A 19-year-old woman is suing the makers of a dating app, alleging they took a video she posted online, repurposed it without her consent into an advertisement for the app, then used geofencing to target that ad to people in her area. 

According to the lawsuit filed Apr. 28 in Tennessee and an interview with her lawyer, the company allegedly used geotargeting to serve the ads on platforms like Snapchat to users near her, including men in her own dormitory. 

The allegations, if proven, offer another example of how modern technology has made it easier than ever today for bad actors to imitate, objectify, profit off and harass individuals, often women. Recent laws like the Take It Down Act have focused particularly on the use of AI to create sexualized imagery of their victims. In this case, the lawsuit alleges that Meete used not AI, but simple video editing, a voiceover and geofencing to create the same kind of deception. 

 On the day of her high school graduation, Kaelyn Lunglhofer posted a brief video to TikTok, wearing an orange outfit and saying a few words to her followers over background music. She went on to attend the University of Tennessee in the fall, where she began building a following as a TikTok influencer.

The complaint alleges that the makers behind the dating app Meete took that video without Lunglhofer’s consent, overlayed it with graphics advertising the app, and added a voiceover to make it appear she was saying “Are you looking for a friend with benefits? This app shows you women around you who are looking for some fun. You can video chat with them.”

Abe Pafford, Lunglhofer’s attorney, told CyberScoop that his client had no idea Meete was using her likeness until a male student in her dormitory told her he had repeatedly seen her in ads for the app on his Snapchat shortly after the two had met. 

Pafford called it “implausible” that this was a coincidence, pointing to Meete’s premise of connecting users with nearby women and the precision of geofencing technology. Before filing the case, Pafford’s law firm hired an investigative firm to gather additional evidence.

“I think the idea is they want[ed] viewers of these advertisements – and candidly this is pretty clearly targeted at male viewers – to have their eye caught by someone they may know or recognize or think they may have seen around, and that’s part of what makes it so disturbing,” he said.

Pafford said he believes Lunglhofer is far from the only person whose image Meete has misappropriated, and that most victims likely have no idea it’s happening. Lunglhofer herself only had evidence because the student who told her had saved recordings and screenshots of the ads featuring her video.

“The bottom line is we think there are likely others that have been victimized in a similar way, but finding out who they are and landing on tangible proof of that can be challenging,” he said.

After this story was published, Snap told CyberScoop it is investigating.

“Snap’s advertising policies require that advertisers have all necessary rights to the content in their ads, including the rights to any individuals featured,” Snap spokesperson Ahrim Nam said in an email. “Using someone’s likeness without their consent is a violation of our policies. Upon learning of these allegations, we are actively reviewing the matter and will take appropriate action.”

The lawsuit cites alleged violation of multiple federal and state laws, including the Lanham Act, the primary U.S. law governing trademark rights. The suit also alleges violations of Tennessee state law under the ELVIS Act, which prevents the unauthorized use of image or likeness for artists and musicians, and Tennessee common laws for defamation and right of publicity.

Lunglhofer is seeking $750,000 in punitive damages, as well as any revenue tied to the ads featuring her likeness. Pafford said that the advertisements damaged her online brand and reputation while also putting her at risk of harassment or falsely implying she was endorsing a local dating service and was open to casual hookups.

“It’s really kind of grotesque and it’s also kind of dangerous,” he said. “Someone may not be aware that this is happening and they’re targeted in this way, but you can put people at risk in ways that are really troubling if you stop to think about it.”

The suit names Quantum Communications Development Unlimited, based in the Virgin Islands, as well as Chinese companies Starpool Data Limited and Guangzhou Yuedong Interconnection Technology, as defendants. A judge has ordered representatives from all three to appear for depositions in the United States.

Quantum Communications Development Unlimited has a sparse internet footprint: their website consists of a single page with a message written in broken English and an email address that no longer appears to work. Efforts by CyberScoop to reach the company and other defendants for comment were not successful. The company is listed as Meete’s publisher on Apple’s App Store, where it describes the app as “a space where you can be yourself and meet people” and promises “safety and respect first” — adding that “Meete provides a secure environment where your privacy and safety are our top concerns.”

