​PPSA has long warned that allowing federal intelligence and law enforcement agencies to purchase Americans’ personal digital data from data brokers would build a surveillance state. Now the federal government has put in place the most effective tools to activate that surveillance state in America.
 
This is the natural consequence of two technologies purchased by Immigration and Customs Enforcement (ICE). Whether you believe ICE’s approach to mass deportations is necessary, or an exercise in cruelty, there is no question that what ICE is doing with technology is guaranteed to transform the whole balance between the federal government and its citizenry. It is deploying two forms of surveillance without a warrant that can track people to meetings with friends, their place of work, and homes, their houses of worship, while also drawing on data gleaned from social media to compile dossiers on Americans’ beliefs and personal associations. In using these technologies, ICE often doesn’t know if the target is an American citizen or someone who is not lawfully in this country.
 
Joseph Cox of 404 Media, in his most recent blockbuster revelation, details the consequences of two technologies purchased from a company called Penlink.
 
One such technology is Webloc, which allows ICE to draw a rectangle, circle, or polygon around a portion of a city and pick out smartphones of interest. Cox writes that “they can get more details about that particular phone, and, by extension, its owner by seeing where else it has traveled both locally and across the country. Users can click a route feature which shows the path the device took.”
 
Webloc’s surveillance relies on exploiting code in ordinary apps on our phones, like games and weather apps, that track our location. The rest comes from data brokers that sell our private information through real-time bidding. In the digital age, we are all standing on the digital auction block.
 
Another Penlink technology, called Tangles, is a social media monitoring product that can take an image of a person’s face on the street, identify that person, locate that person’s social media feeds, and produce a “sentiment analysis” from that target’s posts. At a glance, the government will have a file on your beliefs.
 
These new government capabilities should worry conservatives, libertarians, and MAGA supporters, as well as liberals and progressives. The effectiveness of such technologies makes it inevitable that it will spread beyond ICE to the FBI, IRS, and other agencies, as the government works to break down the traditional data silos between agencies. They are sure to be used against Americans by administrations of both parties.
 
Webloc and Tangles cost only a few million dollars – a rounding error for the federal government. As these capabilities expand and become daily practice, the constitutional balance of government by the consent of the governed – based on the Fourth Amendment’s requirement for a probable cause warrant – will inevitably give way to authoritarian control.
 
Only Congress can stop this. As the surveillance debate heats up ahead of the reauthorization of FISA Section 702 in April, Congress must urgently use that debate to pass a bill or an amendment that will restrict the currently unrestricted purchasing of Americans’ data by the government.
 
As an old Kenny Loggins rock song put it, “make no mistake where you are, your back’s to the corner … stand up and fight.” Let Congress know it is not acceptable for federal agencies to buy our private and sensitive data without a warrant.

​Michael Moore is a retired public-school teacher living in San Francisco. Nearly every day, as he drives to the store, to his sons’ schools, or to meet friends and family, his movements are watched and recorded at every turn. But he is not being tailed by a private detective or by the police.

Moore, like every other driver in San Francisco, is being tracked because he must navigate through the city’s network of almost 500 automated license plate readers (ALPRs).

These devices, operated by the San Francisco Police Department (SFPD), constitute a major link in the national surveillance network that the vendor Flock Safety is providing to state and local law enforcement. Moore has had enough. At the end of December, he filed a class action lawsuit in a federal courtroom on his behalf and on behalf of his fellow San Franciscans against the city and its police department over this continuous violation of their Fourth Amendment rights.

In his suit, Moore states that Flock ALPRs “make it functionally impossible to drive anywhere in the City without having one’s movement tracked, photographed, and stored in an AI-assisted database that enables the warrantless surveillance of one’s movements.”

Here are some of the topline revelations from Moore’s lawsuit:

Suspiciousness surveillance: Of the over 1 billion license plate scans collected by 82 agencies nationwide in 2019, “99.9 percent of this surveillance data was not actively related to any criminal investigation when it was collected.”

Creates “vehicle fingerprints”: “When Flock Cameras capture an image of a car, Flock’s software uses machine learning to create what Flock calls a ‘Vehicle Fingerprint.’ The ‘fingerprint’ includes the color and make and model of the car and any distinctive features, like an anti-Trump bumper sticker or roof rack. Flock’s software converts each of those details into text and stores them into an organized database.”

Tracks social networks: “Flock provides advanced search and artificial intelligence functions that SFPD officers can use to output a list of locations a car has been captured, create lists of cars that have visited specific locations, and even track cars that are seen together.”

Data stored indefinitely: “The data that Flock Cameras collect belong to the SFPD but Flock retains data on a rolling 30-day basis. Nothing, however, prevents the SFPD or its officers from downloading and saving the data for longer than SFPD’s 365-day retention period.”

Flock doesn’t just see and record – it thinks and analyzes:

“ALPR technology is a powerful surveillance tool that is used to invade the privacy of individuals and violate the rights of entire communities. ALPR systems collect and store location about drivers whose vehicles pass through ALPR cameras’ fields of view, which, along with the date and time of capture, can be organized by a database that develops a driver profile revealing sensitive details about where individuals work, live, associate, worship, protest and travel.”

Moore’s lawsuit poses a profound constitutional question: Can a city turn every resident into a perpetual suspect simply for driving on public roads?
​
The Fourth Amendment was written to forbid dragnet surveillance untethered to suspicion, warrants, or individualized cause. Yet San Francisco has quietly constructed a system that records nearly every movement of its citizens, not because they are suspected of wrongdoing, but because technology makes it easy. If this practice is allowed to stand, the right to move freely without government monitoring may become a relic – honored in theory, but surrendered in practice to cameras, algorithms, and convenience.

VICE recently interviewed privacy expert Jason Bassler about the many ways that surveillance has crept into our daily lives and become more or less normalized. Jason is the co-founder of the Free Thought Project, whose site you might not want to visit if you’re already paranoid about being watched.

Among the observations that Jason offered VICE were the following. Think of them as a “State of Our Privacy” report:

Smartphones are the well-connected spies in our hand:

“Today’s mobile tech goes far beyond anything we saw even five years ago. Our phones constantly ping GPS satellites, Wi-Fi networks, and cell towers to triangulate our location, whether or not you’re using a map app. Apps quietly harvest this data and sell it to data brokers, who in turn sell it to agencies like ICE, the FBI, and even the U.S. military.”

If it’s a border, it’s biometric:

“TSA is expanding biometric surveillance across nearly all U.S. airports as part of a $5.5 billion modernization push. Airports nationwide will be utilizing facial recognition software, and over 250 airports will be accepting digital ID verification. It’s a similar situation with the U.S. Customs and Border Protection. Biometric data collected at borders is often retained indefinitely, and it’s increasingly shared with law enforcement and intelligence agencies, raising concerns about lack of oversight. Border control isn’t just about fences anymore. It’s about fingerprints, facial scans, and AI predictions.”

License plate readers are nearly ubiquitous:

“They’re designed to capture, analyze, and store vehicle data in real time. Think of them as a cop on the corner of your street, taking notes about every car that passes – its color, its make, its year, where it’s going, how often it goes there, how long it stays, and much more. Now, imagine an army of cops on every corner of your city doing that. This is what Flock [Safety brand] cameras are, except they are mounted on poles and traffic lights.”

Bassler also recommends the following ways to fight back against what he calls the growing “ecosystem” of surveillance and its normalizing influence:

• “Obscure your biometrics, especially if you’re at a protest or political event.

