A U.S. soldier who recently pleaded guilty to hacking AT&T and Verizon communicated with an email address that he believed belonged to a foreign country’s military intelligence service and attempted to sell the service stolen data, according to newly filed court records reviewed by 404 Media. The court document also says that the soldier searched for “U.S. military personnel defecting to Russia.”

The court filing in the case of Cameron John Wagenius, who used the handles kiberphant0m and cyb3rph4nt0m, discusses Wagenius’ unlawful posting and transferring of confidential phone records, including records belonging to high-ranking public officials. 404 Media previously revealed how hackers linked to the AT&T breach mined it for records associated with members of the Trump family, such as Melania and Ivanka Trump, Kamala Harris, and Marco Rubio’s wife. The court document does not say what specific data Wagenius tried to sell to the foreign intelligence service, or who that data belonged to.

The news further stresses the catastrophic nature of the AT&T breach and its national security implications, which saw hackers make off with “nearly all” of AT&T’s customers’ calls and text metadata records across a several month period. The news also signifies how some participants in the Com, a nebulous community of mostly English speaking hackers, fraudsters, and violent criminals that coalesce on Telegram and Discord, and which Wagenius was associated with, are crossing paths with powerful international entities. 404 Media previously reported SIM swappers in the Com have worked with an Eastern European ransomware gang.

“As discussed in the government’s sealed filing, the government has uncovered evidence suggesting that the charged conduct was only a small part of Wagenius’ malicious activity,” the court record, filed on Wednesday, reads. “For more than two weeks in November 2024, Wagenius communicated with an email address he believed belonged to Country-1’s military intelligence service in an attempt to sell stolen information. Days after he apparently finished communicating with Country-1’s military intelligence service, Wagenius Googled, ‘can hacking be treason,’” the document continues.

That section does not name the specific country. But a further section says that Wagenius searched for “U.S. military personnel defecting to Russia.” It then says “He also searched for information about defecting to Country-1, the country to which he attempted to sell stolen information in November,” suggesting that Country-1 is Russia.

A footnote in the document says that the U.S. government has not verified whether the email address actually belongs to Country-1’s military intelligence service. “What is significant, however, is that Wagenius believed that it did,” the document says.

AT&T did not immediately respond to a request for comment.

We start this week's episode with Joseph finding out someone basically ripped off his book with a potentially AI-generated summary. Emanuel also updates us on some of the impact his reporting on AI in libraries has had. After the break, Sam tells us all about a Y Combinator supported startup that is straight-up dehumanizing factory workers. In the subscribers-only section, we talk about an apparent act of protest from inside the U.S. government involving an AI video of Musk and Trump.

Listen to the weekly podcast on Apple Podcasts, Spotify, or YouTube. Become a paid subscriber for access to this episode's bonus content and to power our journalism. If you become a paid subscriber, check your inbox for an email from our podcast host Transistor for a link to the subscribers-only version! You can also add that subscribers feed to your podcast app of choice and never miss an episode that way. The email should also contain the subscribers-only unlisted YouTube link for the extended video version too. It will also be in the show notes in your podcast player.

• SXSW event information
• A Slop Publisher Sold a Ripoff of My Book on Amazon
• Y Combinator Supports AI Startup Dehumanizing Factory Workers
• AI Video of Trump Sucking Musk's Toes Blasted on Government Office TVs

Like some (many? most? all?) authors I sometimes check how my book is doing on Amazon and other booksellers. Recently while doing that, I came across another listing on the online retailer: “SUMMARY OF JOSEPH COX’S DARK WIRE,” referring to the book I spent years researching, investigating, and writing. It cost $4.99.

Curious whether this product was an AI-generated rip-off of my work, I bought a copy. Flicking through the digital pages, the summary, rather expectedly, condensed each of my chapters into a few page overview. Details I had gone to incredible lengths to get, including flying around the world to meet criminals face-to-face, or sneaking into a law enforcement conference, or slowly building trust with understandably scared sources was plopped into this new book with little context on how they got there or why they mattered.

For example, here is the original opening of my book, about a drug trafficker called Owen Hanson: 

This week we start with Jason's story about anyone being able to push updates to DOGE.gov website. Then we talk about other stories with the DEI.gov and Waste.gov sites. After the break, Sam tells us all about some lawyers who get caught using AI in a case. In the subscribers-only section, we chat about a true crime documentary YouTube channel where the murders were all AI-generated.

Listen to the weekly podcast on Apple Podcasts, Spotify, or YouTube. Become a paid subscriber for access to this episode's bonus content and to power our journalism. If you become a paid subscriber, check your inbox for an email from our podcast host Transistor for a link to the subscribers-only version! You can also add that subscribers feed to your podcast app of choice and never miss an episode that way. The email should also contain the subscribers-only unlisted YouTube link for the extended video version too. It will also be in the show notes in your podcast player.

