Perfect Logs, Dangerous Lies: The ELD System That’s Hiding Violations

INVESTIGATIVE REPORT  |  ELD COMPLIANCE  |  HOURS OF SERVICE

How a 207-truck Chicago-area fleet, a Serbia-based dispatch company, two linked ELD providers, and an encrypted messaging app allegedly built a system to erase HOS violations on demand — and what it reveals about a threat that is now spreading across the industry

By SafetyLane Magazine Editorial Staff  —  March 27, 2026  |  INVESTIGATIVE

Editor’s Note: This article is based on sworn declarations filed in the Circuit Court of Cook County, Illinois; deposition testimony entered into the court record; FMCSA public enforcement records; and additional industry reporting. The case is active litigation. Nothing in this article constitutes a finding of guilt. EMI has denied the allegations.

A driver is behind the wheel, running low on hours. Rather than pulling over for a mandatory rest break, he picks up his phone, opens Telegram, and sends a message to a group chat run by people who call themselves “the Log Department.” Within a short time, his electronic log shows he has completed a 34-hour reset. He never stopped driving.

That is the allegation at the center of a civil lawsuit working its way through the Circuit Court of Cook County, Illinois — and it is not an isolated incident. Court documents reviewed by SafetyLane Magazine describe a systematic, organized scheme allegedly operated by Extra Mile International, Inc. (EMI), a 207-truck motor carrier based in Orland Park, Illinois, involving two ELD providers with common ownership, a Serbian dispatch company, and a rotating cast of now-revoked and still-active ELD devices registered to the same Wyoming address.

EMI is facing a contempt hearing in April 2026 after failing to produce records the court ordered it to preserve. The case has drawn attention not only because of what it alleges about one carrier, but because of what it reveals about how ELD fraud is being industrialized — built into the infrastructure of the ELD product itself, operated remotely, and structured to leave as little traceable evidence as possible.

THE FLEET, THE MANAGING PARTNER, AND THE SERBIAN CONNECTION

Extra Mile International, Inc. is registered with USDOT number 3169488, operating as an interstate dry van carrier out of Orland Park, Illinois, in the Chicago suburbs. The company markets itself as a family-owned operation specializing in food-grade and commercial dry van freight across the continental U.S., with a mix of company drivers and owner-operators.

The managing partner of EMI is Nikola Mihailovic. His deposition, taken in the fall of 2025, is among the most significant documents in the court record — both for what he confirmed and for what he said he did not know.

When asked about EMI’s inability to produce the HOS records the court had ordered preserved, EMI’s legal counsel had previously responded in writing that the company could not comply because the ELD platform — Phoenix ELD — was governed by a user license agreement under which Phoenix was “the sole owner and controller” of all data, including “Telegram-based messaging features which may exist within the application.”

That explanation introduced a third entity: Expedite Logistics, a Serbia-based dispatch company. In August 2025, before Mihailovic’s deposition, EMI’s legal counsel submitted that “no employees or individual associated with EMI have knowledge of any deletion of Telegram communications, as they are outsourced to Expedite Logistics, a Serbia based entity.”

Weeks later, in his deposition, Mihailovic confirmed that he is the sole owner of the company — which he clarified his team had been consistently misspelling as “Expedite Logistics” rather than the correct “Expedited Logistics.” He also stated he does not work there.

In other words: the managing partner of EMI, an Illinois motor carrier, owns the Serbian dispatch company to which EMI attributed responsibility for Telegram communications regarding driver hours of service — and claims no involvement in its operations.

WHAT DRIVERS SAY HAPPENED: SWORN DECLARATIONS FROM THE COURT RECORD

The lawsuit includes sworn declarations from approximately a half-dozen former EMI drivers. These are not anonymous complaints — they are statements made under oath in a civil court proceeding, with the declarants subject to the legal consequences of perjury. The declarations are consistent in their core structure: drivers were directed to download Telegram, were added to a group chat run by people identifying themselves as EMI’s “Log Department,” and were told that their hours could be “fixed” through that channel.

