​The Project for Privacy & Surveillance Accountability has filed an amicus brief in the U.S. Supreme Court case United States v. Chatrie, warning that geofence warrants threaten not only Americans’ Fourth Amendment rights, but also our religious liberty and freedom of association.

PPSA previously urged the Court to hear this case and rein in geofence warrants as modern digital general warrants. These warrants compel technology companies to turn over location data for every device within a defined geographic area. Investigators then sift through the movements of potentially hundreds –sometimes thousands – of people in hopes of identifying a suspect.

Now that the Court has granted review, PPSA explains in its amicus brief that this dragnet surveillance exposes something far more sensitive than physical location. Location data can reveal belief, identity, and association.

“Geofence warrants also threaten core First Amendment freedoms by enabling surreptitious mass intrusions into sensitive spaces like places of worship,” the PPSA brief explains. 

A geofence warrant could easily capture the identities of everyone attending a church service, synagogue gathering, mosque prayer, or religious conference. In practice, that means the government could obtain what amounts to a list of worshippers.

The facts of the case illustrate the danger. The geofence search used by investigators in Chatrie encompassed Journey Christian Church in Midlothian, Virginia, capturing the location data of anyone present at the church at that time who carried a smartphone with Google location services enabled. 

That possibility raises profound First Amendment concerns. Location data can expose deeply personal religious information, including “faith affiliation; sacrament participation; belief shifts via changing attendance or visiting a new church; or involvement in recovery ministries.” 

The Supreme Court has long recognized that government surveillance of association can chill constitutional rights. Americans who believe their religious participation may be quietly recorded by the government may think twice before attending services or participating in religious life.

That chilling effect is precisely what the First Amendment was designed to prevent.

PPSA’s brief urges the Court to recognize that geofence warrants do more than raise Fourth Amendment questions about search and seizure. They also threaten the First Amendment freedoms that protect Americans’ ability to worship, gather, and associate without government monitoring.

After all, in the digital age, tracking where people go can reveal who they are, what they believe, and whom they stand beside.
​
The Supreme Court now has the opportunity to make clear that the Constitution protects those freedoms from the reach of dragnet surveillance.

​The media reported on the drama of the Pentagon’s AI contracts as a horse race: Anthropic tried to limit what the War Department could do with the company's Claude AI product. The administration subsequently rescinded all government contracts with the company. OpenAI offered its products as the alternative and won the day.

But beneath this drama lies a deeper and more dangerous reality: In the absence of meaningful guardrails, the AI tech of any company can be used for surveillance and – if combined with data collected under Section 702 of the Foreign Intelligence Surveillance Act (FISA) – could allow government employees across the federal bureaucracy to run searches on Americans’ private communications.

Such AI-powered surveillance could extend far beyond the Department of War’s use cases and even the Justice Department’s FBI investigations. Government AI-enabled mass surveillance of the domestic population would:

• Not be subject to any oversight authority – constitutional or statutory

 

• Not be encumbered by recent reforms like 2024 RISAA (Reforming Intelligence and Securing America Act)

 

• Be supercharged by the dismantling of long-standing information silos and the removal of safeguards that once limited the sharing of Americans’ private data between agencies – from the Department of Homeland Security to the IRS.

 

• All done without a warrant – without any court supervision of the government’s invasion of your privacy.

The danger of AI surveillance in a government that shares data between agencies should prompt Congress to strengthen Fourth Amendment privacy protections. With such a vast datascape available to the world's most powerful government – where many existing restrictions have already been weakened – we otherwise risk the irrevocable loss of personal privacy and the rise of a permanent surveillance state.

We need to come to terms with the fact that AI tech makes rummaging through our private lives and personal histories easier and faster than anyone could have imagined even a few years ago. Americans’ communications could become permanently accessible to the prying eyes of government agents in almost any agency with a whim (or a political directive) to pursue.

It wasn't supposed to be this way. AI was supposed to have guardrails, as was Section 702, enacted by Congress to enable the surveillance of foreign threats on foreign soil, but has instead been used by the government to search the private communications of Americans without a warrant.

RISAA was a noble attempt to rein in the misuse of Section 702 as a domestic spy tool. Its reforms included oversight and restrictions on FBI searches involving people inside the United States. It implemented rules for queries involving high-profile groups or individuals. It established training and accountability measures, while enhancing oversight of the two secret courts FISA created.
​
These were important reforms, but they were weakened by last-minute changes to the bill. When Section 702 comes up for renewal next month – this time in the context of an AI juggernaut – it may well be our last chance to protect our freedoms while protecting national security. 

​ICE has become enough of a household word that, like NASA, it’s no longer necessary to spell out its acronym. ICE’s aggressive enforcement of immigration law, now the nation’s hottest political flashpoint, is dividing Americans like nothing else in recent memory. Regardless of where you stand on ICE and illegal immigration, we should all agree that ICE’s massive expansion into domestic surveillance is a grave concern for anyone who values the Fourth Amendment and privacy.

When a protester recording video on her phone wants to know why a masked agent is taking down her information and he replies – “Because we have a nice little database and now you’re considered a domestic terrorist!” – Sheera Frankel of The New York Times rightly suggests that we’ve entered uncharted territory. Political dissent is now being treated as domestic intelligence.

The masked agent was not kidding. The Department of Homeland Security (DHS) is launching a pressure campaign to get Big Tech to identify persons who post content deemed “critical” of ICE. Rather than traditional investigative work, the government appears to be leaning on something akin to an abuse of process, filing hundreds – if not thousands – of subpoenas intended to compel tech giants to cough up user data.

This data grab of lawful speech is unprecedented. It amounts to using an exceptional legal maneuver – an emergency procedure meant for crimes like child trafficking – to collect constitutionally protected political expression. And let’s be clear about the constitutional claim: The contents of our “friends-only” digital posts are modern “papers and effects,” private possessions the Fourth Amendment was designed to shield from generalized searches.

If tech companies cave (and, as highly regulated companies, they likely will), and ICE plugs the data of protesters into its increasingly Orwellian surveillance architecture, then the genie will already be out of the bottle. Once such a capability is developed, it rarely remains confined to a single mission or a single agency. Surveillance tools migrate. Authorities expand. Bureaucracies replicate what works.

These tools – algorithms housed in digital fortresses – will almost certainly be shared with the FBI, IRS, FTC, SEC, and a dozen other agencies eager for their piece of the silicon pie. And they won’t just target Americans who are anti-ICE. Depending on the political winds of the day, databases built to track one form of dissent can just as easily be turned against pro-choicers, pro-lifers, critics of the administration in power, progressives, or MAGA supporters.
​
This looks less like law enforcement and more like the construction of a permanent political-intelligence system – the start of a security-state apparatus on a scale never before seen, primarily and perversely used to surveil and catalog the political beliefs of Americans. Congress should examine this emerging capability and look to install guardrails when it debates surveillance policy in March and April.

Artificial intelligence has handed government surveillance a superpower the Founders never envisioned – the ability to quietly track millions of Americans, then rewind their movements later without a warrant.
 
In United States v. Slaybaugh, PPSA is urging the U.S. Court of Appeals for the Eleventh Circuit to draw a constitutional line around the warrantless use of automatic license plate reader (ALPR) databases. At stake is more than one defendant’s conviction. The court must decide whether rapidly evolving surveillance tools will stretch the Fourth Amendment beyond recognition for all Americans.
 
When Public Data Becomes Private Surveillance

Law enforcement offers a simple argument with surface appeal: License plates are visible on public roads, so collecting them invades no one’s privacy. In our brief, PPSA details how that simple argument collapses before the reality of modern surveillance.
 
This case is not about a single camera capturing a passing car. It is the government’s ability to aggregate billions of scans into a searchable chronicle of a person’s life. ALPR systems collect time-stamped and geolocated images of every passing vehicle, and store them indefinitely, allowing officers to reconstruct travel histories “with just the click of a button.” 
 
Far from snapping one static image of a license plate, ALPR systems have the power to tail everyone and anyone in a given city or county. That power transforms fleeting public observations into something fundamentally different – a digital dossier revealing where we sleep, worship, seek medical care, protest, or attend political meetings.
 
The U.S. Supreme Court recognized this danger in Carpenter v. United States (2018), holding that long-term location tracking can trigger Fourth Amendment protections even when a person’s movements occur in public. While Carpenter involved the extraction of a suspect’s geolocation history from a cellphone tower, ALPR surveillance raises the same constitutional concerns – but at a vastly higher scale.
 
