Tag: privacy

When Smart Meters Turn Into Spy Tools

California’s robust privacy protections are facing a critical test as the Electronic Frontier Foundation (EFF) and community advocates press forward with a lawsuit to dismantle what they describe as an illegal and biased surveillance operation run by Sacramento’s public electric utility.

In a legal filing submitted last week, the EFF laid out evidence that the Sacramento Municipal Utility District (SMUD), which serves more than 650,000 customers, has spent over a decade monitoring detailed home electricity data and funneling it to police without a warrant. The organization calls this an unconstitutional “dragnet surveillance” program that unlawfully invades household privacy on a massive scale.

We obtained a copy of the filing for you here.

“This case is about Sacramento Municipal Utility District’s…dragnet surveillance of SMUD customers’ homes using sensitive and confidential energy usage information,” the brief begins. “The decade-long surveillance violates the California Constitution and a state privacy statute.”

SMUD’s so-called “smart meters,” installed in nearly every home it serves, transmit power usage in 15-minute intervals to the utility multiple times per day. This data, the lawsuit argues, offers a detailed portrait of home life, including sleep patterns, occupancy, and even personal routines. “SMUD analysts can, in effect, use the data to digitally peer into a person’s home,” the brief explains.

EFF alleges that SMUD has routinely handed over customer information to local police departments, including names, addresses, and usage history, without any individualized suspicion or judicial oversight. In many cases, these disclosures were based solely on arbitrary consumption thresholds. “SMUD has turned over…the names, addresses, and electrical consumption information of more than 33,000 customers through a zip code list,” the brief states.

Keep reading

The Wearables Trap: How the Government Plans to Monitor, Score, and Control You

Bodily autonomy—the right to privacy and integrity over our own bodies—is rapidly vanishing. The debate now extends beyond forced vaccinations or invasive searches to include biometric surveillance, wearable tracking, and predictive health profiling.

We are entering a new age of algorithmic, authoritarian control, where our thoughts, moods, and biology are monitored and judged by the state.

This is the dark promise behind the newest campaign by Robert F. Kennedy Jr., President Trump’s Secretary of Health and Human Services, to push for a future in which all Americans wear biometric health-tracking devices.

Under the guise of public health and personal empowerment, this initiative is nothing less than the normalization of 24/7 bodily surveillance—ushering in a world where every step, heartbeat, and biological fluctuation is monitored not only by private companies but also by the government.

In this emerging surveillance-industrial complex, health data becomes currency. Tech firms profit from hardware and app subscriptions, insurers profit from risk scoring, and government agencies profit from increased compliance and behavioral insight.

This convergence of health, technology, and surveillance is not a new strategy—it’s just the next step in a long, familiar pattern of control.

Surveillance has always arrived dressed as progress.

Every new wave of surveillance technology—GPS trackers, red light cameras, facial recognition, Ring doorbells, Alexa smart speakers—has been sold to us as a tool of convenience, safety, or connection. But in time, each became a mechanism for tracking, monitoring, or controlling the public.

What began as voluntary has become inescapable and mandatory.

Keep reading

Ireland’s Dangerous War on Encryption

The Irish government’s proposed Communications (Interception and Lawful Access) Bill would significantly expand the state’s ability to monitor digital communications, thereby striking at the very foundation of end-to-end encryption. 

This form of encryption, used by services like WhatsApp, iMessage, and Signal, ensures that only the sender and the recipient can access the content of a message. Under the new bill, Gardaí, the Defence Forces, and the Garda Ombudsman would be allowed to intercept private messages in real time. Achieving this would require altering or bypassing encryption entirely.

Such a measure would introduce a permanent vulnerability into digital infrastructure. Once a system is designed to allow access for one party, others can and will exploit it. 

Backdoors do not stay private. They create a single point of failure that can be used by cybercriminals, hostile foreign governments, or commercial spyware operations. 

The government claims that oversight and warrant requirements will ensure the powers are used responsibly. However, no legal safeguard can address the underlying technical risk created by breaking encryption. 

The presence of a backdoor makes every message on a platform more exposed, whether or not it is the target of surveillance. Encryption cannot be selectively weakened. Any interference compromises the security of the system for all users.

Major technology companies have already taken strong positions against laws that would force them to degrade encryption. 

Apple recently removed some of its data protection features from the UK rather than comply with legislation that would have weakened user privacy. 

