National

Login

Axios Login

The likely demise of Roe v. Wade is putting a new spotlight on privacy rights and personal data. But even as some big tech companies are beginning to try to limit how much data their existing products collect, the industry keeps rolling out new waves of devices and services that scoop up even more personal info.

Why it matters: Any trove of data will sooner or later end up at the other end of a request, or order, to be shared with law enforcement. The newest generation of gear, including autonomous vehicles and always-on cameras, could provide the state with a persistent and omnipresent method of surveillance.

The big picture: "Data minimization" is an ethical guideline, encoded in the EU's GDPR privacy framework and other regulations, urging organizations to collect only the data they actually need and to keep it only as long as they need it.

Google has taken a number of steps in this direction, including processing more data on devices rather than in the cloud and allowing users to set information to be deleted automatically.

Apple has made data privacy a core principle, encrypting messaging data and limiting access to some other types of data so that only the user with the device can access it.

Be smart: Broader shifts in computing threaten to overshadow those efforts with new classes of products that depend on massive collection of data. 

One big trend is building devices around sensors and cameras that are always recording, such as doorbell cameras and autonomous vehicles.

The machine learning algorithms that underlie everything from search engines to speech recognition only work when trained on mountains of data, creating another incentive for companies to build info stockpiles.

"Not only will more data be collected but exponentially more," says Evan Greer, deputy director of Fight for the Future. "It's inevitable that mountain of additional data being collected will be abused."

Driving the news: This week, Vice reported details of the San Francisco Police Department seeking footage from GM-owned Cruise, one of several autonomous car companies whose vehicles are constantly riding around the streets of the city. 

The SFPD acknowledged to Axios that it makes requests for footage to investigate specific crimes, but denied it wants to use them for ongoing surveillance.

Civil rights groups say the stakes of collecting such data have also increased, especially in the U.S. 

"Those data sources have long been vulnerable to government demands," says Matt Cagle, a staff attorney at the ACLU of Northern California, However, the rise of AI is "pouring fuel" on the fire, Cagle said, "particularly in this moment when states are criminalizing abortion and gender affirming care."

"In a world where the Supreme Court might overturn Roe v. Wade, that dystopian hypothetical is no longer hypothetical," Cagle told Axios.

Of note: Vast amounts of data are also available for purchase online, allowing law enforcement agencies to acquire information they may not be able to get through a court order.

Between the lines: While customers have some say over how their own data is stored on their devices, in many cases these newer technologies are sweeping up tons of data about bystanders and third parties.

With a doorbell camera, it's the home owner or renter who buys the device, but the video can capture everyone who passes by. 

Autonomous vehicles owned by large tech companies like Cruise and Waymo are capturing footage of anyone in their path.

Yes, but: Data stockpiles sometimes serve a public good, especially in documenting human rights abuses. 

One example: four Congressional Democrats Thursday called on Facebook and TikTok to preserve evidence of potential war crimes in Ukraine.

Flashback: Makers of the Flip camera, a portable video device that was popular before smartphones could capture large amounts of video, promoted the idea that more people recording more of their lives would make the world safer. This 2009 video explains it pretty well.

"Less is more" comes to big data

Big Tech is starting to limit the volume of data it grabs — but the industry keeps shipping new products that gobble up more info.

Data

Column / Signal Boost

Big Tech

Surveillance

From the Valley to D.C., Big Tech players like Facebook, Google and Amazon are under more scrutiny than ever as new technology develops and privacy and antitrust concerns grow in lockstep with companies’ ambitions.

Technology

Facebook has turned off augmented reality effects, including filters and avatars, for users in Texas and Illinois, citing state facial recognition laws.

The big picture: The move comes a day after Clearview AI settled with the ACLU and other groups in a lawsuit brought under Illinois' uniquely strong facial recognition law.

Facebook-parent Meta says it doesn't believe its AR technology counts as facial recognition under Illinois or Texas law, and notes it turned off its facial recognition technology last year.

Details: Meta says that users in those states will see a “temporarily unavailable” message when accessing such features across Facebook, Messenger, Instagram and Portal.

