Exposed: Privacy, Power, and the Rise of AI Surveillance

The University of Michigan Undergraduate Law Review (MULR) is proud to collaborate with xCULR, an initiative of the Columbia Undergraduate Law Review’s Digital Initiative division dedicated to advancing collaborative legal scholarship among undergraduate law reviews across the world. This partnership helped produce this piece.

Section I: When Privacy Law Fails: Government Intelligence Whistleblowers and the Espionage Act

In 2010, a senior executive at the National Security Agency (NSA), Thomas Drake, faced ten felony counts in federal court under the Espionage Act. Drake was not a spy or traitor, but had instead spoken to a reporter about a surveillance program he believed was a waste of money and violated private citizens’ civil liberties. The charges were eventually dropped, but the damage done to his personal, professional, and financial life was irreversible. Drake’s case is not an anomaly; rather, it is a predictable outcome of a legal structure that protects government whistleblowers while excluding intelligence employees. The Privacy Act of 1974 was a foundational law, protecting individuals from the misuse of their personal information by government officials. Around the same time, lawmakers created a parallel structure to protect government employees who sought to expose wrongdoing. However, this structure contains a critical blind spot: when national security employees blow the whistle, the law can be used both as a form of protection and harm. High-profile cases, including that of Thomas Drake, have shown the stark contrast between whistleblower protections and criminal secrecy law, a difference that has not yet been resolved by the legal system. Whistleblower protection law is functionally useless in the face of Espionage Act charges, particularly in high-profile cases, where national security is deployed as a political shield against accountability. In order to understand why, we need to look at formal protections and their gaps.

Since the 1980s, Congress has passed several laws which protect government employees reporting misconduct. The Whistleblower Protection Act of 1989 defends employees who disclose information through lawful channels, while the Whistleblower Protection Enhancement Act of 2012 extends that protection to include more disclosures. On paper, these laws show a vital commitment to protection for federal employees, providing a wide option of disclosure methods and protection for those who disclose. In practice, they contain a large gap by excluding government intelligence employees. 

Instead, intelligence employees working for the NSA, CIA, or one of sixteen other intelligence agencies are protected under the Intelligence Community Whistleblower Protection Act of 1998 (ICWPA). The ICWPA provides a process for employees to raise concerns, primarily with the ability to disclose information to the Inspector General, where it may be reviewed by congressional intelligence committees. The exclusion of intelligence employees was not accidental, but a deliberate choice because of the sensitive nature of some classified information. Whether sacrificing anti-retaliation protections for the sake of national security is justified is debatable. This parallel structure tells intelligence employees how and when they should speak, but does not protect them once they have done so. Workers who follow the ICWPA’s methods of disclosure can be fired, charged with a crime, or stripped of their security clearance without meaningful legal recourse. The law even goes beyond disadvantaging whistleblowers by leaving them exposed to prosecution.

The Espionage Act of 1917 was never designed with intelligence whistleblowers in mind, but has increasingly been used against them. The law was originally intended to prevent interference with military operations and national defense information. For much of the 20th century, the Act was used as intended: a rare tool to prosecute spies and foreign agents. However, the broad language of the law, initially meant to give the government the leeway it needed to protect national security, has been increasingly used against whistleblowers. This is possible due to the fact that the Espionage Act does not require the government to prove that the accused intended to harm the United States. Additionally, the Act does not provide defendants the opportunity to argue that their disclosures could serve the public interest. In short, motive plays no role, as the government needs only to prove that information was disclosed improperly. This lack of distinction between intelligence whistleblowers and spies creates a critical asymmetry in the application of the law.

Drake’s case illustrates how the framing of disclosure as a concern of national security can lead to suppression rather than protection. Drake raised concerns internally in the early 2000s about a surveillance program called Trailblazer, which he viewed as a violation of civil liberties and a waste of taxpayer money. When reports about the failure of Trailblazer were not made public, he took his story to the Baltimore Sun, avoiding disclosure of classified information. In response, the Department of Justice (DOJ) charged Drake with “illegally retaining classified information, obstructing justice, and making false statements.” Critically, he was charged under the Espionage Act. The DOJ eventually dropped the Espionage Act charges, and Drake pled guilty to one misdemeanor count unrelated to the original allegations. He did not serve prison time, but the government did not need a conviction to discourage other potential whistleblowers. Despite following the proper channels, Drake’s whistleblowing led to years of litigation and the end of his career. When the government can use espionage charges as a means of deterrence, then national security becomes a political standard rather than a legal one.

