jonathanwestmoreland.com

Tag: Surveillance Oversight

  • Speaking to Bend City Council About Axon and Police Accountability

    Speaking to Bend City Council About Axon and Police Accountability

    A public comment on police technology, public safety, and accountability.

    This video shows my public comment to Bend City Council regarding two connected concerns: the proposed expansion of Axon police technology and the police response after a bullet was fired into my mother’s apartment.

    My concern is not only whether new policing tools are useful. It is whether the City has strong enough oversight, transparency, auditing, data protections, and accountability in place before expanding police technology contracts.

    The same public safety system that asks residents to trust expanded technology must also be able to respond clearly, urgently, and accountably when a bullet enters someone’s home. That experience shaped why I believe Bend should slow down, ask harder questions, and build stronger safeguards before expanding surveillance or police technology systems.

    Why this matters

    Police technology decisions are not just purchasing decisions. They shape how public safety works, how data is collected, how evidence is handled, and how residents are asked to trust government systems.

    Before expanding Axon or any similar system, Bend should have clear answers about:

    • What data will be collected;
    • Who can access it;
    • How long it will be retained;
    • How searches and usage will be audited;
    • How errors, misuse, or weak responses will be reviewed; and
    • How residents will know whether these systems are actually improving safety.

    Technology can support public safety, but it cannot replace accountability. In fact, the more powerful the technology becomes, the stronger the oversight needs to be.

    Watch the public comment here:
    Speaking to Bend City Council about Axon expansion and police accountability

  • What Bend Residents Should Know Before Police Surveillance Expands

    What Bend Residents Should Know Before Police Surveillance Expands

    The full Bend Surveillance Oversight series is now available.

  • Questions Bend Residents Can Ask Council

    Questions Bend Residents Can Ask Council

    Part 10 of the Bend Surveillance Oversight series.

    You do not need to be a surveillance expert to ask reasonable questions about public technology.

    If a city uses tools that collect, store, search, analyze, or share public data, residents have a right to understand how those tools are governed.

    That applies to body cameras, fleet cameras, automated license plate readers, drones, traffic enforcement cameras, digital evidence systems, AI tools, real-time information platforms, and any other technology that affects public privacy, public records, or public accountability.

    The goal is not to attack City staff or police.

    The goal is simple:

    Public safety technology should answer to public rules.

    1. What systems exist?

    • What surveillance technologies does Bend Police currently use?
    • What systems are being considered for future use?
    • Which systems are active now?
    • Which systems are approved but not yet active?
    • Which systems are optional add-ons or future capabilities?
    • Which vendors are involved?
    • Are there third-party vendors, subcontractors, cloud providers, or software modules the public should know about?
    • Is there a plain-language public inventory residents can read?

    2. What data is collected?

    • Does the system collect video?
    • Does it collect audio?
    • Does it collect license plate data?
    • Does it collect location data?
    • Does it collect metadata?
    • Does it collect biometric data?
    • Does it analyze faces, vehicles, objects, movement, behavior, or patterns?
    • Is any data analyzed by AI or automated tools?
    • Are any features disabled but technically available?

    3. Where does the data go?

    • Where is the data stored?
    • Is it stored on City systems or vendor-controlled cloud systems?
    • Does the City own and control the data?
    • Can vendors access the data?
    • Can vendors process, export, or analyze the data?
    • Are cloud providers or subprocessors involved?
    • Can data be stored outside Oregon?
    • Can data be stored outside the United States?
    • What happens to the data when the contract ends?

    4. How long is the data kept?

    • What is the default retention period for each system?
    • Is non-evidence data automatically deleted?
    • Is non-hit ALPR data deleted quickly?
    • Who can extend retention?
    • What justification is required to extend retention?
    • Are retention changes logged?
    • Are retention settings audited?
    • Does the City publish retention rules publicly?

    5. Who can search the data?

    • Who has access to each system?
    • Are users limited by role?
    • Can every officer search the system?
    • Can supervisors search it?
    • Can dispatch search it?
    • Can prosecutors access it directly?
    • Can vendors access it?
    • Can outside agencies access it?
    • Are searches required to include a case number or incident number?
    • Are searches required to include a purpose?
    • Are all searches logged?
    • Are search logs audited?
    • What happens if someone searches improperly?