​

• Opt for strong passwords and turn off biometric unlocking features on your phone and devices.

 

• Disable GPS or Bluetooth when not in use, and avoid apps that demand location access.

 

• Use privacy-first tools and tech. Encrypted messaging apps like Signal help; VPNs and privacy browsers like Brave all help move in a better direction.

 

• Minimize your data trail – don’t overshare on social media, avoid posting real-time location or personal identifiers. Also, always opt out when possible. Decline facial scans at airports, stores, and events.”

Finally, Bassler reminds us to push back politically and let our voices be heard. One way to do that is to remind Congress to finish passing the Fourth Amendment Is Not For Sale Act and send it to the president’s desk.
​
For Vice’s interview with Bassler go here.

​PPSA General Counsel Gene Schaerr told the House Judiciary Committee on Thursday morning that Congress faces four critical opportunities to restore Americans’ privacy as Section 702 of the Foreign Intelligence Surveillance Act (FISA) comes up for reauthorization in April.

Schaerr praised the committee for holding a timely oversight hearing as the nation approaches the 250th anniversary of the Declaration of Independence. “But with every passing year,” he said, “it is harder to square our emerging surveillance state with the ‘consent of the governed’ articulated in the Declaration.”

One driver of the surveillance state is FISA Section 702, originally enacted to target foreign threats on foreign soil, but which has instead become a tool the federal government uses to warrantlessly spy on Americans at home, he told the committee.

Schaerr then outlined four reforms Congress can enact in the coming months:

1. Add a probable-cause warrant requirement for “queries” – or searches – of Americans' communications caught up in Section 702 surveillance.

Under current rules, government personnel can conduct “backdoor searches” of Americans’ emails, messages, and other communications collected under Section 702 without court approval. A warrant requirement would close this loophole.

2. Require warrants when federal agencies, from the FBI to the IRS, purchase Americans’ sensitive digital information from data brokers.

This commercially available data includes Americans’ browsing histories, transaction and purchase records, online searches, and other revealing information about their private beliefs and associations. It is far more intimate than anything gleaned from diaries or public records.

3. Narrow the 2024 “make everyone a spy” provision.

Added in the final hours of the last surveillance debate, this law obligates providers of free Wi-Fi to comply with secret NSA demands for private communications. It allows the government to conscript office-space providers – including those who rent space to media organizations, law firms, and political campaigns – into enabling warrantless surveillance of people using their buildings’ internet networks. Even churches and other houses of worship could be targeted.

4. Strengthen the role of cleared civil-liberties experts (amici) in the FISA Courts.

Schaerr urged Congress to require courts to rely on amici for politically sensitive FISA cases by finally enacting the “Lee-Leahy Amendment” that passed the Senate in 2020 with 77 votes.
“Nearly a decade after the Trump campaign and transition were illegally surveilled, this key reform – which would have prevented many of the abuses that occurred in 2016 – is still not in place,” Schaerr said. He also urged the loosening of restrictions that prevent existing amici from accessing key materials and proceedings, needed for meaningful oversight inside the secret courts.

Schaerr concluded by praising the committee for taking the lead on congressional surveillance reform.

“With the bipartisan focus that has come to define this Committee’s work in this important area, I am confident that you can right this ship,” Schaerr said.

Gene Schaerr’s full written testimony can be read here.

​On Thursday, December 11 at 9 a.m. (ET), Gene Schaerr, PPSA’s General Counsel, will testify before the House Judiciary Committee – examining the growth of the surveillance state and how Congress can rein it in.

​You will hear:
 

• How the government continues to use Section 702 – a legal authority designed by Congress to surveil foreign threats on foreign soil – to conduct “backdoor searches” of Americans on American soil.

 

• How federal agencies routinely purchase Americans’ sensitive personal digital information, giving the government warrantless access to electronic records, web-browsing activities, transaction and purchase records, online searches, and other data that can be more personal and intimate than a diary.

 

• How a new authority obligates providers of office space for media outlets, law firms, and political campaigns to facilitate warrantless surveillance of their tenants. Even houses of worship are vulnerable to being asked to spy on their congregants.

 

• How the secret surveillance court continues to grant some requests to monitor Americans without meaningful review by experts in civil liberties.

 
Other witnesses will include:
 

• Brett Tolman, Former U.S. Attorney, District of Utah; Executive Director, Right on Crime

 

• James Czerniawski, Head of Emerging Technology Policy, Consumer Choice Center

 

• Liza Goitein, Senior Director, Liberty & National Security, Brennan Center for Justice

 
Again, watch it live at 9 a.m. (ET) on Thursday, Dec. 11, or catch the replay at your convenience.

​Those who live by surveillance cry by surveillance.
 
We wonder how many times politicians on both sides of the aisle will have to get slammed by the very government spying practices they’ve supported before this lesson sinks in.
 
Case in point: Rep. Eric Swalwell (D-CA). Last week, he filed a lawsuit against Bill Pulte, President Trump’s director of the Federal Housing Finance Agency, for accessing and leaking private mortgage records in retaliation for political speech.
 
Pulte has issued criminal referrals to the Department of Justice (DOJ) against Swalwell, New York Attorney General Letitia James, Sen. Adam Schiff (D-CA), and Federal Reserve Governor Lisa Cook on the basis of alleged mortgage fraud. A federal judge dismissed the charges against James, while President Trump used the allegation against Cook to fire her from the Federal Reserve Board (she remains in her job while the Supreme Court reviews the case).
 
Rep. Swalwell’s lawsuit makes an important point:
 
“Pulte’s brazen practice of obtaining confidential mortgage records from Fannie Mae and/or Freddie Mac and then using them as a basis for referring individual homeowners to DOJ for prosecution is unprecedented and unlawful.”
 
We cannot think of any prior use of private mortgage applications to harass political opponents (at least one of them, James, is arguably guilty of using lawfare herself to harass Donald Trump).
 
Pulte’s actions appear to be a flagrant violation of the Privacy Act of 1974, which governs how the government can and cannot handle Americans’ private information. The law, as Swalwell notes, “explicitly forbids federal agencies from disclosing – or even transmitting to other agencies – sensitive information about any individual for any purpose not explicitly authorized by law.”
 
Congress passed the Privacy Act to prevent the creation of a federal database that would create comprehensive dossiers on every American, something we’ve warned is now being attempted. The law specifically forbids agencies from freely sharing Americans’ confidential data gathered for one purpose (such as IRS tax collection), for another purpose (an FBI investigation). Agencies must issue written request justifying any such information sharing.
 
Pulte is anything but transparent.
 
“I’m not going to explain our sources and methods, where we get tips from, who are whistleblowers,” Pulte told the media. This mindset is in keeping with the corrupting spread of the best practices of the intelligence-surveillance state playbook. Today, it is the federal housing agency. We shouldn’t be surprised if tomorrow such “sources and methods” thinking trickles down to federal poultry inspections.
 
Meanwhile, we remain dry-eyed over Rep. Swalwell’s plight.
 
As a member of the House Judiciary Committee, Swalwell argued against – and voted against – the Protect Liberty and End Warrantless Surveillance Act. This bill would have reformed Section 702 of the Foreign Intelligence Surveillance Act by requiring a warrant before the government could access U.S. citizens’ data collected through programs enacted to surveil foreign threats on foreign soil.
 
The Protect Liberty Act would have ended the government practice of using a foreign database to conduct “backdoor searches” on Americans… not unlike, say, a regulatory agency pulling a political opponent’s private mortgage application. The principle of mutually assured payback is something to keep in mind when lawmakers again debate the provisions of Section 702 in April.

