Tag: mass surveillance

Europe Is Building a Digital Identity System for 450 Million People

The European Union is quietly constructing what may become one of the most sweeping digital identity systems ever attempted. Under new legislation, every EU member state must provide citizens with a government-approved “European Digital Identity Wallet” by 2026. This system will allow people to store official documents, verify identity, access government services, sign legal contracts, and potentially interact with financial institutions through a single digital platform. It is being marketed as a modernization effort designed to make life easier for citizens navigating an increasingly digital economy.

Supporters claim the digital wallet will simply replace physical paperwork. Instead of carrying passports, driver’s licenses, or other credentials, individuals will be able to verify their identity online with a government-issued digital key. The European Commission argues that this will streamline bureaucracy and allow citizens to interact with both public and private services more efficiently across all 27 member states.

Yet the implications extend far beyond administrative convenience. Once identity becomes centralized within a digital framework controlled or approved by government authorities, participation in everyday life increasingly depends on that system. Access to banking, employment verification, healthcare services, travel documentation, and legal contracts can all be integrated into the same identity infrastructure. What begins as a convenience quickly becomes a gateway through which access to modern society is managed.

Governments have always maintained population registries in one form or another. What makes digital identity systems fundamentally different is the speed and scale at which they operate. When identification becomes digitized and interconnected across borders, the ability to monitor economic and social activity expands dramatically. Identity verification can occur instantly, records can be updated in real time, and information can be shared between institutions with unprecedented efficiency.

This development becomes even more significant when viewed alongside other technological initiatives currently underway in Europe. The European Central Bank continues to explore the creation of a digital euro, a central bank digital currency that would exist entirely within electronic financial systems. If digital identity platforms and digital currency systems eventually intersect, financial activity and identity verification could become closely linked within the same infrastructure.

Keep reading

Florida Legislators Advance a Bill Authorizing Government Surveillance Based on ‘Views’ or ‘Opinions’

A bill that is advancing in the Florida Legislature would authorize government surveillance of people whose “views” or “opinions” are deemed “a threat” to state or national “interests.” What could possibly go wrong?

“This outrageous claim of authority would be a profound betrayal of Americans’ First Amendment rights,” Carolyn Iodice, legislative and policy director at the Foundation for Individual Rights and Expression, warns in a press release. “Imagine being arrested or having your home raided because the government has decided that your opinions are a ‘threat’ or simply don’t align with its interests. This puts everyone’s free speech rights at risk. Even if your views aren’t in the state’s crosshairs today, they could be tomorrow. Free societies do not investigate or arrest their own citizens for their opinions.”

The American Civil Liberties Union (ACLU) of Florida also has “grave concerns” about the bill. It “could easily be used to silence dissenting voices under the guise of security,” ACLU of Florida strategist Abdelilah Skhir told Florida Politics last month. “The vague and overbroad language could easily be weaponized against everyday Floridians engaged in First Amendment protected activity.”

State Rep. Danny Alvarez (R–Riverview), who filed the bill on December 30, does not understand what all the fuss is about. He says he is simply trying to combat threats such as “drug cartels,” “terrorist organizations,” and foreign “intelligence entities.” Last week, the Florida Phoenix reported that “Alvarez said it’s only been in the past week that he’s become aware of First Amendment concerns.”

Alvarez’s bill, H.B. 945, would create a Statewide Counterintelligence and Counterterrorism Unit within the Florida Department of Law Enforcement, consisting of “at least seven” 10-member teams. The unit would be charged with “identify[ing] threats by analyzing patterns of life, gathering actionable intelligence, and formulating effective plans of action, and by executing arrests or by revealing its intent to compel a response using all counterintelligence and counterterrorism tradecraft necessary to protect the state from adversary intelligence entities.”

What is an “adversary intelligence entity”? The bill’s definition goes far beyond spies employed by foreign governments. It says the term “includes, but is not limited to, any national, foreign, multinational, friendly, competitor, opponent, adversary, or recognized enemy government or nongovernmental organization, company, business, corporation, consortium, group, agency, cell, terrorist, insurgent, guerrilla entity, or person whose demonstrated actions, views, or opinions are a threat or are inimical to the interests of this state and the United States of America.”

On its face, the bill would empower the Statewide Counterintelligence and Counterterrorism Unit to investigate organizations and individuals based on the “views” or “opinions” they express. Alvarez insists that is not his intent. But by his own account, he did not recognize the obvious First Amendment implications of that broad mandate until a month and a half after he introduced the bill.