The description also claims the app adheres to Apple’s safety standards, citing a “Zero-Tolerance Policy regarding objectionable content and abusive behavior.” Listed safeguards include “24/7” manual reviews by moderation teams, instant reporting and blocking of other users, and AI filtering “to detect and prevent harassment before it happens.”

On Meete’s Google Play Store page, user reviews accuse the app of failing to match them to nearby users and being largely populated by bots posing as women to sell in-app currency.

Pafford acknowledged that the defendants being based overseas complicates efforts to hold them accountable under U.S. law, but argued that Meete is clearly designed to operate in the United States. The companies behind the app have filed U.S. patents and trademarks, for their business, and distribute their app through the Apple and Google Play Stores while advertising on major U.S. social media platforms like Snapchat.

Apple and Google did not respond to a request for comment.

You can read the full lawsuit below.

5/05/26: This story was updated to include comment from Snap received after publication.

The post A college student is suing a dating app that allegedly used her TikTok videos to target men in her dormitory appeared first on CyberScoop.

Congress extended a controversial surveillance law for 45 days on Thursday, hours before its latest expiration following an earlier extension.

The Senate passed — then the House cleared — a 45-day extension of Section 702 of the Foreign Intelligence Surveillance Act, which authorizes warrantless surveillance of foreign targets. But those targets are sometimes communicating electronically with Americans, and intelligence officials can search the database using their identifying information, which has long given privacy groups and privacy-minded lawmakers heartburn.

The 45-day reprieve gives lawmakers more time to hammer out a lasting deal, and comes after the leaders of the Senate Intelligence Committee agreed to send a letter to the Director of National Intelligence and attorney general, seeking swift declassification of a letter on a classified ruling from the Foreign Intelligence Surveillance Court.

Sen. Ron Wyden, D-Ore., had sought release of that opinion, and had resisted giving unanimous consent for the latest short-term extension to move forward until Senate Intelligence Chairman Tom Cotton, R-Ark., and top panel Democrat Mark Warner of Virginia agreed to send the letter.

A declassification review was already underway, but the Cotton-Warner letter states that “We expect that this declassification review will be completed and the FISC opinion released publicly within 15 days,” according to Wyden, speaking on the Senate floor.

The March 17 opinion reportedly came with annual recertification of the warrantless surveillance program. The Justice Department is appealing that ruling because it blocked them from using certain tools to analyze communications.

“A few weeks ago, the Foreign Intelligence Surveillance Court found major compliance problems related to the surveillance law known as section 702,” Wyden said earlier this month. “These compliance problems are directly related to Americans’ Constitutional rights.”

Senate Majority Leader John Thune, R-S.D., said the extension will give lawmakers additional room to hold “discussion on reforms.”

The House this week had passed a 3-year reauthorization with some changes to the surveillance program, but key to doing so was leadership’s agreement to attach legislative language on a separate matter that would ban a central bank digital currency. Thune had said that language was going nowhere in the Senate.

On Thursday, the House voted 261-111 to extend the law for 45 days. President Donald Trump has sought a “clean” 18-month reauthorization of the surveillance powers.

The extension continues a perennial ritual for the Hill when it comes to Section 702: A deadline looms, and Congress kicks the can down the road repeatedly.

The post Congress kicks the can down the road on surveillance law (again) appeared first on CyberScoop.

Supreme Court justices lobbed sharp questions at both sides about the constitutionality of geofence warrants during oral arguments Monday in a case that could have broader implications for law enforcement collection of Americans’ data.

Chatrie v. The United States stems from the 2019 conviction of Okello Chatrie in a bank robbery, where authorities obtained location data from Google about people within a specific area at a specific time.

In questioning an attorney for the petitioner, Adam Unikowsky, a number of conservative justices — including Chief Justice John Roberts — asked why the government shouldn’t be allowed to access location data taken from a third party given that Chatrie had “opted-in” to share that data.

“I just don’t agree that one should have to flip off one’s location history as well as other cloud services to avoid government surveillance,” Unikowsky answered, raising whether the government was entitled to getting emails or calendar data that are also stored in the cloud. (Google has since moved location data to users’ individual devices.)