Imagine being targeted for surveillance because of your race – not with facial recognition or government inspection of your personal digital data, but through your electric meter. If you lived in parts of Sacramento, this is exactly what happened, as a decade-long scheme quietly bled Americans’ privacy one kilowatt hour at a time.

Sacramento’s Municipal Utility District (SMUD) and local police zeroed in on Asian-American customers, flagging those deemed to be using “too much” electricity. Many were assumed to be growing marijuana illegally – and police eagerly requested bulk data on entire ZIP codes to feed their suspicions.

The Electronic Frontier Foundation in July joined the Asian American Liberation Network to ask the Sacramento County Superior Court to end the local utility district’s illegal dragnet surveillance program. Last week, the court agreed, finding that routine, ZIP-code-wide data dumps had nothing to do with “an ongoing investigation.”

The court wrote:

“The process of making regular requests for all customer information in numerous city ZIP codes, in the hopes of identifying evidence that could possibly be evidence of illegal activity, without any report or other evidence to suggest that such a crime may have occurred, is not an ongoing investigation.”

The response from EFF was even sharper:

“Investigations happen when police try to solve particular crimes and identify particular suspects. The dragnet that turned all 650,000 SMUD customers into suspects was not an investigation.”

The court recognized the obvious danger – dragnets turn vast numbers of innocent citizens and entire communities into suspects.

Still, it wasn’t a clean sweep. The court stopped short of ruling that SMUD’s practice violated the “seizure and search” clause in California’s Constitution.
​
But even a qualified victory is still a victory. We are reminded that privacy wins do happen – one dragged-into-the-sunlight surveillance program at a time. This win is something to be thankful for as we count our blessings this week.

​When the narco-dictator of Panama, Manuel Noriega, took refuge in a Vatican diplomatic mission in Panama City after President George H.W. Bush ordered an invasion to topple him in 1989, the U.S. Army hit upon an ingenious, if obnoxious, solution to drive him out the compound and into their arms – Operation Nifty Package. Soldiers blared music at the enclave that included the punk rock interpretation of “I Fought the Law” by the Clash and AC/DC’s percussive “You Shook Me All Night Long.”
 
The songs went on without relief, day and night, until after ten days the sleep-deprived dictator finally turned himself in.
 
Many residents of the Buckhead area of Atlanta can attest to the effectiveness of this form of psychological torture. For two nights, a malfunctioning parking lot security tower at a shuttered Kroger grocery store has been flashing lights, shouting orders and playing music – at decibel levels approaching an air raid siren.
 
That the system is blaring classical music is no comfort. One of its selections is Tchaikovsky’s composition for the ballet, The Sleeping Beauty – an irony not lost on people who haven’t slept in two days.
 
“It’s beautiful when you listen and are looking at a play and it’s on your time,” one man told Atlanta’s 11Alive News. “But when you’re trying to sleep, it’s distracting.”
 
Perhaps you’ve had a taste of this, being startled after emerging from a movie theater late at night when from out of nowhere a flood light turns on. Police lights begin flashing on top of a metal tower. A stentorian voice shouts an order at you: “PLEASE EXIT IMMEDIATELY!”
 
There is a good reason why mobile, parking lot security towers are becoming commonplace in the lots of big box superstores, shopping malls, and grocery stores. These robotic guards keep watch with sensors, fish-eye cameras, see in infrared and regular light, and are equipped with AI to recognize and track human forms. These towers take no bathroom breaks and ask for no pay, but they do watch and record people who might be looking to break into cars, a store, or worse, harm an employee or last-minute shopper as she walks to her car. They can alert a human at a control station, who can call the police.
 
That is a good example of how surveillance can keep us safe. And, on balance, it is a needed public service. But we should also face the music: Surveillance, for good and ill, surrounds us everywhere now. Few people will mourn their lack of privacy in the moment it takes for them to exit a retail outfit to get to their car. But this is also just one more link in the chain of surveillance in which we are being watched inside the store, in the mall, and by license plate readers all the way home.

​When it was recently revealed that Special Counsel Jack Smith used a grand jury subpoena to secretly access the phone records of eight U.S. Senators and one Member of the House, we were outraged.

We quoted Chief Justice John Roberts in Carpenter v. United States (2018) that “this Court has never held that the Government may subpoena third parties for records in which the subject has a reasonable expectation of privacy.”

We’ve also stood fast by the principle that a right is only a right if it has a remedy, which necessarily includes the ability to sue government officials who violate your constitutional rights.

Concerning the spying on Members of Congress, we wrote: “Senators, like everyone else, deserve a reasonable expectation that their phone records are private.”

Why, then, are so many House Republicans and Democrats up in arms about a last-minute provision stuck into the short-term funding bill that President Trump signed on Wednesday night? That provision, now law, allows individual senators to be awarded up to $500,000 in retroactive lawsuits against the government if their data was sought or obtained without them being notified.

Executive branch surveillance of senators is concerning because it directly impacts the independence of the legislative branch, the functioning of democracy, and thus ultimately the rights of us all. But does this have to mean that the rest of us should be treated as chopped liver?

Think about it:
​

• You cannot sue or in any way impede the dozen federal agencies – ranging from the FBI to the IRS and Department of Homeland Security – for purchasing your most sensitive personal digital data and examining it without a warrant.

 

• You cannot sue if the National Security Agency uses the “Make Everyone a Spy” law to ask your gym, office landlord, or church to hand over records of your communications carried by free Wi-Fi systems.

 

• You cannot sue if a federal prosecutor makes a similar intrusion into your phone logs but keeps it secret with a Non-Disclosure Order (NDO).

Only U.S. senators can sue for being improperly surveilled. And the money they can collect now they can stick right into their bank accounts. The Senate in the last Congress refused to join the House in passing the NDO Fairness Act, which would have restricted the government’s currently unlimited ability to issue gag orders to digital and telecom companies to prevent them from telling you that your records have been accessed.

About this last-minute Senate maneuver, Rep. Chip Roy (R-TX) said, “There’s going to be a lot of people, if they look and understand this, are going to see it as self-serving, self-dealing kind of stuff.”

As we approach next year’s reauthorization of FISA Section 702 – a surveillance authority enacted by Congress for foreign surveillance – Congress will have a golden opportunity to debate a number of reforms that can protect the rights of constituents.
​
Remember us?

​Customs and Border Protection (CBP) has long asserted a right to inspect the contents of the digital devices of Americans returning from abroad. Now, Wired’s Dell Cameron and Matt Burgess report that the recent increase in these invasive practices at ports of entry has caused the number of international visitors to the United States to plummet. They note that while most of these searches are basic, “where agents manually scroll a person’s phone,” deeper, tool-based sweep-searches do occur.
 
In either scenario, refusing to provide a passcode means subjecting oneself to massive delays or even the seizure of one’s device(s). And while digital inspection at the border is not a new trend, it’s a rapidly increasing one.
 
CBP’s own data shows warrantless digital inspections conducted at the border jumped from 8,503 in 2015 to more than 50,000 this year.
 
This accelerating increase of warrantless scanning of digital devices at the border is attracting attention internationally and concern here at home.
​
Four years ago we noted the need for respect for the Fourth Amendment at U.S. borders and entry zones. Sens. Ron Wyden (D-OR) and Rand Paul (R-KY) introduced the Protecting Data at the Border Act, and then renewed their push to pass this initiative. In between, investigative journalist Jana Winter found that CBP was spying on journalists.
 
