Daily Surveillance Briefing: June 29, 2026

Flock ALPRs Are Now Scanning Against the FBI's Immigration Violator File

EFF's Matthew Guariglia published a June 25 Deeplinks post titled "Are Your Local Police Using Flock Safety ALPRs to Scan for Immigrants?" documenting a specific, named integration between Flock Safety's automatic license-plate-reader network and the FBI's NCIC Immigration Violator file. When local agencies opt into the NCIC search hotlist, every plate their cameras read is compared against a federal immigration-target list. The municipal camera that a city council was told would catch stolen cars becomes, in operation, an ICE screening tool whether or not the local agency frames it that way ^[1][2].

The pipeline has been documented before: ICE has paid for access to commercial ALPR networks through Vigilant LEARN since 2018, and EFF's Atlas of Surveillance shows 80+ fusion centers with access to local plate data. What makes the Flock integration novel is the search itself. EFF argues the system lets an officer run a query that returns hits against a federal immigration list and act on the result, all under a local agency's banner and a vendor's UI. The first Texas school district that wired Flock cameras in 2025 logged 620 immigration-related plate searches in a single month, the kind of figure that makes the abstraction concrete ^[2].

The action angle from EFF is local. EFF published a guide for filing public-records requests against any agency running Flock, asking specifically whether the agency is opted into the NCIC Immigration Violator hotlist and how often those searches return hits. The records request is the lever readers have, because Flock's contracts at the local level are usually decided administratively, without the public hearing that would surface the federal-database linkage. Mounting Flock resistance at the city level is the direct response, and the existing pattern is the rebellion: Mountain View, Austin, and dozens of other cities have already pulled or disabled their cameras. Our ongoing Flock coverage tracks the integration and the cancel wave ^[22][23].

The Met Will Make Live Facial Recognition Permanent in the West End and Soho

The Register, citing the Metropolitan Police, reported on June 24 that the Met plans a permanent static live-facial-recognition deployment covering the West End and Soho by year-end. This is the conversion of the Croydon pilot into a permanent metropolitan installation. The model is to fix LFR cameras to lamp posts and other street furniture at fixed sites, scan every face that walks past against a police watchlist, and run the deployment year-round rather than as a series of named operations ^[3][4].

Critics called the announcement a step toward permanent biometric surveillance of one of the densest pedestrian zones in Europe. West End foot traffic is heavily entertainment and tourism, and a fixed LFR camera at a Soho junction collects faces every minute of every evening. Big Brother Watch and the UK Biometrics and Surveillance Camera Commissioner have warned for months that the UK has no dedicated legal framework for police facial recognition and that every deployment without one is a potential lawsuit. The Met's existing numbers, 2,500 arrests and 3 million faces scanned in twelve months, are self-reported and have not been independently audited at scale ^[5][24].

The structural read is the same one EFF and Big Brother Watch have made on the US side: a technology that catches some criminals also identifies everyone it sees, and the political choice is whether the permanent collection is the default or the exception that requires a warrant. London is choosing default. The legal posture has not caught up: the Bridges v. South Wales Police ruling from 2020 found the South Wales deployment unlawful, and the Met is operating under a patchwork of data-protection and common-law rules rather than a Facial Recognition Act. The Croydon coverage tracks the deployment that is now being scaled up ^[24][25].

KDDI Exposed Up to 14.2 Million Managed-Email Credentials

The Register reported June 24 that Japanese telco KDDI detected unauthorized access on June 17 to a managed email service used by five consumer ISPs. Up to 14.2 million email addresses and associated passwords were exposed. The breach is the credential-stuffing kind: a contact list, password reuse, and a login form are enough to convert one breach into account takeover on unrelated services ^[6][7].

For Japanese consumer users, the immediate risk is second-order. The exposed passwords are the keys to ISP-issued mail, and many of those addresses are also recovery addresses for banking, government, and retail services. Reused passwords on the email account can become account takeover anywhere the email is the recovery factor. The surveillance angle is the data-broker one: once 14.2 million customer records identify a person who uses ISP mail as their recovery layer, that address-list becomes an attack list, regardless of how the records are used ^[7].

