TL;DR:

  • Mountain View police turned off their Flock cameras after an audit found "unauthorized" access by federal agencies including ATF offices in Kentucky and Tennessee
  • French tech giant Capgemini is dumping its US subsidiary after its $365 million ICE skip-tracing contract was exposed: physical surveillance of 50,000 immigrants per month
  • DHS maintains a 1.2 billion face image database accessed via the Mobile Fortify app, used over 100,000 times since June 2025
  • DOGE's Social Security scandal keeps growing: data shared on unapproved servers, sent to advocacy groups seeking to "overturn elections," two Hatch Act referrals made
  • Baton Rouge PD has a military-grade surveillance drone: 16-foot wingspan, 100-mile range, first local police department in the country with this capability

Mountain View Pulls the Plug on Flock Cameras

Mountain View's police chief announced Monday that the city's license plate reader cameras are off. Not paused. Off. The decision came after an audit exposed what Flock Safety apparently forgot to mention: federal agencies had been accessing the data.

Who was looking? ATF offices in Kentucky and Tennessee. The GSA Inspector General. Air Force bases in Virginia and Ohio. Lake Mead National Recreation Area. None of these had any business accessing Mountain View's local surveillance data.

The city says Flock's system was accessed through a "nationwide lookup feature" that let law enforcement agencies search a massive database compiled from local police department data across the country. Mountain View signed up for local crime prevention. They got federal surveillance infrastructure.

Santa Clara County is now questioning its own Flock contracts. Santa Cruz and Los Altos Hills already cut ties. This follows a pattern: Austin, Eugene, Flagstaff, and Cambridge have all dropped Flock in the past year.

Flock's response? "We don't have a contract with ICE." That's technically true. They don't need one when they've built a system that lets any connected agency query any other agency's data.

Sources: Local News Matters, The Record, Local News Matters - Santa Clara County

Capgemini Flees ICE Contract After Global Backlash

French tech giant Capgemini announced February 1 that it's selling off its American subsidiary, Capgemini Government Solutions. The reason? A $365 million ICE contract for "skip-tracing": hunting down undocumented immigrants through physical, in-person surveillance.

The contract, signed December 18, 2025, tasked CGS with tracking 50,000 immigrants per month using "all technology systems available" and confirming locations through physical surveillance. Skip-tracing is debt collector methodology applied to human beings.

The French government pressured Capgemini after the Washington Post exposed the program on January 30. European protests followed. The company's press release tried to spin it as a compliance issue: "customary legal restrictions" prevented "appropriate control."

Translation: They couldn't manage the optics of a French company helping ICE hunt people.

CGS accounts for 0.4% of Capgemini's revenue. ICE work is 65% of CGS's revenue. Capgemini gets to wash its hands; ICE keeps its contractor. The Jim Pattison Group, a Canadian conglomerate, is reportedly in talks to acquire CGS.

This is a win for pressure campaigns. A European tech giant just walked away from ICE money because the reputational cost was too high. But the surveillance program continues under new management.

Sources: Washington Post, Gizmodo, France 24

DHS Has 1.2 Billion Face Images. They Used It 100,000 Times.

Bloomberg dropped a number on February 2: the Department of Homeland Security maintains biometric databases containing over 1.2 billion face images. Not 200 million. 1.2 billion.

ICE and other DHS units access this through Mobile Fortify, the app we've covered before. Since June 2025, the app has been used more than 100,000 times in the field.

The system is powered by NEC under a $23.9 million contract. NEC's facial recognition technology has a documented history of misidentification: the same woman was identified as two different people during a single ICE encounter, according to court documents.

Photos collected through Mobile Fortify are stored for 15 years. That includes images of U.S. citizens. Even when no match is found. Even when someone is cleared.

The lawsuit brought by Illinois and Chicago alleges that DHS built this into a tool for mass surveillance under the guise of immigration enforcement. The database draws from passport photos, visa applications, border crossings, and driver's license databases from states that share with the feds.

If you've crossed a U.S. border, applied for a passport, or gotten a driver's license in a cooperating state, you're probably in there.

Sources: Bloomberg, Biometric Update, Democracy Now

DOGE Scandal Update: Data Went to Election Overturn Group

The DOGE Social Security scandal gets worse every time the DOJ files a court document. The latest admission: a DOGE staffer signed an agreement to share Social Security data with an advocacy group whose stated goal was "to find evidence of voter fraud and to overturn election results in certain states."

