ICE out or citizens in?
U.S. citizens begin to feel the power of state biometric surveillance
Welcome, readers! It’s your weekly dose of digital surveillance despair, and I’m tech journalist Anna Baydakova. Just kidding – we can’t really afford despair, and this week, I even have some optimistic news for you!
Reasons for optimism? It’s getting so much worse that it just might start getting better… And by that, I mean American citizens are beginning to realise the biometric surveillance and control dragnet is being built for everyone – not just immigrants, not just criminals, everyone.
That is happening against the backdrop of increased brutality during recent deportation raids, so now, it’s no longer only human rights advocates and activists who are disturbed by what is going on in the U.S.
For one, tech workers have recently realised they aren’t comfortable contributing to the ICE surveillance machine. Their colleagues abroad have been so rattled they are even getting rid of their U.S. business working with ICE altogether.
A couple of other bright spots: another town in America is considering to exit Flock’s license-plate surveillance network; Google has settled a privacy violation lawsuit; there is a way to protect your phone from being hacked – even by the FBI.
And I don’t know about you, but in these dark times, I’ll take any reason to feel a bit more optimistic about what people can do when they take their privacy seriously – and not for granted.
With that in mind, let’s get into it!
Enjoy, share and support this newsletter if you find it helpful.
Biometrics briefing
U.S. Democratic lawmakers have introduced a bill that would ban immigration agencies from using facial recognition technology altogether. – Ars Technica
Australia’s administrative review tribunal allowed the local hardware chain Bunnings to use facial recognition technology in its stores but ruled that the retailer hadn’t properly notified shoppers. – The Guardian
Indian authorities have deactivated more than 25 million biometric ID numbers registered in the names of dead people. – India.com
Police in Northern Ireland are exploring the potential use of live facial recognition technology. – ID Tech Wire
Guyana’s Ministry of Education has announced rolling out a biometric attendance system for teachers in some schools. – ID Tech Wire
St. Kitts and Nevis will implement mandatory biometric checks for its citizenship-by-investment programs. – ID tech Wire
“Nice little database”
American citizens are beginning to get caught in the mass surveillance dragnet initially created for immigration enforcement. It starts with people who film Immigration and Customs Enforcement (ICE) raids.
In late January, journalist Ken Klippenstein wrote in his Substack that, according to his sources, the Department of Homeland Security is now gathering information about anyone filming ICE raids – “trying to identify them via social media, running their license plates if available, and running a criminal history check.”
“Cause we have a nice little database and now you’re considered a domestic terrorist. So have fun with that,” an ICE agent in Portland, Maine, told a woman who had been recording him.
One of the activists, called Nicole Cleland, had to find out what exactly that “fun” could mean. Cleland followed and filmed an ICE car in Minneapolis on Jan. 10, and when an ICE agent approached her he addressed her by her name, saying his body camera had its facial recognition function on and the system had identified her.
According to The New York Times, three days after that, Cleland received an email from the Department of Homeland Security saying her Global Entry and Transportation Security Administration (TSA) travel privileges had been revoked, with no explanation.
The DHS facial recognition database consists of two biometric databases: Homeland Advanced Recognition Technology, or HART, and Automated Biometric Identification System, or IDENT, Bloomberg reported. In September 2024, they together contained over 1.2 billion face images.
You might say: well, maybe don’t follow and annoy law enforcement agents. But if the definition of a “domestic terrorist” can be stretched to include everyone who causes a nuisance to law enforcement…. We have a much bigger problem here, folks.
In the meantime, Democratic lawmakers are trying to stop the uncontrolled expansion of biometric surveillance – without much success so far. This week, a group of senators introduced a bill that would make it unlawful for any immigration officer to use biometric surveillance systems or any information derived from them, Ars Technica reports. Last year, a group of Democratic lawmakers introduced another bill that would limit the use of ICE’s facial recognition app, Mobile Fortify, to ports of entry and ban the scanning of U.S. citizens.