By that time, the Inspector General of the Department of Homeland Security (DHS) had issued a scathing report on the privacy violations committed by its various agencies – with agents helping themselves freely to Americans’ location histories and other personal data. This was, the IG found, partly because the DHS Privacy Office “did not follow or enforce its own privacy policies and guidance.”
 
And it appears that the agency is still not adhering to its own internal procedures in collecting and retaining Americans’ personal data. On the heels of the phone search story comes another tale of CBP overreach. Only this time, it isn’t about personal devices. Rather, the agency is looking for contractors to build a massive fleet of AI-powered surveillance trucks.
 
Wired reports: “With a fleet of such vehicles, each would act as a node in a wider surveillance mesh.” This is a technical point, but its chilling philosophical ramifications are what strike us most. 
 
Node by node, our government is building a surveillance net to cover the country. This is all the more reason for Congress to use the upcoming debate over the reauthorization of FISA Section 702 in April to subject every element of this emerging surveillance state to long-delayed scrutiny.

​Those of a certain age might remember the Domesticon, a line of 22nd century robotic butlers from the movie Sleeper. To avoid being caught by the authoritarian state, Woody Allen’s character Miles Monroe pretends to be a Domesticon during a dinner party. The scene is equal parts slapstick and satire. Miles’ cover is blown when he tries to help the host but acts too human in the process.

The Wall Street Journal’s Joanna Stern recently found that one actual prototype of the Domesticon is not entirely dissimilar to the fictional version. 1X Technologies is beta testing NEO, the $20,000 “home humanoid” it hopes to bring to market in 2026. Recently, Stern got to see it in action for the second time and discovered a decidedly Sleeper-like connection: NEO is part human.

Not organically, like a cyborg – so far the full integration of creature and computer is limited to cockroaches. No, NEO is remotely human, as in there’s a remote human operator back at company HQ, “potentially peering through the robot’s camera eyes to get chores done.”

Now, how’d you like to have that job? But as 1X CEO Bernt Børnich told Stern: “If you buy this product, it is because you’re okay with that social contract. If we don’t have your data, we can’t make the product better.”

Such transparency is refreshing. It is also a reminder of the Faustian bargain we must strike in order to make artificial intelligence work at the expense of our personal privacy. AI is unlike any software that came before in that it requires gargantuan amounts of data in order to learn its jobs. As Stern notes, “It needs data from us – and from our homes.” A world model, in other words, centered around us and private things we do at home. 

We expect these machines to be capable of fully human, fully competent, fully safe behaviors – all while being fully autonomous. None of that will happen without the ability to collect and learn from the data of day-to-day human lives. There are no shortcuts, either. When 1X let Stern drive NEO using one of the company’s VR headsets its human operators wear, she nearly dislocated its arm. The robot left for the shop in a wheelchair. The robot, a cross between “a fencing instructor and a Lululemon mannequin,” as she describes it, had neither’s dexterity nor style.

And during the first meeting the reporter had with NEO earlier in the year, the robot managed to faceplant.

“No way that thing is coming near my kids or dog,” she remembers thinking. Domestic robotics remains in its infancy – literally in Stern’s view. “The next few years won’t be about owning a capable robot; they’ll be about raising one.” Like a toddler, humanoid AI can’t learn without doing, watching, and remembering.

1X says users will be able to set “no-go” zones, blur faces in the video feed, and that human operators back at HQ will not connect unless invited to do so. CEO Børnich told Stern that such “teleoperation” was a lot like having a house cleaner. “Last I checked,” Stern responded wryly, “my house cleaner doesn’t wear a camera or beam my data back to a corporation.”

A punchline of sorts seems appropriate here: We’re big fans of the ethical AI principle that says always have a human in the loop – “but this is ridiculous!” 

Stern’s forthcoming book, I Am Not a Robot: My Year Using AI to Do (Almost) Everything and Replace (Almost) Everyone, is now available for pre-order. Readers can expect more dirt on NEO.
​
Unless he learns to vacuum first.

​Imagine a dish called Surveillance Stew. It’s served anytime multiple privacy-threatening technologies come together, rather like a witch’s brew of bad ideas. It's best served cold.

The latest Surveillance Stew recipe includes location data, social media, and facial recognition. Nicole Bennett, who studies such things, writes in The Conversation that this particular concoction represents a turning point: borders are no longer physical but digital. The government has long held that the border is a special zone where the Fourth Amendment has little traction. Now the government is expanding border rules to the rest of America.

Immigration and Customs Enforcement (ICE) has put out a call to purchase a comprehensive social media monitoring system. At first glance, Bennett notes, it seems merely an expansion of monitoring programs that already exist. But it’s the structure of what’s being proposed that she finds new, expansive, and deeply concerning. “ICE,” she writes, “is building a public-private surveillance loop that transforms everyday online activity into potential evidence.”

The base stock of Surveillance Stew came with Palantir’s development of a national database that could easily be repurposed into a federal surveillance system. Add ICE’s social media monitoring function and the already-thoroughgoing Palantir system becomes “a growing web of license plate scans, utility records, property data and biometrics,” says Bennett, “creating what is effectively a searchable portrait of a person’s life.”

Such a technology gumbo seems less a method for investigating individual criminal cases than a sweeping supposition that any person anywhere in the United States could, at any moment, be a “criminal.” It’s a dragnet, says Wired’s Andrew Couts, noting that 65 percent of ICE detainees had no criminal convictions. Dragnets are inimical to privacy and corrosive to the spirit of the Constitution.

Traditional, law-based approaches to enforcement are one thing – and enforcement, of course, is ICE’s necessary job. The problem now, warns Bennett, is that “enforcement increasingly happens through data correlations” rather than the gathering of hard evidence.

We agree with Bennett's conclusion that these sorts of “guilt by digitization” approaches fly in the face of constitutional guardrails like due process and protection from warrantless searches. To quote Wired’s Couts again, “It might be ICE using it today, but you can imagine a situation where a police officer is standing on a corner and just pointing his phone at everybody, trying to catch a criminal.”

The existence of Palantir’s hub makes it inevitable that ICE’s expanded monitoring capability will migrate to other agencies – from the FBI to the IRS. And when that happens, what ICE does to illegal immigrants can just as easily be done to American citizens – by any government entity, for any reason.
​
When our daily lives are converted into zeroes and ones, the authorities can draw “borders” wherever they want.

​Search our news blog for "Flock" and you'll hit the jackpot. This company has been a consistent source of concern for privacy watchdogs.
 
Just last week, the ACLU’s Jay Stanley summarized the results of a detailed Massachusetts open-records investigation. Thanks to Flock’s contracts with more than 40 Massachusetts police departments, Bay State drivers can now be tracked by 7,000 of the company’s customers – “in real time, without a warrant, probable cause, or even reasonable suspicion of wrongdoing.” To be clear, that surveillance of Massachusetts drivers can be conducted from other parts of the country… because why wouldn’t Texas authorities want to know what Massachusetts drivers are up to?
 
This chilling state of affairs is the result of Flock’s boilerplate contract language, which only changes if a police department demands it (most have not). The company’s contracts include an “irrevocable, worldwide, royalty-free, license to use the Customer Generated Data for the purpose of providing Flock Services.”
 