When some of his colleagues alerted him to those civil liberties concerns, Alvarez promised to address them. “We are very, very aware of the questions regarding [the] First Amendment,” he told Florida Politics last week. “We’re going to address that in an amendment that comes to the next committee.” He told reporters he was willing to excise the language referring to any “person whose demonstrated actions, views, or opinions are a threat or are inimical to the interests of this state and the United States of America.”

So far, however, the original version of the bill is the only one listed on the Florida Legislature’s website. And despite his avowed willingness to amend the bill, Alvarez does not seem to think it is actually necessary to do so.

Keep reading

Congress Is Considering Abolishing Your Right to Be Anonymous Online

In August 2024, the Biden administration hosted hundreds of influencers at the White House for the first-ever Creator Economy Conference. Neera Tanden, a senior Biden adviser, took to the stage and bemoaned anonymity online. The influencers alongside her agreed, pushing the idea that anonymous speech on the internet is harmful, and regulation is needed to force the use of real names on social media. The audience whispered excitedly as those on stage spoke about how proposed laws like the Kids Online Safety Act, or KOSA, could unmask every troll. 

This narrative of online safety, particularly in relation to children, has become central to the bipartisan effort to censor and deanonymize the internet for everyone. Today, a package of a dozen “child online safety” bills is moving forward in the House of Representatives with bipartisan support. The laws, framed as a way to crack down on harmful content and make the internet safer, would force social media companies to enact invasive identity verification measures in order to keep children from accessing online spaces.

The problem is that there’s no way to reliably verify someone’s age without verifying who they are. A platform cannot magically discern that a user is 16 without collecting identifying information, whether through government documents such as a passport, payment information like a credit card, or other identity-disclosing data. Whether that data is stored by the platform itself or outsourced to a vendor, the result is always the same: A user’s offline identity is forever linked with their online behavior.

Stripping anonymity from the internet would constitute one of the most sweeping rollbacks of civil rights in recent history. It would allow for unprecedented levels of mass surveillance and censorship, endangering the most marginalized members of society. Whistleblowers exposing corporate wrongdoing could be tracked and fired, government employees speaking out about illegal behavior or bad policies could face prosecution, and activists organizing protests could be identified and surveilled before ever setting foot on the street.

Keep reading

UK Government Secretly Tracked 25 Million People as Potential EV Owners

The UK government spent two years tracking 25 million mobile devices to build a picture of who drives electric cars. Not suspects or criminals. Just ordinary people whose browsing history mentioned EVs often enough to flag them as worth following.

The Department for Transport paid telecoms company O2 £600,000 ($809,000) to run the operation. According to the Telegraph, O2 trawled through its customers’ web browsing histories and app records, flagging anyone who visited an EV-related site at least once a month across two or more months.

That pool extended beyond O2’s own customers to include people on Tesco Mobile, GiffGaff, and Virgin Mobile, networks that run on O2’s infrastructure and whose users had no idea their data was being packaged and sold to a government agency.

Once flagged as a “potential EV owner,” your physical movements were traced across the country. London, the North-West, and the East of England received particular attention.

The techniques are standard in serious organized crime investigations. The DfT applied them to people buying environmentally friendly cars.

Andy Palmer, former executive at Nissan and Aston Martin, put it plainly: “I’m told it’s anonymized and aggregated, and that may well satisfy legal thresholds. But legality and legitimacy are not the same thing.” He added: “If you erode public trust in how that data is gathered, you undermine the very transition you are trying to accelerate.”

The idea of “anonymized” data means very little.

The surveillance ran for two years before the DfT quietly admitted defeat in April 2024, conceding that “mobile data cannot directly be used to provide information around charging behaviour or travel time.”

The program ended not because anyone questioned whether mass tracking of innocent people was appropriate, but because the data turned out to be useless for its stated purpose.

Civil servants from the DfT and Treasury were simultaneously exploring new EV taxes to replace fuel duty revenue. The people being surveilled were doing exactly what government policy encouraged them to do.

Conservative MP Sir David Davis drew the obvious conclusion: “It’s an object lesson in why you can’t trust the state with unfettered access to people’s information, because they’ve obviously taken this information without people’s permission with the objective of disadvantaging them, either by tax or other policy matters. If they’ll do it on this, with people who are doing what the government wants in policy terms, namely, pursuing green policies, what on Earth will they do elsewhere?”

Keep reading

Scientists warn against crappy age verification: ‘if implemented without careful consideration… the new regulation might cause more harm than good’

As age verification becomes more commonplace across the web, there are some trying to oppose its rollout on security and privacy grounds. An open letter signed by over 400 researchers and scientists arguing the many reasons why age verification (and most especially the current age assurance technology) isn’t all it’s cracked up to be is now available to read in full.

