TL;DR:

  • SAFE Act officially filed: 53 days until Section 702 expires. Senators Durbin and Lee introduced S.3394 on February 24. Warrant requirement before reading Americans’ collected communications. Ten co-sponsors from both parties. Same reform that lost by one vote in 2024.
  • Discord dumps Peter Thiel’s Persona after surveillance discovery. Researchers found Persona code on a US government server. The age verification company was running watchlist checks, facial recognition against databases, and screening for "politically exposed persons." Discord ended the partnership within a month.
  • Americans are smashing Flock cameras. From Oregon to Virginia, people are destroying license plate readers after reports that ICE accesses the data. A Virginia man was charged with destroying 13 cameras. In California, cameras were smashed weeks after a city council vote to keep them.
  • CarGurus breach confirmed at 12.5 million. ShinyHunters published 6.1GB of stolen data after a failed extortion attempt. Names, addresses, finance application data, and 12 million email addresses exposed.
  • Mississippi’s largest hospital system: Day 6 of ransomware. All 35 UMMC clinics remain closed. Staff using paper charts. FBI and DHS investigating.

SAFE Act Officially Filed: 53 Days to Reform or Expire

The clock is ticking. Section 702 of FISA (the warrantless surveillance authority that lets the NSA sweep up Americans’ communications) expires on April 20. On February 24, Senators Dick Durbin (D-IL) and Mike Lee (R-UT) formally introduced the Security and Freedom Enhancement (SAFE) Act as S.3394.

The core provision: intelligence agencies must get a FISA court order or warrant before reading the contents of Americans’ communications collected under 702. Not before running the query. Before reading what it returns.

The Center for Democracy & Technology endorsed the bill, as did civil liberties groups across the political spectrum. Co-sponsors include Senators Hirono, Daines, Wyden, Lummis, Baldwin, Heinrich, Warren, Markey, Sanders, and Tester.

This same warrant requirement lost 212-212 in the House in April 2024. Speaker Mike Johnson cast the tie-breaking vote against it. With 53 days left, the fight is back, and this time ICE’s use of surveillance data for deportation raids is driving the debate.

The Senate Judiciary Committee is expected to mark up the bill within weeks. The administration remains publicly silent on whether it even wants Section 702 renewed.

Sources: Sen. Lee Press Release, CDT Endorsement, Nextgov

Our coverage: What the SAFE Act Would Actually Change | FISA 702 Countdown: 53 Days

Discord Dumps Persona After Surveillance Code Found on Government Server

Peter Thiel’s Founders Fund led two investment rounds in Persona, an identity verification company used by OpenAI, Roblox, and Lime. Discord just ditched them after researchers found something disturbing.

Nearly 2,500 accessible files were sitting on a US government-authorized endpoint. The files revealed Persona runs 269 distinct verification checks, including facial recognition against government watchlists, screening for "politically exposed persons," and scans against 14 categories including terrorism and espionage.

Discord and Persona confirmed to Fortune their partnership lasted less than a month before being terminated. Both companies said only a small number of users were part of the test, with data deleted within seven days.

Persona’s CEO insists: "We have no relationship whatsoever with ICE, Palantir." But when your investor is the Palantir co-founder who built the government’s surveillance infrastructure, people are going to ask questions.

The Open Rights Group had flagged concerns earlier this month. Roblox, Reddit, and Discord users were being compelled to submit biometric data to a system backed by Peter Thiel. Now we know that system was screening against government watchlists.

Sources: Fortune, Open Rights Group, TechStartups

Related: Persona’s Government Reporting Connections

Americans Are Destroying Flock Surveillance Cameras

Flock Safety is a $7.5 billion surveillance startup. Their license plate readers track where people go, when, and how often. Reports that ICE accesses Flock data through local police have triggered a backlash: people across the country are physically destroying the cameras.

In Oregon, six cameras on poles were cut down. At least one was spray-painted. In Virginia, a 41-year-old man was charged with destroying 13 Flock cameras between April and October, using vice grips to disassemble the poles and keeping the batteries and solar panels.

In La Mesa, California, cameras were found smashed just weeks after the city council voted to keep them, despite a clear majority of public commenters opposing them.

The pattern stretches from Connecticut to Illinois to California. Flock claims it doesn’t share data with ICE directly. But local police have shared their own Flock access with federal authorities. When your surveillance network is 20 billion license plate scans and growing, that distinction is meaningless.

Dozens of cities have rejected Flock cameras outright. Some police departments have blocked federal authorities from accessing their feeds. The destruction is a more direct form of protest.

Sources: TechCrunch, Blood in the Machine, DNYUZ

Our coverage: Flock Camera Destruction Spreads | How Flock Built a 20 Billion-Scan Network

IRS-DHS Tax Data Sharing: Courts Split

The IRS shared confidential taxpayer data with DHS. Courts can’t agree whether that’s legal.

In April, Treasury Secretary Scott Bessent and DHS Secretary Kristi Noem signed a data-sharing agreement. ICE could submit names and addresses, and the IRS would cross-reference them against tax records. DHS requested data on 1.2 million individuals. The IRS provided information on 47,000.

