Today in Surveillance:
- The White House approved $9 billion so spy agencies can run frontier AI. The NSA got a classified Anthropic contract (over Pentagon objections) with a "carve-out" promising the model won't be used on Americans' data. The CIA is reprogramming $800 million for immediate chip purchases.
- The EU wants Google to hand over hundreds of millions of search queries per day. Google's own differential-privacy scientist warned that "anonymized" data shared under the DMA was re-identified by a red team in under two hours. The compliance deadline is July 27.
- ICE's AI surveillance tools are now being used on American citizens. Systems built by Palantir, Clearview AI, and commercial data brokers for immigration enforcement are tracking protest attendees, monitoring social media, and purchasing location data, all without warrants.
- California passed a bill forcing apps to default to maximum privacy. AB 2561 would ban apps and operating systems from resetting your privacy settings without explicit consent. It passed the Assembly unanimously.
- New York is advancing its own biometric privacy law. S1422 mirrors Illinois' BIPA (the only state law that lets individuals sue over biometric data misuse) with damages of $1,000 to $5,000 per violation.
- FISA Section 702 expires in 17 days. The Senate returns with dueling bills: a clean reauthorization backed by the White House, and the bipartisan SAFE Act demanding warrant requirements for searches of Americans' communications.
The White House Just Armed Spy Agencies With $9 Billion for AI Chips, and a Secret Anthropic Deal
The White House approved a secret $9 billion funding request on May 22 to buy cutting-edge AI chips for America's intelligence agencies, according to reporting by the New York Times. The money is earmarked for Nvidia's Grace Blackwell superchips: hardware that requires specialized data centers with massive electrical capacity and liquid cooling systems [1][2].
The chip shortage is real. Intelligence agencies can't run frontier AI models on their existing infrastructure. The CIA and NSA need the Blackwell chips to deploy tools like Anthropic's Mythos model, released in April 2026, which demonstrated cyber-vulnerability identification capabilities that made the intelligence community very interested, and very nervous [1][2].
Here's where it gets complicated. White House Chief of Staff Susie Wiles authorized the NSA to continue using Anthropic's advanced AI model even though the Pentagon had designated Anthropic a supply chain threat. A classified contract is being finalized between Anthropic and the government that maintains NSA access to Anthropic products, but pointedly does not include the Pentagon's demanded language allowing "any lawful use" [1][2].
The contract includes a carve-out: the AI model cannot be used on Americans' data. The White House wants this deal to serve as a template for other AI companies. On paper, that's a privacy protection. In practice, it's a promise written by the same government that ran warrantless wiretapping for over a decade before Edward Snowden blew the whistle [1][2].
Meanwhile, the administration is reprogramming $800 million for immediate chip acquisitions while Congress debates the larger $9 billion request. The cancelled executive order (Trump pulled it at the last minute, saying he "didn't like aspects of it") would have required AI companies to share models with intelligence agencies before public release [2][3].
"Our intelligence community needs the frontier, the best AI chips, models, systems, talent, on a timeline that matches the threat," former NSA chief data scientist Vinh Nguyen told the Times [1].
The threat they're matching against is China. The surveillance infrastructure they're building is here.
The EU Wants Google to Share Your Search Queries With Third Parties. Google Proved That's a Terrible Idea.
The European Commission's Digital Markets Act contains a provision that would force Google to share vast quantities of search data with third parties via an automated API, ostensibly to boost competition. The dataset includes complete search queries, timestamps, approximate location data, language, device information, and detailed user interaction signals like clicks, scrolls, and query refinements [4][5].
Direct identifiers like IP addresses would be stripped. But Google's own top differential-privacy scientist, in a submission to EU regulators, demonstrated that the "anonymized" data could be re-identified in under two hours during internal red-team testing [4][5].
The mechanism is straightforward. The EU's proposed "allowlist" system approves search query components for sharing if they've been used by at least 50 signed-in users over 13 months. Once approved, those components stay shareable for up to five years, even if they originally came from unique, sensitive searches. Security researcher Lukasz Olejnik warned of "seeding attacks" where bad actors could deliberately push sensitive terms onto the allowlist by issuing repeated searches from multiple accounts [4][5].