Japan's telecommunications ministry has been pushing the carriers to harden managed-mail services after a string of incidents, and KDDI's disclosure puts the carrier back in the regulatory line of fire. The action for affected readers is the same one the project always recommends: stop reusing passwords across ISP mail and downstream services, and move the recovery factor off the ISP-issued address. Our breach coverage has the long-form treatment of credential-stuffing risk from prior incidents ^[26].

ASIO: A Nation-State Actor Compromised an Australian Critical-Infrastructure Provider

The Register reported June 25 that Australian Director General of Security Mike Burgess publicly named a sector, confirmed that the IT security credentials of the affected critical-infrastructure provider were stolen, and disclosed that ASIO disrupted a separate espionage operation targeting AUKUS. The pattern is the documented one: an adversary establishes a persistent foothold in critical infrastructure by compromising the staff who run it, then waits for the geopolitical moment to act ^[8][9].

The disclosure is unusual because governments are typically reluctant to name the sector that has been compromised, and Burgess did so. The signal to other operators in the same sector is the actual point of the disclosure. The credential-theft vector is the structural problem: critical-infrastructure IT staff hold privileged access, and their own personal security practices become the perimeter. The prior reporting on ASIO's Medibank and Optus hacks sits in the same posture, where the breach is the data once it leaves and the prevention work happens on the credential-staff perimeter before then ^[8].

The parallel to US cyber policy is the federal-cybersecurity regime moving from voluntary to mandatory on critical infrastructure in 2024 and 2025. The Australian government's willingness to name the compromised sector is the kind of transparency that US regulators have so far declined. The structural prediction is the same one ASIO's case law supports: the next incident will look like the previous one, because the credential-staff perimeter has not been re-engineered. Our ongoing coverage tracks the federal-cybersecurity gap and the credential-staff pattern ^[27].

EFF: The Federal KIDS Act Would Mandate Age Checks Across Online Services

EFF published a June 28 Deeplinks post titled "The KIDS Act Would Require Age Checks to Get Online," warning that the federal proposal would impose identity-collection requirements across a wide range of online services and would layer on top of the existing patchwork of state age-verification laws. EFF's framing follows the same structural argument Cory Doctorow made in the wider age-verification debate: every age check is an identity check, and every identity check creates the database that ties a real person to specific platform activity ^[10][11].

The interesting wrinkle in the federal bill is its scope. State age-verification laws apply to pornography-adjacent services. The federal KIDS Act would apply across the covered-services definition, which puts mainstream platforms in scope. The downstream consequence is that a vendor that handles the federal age check now handles an identity cache that links children to consumption patterns, and that cache is the prize for breaches and warrantless access. The Doctorow age-verification vessel lays the editorial through-line ^[28].

EFF's policy hook is that the KIDS Act is the federal-state identity-stack convergent moment: the same verification vendors serving state laws become the federal subcontractors for a broader mandate. The argument runs parallel to the FCC Know Your Customer robocall proposal covered in yesterday's briefing: the rule itself may fail on its stated purpose, but the identity cache that the rule creates remains. Our KIDS Act coverage tracks the bill text and the cross-jurisdiction identity-stack implication ^[11][29].

Self-Destructing Mistic Backdoor Tied to Access Broker KongTuke

Symantec, reported by The Register on June 25, tied the memory-resident Mistic loader to access broker KongTuke, which sells initial footholds into compromised corporate networks to Qilin, Interlock, Rhysida, and Akira ransomware affiliates. Mistic runs in memory and self-deletes on shutdown, which makes it harder for incident responders to recover the implant and reconstruct the intrusion path ^[12][13].