Stanley’s article includes additional anecdotes about Flock’s propensity for over-sharing that suggest the issue goes far beyond Massachusetts. In Virginia, for example, reporters found that “thousands of outside law enforcement agencies searched Virginians’ driving histories over 7 million times in a 12-month period.” As we’ve written before, Virginia is already one of the most surveilled states in the country, thanks largely to vendors like Flock Safety.
 
Consider following the ACLU’s advice for pushing back against this kind of Orwellian oversight. If we don’t say anything, nothing is going to change.

National security wake-up calls do not get louder than the revelation that a Chinese government-linked hacking group, known as Salt Typhoon, successfully penetrated major U.S. telecommunications carriers in 2024.  AT&T and Verizon were among the companies compromised, exposing the communications of Members of Congress, senior officials, and even both major-party presidential candidates.
 
This was not an isolated breach. It followed a 2023 cyberattack in which Chinese state hackers infiltrated Microsoft’s cloud-hosted email systems, compromising accounts at multiple federal agencies, including the Departments of State and Commerce. According to the Cyber Safety Review Board, the attackers downloaded roughly 60,000 emails from the State Department alone. Pilfered correspondence included those of Cabinet-level officials.
 
These events underscore an uncomfortable truth – the Department of Defense and the intelligence community cannot defend the nation with unencrypted communications routed through a handful of vulnerable providers.
 
The good news is that we do not have to accept this status quo. As the House and Senate negotiate the National Defense Authorization Act (NDAA) for Fiscal Year 2026, conferees must retain the Lummis-Wyden amendment, which mandates secure, interoperable, end-to-end-encrypted collaboration tools for the Pentagon.
 
A Pattern of Foreign Infiltration
From defense contractors to cloud service providers, adversarial regimes have repeatedly exploited weak communication infrastructure to spy on U.S. institutions. The Salt Typhoon and Microsoft incidents illustrate how a single breach in a major service can compromise thousands of sensitive conversations. When communication systems lack end-to-end encryption, even one point of failure can expose entire networks to foreign intelligence agencies.
 
What Lummis-Wyden Would Do
This measure requires the Department of War to use only collaboration systems that meet rigorous cybersecurity standards – including true end-to-end encryption that ensures only the sender and intended recipient can read a message, even if servers in between are hacked.
 
Just as importantly, Lummis-Wyden mandates interoperability. Today, the Pentagon is confined to using a small set of proprietary, “walled garden” platforms that block seamless communication across systems. Interoperable standards would allow the Defense Department to adopt superior tools as they emerge, preventing vendor lock-in that traps communications in the domains of single companies, while enhancing long-term resilience of the Pentagon’s digital networks.
 
By promoting interoperability and strong encryption, Lummis-Wyden would open the door to competition, inviting companies to develop more secure, agile, and affordable solutions. America’s defense and intelligence agencies should never be dependent on single-point-of-failure vendors whose systems are ripe targets for global espionage.
 
A Strategic Imperative
From the theft of federal employee records to the infiltration of telecom carriers, the pattern is unmistakable: insecure communications infrastructure is a strategic liability.
 
Passing Lummis-Wyden would do more than patch vulnerabilities: it would redefine what secure collaboration means in the 21st century. It would signal that America prizes both privacy and resilience, and rewards technologies that deliver genuine end-to-end security rather than superficial compliance checkboxes.

​Here’s a quick news item that will come as a surprise to absolutely no one, except perhaps for hermits who have been living in caves since AI went mainstream in 2022. Two new pieces of reporting, from Stanford and Tech Policy Press, confirm the fresh dangers to privacy emerging from the AI frontier.
 
First to Palo Alto, where researchers evaluated the privacy policies of six frontier AI developers. You can check out the complete analysis, but here are the takeaways from the abstract. Spoiler alert – they’re not a win for privacy:

• All six AI developers appear to employ their users' chat data to train and improve their models by default
  
  
• Some retain this data indefinitely
  
  
• Developers may collect and train on personal information disclosed in chats, including sensitive information such as biometric and health data, as well as files uploaded by users
  
  
• Four of the six companies examined appear to include children's chat data for model training, as well as customer data from other products
  ​
  
• On the whole, developers' privacy policies often lack essential information about their practices, highlighting the need for greater transparency and accountability.

 
The Tech Policy Press interview with experts sheds some light on why “agentic AI” is so dependent on user information. Agentic AI refers to generative AI with the ability to act independently. Generative AI says things. Agentic AI does things. Both are built on the large language models Stanford studied.
 
It’s a logical evolution – think of asking a restaurant chef to give you his recipe versus having a live-in chef who plans and prepares them. But it’s all built on memory. The more AI is allowed to remember about us, the more effective it will be at meeting our asks. “The central tension, then, is between convenience and control,” the experts told Tech Policy Press.
 
We would add that if you think you’re trusting AI what to remember about your prompts and interests and what not to remember, think again. We’re really talking about trusting companies like the ones in the Stanford study – because they’ll be the ones licensing the AI. As of now, then, the fate of your data ultimately rests in the hands of others. From the interview:
 
“Who, exactly, can access your agent’s memories – just you, or also the lab that designed it, a future employer who pays for integration, or even third-party developers who build on top of the agent’s platform?
 
In short, these experts say, the stakes are these:

“Deciding what should be remembered is not just a question of personal preference; it’s a question of governance. Without careful design and clear rules, we risk creating agents whose memories become less like a helpful assistant and more like a permanent surveillance file.”

We close with a refrain that will be familiar to our readers – now is the time for common-sense laws that privilege personal privacy. Without it, these experts warn, AI will become a tool of enclosure rather than empowerment.

​Outrage, the currency of our times, is being minted at a furious rate over Special Counsel Jack Smith’s use of grand jury subpoenas to spy on the telephone metadata records of eight senators and one congressman around the time of the Jan. 6th 2021 assault on the U.S. Capitol.

One statement of majestic and appropriate outrage – the gold standard, if you will – came from Sen. Rand Paul (who was not among those surveilled). He wrote in Breitbart:

“Our Founding Fathers objected to general warrants that allowed soldiers to go from house to house searching homes of American colonists, [and] I think they would be equally horrified by a government that goes from phone to phone collecting data on all Americans.”

Then there is Sen. Lindsey Graham, one of the targets of Smith’s surveillance, who shouted (rhetorically, starting at 2:35) at Attorney General Pam Bondi, “Can you tell me why my phone records, when I’m the Chairman of the Judiciary Committee, were sought by the Jack Smith agents, why did they ask to know who I called and what I was doing from January 4th to the 7th, can you tell me that?”

It's a good question.

David Corn, writing in the progressive Mother Jones, had his own angle of outrage – that President Trump “incited a violent assault on the Capitol, and for hours – as cops were being beaten and Democratic and Republican legislators were being threatened – did nothing in the hope this domestic terrorism would benefit him and allow him to stay in power …

“Should that not have been thoroughly investigated?”

Another good question.

Here’s our take. Yes, after the trashing of the U.S. Capitol, savage beatings of Capitol police, and the erection of a gallows to “hang Mike Pence,” it would have been astonishing for the government not to investigate. But when the executive branch spies on the metadata of Members of Congress – data that can yield a wealth of private information – you would expect a special prosecutor, appointed by one president to investigate his predecessor and likely future opponent, to dot all “i’s” and cross all “t’s.”

Instead of adhering to a strict constitutional standard, Jack Smith predicated his surveillance of U.S. senators and a representative on a subpoena issued by a grand jury. Such a panel, as New York Chief Judge Sol Wachtler famously said, would gladly indict a ham sandwich if that was what the prosecution wanted.

