ZeroEyes presents AI firearm-detection system to Michigan subcommittee; members press on privacy, accuracy and procurement
October 23, 2025 | 2025 House Legislature MI, Michigan
This article was created by AI summarizing key points discussed. AI makes mistakes, so for full details and context, please refer to the video of the full meeting. Please report any errors so we can fix them. Report an error »
Kieran Carroll, chief strategy officer at ZeroEyes, told the House Oversight Committee's Subcommittee on Homeland Security and Foreign Influence on Sept. 12 that his company's software integrates with existing security cameras to detect visible, brandished firearms and routes validated alerts to human analysts and public-safety endpoints.
Carroll said ZeroEyes' system analyzes frames on the customer network, sends a single keyframe with metadata off-network when the algorithm flags a possible firearm, and a ZeroEyes analyst then validates the detection within seconds. "We're not trying to detect anything holstered or concealed," Carroll said, adding the company does not perform facial recognition or behavioral profiling.
The presentation outlined how ZeroEyes operates as a managed service: a deployed AI agent runs locally on a customer's camera network, the company transmits only a timestamped keyframe and metadata for analyst review, and validated detections can be routed to 9-1-1 through partners such as RapidSOS. Carroll said the company runs a 24/7 operations center outside Philadelphia and another in Honolulu, and that one analyst can manage roughly 10,000 cameras.
Why this matters: Carroll described deployments in more than 40 states and said ZeroEyes is used in thousands of K-12 schools and higher-education institutions. He argued the capability helps first responders spot and respond to armed threats faster and cited examples he said led to arrests, including a subway-platform incident where an alert, he said, prompted officers to move within 45 seconds.
Committee members focused on accuracy, privacy and procurement safeguards. Representative Shriver asked whether ZeroEyes would publish independent false-positive and false-negative rates and district-level dashboards. Carroll cited the company's Department of Homeland Security Safety Act engagement as the mechanism used to validate performance and said the company has published summaries of those results. He said the company has had one incident that produced a false positive in its history and described how ZeroEyes' human review is designed to limit unnecessary escalations.
On data retention and custody, Carroll said customers own their camera data and the company's default retention policy for keyframe alert data is 30 days; true-positive evidence tied to law enforcement cases is retained as a chain-of-custody record. "The customer owns all their data," he said. Carroll added that ZeroEyes does not web-scrape third-party images for training data and that the company builds and owns its proprietary datasets in-house.
Several lawmakers raised national-security and supply-chain concerns. Vice Chair Meerman asked whether offshoring engineering or buying third-party labeled data could expose sensitive datasets to foreign adversaries; Carroll said ZeroEyes hires U.S. citizens and avoids third-party data brokers, and warned of an industry-wide reliance on China-origin data-labeling services. He recommended state procurement and security standards (he cited FedRAMP and CMMC as federal examples) consider data provenance for vendors who integrate with public-sector networks.
Carroll also discussed policy and funding: he urged updated procurement language in federal and state security grants to reflect modern video-analytics capabilities and said some states have already allocated school-safety funding toward systems like the one he described. He said ZeroEyes is pursuing additional analytics, including knife detection, drone and thermal inference, and said the company delivers services to both public-sector and commercial customers.
Committee members asked about third-party audits and disparate-impact testing. Carroll said he would accept independent audits "if the third party is competent enough to understand the technical parameters." Representative Shriver pressed for publication of performance metrics; Carroll said districts are often reluctant to publish security dashboards but said the company could discuss options with end users.
Votes at a glance: Representative Meerman moved to approve the minutes of the Sept. 17 meeting; there were no objections and the minutes were approved by voice.
What remains open: Lawmakers continued to press for clearer state procurement guidance, independent verification of algorithmic performance, and written assurances about data retention and access when districts contract with third-party network operators. Carroll identified specific company practices for disclosure to potential customers, including Safety Act validation summaries, SOC 2 and ISO 27001 compliance claims, and the company's stated policy to keep alert keyframes for 30 days by default.
Carroll said ZeroEyes' system analyzes frames on the customer network, sends a single keyframe with metadata off-network when the algorithm flags a possible firearm, and a ZeroEyes analyst then validates the detection within seconds. "We're not trying to detect anything holstered or concealed," Carroll said, adding the company does not perform facial recognition or behavioral profiling.
The presentation outlined how ZeroEyes operates as a managed service: a deployed AI agent runs locally on a customer's camera network, the company transmits only a timestamped keyframe and metadata for analyst review, and validated detections can be routed to 9-1-1 through partners such as RapidSOS. Carroll said the company runs a 24/7 operations center outside Philadelphia and another in Honolulu, and that one analyst can manage roughly 10,000 cameras.
Why this matters: Carroll described deployments in more than 40 states and said ZeroEyes is used in thousands of K-12 schools and higher-education institutions. He argued the capability helps first responders spot and respond to armed threats faster and cited examples he said led to arrests, including a subway-platform incident where an alert, he said, prompted officers to move within 45 seconds.
Committee members focused on accuracy, privacy and procurement safeguards. Representative Shriver asked whether ZeroEyes would publish independent false-positive and false-negative rates and district-level dashboards. Carroll cited the company's Department of Homeland Security Safety Act engagement as the mechanism used to validate performance and said the company has published summaries of those results. He said the company has had one incident that produced a false positive in its history and described how ZeroEyes' human review is designed to limit unnecessary escalations.
On data retention and custody, Carroll said customers own their camera data and the company's default retention policy for keyframe alert data is 30 days; true-positive evidence tied to law enforcement cases is retained as a chain-of-custody record. "The customer owns all their data," he said. Carroll added that ZeroEyes does not web-scrape third-party images for training data and that the company builds and owns its proprietary datasets in-house.
Several lawmakers raised national-security and supply-chain concerns. Vice Chair Meerman asked whether offshoring engineering or buying third-party labeled data could expose sensitive datasets to foreign adversaries; Carroll said ZeroEyes hires U.S. citizens and avoids third-party data brokers, and warned of an industry-wide reliance on China-origin data-labeling services. He recommended state procurement and security standards (he cited FedRAMP and CMMC as federal examples) consider data provenance for vendors who integrate with public-sector networks.
Carroll also discussed policy and funding: he urged updated procurement language in federal and state security grants to reflect modern video-analytics capabilities and said some states have already allocated school-safety funding toward systems like the one he described. He said ZeroEyes is pursuing additional analytics, including knife detection, drone and thermal inference, and said the company delivers services to both public-sector and commercial customers.
Committee members asked about third-party audits and disparate-impact testing. Carroll said he would accept independent audits "if the third party is competent enough to understand the technical parameters." Representative Shriver pressed for publication of performance metrics; Carroll said districts are often reluctant to publish security dashboards but said the company could discuss options with end users.
Votes at a glance: Representative Meerman moved to approve the minutes of the Sept. 17 meeting; there were no objections and the minutes were approved by voice.
What remains open: Lawmakers continued to press for clearer state procurement guidance, independent verification of algorithmic performance, and written assurances about data retention and access when districts contract with third-party network operators. Carroll identified specific company practices for disclosure to potential customers, including Safety Act validation summaries, SOC 2 and ISO 27001 compliance claims, and the company's stated policy to keep alert keyframes for 30 days by default.
View full meeting
This article is based on a recent meeting—watch the full video and explore the complete transcript for deeper insights into the discussion.
View full meetingSponsors
Proudly supported by sponsors who keep Michigan articles free in 2025