• Anyone Can Push Updates to the DOGE.gov Website
• Elon Musk's Waste.gov Is Just a WordPress Theme Placeholder Page
• Lawyers Caught Citing AI-Hallucinated Cases Call It a 'Cautionary Tale'
• A ‘True Crime’ Documentary Series Has Millions of Views. The Murders Are All AI-Generated

On January 24 we received a pretty unusual email. The sender, a procurement officer from government contractor Cirrus Systems, wanted to buy multiple licenses for Graykey, the iPhone and Android hacking technology widely used by U.S. law enforcement and agencies. 

“Hello sales Team, I hope this email finds you well,” the email started. “I would be grateful if you provide us with best/lowest price quote for the following items for Federal’s demand. Please assist in me in the below.”

This was a government contractor trying to buy a phone hacking tool directly from a group of journalists. So, pretty weird.

The email included a table laying out how many licenses Cirrus Systems is after (it looks like four). A statement of work (SOW) then lists what specific capabilities the desired system must be capable of doing. They include “full forensic acquisition capability for the latest generations of iOS as implemented on the latest iPhone (iPhone 16 at this time) cellular telephones,” and the same for “the latest generations of Android.”

This article was produced with support from WIRED.

Last year, a media investigation revealed that a Florida-based data broker, Datastream Group, was selling highly sensitive location data that tracked United States military and intelligence personnel overseas. At the time, the origin of that data was unknown.

Now, a letter sent to US senator Ron Wyden’s office that was obtained by an international collective of media outlets—including WIRED and 404 Media—claims that the ultimate source of that data was Eskimi, a little-known Lithuanian ad-tech company. Eskimi, meanwhile, denies it had any involvement.

Eskimi’s alleged role—and its denials—highlight the opaque nature of the location data industry: A data broker in Florida claims a Lithuanian company provided data on US military personnel in Germany. That data could theoretically be sold to essentially anyone. But the exact ways in which the data is collected, compiled, and shared remains unclear. 

We dedicate the whole free section of this episode to Musk’s takeover of the federal government. We got audio from a meeting in which a Musk ally laid out their plans for AI across the government, and revealed who is now the head of HR for DOGE. In the subscribers only section, we talk about how your public library probably already has a bunch of AI slop.

Listen to the weekly podcast on Apple Podcasts, Spotify, or YouTube. Become a paid subscriber for access to this episode's bonus content and to power our journalism. If you become a paid subscriber, check your inbox for an email from our podcast host Transistor for a link to the subscribers-only version! You can also add that subscribers feed to your podcast app of choice and never miss an episode that way. The email should also contain the subscribers-only unlisted YouTube link for the extended video version too. It will also be in the show notes in your podcast player.

• ‘Things Are Going to Get Intense:’ How a Musk Ally Plans to Push AI on the Government
• Musk’s DOGE Brings in HR Consultant Focused on ‘Non-Woke’ DEI 'Aligned With Our Faith’
• AI-Generated Slop Is Already In Your Public Library

The Air Force Research Laboratory (AFRL), whose tagline is “Win the Fight”, has paid more than a hundred thousand dollars to a company that is providing generative AI services to other parts of the Department of Defense. But the AFRL refused to say what exactly the point of the research was, and provided page after page of entirely blacked out, redacted documents in response to a Freedom of Information Act (FOIA) request from 404 Media related to the contract.

The news shows that while AI continues to proliferate across essentially every industry and increasingly government departments, some parts of the military can be tight-lipped about its intentions around generative AI, even when the models used are sometimes the same as what everyone else has access to or are open source, and when the work is unclassified. 404 Media previously reported that the Air Force tested a surveillance-focused AI chatbot.

“Ask Sage: Generative AI Acquisition Accelerator,” a December 2023 procurement record reads, with no additional information on the intended use case. The Air Force paid $109,490 to Ask Sage, the record says. 

Ask Sage is a company focused on providing generative AI to the government. In September the company announced that the Army was implementing Ask Sage’s tools. In October it achieved “IL5” authorization, a DoD term for the necessary steps to protect unclassified information to a certain standard. 

404 Media made an account on the Ask Sage website. After logging in, the site presents a list of the models available through Ask Sage. Essentially, they include every major model made by well-known AI companies and open source ones. Open AI’s GPT-4o and DALL-E-3; Anthropic’s Claude 3.5; and Google’s Gemini are all included. 

The company also recently added the Chinese-developed DeepSeek R1, but includes a disclaimer. “WARNING. DO NOT USE THIS MODEL WITH SENSITIVE DATA. THIS MODEL IS BIASED, WITH TIES TO THE CCP [Chinese Communist Party],” it reads. Ask Sage is a way for government employees to access and use AI models in a more secure way. But only some of the models in the tool are listed by Ask Sage as being “compliant" with or “capable” of handling sensitive data.