In his Breitbart piece, Sen. Paul quotes Chief Justice John Roberts when the Supreme Court held in Carpenter v. United States (2018) that geolocation from cellphone metadata was a privacy interest protected by the Fourth Amendment. Justice Roberts, for the majority, wrote, “this Court has never held that the Government may subpoena third parties for records in which the subject has a reasonable expectation of privacy.”

Senators, like everyone else, deserve a reasonable expectation that their phone records are private. Of course, senators – also, like everyone else – are not exempt from lawful investigations. But when one branch investigates another – when one political party investigates its opponents – is it too much to ask that the government respect the Fourth Amendment? If Jack Smith had a good reason to surveil nine Members of Congress, he should have made his case for probable cause before a neutral magistrate and obtained a warrant – as the Constitution requires.
​
That Smith instead chose to slather two pieces of bread with mustard and add a slice of ham indicates (mixed metaphor alert) that he was on nothing more than a fishing expedition. When politics intersect with criminal law, prosecutors must adhere to the most rigorous standards. That is in keeping with the character of an exceptional nation. We must not lose it.

​We’ve long reported on Pegasus, the prolific spyware that allows attackers to access the calls, texts, emails, and images on a target’s smartphone. Worse, Pegasus can turn on a phone’s camera and microphone, transforming it into a 24/7 spying device that the victim helpfully takes from place to place.

• This technology was used by Saudi intelligence to track the soon-to-be murdered journalist Jamal Khashoggi, helped cartels in Mexico to target journalists for assassination, and was implicated in political spying scandals from India to Spain.

 

• One of the most insidious aspects of Pegasus is that it is “zero-click” malware, meaning it can be remotely installed on a phone and the user doesn’t have to fall for a phishing scam or commit some other act of poor digital hygiene.

But Pegasus has a flaw – digitally savvy victims may be tipped off by a phone’s unusually high data usage, overheating, quick battery drain, and unexpected restarts. If you’re suspicious that Pegasus has been planted in your smartphone, you can scan for it via the Mobile Verification Toolkit developed by Amnesty International’s Security Lab.

Unfortunately, evolution works on spyware as it did on dinosaurs, creating new predators with enhanced stealth and devastating lethality.

Enter First Wap’s Altamides. Based in Jakarta, Indonesia, First Wap’s technology can do what Pegasus does, but without installing malware or leaving digital traces. It tracks people, Mother Jones reports, by exploiting archaic telephonic networks designed without security in mind. It can track users’ movements, listen in on their calls, and extract their text messages.
Recent versions can even penetrate encrypted messaging apps.

• Victims of such surveillance reportedly include Blackwater founder Erik Prince, Google engineers, the actor Jared Leto, and the wife of former Syrian dictator Bashar al-Assad. Mother Jones also found “hundreds of people with no public profile swept up in the dragnet; a softball coach in Hawaii, a restaurateur in Connecticut, an event planner based in Chicago.”

Who has purchased this surveillance weapon?

Lighthouse Reports, a coalition of media organizations, performed a sophisticated sting operation in which a journalist posed at a Prague sales conference as a shady buyer for an African mining concession. The journalist said he was looking for a way to identify, profile, and track environmental activists.

The salesman replied: “If you are holding an Austrian passport, like me, I am not even allowed to know about the project, because otherwise I can go to prison.”

The salesman, who (irony alert) was secretly videotaped by the journalist, added: “So that’s why such a deal, for example, we make it through Jakarta, with the signature coming from our Indian general manager.”

When the undercover journalist came back for another meeting, he elicited on tape senior First Wap executives discussing workarounds through Niger-to-Indonesia bank transfers to sell its technology to individuals under international sanctions.

Click below for a short film about this undercover sting.

​U.S. Sen. Ron Wyden (D-OR) told Mother Jones that this story only underscores the extent to which the U.S. government and telecoms have failed to make patches to “the glaring weaknesses in our phone system, which the government and phone companies have failed dismally to address.”

​Amazon’s Ring doorbell cameras are the always-on eyes of the American neighborhood. Owners are free to provide to police images related to suspected crimes, whether a porch pirate or a prowling burglar. But they can also share images of a lawful protest, or turn over warrantless evidence against a targeted individual.
 
Ring is one link in the expanding national chain of visual surveillance. Added to closed-circuit television systems and police-monitored surveillance cameras sold by the tech company Flock Safety, all the elements of a national surveillance system are falling into place.
 
Now, one more element has just been secured with a new partnership between Ring and Flock. Elissa Welle of The Verge reports that “local U.S. law enforcement agencies that use Flock’s platforms Nova or FlockOS can request video footage from Ring users through the Neighbors app.”
 
There is some good news: In the request, Ring says that law enforcement must include details about an alleged crime and its time and location. Individual users still get to decide for themselves whether to respond to a police request for video. And law enforcement cannot see who does or does not respond, limiting the potential for pressure tactics. Still, the integration of Flock – which sells automated license plate readers capable of tracking cars nationwide – into the doorbells of America should be a matter of deep concern.
 
Sen. Ron Wyden (D-OR) told Flock’s management in a letter:
 
“I now believe that abuses of your product are not only likely but inevitable, and that Flock is unable and uninterested in preventing them. In my view, local elected officials can best protect their constituents from the inevitable abuses of Flock cameras by removing Flock from their communities.”
 
The partnership of Flock with Ring is even more troubling in light of Amazon’s reversal of reforms it made in 2024. The company had previously pulled its app feature, which had allowed police to remotely ask for and obtain footage from Ring users. Now, Ring is reinstating the feature, once again making it easy for police to solicit warrantless video from homeowners without a warrant. New policies will also allow police to request live-stream access.
 
Flock does not currently apply facial recognition to its images. The Electronic Frontier Foundation, however, reports that internal Ring documents show an appetite to integrate artificial intelligence – including, perhaps, video analytics and facial recognition software – into its product.
 
Step by step, corporations are working with each other and with government to link technologies to create a national surveillance system. What may be used for commendable purposes today can be used for any purpose tomorrow.

​Section 702 of the Foreign Intelligence Surveillance Act is an authority enacted by Congress to allow U.S. intelligence agencies to surveil foreign spies and terrorists. But it has been used in the past by the federal government to extract the communications of millions of Americans.

• Among those who had their privacy violated by Section 702 data were 19,000 donors to a congressional campaign. This authority was also used to spy on a state senator, a state judge, a congressman, and a U.S. senator. If judges and Members of Congress can have their rights violated, imagine how much respect the FBI and other government agencies have for your privacy.

Concerned by this abuse of Section 702 authority, Congress put this surveillance power on a short leash – with the next reauthorization in April 2026.
 
Now Sen. Tom Cotton (R-AR) is reportedly promoting the idea of delaying the next reauthorization of this key surveillance authority for another 18 months. No matter how well-intentioned, this is a bad idea that would derail any meaningful debate on surveillance reform in this and the next Congress.  
 
Such a delay would also remove any leverage Congress has to perform meaningful oversight of an intelligence community that resists accountability at almost every turn.
 
The April 2024 Debate Produced Significant Reforms
 
The last reauthorization demonstrates that the leverage of a hard deadline at a relatively calm time in the legislative calendar yields results.

• In the face of furious lobbying by the intelligence community, surveillance reformers on the Hill managed to leverage the April 2024 hard deadline to require the FBI to provide quarterly reports on the number of Americans targeted under Section 702.