The location data is especially dangerous. The Commission's plan groups users into geographic "buckets" of 3 square kilometers covering at least 1,000 users. That sounds anonymous until you realize those buckets correspond to specific neighborhoods, university campuses, government buildings, and military installations [4].
Olejnik called it "one of the most significant potential data-exposure risks in Europe in recent years." The compliance deadline is July 27, 2026. Failure costs Google up to 10% of global annual revenue. The Commission is essentially forcing a choice between paying a fine and exposing hundreds of millions of Europeans' search histories to anyone with API access [4][5].
ICE Built AI Surveillance for Immigrants. Now It's Tracking American Citizens.
AI tools originally justified for immigration enforcement are being turned on American citizens, according to a May investigation by the American Immigration Council. The mission creep is systematic [6][7].
The inventory: Palantir's $30 million ImmigrationOS platform pulls from passport records, Social Security files, IRS data, and license plate readers to identify and track deportation targets. Clearview AI holds a $3.75 million contract, ICE's largest facial recognition purchase ever. And ICE is buying commercially available location data from data brokers, sourced from phone apps and games, to track people's movements without warrants [6][7][8].
In Minnesota, ICE deployed social media monitoring and location-tracking systems marketed for use at protests and gatherings protected under the First Amendment. These aren't hypothetical capabilities. They're being used on American soil, against Americans, right now [6].
FBI Director Kash Patel confirmed to Congress in March that the FBI is also buying Americans' location data from data brokers, reversing the agency's 2023 statement that it had stopped doing so. The data originates from weather apps, mobile games, and other software people use daily without realizing they're being tracked. By the time it reaches a federal agency, the data has passed through advertising middlemen and been repackaged for sale [8][9].
A bipartisan group in Congress introduced the Government Surveillance Reform Act to close the data broker loophole by requiring warrants for government purchases of Americans' data. Whether it passes before the FISA deadline (or at all) is another question entirely [9].
Related: ICE Surveillance Powers Analysis | Palantir's Surveillance Ideology
California Passed a Bill That Would Force Apps to Default to Maximum Privacy
California Assembly Bill 2561, introduced by Assemblymember Valencia, unanimously passed the state Assembly and is now in the Senate. The bill does something deceptively simple: it requires every operating system and application to configure default privacy settings to the most protective option available, and bans them from changing those settings without explicit user consent [10][11].
Think about what this means in practice. Every toggle buried three menus deep that defaults to "share everything" would have to default to "share nothing." Every app that resets your privacy preferences after an update would be breaking the law. Every operating system that nudges you toward less privacy after a major release would need your explicit sign-off to do it [10].
The bill defines "privacy setting" broadly: any user-configurable option that governs collection, use, sharing, disclosure, retention, or processing of personal information. That covers location tracking, ad personalization, contact sharing, microphone access: basically everything tech companies currently set to "on" by default and hope you never find [10][11].
If it survives the Senate and gets signed, this could be the most consequential state privacy law since the California Consumer Privacy Act. The business model of most free apps depends on users never touching their privacy settings. AB 2561 flips the script.
New York Wants to Let You Sue Over Your Stolen Biometrics
The New York Senate Consumer Protection Committee advanced S1422 (the Biometric Identifier Privacy Act) which would establish a private right of action for biometric data misuse. Translation: if a company collects your fingerprints, faceprint, or iris scan without following the rules, you can sue them [12][13].
The bill mirrors Illinois' Biometric Information Privacy Act (BIPA), which has produced hundreds of class action lawsuits and billions in settlements since its passage. S1422 sets damages at $1,000 for negligent violations and $5,000 for intentional or reckless violations. It requires companies to develop written retention policies and destroy biometric data within three years of a person's last interaction [12][13].
New York legislators have tried this before. Similar bills died in 2021 and 2023. But momentum is building. Erie County passed its own Biometric Transparency and Privacy Act on April 30, banning businesses from using biometric identity technology without disclosure. New York City already restricts commercial use of biometric surveillance [12][13][14].
This matters because of timing. The NYC Health + Hospitals breach just exposed 1.8 million people's fingerprints: biometric data that can never be changed. A private right of action gives people a weapon when companies fail to protect the most permanent identifiers they have.
