The Department of Homeland Security demanded Google surrender location and activity data on a Canadian citizen who criticized ICE operations online. The man, who hasn't entered the US in over a decade, was targeted using an obscure trade statute from the Great Depression era.
DHS invoked the International Emergency Economic Powers Act—a 1930s customs law—to pressure Google into handing over browsing history, location data, and other activity information on the Canadian national. The request followed his posts on X condemning ICE following the deaths of Renee Good and Alex Pretti.
The case highlights how legacy legislation can be repurposed for modern surveillance. The law, originally designed for trade enforcement, gave DHS leverage to demand user data without a traditional warrant or court oversight.
Google's response to the demand remains unclear, but the incident raises questions about how tech companies handle government data requests using unconventional legal frameworks. It also underscores risks for non-US citizens whose speech on global platforms can trigger US government scrutiny.
The action comes as the White House simultaneously escalates tech oversight in other areas. The administration recently briefed Anthropic, Google, and OpenAI on plans for a government AI review process—potentially requiring companies to submit new AI models for government approval before release. The proposal reportedly triggered by Anthropic's "Mythos" model follows a year of relative regulatory hands-off approach.
Separately, Google is developing new AI capabilities that could blur lines between user control and autonomous action. The company is testing an agent codenamed "Remy" within its Gemini app that can integrate with Google services and take actions on a user's behalf—raising privacy and security implications as AI systems gain deeper access to personal accounts.
Together, these developments paint a picture of increasing government pressure on tech companies and expanding AI capabilities with limited transparency around data handling and government access.
Artificial intelligence discovered a critical security vulnerability in Linux kernel code that human developers overlooked for over a decade. The bug could allow unauthorized root access to systems.
Researchers have demonstrated a new attack called 'Ghostcommit' that hides prompt injections in PNG files to fool AI code reviewers and agents into exposing repository secrets.
Australia's eSafety watchdog will investigate whether major adult websites are allowing users to bypass age verification requirements using virtual private networks (VPNs). The probe follows new regulations introduced in March requiring age checks on adult content.