If you're tired of censorship and dystopian threats against civil liberties, subscribe to Reclaim The Net. California spent 2025 telling the public that no state agency relied on high-risk automated systems to decide anything about people’s lives. That claim collapsed this month, when the state’s Department of Technology acknowledged six such systems already running, including one that predicts whether incarcerated people will commit crimes after they get out. The reversal arrived in a legislative report the state is required to produce every year under a 2023 law. That law, pushed by civil rights, privacy, and civil liberties groups, forces agencies to disclose any “high-risk automated decision system,” which it defines as one “used to assist or replace human discretionary decisions that have a legal or similarly significant effect, including decisions that materially impact access to, or approval for, housing or accommodations, education, employment, credit, health care, and criminal justice.” A year ago, the answer California gave to that same requirement was zero. The system drawing the most attention reads like something lifted from Philip K. Dick’s Minority Report. The California Department of Corrections and Rehabilitation runs a tool called the California Static Risk Assessment, or CSRA, to scoop up data and score people behind bars on their odds of being arrested again. We obtained a copy of the report for you here. According to the report, it “produces a risk number value that will predict the likelihood that an offender will incur a felony arrest within a three-year period after release to parole. Risk factors utilized include, but are not limited to, age, gender, criminal misdemeanor and felony convictions, and sentence/supervision violations.” What the CSRA does is build a profile from fixed personal data and compress it into a single number. The report describes the system analyzing “static” factors, including age, gender and criminal history, to “assign a risk level from 1 (Low) to 5 (High Risk Violence).” Two of those inputs, age and gender, are traits a person never chose and cannot alter. The state feeds them into an algorithm and lets the output shape decisions about supervision and freedom. California frames the scoring as good housekeeping. “By identifying high-risk individuals, the CDCR can focus its limited rehabilitation resources where they are needed most to have the maximum positive impact on public safety,” the report suggests. The framing skips past who absorbs the cost when the number gets a person wrong, which is the person assigned the higher score. The department also concedes the work does not require automation at all. Staff could “manually perform the CSRA evaluation” themselves, the report notes, which makes the algorithm a convenience the state reached for rather than a capability it lacked. The state chose the version that turns human judgment into a profiling pipeline. The prison algorithm sits inside a wider pattern of automation the state never volunteered. California also runs systems that decide whether unemployment claims look fraudulent, remotely watch California State University students during exams, and more. On its own, a parole risk score is not the most alarming surveillance story of the year. A human officer reading the same rap sheet would reach for similar conclusions and the tool predates most of the current AI panic. The trend underneath it is the real story. Governments want to profile people and automate the judgments that follow and that appetite runs on data. You cannot score someone without first gathering enough about them to feed the model and the more decisions get handed to an algorithm, the more of a person’s life has to be logged and kept on file to justify the output. California going from zero disclosed systems to six is not a scandal, but what’s interesting is how ordinary that growth has become. Whatever guardrails might have followed are not coming soon. Senate Bill 1248, which would have barred state employees from using automated decision systems as the sole basis for a decision, died last month in the legislature’s fast-moving appropriations process. Nothing in California law currently stops an automated score from being the deciding factor in how the state treats a person. If you're tired of censorship and dystopian threats against civil liberties, subscribe to Reclaim The Net. The post The Algorithm California Said Didn’t Exist appeared first on Reclaim The Net.

