Saturday, August 9, 2025

Polaris of Enlightenment

Show your papers: The internet is about to change forever

A crackdown sweeping the globe is replacing the free internet with government surveillance.

Published today 8:07
– By Naomi Brockwell
8 minute read

A dangerous shift is happening online. All around the world, governments are quietly rewriting the rules of internet access. Soon, privacy and anonymity online may become relics of the past.

The UK’s newly enacted Online Safety Act marks a fundamental shift. You now need to verify your identity simply to watch a video, visit a website, or share your thoughts. The Act mandates strict age verification and identity checks for websites and platforms considered to host “harmful” or “adult content”.

But the definition of “harmful or adult content” is deliberately broad, encompassing every social media platform and website hosting user-generated content. This maneuver places all interactive sites under strict regulatory oversight, forcing them to implement identity verification systems. Users must now provide government ID or undergo facial recognition checks, ending the ability to browse, communicate, or consume content anonymously.

Platforms that don’t comply face massive fines. The result is that a vast portion of the internet has been seized under the guise of “safety”, threatening to erase the free and open internet we once knew.

The consequences are cascading. As this becomes increasingly normalized, nearly all platforms face pressure to demand user identification or age verification. This shift represents a major step toward eliminating online privacy. This isn’t about protecting children; it’s about ending anonymity altogether.

Global surveillance surge

If we look at the surveillance initiatives of governments around the world these past few weeks, it’s chilling. In what feels like a sudden, synchronized wave, the entire globe is moving in lockstep towards eliminating freedom on the internet. As well as the UK’s initiative:

  • Canada: A surveillance bill has just been introduced that will significantly expand online tracking. Bill C-2 mandates backdoors in apps and platforms, giving authorities real-time access to your private data and undermining encryption. It also drastically expands surveillance by allowing police warrantless access to personal details like user identities, login history, and online activities.
  • Australia: Has banned YouTube and social media platforms for users under 16, mandated face scans and government ID verification to access major internet services, and is planning to expand these invasive controls to basic online searches, embedding identity checks into everyday internet use.
  • European Union: The proposed Chat Control law will go to a final vote in October 2025. If passed, it will mandate that platforms automatically scan private messages, emails, and stored files for illegal content, including encrypted communications, effectively abolishing end-to-end encryption protections across Europe. Additionally, the Digital Services Act (DSA) requires platforms hosting user-generated content to implement age verification measures, giving platforms a 12-month grace period to roll out strict ID verification systems.
  • Switzerland: Have a surveillance law in the works that will force VPNs, messaging apps, and online platforms to log users’ identities, IP addresses, and metadata for government access, effectively ending online anonymity. Privacy-focused companies like Proton have announced plans to relocate if the law passes.
  • United States: Numerous states are rapidly introducing and passing bills mandating strict age verification and identity checks for social media platforms and other online services, pushing the country toward the same surveillance and identity-control measures seen globally.

This explains the recent wave of platforms suddenly mandating stricter ID checks, like Spotify requiring you to upload your government ID before listening to music, or YouTube using AI to infer your age and enforce restrictions. Even in countries that don’t legally require these measures, companies often roll them out globally because it’s simpler and cheaper to have a single policy everywhere. This forces every country into the same authoritarian policies, whether they wanted them or not.

But these recent requirements didn’t appear overnight. Platforms have been slowly adding more identity verification methods for years. Did all these companies independently decide to create more friction for their users? Of course not. User friction is rarely the goal.

Instead, much of this seemingly voluntary cooperation was a response to implicit government pressure. This tactic is known as “jawboning”.

Jawboning: Silent coercion

Jawboning is informal, behind-the-scenes pressure from lawmakers and regulators. No new legislation is needed. Instead, governments make quiet but clear suggestions.
Officials might tell a tech company, “we’re concerned about misinformation spreading on your platform”, or quietly warn “this app poses a national security risk, you might want to address that before we’re forced to intervene”.
The threat is implicit.

As a result, platforms have been steadily increasing their identity checks, whether through phone number verification that ties accounts to real identities, or directly asking users to submit ID documents.

Governments don’t always need legal authority. Sometimes they simply suggest something strongly enough that compliance is inevitable.