Some liberal justices, too, had skeptical questions for Unikowsky. “This identifies a place, a crime — a limited time frame, but a time frame,” Sonia Sotomayor said, referring to protections from open-ended searches under the Fourth Amendment. “So it’s not a general warrant in this historical sense.” But she also said that because location data follows users everywhere: “When the police are searching or asking for a search result, there’s no way to predict whether they’re going to invade your privacy.”

The line of questioning about how far a government request for bulk data can go continued from both conservative and liberal justices when it was the government’s turn to argue its position. Justices probed skeptically about what made emails or calendar data different, and whether the government could do a physical search of all of the lockers in a storage facility to find one gun they believed might be there.

It was an unusually long session for the Supreme Court, going two hours. A ruling could come in June or July. Predicting how a court will decide based on justices’ questions is famously fraught. Only one justice, Samuel Alito, hinted strongly at how he was likely to decide.

“I’m struggling to understand why we are here in this case, other than the fact that at least four of us voted to take it,” he said. He said he didn’t believe anything new of note could come out of the court based on lower court rulings during questioning of Unikowsky. “We are all free to write law review articles on this fascinating subject, but that seems like that’s what you’re asking for.”

Orin Kerr, a Stanford University law professor who filed a friend of the court brief on the government’s side, said he believed based on the oral arguments that the court will say geofence warrants can be drafted lawfully.

“The Justices seem likely to reject the broader argument Chatrie made about the lawfulness of the warrant,” he wrote on social media. “They’ll probably say the geofence warrants have to be limited in time and space.”

Casey Waughn, a privacy lawyer and senior associate at Armstrong Teasdale, was struck by the absence of a major focus on “third-party doctrine,” under which there’s no reasonable expectation of privacy when citizens give their information to an outside party like a bank. 

She also honed in on arguments Unikowsky made.

“His argument really gave two lines to go down for the judges, and one was that you have a property interest in your data on the cloud, and the other was that you have a reasonable expectation of privacy for your data on the cloud,” she told CyberScoop. “And historically, both of those avenues have been grounds on which the Court has found that …issue is protected under the Fourth Amendment, and therefore that the actions constituted a search. So I thought it was interesting that he went and kind of argued both of those lanes.”

Alan Butler, executive director of the Electronic Privacy Information Center that filed a friend of the court brief on the side of the petitioner, said the stakes in the case are high.

“Today’s arguments underscored that the Supreme Court is weighing one of the most consequential privacy questions of the digital age: whether the government can use sweeping location data searches to identify a suspect,” he said in a statement after the arguments. “The Court should hold that the Constitution protects our digital data even when it is stored by an app or cloud provider. The Court should ensure that the highly sensitive records generated by our phones cannot be obtained without particularized suspicion and close judicial oversight.” 

The post Supreme Court justices skeptically question both sides in geofence surveillance case appeared first on CyberScoop.

Jared Perlo reports: The long-running fight to rein in the government’s power to search Americans’ phone calls, emails and text messages without a warrant has gained new urgency on Capitol Hill over concerns that AI will supercharge state surveillance. Lawmakers are currently jockeying over reforms to a key law that enables warrantless monitoring of Americans’...

Stetson Miller reports: The Supreme Court is set to hear a case on Monday that could determine if law enforcement’s use of geofence warrants violates the Fourth Amendment. The case was filed by a man named Okello Chatrie, who was convicted in a 2019 Virginia bank robbery after law enforcement obtained his digital location information...

The latest attempt to re-up a controversial expiring surveillance law has failed to placate vocal critics on both the left and right of the political spectrum.

Two House votes failed last week to extend the spying powers under Section 702 of the Foreign Intelligence Surveillance Act (FISA) for 18 months without changes, leading to Congress instead passing a 10-day reauthorization. GOP leaders have been scrambling to find a bill they can pass since with the April 30 deadline approaching.

House Speaker Mike Johnson, R-La., introduced a bill Thursday to extend it for three years, with a section stating that government officials can’t use Section 702 to target Americans. Under Section 702, U.S. spies and law enforcement agencies can warrantlessly search electronic communications of foreign targets. But those targets are sometimes communicating with U.S. persons, and officials can search the communications database using their personal information.