The structural read is that the corporate-ransomware economy is now a layered supply chain. Initial-access brokers like KongTuke handle the intrusion step. Ransomware-as-a-service affiliates handle encryption, extortion, and negotiation. The two sides meet through dark-web listings, with the broker getting paid once and walking away. Mistic's self-destruction is the operational-security upgrade: brokers cannot afford to leave implants behind for victim incident-response teams to find, so the loader phases itself out on a timer ^[13].

For corporate defenders, the practical consequence is that endpoint detection has to win at the access stage. The footholds that KongTuke and similar brokers sell are typically stolen VPN credentials, exposed RDP, or phished remote-access tokens. Identity-layer controls (MFA on every remote-access path, conditional access, credential rotation) are the upstream defense. The known-bad patterns from each affected intrusion become rules for the next. Our ongoing ransomware-coverage tracks the affiliate-economy pattern and the credential-layer defenses ^[30].

DHS Watchdog: Secret Service Agents Used Personal Phones for 15,000 Protected-Event Calls

The Register, citing a DHS inspector general report published June 26, found that US Secret Service agents used personal phones to make or receive more than 15,000 calls related to protected events. Government-furnished phones lacked mobile threat defense until August 2025 and were not wiped after travel, which created a posture where personal devices were the more secure option and became the operational fallback ^[14][15].

The surveillance angle reads both directions. Counter-surveillance of protectees is the operational job; the agents running that job were themselves working off devices with no mobile threat defense and without a post-travel wipe. A compromise on the personal device during foreign travel puts the protectee on the same network as the attacker. The inspector general's findings are the documented version of a posture that has been rumored inside the agency for years ^[14].

The structural fix is operational, not legal. The agency needs a mobile threat defense baseline that ships with the device, an enforceable travel-wipe policy, and a clear authority for which functions can run on personal devices versus issued ones. Until that posture is in place, the same inspector general could publish the same report next year and find the same numbers with different names. Our ongoing mobile-security coverage tracks agency-mobile-device policy and the personal-versus-issued boundary ^[15][31].

OpenAI Codex CLI Cannot Exclude Files Marked Sensitive by Default

An open GitHub issue against the OpenAI Codex CLI, filed June 28 and tracked in public view, documents that the assistant cannot reliably exclude files marked sensitive in a repository's `.gitignore`-style configuration and ships with a cloud-agent path that sends local content to a remote model by default. The issue summarizes reproducible reproductions where repository content the developer had marked sensitive still reaches the cloud agent during a code-aware task ^[16][17].

This is a concrete instance of the data-exfiltration risk that AI coding assistants create when their default operational posture is "all repository content is in scope." For corporate users, the risk profile is a developer editing a vault of secrets, API keys, customer records, or source-code-license-encumbered files, and an assistant that reads them as part of routine operation. The breach surface is the model provider's logs and the model's transient context, both of which are outside the developer's audit boundary ^[17].

The mitigation path is the same one Anthropic and Google have recommended in their own assistant documentation: explicit allowlists for what the agent can read, default-deny for sensitive paths, and on-device execution where the model supports it. Codex CLI's default posture is the opposite. The standing expectation for an enterprise coding agent is that the sensitivity markers in a developer's workflow actually constrain the model. Our enterprise-AI-coverage tracks the data-handling defaults and the corporate-policy gap ^[16].

What to Watch This Week

Monday June 30 to Friday July 4. EFF's records-request tool against local Flock-running agencies will be the field-test week. Expect first-cycle responses from large California and Texas agencies about whether they are opted into the NCIC Immigration Violator search list, and what their logs show for hits ^[1][2].

Wednesday July 8. Anthropic's Persona ID verification goes live for consumer Claude Free, Pro and Max accounts. The first wave of users who fail verification will face the OpenAI failure mode: permanent lockout with no documented retry path. EFF's JAWBONE Act and the Illinois BIPA private right of action light up on the same day ^[32][33].

Sunday July 26. Reply comments on the FCC Know Your Customer robocall proposal are due to the FCC's Electronic Comment Filing System. EFF, ACLU and the 17-state attorneys general coalition have already filed opening comments. Expect consumer-privacy and domestic-violence advocate filings in the reply window ^[29][34].