One declaration states:

Another driver describes being explicitly instructed to set up the channel:

A third declaration describes the scope of what the Log Department claimed it could do:

This is the regulatory significance of that last statement: a 70-hour reset under 49 CFR Part 395 requires a driver to be off duty for 34 consecutive hours before being eligible to restart the 70-hour on-duty clock. It is a mandatory rest requirement built into federal law specifically to prevent fatigued driving. The allegation is that EMI’s Log Department was administering that reset electronically, on demand, without the driver stopping the truck.

At least one driver raised concerns about legality at the time. The declarations note that drivers who questioned the practice, or who left the company, were removed from the Telegram group chat. All drivers who filed declarations state they were terminated between 2024 and 2025.

PHOENIX ELD, LOG365, AND A WYOMING ADDRESS TIED TO NINE DEVICES

The court documents identify two ELD providers at the center of the alleged scheme: Phoenix ELD and Log365. Both are described in filings as having common ownership.

Phoenix ELD was revoked from FMCSA’s registered devices list in October 2025 for failure to meet the minimum technical requirements under 49 CFR Appendix A to Subpart B of Part 395. Administrator Derek Barrs, in announcing the revocation, stated that the action “reflects FMCSA’s continued commitment to ensuring that only compliant, reliable ELDs are in use.”

Log365 presents an even more fundamental problem: it never self-certified as an ELD provider in the first place. Under FMCSA’s pre-2025 system, ELD vendors were required to self-certify that their devices met technical specifications before being listed on the registered devices registry. Log365 bypassed even that minimal step. It was, in effect, operating as an ELD provider without ever being on the list at all.

In his deposition, Mihailovic stated he was uncertain whether EMI had ever paid Log365 for any services. When asked directly whether he was surprised to receive services from Log365 at no charge, he responded that he did not recall whether he had been charged or not. At one point he suggested he thought Log365 might be a call center or a dispatcher for Phoenix — despite the deposition having already established that both companies share common ownership.

The attorneys representing the drivers went further. Their investigation found that Phoenix ELD was linked to nine other ELD providers, all of which share the same principal place of business in Cheyenne, Wyoming, and were all organized by the same individual. The Cheyenne, Wyoming registered address pattern is not coincidental — it reflects a well-documented national phenomenon in which shell companies exploit Wyoming’s privacy-friendly LLC laws and low-cost registered agent services to maintain multiple corporate identities at a single address.

THE WYOMING NETWORK: 10 ELD PROVIDERS, ONE ADDRESS

The following devices were identified in court filings as sharing a common principal place of business in Cheyenne, Wyoming and a common organizer:

•  Phoenix ELD  —  REVOKED by FMCSA (October 2025)

•  Robinhood ELD  —  REVOKED by FMCSA

•  Ironman ELD  —  REVOKED by FMCSA

•  Xtreme Log  —  REVOKED by FMCSA

•  Action ELD  —  ACTIVE at time of reporting

•  Dragon ELD  —  ACTIVE at time of reporting

•  Red Fox ELD  —  ACTIVE at time of reporting

•  Royal ELD  —  ACTIVE at time of reporting

•  Zenith ELD  —  ACTIVE at time of reporting

•  Log365  —  Never self-certified; not on FMCSA registered list

Source: Driver legal team filings, Circuit Court of Cook County, IL. FMCSA registered/revoked device list.

Of the ten ELD providers identified in the network, four have had their certifications revoked by FMCSA. Five remain active on the registered devices list as of the time of publication. The implication is significant: if the allegations in this case are accurate, the same underlying infrastructure that allegedly supported HOS manipulation at EMI may still be available to other fleets through the five active devices.

HOW THE ALLEGED SCHEME WORKS: THE TECHNOLOGY BEHIND LOG MANIPULATION

To understand the allegations in this case, it helps to understand how this type of ELD fraud operates technically — because it is fundamentally different from the old-fashioned paper log falsification that regulators have dealt with for decades.