But critics of the latest Johnson proposal say the language about targeting Americans is window dressing.

“On the whole, it is an empty-calories bill and nothing more that does not engage in reform,” Jake Laperruque, deputy director of the center’s security and surveillance project at the Center for Democracy and Technology, said in a call with reporters Friday.

Civil liberties groups have long called for a warrant requirement for U.S. person-based searches.

“It doesn’t require a warrant or any kind of court process for U.S. person searches,” said Kia Hamadanchy, senior policy counsel for the American Civil Liberties Union’s political advocacy division. “The main reform just restates existing law… . It’s also completely irrelevant to the issue at hand, because backdoor searches have never been the product of the government intentionally targeting U.S. persons under 702. The problem is that they are incidentally collecting U.S. person communications and searching the communications of Americans.”

Gene Schaerr, general counsel of the conservative Project for Privacy and Surveillance Accountability, called the proposal “smoke and mirrors.”

The legislation did win over at least one key lawmaker, however: Rep. Warren Davidson, who had earlier introduced an amendment to attach a ban on the government buying American’s information from third-party data brokers, and who was a chief co-sponsor of legislation requiring a warrant for U.S. person searches under Section 702.

“Collectively, this set of reforms provides robust privacy protections for American citizens. Congress should bank this win and reauthorize Section 702,” Davidson said on X. “Then, we should swiftly begin gutting the unmitigated surveillance state left growing unchecked during these 702 fights.”

But it doesn’t look like it has yet won over enough conservative House Freedom Caucus members, and few Democrats have been on board with Johnson’s plans.

Rep. Ted Lieu, D-Calif., indicated on X in harsh terms that he doesn’t trust FBI Director Kash Patel with current Section 702 powers.

The post Latest spy power reauthorization bill leaves critics unimpressed appeared first on CyberScoop.

Campaigns employing commercial surveillance vendors tracked targets by exploiting mobile phone network vulnerabilities in what researchers said Thursday was the first-ever linking of “real-world attack traffic to mobile operator signalling infrastructure.”

The two unknown parties behind the campaigns mimicked the identities of mobile phone operators with customized surveillance tools, and manipulated signaling protocols and steered traffic through network pathways to hide, according to research from the University of Toronto’s Citizen Lab.

“Our findings highlight a systemic issue at the core of global telecommunications: operator infrastructure designed to enable seamless international connectivity is being leveraged to support covert surveillance operations that are difficult to monitor, attribute, and regulate,” a report published Thursday reads.

“Despite repeated public reporting, this activity continues unabated and without consequence,” Gary Miller and Swantje Lange wrote for Citizen Lab. “The continued use of mobile networks, built on a close inter-operator trust model and relied upon by users worldwide, raises broader questions for national regulators, policymakers, and the telecom industry about accountability, oversight, and global security.”

The attackers relied on identifiers and infrastructure associated with operators around the world, including networks based in Cambodia, China, the self-governing Island of Jersey, Israel, Italy, Lesotho, Liechtenstein, Morocco, Mozambique, Namibia, Poland, Rwanda, Sweden, Switzerland, Thailand, Uganda and the United Kingdom.

They shifted between SS7 and Diameter protocols, the signalling protocols known for 3G and 4G/most of 5G, respectively, according to the report. While Diameter was meant to be more secure than SS7, the Federal Communications Commission in 2024 opened a probe into both its vulnerabilities and SS7’s, and Sen. Ron Wyden, D-Ore., has asked for a Cybersecurity and Information Security Agency report about telecommunications vulnerabilities rooted in both protocols.

But identifying the vendors used in the two surveillance campaigns, or who was behind them, was beyond the researchers’ reach.

“The reality is that there are a number of known surveillance vendors and bad actors in this space, but given the opaque nature of telecommunications signalling protocols, those vendors are able to operate without revealing exactly who they really are,” Ron Deibert, director of Citizen Lab, wrote in his newsletter. “Much of the malicious things they are doing blend into the otherwise voluminous flow of billions of normal messages and roaming signals. They are ‘ghost operators’ within the global telecom ecosystem.”

