The Department of Homeland Security demanded Google surrender location and activity data on a Canadian citizen who criticized ICE operations online. The man, who hasn't entered the US in over a decade, was targeted using an obscure trade statute from the Great Depression era.
DHS invoked the International Emergency Economic Powers Act—a 1930s customs law—to pressure Google into handing over browsing history, location data, and other activity information on the Canadian national. The request followed his posts on X condemning ICE following the deaths of Renee Good and Alex Pretti.
The case highlights how legacy legislation can be repurposed for modern surveillance. The law, originally designed for trade enforcement, gave DHS leverage to demand user data without a traditional warrant or court oversight.
Google's response to the demand remains unclear, but the incident raises questions about how tech companies handle government data requests using unconventional legal frameworks. It also underscores risks for non-US citizens whose speech on global platforms can trigger US government scrutiny.
The action comes as the White House simultaneously escalates tech oversight in other areas. The administration recently briefed Anthropic, Google, and OpenAI on plans for a government AI review process—potentially requiring companies to submit new AI models for government approval before release. The proposal reportedly triggered by Anthropic's "Mythos" model follows a year of relative regulatory hands-off approach.
Separately, Google is developing new AI capabilities that could blur lines between user control and autonomous action. The company is testing an agent codenamed "Remy" within its Gemini app that can integrate with Google services and take actions on a user's behalf—raising privacy and security implications as AI systems gain deeper access to personal accounts.
Together, these developments paint a picture of increasing government pressure on tech companies and expanding AI capabilities with limited transparency around data handling and government access.
U.S. federal prosecutors have unsealed charges against three Russian nationals accused of operating a bulletproof hosting service that supported ransomware gangs responsible for over $62 million in damages worldwide.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are actively exploiting three vulnerabilities in Internet-exposed on-premises SharePoint Server instances. Organizations running affected versions must patch immediately.
Tailscale disclosed a critical vulnerability in its SSH implementation that allowed attackers to gain root access through insecure argument handling. The flaw has been patched in recent versions.
A new study found that social media platforms referred over 5.7 million visits to nonconsensual deepfake pornography sites between December 2025 and March 2026, with YouTube and X accounting for the majority of traffic.