We covered the initial disclosure on January 24. Since then:

  • The DOJ confirmed data was stored on Cloudflare servers, not approved for federal data
  • A file containing approximately 1,000 names and addresses was sent to Steve Davis, a top DOGE adviser
  • Two DOGE employees at SSA have been referred for Hatch Act violations
  • SSA still can't determine what data was shared or if copies exist on third-party servers

The "fraud" DOGE claimed to find? After claiming "thousands" of noncitizen voters, the actual referrals totaled 57 cases that "may or may not have voted." The SAVE verification system has been flagging U.S. citizens as noncitizens since it launched.

Meanwhile, DOGE's anti-fraud checks have slowed retirement claim processing by 25%. Your grandmother waits longer for benefits so Elon Musk's team can hunt for voter fraud that doesn't exist.

Sources: NPR, Sen. Warren, PBS NewsHour

Baton Rouge Gets a Military-Grade Surveillance Drone

The Baton Rouge Police Department is now the first local police department in the country to operate the Edge Autonomy Stalker VXE30. The same drone platform the U.S. Army uses for long-range reconnaissance in war zones.

The specs: 16-foot wingspan. 58 mph top speed. 100-mile communications range (currently limited to 30 miles by FAA). Four-hour flight time. Thermal camera. Vertical takeoff and landing.

Cost: roughly $1 million for the drone, batteries, equipment, and training.

BRPD says it's for search and rescue, active shooters, and "major events." They explicitly state the drone won't carry weapons. But the EFF points out the obvious: this is "a dangerous escalation in the militarization of local law enforcement."

The department pivoted to drones after a 2023 helicopter crash. They now have 31 drones total. This one can see for dozens of miles.

Police Chief TJ Morse notes the Secret Service already has this model. The question is whether your local police department needs battlefield reconnaissance capabilities.

Sources: EFF, WBRZ, DroneXL

Data Breach Roundup

Under Armour (72 million customers): The Everest ransomware gang leaked customer data including emails, names, dates of birth, and purchase history. The data is now on Have I Been Pwned. Multiple class action lawsuits filed. Under Armour still claims implications of compromise are "unfounded."

Nike (1.4TB): WorldLeaks extortion group claims a massive leak of internal documents including supply chain and manufacturing data. Samples released.

AT&T data resurfaces: That 2024 breach? The data is back, now with 176 million records including 148 million decrypted Social Security numbers. Data brokers are merging and enriching stolen datasets, making old breaches more dangerous over time.

eScan antivirus supply chain attack: Malicious updates pushed through legitimate channels. If you use eScan, check your system immediately.

Sources: Malwarebytes - Under Armour, Malwarebytes - AT&T, Check Point

States and Cities Fighting Back

Not everything is doom. A pattern is forming: local governments are starting to push back against surveillance technology.

  • Arkansas, Idaho, Montana: New laws enacted in 2025 restrict license plate reader data sharing
  • Florence, Oregon: City council voted 3-2 to keep Flock cameras, but the debate forced public discussion of surveillance trade-offs
  • Santa Cruz, Los Altos Hills: Already cut Flock contracts
  • Mountain View: Cameras off pending council review
  • Kentucky, Indiana, Rhode Island: New comprehensive privacy laws took effect January 1, bringing total to 20 states
  • California: CPPA fined data broker Datamasters $45,000 for selling health information without registration

The Flock rebellion is worth watching. When Silicon Valley cities (Flock's backyard) start questioning the technology, something is shifting.

Sources: Stateline, San Antonio News, IAPP

What to Watch

  • FISA Section 702: 61 days until the warrantless surveillance authority sunsets (April 5). Reauthorization fight coming.
  • UK facial recognition consultation: Ends February 12. £26 million expansion planned using Corsight AI tech linked to Gaza deployment.
  • California El Cajon ALPR hearing: February 13. Court case could set precedent on ALPR data retention.
  • Google Dark Web Report shutdown: February 16. Find alternatives now.
  • TSA facial recognition expansion: 65 airports by spring, up from 15. World Cup cited as justification.

What You Can Do Today

  • Check if you're in the Under Armour breach: Have I Been Pwned has the dataset
  • Contact your city council: Ask if your city uses Flock Safety cameras and whether there's federal access
  • Freeze your credit: If you're in any recent breaches, freeze at Equifax, Experian, and TransUnion
  • Monitor your SSA account: Create a my Social Security account at ssa.gov if you haven't already
  • Opt out of TSA facial recognition: You can request standard ID verification at any airport