Meta said it plans to create a new, opt-in system, explaining how its effects work and then will resume offering the features in Texas and Illinois.

Between the lines: Meta maintains it doesn't believe the technology runs afoul of those states' facial recognition laws, according to a Meta spokesperson, but cites an increasingly litigious environment.

What they're saying: 'The technology we use to power augmented reality effects like masks, avatars, and filters is not facial recognition or any technology covered by the Texas and Illinois laws, and is not used to identify anyone,' the spokesperson said in a statement to Axios. 

"Nevertheless, we are taking this step to prevent meritless and distracting litigation under laws in these two states based on a mischaracterization of how our features work."

Meta to disable AR filters in Texas, Illinois

The company said it believes the tech is legal, but is nonetheless wary of lawsuits.

Illustration of a collage of a face being zoomed focused on with artificial intelligence framing

Facebook

Data privacy

Governments around the world have made even more extensive use of commercial spyware from Israel's NSO Group than previously known, according to new reporting in the New Yorker by Ronan Farrow.

Why it matters: Governments are simultaneously employing NSO's Pegasus software while grappling with the impact that it and similar tools can have when used against their interests. 

The report says that "there is evidence that Pegasus is being used in at least 45 countries."

Pegasus and similar tools are being used by U.S. law enforcement agencies as well as those in Europe.

“The big, dirty secret is that governments are buying this stuff — not just authoritarian governments but all types of governments,” Microsoft executive Cristin Flynn Goodwin tells Farrow.

Catch up quick: Pegasus, NSO's flagship product, is used by governments to gain access to the contents of cell phones by exploiting flaws in the devices' operating systems and software.

Between the lines: One former Israeli intelligence official says that NSO prizes Western European customers because they lend more legitimacy to the company's products.

"Most of their business is subsidized by the Saudi Arabias of the world,” the official says.

The big picture: NSO Group, for all its success in infiltrating phones, faces a number of legal and financial hurdles.

Apple and Facebook are both suing NSO over its technology, while a number of spying targets have filed suit in courts around the world.

The company is also under financial pressure following a leveraged buyout that has left the company with significant debt.

The other side: NSO Group notes in the piece that it is trying to navigate through a murky area of international law. 

NSO's CEO, Shalev Hulio, also apologized for instances where the technology has been misused. "It’s hard for me to live with that and I obviously feel sorry for that.”

The company says it has also turned down more than 90 customers, foregoing hundreds of millions of dollars in revenue over ethical concerns.

Hulio also called for something that a growing number of large technology and government leaders also want — a kind of Geneva Convention to set bounds on cyberwarfare.

Report: Spyware used to target journalists, activists and world leaders

FBI confirms it tested NSO spyware for possible surveillance use in U.S.

Report: NSO Group's spyware is everywhere

Ronan Farrow's New Yorker piece traces the use of Pegasus around the globe.

A photo illustration of a smartphone in front of the NSO Group logo

Fresh on the heels of getting the IRS to end a controversial use of facial recognition, politicians and civil liberties groups are trying to get other government agencies to drop their use of the technology.

Why it matters: While a handful of cities have passed laws on government use of facial recognition, there are few limits on how the federal government can use such technology.

Senators Ed Markey and Jeff Merkley and Reps. Pramila Jayapal and Ayanna Pressley are sending letters Wednesday to the heads of the Department of Homeland Security, Department of Justice, Department of Health and Human Services. Department of Defense, and Department of Interior, urging the agencies to stop using Clearview AI’s facial recognition technology.

Fight for the Future has updated the DumpID.me effort to focus on other government agencies still using ID.me for online authentication, including the Social Security Administration and the Department of Veterans Affairs.

Meanwhile, ID.me is looking to move forward as well. The company said Tuesday that it will offer government agency customers the option to allow people to verify their identity without having to submit a selfie to its automated system. Also, starting March 1, it says those using its system will be able to delete their photo or selfie from the company's database.

The moves follow the IRS' decision to end use of ID.me's selfie-based identity verification system. The tax agency's reversal followed a backlash from regulators and civil liberties groups who raised concerns about facial recognition technology broadly, as well as specific issues related to ID.me.