If you're tired of censorship and dystopian threats against civil liberties, subscribe to Reclaim The Net. Florida wants every social media user in the state to prove how old they are. The method is up to the platforms and the options include government ID uploads, biometric face scans, payment credentials, and behavioral profiling. Now the state is suing TikTok for not doing it fast enough. Attorney General James Uthmeier filed a 66-page complaint Monday in St. Lucie County Circuit Court, accusing TikTok of letting children under 14 create accounts, skipping parental consent for 14- and 15-year-olds, and lying to parents about what their kids actually see on the app. The lawsuit names TikTok Inc., its parent company ByteDance and several related entities. It’s the first enforcement action under House Bill 3, Florida’s Online Protections for Minors Act, which took effect January 1, 2025 after spending two years tangled in court challenges. We obtained a copy of the lawsuit for you here.  HB 3 bans social media platforms with addictive design features from contracting with children 13 and younger and requires parental consent before 14- and 15-year-olds can open accounts. Violations carry fines of $50,000 each. But to block minors, platforms first have to figure out who is and isn’t a minor, which means age-checking every user, adults included. Florida is building an identity verification regime for the internet under the banner of protecting kids and the surveillance costs of that project land on millions of people who have done nothing wrong. What the Complaint Says TikTok Did The state’s filing is an indictment of TikTok’s entire business model. According to the complaint, the platform’s own executives have admitted internally that “[t]he product in itself has baked into it compulsive use” and that the algorithm can disrupt young users’ ability to sleep, eat, and interact with people in person. The complaint also cites a description of “[t]eenagers in the U.S. are a golden audience,” drawn from New York Times reporting in 2016. Florida alleges TikTok uses what its own documents call “coercive design tactics” to manipulate young users into spending more time on the app. The platform harvests personal data from children and teenagers to identify psychological vulnerabilities, then exploits those vulnerabilities to serve targeted advertising. Internal records cited in the complaint acknowledge that “compulsive usage correlates with a slew of negative mental effects like loss of analytical skills, memory formation, contextual thinking, conversational depth, empathy, and increased anxiety” and that it “interferes with essential personal responsibilities like sufficient sleep, work/school responsibilities, and connecting with loved ones.” TikTok knew and kept going. The complaint also targets how TikTok represents itself in Apple’s App Store. The platform currently carries a 13+ rating and tells parents that sexual content, profanity, drug references, and self-harm themes are “infrequent” and “mild.” Florida says that’s false and that investigators found this content “frequently and easily accessible” through accounts registered as belonging to 13-year-olds. The state argues TikTok deliberately lowballed its App Store rating to dodge parental controls. If the platform had been honest, according to the filing, it would have received a 17+ rating under the old system or 16+ to 18+ under Apple’s new one, triggering automatic blocks on phones with parental restrictions enabled. “TikTok’s success hinges on its ability to addict children and teenagers to the platform,” Uthmeier said. “TikTok knowingly deceives parents and allows children to be exposed to harmful and inappropriate content in direct violation of Florida law. We have zero tolerance for companies that prioritize profit over children’s safety. TikTok should expect to be held accountable.” Beyond HB 3, the lawsuit invokes the Florida Deceptive and Unfair Trade Practices Act and asks the court to declare TikTok a public nuisance. Florida is seeking civil penalties, punitive damages, disgorgement of profits, permanent injunctive relief, and attorney’s fees. TikTok’s Response TikTok said it has already been working with the attorney general’s office and has started notifying users under 14 in Florida that their accounts will be suspended. “TikTok is built with safety at its core, with more than 50 preset safety and privacy settings for teens and easy-to-use tools for parents,” a spokesperson said. “We’re continuing to update our platform in Florida in response to state law. We are evaluating the state’s complaint and are prepared to defend our strong record on minor safety.” The company claims 50-plus preset safety settings. What it doesn’t explain is how those settings square with internal documents showing executives knew the platform was harming children and chose to keep operating the same way. Fifty safety toggles mean nothing if the algorithm underneath them is designed to override user autonomy through compulsive engagement. Florida’s case against TikTok is built on a law that creates a problem of its own. HB 3 requires platforms to verify ages but doesn’t specify what counts as “reasonable” verification. That leaves companies to decide how much personal data to extract from every user in the state, and none of the available methods come with meaningful limits on how long the data gets stored or who gets access to it. The law protects children by demanding that adults prove they aren’t children, a trade that turns anonymous internet use into identity-verified internet use for millions of people who have every legal right to browse without showing ID. Meta already capitulated in April, agreeing to start purging accounts belonging to under-14s and implementing age checks ahead of an enforcement deadline. Uthmeier has been pressuring Snapchat, Roblox, and Discord to follow. Discord’s earlier experiment with government ID-based age checks resulted in a breach that exposed over 70,000 government-issued IDs. That’s a preview of what mandatory identity harvesting across every major platform could produce at scale. If you're tired of censorship and dystopian threats against civil liberties, subscribe to Reclaim The Net. The post Florida Sues TikTok Over Age Verification Failures as Digital ID Mandate Takes Effect appeared first on Reclaim The Net.