In recent years we’ve seen this tactic intensify, with governments increasingly engaging directly with social media companies to shape moderation decisions. Without formal subpoenas or official orders, platforms receive subtle yet persistent suggestions about the type of content to flag or remove, effectively steering public narratives. This informal pressure quietly influences what users can see and say online.

Some people suggest that this sudden global crackdown on privacy must have been a coordinated and deliberate strike. But there’s a simpler explanation. None of what’s happened this past week appeared out of nowhere. We’ve been setting the stage for years.

After years of incremental normalization, surveillance culture reached a critical mass. Each small change seemed minor and tolerable. Governments nudged. Companies complied. Users accepted. Bit by bit, surveillance became normalized, until we reached a tipping point. When enough incremental intrusions pile up, they set the stage for something much bigger. By the time major restrictions arrived this week, we’d already grown numb to privacy incursions. The world was primed, and now a wave of regulation has swept in almost unopposed.

The cultural shift we must fight

The internet was conceived as a tool for freedom and connection. But almost overnight, it has become a surveillance landscape where every click, view, and conversation is gated by ID checkpoints. Our greatest tool for free expression is now our greatest instrument of control.

We can’t accept this shift passively. The normalization of mandatory identity verification is deeply harmful. Privacy isn’t suspicious or criminal; it’s normal, and we must vigorously push back against these cultural changes.

This is a landslide of lost freedoms, and it’s happened in mere weeks.

Decentralized infrastructure: Our last hope

Decentralization is critical in the fight for online freedom. Centralized systems, such as those mandated by regulations like the UK’s Online Safety Act, provide easy targets for governments to enforce identity checks, age limits, and surveillance. These centralized checkpoints enable extensive monitoring and control. Decentralized infrastructure, on the other hand, distributes control across many independent participants, making it inherently resistant to intrusive mandates and significantly harder for governments to impose surveillance and censorship.

Here are just a handful of powerful decentralized tools already available, each combining decentralization with robust privacy protections:

Bitchat
Bitchat is a Bluetooth Low Energy mesh messaging network launched by Jack Dorsey’s team in July 2025. It enables peer-to-peer communication among nearby devices without requiring internet access, user accounts, or phone numbers. Users can communicate via public channels or password-protected private groups. Bitchat also supports direct private messages secured by end-to-end encryption with forward secrecy, ensuring only the intended recipients can decrypt messages. Additional privacy features include timing obfuscation and dummy traffic to protect metadata, as well as a panic mode that instantly erases all locally stored data. The mesh network becomes stronger, more secure, and more resilient as additional users run the app in proximity.

Meshtastic
Meshtastic uses small radio devices to create local mesh networks independent from the internet, helping resist centralized censorship. Users send either public or private messages. Public messages are visible to everyone, while private channels use a shared encryption key (shared securely outside the app). Meshtastic also supports direct messages encrypted end-to-end via public-key cryptography.

SimpleX chat
A serverless, peer-to-peer messaging app with no identifiers or phone numbers required. All messages are end-to-end encrypted using a double-ratchet protocol. Metadata, contact lists, and message logs remain solely on the user’s device. Private message routing further obscures IP address or network information from relay servers. More participation, by either running relay nodes yourself or using independent relay servers, makes the system stronger and more censorship-resistant.

IPFS (InterPlanetary File System)
Distributed file storage with encryption. Instead of relying on centralized servers, files are split and stored across independent nodes. Once content is pinned to multiple nodes, there’s no single point of failure. IPFS resists censorship because no central authority can easily remove or block files. More participants equals greater redundancy and resilience.

Filecoin
Filecoin provides a decentralized marketplace for data storage. Unlike centralized cloud storage, Filecoin allows users to securely contract with independent storage providers directly through its blockchain, without third-party intermediaries. Files aren’t automatically distributed; instead, they’re stored with specific providers that users contract with directly, and the Filecoin blockchain ensures data integrity through built-in cryptographic proofs verifying providers actually store your data as promised.