The Myth of a Numerical “Safe Harbor”

One of the most significant errors PPSA identifies in the lower court’s ruling is the idea that surveillance becomes unconstitutional only after it collects a certain number of data points or weeks of tracking. The federal court treated the retrieval of 72 plate “reads” over three weeks as too limited to reveal the whole of one person’s movements. This take misreads Carpenter.
 
The danger lies not in how many time police officers choose to view images, but in the existence of the massive surveillance database itself.
 
Car “Fingerprints” and “Digital Time Travel”

PPSA told the court:

• “In 2019 alone, 1 billion license plate scans were collected, with 99.9 percent not actively related to any criminal investigation. The ALPR system that collected Slaybaugh’s information, Flock, works by creating a ‘vehicle fingerprint’ that includes much more than just a license plate number. Each passing vehicle’s ‘fingerprint’ includes its color, make, model, and distinctive features, like a political bumper sticker. Flock then provides advanced search and artificial intelligence functions that can be used to list locations a car has been captured, create lists of cars that have visited specific locations, and even track cars that are seen together.”

With such databases, officers can effectively travel back in time and retrace anyone’s movements long before suspicion arises. That retrospective power, PPSA demonstrates, far exceeds the general warrants and other abuses the Fourth Amendment was designed to restrain. In colonial America, the King’s agents lacked the ability to catalog every citizen’s movements. Modern technology has erased that practical limitation. Without constitutional safeguards, PPSA warns, the government can monitor entire populations’ travel histories and associations – whether political, romantic, or religious.
 
From License Plates to a Surveillance Ecosystem

ALPR systems are only one piece of a rapidly expanding surveillance architecture. PPSA warns that these tools increasingly integrate with other technologies – including AI analytics, neighborhood camera systems, and vast databases of commercial data sources holding personal information.
 
The concern is not simply about license plates. It is about the emergence of an interconnected surveillance ecosystem capable of mapping people’s lives in unprecedented detail.
 
The Solution Is Already in the Constitution

PPSA’s position is not anti-technology. We acknowledge that modern policing can benefit from advanced tools – so long as they operate within constitutional limits.
 
The solution is straightforward and familiar – requiring law enforcement to obtain a warrant supported by probable cause before querying historical ALPR data. That safeguard preserves investigative power while ensuring judicial oversight of government tracking.
 
The Future of Privacy
​
The Eleventh Circuit’s decision may shape how courts treat digital tracking technologies far beyond license plate readers. As geofenced surveillance, AI drones, and integrated camera networks expand, the dangers of technology will only become more acute, and the constitutional principles at issue in Slaybaugh will only become more urgent.
 
Slaybaugh may well determine whether every time we get in our car, we are freely roaming public streets or becoming caught in a permanent dragnet.

The FBI calls them “assessments.” Americans experience them as investigations. 
 
A new Government Accountability Office (GAO) report suggests that many supposedly preliminary inquiries function as probes in waiting – particularly when they involve politics, journalism, or religion. According to the report, posted by the Cato Institute, more than 1,000 individuals and organizations have been subjected to preliminary assessments for investigation, a scope that should trigger immediate congressional concern. (Hat tip to Cato’s Patrick Eddington.)
 
The most alarming category involves so-called “Sensitive Investigative Matters,” or SIM assessments. These are FBI inquiries potentially into political campaigns and candidates, elected officials, journalists, religious leaders, or any other Americans engaged in core First Amendment activities. If any government scrutiny demands transparency and restraint, it is surveillance that begins with our rights to freedom of speech, belief, and association.
 
The GAO found that the FBI converted 48 percent of SIM assessments into Preliminary or Full Investigations. Eddington reports that these sensitive cases were 3.5 percentage times more likely to escalate than ordinary assessments – a statistical red flag for anyone told these probes are narrow, cautious, or exceptional.
 
Eddington writes:
 
“That’s especially alarming since, under Preliminary or Full Investigations, the agents running the case can employ wiretaps or other extremely intrusive and clandestine investigative techniques.”
 
Those tools – from electronic surveillance to confidential informants and covert collection – once deployed, are difficult to unwind. That is why Congress must demand answers before, not after, it reauthorizes Section 702 of the Foreign Intelligence Surveillance Act, which expires in April.
 
Before granting renewed surveillance authority, lawmakers should require the FBI to disclose whether SIM assessments have targeted:
​

• Members of Congress

 

• Political candidates and parties

 

• News organizations, think tanks, and NGOs

 

• News reporters and opinion journalists

 

• Churches, temples, and mosques.

At a minimum, the Bureau should provide the relevant oversight committees – especially the House Judiciary Committee – with a full accounting of past SIM targets and the total number of assessments elevated into full investigations. Congress should also ask who authorized these escalations. Were investigative decisions influenced by political appointees? 
 
Two questions cut to the core of our concerns about protecting civil liberties. Why are First Amendment-sensitive assessments more likely to escalate than ordinary cases? And was Section 702 data – intended for foreign intelligence collection abroad but routinely used for warrantless “backdoor” searches of Americans – part of the analytical process driving these decisions?
 
The Founders knew the danger of unchecked investigations aimed at political and religious dissent. They rebelled against general warrants that allowed agents of the Crown to search first and justify later. SIM assessments risk reviving that same model – quiet surveillance justified by internal labels rather than public law.
 
Surveillance powers are easy to grant and hard to retract. Congress should not renew them without first understanding how existing authorities have been used against Americans exercising our most basic freedoms.
 
Congress should make it clear: No answers. No reauthorizations.

​The recent Senate Judiciary Committee hearing on the “review and reform” of the Foreign Intelligence Surveillance Act (FISA) yielded some fireworks and surprises that herald a robust and rowdy debate to come.

One FISA authority, Section 702, is due to sunset in April. As the Section 702 renewal debate heats up, that authority – enacted by Congress to enable spying on foreign targets on foreign soil without the need for a warrant or court order – will come under intense scrutiny for being used by the government in recent years to warrantlessly access millions of Americans’ private communications.

But a host of other surveillance authorities will also be debated. Liza Goitein of the Brennan Center for Justice told the committee:

“Section 702 is part of an ecosystem of often overlapping surveillance authorities, and when one avenue is closed off, the government can often turn to another or exploit gaps in that network to conduct surveillance with no statutory authority at all.”

One of these gaps is the “data broker loophole.” This is the routine practice of multiple federal law enforcement and intelligence agencies – including the FBI, the IRS, and the Department of Homeland Security – purchasing Americans’ private digital data from data brokers. Once purchased, agencies assert a right to examine Americans’ data without a warrant.

Adam Schiff’s Tough Questions About the Data Broker Loophole

In the hearing, Sen. Adam Schiff (D-CA) asked Goitein (see the 1:30 mark) about how “law enforcement and intelligence agencies might circumvent the requirements of the Fourth Amendment by acquiring information from third-party data brokers.”

Sen. Schiff highlighted the disingenuousness of the intelligence community and its workaround for the Electronic Communications Privacy Act, which prohibits direct sales of Americans’ personal data by telecoms to government agencies. But telecoms are allowed sell Americans’ personal information to data brokers for commercial purposes. Federal agencies exploit this loophole by claiming that there is nothing to prevent them from also purchasing Americans’ data from those brokers.

Liza Goitein made it clear that such “gaps” in the surveillance “ecosystem” should be very much a part of the Section 702 debate. “And the gap I am most worried about is this data broker loophole. Federal agencies are buying their way around constitutional and statutory requirements on a routine basis.”

Sen. Josh Hawley took a different tack, focusing on a contradiction in the government’s lenient definition of what qualifies as a search of an American’s communication.

Josh Hawley Schools Surveillance Advocate

“You said that Section 702 cannot be used to target Americans,” Sen. Josh Hawley (R-MO) (see the 1:27 mark) said to Adam Klein, Director of the Strauss Center at the University of Texas at Austin. “But that’s cold comfort, isn’t it” he said, “to those subject to 278,000 improper searches – United States persons that we were talking about – in 2022 alone?”

“I mean, sure, the statute doesn’t permit them to be targeted, but when they have their personal information directly queried or improperly searched, what’s the difference?”

Klein responded that Americans should take comfort from the fact that Section 702 is meant to target foreigners overseas, not Americans.