The state of the law confronting intelligence community whistleblowers is one of contradictions. While Congress formally recognizes the importance of whistleblowing in providing information about government waste or abuse, it has excluded employees who have the most consequential information and allowed a statute to treat whistleblowing as if it were espionage. Potential avenues for reform are not without their challenges. A narrowing of the Espionage Act by providing an opportunity for whistleblowers to use a public interest defense or requiring the prosecution to prove harmful intent would likely face significant resistance from senior intelligence officials and courts. The government also has little incentive to participate in reform that would make it easier for employees to whistleblow. Until protection is made explicit, intelligence employees will continue to be discouraged, through both de facto and de jure practices, against disclosure.

By Eve Bertrand, from CULR

Section II: Advancing U.S. Surveillance as a Tool Against Visa Recipients 

The second Trump Administration expressly ordered United States diplomats to screen the social media usage of all foreign nationals applying to student and educational visas; by late 2025, the administration had revoked 85,000 visas across all categories, nearly four times the rate of the previous year. While much attention has been given to the First Amendment implications of excluding foreign nationals on ideological grounds, the underlying surveillance that makes this exclusion possible demands equal scrutiny. The First and Fourth Amendment concerns presented by the increased surveillance of visa applicants are necessarily intertwined as surveillance allows ideological exclusion that the First Amendment would otherwise prohibit. 

The status of noncitizens in privacy law has always been defined by its murkiness. In Katz v. United States (1967), the Supreme Court established that the Fourth Amendment protects against warrantless searches whenever a person has a reasonable expectation of privacy. However, Smith v. Maryland (1979) limited Katz by establishing that there is no "reasonable expectation of privacy” in information voluntarily shared with third parties. As such, most of the data collected online has been understood as not falling under the purview of the Fourth Amendment. While Smith’s third-party doctrine leaves individuals without Fourth Amendment protections over their digital data, neither Katz nor Smith distinguishes between citizens and noncitizens. The additional vulnerability for noncitizens comes from Thuraissigiam, which limits their constitutional protections entirely.

In Department of Homeland Security v. Thuraissigiam (2020), the Supreme Court reaffirmed Thuraissigiam’s expedited removal, holding that noncitizens at or near the border possess only statutory rights granted by Congress, not the full constitutional protections afforded to United States citizens. This is not an isolated finding but is rooted in longstanding precedent under the Plenary Power Doctrine, which holds that the political branches of the Legislature and Executive have nearly unchecked authority over regulating immigration matters. Without a right to a reasonable expectation of privacy under the Fourth Amendment and the longstanding precedent of the Plenary Power Doctrine, noncitizens are more vulnerable than ever to overreaches by the U.S. government when applying for visas while still abroad. 

The legal framework governing noncitizen privacy was built upon physical entry points, but digital surveillance has expanded the government’s reach far beyond the physical ports of entry. In the modern day, the State Department’s means of gathering applicants’ information has diffused across privately held data on many digital platforms. In late December 2025, the Department of State expanded social media screening for H-1B applicants and their H-4 visa dependents, F, M, and J nonimmigrant visas. This expansion also came with instructions that all social media profiles must be set to “public.” With this, the State Department essentially forces applicants to waive any online privacy interest before they have the legal standing in the United States to claim some right to privacy. 

Furthermore, this requirement for social media accounts has led to discrimination based on applicants' viewpoints. In an internal memo, the Department of State instructed consular officers to thoroughly review applicants' LinkedIn content and deny visas to anyone found “responsible for, or complicit in, censorship or attempted censorship of protected expression in the United States.” In practice, however, the memo has been used to deny the visas of many working in trust and safety, a field encompassing content moderation and online safety in the technology sector, effectively punishing the very people working to protect free expression in the name of protecting free expression. By targeting applicants based on their professional work rather than any identifiable security threat, these denials constitute viewpoint discrimination. However, applicants have little recourse: without Fourth Amendment protections and under the doctrine of consular nonreviewability, established in Kleindienst v. Mandel (1972), which limits judicial review of visa denials to whether the consular officer provided a “facially legitimate and bona fide reason,” those denied on viewpoint-discriminatory grounds are left in a legal vacuum. 