Zero-Knowledge proofs (ZK proofs)
Zero-knowledge proofs are a type of privacy-preserving cryptographic validation. Initially pioneered by the cryptocurrency Zcash, ZK proofs have since become essential tools in a wide range of applications beyond cryptocurrency, including decentralized identity systems, secure age verification, and anonymous credentialing. They allow you to prove sensitive attributes, such as being over a certain age, without revealing any personal details, offering robust privacy protections in many digital interactions.

Several decentralized social media platforms have emerged as promising alternatives to centralized giants like Twitter and Facebook. Platforms such as Mastodon, Nostr, Bluesky, and Matrix offer decentralized architectures in theory, spreading control across independently operated servers or nodes. In practice, however, most users currently congregate around just a few widely used nodes, creating potential points of vulnerability. Still, these platforms represent meaningful progress, and I’m genuinely optimistic about the future of decentralized social media. As more people learn to run their own independent servers and nodes, these platforms will grow increasingly robust, resilient, and truly censorship resistant.

Why these tools matter

Together, decentralization and encryption directly undermine the systems that the UK Online Safety Act and similar laws rely on, such as central checkpoints, mandated identity verification, and mass data collection. These authoritarian measures become much harder to enforce when control is distributed, data remains with individual users, and identity can be verified anonymously.

Decentralized technology is still young, and many tools currently lack the polished interfaces and extensive user bases of centralized platforms. You won’t yet find the same network effect as mainstream social networks. But decentralized technology holds immense promise. As governments increasingly mandate backdoors, identity checks, and documentation simply to communicate online, these decentralized alternatives represent the future of digital freedom. Their strength and resilience depend directly on collective adoption: running nodes, hosting relay services, and contributing to open-source development.

The moment to act is now

Privacy isn’t about hiding; it’s about autonomy. Decentralized technologies aren’t mere ideals. They’re practical tools for reclaiming power online. The more widely adopted these tools become, the more robust and resistant they are to centralized control. Let’s actively build, support, and embrace decentralized, encrypted alternatives, and reclaim the internet while we still have the chance.

 

Yours in privacy,
Naomi

Naomi Brockwell is a privacy advocacy and professional speaker, MC, interviewer, producer, podcaster, specialising in blockchain, cryptocurrency and economics. She runs the NBTV channel on Rumble.

TNT is truly independent!

We don’t have a billionaire owner, and our unique reader-funded model keeps us free from political or corporate influence. This means we can fearlessly report the facts and shine a light on the misdeeds of those in power.

Consider a donation to keep our independent journalism running…

OpenAI launches GPT-5 – Here are the new features in the latest ChatGPT model

The future of AI

Published yesterday 15:39
– By Editorial Staff
"GPT-5 is the first time that it really feels like talking to an expert in any topic, like a PhD-level expert", claims CEO Sam Altman during the company's presentation of the new model.
2 minute read

OpenAI released its new flagship model GPT-5 on Thursday, which is now available free of charge to all users of the ChatGPT chatbot service. The American AI giant claims that the new model is “the best in the world” and takes a significant step toward developing artificial intelligence that can perform better than humans in most economically valuable work tasks.

GPT-5 differs from previous versions by combining fast responses with advanced problem-solving capabilities. While previous AI chatbots could primarily provide smart answers to questions, GPT-5 can perform complex tasks for users – such as creating software applications, navigating calendars, or compiling research reports, writes TechCrunch.

— Having something like GPT-5 would be pretty much unimaginable at any previous time in history, said OpenAI CEO Sam Altman during a press conference.

Better than competitors

According to OpenAI, GPT-5 performs somewhat better than competing AI models from companies like Anthropic, Google DeepMind, and Elon Musk’s xAI on several important tests. In programming, the model achieves 74.9 percent on real coding tasks, which marginally beats Anthropic’s latest model Claude Opus 4.1, which reached 74.5 percent.

A particularly important improvement is that GPT-5 “hallucinates” – that is, makes up incorrect information – significantly less than previous models. When tested on health-related questions, the model gives incorrect answers only 1.6 percent of the time, compared to over 12 percent for OpenAI’s previous models.

This is particularly relevant since millions of people use AI chatbots to get health advice, despite them not replacing professional doctors.

New features and pricing models

The company has also simplified the user experience. Instead of users having to choose the right settings, GPT-5 has an automatic router that determines how it should best respond – either quickly or by “thinking through” the answer more thoroughly.