    6. Can outside agencies access it?

    • Can federal agencies access Bend surveillance data?
    • Can out-of-state agencies access it?
    • Can regional law enforcement systems access it?
    • Can fusion centers access it?
    • Can private companies access it?
    • Can vendors respond directly to outside requests?
    • Does the City require case-specific legal process before sharing?
    • Does the City require written authorization before sharing?
    • Does the City publish annual data-sharing statistics?
    • Can the City deny outside requests?
    • Can the City audit outside access?

    7. Can vendors activate new features?

    • Can vendors activate new AI features?
    • Can vendors activate analytics features?
    • Can vendors activate biometric tools?
    • Can vendors activate ALPR features?
    • Can vendors activate real-time monitoring?
    • Can vendors change retention settings?
    • Can vendors change data-sharing settings?
    • Does Council approval happen before new capabilities are enabled?
    • Does the public receive notice before major feature changes?
    • Are disabled features independently verified?

    8. What about facial recognition and biometrics?

    • Does Bend use facial recognition?
    • Does Bend plan to use facial recognition?
    • Do any current systems have facial recognition capability?
    • Are biometric features disabled?
    • Who verifies that they are disabled?
    • Would Council approval be required before biometric features are activated?
    • Would the public receive notice?
    • Would there be legal review and technical review first?

    A simple local rule would be:

    No facial recognition or biometric identification without explicit public approval.

    9. What about AI police reports?

    • Does Bend use AI-assisted police reports?
    • Does Bend plan to use AI-assisted police reports?
    • If AI is used, are original AI drafts preserved?
    • Are officer edits logged?
    • Does the final report disclose AI assistance?
    • Are prosecutors notified when AI was used?
    • Can defense attorneys obtain AI drafting records through normal discovery?
    • Can the vendor use Bend data to train AI models?
    • Has the system been independently audited?
    • Are serious incidents excluded or subject to extra safeguards?

    A simple local rule would be:

    No AI-generated police report without an audit trail.

    10. What oversight exists?

    • Has the City conducted an independent technical audit?
    • Does each system have a public use policy?
    • Does each system have a public retention policy?
    • Does each system have a public sharing policy?
    • Are complaints tracked?
    • Are violations reported publicly in aggregate?
    • Does Council review surveillance systems before renewal?
    • Does the City publish annual transparency reports?
    • Are total annual costs publicly reported?
    • Are future renewals and expansions clearly identified?

    11. What safeguards will Bend adopt?

    • Will Bend adopt a surveillance technology ordinance?
    • Will Bend require Council approval before acquisition or expansion?
    • Will Bend publish a public inventory of all surveillance technologies?
    • Will Bend require public use policies before deployment?
    • Will Bend set short retention limits?
    • Will Bend require logged searches with case numbers?
    • Will Bend restrict federal and third-party sharing?
    • Will Bend prohibit facial recognition without explicit public approval?
    • Will Bend require independent technical audits?
    • Will Bend require annual public transparency reports?
    • Will Bend prohibit vendors from activating new capabilities without City approval?
    • Will Bend require public review before contract renewal?

    A short version residents can send

    Residents who want to keep it simple can ask Council this:

    Before Bend expands police surveillance technology, will the City publish a plain-language inventory of all systems, identify what data each system collects, explain where the data is stored, disclose retention periods, require logged searches with case numbers, restrict federal and third-party sharing, prohibit facial recognition without explicit public approval, and require annual public transparency reports?

    These are not anti-police questions.

    They are public governance questions.

    If a technology is powerful enough to collect, search, store, analyze, or share public data, it is powerful enough to deserve public rules.

    Bend residents deserve clear answers before police surveillance systems expand.

    Further reading

    Series links

  • Other Cities Are Already Asking Better Questions

    Other Cities Are Already Asking Better Questions

    Part 8 of the Bend Surveillance Oversight series.

    Bend does not need to invent police surveillance oversight from scratch.

    Other cities are already asking the same basic questions:

    • Who approves surveillance technology before it is used?
    • What data is collected?
    • How long is it kept?
    • Who can search it?
    • Can outside agencies access it?
    • Can vendors change settings or activate new features?
    • Does the public receive annual reports?
    • Can elected officials review the system before it expands?

    That is the important lesson.

    The issue is not whether every city has reached the same conclusion.

    They have not.

    The issue is that communities across the country are realizing that police technology should not expand faster than public oversight.

