Clearview AI built a massive facial recognition database by scraping 30 billion photos from Facebook and other social media platforms without users' permission, which law enforcement has accessed nearly a million times since 2017[^1].

The company markets its technology to law enforcement as a tool "to bring justice to victims," with clients including the FBI and Department of Homeland Security. However, privacy advocates argue it creates a "perpetual police line-up" that includes innocent people who could face wrongful arrests from misidentification[^1].

Major social media companies like Facebook sent cease-and-desist letters to Clearview AI in 2020 for violating user privacy. Meta claims it has since invested in technology to combat unauthorized scraping[^1].

While Clearview AI recently won an appeal against a £7.5m fine from the UK's privacy watchdog, this was solely because the company only provides services to law enforcement outside the UK/EU. The ruling did not grant broad permission for data scraping activities[^5].

The risks extend beyond law enforcement use - once photos are scraped, individuals lose control over their biometric data permanently. Critics warn this could enable:

• Retroactive prosecution if laws change
• Creation of unauthorized AI training datasets
• Identity theft and digital abuse
• Commercial facial recognition systems without consent[^1]

Sources:

[^1]: Business Insider - Clearview AI scraped 30 billion images from Facebook and other social media sites

[^5]: BBC - Face search company Clearview AI overturns UK privacy fine

U.S. Immigration and Customs Enforcement (ICE) signed a contract last year with Israeli spyware maker Paragon worth $2 million.

Shortly after, the Biden administration put the contract under review, issuing a “stop work order,” to determine whether the contract complied with an executive order on commercial spyware, which restricts U.S. government agencies from using spyware that could violate human rights or target Americans abroad.

Almost a year later, when it looked like the contract would just run out and never become active, ICE lifted the stop work order, according to public records.

Meta Malvertising Campaign Spreads Android Crypto-Stealing Malware

A sophisticated malvertising campaign targeting Meta's ad network has expanded from Windows to Android users worldwide, deploying an advanced version of the Brokewell malware disguised as TradingView's premium app[^1].

Since July 22, 2025, cybercriminals have launched over 75 malicious Facebook ads, reaching tens of thousands of users across the European Union[^1]. The campaign tricks victims into downloading a malicious APK from fake domains that mimic TradingView's official website.

The malware, an enhanced strain of Brokewell, functions as both spyware and a remote access trojan (RAT) with capabilities including:

• Cryptocurrency theft (BTC, ETH, USDT)
• SMS interception for banking and 2FA codes
• Google Authenticator data extraction
• Screen recording and keylogging
• Camera and microphone activation
• Remote command execution via Tor and WebSockets[^1]

The attackers have localized their ads in multiple languages including Vietnamese, Portuguese, Spanish, Turkish, Thai, Arabic and Chinese to maximize reach[^1]. While the Android campaign currently focuses on impersonating TradingView, the Windows version has mimicked numerous brands including Binance, Bitget, Metatrader, and OKX[^1].

[^1]: Bitdefender - Malvertising Campaign on Meta Expands to Android, Pushing Advanced Crypto-Stealing Malware to Users Worldwide

"How to Fix the Internet" has an important interview with neuroscientist Rafael Yuste and human rights lawyer Jared Genser, who together established the Neurorights Foundation, focused on expanding human rights concepts to neurotechnologies —tools that can record, interpret, and even manipulate brain activity.

They have contributed to getting laws passed nearly unanimously in three states of the USA and also discuss reforms in Brazil and Chile. This is an important issue to understand, and now seems like a short-lived opportunity to get laws passed before wealthy companies become involved in these technologies and start lobbying for their own interests.

https://www.eff.org/deeplinks/2025/08/podcast-episode-protecting-privacy-your-brain

Mastodon, the decentralized social network, stated it cannot comply with age verification laws like Mississippi's recent legislation because it lacks the technical capability to do so[^1]. While Mastodon's software allows server administrators to specify a minimum age of 16 for sign-ups, the age-check data is not stored, and the nonprofit has no way to verify users' ages[^1].

The organization emphasizes that individual server owners must decide for themselves whether to implement age verification, noting that Mastodon was founded specifically "to allow different jurisdictions to have social media that is independent of the U.S."[^1]

This stance follows Bluesky's decision to block service in Mississippi over similar age verification requirements[^1]. Mastodon's position highlights the unique challenges decentralized platforms face with regional compliance, as there is "nobody that can decide for the fediverse to block Mississippi," according to Mastodon founder Eugen Rochko[^1].

[^1]: TechCrunch - Mastodon says it doesn't 'have the means' to comply with age verification laws

I had a quick look at the intro page https://geti2p.net/en/about/intro

The core software (Java) includes a router that introduces and maintains a connection with the network. It also provides applications and configuration options to personalize your experience and workflow.

Maybe I'm biased, but using a Java for the core software doesn't bring good memories back