ChatGPT also gets four new personalities that users can choose between: Cynic, Robot, Listener, and Nerd. These customize how the model responds without users needing to specify it in each request.

For developers, GPT-5 is launched in three sizes via OpenAI’s programming interface, with the base model priced at €1.15 per million input words and €9.20 per million generated words.

The launch comes after an intense week for OpenAI, which also released an open AI model that developers can download for free. ChatGPT has grown to become one of the world’s most popular consumer products with over 700 million users every week – nearly 10 percent of the world’s population.

Matrix 8 Pro with GrapheneOS delivers top-class security, privacy and performance

Advertising partnership with Teuton Systems

  • The Matrix 8 Pro from Swedish company Teuton Systems is a flagship phone based on Google's Pixel 8 Pro hardware, but delivered with the privacy-focused operating system GrapheneOS.
  • The result is a smartphone that combines powerful performance, robust construction and outstanding camera quality with market-leading security and privacy protection.
Published yesterday 9:40
Image of the uniquely configured Matrix 8 Pro model from Swedish company Teuton Systems featuring a suite of open-source apps without tracking and with high integrity that replace Google's app offerings.
6 minute read

Here we go through what makes the Matrix 8 Pro unique – from its advanced hardware (including the unique Titan M security chip) to the GrapheneOS advantages, the long lifespan with updates until 2030, praise in reviews, and the pre-installed open alternatives that let you manage without Google’s apps.

Under the shell of the Matrix 8 Pro sits the same impressive hardware as in the Pixel 8 Pro. The phone is powered by the powerful Tensor G3 chip, has 12 GB RAM and a 6.7-inch OLED screen with high resolution and adaptive 1–120 Hz refresh rate. The build feels solid – “Pixel 8 Pro [feels] like a quality build with everything you could want from a phone today” according to Swedish tech site mobil.se.

The construction uses durable materials like Gorilla Glass Victus 2 and is IP68-rated for dust and water resistance, providing good durability for daily use.

The camera setup also maintains absolute top class. The Matrix 8 Pro (Pixel 8 Pro) has a triple camera with, among others, a 50 MP main camera and high-resolution 48 MP ultra-wide and telephoto cameras. The image quality places itself in the absolute top tier among smartphones – photos were already at “a very high level from the start where we kept photo quality among the very best mobile phones”, writes Swedish tech magazine Ljud & Bild in their test. The ultra-wide camera in particular has improved significantly compared to its predecessor, with higher light sensitivity and sharpness.

An important part of the Pixel hardware is also the dedicated security chip Titan M2. This is a separate chip that protects sensitive data and verifies the operating system’s integrity at startup. The Pixel phones’ built-in security chip (Titan M series) provides “a robust level of protection against physical and software-based attacks” which the Matrix 8 Pro benefits from. The combination of Titan M2 and GrapheneOS creates an unusually secure mobile platform where both hardware and software collaborate to protect your data.

Close-up of the model and its solid screen, construction and “camera bump” on the back where the powerful cameras sit with among other things 5x optical zoom, macro and the wide-angle camera.

GrapheneOS: Open source with privacy at the center

Unlike a regular Pixel, the Matrix 8 Pro is delivered with GrapheneOS, an open source operating system based on Android, but without Google components. GrapheneOS is developed with security and privacy as the first priority. Since the system is decoupled from Google’s services and apps, there are no built-in trackers – the user gets a “private and secure environment” that minimizes data to third parties. Strict privacy controls give you full control over apps’ permissions, microphone, camera, location data etc., which greatly reduces the risk of eavesdropping and surveillance.

GrapheneOS also contains a range of security improvements beyond standard Android, such as strengthened sandboxing (app isolation) and memory protection, to protect against both known and unknown threats. All code is open source, which enables independent review and transparency regarding security – a major advantage for those who value trust and insight. Despite GrapheneOS removing the Google parts, users can still run virtually all regular Android apps. Apps that absolutely require Google Play services can be isolated in a separate profile if needed. In practice, you barely notice any difference in user experience compared to a regular Android phone; “the user interface of the Matrix phone is virtually identical to that of a standard smartphone” according to Teuton Systems’ own description. The difference lies behind the scenes – in the significantly higher privacy protection and absence of unnecessary tracking.