Beyond the bias against those working in the technology sector, the use of social media screenings has become a proxy for ideological vetting across a wide range of political affiliations and professions. In American Association of University Professors v. Rubio (2025), the United States District Court for the District of Massachusetts ruled that noncitizens have a right to freedom of speech that could not be abridged despite the government’s efforts to revoke the visas of and deport noncitizen students and faculty. While this decision importantly suggests constitutional limits for the ideological exclusion of noncitizens, it is essential to consider how its reasoning is tied to the physical presence of these student and faculty activists within the United States. Thuraissigiam establishes that noncitizens at the border and abroad lack constitutional protections, while this case demonstrates how those same protections become available the moment a noncitizen is physically present in the United States. For visa applicants located abroad, the First Amendment protections cited by the district court are largely unavailable. Any political ideologies showcased on applicants’ social media accounts remain at risk for viewpoint discrimination without clear constitutional constraint. As the protections of the Constitution are largely unavailable before entering the country, viewpoint discrimination against visa applicants abroad cannot be meaningfully challenged in the United States, despite the First Amendment’s prohibition on government viewpoint discrimination applying in every other domestic context. 

The limits of the Fourth and First Amendment have come to a head with digital surveillance becoming a larger focus of the U.S. immigration system. For visa applicants, the stakes of visa denials are concrete: loss of education, employment, family reunification, and more. While this increased digital surveillance may be legally permissible, the combination of the Plenary Power Doctrine, consular nonreviewability, and the territorial limits of constitutional rights creates a zone in which the government may act free from meaningful First Amendment scrutiny. With the Supreme Court reaffirming that noncitizens located outside of the United States possess only rights granted by statute, viewpoint discrimination utilizing evidence obtained from applicants’ social media becomes inevitable under the current legal framework. Closing this gap would require either congressional legislation extending statutory privacy protections to visa applicants abroad, or judicial willingness to narrow the doctrine of consular nonreviewability to permit review of viewpoint-discriminatory denials. Without either, the government will continue to operate in a constitutional vacuum of its own making. 

By Gabi Fabozzi, from CULR

Section III: Your Privacy Abroad & International AI Regulation Efforts

The rapid development of artificial intelligence (AI) systems beginning in the 2020s has given rise to debates over how world governments should regulate its use. Central to this debate is the implementation of AI in law enforcement through the use of predictive policing, which is the use of machine learning to predict crime and attempt to proactively deter it based on historical data. Proponents of AI implementation argue that it allows for large datasets to be analyzed very quickly while also identifying the root causes and indicators of crime, separating itself from traditional tools which cannot offer these insights. Opponents, meanwhile, argue these root causes and indicators of crime that AI offers are marred by the historical biases these programs are trained on, and implementation through facial recognition and other biometrics unfairly infringes upon personal privacy. This article compares AI policing regulations in the European Union (EU) and Argentina, arguing that the EU’s authorization-based framework is more compatible with Fourth Amendment protections in the United States (U.S.) than Argentina’s surveillance-first approach. 

The EU was among the first governments to introduce and implement comprehensive regulations surrounding AI usage. First introduced in 2021, the EU AI Act established a risk-based classification system for AI systems with regulations growing increasingly stringent as the risk level rises. Risk is divided generally into two categories—high-risk and prohibited systems—allowing AI models that fall outside of those defined categories to operate without regulation, so long as they do not become high-risk or prohibited in the future. High-risk systems are broadly defined as those meant to automate or improve tasks previously done by people. Notably, any system that profiles people based upon their personal or identifying characteristics, excluding biometrics, are automatically considered high-risk. Prohibited systems are those which exploit people based on immutable characteristics or categorize people according to their biometric or actions, including social scoring–the act of using AI systems to assign numerical scores to individuals based on behavior, characteristics, or interactions with others or their surroundings.

While AI biometric identification systems are broadly prohibited under the EU AI Act, Article 5 states police are allowed to use the systems in urgent situations–defined as situations in which there is a substantial and imminent threat to a person or persons–where irreparable damage would be caused without its use. In these special use cases, police must obtain special judicial or independent administrative (i.e. non-police agency) authorization. In cases where the system must be used without prior authorization, the police must request authorization within twenty-four hours. If authorization is rejected, the police must immediately cease using the system and delete all data related to its use, including outputs. This authorization requirement reflects the same constitutional principle underlying the Fourth Amendment’s warrant requirement that an independent judicial check must stand between the state’s surveillance power and the individual.

