auto-Tagging and Auto-Transcribe licenses included in this contract encompass license plate recognition or vehicle analytics functions, and whether DCSO intends to activate those capabilities.
    2. 2
      Condition any activation of fleet camera ALPR or vehicle analytics capability on the prior adoption of a written, published, SB 1516-compliant ALPR policy. This is not a discretionary request — it is what Oregon law requires.
    3. 3
      Treat ALPR activation as a Board-level policy decision requiring separate authorization, public notice, and a policy in place before deployment — not an administrative implementation decision. Note that Axon’s SLA permits firmware-based feature activation without customer authorization; the Board should close that gap contractually.
    4. 4
      Require Axon to provide a written attestation compliant with Oregon SB 1587 (Chapter 96, 2026) before contract execution, confirming that personally identifiable information stored on the platform — including through Axon’s sub-processors — will not be transferred to any entity for federal immigration enforcement purposes.
    5. 5
      Require the missing Data Processing Agreement to be provided, reviewed by County Legal Counsel, and made available to the Board before the contract is executed. The contract references this document twice as governing DCSO’s footage — it is not attached to the packet before you today.
    6. 6
      Direct staff to provide the Board with a written status report on all seven recommendations from Audit Report A0134 — specifically which are implemented, which are in progress, and which have been declined — before the expanded contract goes live.

    The community showing up today is asking this Board to govern this technology — not just purchase it. These asks are grounded in Oregon law, the contract itself, and the County’s own audit record.

    Respectfully submitted,

    Jonathan Westmoreland
    Bend Privacy Alliance
    Bend Privacy Alliance  •  Bend, Oregon  •  Submitted to citizeninput@deschutes.org


  • Public Comment — May 27 Agenda Item #6, Contract No. 2026-0327

    Dear Chair Chang, Vice Chair DeBone, and Commissioner Adair:

    I am writing on behalf of Bend Privacy Alliance regarding Action Item #6 on the May 27, 2026 Board agenda: authorization of Contract No. 2026-0327, a five-year, $2,412,669 agreement with Axon for body-worn cameras, Tasers, and fleet cameras for the Deschutes County Sheriff’s Office.

    I understand that body-worn cameras and fleet cameras can serve legitimate public-safety, evidence, and accountability purposes. My concern is not with cameras in the abstract.

    My concern is that this procurement is not simply an equipment replacement. It is a five-year commitment to a digital-evidence and cloud technology platform that may include, enable, or allow later activation of ALPR, AI tools, analytics, data-sharing functions, and vendor-controlled system settings.

    The Board should not be asked to approve that kind of system without a clear public record of what is included, what is excluded, and what cannot be enabled later without separate public approval.

    The December 2025 audit should be treated as a prerequisite document

    The December 2025 Deschutes County Internal Audit should be treated as a prerequisite document for this vote.

    The audit found that DCSO’s existing body-worn and in-car camera program had a solid foundation, but needed improved oversight and reporting. It found that camera reporting was not published, replicable, or evaluative; supervisors were not consistently reviewing footage according to policy; public-records tracking was incomplete; and information-security controls fell short.

    Most importantly, auditors could not independently verify whether deputies consistently recorded and categorized footage because DCSO did not provide access to footage for audit review.

    The County should not approve a more complex Axon cloud ecosystem unless the contract and implementation plan directly address those audit findings.

    The ALPR question should be answered before approval

    The most urgent issue is ALPR.

    DCSO spokesperson Jason Carr recently told The Source Weekly that the Sheriff’s Office does not currently use ALPR. However, the staff report refers generally to “fleet cameras” and does not identify the specific Axon fleet-camera model, software modules, or activation rights included in the contract.

    Axon’s Fleet 3 system is publicly described as having ALPR capability, and Axon states that Fleet 3 ALPR can be activated as a subscription through Axon Evidence without additional equipment.

    That matters because SB 1516 took effect in Oregon on March 31, 2026.

    If this contract includes ALPR-capable hardware, ALPR software, or the ability to enable ALPR later, the County should demonstrate before approval how the contract complies with SB 1516’s requirements for captured license plate data, vendor restrictions, retention, sharing limits, audits, public reporting, and end-to-end encryption.

    Encryption and vendor access need clarification

    This is not theoretical.

    Oregon’s Chief Information Security Officer testified that under Axon’s cloud architecture, “each law enforcement agency service subscriber does not retain encryption keys to their own data.”

    SB 1516 requires ALPR data to be encrypted using, at minimum, end-to-end encryption, but the practical meaning of that requirement is still developing.