Are you interested in Teuton Systems mobile phones and other privacy-secure products? Welcome to visit the website.


Long lifespan with updates until at least 2030

The Matrix 8 Pro is built to last long, both physically and software-wise. The hardware is powerful enough to meet needs for many years ahead, and thanks to GrapheneOS (and the promised long support for the Pixel series) the phone will receive OS and security updates at least until October 2030 and probably longer. This means you can essentially keep your phone for a long time if you wish without falling behind security-wise. The fact is that the Pixel, and thus Matrix series has the longest official support time of all Android phones today, on par with (or longer than) Apple iPhone, especially if you go with the even newer Matrix 9-series.

For GrapheneOS users, this is a major advantage. As long as Google provides the device with drivers and security patches, the GrapheneOS project can continuously release its updates. You thus get the best of both worlds: a more secure Android variant that still keeps up with all important bug and security fixes during the phone’s lifetime. A phone like the Matrix 8 Pro therefore represents a long-term investment – good for both the wallet, the environment (fewer devices need to be replaced) and your security.

The premium model Matrix 8 Pro from Teuton Systems.

Praised by experts and reviewers

That the Pixel 8 Pro (and thus the Matrix 8 Pro’s hardware) maintains high quality is evident in the reviews. Swedish tech site Ljud & Bild writes that “Pixel 8 Pro raises the bar for competitors” and highlights the enormously bright screen, improved camera and the promised years of updates as some of the phone’s biggest pluses. Mobil.se gave the Pixel 8 Pro a rating of 86%, where especially the cameras, performance and long-term software support impressed. Internationally, the model has also received top reviews. PCMag praises the Pixel 8 Pro for its excellent build quality, fine screen and long support – they call it “one of the most attractive Android phones for anyone who likes to go the distance with their device”, thanks to the combination of superb camera and the market’s longest software support.

There is thus broad agreement that the Pixel 8 Pro/Matrix 8 Pro delivers an exceptional overall experience. You get flagship performance, one of the world’s best mobile cameras, and also the security that the device is secured in depth.

Free app alternatives to Google’s ecosystem

To offer a complete experience without Google, Teuton Systems includes a selection of secure, open apps that replace Google’s standard apps. Upon delivery, the Matrix 8 Pro is pre-installed with among others:

  • Organic Maps – a map and navigation app that works completely offline. Organic Maps is open source without trackers, based on community-driven OpenStreetMap. You can navigate, search for places and get directions without your location being logged by Google.
  • Aegis Authenticator – a secure two-factor authentication app for one-time codes (TOTP) that replaces Google Authenticator. Aegis is free, open source and lets you manage your 2FA codes encrypted on the device. It supports backup/export and all common authentication standards, so you can securely protect your logins.
  • Bitwarden – a popular password manager that keeps your passwords encrypted in a private vault. Bitwarden is completely open source and uses end-to-end encryption to protect sensitive information. It can smoothly replace Google’s password manager or proprietary alternatives like LastPass, with support for multiple platforms and synchronization.
  • Thunderbird – a powerful email client from Mozilla that lets you manage all your email accounts in one app. Thunderbird is free and open source and known for being “feature-rich, reliable and secure” as an email solution. By using Thunderbird on mobile, you avoid web interfaces and can collect e.g. Gmail, Outlook and ProtonMail in one place – naturally without ads or data collection.
  • FUTO Voice Input – a privacy-friendly alternative to Google voice input. FUTO Voice is a voice-to-text app that runs completely locally on the device without storing or sending data to the cloud. It enables convenient voice control and dictation (e.g. in messages or notes) without Google listening. FUTO Voice is open source and developed specifically with GrapheneOS users in mind to provide high-quality speech recognition offline. (The company FUTO finances privacy projects like GrapheneOS, which underscores their trust in the platform.)