Hawley fired back:

“As someone who had his cellphone tapped, improperly, by the United States government, by the way, why would I feel any better if I am told, ‘the U.S. government improperly queried your personal information … but don’t worry, they weren’t going after you, in the first instance. They just happened to have all of your stuff and then they look into them because there are no effective constraints on them. Why is that a good thing?”

Klein pivoted to the issue of surveillance of Members of Congress, whom he said had “a heightened expectation of safeguards in this area.”

Hawley cut him off to ask why this expectation doesn’t also protect journalists or Americans who merely travel overseas or have family overseas. Hawley said the government effectively says, “Oh, don’t worry, you weren’t targeted. I mean you were effectively targeted.”

Sen. Hawley highlighted the contradiction in how the search of an American person’s data is not treated as a separate Fourth Amendment event. On one hand, Hawley said, the government promises not to target Americans. On the other hand, it searches Americans’ data.

“You can’t have it both ways,” Sen. Hawley said, adding, “That looks an awful lot like a search and seizure under Fourth Amendment.”
​
When Sens. Hawley and Schiff – at opposite ends of the political spectrum – pose such tough questions, it is clear that the emerging bipartisan surveillance debate in Congress is going to heat up.

​Look up. There is a good chance a drone is looking back.
 
From government agencies to insurance companies, drones now routinely patrol American neighborhoods, hovering over backyards and rooftops in search of violations, liabilities, and profit. What was once pitched as a tool for emergencies or remote inspections has quietly become a pervasive system of aerial surveillance of American homes without public consent.
 
In Virginia, under current law, surveillance drones may conduct close inspections of private property without a warrant in emergency or “exigent” circumstances. These exceptions include searches for a missing child or an elderly person who has wandered off, or tracking a dangerous suspect on the run.
 
Now a bill introduced in Virginia’s lower chamber by Alfonso Lopez, a Democratic member of the House of Delegates, would expand this list of emergency exceptions in which the Fourth Amendment’s requirement for a probable-cause warrant can be swept aside. If this bill passes, the Commonwealth of Virginia will be able to spy on citizens to make sure they follow environmental rules on sediment control and erosion management, as well as regulations regarding water and wetlands.
 
In short, this bill would allow the Virginia Department of Environmental Quality to deploy surveillance drones not for the usual dire exigent circumstances, but just to make sure that property owners are in compliance with that department’s environmental regulations.

Virginia’s proposal shows how easily “emergency” drone powers can be repurposed for routine regulatory enforcement. But government is not the only actor exploiting the skies. As drone surveillance becomes normalized, private companies have eagerly followed – deploying the same technology not to enforce the law, but to grow profits.
​
Texas provides one example of how the private sector is using drones to impinge on homeowners’ privacy. KUT News in Austin interviewed dozens of homeowners, industry experts, and insurance watchdogs, and reviewed hundreds of pages of complaints and state filings, to document how insurance companies are using aerial drone technology to spy on their customers.
 
KUT reports that poor images of homes often prompt insurance providers to unfairly raise rates or cancel policies. Customers have been told to replace their roofs when in fact their roofs only need a good cleansing rain. As Audrey McGlinchy of KUT writes: “And with the proverbial click of a button, companies can decide if they want to renew a homeowner’s policy.”
 
How pervasive is commercial surveillance? KUT reports that one aerial-imaging technology firm providing imagery for insurance companies estimates there are “eyes on 99.6 percent of the country’s population.”
 
State laws and courts are not adjusting to this new reality. For example, in 2024 the Michigan Supreme Court punted on the Fourth Amendment implications of a township’s low-flying drone that crossed over a couple’s fence line to search for zoning violations. At the national level, the U.S. Supreme Court has yet to fully define drone-specific privacy rights. 
 
Lawmakers and courts need to catch up to a simple reality – pervasive drone surveillance over homes is no longer hypothetical, rare, or futuristic. It is routine, largely unregulated, and already being used to punish Americans financially and intrude on their privacy. If the Fourth Amendment is to mean anything in this age of mass aerial surveillance, our laws must recognize that what hovers over our roofs and backyards today can be just as invasive as a warrantless step into our homes.

​Stewart Baker, former general counsel of the National Security Agency, opened his testimony before the Senate Judiciary Committee last week with a startling, if somewhat insolent, proposal.

Baker’s proposal came at the beginning of that hearing on the “review and reform of the Foreign Intelligence Surveillance Act,” which centered around FISA Section 702. This is an authority enacted by Congress to enable spying on foreign targets on foreign soil without the need for a warrant or court order. Yet it has been used in recent years to enable warrantless government access to millions of Americans’ private communications.

Section 702 sunsets in April 2026 after the last reauthorization in April 2024. The reauthorization debate now beginning on Capitol Hill is being used to explore not just Section 702, but many other surveillance authorities associated with it as well.

“It’s time to say – let’s stop putting a sunset on 702,” Baker said. “It is only putting our most valuable security tool up for grabs every couple of years and then praying that there is enough bipartisan spirit in the Congress to do what needs to be done.”

This flew in the face of remarks by Chairman Chuck Grassley (R-IA) and Ranking Member Dick Durbin (D-IL).

Sen. Grassley said that while Section 702 is an “essential national security and intelligence tool,” he believes that “constant Congressional oversight and vigilance is also essential to ensure that this authority is exercised responsibly.”

The chairman also expressed concern about FISA’s “reach” and said there is “still more work to be done.”

To underscore this point, Sen. Grassley reminded the committee that he and Sen. Durbin have complained that an oversight measure passed into law in 2024 is being blocked by the Department of Justice.

That law allows senators and staff members with high levels of security clearance to attend hearings of the Foreign Intelligence Surveillance courts. But an onerous set of restrictions imposed by the Justice Department under the Biden administration and continued by the Trump administration has made it impossible for Members of Congress to attend the hearings with staff – or even to discuss them with anyone, whether cleared staff or other senators.

That is not a guardrail. It is a gag order.

The Justice Department also asserts a right to remove senators and Members of Congress at will. This is peculiar, given that the right to remove people from a courtroom is normally exercised by the presiding judge, not a functionary from the executive branch.

Ranking Member Sen. Durbin echoed the chairman on their “responsibility to conduct oversight” of Section 702. “For years the government has used it as a domestic spying tool to collect millions, maybe billions, of Americans’ private communications.”

Sen. Durbin added that the government has been:

“Reading our text messages and emails, and listening to our phone calls, all without a warrant requirement of the Fourth Amendment … Section 702 has been abused to spy on business and religious leaders, political parties, Members of Congress, campaign donors, journalists, and political protesters of all stripes.”

The intelligence community has long played clever word games with Section 702 to enable such warrantless domestic spying. And when federal agencies are called out on their domestic spying, more often than not they fail to respond to their putative overseers on the Hill or to innumerable Freedom of Information Act (FOIA) requests filed by PPSA and other civil liberties organizations.

Consider the letter of protest Sen. Grassley and Sen. Durbin sent in November to Attorney General Pam Bondi asking her to stop those executive branch restrictions on congressional oversight at the FISA court hearings.

Three months have passed and Attorney General Bondi has yet to respond to the Chairman and Ranking Member of the Senate Judiciary Committee.
​
Could we have a better example of why senators believe Congress must use sunsetting and other robust measures to try to compel oversight of an intelligence community that refuses to answer even basic questions?

​At a Senate Intelligence Committee hearing today (see 54:25), Sen. Ron Wyden (D-OR) probed Lt. Gen. Joshua Rudd – nominated to lead the National Security Agency – on whether he would obey the Fourth Amendment’s requirement for a probable cause warrant before surveilling the communications of American citizens in programs authorized by Section 702 of the Foreign Intelligence Surveillance Act.
 
That authority was enacted by Congress to enable the surveillance of foreign terrorists and spies on foreign soil. The National Security Agency’s trawl of global communications has since become a resource for U.S. intelligence agencies to routinely spy on the communications of American citizens and other “U.S. persons” on American soil.
 
Given that Congress is beginning to debate whether to continue the risk Section 702 poses to Americans’ privacy – with a vote on its reauthorization in April – you might think that Lt. Gen. Rudd would have a good grasp of the background on this issue, if not an actual opinion.
 
The hearing revealed that he has neither.
 
In response to Sen. Wyden’s questions, Lt. Gen. Rudd replied with non-answers. Worse, he admitted that he really didn’t understand the privacy issues at the heart of the looming Section 702 debate.
 
