Today's Headlines:
- Federal judge grills Pentagon over Anthropic ban. "I don't know if it's murder, but it looks like an attempt to cripple Anthropic." Judge Rita Lin called the supply chain designation "troubling."
- 26 days until Section 702 expires. No movement in Congress. The deadlock continues.
- Senator Warren opens Pentagon investigation. Called the Anthropic blacklist "retaliation" in letter to Secretary Hegseth.
- RSA Conference Day 3. Federal agencies still absent. Quantum-safe cryptography and AI governance dominate.
- Stryker cyberattack fallout. Iran-linked hackers claimed responsibility for wiper attack affecting operations in 79 countries.
Judge Calls Pentagon's Anthropic Ban "Troubling"
The courtroom showdown everyone was waiting for happened yesterday in San Francisco. U.S. District Judge Rita Lin didn't mince words during the preliminary injunction hearing in Anthropic's lawsuit against the Pentagon.
"I don't know if it's murder, but it looks like an attempt to cripple Anthropic," Lin said from the bench. The Biden appointee pressed Defense Department lawyers on why the government designated Anthropic a supply chain risk after the AI company refused to remove safety guardrails.
The core issue: Anthropic told the Pentagon that Claude wouldn't be used for mass domestic surveillance of Americans or fully autonomous weapons without human oversight. The Pentagon wanted "all lawful purposes" with no private company veto. When Anthropic wouldn't budge, Defense Secretary Pete Hegseth designated the company a national security threat—the same label applied to Chinese telecom giants Huawei and ZTE.
Judge Lin found this "troubling." The supply chain statute exists for foreign adversaries compromising U.S. systems. Anthropic is an American company that passed security clearances for classified work. "If the worry is about the integrity of the operational chain of command, [the Pentagon] could just stop using Claude," she noted.
The government's lawyer argued this wasn't retaliation—it was a response to "Anthropic's disagreement with the government over how its AI model could be used." He also claimed Anthropic could theoretically update Claude in ways that endanger national security. Judge Lin seemed unconvinced. A ruling on the preliminary injunction is expected within days.
Warren Opens Investigation: "Appears to Be Retaliation"
Senator Elizabeth Warren (D-MA) isn't waiting for the court to decide. In a March 23 letter to Defense Secretary Hegseth, she called the Pentagon's actions what they look like: payback.
"I am particularly concerned that the DoD is trying to strong-arm American companies into providing the Department with the tools to spy on American citizens and deploy fully autonomous weapons without adequate safeguards," Warren wrote. The blacklist "appears to be retaliation."
Warren has opened an investigation into both the Anthropic designation and OpenAI's new Pentagon contract—the deal OpenAI signed after Anthropic was cut out. She wants to know exactly what safeguards OpenAI agreed to, and whether those "safeguards" have loopholes the EFF identified in its earlier analysis.
The investigation could pull Pentagon officials and AI executives to Capitol Hill for sworn testimony. If Amodei and Altman end up under oath explaining what the military asked for, that's a very different conversation than contract negotiations in private.
26 Days: FISA Section 702 Countdown
April 20 keeps getting closer. Section 702—the warrantless surveillance authority that lets NSA, FBI, and CIA collect communications between Americans and foreign targets—expires in 26 days. Congress still has no plan.
Yesterday's update: nothing moved. The Congressional Progressive Caucus remains in formal opposition to any clean renewal. That's 98 House members who won't vote yes without reforms. About a dozen Republicans want warrant requirements. Speaker Johnson can't build a coalition.
The Government Surveillance Reform Act from Senators Wyden and Lee remains the only bipartisan reform bill on the table. It would require warrants to access Americans' communications, close the data broker loophole, and add real oversight. Intelligence officials keep pushing for a "clean" extension—no reforms, just renew the powers. That's not happening with the current math.
EFF's latest analysis accuses Congress of "dropping the ball" by entertaining any extension without addressing the Fourth Amendment issues courts have flagged for years.