On the other hand, Argentina has introduced legislation similar to the EU AI Act that seeks to regulate AI systems to increase transparency and protect individuals’ freedoms. However, their implementation of AI within their police force versus their judiciary is strikingly different. In 2024, the Argentinian Ministry of Security issued Resolution 710/2024, which ordered for the creation of an Artificial Intelligence Unit Applied to Security (UIAAS). The unit would be responsible for patrolling the dark web to investigate crimes and find perpetrators; analyzing real time surveillance images to detect criminal activity or identify wanted and missing persons with facial recognition; and using historical data to predict future crimes.

It is clear that Argentina and the EU have taken dramatically different approaches to AI implementation in the legal field. In the EU, AI system implementation in policing is strictly regulated, requiring judicial or administrative authorization before it can be used. Meanwhile, Argentina has created a unit within its security department which is responsible for implementing AI for both crime prevention and prediction. These methods of AI implementation represent opposite ends of the regulatory spectrum, where Argentina falls on the side of openly embracing the new technology, while the EU is more cautious and strict in their regulation. 

In terms of personal privacy rights, the EU’s cautious implementation offers increased security. This is because it forces the government to ask for permission before its agencies can implement technologies to analyze specific persons' biometric data. Additionally, the implementation of otherwise prohibited AI systems requires a thorough assessment of individual’s rights and freedoms to ensure they are not being infringed upon. In Argentina, AI is always implemented through the UIAAS. This unit is responsible for maintaining AI systems that use real-time biometric data, specifically facial recognition, to detect active crimes and identify suspects. Furthermore, the AI system uses historical data to predict how and where crimes may happen in the future, allowing the UIAAS to increase surveillance in the area.

In utilizing real-time biometric data to predict future crimes, Argentina is delving into the private lives of its citizens and essentially committing a search of their persons. This starkly contrasts from precedent on privacy in the U.S. as established in Katz v. United States (1967), which introduced the protection of an individual’s reasonable expectation of privacy, preventing search and seizure without a warrant if a person is reasonably expected to have privacy. Carpenter v. United States (2018) strengthened this principle by holding that aggregated digital data, even when derived from public behavior, requires a warrant. If Argentinian methods were to be applied to the U.S., this ruling would seem to fundamentally disallow the collection and analysis of real-time biometric data without a warrant as it would be indiscriminate between public and private areas.

Predictive policing, as authorized by Argentina, allows for guesswork to tangibly impact people’s lives. It has been shown to lead to over policing, as past crime data is used to guide modern policing initiatives. Similarly, using predictive AI as the basis for legal cases would amplify the historical biases present in the model’s source information as the AI systems look for patterns and similarities between cases. This biased information would be an amalgamation of historical information rather than pertaining to a specific case, failing to reach the probable cause requirement for obtaining a warrant, further complicating the implementation and use of real-time biometric surveillance. 

Racially biased overpolicing is already a pervasive issue in the U.S., and following the Argentinian model of using historical data to predict future crimes would exacerbate this issue. To uphold Fourth Amendment protections and prevent racially biased overpolicing, the U.S. should require judicial authorization before any deployment of AI biometric surveillance, following the EU’s authorization-based model rather than Argentina’s unsupervised approach. This system would work best as a national regulatory framework as it would avoid questions of selective implementation throughout the states which could raise Fourth Amendment claims. 

By Samuel Penn, from MULR

Section IV: The Threat of AI Generated Deepfakes and Barriers to its Regulation

Artificial intelligence (AI) is in the hot seat, with the “age of AI” fast approaching. Deepfakes refer to machine-generated images, videos, and audio that replicate realistic digital likenesses of individuals. This technology is especially powerful in its ability to disrupt intimate personal lives and threaten greater political securities. AI generated deepfakes jeopardize human dignity and democracy while decisions from United States v. Alvarez (2012) and Kohls v. Bonta (2024) use the First Amendment doctrine to protect this AI content without accounting for its realistic likeness. Emerging legislation, like the Take It Down Act, is not equipped to manage the swift domination of AI due to its inability to tackle a large scope.

Deepfakes are an issue that propels the rampant spread of disinformation, pose security risks, encourage financial crime, and escalate sexual violence. Simply training individuals to be aware of AI is not a viable solution, as synthetic media has become so advanced that our senses alone cannot decipher truths. One study explicitly states that the spread of false information, otherwise known as fake news, “cannot be regulated by law because the limit is placed on freedom of expression and speech,” even though it is a danger in society. Supreme Court precedent maintains that false statements are constitutionally protected unless they cause a narrow, recognized legal harm, like defamation or fraud. In United States v. Alvarez (2012), the Supreme Court struck down the Stolen Valor Act—a federal law prohibiting falsehoods on receiving military honors—because strict scrutiny was used on this content-based law to establish it was not narrowly tailored to align with the government’s mission of upholding integrity in the military honors system. Lower courts followed this precedent, often invalidating state laws regulating false content in political advertisements. However, once individual likenesses are involved, the question of privacy and consent enters the equation, creating a similar legal debacle involving strict scrutiny. The sexual exploitation of victims through deepfakes has grown unbridled.