Sen. Wyden framed his questions with a quote from Benjamin Franklin, who wrote: “Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety.” Sen. Wyden said that he sees “striking that balance” between safety and liberty as “essential.”
 
The senator then asked: “General, if you are directed to target people in the United States for surveillance, will you insist that there will be a judicial warrant?”
 
General Rudd replied: “What I can tell you, senator, is that if confirmed I will absolutely commit to executing the foreign intelligence mission of the NSA in accordance with the authorities it has been given and within all applicable laws.”
 
Sen. Wyden came back: “That is about as vague as anything I’ve heard on the subject. And it seems to me that unfamiliarity with basic constitutional rights is not something that can be accepted in this position. It’s so crucial. I continue to believe that what I described for you is not mutually exclusive. Smart policies give you security and liberty. Not so smart policies give you less of both.”
 
Sen. Wyden again asked whether Lt. Gen. Rudd could give us some insight into his thinking. Rudd gave another boilerplate non-answer answer.
 
Sen. Wyden asked: “Do you believe that U.S. person searches of Section 702 collection should require a warrant except in emergencies, which has been largely the position of those who would like to find some common ground as we go forward?”
 
General Rudd replied: “Senator that’s a topic I’d need to look into, and get a better understanding of, and give you a more fulsome and complete answer on that one.”
 
An informed officer might have turned the tables on the senator and noted that a warrant requirement is set to be debated and voted on by Congress in April. He could then have sat back and added, “I will execute whatever laws you, Senator Wyden, and your colleagues pass.”
 
But Lt. Gen. Rudd did not know to do that. Instead, he revealed he wasn’t even conversant with the issue. Not a good look at the hearing – and not very reassuring for the American people.

​The ACLU’s Jay Stanley just published a critique of the increasing push by states to adopt digital ID systems. It’s his fifth admonition in as many months, and the message is more urgent than ever: the digital ID bandwagon is becoming a rush job that threatens to discard privacy guardrails.

Of the many possible pitfalls, the greatest may be the ability of authorities to “un-person” someone. In the parlance of Orwell and his novel 1984, an “unperson” simply vanishes as every last record of that person’s existence is expunged.

Stanley's version of Orwell hinges on what happens when authorities revoke an ID that exists only in digital form. In his new essay, “How to Give the Government New Power to ‘Un-Person’ Someone, in Three Easy Steps,” Stanley unmasks the underlying features of digital IDs that can be revoked at will:

• It’s about control: “The big push for state digital driver's licenses that we’ve been warning about is effectively a movement to increase the power of big companies and government to control individuals.”

 

• It’s about power: “The power to revoke people’s IDs, cutting off in a single stroke their ability to access their accounts, visit much of the Internet, access government services, start a new job, obtain healthcare, and who knows what else. In short, kneecap their ability to function effectively in society.”

 

• It’s about dependency: “Make it frictionless to present an ID, which will make it easy for every business to demand your ID.”

 

• It’s a universal ID: “Build a new digital identity system, such as digital driver’s licenses, that comes to serve as the proof of identity (and age, and residency, and other characteristics) for the vast majority of the population in the vast majority of use cases.”

 

• It’s an at-will free-for-all: “People could be un-personed because of simple errors, because they have unfairly been accused of wrongdoing, or out of abusive targeting for political reasons.”

 

• It’s too easy: “With digital licenses, state governments can create a system that allows them to … reach into your digital wallet in your phone and remotely deactivate your ID.”

 

• It avoids individuality: “Don’t create protections for individuals (such as those that some states have erected around the scanning of barcodes on physical licenses).”

 

• Put plastic and paper on the road to extinction: “Before long, physical IDs may be treated as a second class after-thought as digital IDs become de facto mandatory.”

Stanley recommends that lawmakers impose statutory limits on the revocation of state-issued IDs, along with strong due-process protections. He also recommends adding technical guardrails against abusive revocation.
​
Stanley’s original piece goes into much more detail. We also recommend GovernmentTechnology reporter Nikki Davidson’s recent interview with Stanley – it is more than worth ten minutes of your time.

Has there ever been a more Orwellian-sounding program than “Total Information Awareness?”

This was the post-9/11 brainchild of the Defense Advanced Research Projects Agency (DARPA), a think tank for the Department of Defense. The idea was simple: collect all data on all Americans, then data-mine that giant pile of information to identify “terrorist patterns.”

The goal of Total Information Awareness was “predictive policing,” applying the same data-modeling techniques credit card companies use to spot fraudsters in order to catch terrorists before they act. The premise was dubious at its core – identifying terrorist patterns involves a far greater order of complexity than spotting someone misusing a credit card number.

Worse, in order for Total Information Awareness to work, the government would need to have access to virtually all information about every American. It would be like stamping out drunk driving – which every year kills four times as many Americans as the terrorist attacks of 9/11 did – by stopping every motorist every few miles to give them a breathalyzer.

Admiral John Poindexter, one of the masterminds of the project, wasn’t kidding when he called Total Information Awareness a “Manhattan Project for counterterrorism.” Sen. Ron Wyden (D-OR) called it the “biggest surveillance program in the history of the United States.” The ACLU in 2003 called it “the closest thing to a true ‘Big Brother’ program that has ever been seriously contemplated in the United States.”

But nothing was more telling than the slogan of the Information Awareness Office, the Pentagon office that ran the program: “Knowledge is Power.” But power over whom and for what purpose? Total Information Awareness could be used for terrorism today, tax compliance tomorrow, and political surveillance the day after that.

Congress was sufficiently alarmed to pull the plug on the Information Awareness Office in 2003. But in 2026, to quote the little girl in Poltergeist II, “they’re back.”

This time, the architects of total surveillance have been smart about branding. An executive order issued in March was titled “Stopping Waste, Fraud, and Abuse By Eliminating Information Silos.” It instructs all agencies and departments to make their information on Americans available to all other agencies.

These silos were there for a reason. They were put there by the Privacy Act of 1974, often described as “an American Bill of Rights on data.” The law’s purpose was to establish a Code of Fair Information Practice to govern the collection, maintenance, use, and dissemination of on all personally identifiable information (PII) of Americans. Despite this law, federal agencies are complying with the executive order, seeking data from each other and from the states (though 20 blue states are suing in federal court to stop data sharing).

The Immigration and Customs Enforcement agency (ICE) is now the gleaming tip of a data “ICEberg,” after a federal judge ruled that the Centers for Medicare and Medicaid Services can share the personal Medicaid data of 80 million Americans. Many agree with the administration that Medicaid needs to be reserved for Americans, not illegal aliens. But no one believes that there is anything close to 80 million illegals in the United States. How might all this PII on Americans be used? How long will this data be kept? How might it be shared with other agencies for very different purposes?
​
“Every generation imagines itself to be more intelligent than the one that went before it, and wiser than the one that comes after it,” George Orwell wrote. To blithely discard the guardrails of the Privacy Act – and to trust that vast amounts of highly personal information won’t one day be abused by the FBI, the IRS, and other agencies – is either cynical or beyond naïve.

​PPSA has long warned that allowing federal intelligence and law enforcement agencies to purchase Americans’ personal digital data from data brokers would build a surveillance state. Now the federal government has put in place the most effective tools to activate that surveillance state in America.
 
This is the natural consequence of two technologies purchased by Immigration and Customs Enforcement (ICE). Whether you believe ICE’s approach to mass deportations is necessary, or an exercise in cruelty, there is no question that what ICE is doing with technology is guaranteed to transform the whole balance between the federal government and its citizenry. It is deploying two forms of surveillance without a warrant that can track people to meetings with friends, their place of work, and homes, their houses of worship, while also drawing on data gleaned from social media to compile dossiers on Americans’ beliefs and personal associations. In using these technologies, ICE often doesn’t know if the target is an American citizen or someone who is not lawfully in this country.
 
Joseph Cox of 404 Media, in his most recent blockbuster revelation, details the consequences of two technologies purchased from a company called Penlink.
 
One such technology is Webloc, which allows ICE to draw a rectangle, circle, or polygon around a portion of a city and pick out smartphones of interest. Cox writes that “they can get more details about that particular phone, and, by extension, its owner by seeing where else it has traveled both locally and across the country. Users can click a route feature which shows the path the device took.”
 