One of the operators mentioned in Citizen Lab’s report, Israel-based 019 Mobile, wrote back that it didn’t recognize the hostnames referenced in the report as 019 Mobile’s network nodes, and couldn’t attribute the signaling activity it represents to 019 Mobile-operated infrastructure.

Another operator, Sure, said it has taken preventative measures to defend against misuse.

“Sure acknowledges that digital services can be misused, which is why we take a number of
steps to mitigate this risk,” CEO Alistair Beak said in a statement to CyberScoop. “Sure has implemented several protective measures to prevent the misuse of signalling services, including monitoring and blocking inappropriate signalling. Any evidence or valid complaint relating to the misuse of Sure’s network results in the service being immediately suspended and, where malicious or inappropriate activity is confirmed following investigation, permanently terminated.”

019 Mobile and a third operator, Tango Networks UK, didn’t respond to requests for comment from CyberScoop. The Citizen Lab report afforded some grace to the operators.

“It is important to note that the operator signalling addresses observed in the attacks do not necessarily imply direct operator involvement,” it states. “In some cases, access to the signalling ecosystem can be obtained through third-party providers, commercial leasing arrangements, or other intermediary services that allow actors to send messages using operator identifiers from legitimate networks.”

Updated 4/24/26: to include quote from Alistair Beak.

The post Surveillance campaigns use commercial surveillance tools to exploit long-known telecom vulnerabilities appeared first on CyberScoop.

Meredith Lee Hill, Jordain Carney, and Mia McCarthy report: Hill Republican leaders are finding themselves in a never-ending crisis over the fate of a government spy law that has unleashed a bitter, intraparty battle within the House while also threatening to derail a host of other GOP priorities. Republicans now have scant legislative days to...

The Senate approved a short-term renewal until April 30 of a controversial surveillance program used by U.S. spy agencies.

The post Senate Extends Surveillance Powers Until April 30 After Chaotic Votes in House appeared first on SecurityWeek.

Congress is grappling with renewal of a surveillance law set to expire at the end of this month that critics say is a mystery on how much of a difference it has made for controversial government spying authorities — for better or worse.

The 2024 law reauthorized so-called Section 702 powers of the Foreign Intelligence Surveillance Act (FISA), which authorizes warrantless surveillance of electronic communications of foreign targets. Most controversially, the law allows U.S. officials to search (“query”) those communications databases using Americans’ personal information, as long as the American is  in contact with someone overseas, which raises significant privacy concerns.

Backers of the 2024 law, known as the Reforming Intelligence and Securing America Act (RISAA), point to 56 changes it made to deal with criticisms of Section 702, following a period where abuses came to light, including hundreds of thousands of improper searches. At the same time, the law made changes that some feared could actually expand Section 702 powers.

The House voted to extend the law as-is for 10 days early Friday. The Senate then did the same. The Trump administration has sought a 180-day “clean” reauthorization.

As Congress weighs potential extensions of the 2024 law without making changes to it, “I don’t think we know” what good has come of it, said Elizabeth Goitein, senior director of the Brennan Center for Justice’s liberty and national security program. By the same token, it’s difficult to know whether some of the expansion fears have come to fruition, she said: “We don’t have reliable information on this.”

Added Jake Laperruque of the Center for Democracy and Technology: “There’s a lot of black boxes here.”

Examining Past Changes

Both Goitein and Laperruque are skeptical of any positive change from RISAA, though, and have long advocated for a warrant requirement for U.S. person searches. Intelligence agencies have resisted that addition, claiming that it would dramatically slow down time-sensitive national security investigations.

By contrast, Glenn Gerstell, former general counsel at the National Security Agency, said RISAA constituted “the most significant set of reforms to the statute since its adoption in 2008.” and that “those reforms have had a dramatic effect.” 

One major point of dispute is to what degree the number of U.S. person searches dropped, particularly because of a conclusion in last year’s Justice Department inspector general report finding that an “advanced filtering tool generated queries that were not tracked by the FBI.” 

As the report outlines, an FBI system has an “‘advanced filter function’ that allows users to select a specific FBI casefile number or ‘facility’ (e.g., a phone number or email address), using a drop-down menu or search bar, to review communications with targeted facilities.