Together, these apps form a complete ecosystem that respects your privacy. You can navigate, communicate and be productive on the Matrix 8 Pro without needing any Google services. Should you still need something from Google’s world sometime, you can utilize GrapheneOS’s unique multi-account system – e.g. create a separate profile with Play Store for a certain app, isolated from your main profile. But for most users, the free alternatives that come with it go far, which also align completely with Teuton Systems’ openness and privacy principles.

A mobile investment without compromises

Teuton Systems Matrix 8 Pro with GrapheneOS represents a new type of smartphone, where you as a user have control. By combining world-leading hardware – praised for its screen, camera and performance – with the world’s most secure mobile OS, you get the best of both worlds. It’s a phone that is “free from the system” but that lets you live fully in the system: all modern functionality is there, just without the unnecessary background services and snooping.

With its long lifespan, high performance and privacy protection, the Matrix 8 Pro harmonizes perfectly with Teuton Systems’ philosophy of freedom through technology. This is the mobile for you who refuse to compromise on either function or privacy – a serious, premium smartphone that puts your security first.

 

You can find the Matrix 8 Pro in the list of other phones in the Matrix series in Teuton Systems’ web store.

OpenAI opens data center in Norway

The future of AI

Published 3 August 2025
– By Editorial Staff
In Norway, OpenAI is planning to establish one of Europe's largest AI data centers as part of the global Stargate project.
2 minute read

In Norway, OpenAI plans to establish one of Europe’s largest AI data centers as part of the global Stargate project. The facility will be built in the northern parts of the country and operated entirely on renewable energy.

Stargate was launched earlier this year as a comprehensive AI initiative with the goal of strengthening the US dominance in artificial intelligence. The project is a collaboration between American OpenAI and Oracle, along with Japanese SoftBank, with the ambition to build a global AI infrastructure at a cost of up to $500 billion over the next four years. This makes Stargate one of the largest technology investments in history.

First in Europe

On Thursday, OpenAI announced that the company plans to open a Stargate-branded data center in Norway. It will be the company’s first European facility of this kind.

The data center will be located in Kvandal, outside Narvik in northern Norway, and built in collaboration with British company Nscale and Norwegian Aker. OpenAI will function as a so-called “off-taker”, meaning the company will purchase capacity from the facility to power its AI services.

Part of the purpose of this project is to partner with OpenAI and leverage European sovereign compute to release additional services and features to the European continent, says Josh Payne, CEO of Nscale, in an interview with CNBC.

Powered by hydroelectric energy

The data center, planned to be completed in 2026, will house up to 100,000 NVIDIA GPUs and have a capacity of 230 megawatts – making it one of the largest AI facilities in Europe. The facility will be operated entirely on so-called “green energy”, made possible by the region’s access to hydroelectric power.

The first phase of the project involves an investment of approximately $2 billion. Nscale and Aker have committed to contributing $1 billion each. The initial capacity is estimated at 20 megawatts, with ambitions to expand significantly in the coming years.

Spilling the Tea: KYC Is a liability, not a safety feature

Published 2 August 2025
– By Naomi Brockwell
5 minute read

This week, a devastating breach exposed tens of thousands of users of Tea, a dating safety app that asked women to verify their identity with selfies, government IDs, and location data.

Over 72,000 images were found in a publicly accessible Firebase database. No authentication required. 4chan users discovered the open bucket and immediately began downloading and sharing the contents: face scans, driver’s licenses, and private messages. Some users have already used the leaked IP addresses to build and circulate maps that attempt to track and trace the women in those files.

Tea confirmed the breach, claiming the data came from a legacy system. But that doesn’t change the core issue:
This data never should have been collected in the first place.

What’s marketed as safety often doubles as surveillance

Tea is just one example of a broader trend: platforms claiming to protect you while quietly collecting as much data as possible. “Verification” is marketed as a security feature, something you do for your own good. The app was pitched as a tool to help women vet potential dates, avoid abuse, and stay safe. But in practice, access required handing over deeply personal data. Face scans, government-issued IDs, and real-time location information became the price of entry.

This is how surveillance becomes palatable. The language of “just for verification” hides the reality. Users are given no transparency about where their data is stored, how long it is kept, or who can access it. These aren’t neutral design choices. They are calculated decisions that prioritize corporate protection, not user safety.