    Before entering a new five-year Axon agreement with any ALPR capability or activation rights, the County should clarify who controls encryption keys, who can decrypt ALPR data, and whether Axon or any subcontractor retains technical access.

    Other jurisdictions show why technical compliance should not be assumed

    Other jurisdictions have already faced this problem.

    In March 2026, the Pierce County, Washington Sheriff’s Office reportedly deactivated approximately 200 Axon Fleet 3 ALPR cameras after concluding that its system could not be operated in compliance with Washington’s new ALPR privacy law.

    Oregon’s law is different, but the lesson is directly relevant: technical compliance with ALPR privacy laws should not be assumed. It should be demonstrated before approval or activation.

    Recent Oregon examples show why defaults and sharing settings matter

    Recent events in Oregon also show why this matters.

    Federal immigration authorities reportedly queried Bend PD’s Flock Safety ALPR database 279 times in three weeks after a vendor default setting was not disabled.

    The Rural Organizing Project has also filed litigation alleging that federal immigration authorities were able to query Oregon State Police systems through LEDS/NLETS; OSP denies the allegations, and the litigation is pending.

    These examples show why vendor defaults, interagency access, and data-sharing settings need to be addressed before surveillance technology is deployed.

    Existing policies do not appear to answer the ALPR question

    DCSO’s existing policies are helpful, but they do not appear to answer the ALPR question.

    • Policy 8.21 governs body-worn and in-vehicle incident recording, not bulk license plate scanning of uninvolved drivers.
    • Policy 4.30 governs LEDS, NCIC, and CCH access, but does not appear to govern automated plate scans or hotlist matching.
    • Policy 4.35 governs generative AI, but does not appear to govern ALPR, vehicle classification, or computer-vision analytics.
    • Policy 4.15 governs digital media as evidence, but does not appear designed for continuous or bulk vehicle-location collection.

    Questions the Board should require answers to before voting

    Before voting, I respectfully ask the Board to require clear answers to five questions:

    1. What specific Axon products, fleet-camera model, software modules, cloud services, and activation rights are included in Contract No. 2026-0327?
    2. Does the contract include ALPR-capable hardware, ALPR software, hotlist matching, vehicle analytics, searchable vehicle-location data, or any ability to activate those functions later?
    3. If ALPR capability is included or can be enabled later, how does the contract comply with SB 1516, including encryption, retention, search logs, vendor restrictions, audits, public reporting, and data-sharing limits?
    4. Are any Axon AI tools included, licensed, enabled, or available through this contract, including Draft One, Policy Chat, AI transcription, AI redaction, summarization, report writing, predictive analytics, or any tool that analyzes body-camera, fleet-camera, audio, video, report, or evidence data?
    5. What limits will apply to interagency sharing, federal access, out-of-state access, vendor access, subcontractor access, and default settings that could allow data to be shared beyond DCSO?

    Requested Board action

    I respectfully ask the Board to take one of three actions:

    First

    Defer authorization until these questions are answered, any ALPR-specific policy is developed if ALPR is included or available, and the internal audit referenced in the staff report is made available or publicly summarized.

    Second

    Sever the fleet-camera portion from the body-worn camera and Taser portions and authorize only the latter two while the County resolves the ALPR, AI, SB 1516, and sharing questions.

    Third

    At minimum, condition approval with clear motion language stating that:

    • No ALPR, license-plate recognition, hotlist matching, vehicle analytics, or searchable vehicle-location data may be enabled without separate public notice, policy review, SB 1516 compliance analysis, and Board approval.
    • No Axon AI, AI-assisted report writing, AI transcription, predictive analytics, biometric analytics, facial recognition, or new cloud analytics module may be enabled without separate public notice, policy review, and Board approval.
    • All access, searches, exports, downloads, sharing, retention changes, deletion activity, and vendor-support access must be logged and auditable.
    • Vendor default settings allowing federal, out-of-state, or third-party sharing must be disabled at the contract or administrator level unless separately approved by the Board.
    • The County must publish a plain-language privacy impact summary before deployment and provide annual public reporting on system use, access audits, sharing activity, retention/deletion compliance, complaints, policy violations, and any AI, ALPR, or analytics tools enabled.

    Conclusion

    Body-worn and fleet cameras may improve accountability, but only if the surrounding data system is governed by clear limits, public transparency, enforceable retention rules, strong audit logs, and meaningful restrictions on secondary use.

    The Board should not authorize privacy-sensitive capabilities that have not been clearly disclosed, governed by policy, and shown to comply with Oregon law.

    Thank you for your consideration. I plan to attend the May 27 meeting and am available to discuss any of the above at the Board’s convenience.

    Respectfully,

    Jonathan