More on ICE’s arsenal
I’ve been following the news of ICE’s digital surveillance toolbox here for a while, and this week, some additional information came in, thanks to Puck. According to the publication, last year, ICE signed a bunch of contracts with companies helping it gather and analyse data, such as:
$2.1 million contract with GovSmart, an IT contractor, for tools “blending multiple ICE data sources, cross-agency sharing, and linking existing reports for analyzing information”;
a $1.6 million contract with BlueTech for “automation and monitoring of user account management”;
contracts with credit data brokers TransUnion and Experian;
a $106 million contract with CACI NSS, another government IT contractor, for data analysis to support “ongoing criminal investigations;
contracts with Booz Allen Hamilton for data analytics support, with Thomson Reuters Special Services for license plate reader data, and the Child Rescue Coalition for a system sorting out public internet data.
Tech’s romance with ICE is cooling
But apparently, not everyone in the IT industry is happy about catering to DHS and ICE.
Earlier in January, dozens of tech workers signed an open letter asking their CEOs to “pick up the phone,” “call the White House and demand that ICE leave our cities,” “cancel all company contracts with ICE” and “speak out publicly against ICE’s violence.” The letter was published on a one-page website called ICEout.tech.
The outcry was provoked by the killings of U.S. citizens protesting against ICE in Minneapolis last month. “We’ve seen armed and masked thugs bring reckless violence, kidnapping, terror and cruelty with no end in sight,” the authors of the letter wrote, calling for the tech CEOs to use their influence and help change the situation:
“When Trump threatened to send the national guard to San Francisco in October, tech industry leaders called the White House. It worked: Trump backed down.”
Hard to say whether the bosses will listen – the alliance between the Trump administration and the Big Tech so far has seemed undisturbed. But this is still a meaningful development: tech companies are beginning to question their role in what seems like a construction of a new-generation surveillance state.
For example, employees of Palantir, which is building a data analysis platform for ICE called ImmigrationOS, have been worried by their involvement with the agency, according to the company’s internal Slack messages accessed by Wired.
“I’ve read stories of folks rounded up who were seeking asylum with no order to leave the country, no criminal record, and consistently check in with authorities. Literally no reason to be rounded up. Surely we aren’t helping do that?” one employee wrote.
Another one asked the leadership whether Palantir had anything to do with the “nice little database” targeting people who film ICE. A Palantir exec named Akash Jain responded he was “not tracking any database like this that were [sic] involved with/exists.”
Another problem came from the other side of the Atlantic: a French company Capgemini has gone through a full-blown crisis because of its earlier contract with ICE. Last week, the firm put its contract with ICE on hold, then on Sunday, announced it would sell the U.S. division that did business with ICE.
The company even called an extraordinary board meeting last weekend to discuss the issue, after facing questions from French lawmakers and public officials about its involvement with ICE, according to Agence France Press.
Capgemini had previously secured a contract to help ICE locate immigrants – part of the agency’s effort to outsource this work to private contractors, a practice critics say shifts responsibility and reduces transparency.
The Department of Defence, recently renamed as the Department of War, is also having troubles with its tech contractors. According to the Wall Street Journal, the AI startup Anthropic has been at odds with the department over the use of its AI product Claude.
Last summer, Anthropic secured a $200 million contract with the department, but the company’s terms and conditions prohibit using Claude for domestic surveillance. That limits how many law enforcement agencies could deploy the tool, according to WSJ sources.
Flock sees red light in California
Another American city hits a break on using automatic license plate readers by Flock. Police in Mountain View, California, have turned off 30 Flock cameras this week, The Record reports, citing a letter by the city police chief Mike Canfield.
The reason is the same one that has led to Flock contracts cancellations or freezes in other American cities: unlimited data sharing with other law enforcement agencies, including federal ones. Flock has previously run into trouble in Austin, Texas; Oak Park, Illinois; Eugene and Springfield, Oregon; Evanston, Indiana; Scarsdale, New York; and Gig Harbor, Washington, NBC News reported last fall.