    Austin: surveillance technology should require public rules

    Austin offers one useful model.

    In February 2026, the Austin City Council passed a resolution called the Transparent and Responsible Use of Surveillance Technology Act, or TRUST Act.

    The resolution directed the City Manager to return with an ordinance regulating the adoption, acquisition, deployment, use, and review of surveillance technology by city departments.

    That matters because it shifts the question from one contract at a time to a broader public framework.

    Bend could take the same approach.

    The public question should not only be whether a single contract sounds reasonable.

    The broader question should be what rules apply before surveillance technology is acquired, expanded, renewed, or materially changed.

    Mountain View: vendor assurances were not enough

    Mountain View, California offers another useful lesson.

    In January 2026, the City publicly stated that it had discovered unauthorized queries and potential access to Mountain View ALPR data.

    The City said Police Department staff had met with Flock Safety leadership about “the security and control of our data,” and said it was “upset and disappointed with how our data was accessed.”

    That example matters because it shows why vendor assurances are not enough.

    The lesson for Bend is simple:

    Do not wait for a data-sharing problem before creating data-sharing rules.

    Pima County: cost and AI concerns can cross political lines

    Pima County, Arizona offers another example.

    Reporting in early 2026 described the Pima County Board of Supervisors rejecting a proposed $45 million contract expansion involving Axon technology and AI tools.

    Reported concerns included cost, AI expansion, and whether the investment made sense for the Sheriff’s Department.

    That example matters because surveillance oversight is not only a privacy issue.

    It is also a budget issue.

    Public safety dollars are limited.

    Every dollar spent on bundled technology, AI tools, cloud subscriptions, hardware refreshes, and add-on features is a dollar not spent somewhere else.

    That does not mean technology is never worth funding.

    It means elected officials should ask hard questions before long-term commitments become automatic.

    Ferndale: public pressure can lead to stronger oversight

    Ferndale, Michigan offers another useful example based on reporting about local ALPR oversight discussions.

    Reporting described residents raising concerns about license plate reader expansion and city officials discussing stronger policies.

    That is important because public oversight often improves when residents ask specific, grounded questions.

    Community engagement does not have to stop technology.

    It can improve the rules that govern technology.

    The pattern is bigger than one vendor

    This is not only about Axon.

    It is not only about Flock.

    It is not only about ALPRs.

    It is not only about body cameras.

    It is not only about AI.

    The larger issue is how cities govern powerful surveillance systems once cameras, cloud storage, software subscriptions, data-sharing, analytics, and vendor platforms become part of public safety operations.

    A city can support public safety and still insist on public oversight.

    Those goals are not opposites.

    What Bend can learn

    Bend can learn at least five things from other cities.

    1. Oversight should happen before deployment or expansion, not after controversy.
    2. Citywide rules are better than one-off contract debates.
    3. Data-sharing limits should be explicit and enforceable.
    4. Vendors should not be the only source of truth about how systems work.
    5. Annual public reporting builds trust without exposing sensitive case details.

    These examples do not prove that Bend has the same problems.

    They show why Bend should adopt safeguards before problems occur.

    Bend can ask better questions now

    Police technology can be useful.

    But useful tools still need rules.

    If other cities are asking stronger questions about surveillance technology, Bend can too.

    The question is not whether Bend should copy another city word for word.

    The question is whether Bend should create its own public framework before future expansions become harder to unwind.

    Better questions today can prevent harder problems tomorrow.

    Further reading

    Series links

  • ALPR Oversight Is a Democracy Issue

    Signals & Safeguards — A standalone civic-oversight post on license plate readers, public consent, federal access, and the safeguards local governments should require before surveillance networks become hard to unwind.

    ALPR oversight is becoming a democracy issue

    The strongest surveillance story this week is not one camera system by itself. It is the fight over who gets to approve, search, share, and shut down a network once it is already in place.

    Automatic license plate readers, often called ALPRs, are usually introduced as practical public-safety tools. Police agencies point to stolen-vehicle recovery, suspect identification, Amber Alerts, and serious investigations. Those uses can be real. But the democratic problem begins when a system that looks like a set of cameras turns into a searchable movement database shared across agencies, jurisdictions, vendors, and sometimes federal systems.

    That is why the key question is no longer simply, “Do these cameras help police?” The better question is: who controls the system once it exists?

