To get actual answers (at least during sane political administrations), the System of Records Notice (“SORN”) is what you want. Whereas the info sites for these programs are typically useless, SORNs are the authoritative document that the federal government issues to identify and characterize systems that store records about data subjects, and include information about retention polices, exceptions, etc.

The last I read the SORN for TSA’s facial recognition, they did commit to deleting identifiable data within 24 hours.

CBP operates their facial recognition under a different SORN, and there are many more caveats, although they also commit to deleting identifiable data within 24 hours for US citizens (only).

That was in late 2024 anyway.

Something being illegal is not a blank check for unchecked surveillance.

I am endlessly frustrated about that.

A good friend of mine who also works on tech is utterly disconnected from current events. Whenever I offer a discussion or say “hey did you hear about X?” his response is always skepticism that such a thing could occur. He has a newborn and now he’s even more disconnected (somewhat more understandable given the child).

It seems like a lot of people in tech are like that, or increasingly like that. I have a diverse stable of publications, journalists, subject matter current events podcasters, and other sources in my feed readers and my circle. Sitting between these things, it seems like there is a widening gulf.

> More surveillance will mean more opportunities for parallel construction, so they will be able to "justify" more murders.

— Sent from my Palantir employee device

(Satire, if not obvious.)

A client of mine pushed her business expenses through a Chase account. She banked with them too.

She traveled to the “wrong” country. A country that is not and was not embargoed or sanctioned. A country that the US is/was on good terms with. She had been there and used her Chase card previously. She didn’t do anything out of the norm.

Chase closed all her accounts with no notice while she was traveling and refused to provide a reason. I told her to sit on my invoices while she scrambled and got things sorted out.

It took months. They refused to send her the balance of her asset accounts until she threatened to sue them and air the calls she recorded.

I have kept a healthy distance from relying on Chase ever since.

That’s the Amazon Store Card, which (at least used to) only works on Amazon.com.

The Prime credit card is issued by Chase. I closed mine and stopped patronizing Amazon.com around the time Bezos started meddling with the Washington Post, so I may be out of the loop on how things work now.

An iPhone is required. You can pay for things with Apple Pay, but there’s no Wallet interface on iPadOS.

Given that I have an Apple Card, this is a chief annoyance. GS/Apple extended an insane credit limit to my household but we’ve never used more than about 6% of that and the benefits aren’t any better than any of our other cards.

My spouse’s reaction to the news of the move to Chase was basically “so I guess we do know when we’ll finally close that account.”

I used to host my own email, but eventually moved to Fastmail. I have to communicate with a number of professionals that work for companies using fairly aggressive third party archiving and filtering solutions (for example, Proofpoint). Keeping my email server on long-term clean IPs in ranges where one other customer didn’t ruin the entire range became a real hassle.

Several such of the larger providers in that space won’t allowlist single IPs if you can’t prove administrative control of the subnet. Alas, I don’t have my own network allocation.

Part of me misses self-hosting. Part of me is glad that I don’t have to manage that anymore, given the growing number of other services, hosts, and network space I manage.

A compromise that may be acceptable is to relay outgoing mail through a commercial provider like AWS or Mailgun. The vast majority of my email is inbound, so even using a relay for better deliverability wouldn't affect my privacy much.

We’ve had AI for decades, just not the kind of low-value, high-priced slop generators that are synonymous with AI today.

I assume Google just wants to rebrand Bayesian analysis as “AI” so it can claim it’s been doing that for decades.

I don’t have any complains with contact management on iOS with Fastmail. Apple’s CardDAV and CalDAV implementations are way better than they used to be. What issues are you seeing?