When FMCSA mandated ELDs in 2017, the device specifications required that any edits to a driver’s record of duty status leave a traceable annotation in the log. The intent was to prevent after-the-fact manipulation: if someone changed a log entry, the original entry and the edit would both be visible.

The new breed of fraudulent ELD providers has bypassed this requirement entirely. Rather than editing an existing log entry — which would leave a footprint — these providers manipulate the data at the provider level, creating a fabricated record that appears entirely clean from the start. There is no edit annotation because the manipulation happens before the record is ever finalized in a form an inspector would see.

The pattern at EMI, as alleged, fits this model precisely. The log visible to an inspector would show pristine compliance. The driver’s actual hours were being tracked and “reset” through a parallel channel — the Telegram group chat — that existed entirely outside the official ELD record.

Investigators and compliance specialists have noted that the logs produced by this type of tampering look suspiciously perfect. As one compliance researcher explained it: “The reason it gets flagged is that it’s way too perfect.” Real drivers make minor log adjustments — forgetting to log a fuel stop, adjusting a break time. Clean logs with no edits, no deviations, and activity patterns that defy normal driving behavior have become a red flag for trained inspectors.

In the EMI case, the Telegram chat itself was the evidence trail — screenshots of conversations showing log resets were submitted as exhibits with the sworn declarations. That is an unusual circumstance. In most cases of provider-level manipulation, no such parallel documentation exists for investigators to recover.

THE CONTEMPT HEARING AND THE EVIDENCE PRESERVATION BATTLE

On May 29, 2025, the Circuit Court of Cook County issued an order directing EMI and Phoenix ELD to preserve all HOS records, including discussions conducted over Telegram. This is a standard evidence preservation order — a court telling the parties to a lawsuit not to destroy anything relevant to the case.

EMI’s legal response to that order is notable: counsel argued the company could not comply because Phoenix ELD, not EMI, owned and controlled the platform data — including any Telegram functionality built into or associated with the application.

Then, three months later, Mihailovic’s deposition revealed that he personally owns Expedited Logistics — the Serbian entity to which EMI had attributed control of the Telegram communications. The individual who controls EMI also controls the entity that controls the communications EMI said it had no ability to access or preserve.

The court found that EMI had failed to comply with the preservation order. As a result, EMI now faces a contempt hearing scheduled for April 2026. Contempt proceedings in civil litigation can result in sanctions, adverse inference instructions to a jury — meaning the jury may be told to assume the destroyed evidence would have been unfavorable to the party that failed to preserve it — or other remedies the court deems appropriate.

As of the time of publication, neither EMI nor Phoenix ELD had produced the ordered records.

EMI'S RESPONSE: DISGRUNTLED EMPLOYEES AND A REPRESENTATIVE WHO WASN’T THERE

SafetyLane Magazine, consistent with its editorial standards, sought comment from EMI on the allegations in the court record. We couldn't reach anyone at EMI, but found publicized comments by Overdrive: "A representative at EMI’s safety department, identified as Dan Micovic, responded to questions about the case.

Micovic suggested that former drivers who file such declarations are “not always happy when they’re leaving” and that departing employees “tell all kinds of stories and assumptions” in an effort to threaten the company without “actual proof.”

When specifically asked about the sworn declarations, the screenshots submitted as court exhibits, the deposition testimony, and the evidence of ELD connections to the Cheyenne Wyoming network, Micovic said he did not work at EMI at the time the events described by drivers occurred and therefore had no knowledge of them."

It is worth noting what the court record actually contains: not accusations from disgruntled former employees, but sworn declarations made under penalty of perjury, screenshots authenticated as court exhibits, deposition testimony from the managing partner himself, legal filings that acknowledge the existence of Expedited Logistics and the Telegram communications, and a court order finding that records have not been produced. These are not stories. They are documents.

THE BROADER PATTERN: EMI IS NOT ALONE

Perhaps the most significant sentence in our original reporting on this case is one that appears near the end: “SafetyLane Magazine is aware of other big fleets in the Chicago area accused of similar tactics, has seen video evidence of logs tampering, and will continue to report.”