RSA Conference Day 3: Still No Feds
Day 3 at the Moscone Center. 44,000 security professionals. Zero federal officials on stage.
The FBI, NSA, and CISA boycott continues. CISA's official line remains "good stewardship of taxpayer dollars." The industry reads it differently: the Trump administration doesn't want its cybersecurity officials appearing at a conference run by former CISA director Jen Easterly, who was fired in January.
What's happening instead: product launches and vendor announcements. Quantum-safe cryptography is the hot topic—Lattice Semiconductor won awards for post-quantum chip work. AI governance discussions fill sessions. Everyone's talking about the federal absence.
The hunt for China's "Typhoon" hacking campaigns—the session FBI and NSA were supposed to give—didn't happen. Those briefings about Beijing's espionage operations against U.S. critical infrastructure? Cancelled. The private sector is on its own.
Stryker Cyberattack: Iran-Linked Hackers Claim Responsibility
The Stryker Corporation cyberattack keeps getting worse. The Iran-linked hacking group Handala claimed responsibility for the March 11 wiper attack on America's largest medical device maker, saying it wiped 200,000 systems across 79 countries.
The group claims to have exfiltrated 50 terabytes of data before deploying the wiper malware. Operations remain disrupted more than two weeks later. The attack knocked out Stryker's global Microsoft environment, affecting everything from corporate systems to some medical device connectivity.
Handala said the attack was retaliation for a missile strike on an Iranian elementary school. While Handala presents itself as a hacktivist group, Palo Alto Networks has linked it to Iran's Ministry of Intelligence and Security.
Maryland's EMS system reported that Stryker's Lifenet ECG transmission system went "non-functional in most parts of the state"—though Stryker says core life-safety systems weren't affected. Operations in 79 Stryker offices worldwide remain impacted.
Age Verification: VPN Crackdown Spreads
Australia's age verification rollout keeps generating fallout. VPN downloads surged after Pornhub blocked all Australian IP addresses rather than comply with mandatory age verification rules that went into effect March 9.
Now VPN restrictions are on the table. The UK's Department for Science, Innovation & Technology launched a consultation running through May 26 that explicitly asks whether VPNs should be age-restricted. The UK House of Lords already proposed in January that VPN providers should implement "highly effective" age assurance for all users.
Electronic Frontiers Australia's chair warns there's "a reasonably strong possibility" VPNs could be banned or restricted—creating "extraordinary privacy, security, and online safety risks" for everyone, not just minors.
This is the age verification endgame privacy advocates warned about: once you build the infrastructure to check everyone's age, it becomes infrastructure to identify everyone online.
Fargo Police Tighten Facial Recognition Policy
Fargo Police Chief Dave Zibolski admitted "errors" yesterday in the Angela Lipps case—the Tennessee woman jailed more than five months after facial recognition flagged her for bank fraud she didn't commit. Charges were dropped in December.
The department issued a new directive with five requirements: facial recognition can only be used by criminal investigators, not patrol; cases need commander approval before any AI search; they can only use state or federal facial recognition systems—not commercial tools like Clearview AI; and all submissions get tracked.
The error chain: West Fargo Police ran a fake ID photo through Clearview AI (which they've used since 2020). Fargo detectives assumed West Fargo had also submitted surveillance photos to the state-run facial recognition hub. They hadn't. Nobody verified the match. Lipps spent five months in jail on an AI guess.
What to Watch
- Anthropic ruling: Judge Lin's decision on the preliminary injunction expected within days. If she blocks the designation, Anthropic can keep operating while the case proceeds.
- Section 702: 26 days. No path to passage visible. April showdown looming.
- RSA Conference: Final day tomorrow. Watch for any federal surprise appearances—or confirmation they're staying away.
- IAPP Global Privacy Summit: Opens March 30 in DC. 60+ sessions on AI governance, state privacy laws, and the federal privacy patchwork.
- Meta smart glasses: Senator Markey's April 6 deadline for facial recognition answers approaches. No response from Zuckerberg yet.