“This functionality enables users to select from lists of ‘participants’ in communication with targeted facilities and review communications of those participants.In or around August 2024,” the report continues. The National Security Division of the Justice Department “became aware of the participants filter function in [the system] and was concerned that searches conducted through use of the participants filter constituted separate queries that must satisfy the query standard and comply with all query procedural requirements.”

By the intelligence community’s count, the number of U.S. person searches has otherwise mostly declined even going back to before the 2024 law’s passage: 119,383 in 2022, 57,094 in 2023, 5,518 in 2024 and 7,413 in 2025.

“It is quite clear that the searches that were run using this filter function met the statutory definition of queries, and yet the FBI for some significant period of time decided to not count them as queries,” Goitein said.

Laperruque, deputy director of CDT’s security and surveillance project, said an audit mandate in the 2024 law was potentially useful, but hasn’t proven to be in reality.

“At least it should mean that it should help try to detect abuse if it is happening,” he said. “The problem there, though, is you’re still relying on the FBI to properly log all of its quarries and hand them over for DOJ to be checked, which hasn’t happened. You’re trusting DOJ and the executive to engage in self-policing, and that’s something where folks rightfully have a lot of skepticism based on how DOJ has conducted itself recently.”

Gerstell, a senior adviser at the Center for Strategic and International Studies, points to numerous reviews — including a staff report from the Privacy and Civil Liberties Oversight Board (PCLOB) — that indicate a drop in U.S. person searches. It’s the biggest change of RISAA, he said.

“The most significant one is a very substantial drop in the number of queries of the database for U.S. person information, which has been a big focus for privacy advocates, and there’s been a dramatic drop, so much so that both the Inspector General for the Department of Justice and the staff of the PCLOB have said, ‘I wonder if we’re overdoing it.’ … Every single one of them presents those numbers, without caveat.”

On the advanced filter function count, Gerstell acknowledged the ambiguity, but referred to reports that said, as he summarized, “If they had been considered queries, it appears that most would have been compliant anyway… because they were a subset of something that was already compliant. But we don’t know if any of them were noncompliant, and we don’t have the data.”

On the other side of the RISAA debate, critics argued that its revised definition of “electronic communications service provider” could dramatically expand surveillance to include businesses like coffee shops or landlords. The reported, but formally undisclosed, real target of the change was data centers.

“That was a pretty big expansion with a lot of potential abuse,” Laperruque said. But “we don’t really know much about how it’s changed” anything, he said.

Virginia Sen. Mark Warner, the top Democrat on the Intelligence Committee, sought to advance clarifying language about that subject after RISAA’s passage, and the Biden administration said it would confine the provision’s use to the kind of undisclosed businesses that prompted the provision in the first place. Laperreque noted that the Trump administration has made no such promises, and Warner’s clarifying language never became law.

The Foreign Intelligence Surveillance Court (FISC) has issued its annual opinion re-certifying the Section 702 program for another year. However, the court reportedly took issue with the program’s f filtering systems, saying that when such a system is used to look for information on Americans it must be counted as a query, subjecting it to additional restrictions. The Trump administration plans to appeal the ruling.

Other critiques of the 2024 law include that many of its biggest changes weren’t changes at all, but instead codifications of changes that then-FBI Director Christopher Wray had implemented. Abuses continued after those changes, Goitein said.

Gerstell said enshrining those changes into law wasn’t a bad thing. “The statute expressly codified some but not all of Wray reforms — and some went beyond that in many ways,” he said. Those changes included requiring FBI deputy director approval of U.S. person queries that target elected officials, government appointees, political candidates or organizations, or media. Those were some of the more criticized prior targeting abuses.

The fight still ahead

Republicans remain divided over extending the law. Some who had reservations about a clean reauthorization have come on board, such as Senate Judiciary Chairman Chuck Grassley, R-Iowa, who had taken issue with limitations on congressional attendance of FISC proceedings but since has had that concern resolved.

Others may have been swayed by direct lobbying from the Trump administration, including a social media post from Trump himself this week, where he wrote, “I am willing to risk the giving up of my Rights and Privileges as a Citizen for our Great Military and Country!” Still others have had their position against a clean extension hardened by the FISC court opinion and additional concerns.