Fight for the Future campaign director Caitlin Seeley George: "Veterans trying to access their benefits, elderly people trying to access Social Security Administration resources, and those applying for unemployment benefits in dozens of states are all facing the same problems and threats that caused the IRS to stop using ID.me. Many of these essential services are critical for marginalized groups, people who are already disproportionately targeted by surveillance and misidentified by facial recognition technologies."

ID.me CEO Blake Hall: "We have listened to the feedback about facial recognition and are making this important change, adding an option for users to verify directly with a human agent to ensure consumers have even more choice and control over their personal data."

Sens. Markey and Merkley and Reps. Pressley and Jayapal: "Facial recognition technology like Clearview’s poses unique threats to marginalized communities in ways that extend beyond the tools’ inaccuracy issues. Communities of color are systematically subjected to over-policing, and the proliferation of biometric surveillance tools is, therefore, likely to disproportionately infringe upon the privacy of individuals in Black, Brown, and immigrant communities."

Battle over government use of face recognition rages on

Advocates want the DoJ and other agencies to stop using the controversial technology.

An illustration of facial recognition software in action

Facial recognition system

The FBI tested Israeli technology firm NSO Group's Pegasus spyware for possible use in criminal investigations, the agency confirmed to Axios Wednesday.

Why it matters: The FBI and DOJ were at the time probing Pegasus to assess whether it was used to illegally hack into phones in the U.S., per Reuters. The software has come under fire for its role in hacking smartphones belonging to human rights activists, political dissidents and reporters around the world, per investigations by the international journalism consortium Forbidden Stories.

What they're saying: An FBI spokesperson said in a statement that the spyware was used for "product testing and evaluation only."

"[W]e routinely identify, evaluate, and test technical solutions and problems for a variety of reasons, including possible operational and security concerns they might pose in the wrong hands," they said. 

"There was no operational use in support of any investigation."

"Since our testing and evaluation is complete, and we chose not to proceed with use of the software, the license is no longer active," the spokesperson added. "Accordingly, the software is no longer functional."

How it happened: NSO has said that Pegasus cannot hack U.S. phones, but the New York Times first reported last week that NSO computer engineers helped test a version of the software for FBI officials in June 2019.

The new tool, called Phantom, could give the FBI access to data on any number in the U.S. and was designed for use by U.S. law enforcement, per documents obtained by Motherboard.

Discussion of legal implications went back and forth for years, during which the FBI renewed its contract for the system and amassed roughly $5 million in NSO fees, according to the Times.

The FBI decided not to move forward with the software last summer, around the same time Forbidden Stories released its reports on Pegasus' impact, the Times said.

The big picture: In November, the Commerce Department added NSO to its black list of companies engaging in activities contrary to the U.S.'s national security or foreign policy interests.

Apple and Facebook have filed lawsuits against NSO over the firm's alleged surveillance of their users.

An FBI spokesperson emphasized that the controversial software was used for "product testing and evaluation only."

Photo of NSO Group's logo and name printed in black on an orange wall

Israeli cyber company NSO Group's branch in the Arava Desert in Sapir, Israel. Photo: Amir Levy via Getty Images

Federal Bureau of Investigation (FBI)

President Biden has made the COVID-19 crisis and a post-Trump return to national unity and traditional democratic ideals his top priorities. From vaccinations to stimulus to schools, Biden is seeking bipartisan compromise while showing a willingness to use executive authority and bare Democratic majorities in the U.S. House and Senate to implement his policies. Republican leaders are navigating deep party divisions over if and how to move beyond former President Trump.

Politics & Policy

The IRS' move to require some taxpayers to use facial recognition to identify themselves is reigniting a debate over how the government should use such technology.

Why it matters: Critics warn that, without sufficient guardrails, information collected by one agency for a seemingly benign purpose could easily be re-used in other ways.

Driving the news: The IRS will soon require taxpayers to provide a third-party company — ID.me — with a combination of documents and a video selfie to verify their identity before undertaking certain online interactions with the agency.