This Post is for Paid Supporters Reclaim your digital freedom. Get the latest on censorship and surveillance, and learn how to fight back. SUBSCRIBE Already a supporter? Sign In. (If you’re already logged in but still seeing this, refresh this page to show the post.) The post How to Fly Without Feeding the Surveillance Machine appeared first on Reclaim The Net.

If you're tired of censorship and dystopian threats against civil liberties, subscribe to Reclaim The Net. India’s government has blocked a messaging platform used by more than 150 million people because it couldn’t keep a single exam paper from leaking. The ban on Telegram, ordered under Section 69A of the Information Technology Act and in effect until June 22, targets cheating tied to the NEET-UG medical entrance exam. A second order forces Telegram to disable its message-editing feature across India until June 30. The National Testing Agency said the block was “in response to the organised use of the platform by cheating rackets to defraud candidates appearing for the NEET (UG) 2026 re-examination scheduled on 21 June 2026.” The re-exam follows the cancellation of the May 3 test, which 2.28 million candidates sat before allegations of a paper leak forced the NTA to scrap results. The CBI arrested more than a dozen people. In 2024, the NEET exam faced a similar scandal involving leaks and irregularities. Two years running, the exam’s security has failed inside the system that prints and administers the test. The leak originated among insiders, not on Telegram. Blocking the app where screenshots circulate does nothing about the people doing the leaking. The NTA’s own press release confirms targeted enforcement was already working, acknowledging that India’s Cyber Crime Coordination Centre had taken down “a substantial number of Telegram channels, groups and bots whose names and content openly advertised their fraudulent and misleading purpose.” The agency confirmed “there is no such paper available outside the secured examination chain.” The scam channels were selling access to something that doesn’t exist, and law enforcement was already shutting them down. Telegram founder Pavel Durov called the ban a punishment aimed at the wrong people. “This punishes 150M+ ordinary Telegram users in India,” he wrote, “not the insiders who leaked the exam materials.” The Internet Freedom Foundation called the ban a “band aid solution” and a “disproportionate answer to exam fraud,” arguing that Section 69A permits blocking specific information, not shutting down an entire platform. “The block of Telegram is reactive and ineffective and will punish ordinary users instead of addressing the systemic source of exam leaks,” IFF said, adding that “thousands of students depend on Telegram for study groups, doubt-clearing, and shared resources” in the final days before the test. IFF also noted the MeitY order authorizing the block has not been published, violating the Supreme Court’s Anuradha Bhasin ruling that such orders must be made public. App-level blocks in India run through ISP-level DNS filtering, which anyone with a VPN can route around in minutes. Fraud operators sophisticated enough to run scam channels demanding lakhs of rupees will not be inconvenienced by a DNS block. The students who lost their study groups five days before the exam will be. The NTA said it regretted “the inconvenience,” an admission buried in bureaucratic language that the government knows most of the people it cut off from Telegram have done nothing wrong. If you're tired of censorship and dystopian threats against civil liberties, subscribe to Reclaim The Net. The post India Shut Down Telegram for 150 Million Users Over One Exam Leak appeared first on Reclaim The Net.

