A company known for its controversial license plate reading technology has introduced a new surveillance tool that consolidates various datasets linked to drivers’ vehicle information. According to a recent report, this tool, marketed primarily to law enforcement, incorporates data obtained from breaches and unauthorized sources.
According to 404 Media, Flock, which has faced legal scrutiny over its car-tracking practices, is nearing the completion of a product named “Nova.” The company’s website claims that Nova connects “people, vehicles, and locations,” facilitating crime-solving efforts and prevention. Moreover, Flock asserts that the platform will simplify the integration of data into a unified interface. As detailed by 404 Media, Nova empowers police departments to quickly aggregate information about a driver from diverse sources, including public records, data acquired from brokers, and existing law enforcement databases, along with information from data breaches.
The report indicates that data derived from compromised sources includes a hacked parking meter application, ParkMobile. Such access enables license plate numbers to be associated with broader personal data, such as contact details and addresses, which had been shared with the app.
In response to inquiries, Gizmodo contacted Flock for clarification. In a statement published by 404 Media, the company characterized Nova as a “public safety data platform that assists investigators in analyzing and connecting data they already possess, yielding insights that can expedite case resolution.” Flock emphasized that the tool’s software is “completely customizable,” meaning users can select the specific data inputs they wish to utilize in Nova, thereby placing the responsibility for ethical use on its clients.
Flock suggested that all data integrated by its platform was already accessible to law enforcement through various other channels. “While officers may have access to similar information from different sources, centralizing it within Nova enhances transparency and accountability, allowing governing bodies to ensure its lawful application,” the statement stated.
Despite Flock’s confidence in Nova, internal communications reportedly indicate employee unease regarding the use of potentially illicit data. Citing messages shared via Slack, 404 Media quoted a staff member expressing concerns about the implications of using stolen data, questioning the ethical ramifications and the potential for future data leaks.
The deployment of Flock’s license plate reading technology has raised alarms among privacy and civil liberties advocates, who fear that such capabilities could facilitate oppressive surveillance by authoritarian regimes. Nevertheless, Flock remains steadfast in its technological advancements, recently expanding its operations into drone technology through the acquisition of Aerodome, described by the company as software for remote piloting in emergency scenarios.
As businesses navigate an increasingly complex landscape of cybersecurity threats, the implications of tools like Nova warrant significant attention. The potential exploitation of data breaches aligns with various tactics listed in the MITRE ATT&CK framework, including initial access and data manipulation, underscoring the urgency for organizations to fortify their cybersecurity measures.