Here’s a precis on the whole thing: Governments across the world are adopting legislation to ensure usage or compliance with age assurance methods, in the name of keeping kids off the bad parts of the web. That sounds like a good idea until you look into the details. Those details suggest these are often haphazardly applied and with little regard for privacy and data protection.

The open letter outlines a few key arguments:

How easily age verification can be bypassed. This being evident by Discord’s age verification, provided by K-id, which could be bypassed by using Sam’s face in Death Stranding. As the open letter points out, it’s possible to lie about one’s age, trick a system, or buy age-verified credentials online. VPNs are also widely available and prove an easy way to bypass any and all age assurance methods, even if access to said VPNs is age-restricted.

How unreliable age estimation can be. All while potentially necessitating large-scale and invasive data collection or widespread use of government IDs at every online interaction for any semblance of effectiveness. As the letter notes, “We conclude that age assessment presents an inherent disproportionate risk of serious privacy violations and discrimination, without guarantees of effectiveness.”

How it necessitates a global trust infrastructure. This being one of the main goals of the EU’s digital identity wallet, though only pan-EU, being used as a common foundation for all member states to meet one another for age assurance. Though as the letter suggests, “even if such a trust infrastructure would exist, checks can be circumvented by acquiring valid certificates or using VPNs, as long as age assurance regulations are not universally enforced by all affected services.”

How it can push users to lesser-known, potentially dangerous websites. By enforcing age assurance, and with the larger, more responsible websites complying, there is a chance of pushing users to lesser-known, potentially dangerous or scam websites. Following the rollout of the UK’s Online Safety Act, one of the first investigations it launched was into porn websites that did not immediately comply with the new rules for age verification checks. Other websites chose to turn off services to the UK altogether.

Keep reading

California Law Forces Age-Tracking Into Every Operating System by 2027

California wants to build a surveillance layer into every device its residents touch. Assembly Bill 1043, signed by Governor Gavin Newsom and taking effect January 1, 2027, requires every operating system provider to collect age information from users at account setup and broadcast that data to app developers through a real-time API.

Windows, macOS, Android, iOS, Linux distributions, Valve’s SteamOS: if it runs an operating system, it’s covered by this overreaching law.

The proposals are particularly dumb for open-source Linux operating systems. Linux exists specifically because some people want computing that doesn’t surveil them. That’s not incidental to why the platform exists; it’s foundational.

Distributions like Arch, Debian, and Gentoo have no centralized account infrastructure by design. Users download ISOs from mirrors, modify source code freely, and run systems that report to nobody.

Keep reading

Leaked founder email says the quiet part out loud — Ring was built to spy on your neighborhood

Ring unveiled its controversial AI-powered Search Party feature in a multimillion-dollar ad that aired during the Super Bowl, sparking blowback from privacy advocates from left to right and dead center. Although the feature was positioned as a helpful way to track down lost pets and bring them home safely, a leaked email from Ring’s founder reveals a much more sinister purpose: Ring intended to spy on people all along.

Ring’s founder revealed the truth about Search Party

From the moment we heard about Search Party, one thing was clear — tracking down lost pets was only the tip of the iceberg. The obvious next step was clearly human surveillance. After all, Ring can already scan and identify designated humans with a feature called Familiar Faces. Once enabled, users can add the faces of friends and family to their Ring app so that their Ring camera can recognize these individuals when they stop by.

Helpful? Maybe. Creepy? When you consider the way Ring wants to secretly turn Search Party into a mass surveillance tool, most definitely.

We know this for a fact now, thanks to a leaked email written by Ring’s founder, Jamie Siminoff, himself. “I believe that the foundation we created with Search Party, first for finding dogs, will end up becoming one of the most important pieces of tech and innovation to truly unlock the impact of our mission,” he begins, pivoting immediately to a grander picture. “You can now see a future where we are able to zero out crime in neighborhoods. So many things to do to get there, but for the first time ever, we have the chance to fully complete what we started.”

Keep reading

What the Flock Is This: The Future of Mass Surveillance in the USA

Big Brother’s highway cameras now have AI, and they capture 6 to 12 photos of every car that goes by. Then, they all get uploaded into a huge national database, which out-of-state police and government agencies can access. They are very expensive and keep the information for 30 days.

Cameras are in 49 states.

It’s like being watched by a bunch of prison guards.

Anyone could access it publicly. Then came the lawsuits. What does this mean for mass surveillance in the United States?

Keep reading

UK Government Plans to Use Delegated Powers to Undermine Encryption and Expand Online Surveillance

The UK government wants to scan people’s photos before they send them. Not just children’s photos. Everyone’s.

