FRESH

Hacker News

Home

OpenAI, the US government and Persona built an identity surveillance machine

606 points by rzk

by dylan604

6 subcomments

"what is Fivecast ONYX? an AI-powered surveillance platform purchased by ICE for $4.2 million and CBP for additional license costs. according to Fivecast’s own documentation and EFF’s reporting, they do automated collection of multimedia data from social media and dark web, build “digital footprints” from biographical data, tracks shifts in sentiment and emotion, assigns risk scores, searches across 300+ platforms and 28+ billion data points, identifies people with “violent tendencies”"
Glad to know that my tinfoil hat wasn't too tight when social media came to be and this obvious use was predicted. How quickly will not having social media accounts become a crime?

by cloverich

3 subcomments

Going to copy paste my comment from today's other thread[3] that linked to this:
Note also there's a direct response from Persona's security team here[1], and a lot of back and forth from Rick on Twitter[2].
[1]: https://withpersona.com/blog/post-incident-review-source-map...
[2]: https://x.com/Persona_IDV/status/2025048195773198385?s=20
[3]: https://news.ycombinator.com/item?id=47136036

by cedws

4 subcomments

Governments in Europe should be seriously scrutinising this with the background conversation of departing American tech going on. Discord users globally were being coerced into handing over their ID to this American surveillance tech. Are we just going to let this go on?

by 4midori

2 subcomments

In response to a data request, Persona says:
Hi there,
Thank you for reaching out to Persona.
Please note that Persona primarily operates as a "service provider" or "processor" for its customers. We act as a "business" or "controller" only for specific services, such as identity verification for LinkedIn, FoxCorp, and Reusable Persona. To learn more about how Persona manages your personal data, please refer to our privacy notices, which can be accessed through the following link: https://withpersona.com/legal/privacy-notices
If you wish to exercise your privacy rights related to services where Persona is a "service provider" or "processor," please contact the entity using our service, as they are the "controller" of the data. We will assist the relevant customer to fulfill your data subject rights, but we do not handle such requests directly on their behalf.
For any privacy rights request related to services where Persona acts as a "business" or "controller," including identity verification for LinkedIn, FoxCorp, Reusable Persona, and personal data related to our sales, marketing activities, or website browsing on withpersona.com, please use our Data Subject Request (DSAR) available at the following link: https://withpersona.com/dsar
For all other inquiries, we will respond as soon as possible.
###
TL;DR we're not responsible, go talk to LinkedIn.

by edverma2

4 subcomments

This is a hilarious personal website! Love it. Even better that it's paired with quality content.

by raincole

1 subcomments

https://withpersona.com/customers/openai
Persona's side of the story.

by Havoc

1 subcomments

Wonder how many lists I'm on for the unholy sin of saying the glorious american leader is a moron

by tiffanyh

1 subcomments

Isn’t this just normal KYC (for account opening).
What am I missing?
https://withpersona.com/customers/openai

by pharos92

10 subcomments

It seems like at every technological step, we're sold the dream and delivered the meme. We always end up with the worst possible combination of players, ideas and outcomes; with the promise of what the said technology delivers in terms of additional freedom or free time never realised. How many more broken social contracts can society endure before it crumbles?

by gslepak

2 subcomments

Does someone have a version that doesn't force you to listen to unwanted music?

0 subcomment

by Ancalagon

12 subcomments

Why do so many engineers willingly build things bad for society?

by emsign

0 subcomment

Websites with sound are a big no-no.

by yoyohello13

1 subcomments

This website really is incredible!

by MattDaEskimo

2 subcomments

What can those do from a separate country, who unfortunately had their identity verified through Persona (LinkedIn in my case).

by rambojohnson

0 subcomment

"We weren’t hacked" is doing PR triage for "we exposed sensitive internal implementation details." Spy company semantics are always incredible. The house didn’t burn down, it just leaked gas.

by int32_64

1 subcomments

Based on the Anthropic distillation news yesterday I wonder if the AI companies are going to get much tighter with KYC.

by Kiboneu

2 subcomments

> OpenAI’s disclosures reference biometric data stored “up to a year.” the source > code shows face list retention capped at 3 years. government IDs retained > “permanently” per Persona’s practices. which is it?
I keep saying this. This is the playbook -- everything is moving to standardize Sam Altman's biometric authentication cryptocurrency company to use internet services. This has been a slow moving strategy for /years/ and every new step over that period only get closer, not further from this goal.