Quarter-end July through September. The Metropolitan Police moves from announcing the West End and Soho LFR coverage to standing it up. Watch the timetable for the first permanent static cameras, and any Big Brother Watch legal challenge that lands before the deployment goes live ^[3][5].

The IACHR admissibility decision. The Inter-American Commission on Human Rights will docket the EFF, TEDIC and CEJIL petition against Paraguay over the secret Asunción facial-recognition system. The Commission's decision is the first major regional precedent on Latin American live facial-recognition transparency ^[21].

Sources

1. EFF Deeplinks, Matthew Guariglia: Are Your Local Police Using Flock Safety ALPRs to Scan for Immigrants?, June 25, 2026. https://www.eff.org/deeplinks/2026/06/are-your-local-police-using-flock-safety-alprs-scan-immigrants
2. EFF: The Atlas of Surveillance entry for Flock Safety's NCIC integration and the records-request template, June 2026. https://atlasofsurveillance.org/
3. The Register: London cops bring live facial recognition to West End and Soho, June 24, 2026. https://www.theregister.com/security/2026/06/24/london-cops-bring-live-facial-recognition-to-west-end/
4. Big Brother Watch: Permanent LFR in central London would normalize biometric surveillance, June 2026. https://bigbrotherwatch.org.uk/
5. Biometric Update: UK Watchdog warns of legal risks as London Police deploy LFR, June 2026. https://www.biometricupdate.com/202605/uk-watchdog-warns-of-legal-risks-as-london-police-deploy-lfr-at-protest
6. The Register, Jessica Lyons: You have got to be KDDI-ng. Japanese telco exposes 14.2 million managed-email credentials, June 24, 2026. https://www.theregister.com/cyber-crime/2026/06/24/you-have-got-to-be-kddi-ng-japanese-telco-exposes-142-million-managed-email-credentials/
7. KDDI: Customer notice on the managed-email incident detected June 17, 2026. https://www.kddi.com/
8. The Register: Nation-state actors cracked critical Australian infrastructure to cripple it at a time of their choosing, June 25, 2026. https://www.theregister.com/security/2026/06/25/nation-state-actors-cracked-critical-australian-infrastructure-to-cripple-it-at-a-time-of-their-choosing/
9. ASIO: Director General of Security Mike Burgess on the compromised critical-infrastructure provider and the disrupted AUKUS operation, June 2026. https://www.asio.gov.au/
10. EFF Deeplinks: The KIDS Act Would Require Age Checks to Get Online, June 28, 2026. https://www.eff.org/deeplinks/2026/06/kids-act-would-require-age-checks-get-online
11. State of Surveillance: EFF KIDS Act Federal Online Age Verification Bill, the structural brief on the federal-state identity-stack implication. /news/cory-doctorow-age-verification-is-mass-surveillance-2026
12. The Register: Self-destructing Mistic backdoor linked to access broker selling corporate footholds to ransomware gangs, June 25, 2026. https://www.theregister.com/security/2026/06/25/self-destructing-mistic-backdoor-linked-to-access-broker-selling-corporate-footholds-to-ransomware-gangs/
13. Symantec: Mistic loader write-up and the KongTuke access-broker link, June 2026. https://symantec.com/
14. The Register: Even the Secret Service won't use company-issued phones, June 26, 2026. https://www.theregister.com/security/2026/06/26/even-the-secret-service-wont-use-company-issued-phones/
15. US Department of Homeland Security Office of Inspector General: Audit of US Secret Service mobile-device and travel hygiene, June 2026. https://www.oig.dhs.gov/
16. OpenAI Codex GitHub issue #2847: Codex CLI does not exclude files marked sensitive and sends local content to the cloud agent by default, June 28, 2026. https://github.com/openai/codex/issues/2847