 

• Champions of reform proposed a warrant requirement for the extraction of an American’s communications – an amendment that came within one vote of passing the House. Congress also took the Section 702 debate as an opportunity to end “abouts” data collection, a loose practice that prompted the FISA Court to publicly excoriate the National Security Agency for an “institutional lack of candor” about a “very serious Fourth Amendment issue.”

Finally, Congress shortened the window for the next reauthorization of Section 702 – and its attendant surveillance debate – from five years to just two. This ensured that any new issues that emerged would be tracked by congressional overseers.
 
The Issues Ahead
 
With the next Section 702 reauthorization vote set for April 2026, Congress is beginning once again to treat it as an opportunity to discuss broader surveillance policy.
Emerging questions include:
​

• Why, and under what exact authority, did the FBI surveil the communications of eight senators and one House Member in 2021?

 

• A recent Department of Justice report portrays FBI agents as suffering from anxiety and “audit fatigue” in meeting the requirements of Section 702 reforms. If this is the case, couldn’t their anxiety be relieved by sharing responsibility with judges in the form of warrants?

 

• The FBI, IRS, and other federal agency purchase the digital breadcrumbs we leave online when we communicate or conduct an online search. When, if ever, will Congress get another opportunity to require a warrant for the acquisition of Americans’ personal data?

 

• If the Section 702 debate is scrapped next April, when else will Congress get a chance to review the operations of the “make everyone a spy” provision, a last-minute addition in the 2024 debate that obliges almost all businesses to help the government spy on their customers?

If your answer to the above questions is that these issues can simply be taken up after the 18-month extension, think again.
 
The Crowded Calendar of October 2027
 
The beauty of an April reauthorization is that it falls at a fairly calm time in the legislative calendar. An 18-month delay would bump the Section 702 reauthorization vote and the next surveillance debate into the next Congress, to October 2027, amid the press of business around the end of the budgetary cycle. Such debates would have to compete with a likely continuing resolution and a host of contentious spending measures.
 
There would be no time to debate anything about surveillance. It would just be another “clean” reauthorization – which would suit the advocates of the status quo just fine.
Members should remain firm: Congress agreed to an April 2026 reauthorization debate for Section 702.
 
Let’s keep it that way.

“Just because you’re paranoid doesn’t mean they aren’t after you,” says Yossarian, Joseph Heller’s terrified bomber pilot in Catch-22. The same could now be said by eight U.S. Senators and one U.S. House Member – all Republicans – who were secretly spied upon by the FBI during the Biden administration.
​
For five years now, the Project for Privacy and Surveillance Accountability has filed Freedom of Information Act (FOIA) requests demanding records from the FBI and other intelligence agencies about the possible surveillance of Members of Congress. We used every legal avenue – from FOIA requests to lawsuits – to compel the FBI, the Department of Justice, the Office of the Director of National Intelligence (ODNI), the National Security Agency, and the Department of State to disclose documents about the possible surveillance of Members of Congress with oversight responsibility over this intelligence community.

In short, we wanted to know if the FBI and other agencies were “overseeing” their ostensible overseers in Congress.

The government’s only response was the flippant use of the “Glomar response,” a court-created doctrine in which an agency can issue a “neither confirm nor deny” answer. In one instance, a response from ODNI came back within four business days, unprecedented speed for the bureaucracy. The Glomar response was originally created to protect a super-secret CIA project to retrieve a sunken Soviet nuclear submarine. Now it is being used to hide domestic spying.

At the time, Gene Schaerr, PPSA general counsel, responded: “The government doesn’t want to even entertain our question. What do they have to hide?”

Now we know at least part of what the government has to hide.

The FBI in 2023 analyzed the phone records of Sen. Lindsey Graham (R-SC), Sen. Bill Hagerty (R-TN), Sen. Josh Hawley (R-MO), Sen. Dan Sullivan (R-AK), Sen. Tommy Tuberville (R-AL), Sen. Ron Johnson (R-WI), Sen. Cynthia Lummis (R-WY), Sen. Marsha Blackburn (R-TN), and Rep. Mike Kelly (R-PA).

Among them we count three sitting members of the Senate Judiciary Committee, charged with oversight of the FBI, as being targeted by Bureau surveillance.

What was the FBI up to? The FBI document states it “conducted preliminary toll analysis on limited toll records,” meaning it secured and analyzed calls made by these Members in relation to their votes on whether to certify the 2020 presidential election results. The FBI’s analyses were based on metadata – who called whom and when. As research from Stanford University has shown, such seemingly innocuous records can yield “surprisingly sensitive personal information” about the likely contents of those calls.

That is one reason why Sen. Chuck Grassley, Chairman of the Senate Judiciary Committee, called this a “weaponization by federal law enforcement under Biden” that was “arguably worse than Watergate.”

We predict this is just the tip of the iceberg. The ease with which the FBI surveilled prominent Members of Congress hints at the underlying reasons for which PPSA’s queries have been batted away so consistently by the intelligence community. We believe that time will reveal that there is more – much more – evidence of the intelligence community accessing the private communications of Congress.

Next year Congress will hold a debate over the reauthorization of Section 702 of the Foreign Intelligence Surveillance Act. It should be clear to all Members that the FBI can’t be trusted. We need reforms across the board, from ending the abuse of Section 702 as a source of warrantless domestic surveillance, to ending government data purchases.

​You might think that where you go and with whom you meet is your private information. And it is. But now it’s also accessible to the government, with a federal agency purchasing software to track the location of your phone.

Joseph Cox of 404 Media reports that the U.S. Immigration and Customs Enforcement (ICE) is buying an “all-in-one” surveillance tool from Penlink to “compile, process, and validate billions of daily location signals from hundreds of millions of mobile devices, providing both forensic and predictive analytics.”

That chilling quote is ICE’s own declaration. Apparently, acquiring Penlink’s proprietary tools are the only way to beat criminals at their own game.

ICE is not taking us down a slippery slope. It is going straight to the gully, discarding any concept of the prohibition against warrantless surveillance in violation of the Fourth Amendment. From there, monitoring the movements of the general population is simply an act of political will. As with facial recognition software, notes the Independent’s Sean O’Grady, it is one more example of the “creeping ubiquity of various types of surveillance.”

Indeed, location is but one element of commercial telemetry data (CTD), the industry term for information acquired from cellphone networks, connected vehicles, websites, and more. PPSA readers know that banning the sale of CTD to government agencies is one goal of the bipartisan Fourth Amendment Is Not For Sale Act, which passed the House in the previous Congress.

Collecting and selling CTD is the shady business of the data broker industry, a practice the Federal Trade Commission once tried, meekly, to rein in. Indeed, for one brief shining moment, even ICE previously announced it would stop buying (but continue to use) CTD after the Department of Homeland Security’s own Inspector General found that DHS agencies weren’t giving privacy protections their due.

And yet here we are. As the Electronic Frontier Foundation’s Beryl Lipton recently put it in Forbes:

“This extension and expansion of ICE’s Penlink contract underlines the federal government’s enthusiasm for indiscriminate and warrantless data collection on as many people as possible. We’re still learning about the extent of the government’s growing surveillance apparatus, but tools like Penlink can absolutely assist ICE in turning law-abiding citizens and protestors into targets of the federal government.”
​
These tools are in the hands of ICE today, but they could be in the hands of the FBI, IRS, and other federal agencies in the blink of an eye. Congress should take note of this development when it debates reauthorization of a key surveillance authority – FISA Section 702 – next spring.