The move was announced in November, but attracted widespread attention last week after security expert Brian Krebs highlighted the change on his blog.

What they're saying: "This announcement signals one of the largest expansions of facial recognition technology in the U.S. and there is no question that it will harm peoples’ privacy," says Caitlin Seeley George, campaign director at Fight For the Future. 

ID.me's terms of service, she notes, give the company the right to share peoples’ data with police, government and “select partners.” 

Critics see red flags in the involvement of a private company in general, and also  raise questions regarding ID.me specifically.

"When ID.me was rolled out for state unemployment benefits we heard from many people who had issues with the system," Seeley George said. "Not only is it an issue that ID.me misidentifies people of color, gender-nonconforming people and women, but this system requires people to have a smart phone or a web camera in order to submit photos, which means economically disadvantaged and older people are going to have greater challenges getting through the system." (ID.me says its research found no disparity based on skin color.)

"This basically is putting a private company between people and the government services that they need," says Jay Stanley, a senior policy analyst with the ACLU, noting the equity issues involved in requiring people who may have limited technology access and knowledge to go online. "They are forced to use this company if they want to access services to which they are entitled."

The other side: ID.me defended its technology and practices. In an interview, CEO Blake Hall said the company is committed to making its service both equitable and available, including a new option for people to verify their identity in person at more than 650 locations in the U.S.

In 90 percent of cases, Hall said, people are able to get verified on their own, with about 10 percent needing to use the company's live video chat option.

Although he said there have been time periods where wait times were long, he said most of those were due to huge pandemic-related demand spikes (or outbreaks within his company's staff that temporarily limited its workforce), and said wait times have declined significantly.

Hall also drew a distinction between what his company does — matching a face to a known document — versus trying to pick a face out of a crowd or classify an image using face recognition. 

Between the lines: An understaffed IRS is facing an especially tough battle to process all the country's tax returns a timely manner while trying to limit fraud. 

Tax evasion and underpayment remain problems, but recent years have seen a surge in fraud schemes aimed at claiming somebody else's refunds by filing false returns. 

Beefing up authentication measures is designed, in part, to help fight that scam.

The big picture: The U.S. government has been increasing its use of facial recognition technology overall, with a recent GAO report indicating at least 10 federal agencies plan to expand adoption of face recognition.

Some cities, such as Portland, Minneapolis, San Francisco and Boston, have passed laws limiting use of the technology, but there has been little action on the federal level to set guidelines.

ID.me's Hall said he supports legislation that would specify how government agencies can make use of facial recognition technology. "There are things around tracking and surveillance that absolutely need to be regulated," Hall told Axios.

Be smart: Verifying one's identity using ID.me is not required of everyone who needs to file taxes.

It's for those looking to check their account online or get a transcript online. 

"There have been some wildly inaccurate statements regarding the use of selfies relating to paying and filing taxes," the IRS said in a statement. "The IRS emphasizes taxpayers can pay or file their taxes without submitting a selfie or other information to a third-party identity verification company."

Yes, but: The IRS' use of the technology could expand.

Your Online Account

Get Transcript

IRS face recognition program raises hackles

An anti-fraud campaign could also open the door to wider federal use of problematic face-recognition tech.

Public opinion on technology and privacy

Data: Axios/Illinois Tech/YouGov; Chart: Kavya Beheraj/Axios 

Big majorities of Americans think tech companies are too big and too nosy and want government to rein them in, an exclusive poll by Axios and the Illinois Institute of Technology finds.

Why it matters: As technology's role in American life increases, people on both sides of today's political divide have grown wary of its influence.

The big picture: A majority of the 1500 survey respondents expressed concern about the use of artificial intelligence, the reach of algorithms, the state of their online privacy, the size of tech firms and dependence on smartphones.

Artificial intelligence: More than 70% of those polled distrust the use of AI for self-driving buses and airplane autopilot systems (early autopilot systems in airplanes have existed since 1912).

Sixty-nine percent said they would limit the use of AI for hiring decisions. Nearly 60% distrust AI for processing loan applications and setting mortgage rates. 