Webloc’s surveillance relies on exploiting code in ordinary apps on our phones, like games and weather apps, that track our location. The rest comes from data brokers that sell our private information through real-time bidding. In the digital age, we are all standing on the digital auction block.
 
Another Penlink technology, called Tangles, is a social media monitoring product that can take an image of a person’s face on the street, identify that person, locate that person’s social media feeds, and produce a “sentiment analysis” from that target’s posts. At a glance, the government will have a file on your beliefs.
 
These new government capabilities should worry conservatives, libertarians, and MAGA supporters, as well as liberals and progressives. The effectiveness of such technologies makes it inevitable that it will spread beyond ICE to the FBI, IRS, and other agencies, as the government works to break down the traditional data silos between agencies. They are sure to be used against Americans by administrations of both parties.
 
Webloc and Tangles cost only a few million dollars – a rounding error for the federal government. As these capabilities expand and become daily practice, the constitutional balance of government by the consent of the governed – based on the Fourth Amendment’s requirement for a probable cause warrant – will inevitably give way to authoritarian control.
 
Only Congress can stop this. As the surveillance debate heats up ahead of the reauthorization of FISA Section 702 in April, Congress must urgently use that debate to pass a bill or an amendment that will restrict the currently unrestricted purchasing of Americans’ data by the government.
 
As an old Kenny Loggins rock song put it, “make no mistake where you are, your back’s to the corner … stand up and fight.” Let Congress know it is not acceptable for federal agencies to buy our private and sensitive data without a warrant.

​Michael Moore is a retired public-school teacher living in San Francisco. Nearly every day, as he drives to the store, to his sons’ schools, or to meet friends and family, his movements are watched and recorded at every turn. But he is not being tailed by a private detective or by the police.

Moore, like every other driver in San Francisco, is being tracked because he must navigate through the city’s network of almost 500 automated license plate readers (ALPRs).

These devices, operated by the San Francisco Police Department (SFPD), constitute a major link in the national surveillance network that the vendor Flock Safety is providing to state and local law enforcement. Moore has had enough. At the end of December, he filed a class action lawsuit in a federal courtroom on his behalf and on behalf of his fellow San Franciscans against the city and its police department over this continuous violation of their Fourth Amendment rights.

In his suit, Moore states that Flock ALPRs “make it functionally impossible to drive anywhere in the City without having one’s movement tracked, photographed, and stored in an AI-assisted database that enables the warrantless surveillance of one’s movements.”

Here are some of the topline revelations from Moore’s lawsuit:

Suspiciousness surveillance: Of the over 1 billion license plate scans collected by 82 agencies nationwide in 2019, “99.9 percent of this surveillance data was not actively related to any criminal investigation when it was collected.”

Creates “vehicle fingerprints”: “When Flock Cameras capture an image of a car, Flock’s software uses machine learning to create what Flock calls a ‘Vehicle Fingerprint.’ The ‘fingerprint’ includes the color and make and model of the car and any distinctive features, like an anti-Trump bumper sticker or roof rack. Flock’s software converts each of those details into text and stores them into an organized database.”

Tracks social networks: “Flock provides advanced search and artificial intelligence functions that SFPD officers can use to output a list of locations a car has been captured, create lists of cars that have visited specific locations, and even track cars that are seen together.”

Data stored indefinitely: “The data that Flock Cameras collect belong to the SFPD but Flock retains data on a rolling 30-day basis. Nothing, however, prevents the SFPD or its officers from downloading and saving the data for longer than SFPD’s 365-day retention period.”

Flock doesn’t just see and record – it thinks and analyzes:

“ALPR technology is a powerful surveillance tool that is used to invade the privacy of individuals and violate the rights of entire communities. ALPR systems collect and store location about drivers whose vehicles pass through ALPR cameras’ fields of view, which, along with the date and time of capture, can be organized by a database that develops a driver profile revealing sensitive details about where individuals work, live, associate, worship, protest and travel.”

Moore’s lawsuit poses a profound constitutional question: Can a city turn every resident into a perpetual suspect simply for driving on public roads?
​
The Fourth Amendment was written to forbid dragnet surveillance untethered to suspicion, warrants, or individualized cause. Yet San Francisco has quietly constructed a system that records nearly every movement of its citizens, not because they are suspected of wrongdoing, but because technology makes it easy. If this practice is allowed to stand, the right to move freely without government monitoring may become a relic – honored in theory, but surrendered in practice to cameras, algorithms, and convenience.

​Fresh on the heels of the Bill of Rights’ 234th birthday comes a salient reminder of just how difficult it is for those in power to resist abusing their authority, and why the Fourth Amendment in particular is every bit as relevant today as it was in 1791.

Wilmer Chavarria is suing the U.S. Department of Homeland Security (DHS) for an incident in Houston in July. According to his lawsuit, U.S. Customs and Border Patrol (CBP) agents detained him, demanded his passwords, then searched the contents of his devices as he tried to enter the country at George Bush Intercontinental.

Actually, make that returning home rather than trying to enter – Wilmer Chavarria is as American as tarta de manzana. He’s a school superintendent in Vermont, where apples are the state fruit and apple pie is literally the state pie (either à la mode or with cheddar). Born in Nicaragua, Chavarria became a citizen of the United States in 2018 after coming here a full decade earlier to do that most American of things – get an education. That day in July, this American citizen was returning home after visiting his mother and family in Nicaragua.

CBP separated him from his husband, then interrogated Chavarria for several hours before releasing him without explanation. Along the way, he was informed that he had no Fourth Amendment right to resist. The primary problem with that argument is, of course, that the Fourth Amendment applies to all American citizens. It clearly states that no one living under the authority of the Constitution must endure unreasonable search and seizure, and that a warrant, based on probable cause, must be obtained by authorities whenever one’s personal effects are to be searched.

To be clear, these protections do not apply to noncitizens seeking to enter the country. Chavarria was utterly and completely covered the moment he finished swearing “so help me God,” on the day of his naturalization. 

Another potential problem with the DHS/CBP argument is a landmark 2014 decision in which the U.S. Supreme Court declared that digital devices like cellphones are covered by the amendment’s original language of “persons, houses, papers, and effects.” But the ruling left the notorious “border exception” intact, which may explain CBP’s inclination to take a constitutional mile with the mere inch the parchment actually gives them. With any luck, Chavarria’s case may breathe renewed life into the space that United States v. Smith clawed back from the border exception in 2023.

Despite such rulings, border agents seem not only unfazed but also emboldened. According to research by the Pacific Legal Foundation, warrantless searches of electronic devices have quadrupled in the decade since the high court’s original 2014 ruling.

When asked about cases like Chavarria’s, CBP demurs. These tactics are “rare” and “highly regulated” according to the agency’s assistant commissioner Hilton Beckham. She also insisted to the Houston Chronicle that such searches are only used to combat serious crimes. “Lawful travelers,” she says, need not fear.

By such logic, Chavarria must have somehow represented a danger to national security. Perhaps New England schoolchildren, gay marriage, and naturalized Nicaraguans are a greater existential threat to the future of the republic than anyone previously realized.

Or it could be good old fashioned political targeting. In April, mere months before his trip, Chavarria refused to sign his state’s request to certify to the U.S. Department of Education that Vermont was not using “illegal DEI practices.” And he did so on the record, noting that his district is the most diverse in the state. The federal request was one that some 19 states, eventually including Vermont, simply refused to comply with. Agree or disagree with that position, it should be a matter of serious concern for people of all political stripes if the government applied a political standard to its warrantless intrusion into an American’s digital devices.

It is perhaps no coincidence, then, that before he even boarded his domestic flight back to Vermont that day, Chavarria received an email. In it, CBP announced that his longtime TSA Global Entry status had been revoked because he suddenly “did not meet program eligibility requirements.”
​
So it’s come to this: If you’re traveling abroad, consider using burner phones and leaving your personal and work devices at home.

VICE recently interviewed privacy expert Jason Bassler about the many ways that surveillance has crept into our daily lives and become more or less normalized. Jason is the co-founder of the Free Thought Project, whose site you might not want to visit if you’re already paranoid about being watched.

Among the observations that Jason offered VICE were the following. Think of them as a “State of Our Privacy” report:

Smartphones are the well-connected spies in our hand:

“Today’s mobile tech goes far beyond anything we saw even five years ago. Our phones constantly ping GPS satellites, Wi-Fi networks, and cell towers to triangulate our location, whether or not you’re using a map app. Apps quietly harvest this data and sell it to data brokers, who in turn sell it to agencies like ICE, the FBI, and even the U.S. military.”