17 Days Until FISA Section 702 Expires. The Senate Fight Is On.
The 45-day clean extension of FISA Section 702 expires June 12. The Senate returned from recess with two competing visions: the White House wants a straight reauthorization with no reform, and a bipartisan coalition led by Senators Durbin and Lee is pushing the SAFE Act (the Security and Freedom Enhancement Act) which would require warrants for searches of Americans' communications [15][16].
The House already passed a three-year extension on April 29 by 235-191, but it included an unrelated ban on Central Bank Digital Currency that poisoned it in the Senate. That's why Congress passed the 45-day stopgap instead, buying time they're now running out of [15][16].
The core fight hasn't changed. Section 702 was designed to surveil foreign targets, but the government uses it to search Americans' communications swept up in the process, without a warrant. Reform advocates want that practice to require judicial approval. The intelligence community says that requirement would cripple their ability to respond to threats quickly [15][16].
Meanwhile, the Office of the Director of National Intelligence released its Annual Statistical Transparency Report for 2025, detailing the intelligence community's use of FISA authorities, though the timing feels less like transparency and more like a lobbying document [17].
Related: FISA 702 Reauthorization Debate | FISA Vote Stalls
What to Watch
- Congressional debate on the $9 billion AI chip request. The $800 million is already being reprogrammed. The full $9 billion needs congressional approval. Watch for classified briefings and pushback from lawmakers who want oversight of how spy agencies deploy AI.
- FISA Section 702 floor action. The Senate has 17 days. If the SAFE Act's warrant requirement gets a vote, it will be the most significant surveillance reform vote in a decade. If it doesn't, expect another extension.
- EU DMA Google compliance deadline (July 27). Google has two months to either comply with data-sharing requirements its own scientists say are dangerous, or face fines up to 10% of global revenue. The re-identification research may force the Commission to revise its approach.
- California AB 2561 Senate vote. May 29 is the deadline for bills to pass out of their chamber of origin. If it clears the Senate committee, it moves to the floor. Tech industry lobbying will intensify.
- Government Surveillance Reform Act. The bipartisan bill to close the data broker loophole (banning warrantless government purchases of Americans' location data) needs floor time. FBI's confirmed data purchases give reformers fresh ammunition.
Sources
- Philadelphia Inquirer: White House Approves $9B for Spy Agencies to Catch Up on AI (May 23, 2026)
- Crypto Briefing: White House Backs $9 Billion Chip Plan and Anthropic Deal to Keep Spy Agencies at AI Frontier (May 23, 2026)
- Washington Post: In Trump Administration Battle Over AI, U.S. Spy Agencies Seek More Power (May 11, 2026)
- Cyber Insider: EU's Proposed Google Data Access Rule Could Enable Large-Scale Surveillance (April 27, 2026)
- The Next Web: Google's Top Differential-Privacy Scientist Tells the EU Its Data-Sharing Plan Can Be Reversed in Two Hours (2026)
- American Immigration Council: Mission Creep: AI Surveillance at DHS Crosses Dangerous Line Into Tracking Americans (May 2026)
- American Immigration Council: ICE Uses a Growing Web of AI Services to Power Its Immigration Enforcement (2026)
- TechCrunch: FBI Is Buying Location Data to Track US Citizens, Director Confirms (March 18, 2026)
- NPR: Your Data Is Everywhere. The Government Is Buying It Without a Warrant (March 25, 2026)
- California Legislature: AB-2561 Operating Systems and Applications: Privacy Settings
- Troutman Pepper: Proposed State Privacy and AI Law Update: May 18, 2026
- New York State Senate: S1422: Biometric Privacy Act
- Hinshaw & Culbertson: Proposed Biometric Privacy Law With Private Right of Action Introduced in New York
- Spectrum News: Erie County Passes Biometric Transparency and Privacy Act (April 30, 2026)
- CNBC: FISA Section 702: Congress Passes Short-Term Surveillance Program Extension (April 30, 2026)
- Senate Judiciary Committee: Durbin Calls for Reforms to FISA Section 702 Ahead of Its Expiration Next Month
- Office of the Director of National Intelligence: Press Releases 2026