​Closed circuit television (CCTV) has changed very little since its introduction in the 1960s – essentially passive systems that merely display whatever they’re aimed at. In fact, without a human at the other end, there was no real surveillance taking place.

That was always the flaw in George Orwell’s 1984 – it would take as many people to surveil as there are people to surveil. And the watchers would have to try to remain alert throughout the day as they watched people eat breakfast, brush their teeth, and wash their dishes.

Then the ability to digitally store vast amounts of surveillance made the task of surveillance easier. But now that AI is here, it is proving to be the real game-changer.

The new generation of CCTV security cameras are capable of autonomous surveillance and action. “Watched by AI guards,” boasts ArcadianAI, whose Ranger line of products operates on its own, proactively identifying what it sees as threats and subsequently alerting authorities.

It’s largely thanks to recent “advances” in computer vision and vision language models, which speak of “objects,” a fiendishly clever euphemism for anything – bodies, body parts, events, contexts, movements, behaviors, colors, dimensions, distances, sounds, textures. In effect, anything that can be recognized and classified as its own distinct kind of pattern.

Thus updated surveillance video now “thinks” about what it’s seeing. Case in point: An orchestral piece powered by AI video. It’s a bit of PR for Axis Communications to make the point that its CCTV systems can detect whatever its clients seek to find and, with that information, do previously unimaginable things.

This moment represents a threshold of sorts: defining, recognizing, and interpreting patterns without limit. Using such technology for musical composition is innocuous enough, but what about scanning a scene for skin color, hair style, facial features, gait, ethnicity, gender, age… or failing to applaud… or using a secret handshake?

Amid all the hype about AI’s possibilities, it’s important to step back and remember that there is nothing inherently moral about creativity – not in medicine, physics, management, or any human endeavor. Yet, here we are rushing headlong into a frenzied new era of possibility with no guardrails or ethical standards in sight.

​“Made in China” products should carry the warning “Watching from China,” according to threat assessor Michael Lucci in an interview with Fox News. Nebraska Attorney General Mike Hilgers agrees and is suing the Chinese firm, Lorex, accusing it of using technology the FCC banned in 2022. Lorex cameras are commonly sold by U.S. retailers ranging from Costco to Best Buy, Kohls, and Home Depot.

Nebraska’s complaint accuses Lorex of using tech from Dahua, one of the companies the FCC banned after accusing it of sharing American consumers’ data with the Chinese government. So far, Lorex and other companies have managed to get around the ban by employing a popular strategy known as “white labeling,” in which products are made generically by Company A but sold under Company B’s name.

India recently made a similar determination about such products, imposing stringent new security requirements on mostly Chinese-made CCTV cameras. As we wrote at the time, China’s rap sheet when it comes to using products to spy on other countries is a long one. Nowhere is this truer than in the United States, China’s largest trading partner and most persistent observer.

Lorex’s cameras are frequently sold for in-home surveillance of infants and small children. But what threat could a baby monitor pose? Who cares if every gurgle and burp is captured?
Consider: With video and audio monitoring, Beijing could listen in to the conversations of parents who work in the military or in intelligence agencies. Knowing when thousands of parents with such duties are being called in for a weekend or late night could, in an emergency, be priceless strategic intelligence. The device could also be within earshot of parents talking about work in a way that yields intelligence about commercial business plans or useful Washington gossip.

As always, China is playing a numbers game. The PRC hoovers in vast intelligence, and then turns to AI and a vast army at the Ministry of State Security and its many consultants to winnow out useful intelligence. That is why Attorney General Hilgers calls these baby monitors a “national security issue.” Even if all Beijing has access to is Mom asking Dad to go to the kitchen for a bottle of milk, the erosion of privacy is galling. No American couple signs up to let a foreign government in their baby’s bedroom.
​
If these concerns are accurate, then parents and families aren’t the only ones being watched. All of which also makes us queasy about the growing popularity of AI-powered children’s toys – or, perhaps, justifiably paranoid.

​That shouldn’t merit a headline, but it does. We’ve often reported on the Department of Justice’s responses to our Freedom of Information Act (FOIA) requests for internal policies concerning the use of cell-site simulators, commonly known as stingrays.

In the past, we’ve received non-response responses to our FOIA request, including one in which DOJ sent us 40 redacted pages from MISTER BLANK in the office of BLANK, with only this statement: “Hope that’s helpful.” We noted at the time that this could only be taken as a middle-finger salute to FOIA itself.

There now seems to be a more responsive spirit at DOJ. A new reply to our FOIA request arrived this month. True, it was still less than fulsome. But it was a response! And what it did reveal was encouraging. It showed a determination to abide by a 2015 DOJ memo requiring probable cause warrants before this technology can be used, except in emergency circumstances.

DOJ personnel were informed:

“The core of this new policy is to require search warrants for use of the devices, except in rare circumstances such as a threat to life and limb. It also requires transparency with the courts in the way that we apply for legal process, and it dictates what should be done with information about cell phones that are not related to the investigation.”

This leaves you wondering why some previous respondents at DOJ chose obfuscation and a rude brushoff instead of showcasing an internal determination to abide by the Fourth Amendment.

Stingrays are devices that mimic cell towers, pinging the phones of people within a geofenced area to reveal their location, movements, and potentially some contents within their phones. This technology can sweep up the personal information of hundreds of people in a given area. This actually happened when the Richmond, Virginia, police searched for a bank robber. Their sweep compromised the Fourth Amendment rights of diners in a Ruby Tuesday restaurant, guests at a Hampton Inn, residents of an apartment complex, and seniors in an assisted living facility.

This incident demonstrates that while the Justice Department has a tight policy regarding the use of stingrays, different rules apply to a dozen other federal agencies and at least 75 state agencies around the country that also use this surveillance technology. The FBI instructs police to use stingrays to develop leads, but use other means to develop “primary evidence.” This sure sounds like a suggestion to construct parallel evidence.

Shouldn’t defendants know if evidence used against them was taken from their phones?
​
Still, we are happy to take good news when we can get. Here’s to encouraging the DOJ to continue to abide by its policy of applying a warrant requirement to stingrays.

​We’ve reported extensively on how high schools across the United States are monitoring the communications of students for the sake of “safety.” Now an anonymous teacher in the United Kingdom, after learning that a system called Senso secretly monitors whatever students or staff type, explains his concerns about privacy – but also, much more.

From Unherd:

“At first, I thought my reaction was about privacy. Partly, it was. But what lingered – what I kept turning over – was something else. A kind of moral labour was being handed over to a machine: the quiet discipline of noticing, of staying with another person’s experience, of holding their reality in mind. And no one seemed to notice, or care. 

“What I was seeing – or rather, what was vanishing – was a form of attention. Not just focus or vigilance, but something older and more human. The effort to see someone in their full, contradictory reality – not as a data point, a red flag, or a procedural category …

“Tools like Senso make that trade easy – and invisible. They train us to scan for risk, not to remain with the person. Moral attention is the ground of judgement, the beginning of care. It is also a stance of active presence: an effort to refuse reducing the person in front of us to the signals a system is designed to detect. 

“As Simone Weil wrote: ‘Attention is the rarest and purest form of generosity.’ It is not just noticing – it is the effort to see someone else as they are, without turning away … 
​
“Sociologists have long recognised that moral life depends not only on individual decisions, but on shared structures. When those structures weaken – when proximity is replaced by process – something shifts. The moral weight of a situation is no longer felt; it is processed. As judgement is replaced by assessment, the capacity for care erodes.”