Both liberals and conservatives overwhelmingly agree that there should be public or government oversight of the use of algorithms (71%).

Antitrust and consolidation of power: Three-quarters of those polled said tech companies are too big (80% of liberals and 83% of conservatives). 

A smaller 53% of respondents said the government should be responsible for ensuring competition and more choices in online services.

Privacy: Most poll respondents (78%) said they feel they are targeted in online ads based on their web activity. And 50% said they think they're targeted for online ads based on their offline conversations.

Eighty-one percent think the government should be doing more to protect online privacy.

Smartphone dependence: More than half of those polled (56%) believe they are somewhat dependent on their smartphones. A smaller percentage (31%) say they feel anxiety or withdrawal without their devices.

Meanwhile, 46% of respondents say their friends feel anxious without their smartphones.

What they're saying: "We’re in a situation in which we already depend so deeply on technology for all of these aspects of our day-to-day lives, but at the same time, we have a deep distrust of this same tech," said Christine Himes, dean of Lewis College of Science and Letters at Illinois Tech.

"[The results] may be indicative of increasing distrust for all institutions, whether they are secular, religious, governmental, private or public," said George M. Langlois, executive director of the Center for Research and Service at Illinois Tech. "It does seem the public wants more control and is open to support changes that reflect that.”

What we're watching: Government agencies such as the Consumer Financial Protection Bureau and the Federal Trade Commission want to make rules for online advertising, the use of algorithms and AI and the size of tech companies.

But to achieve those goals they'll likely need a sluggish Congress to grant them new powers.

Methodology: The survey was conducted by YouGov from July 25 to Aug. 5. 1898 respondents were interviewed, and the final sample of 1,500 responses were matched across several demographic categories and weighted to form a representative sample of the U.S. population. The overall margin of error is +/- 3.63. 

Exclusive poll: Americans want government action on tech

Big majorities think Big Tech is too big and want the government to rein in the industry.

Numbers of people who are increasingly concerned about tech

Automation and AI

Ring, the Amazon-owned doorbell and security camera device, now works with 2,000 police departments across the country. But the footage downloaded by those agencies is less than one might expect, according to a new audit from New York University's Policing Project.

Why it matters: The company has come under fire for a number of practices including its privacy policies, economic relationships with police agencies and its role in helping create and grow the surveillance state.

Details: Ring first approached the Policing Project to conduct the audit in 2020, focusing on the racial justice, civil rights and civil liberties implications.

The Policing Project's 43-page report says the police agencies working with Ring downloaded less than 100 hours of videos shared by camera owners so far this year. This comes out to fewer than 8,000 video clips downloaded, the project says.

The report also breaks down the types of crimes for which law enforcement agencies requested video footage. More than half were for some type of robbery and 16 percent for a shooting or homicide.

Between the lines: Ring has made a number of changes during and in the wake of the audit. Among the most notable are:

Temporarily halting recruitment of additional police agencies to bring on other agencies that can provide non-policing services, such as homeless outreach.

Requiring police agencies to specify a specific offense under investigation when seeking video.

Limiting its own collaborations with law enforcement by no longer donating devices or participating in police sting operations. Ring also says it won't work with federal law enforcement agencies.

The big picture: The report focuses on Ring, but also talks extensively about how governments need to address government use of private surveillance technologies.

"If a policing agency sought to create a network of cameras... it would be the subject of much political debate," the report notes. "But when police crowdsource from private devices, they can achieve surveillance with no cost, no public debate, and no public approval."

Yes, but: Farhang Heydari, executive director of the Policing Project, notes that there are far more companies with cameras without clear policies regarding sharing data with law enforcement.

"I’m not saying they do everything perfect," Heydari said. "But at least we know what they do."

Policing Project audit of Ring doorbells prompts changes

The Amazon-owned company is narrowing the scope of its cooperation with police.

Photo illustration of a Ring doorbell camera

Amazon

The Biden administration on Thursday announced a global initiative aimed to prevent authoritarian governments from using technology for surveillance and human rights abuses, the Wall Street Journal reports.   