Technology Secretary Liz Kendall spelled it out on BBC Breakfast, floating a proposal to “block photographs being sent that are potentially nude photographs by anybody or block children from sending those.” That second clause is the tell. Blocking “anybody” from sending potentially nude images requires scanning everybody’s messages. There’s no technical path to that outcome that doesn’t involve reading content the sender assumed was private.

Kendall said the government is conducting a consultation on “whether we should have age limits on things like live streaming” and whether there should be “age limits on what’s called stranger pairing, for example, on games online.” The consultation, she said, will look at all of these. That list now covers messaging apps, photo sharing, gaming, and live streaming. Any feature that lets you share an image with another person potentially falls inside it.

This is how the mandate grows. The government announced a push for new delegated powers on February 16, framing them around age verification for social media and VPNs.

Keep reading

Was It a Coincidental Traffic Stop or AI-Powered Surveillance?

Seth Ferranti was driving his Ford pickup on a southeastern Nebraska stretch of the interstate in November 2024 when law enforcement pulled him over, claiming that he had wobbled onto the hard shoulder.

As the Seward County sheriff’s deputies questioned Ferranti, a filmmaker who had spent 21 years in prison for distributing LSD, they allegedly smelled cannabis. Declaring this probable cause for a search, they searched the vehicle and discovered more than 400 pounds of marijuana.

But were those the actual reasons for the stop and search? When Ferranti went on trial, his attorneys presented a license plate reader report produced by the security communications company Motorola Solutions. It revealed Ferranti had been consistently monitored prior to his arrest, including by the local sheriff on the day he was apprehended. (Neither the sheriff’s office nor Motorola responded to Reason‘s requests for comment.)

Ferranti’s legal team argued that it was unconstitutional to surveil somebody based on his previous crimes. The argument did not carry the day: Last month their client was sentenced to up to two and a half years for possession of cannabis with intent to distribute. But the case still raises substantial moral and constitutional questions about both the scale of these public-private surveillance partnerships and the ways they’re being used.

Ferranti had long been a celebrity in the drug-reform world, going back to that LSD arrest in the early ’90s. After that first bust, he jumped bail, went on the lam, landed on the U.S. Marshals’ 15 Most Wanted Fugitives list, and even staged his own drowning to evade the authorities. After he started serving his sentence in 1993, he became a prolific prison journalist, writing the “I’m Busted” column for Vice. The New Jersey native always insisted that his crimes were nonviolent and that the drugs he sold, LSD and cannabis, had medicinal or therapeutic benefits.

After Ferranti came out of prison, his 2017 documentary White Boy—the true story of a teenage FBI informant who became a major cocaine trafficker—was a success on Netflix. He produced a number of further films, including 2023’s Secret History of the LSD Trade. And apparently, the government kept watching him.

It’s been watching a lot of people—and Motorola isn’t the only company helping it. Flock Safety was founded in 2017, and within five years it had tens of thousands of cameras operational. As the American Civil Liberties Union (ACLU) has warned, Flock’s AI-assisted automated license plate recognition (ALPR) system has been undergoing an “insidious expansion” beyond its supposed purposes of identifying vehicles of interest, such as stolen cars and hit-and-run suspects. Immigration and Customs Enforcement has used it to locate illegal migrants, and law enforcement in Texas used it to investigate a self-administered abortion, foreshadowing its potential use as a predictive policing tool for all Americans. Lee Schmidt, a veteran in Virginia, recently learned that the system logged him more than 500 times in four months. 

“I don’t know whether law enforcement officers are using [ALPRs] to do predictive policing,” says Joshua Windham of the Institute of Justice, a public interest law firm that is campaigning to stop the warrantless use of license plate reader cameras. “We know that [Customs and Border Patrol] is using ALPRs generally to stop cars with what they deem ‘suspicious’ travel patterns.”

After reviewing the document cataloguing the Ferranti’s vehicle monitoring, Windham adds: “The records are consistent with an officer either looking up a car in his system to see where else that car was captured by ALPRs, or that car showing up as a ‘hot list’ alert in the Motorola system. But it’s hard to tell, from the records alone, whether the stop was a ‘predictive policing’ stop.”

Ferranti is convinced it was. “There were no warrants, investigations, informants, state police, DEA, or FBI involvement, just Seward County Sheriff’s office [and an] AI-assisted license plate tracking service to perpetuate their outdated War on Drugs mission,” he said in an Instagram post published by his family following his sentencing. “Traveling the highways as a person with a record is now considered [suspicious] activity by the AI.”

Keep reading