This is consistent with what federal regulators and industry safety specialists have been saying for more than a year. ELD tampering at the provider level is not an isolated incident involving one bad actor. It is an organized, commercially available service that some ELD providers have been building into their products and selling to fleets as a feature.

Compliance specialists have documented instances of ELD vendors cold-calling motor carriers and openly advertising the ability to “fix” logs. The Triton Logistics case, investigated by the National Transportation Safety Board following a 2022 fatal truck-bus crash, revealed the same basic architecture: a carrier that had created fictitious driver accounts in its ELD system to allow drivers to exceed HOS limits. When a driver ran out of hours, he was instructed to call the carrier’s HOS department, which would log him out and log in a new driver.

FMCSA recorded more than 50,000 HOS falsification violations during 2025 alone. The CVSA made ELD tampering a formal out-of-service criterion for 2026, and the 2026 International Roadcheck — scheduled for May 12-14 — will place specific emphasis on ELD tampering, falsification, and manipulation.

The industry-wide civil penalty exposure is also significant. Under current FMCSA enforcement guidelines, carriers face fines of up to approximately $19,000 per violation for HOS-related offenses. Drivers face up to $4,800 per violation. In a pattern-of-practice case involving dozens of drivers over multiple months, the cumulative exposure from civil penalties alone — before any consideration of personal injury liability in the event of a crash — can be substantial.

Disbrow put it plainly: “While it may be tempting to tamper with an ELD to gain some extra driving time, the violations that may follow are frankly the least of anyone’s concerns. The larger issue is the criminal and civil liability that will follow in the event of a collision, not to mention the potential injuries or loss of life from the collision. This trend is nothing short of fraud and false information.”

WHY THE ELD REGISTRY HAS BEEN VULNERABLE — AND WHAT IS CHANGING

How did this situation develop? The answer lies in a structural flaw in the ELD registration system that FMCSA has acknowledged and is now working to correct.

When the ELD mandate went into effect in 2017, FMCSA chose a self-certification model for device registration. ELD vendors were required to declare that their devices met the technical specifications in 49 CFR Part 395, Appendix A, and submit the self-certification to be added to the registered devices list. FMCSA did not independently test the hardware, audit the software, or verify the vendor’s claims before listing the device.

Under this model, a bad actor could register a device, operate it in a non-compliant manner, face revocation, and immediately re-register a new device under a different company name using essentially the same code. One compliance attorney described the pattern bluntly: “You know what those non-compliant e-log providers do? They copy and paste their code and start a new e-log company the following week.”

The Cheyenne, Wyoming network identified in the EMI case — ten ELD providers organized by the same individual, sharing the same PPOB — appears to fit exactly this pattern. As devices get revoked, others in the network remain active and available to carriers.

FMCSA announced an overhaul of the ELD vetting process in late 2025, introducing initial verification of contact information and technical specifications, fraud detection through cross-checking of new applications against active, inactive, and revoked device lists, and new application categories reflecting each device’s stage in the process. FMCSA Administrator Barrs confirmed at the MATS fraud panel this week that 280 ELD registrations have been blocked since September 2025 under the new process — including new registrations and attempted re-registrations of previously revoked devices.

The agency has also flagged plans for a formal rulemaking on ELD technical requirements, with a proposed rule expected in May 2026. Whether that rulemaking will move to mandatory third-party certification — the step the industry has been calling for — remains to be seen.

WHAT THIS MEANS FOR EVERY MOTOR CARRIER USING A THIRD-PARTY ELD

The EMI case is, among other things, a compliance cautionary tale for motor carriers who outsource their HOS infrastructure to third-party ELD providers without understanding what they are buying.

A carrier whose ELD provider manipulates log data — even if the carrier is unaware of the manipulation — bears legal exposure when those records are produced in a crash investigation, a compliance audit, or civil litigation. The ELD record is the carrier’s record of duty status documentation. Its accuracy is the carrier’s legal responsibility.

Verify your ELD’s registration status: Check FMCSA’s registered devices list at eld.fmcsa.dot.gov. With 280 registrations blocked since September 2025 and ongoing revocations, a device that was compliant when you acquired it may no longer be registered. Using a revoked device is now an out-of-service violation.