Why it matters: Many authoritarian governments rely on imported technology to implement state surveillance networks. 

The Chinese government has used U.S. technology to surveil its citizens, modernize its military and target Uyghurs in Xinjiang.

Details: The U.S. and allies will create a code of conduct for export licensing and share information on sensitive technologies that are being weaponized against political dissidents, human rights activists, journalists and government officials, per WSJ.

Export licensing policies authorize specific transactions and control which technologies are shipped out of the U.S., according to the International Trade Administration.

The new initiative will be announced at the inaugural Summit for Democracy, a virtual gathering that will convene over 100 democratic governments on Dec. 9 and Dec. 10 to tackle the threat of authoritarianism.

China and Russia are not invited and slammed the gathering as something that will "stoke up ideological confrontation and a rift in the world," the two nations' ambassadors to the U.S. wrote in a November statement.

Worth noting: President Biden has already banned Americans from investing in companies linked to China's military and its surveillance activities.

U.S. to lead global initiative to limit surveillance by authoritarian regimes

The use of U.S. technology for state surveillance by authoritarian governments is on the rise.

Photo of Joe Biden speaking from a podium

President Biden speaks while visiting the National Institutes of Health in Bethesda, Maryland on Dec. 2. Photo: Oliver Contreras/Sipa/Bloomberg via Getty Images

Exports

China

Russia

China is becoming the most formidable rival America has faced, and the risk of confrontation with Russia, North Korea or Iran still looms. Authoritarians are rising, the chaotic Afghanistan exit revealed the limits of U.S. power, and the pandemic, climate change and other critical challenges continue to pose grave threats.

World

The Federal Communications Commission voted Tuesday to revoke authorization for China Telecom's U.S. subsidiary to operate in America, citing national security concerns.

Why it matters: The state-owned China Telecom is one of the largest telecommunications companies based in China. It has provided services in the U.S. for nearly 20 years but must now cease operations within 60 days. 

What they're saying: The subsidiary China Telecom Americas "is subject to exploitation, influence, and control by the Chinese government and is highly likely to be forced to comply with Chinese government requests without sufficient legal procedures subject to independent judicial oversight," the FCC said in a release.

The Chinese government could use the subsidiary to "access, store, disrupt, and/or misroute U.S. communications, which in turn allow them to engage in espionage and other harmful activities."

China Telecom Americas' conduct with the FCC and other U.S. government agencies also demonstrated "a lack of candor, trustworthiness, and reliability," the commission added.

The FCC requested information from the company last year, but it said China Telecom Americas failed to rebut "serious concerns" raised by the executive branch about its presence in the U.S.

China Telecom Americas did not immediately respond to a request for comment.

Worth noting: The move could set a playbook for the FCC to revoke authorization for other companies with ties to China's government, Politico reports.

Go deeper: FCC member targets Chinese drone giant

FCC votes to halt China Telecom operations in U.S.

The company's U.S. subsidiary is "subject to exploitation, influence, and control by the Chinese government," the FCC said.

Photo of a large blue and red seal that says "Federal Communications Commission"

A meeting room in the Federal Communications Commission headquarters. Photo: Andrew Harrer/Bloomberg via Getty Images

After a record economic expansion, the coronavirus pandemic sent the U.S. economy into a recession as unemployment soared to staggering heights. The country now faces urgent questions about how much stimulus is needed for reeling consumers and businesses, and what a recovery might look like.

Economy & Business

Axios China

China's internet regulator has released a new set of draft rules that, if implemented, would impose stricter censorship of comments posted to social media platforms, MIT Technology Review reports.

Why it matters: Tighter restrictions could close off what few spaces remain for Chinese people to speak their minds online. 

Comments and videos posted to social media platforms have become one of the only ways Chinese people living through COVID lockdowns can communicate their desperation for food and medical care with each other and the outside world.

The big picture: The Chinese government has already created one of the toughest internet censorship regimes in the world, enforced in large part by content reviewers employed by social media companies to police posts.

New draft rules portend more internet censorship in China

If implemented, the rules would impose stricter censorship of comments posted to social media platforms in China.

All Surveillance stories