If you're tired of censorship and dystopian threats against civil liberties, subscribe to Reclaim The Net. Google is removing the last technical workaround that kept effective ad blockers alive in Chrome. When Chrome 150 ships on June 30, the browser will delete a hidden setting called the ExtensionManifestV2Disabled flag, a switch that power users had been toggling to keep old-style extensions running after Google officially discontinued them. Without it, uBlock Origin and every other extension built on the old Manifest V2 framework, the set of rules that governed how browser extensions worked for years, will stop functioning permanently. Chrome 151, expected in July, will strip the remaining MV2 flags entirely. No policy override and no hidden setting will bring them back. The company that sells more advertising than any other on Earth now controls whether you can block those ads. And it just decided you can’t, at least not effectively. What Google took away and why it took it The technical change is the replacement of Chrome’s webRequest API with the declarativeNetRequest API. Under the old system, extensions like uBlock Origin could watch your browser’s traffic as it happened, see an ad or tracker trying to load, and block it on the spot before it ever reached your screen. Under the new system, extensions have to hand Google a pre-written list of things to block and Chrome decides whether to follow those instructions. The lists are capped at a fixed number of rules, and the extension can’t react to anything that isn’t already on the list. uBlock Origin’s developer, Raymond Hill, has been clear that a Manifest V3 version cannot replicate the original’s full capabilities. A stripped-down version called uBlock Origin Lite exists for MV3, but it handles only a fraction of the filter lists, the community-maintained databases of known ads and trackers, that the original supported. It also can’t perform cosmetic filtering, the process of hiding ad containers and promotional elements that remain on a page even after the ad itself is blocked. Without it, you get blank boxes where ads used to be, or sponsored content that looks native to the page. For more than 40 million Chrome users who relied on the original, the replacement is a downgrade by design. Google engineer Devlin Cronin confirmed the timeline in a Chromium code review commit, a logged change to Chrome’s underlying source code that other developers can inspect, writing that “MV2 extensions are no longer allowed in any supported version of Chrome, and we are removing support for them and the associated functionality. We won’t be able to provide / maintain this functionality indefinitely due to the complexity and tech debt, as well as the security risks it entails (we’ve actually found a number of bugs that are specific to MV2 lately). Of course, other browsers can continue supporting these if they so desire.” Cronin’s sign-off, that “other browsers can continue supporting these if they so desire,” suggests the removal as a Chrome-specific choice. It isn’t. Google controls 65% of the desktop browser market and the MV2 code being stripped from Chromium, the open-source project that Chrome and many other browsers are built on top of, affects every browser that shares that foundation. Google justifies the migration on security grounds and there’s some substance to the argument. The old webRequest API gives extensions deep access to every network request a browser makes, from images and page loads to login credentials, and the extension sees the data before Chrome acts on it. A compromised or malicious extension with that access can read your passwords as you type them, redirect you to fake websites, or slip harmful code into pages you trust. The declarativeNetRequest API is designed to prevent exactly this kind of attack by restricting extensions to predefined rule sets. Instead of giving an extension free rein over your browser traffic, Chrome only lets it submit a list of instructions in advance and handles the blocking itself. That narrows the ways a bad actor can exploit an extension because the extension never gets to touch your data directly. But Google generated roughly $239.5 billion in advertising revenue in 2025, and content blockers directly reduce the number of ads users see. The MV3 restrictions don’t ban ad blocking entirely. They cap how many rules an extension can use and eliminate dynamic blocking, the ability to recognize and stop new ad formats and trackers as they appear in real time. Ad companies constantly change how they deliver ads, rotating domains and disguising tracking scripts, and the old extensions could keep up with that. The new ones can only block what’s already on a list that was written before the ad loaded. The result is ad blockers that work against yesterday’s ads but struggle against the ones that adapt daily. The same company that built Chrome and sells the ads it displays also wrote the rules governing what ad blockers can do inside it. Whether those incentives shaped MV3’s design is the most obvious question in the room, and Google has never given a convincing answer. Microsoft Edge and Opera, both built on Google’s Chromium engine, are expected to follow suit because the MV2 code being removed is shared across all Chromium-based browsers. Maintaining it independently would require significant engineering resources that most of those browsers are unlikely to commit. Brave, also Chromium-based, supports MV2 but also sidesteps the problem by building its own ad-blocking engine directly into the browser, bypassing the extension framework entirely. Firefox, which runs on its own engine, continues to support Manifest V2 and uBlock Origin without restriction. Mozilla implemented its own version of Manifest V3 but kept the old webRequest API working alongside it, so extensions that need real-time traffic access can still use it. That proves security improvements and effective content blocking can coexist. Google chose not to make them coexist. What you can do For Chrome users who want effective content blocking, the options are leaving Chrome or accepting reduced protection. Firefox supports uBlock Origin in full and shows no signs of changing that. Brave blocks ads natively. Both are free and work well, and switching takes about ten minutes. You can also install uBlock Origin Lite on Chrome and accept that it blocks less, adapts more slowly to new threats and can’t match the original. Or you can do nothing, and Chrome 150 will disable the extension through a routine update and show you a notification that it’s no longer supported. If you're tired of censorship and dystopian threats against civil liberties, subscribe to Reclaim The Net. The post Google Removes the Final Workaround for Full Ad Blocking in Chrome appeared first on Reclaim The Net.