If it’s a border, it’s biometric:

“TSA is expanding biometric surveillance across nearly all U.S. airports as part of a $5.5 billion modernization push. Airports nationwide will be utilizing facial recognition software, and over 250 airports will be accepting digital ID verification. It’s a similar situation with the U.S. Customs and Border Protection. Biometric data collected at borders is often retained indefinitely, and it’s increasingly shared with law enforcement and intelligence agencies, raising concerns about lack of oversight. Border control isn’t just about fences anymore. It’s about fingerprints, facial scans, and AI predictions.”

License plate readers are nearly ubiquitous:

“They’re designed to capture, analyze, and store vehicle data in real time. Think of them as a cop on the corner of your street, taking notes about every car that passes – its color, its make, its year, where it’s going, how often it goes there, how long it stays, and much more. Now, imagine an army of cops on every corner of your city doing that. This is what Flock [Safety brand] cameras are, except they are mounted on poles and traffic lights.”

Bassler also recommends the following ways to fight back against what he calls the growing “ecosystem” of surveillance and its normalizing influence:

• “Obscure your biometrics, especially if you’re at a protest or political event.

​

• Opt for strong passwords and turn off biometric unlocking features on your phone and devices.

 

• Disable GPS or Bluetooth when not in use, and avoid apps that demand location access.

 

• Use privacy-first tools and tech. Encrypted messaging apps like Signal help; VPNs and privacy browsers like Brave all help move in a better direction.

 

• Minimize your data trail – don’t overshare on social media, avoid posting real-time location or personal identifiers. Also, always opt out when possible. Decline facial scans at airports, stores, and events.”

Finally, Bassler reminds us to push back politically and let our voices be heard. One way to do that is to remind Congress to finish passing the Fourth Amendment Is Not For Sale Act and send it to the president’s desk.
​
For Vice’s interview with Bassler go here.

​San Jose, California, has 474 cameras tracking license plates – more than enough to create a network whose primary use seems to be mass invasions of privacy rather than criminal investigations. A new lawsuit against the city reveals that from June 2024 to June 2025, the police department conducted more than 250,000 warrantless searches of its license plate database.

City officials say the plate readers help solve serious crimes, including homicides, a claim the lawsuit does not dispute. But there aren't anywhere near 250,000 felonies in San Jose each year – which means those warrantless searches are being used for something else. The plaintiffs see two possibilities:

1) dragnet surveillance or

2) an outright tracking system.

If it is a tracking system that San Jose wants, it has the makings of one that is truly Orwellian. The city’s cameras apparently capture data points that include “vehicle, bumper stickers with political or other messages, make, model, color, and other details, depending on the camera's position, as well as GPS coordinates and date and time information.”

Even in camera-crazy, data-obsessed California, that’s pushing the envelope. What’s more, San Jose retains the data for a year, while the typical retention period in the state is 30 days. Few other jurisdictions use as many cameras, either per capita or in total.

Beyond the sheer scale, it’s the level of intimacy this data represents that rankles privacy advocates. Did you go to the gym last Tuesday morning before work? Did you go out on a date Friday night – and with whom? Did you go to a worship service or political rally? Or something else?
​
Who knows what peccadilloes lurk in the hearts of citizens? San Jose knows.

​When your identity is confirmed by a string of numbers in a computer, are you still yourself if the algorithm determines you (the person) are not you (the digital ID)?

One state, Utah, is leading the nation in answering this question with policies that safeguard humans, while Washington, D.C. is heading down the path of reducing humans to algorithms.
Consider ACLU’s Jay Stanley, who praised Utah for its “State-Endorsed Digital Identity” (SEDI), the state’s new framework for digital ID systems. In an approach that should be the norm rather than the notable exception, the Beehive State puts privacy first.

Utah begins with the conviction that identity “is not something bestowed by the state, but that inherently belongs to the individual; the state merely ‘endorses’ a person’s ID.” In other words, our identities belong to us. We are born with them. We own them. With that realization comes new-found respect for privacy and other forms of personal freedom. 

This view of identity stands in sharp contrast to the definition Stanley found in the data-driven world of federal law enforcement. With the feds, identity is becoming something only the state can grant, defaulting to incomplete or faulty digital verification of citizenship.

To be clear, both Utah’s SEDI platform and the federal approach utilize digital ID systems, but one is a case study in digital due diligence while the other illustrates the dangers of slapdash digital recklessness. The federal system is based on incomplete databases, poorly designed architecture, evolving (meaning, far from perfect) technology, and an utter disregard for the constitutional rights of individuals.

Utah’s approach differs from the federal approach in very important ways:
​

1. Being “user-centric” to ensure that government identification systems are used to empower individuals, not control them.
2. Being free from surveillance, visibility, tracking, or monitoring by any entity – including private companies and unauthorized government agencies and staff – other than the party that is solely authorized to check the ID.  
3. Making factors like security, completeness, and accuracy a top priority, in contrast to the unreliability of the facial recognition technology that underlies many of today’s digital verification systems.
4. Enforcing a user’s “right to paper” (or plastic), including continued and unfettered access to essential government services, even when using only non-digital, physical ID methods.  
5. Adhering strictly to constitutional rights, particularly Fourth Amendment protections against warrantless searches and dragnet-style fishing expeditions conducted without probable cause.

Stanley goes on to quote the Ranking Member of the House Homeland Security Committee, who reports that an app (called Mobile Fortify) used by Immigration and Customs Enforcement (ICE) now constitutes “definitive” determination of a person’s status “and that an ICE officer may ignore evidence of American citizenship – including a birth certificate.”

That’s bad enough on its own of course, but along the way, the government now sweeps up Americans’ biometric identifiers en masse. The databases Mobile Fortify accesses contain not only our photographs but enough records to constitute a permanent digital dossier.

Congress did not get to review, much less approve, any of this. The American people never voted on it. In fact, the whole thing leaves us wondering what happened to the Privacy Act, signed into law by President Ford in 1974. It has been described as “the American Bill of Rights on data.”  

By declaring that identity is solely digital, determined by stealthy algorithms and policies, and deniable to those whose data is non-existent, incomplete or inaccurate, the federal standard – in sharp contrast to Utah’s – subverts 250 years of traditional, constitutional practice. Remember: Our founders built the world’s most vibrant democracy on pieces of parchment copied by hand.

In any truly free society, identities are personal possessions (to help secure individual rights and facilitate their voluntary participation in society). Identities bestowed by the state ultimately serve only the state.

That we even need to ponder the nature of identity reveals the absurdity of these abuses our personhood and privacy. Nevertheless, here we are. Without transparent conversations and healthy debate, we face a future in which we are whomever the state says we are, made of malleable 0s and 1s, with nothing grounded in the physical world.
​
It's a discussion that, as of now, Utah alone seems committed to having.

​Those who live by surveillance cry by surveillance.
 
We wonder how many times politicians on both sides of the aisle will have to get slammed by the very government spying practices they’ve supported before this lesson sinks in.
 
Case in point: Rep. Eric Swalwell (D-CA). Last week, he filed a lawsuit against Bill Pulte, President Trump’s director of the Federal Housing Finance Agency, for accessing and leaking private mortgage records in retaliation for political speech.
 
Pulte has issued criminal referrals to the Department of Justice (DOJ) against Swalwell, New York Attorney General Letitia James, Sen. Adam Schiff (D-CA), and Federal Reserve Governor Lisa Cook on the basis of alleged mortgage fraud. A federal judge dismissed the charges against James, while President Trump used the allegation against Cook to fire her from the Federal Reserve Board (she remains in her job while the Supreme Court reviews the case).
 
Rep. Swalwell’s lawsuit makes an important point:
 
“Pulte’s brazen practice of obtaining confidential mortgage records from Fannie Mae and/or Freddie Mac and then using them as a basis for referring individual homeowners to DOJ for prosecution is unprecedented and unlawful.”
 
We cannot think of any prior use of private mortgage applications to harass political opponents (at least one of them, James, is arguably guilty of using lawfare herself to harass Donald Trump).
 
Pulte’s actions appear to be a flagrant violation of the Privacy Act of 1974, which governs how the government can and cannot handle Americans’ private information. The law, as Swalwell notes, “explicitly forbids federal agencies from disclosing – or even transmitting to other agencies – sensitive information about any individual for any purpose not explicitly authorized by law.”
 