    When public consent breaks down

    In Troy, New York, a dispute over Flock license plate readers escalated after residents objected to cameras installed without meaningful public input, the City Council voted to end the program, and the mayor declared a state of emergency to keep the cameras operating. The fight became larger than Flock: it became a dispute over emergency authority, public consent, and whether elected bodies can still control surveillance systems once public-safety claims are used to preserve them.

    That should concern any community considering ALPRs or similar systems. If ordinary approval channels can be bypassed, delayed, or overridden after cameras are installed, then the public debate happens too late. The technology gains institutional momentum before the rules are settled.

    The democracy issue: surveillance systems should not go live first and receive public rules later.

    Once a camera network is installed, agencies, vendors, and outside partners may develop expectations around continued access. That makes it politically and operationally harder for elected officials to narrow, pause, or end the system.

    The pattern is spreading

    The pattern is appearing elsewhere. In Cleveland and nearby communities, residents and advocates are challenging Flock deployments over privacy, immigration-enforcement access, and uncertainty about who can search the system. In Bend, The Source Weekly reported that federal immigration officials made 279 queries into Bend’s Flock Safety data in the first three weeks after the cameras went live, and Bend Police reportedly did not authorize those searches.

    That Bend example matters because it shows how quickly the debate can move from “Should we install cameras?” to “Who searched the data, why, under what authority, and what did they see?” A local system may be approved for local purposes, but the practical risk is that local vehicle-location data becomes useful to agencies far beyond the community that generated it.

    The federal layer changes the stakes

    The federal layer makes the issue sharper. Reporting from 404 Media says the FBI wants to buy nationwide access to license plate reader data. If local and private cameras can become part of a national movement-search network, then approving a few cameras is not only a local equipment decision. It is a decision about whether local vehicle-location data can become searchable far beyond the community that generated it.

    That does not mean every ALPR deployment is the same, or that every agency intends to misuse the system. It means the rules must be written for the system’s real capabilities, not only for its best-case sales pitch.

    Public safety and public oversight are not opposites

    The public-safety case should not be dismissed. ALPRs can help find stolen vehicles, locate suspects, and respond to serious threats. But that is exactly why governance has to come first. A system useful enough to solve crimes is also useful enough to misuse, over-share, or repurpose.

    Good oversight does not require pretending the technology has no value. It requires acknowledging that useful tools can still create serious risks when access is broad, retention is long, audit logs are weak, vendor permissions are unclear, or outside-agency sharing is treated as a default instead of an exception.

    Why it matters for Bend

    Why it matters for Bend: Bend has already seen how quickly the question can move from “Should we install cameras?” to “Who searched the data, why, and what did they see?” Bend and Redmond are also working through automated traffic-enforcement systems, which are not the same as ALPRs but raise overlapping questions about vendors, retention, access, audit logs, public notice, error correction, and repurposing.

    Traffic cameras, retail ALPRs, police ALPRs, and connected-vehicle data are not identical systems. But they all point toward the same local-governance challenge: ordinary movement is becoming easier to capture, store, search, and share. Communities need clear rules before those records become too convenient to give up.

    “The liberty of every man is at the mercy of every petty officer.”— James Otis, arguing against writs of assistance (1761)

    Safeguards local officials should require

    Before approving, renewing, expanding, or continuing an ALPR program, public officials should require written rules that answer the basic governance questions up front:

    • Purpose limits: define exactly what the system may and may not be used for.
    • Access limits: identify who can search the system and whether outside agencies can access it.
    • Federal-access rules: state whether federal or immigration-enforcement searches are allowed, blocked, or require a specific legal process.
    • Short retention: automatically delete plate data quickly unless it is tied to a documented investigation.
    • Search documentation: require a case number, purpose, user identity, and timestamp for every search.
    • Exportable audit logs: make logs available for independent review, public reporting, and investigation of misuse.
    • Vendor restrictions: define vendor access, support access, data use, training use, subcontractors, and breach obligations.
    • Public reporting: publish regular transparency reports showing searches, outside-agency access, hits, false positives, retention, and policy violations.
    • Democratic review: require council approval before expansion, new integrations, new sharing relationships, or emergency continuation.

    Bottom line: ALPR oversight is becoming a democracy issue because the most important decision is not only whether cameras exist. It is whether the public, through elected officials and enforceable rules, still controls how movement data is searched, shared, retained, audited, and shut down.