This week, the DC Circuit Court of Appeals refused to block the sharing. Immigrant advocacy groups "failed to show they were likely to succeed" in their challenge, the court ruled. But a Massachusetts federal judge went the other direction, ordering the IRS and Social Security Administration to stop sharing taxpayer data with DHS and ICE.

Acting IRS Commissioner Melanie Krause resigned over the agreement. The data sharing was supposed to have a legal firewall protecting taxpayer confidentiality. That firewall appears to have collapsed.

The legal fight continues. For now, whether your tax data reaches immigration enforcement depends on which court has jurisdiction.

Sources: Washington Post, Washington Times, NY Immigration Coalition

Related: IRS-ICE Data Sharing Court Battle

CarGurus Breach: 12.5 Million Records Leaked

The ShinyHunters extortion group published a 6.1GB archive of CarGurus data on February 21 after the automotive marketplace refused to pay up.

The stolen data includes more than 12 million email addresses, names, physical addresses, phone numbers, IP addresses, finance pre-qualification application data, dealer account information, and auto finance application outcomes. The breach occurred on February 13.

How did ShinyHunters get in? Vishing: voice phishing. The group called employees and social-engineered their way past single-sign-on protections using Okta, Microsoft, and Google credentials. This is the same technique ShinyHunters used to hit Figure Technology, Panera Bread, and TransUnion in recent weeks.

The warning they left for CarGurus: "This is a final warning to reach out by 20 Feb 2026 before we leak along with several annoying (digital) problems that’ll come your way."

CarGurus didn’t reach out. Now their customers’ data is public.

Sources: TechCrunch, The Register, Have I Been Pwned

Related: CarGurus Breach Full Coverage | ShinyHunters’ SSO Campaign

Mississippi’s Largest Hospital: Day 6 of Ransomware

All 35 clinics operated by the University of Mississippi Medical Center remain closed. It’s been six days since the ransomware attack was detected on February 19.

The attack took down UMMC’s EPIC electronic medical record system, phone lines, and network infrastructure. Staff have reverted to paper documentation. Elective surgeries are canceled. Appointments are being rescheduled "where possible."

The main hospitals and emergency departments in Jackson, Grenada, Madison County, and Holmes County remain open on "downtime procedures": meaning staff are doing everything by hand.

UMMC confirmed the attackers communicated with hospital officials. The FBI and DHS are involved. No information yet on whether patient data was stolen or what ransomware group is responsible.

Healthcare ransomware attacks hit record levels in 2025. This is 2026’s first major hospital system shutdown, and Mississippi’s largest health system is in the crosshairs.

Sources: NPR, BleepingComputer, Infosecurity Magazine

Related: UMMC Ransomware: Full Coverage | Healthcare Ransomware Epidemic

Quick Hits

Netherlands Odido breach: Criminal investigation opens. The Dutch Public Prosecution Service launched a criminal probe into the cyberattack that exposed 6.2 million customers’ data: names, addresses, bank accounts, and passport numbers. Scammers are already targeting victims with fake compensation websites. [NL Times] [Full coverage]

Oklahoma privacy bill awaits governor. SB 546 passed the House 84-4. If Governor Kevin Stitt signs by Thursday, Oklahoma becomes the 21st state with a comprehensive privacy law. No private right of action. No universal opt-out signal recognition. But still better than nothing. [IAPP] [Our analysis]

DHS says there’s no "domestic terrorist database." In response to the federal lawsuit alleging ICE agents labeled Maine observers as domestic terrorists, DHS stated it does not maintain such a database. The plaintiffs say that’s beside the point. The threats and surveillance happened regardless. [Bangor Daily News]

Meta facial recognition glasses: FTC asked to investigate. EPIC sent letters to the FTC and state enforcers requesting an investigation into Meta’s planned "Name Tag" feature for Ray-Ban smart glasses: real-time facial recognition that identifies strangers. A judge already ordered Ray-Ban glasses removed from a courtroom over jury identification concerns. [Biometric Update]

What to Watch

  • SAFE Act markup: Senate Judiciary Committee expected to schedule the bill within weeks. Watch for administration testimony on whether they support 702 renewal at all.
  • March 5 Penlink deadline: Congress demanded a briefing on ICE’s warrantless phone tracking. Six days until the deadline.
  • Oklahoma governor’s signature: Stitt has until Thursday to sign or veto SB 546.
  • UMMC recovery: The longer clinics stay closed, the worse for patients who need care. Watch for data breach disclosure if patient records were exfiltrated.
  • Super Tuesday: March 4 primaries are the first major test of 2026 deepfake detection. Researchers tracking synthetic content spread.

Surveillance Law Countdown

FISA Section 702 expires in 53 days (April 20, 2026). The SAFE Act is now formally filed. The warrant requirement is on the table. Understand what’s at stake.

References

  1. Sen. Lee - SAFE Act Introduction
  2. Congress.gov - S.3394 SAFE Act
  3. Fortune - Discord Drops Persona
  4. TechCrunch - Flock Camera Destruction
  5. TechCrunch - CarGurus Breach
  6. NPR - UMMC Ransomware
  7. Washington Times - IRS-DHS Ruling