Audit your ELD provider’s corporate structure: If your ELD provider’s PPOB is a registered agent address in Wyoming — or any other state known for high-volume shell company registration — that is worth investigating. Ask who owns the company, where the company actually operates, and what entity controls your drivers’ data.

Know who controls your HOS data: The EMI case turned in significant part on EMI’s claim that Phoenix ELD, not EMI, controlled the data. Understand your ELD user agreement. If your agreement says the provider owns and controls your HOS data, you may have limited ability to produce that data in a legal proceeding — and a court may not find that explanation satisfactory.

Train your dispatchers and safety staff: Dispatchers who tell drivers to call in when they run out of hours, or who direct drivers to a Telegram group for “log management,” are creating direct legal exposure for the carrier. If your dispatch staff — including outsourced Serbian dispatch — is touching HOS records, that is a compliance and liability problem that belongs on the safety director’s desk today.

Document everything: In the EMI case, the drivers had screenshots. Those screenshots became court exhibits. Whatever is happening in your fleet’s communication channels about hours of service — on Telegram, WhatsApp, text, or any other platform — is discoverable in litigation.

THE BOTTOM LINE

The EMI case will continue to develop through the contempt hearing in April and any subsequent proceedings. Whether EMI ultimately faces regulatory action from FMCSA, whether the owners of the Wyoming ELD network face federal scrutiny, and whether the five still-active devices in that network remain on the registered devices list are all open questions at this writing.

What is not an open question is whether this type of fraud is real, whether it is widespread, and whether it is dangerous. The answer to all three is yes. CVSA has documented it. FMCSA has acknowledged it. The NTSB investigated a fatal crash that turned on it. And now, for the first time, sworn court testimony and authenticated screenshots from inside one alleged operation are part of the public record.

A fatigued driver behind the wheel of an 80,000-pound truck is not a compliance problem. It is a public safety crisis in progress. The fact that his log shows a perfect 34-hour reset — because someone in Serbia typed a command into a chat window — does not change the physics of what happens when that driver falls asleep.

Stay ahead of the curve. Stay compliant. Stay on Safety Lane.

Legal Disclaimer

This publication is an investigative journalistic work based on a review of publicly available and third-party materials, including but not limited to court filings, sworn declarations, deposition transcripts, regulatory records, and industry reporting as of the date of publication.

All statements regarding alleged conduct, practices, or events are presented as claims, allegations, or positions contained within those sources and are not independently verified findings of SafetyLane Magazine or CellEx Consulting Group, Inc. All referenced parties expressly deny or may deny such allegations, and all matters described herein remain subject to active and ongoing legal proceedings. No determination of liability, fault, or wrongdoing has been made unless explicitly stated.

This publication does not assert, imply, or conclude that any individual or entity has engaged in unlawful conduct. Any descriptions of systems, practices, or behaviors are based solely on reported allegations, documented testimony, or regulatory commentary and are presented for informational and industry awareness purposes only.

SafetyLane Magazine and CellEx Consulting Group, Inc. expressly disclaim any liability for errors, omissions, or inaccuracies in the source materials referenced, as well as any interpretations derived therefrom. Readers acknowledge that legal proceedings are inherently complex and evolving, and that facts, claims, and defenses may change over time.

Nothing in this publication constitutes legal advice, regulatory guidance, or professional consultation. Readers are strongly advised to seek independent legal counsel regarding any matters related to compliance, liability, or regulatory obligations.

To the fullest extent permitted by applicable law, SafetyLane Magazine and CellEx Consulting Group, Inc. shall not be liable for any direct, indirect, incidental, consequential, reputational, or financial damages arising from the use of, reliance on, or interpretation of this publication.

This article is intended solely to inform industry stakeholders of emerging compliance risks, regulatory developments, and safety concerns within the transportation sector. Any resemblance to other entities or practices is coincidental and should not be construed as an assertion of fact regarding any party not explicitly referenced in the cited materials.