Keep reading

How to Stop Google’s Gemini AI from Accessing Your Apps

Google has initiated a broad Android update that enables its Gemini AI assistant to access third-party apps such as WhatsApp, even when users had previously set their devices to block such interactions.

This shift is taking place starting this week and appears to override individual privacy preferences, leaving many Android users without a clear path to opt-out.

According to ArsTechnica, in an email sent ahead of the rollout, Google linked to a support page that confirms “human reviewers (including service providers) read, annotate, and process” data accessed by Gemini.

The email fails to provide direct steps for those hoping to prevent the AI from integrating with their apps.

While it claims users can block specific app interactions, it also states that data will still be stored temporarily for 72 hours.

The message offers conflicting statements about user control. It says Gemini will begin integrating with services like WhatsApp, Phone, and Messages “whether your Gemini apps activity is on or off.”

Yet shortly after, it says, “If you have already turned these features off, they will remain off.” Nowhere in the email or the support pages does Google explain how users can fully remove Gemini from their devices or prevent it from being enabled in the background.

Keep in mind that WhatsApp is an end-to-end encrypted messaging and the app Gemini accesses it undermines that encryption.

Keep reading

Trial begins as Meta investors, Zuckerberg square off over alleged privacy violations

An $8 billion trial by Meta Platforms (META.O) shareholders against Mark Zuckerberg and other current and former company leaders kicked off on Wednesday over claims they illegally harvested the data of Facebook users in violation of a 2012 agreement with the U.S. Federal Trade Commission.

The trial started with a privacy expert for the plaintiffs, Neil Richards of Washington University Law School, who testified about Facebook’s data policies.

“Facebook’s privacy disclosures were misleading,” he told the court.

Jeffrey Zients, White House chief of staff under President Joe Biden and a Meta (META.O) director for two years starting in May 2018, is expected to take the stand later on Wednesday in the non-jury trial before Kathaleen McCormick, chief judge of the Delaware Chancery Court.

The case will feature testimony from Zuckerberg and other billionaire defendants including former Chief Operating Officer Sheryl Sandberg, venture capitalist and board member Marc Andreessen as well as former board members Peter Thiel, Palantir Technologies (PLTR.O) co-founder, and Reed Hastings, co-founder of Netflix (NFLX.O).

A lawyer for the defendants, who have denied the allegations, declined to comment.

Keep reading

EU Digital ID Wallet Trials Near End Amid Privacy Concerns

Potential, one of the consortia selected to trial the EU’s planned Digital Identity (EUDI) Wallet, is preparing to conclude its work by September 2025.

The group, which came together in 2023, has played a role in laying the foundation for a system that privacy advocates warn could dramatically expand the surveillance and data collection capabilities of both governments and private companies.

The EU’s original target of launching the wallet in 2024 has already shifted, with the current deadline now pushed back to 2026.

Over the course of its mandate, Potential coordinated with 155 organizations across 19 countries, drawing in major corporations including Idemia, Thales, Amadeus, and Namirial.

Together, they developed six proposed uses for the digital wallet, covering activities such as opening a bank account, registering SIM or eSIM cards, accessing government services, using a mobile driving license, applying a Qualified eSignature, and presenting electronic prescriptions.

Each of these use cases, while framed as a convenience for citizens, raises questions about how personal data will be stored, shared, and protected in this new ecosystem.

A series of large-scale tests have already been conducted. The first remote trials began in May 2024. February 2025 saw cross-border testing in Warsaw, where 15 national wallets and 20 services exchanged data in peer-to-peer mode.

Keep reading

Hawaii Governor Signs Medical Marijuana Expansion Bill, After Calling One Of Its Provisions ‘A Grave Violation Of Privacy,’

On the heels of signaling a possible veto of a bill meant to expand access to medical marijuana in Hawaii, Gov. Josh Green (D) instead signed the measure into law over the weekend, regardless of a provision he recently described as “a grave violation of privacy.”

HB 302 will make two main reforms around patient access. First, it allows a patient’s primary treating medical provider to recommend marijuana for any malady they see fit, regardless of whether it’s a specified qualifying condition in Hawaii. It also allows patients to receive medical cannabis recommendations through telehealth visits rather than having to establish an in-person relationship with a provider.

Before lawmakers sent the bill to Green, a conference committee revised the plan, inserting a provision to allow the state Department of Health to access medical marijuana patient records held by doctors for any reason whatsoever.

The revised bill authorizes the Department of Health to “inspect a qualifying patient’s medical records held by the physician, advanced practice registered nurse, or hospice provider who issued a written certification for the qualifying patient.” Providers who don’t comply with a department request for a patient’s records could see their ability to issue medical cannabis revoked.