Specifically, one study conducted by Deeptrace found that “96 percent of the total deepfake videos online” are non-consensual deepfake pornography. On May 19, 2025, the Take It Down Act was signed into law by President Donald Trump, criminalizing the nonconsensual publication of intimate images and videos, including digital forgeries. Congress previously passed a related law, the 2022 Violence Against Women Act (VAWA), that allows depicted individuals to sue the disclosing party in federal court, while not including information for digitally altered content. Since the Take It Down Act does not amend VAWA, it is up to the courts’ discretion whether intimate digital forgeries should be included when enacting VAWA. By not explicitly addressing digitally altered content, VAWA leaves victims without sufficient legal tools and agency. The Take It Down Act represents a breakthrough in revenge porn laws containing restrictions for intimate deepfake content and more inclusive legal protections. Meanwhile courts currently debate whether to extend pre-existing statutes originally meant for authentic images to include synthetic content.

Given the severity of leaving deepfakes legally unchecked, delaying further action is dangerous. Many legislators, activists, and other stakeholders have advocated for the regulation of deepfakes. However, overcoming conflict stemming from incompatible decisions and actions from different branches and levels of government halts substantial progress, along with knowing this uncharted territory is developing faster than legal actors can manage. Attitudes and opinions are still forming given AI’s unfamiliarity, leading to uncertain legislative trajectories. The possibility that future federal legislation could preempt state laws under the Supremacy Clause creates a chilling effect on state action, as legislators weigh whether their efforts will survive or be displaced by a federal framework that does not yet exist. 

Furthermore, governmental and political actors are battling it out in the courts, leading to new judicial developments. Before the 2024 presidential election, California passed Assembly Bill 2839, which is considered the most aggressive U.S. law regulating AI content. The law bans deepfakes of political candidates running for office, a direct response to Elon Musk sharing an altered deepfake video of Kamala Harris’s presidential campaign advertisement. In the video, a deepfake of Harris calls herself the “ultimate diversity hire” among other preposterous commentary. While circulated by Musk, right-wing content creator Christopher Kohls created the video and filed a court case challenging its strike down from AB 2839. In Kohls v. Bonta (2024), the United States District Court for the Eastern District of California declared the bill unconstitutional, violating the First and Fourteenth Amendments due to its restrictions on core political speech. The standards for setting mandatory disclaimers on deepfakes were considered vague, prematurely stifling content creation. Overall, AB 2839 failed strict scrutiny because it was not narrowly crafted to maintain electoral integrity. The deepfake video was declared a protected parody under the First Amendment. The Supreme Court’s precedent of protecting false speech under existing First Amendment doctrine allows hyperrealistic deepfake content, which is more likely to deceive viewers than traditional parody, to receive the same free speech protections as clearly distinguishable satire. Hyperrealistic deepfakes undermine the presupposition that a reasonable viewer could clearly categorize a parody as fiction. The consequences of harmful traditional parody are less severe than that of hyperrealistic deepfakes, so applying the same free speech precedents does not make sense and only reveals the judicial system’s flawed methods of applying the First Amendment.

The fallout of Kohls v. Bonta highlights contention regarding whether to regulate deepfake content and how. This case demonstrates the inability of the current legal precedent to effectively regulate deepfakes because freedom of speech before AI did not concern itself with putting words into someone else’s mouth. If Kohls’ parody was created without deepfake technology, there would be little doubt that Harris performed the actions in the video. Courts should give synthetic parody distinct standards from traditional parody because its circulation causes graver social, political, and economic effects. While the Take It Down Act is revolutionary to the incorporation of digital forgeries in law, it only covers one corner of the problem. Political deepfakes, commercial exploitation, and disinformation all remain unaddressed, and as long as courts treat synthetic media the same as traditional speech, the gap will only widen as the technology improves. 

By Tara Wasik, from MULR

This piece was edited by Qizhen (Kiara) Ba and Jasmine Rocha from CULR, and Arjit Agarwal and Kathleen Fredericks from MULR.