17. State of Surveillance: OpenAI Codex CLI Local Files Cloud Agent, the brief on the assistant's default data-handling posture. /news/openai-daybreak-gpt-55-cyber-asymmetric-frontier-2026
18. EFF Deeplinks, Alexis Hancock: Primed for Malware: Stop Selling Compromised Android Devices, June 25, 2026. https://www.eff.org/deeplinks/2026/06/primed-malware-stop-selling-compromised-android-devices
19. 404 Media, Sam Biddle: Bodycam Footage Shows Cops Arresting Man for Speaking Too Long at Data Center Meeting, June 25, 2026. https://www.404media.co/bodycam-footage-video-claremore-oklahoma-data-center-meeting/
20. EFF Deeplinks, Lena Cohen and Paige Collings: Grindr, Put Queer Safety and Privacy Over Profits, June 2026. https://www.eff.org/deeplinks/2026/06/grindr-put-queer-safety-and-privacy-over-profits
21. State of Surveillance: EFF TEDIC CEJIL Petitioned IACHR Paraguay Facial Recognition, the cross-border vessel on the Asunción deployment. /news/eff-fourth-circuit-border-device-search-warrant-cbp-55000-searches-2026
22. State of Surveillance: Free Surveillance Tech Pipeline to ICE, the structural EFF piece on the federal-grant and vendor-trial pipeline. /news/free-surveillance-tech-pipeline-local-police-ice-eff-2026
23. State of Surveillance: Flock Safety Rebellion Cities Canceling Federal Access, the cancel-wave coverage tracking Mountain View, Austin and other city pulls. /news/flock-safety-rebellion-cities-canceling-federal-access-2026
24. State of Surveillance: London Metropolitan Police Live Facial Recognition Protests First Time, the May 2026 vessel on the Met's protest deployment. /news/london-metropolitan-police-live-facial-recognition-protests-first-time-2026
25. State of Surveillance: London Met Police Croydon Permanent Facial Recognition 470000 Faces Results, the pilot-results vessel preceding the West End expansion. /news/london-met-police-croydon-permanent-facial-recognition-470000-faces-results-2026
26. State of Surveillance: 16 Billion Passwords Infostealer Breach, the structural brief on credential-stuffing risk from past breaches. /news/16-billion-passwords-infostealer-breach-2026
27. State of Surveillance: CISA Shutdown Cybersecurity Crisis February 2026, the federal-cybersecurity-regime vessel on the regulatory gap. /news/cisa-shutdown-cybersecurity-crisis-february-2026
28. State of Surveillance: Cory Doctorow Age Verification Is Mass Surveillance, the editorial through-line on the identity-cache argument. /news/cory-doctorow-age-verification-is-mass-surveillance-2026
29. State of Surveillance: 17 Attorneys General Congress Mass Surveillance Data Broker Loophole, the data-broker structural brief. /news/17-attorneys-general-congress-mass-surveillance-data-broker-loophole-2026
30. State of Surveillance: AI Hacker Fortigate 600 Firewalls Amazon, the brief on identity-layer defenses for corporate-ransomware exposure. /news/ai-hacker-fortigate-600-firewalls-amazon-2026
31. State of Surveillance: Amazon Meta Employee Surveillance Badge Tracking, the corporate-mobile-device policy tracker. /news/amazon-meta-employee-surveillance-badge-tracking-2026
32. Anthropic: Updates to our Privacy Policy (effective July 8, 2026, last updated June 8, 2026). https://privacy.claude.com/en/articles/10301952-updates-to-our-privacy-policy
33. State of Surveillance: Anthropic ID Verification 11 Day Countdown Persona Failure Mode, the Day-10 vessel on the verification partner. /news/anthropic-id-verification-11-day-countdown-persona-failure-mode-2026
34. State of Surveillance: FCC Know Your Customer Robocall Proposal Forces Phone ID, the structural coverage of the EFF and ACLU filings. /news/fcc-robocall-kyc-id-requirement-phone-service-2026