“These cameras will remain inactive until our City Council provides further direction about the future of having Flock Safety ALPR cameras in our community,” Mountain View police chief wrote, adding that the council will discuss the matter on February 24.
Mountain View Police found out that Flock had allowed hundreds of California police departments to search the city’s data for 17 months, and federal agencies had access to one Mountain View camera from August through November 2024 – all without approval from the Mountain View police department. That was also illegal, as California law bars police departments from sharing such data with out-of-state agencies, especially for immigration purposes.
Here is what Canfield also said in his letter – a meaningful reflection on what it takes to maintain public safety, and what role technology should play in it:
“Community trust is more important than any individual tool. We know that the most vital asset in public safety is not technology; it is the relationship we have with you, the people we are here to serve and protect. I share your anger and frustration regarding how Flock Safety’s system enabled out-of-state agencies to search our license plate data, and I am sorry that such searches occurred. I know how essential transparency is for maintaining trust and for community policing.”
Meanwhile, if you’re looking for information on Flock cameras in your town or want to get in touch with activists, check these links: DeFlock, Eyes On Flock, alpr.watch.
Switzerland grapples with the boundaries of surveillance
A battle over internet privacy is currently underway in Switzerland, TechRadar writes. Last year, the government proposed amending its surveillance law, known as the Ordinance on the Surveillance of Post and Telecommunications Traffic.
The new amendment, introduced in March, would expand existing monitoring and data collection obligations to social media platforms, messaging apps, and VPN services, forcing them to collect and store metadata that can be used to identify users. At the moment, such requirements apply to telecom and internet providers.
The proposal was met with opposition from Swiss-based tech firms and put on pause in December, with the government announcing an independent impact assessment. However, the amendment is still looming over the Swiss internet, so this week, 19 human rights groups published an open letter calling on lawmakers to abandon the proposal.
The group, including Amnesty International Switzerland, European Digital Rights and other organizations, called the new proposal a “violation of the fundamental rights to privacy and data protection,” which severely undermines confidentiality of communications:
“The lack of a forum to enjoy secure, private and anonymous communications free from government scrutiny chills people’s exercise of freedom of speech, freedom of thought, and freedom of assembly and association. These fundamental rights are essential foundations of a pluralist, democratic society and vitally important for journalists, lawyers, human rights defenders and activists. The chilling effect generated by mass data retention and mandatory identification erodes democratic discourse and civic participation, in a time where they are direly needed.”
You can read the whole letter here.
The threat of the new rules have already driven one VPN provider, PrivadoVPN, out of Switzerland – it’s in the process of relocating to Iceland, according to TechRadar. Two other VPN services, NymVPN and Proton, also said they would consider leaving Switzerland if the new proposal goes through.
Google settles
Google has settled a lawsuit for its virtual assistant allegedly recording users’ conversations and agreed to pay $68 million, BBC reports. The class action lawsuit filed in a California federal court claimed that Google Assistant would sometimes get activated without users’ knowledge, record their conversations, and then Google would share the data with advertisers.
Tips and Tricks: Put that phone on a lockdown
If you care about being tracked by companies while browsing the internet, check out these recommendations by the Open Rights Group on how to enhance your privacy, both on your phone and desktop.
On a more advanced note, 404 Media has found out the Lockdown Mode for iPhones can prevent the FBI from breaking into a device – at least, it worked for Hannah Natanson, a Washington Post reporter whose house was raided by the FBI in January in connection to an investigation into classified information leaks.
According to the court files, the FBI forensic experts could not access information on Natanson’s phone because it had the Lockdown Mode enabled. The feature severely limits functionality of an iPhone but helps protect it from mercenary spyware, according to Apple.
***
And that’s all from me this week, guys.
Stay vigilant!
Anna