Congress passed the Privacy Act to prevent the creation of a federal database that would create comprehensive dossiers on every American, something we’ve warned is now being attempted. The law specifically forbids agencies from freely sharing Americans’ confidential data gathered for one purpose (such as IRS tax collection), for another purpose (an FBI investigation). Agencies must issue written request justifying any such information sharing.
 
Pulte is anything but transparent.
 
“I’m not going to explain our sources and methods, where we get tips from, who are whistleblowers,” Pulte told the media. This mindset is in keeping with the corrupting spread of the best practices of the intelligence-surveillance state playbook. Today, it is the federal housing agency. We shouldn’t be surprised if tomorrow such “sources and methods” thinking trickles down to federal poultry inspections.
 
Meanwhile, we remain dry-eyed over Rep. Swalwell’s plight.
 
As a member of the House Judiciary Committee, Swalwell argued against – and voted against – the Protect Liberty and End Warrantless Surveillance Act. This bill would have reformed Section 702 of the Foreign Intelligence Surveillance Act by requiring a warrant before the government could access U.S. citizens’ data collected through programs enacted to surveil foreign threats on foreign soil.
 
The Protect Liberty Act would have ended the government practice of using a foreign database to conduct “backdoor searches” on Americans… not unlike, say, a regulatory agency pulling a political opponent’s private mortgage application. The principle of mutually assured payback is something to keep in mind when lawmakers again debate the provisions of Section 702 in April.

Imagine being targeted for surveillance because of your race – not with facial recognition or government inspection of your personal digital data, but through your electric meter. If you lived in parts of Sacramento, this is exactly what happened, as a decade-long scheme quietly bled Americans’ privacy one kilowatt hour at a time.

Sacramento’s Municipal Utility District (SMUD) and local police zeroed in on Asian-American customers, flagging those deemed to be using “too much” electricity. Many were assumed to be growing marijuana illegally – and police eagerly requested bulk data on entire ZIP codes to feed their suspicions.

The Electronic Frontier Foundation in July joined the Asian American Liberation Network to ask the Sacramento County Superior Court to end the local utility district’s illegal dragnet surveillance program. Last week, the court agreed, finding that routine, ZIP-code-wide data dumps had nothing to do with “an ongoing investigation.”

The court wrote:

“The process of making regular requests for all customer information in numerous city ZIP codes, in the hopes of identifying evidence that could possibly be evidence of illegal activity, without any report or other evidence to suggest that such a crime may have occurred, is not an ongoing investigation.”

The response from EFF was even sharper:

“Investigations happen when police try to solve particular crimes and identify particular suspects. The dragnet that turned all 650,000 SMUD customers into suspects was not an investigation.”

The court recognized the obvious danger – dragnets turn vast numbers of innocent citizens and entire communities into suspects.

Still, it wasn’t a clean sweep. The court stopped short of ruling that SMUD’s practice violated the “seizure and search” clause in California’s Constitution.
​
But even a qualified victory is still a victory. We are reminded that privacy wins do happen – one dragged-into-the-sunlight surveillance program at a time. This win is something to be thankful for as we count our blessings this week.

Enraged by The Marion County Record’s reporting on a public document about a restaurateur’s DUI, officers of the Marion, Kansas, police department and the local sheriff’s department raided the newspaper, and seized its computers, servers, and cellphones. Editor Eric Meyer had his home raided while his 98-year-old mother Joan – a former editor – watched the police ransack her home in great distress.
 
Joan Meyer died the next day.
 
Marion County has now agreed to pay a total of $3 million to the victims of this raid in 2023 and to Joan Meyer’s estate. The Marion County Sheriff’s Office, for its part in the raid, issued an apology as well as a check:
 
“This likely would not have happened if established law had been reviewed and applied prior to the execution of the warrants.”

The Freedom of the Press Foundation responded by saying:
 
“The First and Fourth Amendments strongly protect against searches of journalists and newsrooms.
 
“Under the Fourth Amendment, a search warrant must be supported by probable cause, which means a likelihood that contraband or evidence of a crime will be found at a particular place. The government must also specify the place to be searched and the thing to be seized.
 
“When a search warrant targets materials protected by the First Amendment – like notes, recordings, drafts, and materials used or created by journalists – the Fourth Amendment’s requirements must be scrupulously followed, the Supreme Court has said.
 
“This means that judges must be extra strict in applying the Fourth Amendment’s requirements when a search impacts First Amendment rights, which it will any time it involves a journalist or newsroom. What judges should never do is allow overly broad searches where police rifle through journalists’ desks and computer files willy-nilly in the hopes of turning up something ‘incriminating.’”
 
The Freedom of the Press Foundation also noted that Kansas, like most states, has a press shield law that would have required a court hearing before law enforcement could rifle through journalists’ confidential sources. The federal Privacy Protection Act of 1980 requires law enforcement to obtain a subpoena, not just a warrant, thereby giving The Record an additional opportunity to challenge the demand in court.
 
The Freedom of the Press Foundation concluded:
 
“Journalists also have a right to publish information given to them by a source, even if the source obtained it illegally, as long as the journalist didn’t participate in the illegality. That means that if a source gives a journalist a document or recording that the source stole, the journalist can’t be punished for publishing it.
 
“Because these things are not crimes, it also means that accessing publicly available information or publishing information that a source illegally obtained can’t be the basis for a raid on a newsroom or search of a journalist’s materials.
 
“Next time, think before you raid.”

Another in a long line of privacy-busting apps is making headlines. Anthony Kimery of Biometric Update reports that Immigration and Customs Enforcement (ICE) has an app that allows an officer to photograph a license plate, run it through commercial platforms and “instantly retrieve a vehicle’s historical sightings.”

The data that can be called up includes a vehicle’s “travel history, ownership records, and associated personal data.” In other words, portfolio building. In the old days, the feds mostly kept extensive files on criminals, suspects, and witnesses. Now merely driving a vehicle is reason enough to assemble a dossier that includes almost everything there is to know about someone.

The tech is powered by Motorola and Thomson Reuters among others. Privacy advocates have previously called out Motorola for license-plate privacy breaches. A 2022 Georgetown University report identified this firm as a go-to seller for agencies in search of consumer data, including utility records and driver’s license information. In 2019, Vice reported that the company’s contracts with ICE were lucrative, which perhaps is why “The Answer Company” wouldn’t respond with details about those dealings when Privacy International pressed for details in 2018. 

With this latest reporting, Kimery makes clear that ICE has found the perfect partners in its quest to build a national surveillance infrastructure:

“The scale is enormous. With billions of detections stored in Motorola’s network and deep identity datasets flowing from Thomson Reuters, the mobile app gives ICE a level of situational awareness that previously required specialized investigative teams and large analytic centers.”

The newly invigorated shift toward a national scale is an ominous one. Whereas agencies like ICE previously focused on border regions, ABC News notes:

“Border Patrol has built a surveillance system stretching into the country’s interior that can monitor ordinary Americans’ daily actions and connections for anomalies instead of simply targeting wanted suspects. Started about a decade ago to fight illegal border-related activities and the trafficking of both drugs and people, it has expanded over the past five years.”

Thomson Reuters previously got into trouble for selling personal data, a fact that the City of Denver recalled this summer when it put the brakes on an extension of its police contract with the company. Thoughtful objections by municipalities like Denver are admirable. But without robust constitutional guardrails installed by Congress and the states, there's no stopping invasive juggernauts like this one. As we concluded the last time we shared news about Motorola’s involvement in license plate surveillance:

“The need for lawmakers in Congress and the state capitals to set guardrails on these integrating technologies is growing more urgent by the day. Perhaps the best solution to many of these 21st century problems is to be found in a bit of 18th century software – the founders’ warrant requirement in the Fourth Amendment to the Constitution.”

​Robert Frommer, a senior attorney with the Institute for Justice, tells the harrowing story of George Retes, a U.S. citizen and Army veteran of the Iraq War, who was stopped in his car during an immigration sweep.

He was on his way to work when he encountered an Immigration and Customs Enforcement (ICE) roadblock. A melee broke out between protesters and ICE agents. Retes’s car was engulfed in tear gas.

The Institute for Justice reports that agents smashed Retes’s car window, dragged him out, and forced him to the ground with knees on his neck and back – even though he was not resisting.