Advocates initially supported HB 302 as a means to expand access to patients with conditions beyond those specified under state law. But many withdrew support following the conference committee’s changes.

An additional provision establishes a new Class C felony for unlicensed operation of a dispensary, adding another major charge on top of the state’s existing laws against illegal distribution of marijuana.

In early June, Green himself put the cannabis measure on a list of bills he intended to veto—an indication, though not a commitment, that he was leaning towards rejecting it.

“Although this bill’s authorization of medical cannabis certifications via telehealth expands access to medical cannabis,” his office wrote at the time, “provisions authorizing the inspection of patients’ medical records without warrant constitute a grave violation of privacy.”

Keep reading

Student Visa Applicants Will Now Be Forced To Make Their Social Media Accounts Public

In a Monday announcement, several U.S. embassies stated that student visa applicants will be required to turn the settings on their social media accounts to “public” in order to facilitate scrutiny of their posts, presumably for ideological screening. The change is part of a recent string of crackdowns on international students, which has targeted many who have participated in pro-Palestinian protests or expressed anti-Israel views.

In a social media post, the U.S. Embassy in London wrote that “every visa adjudication is a national security decision,” adding that applicants for several kinds of student visas would be required to “adjust the privacy settings on all of their personal social media accounts to ‘public’ to facilitate vetting necessary to establish their identity and admissibility to the United States.” Several other embassy social media accounts also posted the statement.

The directive comes after months of ramped-up efforts to ideologically filter prospective international students. Earlier this year, Secretary of State Marco Rubio began canceling the visas of some college students who participated in anti-Israel protests—or, in one student’s case, simply wrote an op-ed. In one March press conference, he estimated that his office had canceled more than 300 visas.

“Every time I find one of these lunatics, I take away their visa.” Rubio said. “At some point, I hope we run out because we’ve gotten rid of all of them, but, we’re looking every day for these lunatics that are tearing things up.”

A domestic cable sent to embassy officials in May telegraphed this latest development, ordering officials to scour social media posts from prospective Harvard students, noting that the order “will also serve as a pilot for expanded screening and vetting of visa applicants” and “will be expanded over time.” Last week, additional policy updates directed embassy officials to review F, M, and J visas (which are common student visas) for “any indications of hostility toward the citizens, culture, government, institutions or founding principles of the United States.”

This latest move in the Trump administration’s mission to prevent students with disfavored views from studying in the U.S. is nothing less than outright viewpoint discrimination. While the U.S. has a national security interest in vetting visa applicants for affiliations with outright terrorist groups, merely opposing Israel’s actions in Gaza hardly approaches that line. And, as many free speech advocates have pointed out, this precedent can easily be utilized to punish many other viewpoints.

“There is nothing stopping this or another administration from using that authority tomorrow against critics of other countries, whether they’re protesting Russia’s invasion of Ukraine or China’s oppression of Uyghurs,” reads a recent statement from the Foundation for Individual Rights and Expression (FIRE), a First Amendment group. “That’s wrong. Requiring foreign students and faculty to self-censor their views about American foreign policy in order to stay in the country violates American principles of free speech and the First Amendment.”

Keep reading

Austria Approves Spyware Law to Infiltrate Encrypted Messaging Platforms

Austria is moving forward with legislation that would authorize law enforcement to infiltrate encrypted communications, marking a pivotal shift in the country’s surveillance powers and stirring a fierce debate over digital privacy.

The federal cabinet’s approval of the plan comes after months of negotiations, with proponents citing national security needs and opponents warning of expansive overreach.

The proposed law targets messaging platforms widely used for private communication, including WhatsApp, Signal, and Telegram.

It introduces the use of spyware, formally known as source TKÜ, which would allow authorities to bypass encryption and monitor conversations directly on suspects’ devices. The change represents a major escalation in surveillance capabilities for a country that has traditionally lagged behind its European counterparts in digital interception laws.

Backers of the measure, such as Social Democrat Jörg Leichtfried, who oversees the Directorate for State Security and Intelligence (DSN), framed the move as a preventative strategy. “The aim is to make people planning terrorist attacks in Austria feel less secure; and increase everyone else’s sense of security.”

Leichtfried called the cabinet’s approval an “important milestone.”

Austria’s domestic intelligence services have until now been dependent on international partners, including the UK and the US, to provide warnings of potential threats.

Keep reading