Other issues have become enmeshed in the reauthorization debate, such as calls to block government agencies from purchasing information from data brokers. But “this has nothing to do with this authority,” said George Barnes, former deputy director of the NSA. 

But lawmakers of both parties have complained for months that the administration was silent for too long as the law’s expiration loomed.

Only recently did the Trump administration share new examples of the law’s successes, including that it had thwarted a 2024 terrorist attack on a Taylor Swift concert. Barnes said releasing such examples might offer a public case for the law, but has its downsides, too.

“I was always understanding but frustrated by the need to release examples just because they choreographed to the adversary what we could do,” said Barnes, now Red Cell’s cyber practice president. 

Reauthorizing Section 702 is urgent, though, for cybersecurity purposes, he said.

“A lot of the impact that I saw the authority having over my time was in cybersecurity as well,” he said. “And so when you have foreign entities that are targeting the U.S., or U.S. interests overseas, that authority can be positioned to help eliminate those activities.”

The post The surveillance law Congress can’t quit — and can’t explain appeared first on CyberScoop.

Suzanne Smiley reports: The governor of Virginia on Monday signed a law banning the sale of citizens’ precise geolocation data, a sign of growing momentum for such laws at the state level. The legislation bars the sale of geolocation within a 1,750 foot radius, a buffer large enough to keep data brokers from pinpointing where...

Congress is set to take up the reauthorization of a divisive program that lets U.S. spy agencies pore over foreigners’ calls, texts and emails.

The post Trump Urges Extending Foreign Surveillance Program as Some Lawmakers Push for US Privacy Protections appeared first on SecurityWeek.

Joseph Cox reports: The FBI was able to forensically extract copies of incoming Signal messages from a defendant’s iPhone, even after the app was deleted, because copies of the content were saved in the device’s push notification database, multiple people present for FBI testimony in a recent trial told 404 Media. The case involved a...

Ernesto Van der Sar writes: HBO has obtained a DMCA subpoena, ordering X Corp. to identify the person behind a Euphoria fan account that allegedly posted spoilers from unaired episodes of Season 3. The action comes just days before the show’s long-awaited premiere this weekend, but it remains unclear what the company plans to do...

Jude Joffe-Block reports: Immigration and Customs Enforcement is using spyware tools that can intercept encrypted messages as part of the agency’s efforts to disrupt fentanyl traffickers, according to a letter sent last week by the agency’s acting director, Todd Lyons. Lyons’ letter, which was reviewed  by NPR, said ICE’s Homeland Security Investigations (HSI) is using...

by Amanda Seitz and Maia Rosenfeld April 8, 2026 The Trump administration is quietly seeking unprecedented access to medical records for millions of federal workers and retirees, and their families. A brief notice from the Office of Personnel Management could dramatically change which personally identifiable medical information the agency obtains, giving it the power to...

Colin Woods reports: The Massachusetts Department of Public Health last month settled a class-action lawsuit by a handful of Android users who claimed that the state had worked with Google to automatically install a COVID-19 contact-tracing app on their phones, and the phones of more than one million others, tracking their locations and transmitting their...

George Chidi reports: In recent city council meetings in Dunwoody, Georgia, a spokesman for Flock Safety, a Georgia-based firm that provides automated license plate readers, has found himself in the hot seat again. For two months running, some residents of the affluent north Atlanta suburb in the region’s tech corridor have been demanding an end...

Jude Joffe-Block of NPR reports: As Justice Department officials are working to acquire sensitive voter registration data from states and have recently disclosed a plan to share it with the Department of Homeland Security, a key privacy officer in DOJ’s division tasked with enforcing civil and voting rights laws has resigned. Kilian Kagle was the chief...

Sergiu Gatlan reports: The U.S. Federal Bureau of Investigation (FBI) warned Americans against using foreign-developed mobile applications, particularly those created by Chinese developers. In a public service announcement (PSA) issued via its Internet Crime Complaint Center (IC3) platform this Tuesday, the FBI warned of privacy and data security risks associated with these apps. “As of...