0 subcomment

by ArchieScrivener

3 subcomments

Why the myspace music?

by LiamPowell

0 subcomment

Another downvoted comment asks if this is all LLM output. While I don't think all of it is, chunks of it have LLM smells so I wanted to point those out as the author or other readers may find it useful:
The ASCII flowcharts all contain jagged vertical lines. This is the biggest indicator of LLM output as no human would ever produce that. You can simply see with your eyes that it's wrong if you even glance at it.
> there’s no way for us to prove that they don’t have access to all of that data anyway. we can only assume that they don’t have access to all of that data. but if you want my two cents, they probably do.
This doesn't quite read as LLM output but it makes the whole article look like a conspiracy theory.
> after trying to write a few exploits, vmfunc decided to browse their infra on shodan. it all started with a Shodan search. a single IP. 34.49.93.177 sitting on Google Cloud in Kansas City. one open port. one SSL certificate. two hostnames that tell a story nobody was supposed to read:
> and the company that runs all of this is the same one that takes your passport photo when you sign up for ChatGPT. same codebase. same platform. different deployment. same facial recognition. same screening algorithms. same data model.
> and as always, the information wants to be free. we didn’t break anything. we didn’t bypass anything. we queried URLs, pressed buttons, and read what came back. if that’s enough to expose the architecture of a global surveillance platform… maybe the problem isn’t us.
These all absolutely stink of LLM writing patterns.

by 5o1ecist

0 subcomment

I ask for forgiveness, but ...
The 90s called, THE CAT HUNTS THE MOUSE! :D :D

by sebastianconcpt

2 subcomments

Quite some time ago I said and now repeat:
Convenience is to humans, what bulb lights at night are to bugs.

by Ms-J

0 subcomment

Any time you "verify" your identity you are giving it to scum bags such as this.
Your biographic data will leak to every hacker and every government world wide.

by baddash

2 subcomments

thank god there's an annoying fucking cat in the way of what i'm trying to read

by fdefitte

2 subcomments

[dead]

by newzino

0 subcomment

[dead]

by dang

0 subcomment

Comments moved to https://news.ycombinator.com/item?id=47140632.

by fintech_eng

0 subcomment

[dead]

by tinfoilhatter

1 subcomments

[flagged]

by RiverCrochet

5 subcomments

[flagged]

by ms170888

5 subcomments

[flagged]

by tamimio

0 subcomment

> 0x18 - betrayal
This is the most important section, as the above ones any privacy-conscious person would assume most anyway. I did mention before that we need an open-source platform that tracks the people who work and build such systems. Those are the enablers who have no morals or ethics - a greedy corporation is always greedy, but when the average employee is willing to work full time on building such systems, they need to be exposed publicly, just as they are working relentlessly on violating private people's privacy. It isn't about public humiliation; it's about basic human decency and maintaining a minimum ethical code to abide by. These individuals shouldn't be hired or dealt with, not even a simple connection on LinkedIn.
These individuals are dangerous. They are like rats among us and should be exposed, and I bet some of them are reading this as well.

by tr_alts

4 subcomments

The right wing went full censorship and surveillance after the Charlie Kirk assassination. It is probably not a coincidence that they targeted Discord first, because the suspect was in a Discord group.
They promised freedom of speech and liberty and this is what we get.

by standardly

1 subcomments

Author was doing such a good write-up, until I saw repeated AI syntax "its not x, but y" and "a is b. b is c. and, c is the final thing in this series of short, punchy sentences". Really tired of this. Why is it so hard to just write naturally? Maybe I'm just easily triggered

by FarmerPotato

1 subcomments

Is this whole unreadable article just the output from an AI prompt describing a techno-thriller?

by jtbayly

1 subcomments

[flagged]