We need to talk about KYC

What happened with Tea reflects a much bigger issue. Identification is quietly becoming the default requirement for access to the internet. No ID? No entry. No selfie? No account. This is how KYC culture has expanded, moving far beyond finance into social platforms, community forums, and dating apps.

We’ve been taught to believe that identity verification equals safety. But time and again, that promise falls apart. Centralized databases get breached, IP addresses are logged and weaponized, and photos meant for internal review end up archived on the dark web.

If we want a safer internet, we need to stop equating surveillance with security. The real path to safety is minimizing what gets collected in the first place. That means embracing pseudonyms, decentralizing data, and building systems that do not rely on a single gatekeeper to decide who gets to participate.

“Your data will be deleted”. Yeah right.

Tea’s privacy policy stated in black and white:

Selfies and government ID images “will be deleted immediately following the completion of the verification process”.

Yet here we are. Over 72,000 images are now circulating online, scraped from an open Firebase bucket. That’s a direct contradiction of what users were told. And it’s not an isolated incident.

This kind of betrayal is becoming disturbingly common. Companies collect high-risk personal data and reassure users with vague promises:

“We only keep it temporarily”.
“We delete it right after verification”.
“It’s stored securely”.

These phrases are repeated often, to make us feel better about handing over our most private information. But there’s rarely any oversight, and almost never any enforcement.

At TSA checkpoints in the U.S., travelers are now being asked to scan their faces. The official line? The images are immediately deleted. But again, how do we know? Who verifies that? The public isn’t given access to the systems handling those scans. There’s no independent audit, no transparency, and we’re asked to trust blindly.

The truth is, we usually don’t know where our data goes. “Just for verification” has become an excuse for massive data collection. And even if a company intends to delete your data, it still exists long enough to be copied, leaked, or stolen.

Temporary storage is still storage.

This breach shows how fragile those assurances really are. Tea said the right things on paper, but in practice, their database was completely unprotected. That’s the reality behind most “privacy policies”: vague assurances, no independent oversight, and no consequences when those promises are broken.

KYC pipelines are a perfect storm of risk. They collect extremely sensitive data. They normalize giving it away. And they operate behind a curtain of unverifiable claims.

It’s time to stop accepting “don’t worry, it’s deleted” as a substitute for actual security. If your platform requires storing sensitive personal data, that data becomes a liability the moment it is collected.

The safest database is the one that never existed.

A delicate cultural moment

This story has touched a nerve. Tea was already controversial, with critics arguing it enabled anonymous accusations and blurred the line between caution and public shaming. Some see the breach as ironic, even deserved.

But that is not the lesson we should take from this.

The breach revealed how easily identity exposure has become normalized, how vulnerable we all are when ID verification is treated as the default, and how quickly sensitive data becomes ammunition once it slips out of the hands of those who collected it.

It’s a reminder that we are all vulnerable in a world that demands ID verification just to participate in daily life.

This isn’t just about one app’s failure. It’s a reflection of the dangerous norms we’ve accepted.

Takeaways

  • KYC is a liability, not a security measure. The more personal data a platform holds, the more dangerous a breach becomes.
  • Normalizing ID collection puts people at risk. The existence of a database is always a risk, no matter how noble the intent.
  • We can support victims of surveillance without endorsing every platform they use. Privacy isn’t conditional on whether we like someone or not.
  • It’s time to build tools that don’t require identity. True safety comes from architectures that protect by design.

Let this be a wake-up call. Not just for the companies building these tools, but for all of us using them. Think twice before handing over your ID or revealing your IP address to a platform you use.

 

Yours in privacy,
Naomi

Naomi Brockwell is a privacy advocacy and professional speaker, MC, interviewer, producer, podcaster, specialising in blockchain, cryptocurrency and economics. She runs the NBTV channel on Rumble.

Our independent journalism needs your support!
We appreciate all of your donations to keep us alive and running.

Our independent journalism needs your support!
Consider a donation.

You can donate any amount of your choosing, one-time payment or even monthly.
We appreciate all of your donations to keep us alive and running.

Dont miss another article!

Sign up for our newsletter today!

Take part of uncensored news – free from industry interests and political correctness from the Polaris of Enlightenment – every week.