Despite Retes presenting proof of his citizenship, ICE agents detained him for three days without charges, strip-searched him, and forced him to provide DNA samples. He was not allowed to call a lawyer or given a hearing before a judge. Because Reyes was held incommunicado, his family was left to frantically search for him.

Writing in MSN, Frommer explores what happens to the biometric data ICE collected on Reyes.

“In addition to our DNA, the Department of Homeland Security (DHS) has recently and quietly authorized ICE officers to forcibly collect and retain intimate identifiers: our fingerprints and digital images of our faces. Combined with other technologies, the department is creating a general warrant for our persons, the kind of abuse that ignited the American Revolution.

“A DHS document, meant to ensure our privacy, lays out the facts. An app called Mobile Fortify allows ICE and Customs and Border Protection (CBP) officers to photograph and scan anyone they ‘encounter’ in the field, regardless of citizenship or immigration status. If there isn’t a photo match, officers can collect people’s fingerprints, which are then checked against DHS biometric records. Once DHS has that sensitive data, the app feeds it into CBP’s Automated Targeting System – an enormous watch list that merges border records, passport photos and prior ‘encounter’ images. CBP retains every nonmatch photograph for 15 years, meaning that even if you’re an American citizen mistakenly stopped on the street, the government has your biometric records for (almost) a generation.”
​
Congress should investigate and debate this retention of Americans’ biometric records before reauthorizing a single surveillance authority. And PPSA is hopeful that ICE will be forced to explain its unconstitutional detention of George Reyes when it faces his lawsuit under the Federal Torts Claim Act.

​When it was recently revealed that Special Counsel Jack Smith used a grand jury subpoena to secretly access the phone records of eight U.S. Senators and one Member of the House, we were outraged.

We quoted Chief Justice John Roberts in Carpenter v. United States (2018) that “this Court has never held that the Government may subpoena third parties for records in which the subject has a reasonable expectation of privacy.”

We’ve also stood fast by the principle that a right is only a right if it has a remedy, which necessarily includes the ability to sue government officials who violate your constitutional rights.

Concerning the spying on Members of Congress, we wrote: “Senators, like everyone else, deserve a reasonable expectation that their phone records are private.”

Why, then, are so many House Republicans and Democrats up in arms about a last-minute provision stuck into the short-term funding bill that President Trump signed on Wednesday night? That provision, now law, allows individual senators to be awarded up to $500,000 in retroactive lawsuits against the government if their data was sought or obtained without them being notified.

Executive branch surveillance of senators is concerning because it directly impacts the independence of the legislative branch, the functioning of democracy, and thus ultimately the rights of us all. But does this have to mean that the rest of us should be treated as chopped liver?

Think about it:
​

• You cannot sue or in any way impede the dozen federal agencies – ranging from the FBI to the IRS and Department of Homeland Security – for purchasing your most sensitive personal digital data and examining it without a warrant.

 

• You cannot sue if the National Security Agency uses the “Make Everyone a Spy” law to ask your gym, office landlord, or church to hand over records of your communications carried by free Wi-Fi systems.

 

• You cannot sue if a federal prosecutor makes a similar intrusion into your phone logs but keeps it secret with a Non-Disclosure Order (NDO).

Only U.S. senators can sue for being improperly surveilled. And the money they can collect now they can stick right into their bank accounts. The Senate in the last Congress refused to join the House in passing the NDO Fairness Act, which would have restricted the government’s currently unlimited ability to issue gag orders to digital and telecom companies to prevent them from telling you that your records have been accessed.

About this last-minute Senate maneuver, Rep. Chip Roy (R-TX) said, “There’s going to be a lot of people, if they look and understand this, are going to see it as self-serving, self-dealing kind of stuff.”

As we approach next year’s reauthorization of FISA Section 702 – a surveillance authority enacted by Congress for foreign surveillance – Congress will have a golden opportunity to debate a number of reforms that can protect the rights of constituents.
​
Remember us?

​Customs and Border Protection (CBP) has long asserted a right to inspect the contents of the digital devices of Americans returning from abroad. Now, Wired’s Dell Cameron and Matt Burgess report that the recent increase in these invasive practices at ports of entry has caused the number of international visitors to the United States to plummet. They note that while most of these searches are basic, “where agents manually scroll a person’s phone,” deeper, tool-based sweep-searches do occur.
 
In either scenario, refusing to provide a passcode means subjecting oneself to massive delays or even the seizure of one’s device(s). And while digital inspection at the border is not a new trend, it’s a rapidly increasing one.
 
CBP’s own data shows warrantless digital inspections conducted at the border jumped from 8,503 in 2015 to more than 50,000 this year.
 
This accelerating increase of warrantless scanning of digital devices at the border is attracting attention internationally and concern here at home.
​
Four years ago we noted the need for respect for the Fourth Amendment at U.S. borders and entry zones. Sens. Ron Wyden (D-OR) and Rand Paul (R-KY) introduced the Protecting Data at the Border Act, and then renewed their push to pass this initiative. In between, investigative journalist Jana Winter found that CBP was spying on journalists.
 
By that time, the Inspector General of the Department of Homeland Security (DHS) had issued a scathing report on the privacy violations committed by its various agencies – with agents helping themselves freely to Americans’ location histories and other personal data. This was, the IG found, partly because the DHS Privacy Office “did not follow or enforce its own privacy policies and guidance.”
 
And it appears that the agency is still not adhering to its own internal procedures in collecting and retaining Americans’ personal data. On the heels of the phone search story comes another tale of CBP overreach. Only this time, it isn’t about personal devices. Rather, the agency is looking for contractors to build a massive fleet of AI-powered surveillance trucks.
 
Wired reports: “With a fleet of such vehicles, each would act as a node in a wider surveillance mesh.” This is a technical point, but its chilling philosophical ramifications are what strike us most. 
 
Node by node, our government is building a surveillance net to cover the country. This is all the more reason for Congress to use the upcoming debate over the reauthorization of FISA Section 702 in April to subject every element of this emerging surveillance state to long-delayed scrutiny.

​Imagine a dish called Surveillance Stew. It’s served anytime multiple privacy-threatening technologies come together, rather like a witch’s brew of bad ideas. It's best served cold.

The latest Surveillance Stew recipe includes location data, social media, and facial recognition. Nicole Bennett, who studies such things, writes in The Conversation that this particular concoction represents a turning point: borders are no longer physical but digital. The government has long held that the border is a special zone where the Fourth Amendment has little traction. Now the government is expanding border rules to the rest of America.

Immigration and Customs Enforcement (ICE) has put out a call to purchase a comprehensive social media monitoring system. At first glance, Bennett notes, it seems merely an expansion of monitoring programs that already exist. But it’s the structure of what’s being proposed that she finds new, expansive, and deeply concerning. “ICE,” she writes, “is building a public-private surveillance loop that transforms everyday online activity into potential evidence.”

The base stock of Surveillance Stew came with Palantir’s development of a national database that could easily be repurposed into a federal surveillance system. Add ICE’s social media monitoring function and the already-thoroughgoing Palantir system becomes “a growing web of license plate scans, utility records, property data and biometrics,” says Bennett, “creating what is effectively a searchable portrait of a person’s life.”

Such a technology gumbo seems less a method for investigating individual criminal cases than a sweeping supposition that any person anywhere in the United States could, at any moment, be a “criminal.” It’s a dragnet, says Wired’s Andrew Couts, noting that 65 percent of ICE detainees had no criminal convictions. Dragnets are inimical to privacy and corrosive to the spirit of the Constitution.

Traditional, law-based approaches to enforcement are one thing – and enforcement, of course, is ICE’s necessary job. The problem now, warns Bennett, is that “enforcement increasingly happens through data correlations” rather than the gathering of hard evidence.

We agree with Bennett's conclusion that these sorts of “guilt by digitization” approaches fly in the face of constitutional guardrails like due process and protection from warrantless searches. To quote Wired’s Couts again, “It might be ICE using it today, but you can imagine a situation where a police officer is standing on a corner and just pointing his phone at everybody, trying to catch a criminal.”

The existence of Palantir’s hub makes it inevitable that ICE’s expanded monitoring capability will migrate to other agencies – from the FBI to the IRS. And when that happens, what ICE does to illegal immigrants can just as easily be done to American citizens – by any government entity, for any reason.
​
When our daily lives are converted into zeroes and ones, the authorities can draw “borders” wherever they want.