In an associated Ask Sage Discord, apparent customers ask the company for support or make other comments. “Thanks for all the hard work and great enhancements that make our work lives so much easier,” one message posted this month reads. The username matches that of someone who lists their job as “AI Implementation, Information Warfare—Air Combat Command,” on LinkedIn.

But the Air Force declined to provide any real specifics on what it paid Ask Sage for. 404 Media requested all procurement records related to the Ask Sage contract. Instead, the Air Force provided a 19 page presentation which seemingly would have explained the purpose of the test, while redacting 18 of the pages. The only available page said “Ask Sage, Inc. will explore the utilization of Ask Sage by acquisition Airmen with the DAF for Innovative Defense-Related Dual Purpose Technologies relating to the mission of exploring LLMs for DAF use while exploring anticipated benefits, clearly define needed solution adaptations, and define clear milestones and acceptance criteria for Phase II efforts.” 

Nicolas Chaillan, founder of Ask Sage and former chief software officer for the Air Force and Space Force told 404 Media in an email that “This was a research contract for feasibility.

This did not include any license of the product or any use of the product.” He added the only deliverable was a report and the work was not classified.

The AFRL did not respond to a request for comment.

Large parts of the CDC’s website and several important databases were taken down on Friday and Saturday to comply with Trump’s executive orders banning DEI content. Saturday, a message at the top of the CDC’s home page said the website “is being modified to comply with President Trump’s Executive Orders.”

CDC websites and databases taken offline include the CDC Atlas, the CDC Youth Risk Behavior Surveillance System, a CDC website about HIV treatment, and the CDC Social Vulnerability Index. Some of these removals were earlier reported by NBC News. Some of the pages were replaced with messages that read “Page Not Found or Temporarily Unavailable” or “The page you're looking for was not found.” There was widespread uncertainty throughout Friday as to whether a broader takedown across the government would happen.

“Our team’s government affairs firm is advising that as of 5pm today, all U.S. government agency websites will be taken down,” an internal email obtained by 404 Media earlier Friday read. “According to reports, agencies are unable to comply fast enough with President Trump’s EO ordering all government entities to remove all DEI references from their websites, so these websites will be taken offline. There is no word on when they will be made available again.”

At 5pm Friday, however, no widespread, cross-government takedowns happened. Throughout the day Friday and Saturday, however CDC pages continued to disappear. Saturday, a message at the top of the CDC’s website said “CDC’s website is being modified to comply with President Trump’s Executive Orders.”

404 Media has reported on U.S. government pages about gender identity were taken down; that GitHub commits showed the Trump administration scrubbing government web pages in real time; and how archivists are working to save thousands of datasets disappearing from Data.gov.

Some federal contractors and federal employees spent much of Friday afternoon panicking about the deletions, and there was uncertainty about what would be taken offline and how widespread the takedowns would be. A CDC employee that 404 Media granted anonymity to speak about sensitive issues said that they were told by the Office of the Chief Information Security Officer of the Department of Health and Human Services that all employees were told they had to delete their preferred pronouns from their email signatures by 5 PM Friday.

Agencies were also ordered to “review all agency programs, contracts, and grants, and terminate any that promote or inculcate gender ideology” and to “take down all outward facing media (websites, social media accounts, etc.) that inculcate or promote gender ideology,” with a deadline of 5 PM Eastern Friday. Agencies were forced to “send an email to all agency employees announcing that the agency will be complying with Defending Women and this guidance.” Agencies have been ordered to create a report within the next week that includes “a complete list of actions taken in response to this guidance.” The specific executive order is Trump’s “Defending Women from Gender Ideology Extremism and Restoring Biological Truth to the Federal Government (Defending Women).”

A similar message was posted to Reddit earlier on Friday. “We are being told that the CDC website is scheduled to go down by EOD today. Please share this with your partners and encourage them, as well as you should plan to download any significant information,” it reads.

There have been several efforts to archive data that already existed across the federal government, including the End of Term Archive, a volunteer effort that saved hundreds of terabytes of data before Trump was inaugurated.

A group of men who sold Anom devices, the encrypted phone secretly backdoored by the FBI which led to the largest sting operation in history, pleaded guilty this month in San Diego. The defendants had been set to go to trial, in which the government was preparing to reveal the real identity of the confidential human source who provided the FBI with the Anom company in the first place. Now, that trial most likely won’t happen.

The court records released as part of the plea deals also provide new insight into how some of the phone sellers discussed drug trafficking on their Anom devices as well.

“If you really want to be secure there is only one word. ANOM,” one of the defendants wrote in messages collected from a backdoored phone.

In 2018, the FBI shut down an encrypted phone company called Phantom Secure. Companies in this underground industry typically take ordinary mobile handsets, then load them with custom encrypted messaging software and sometimes make modifications to the hardware too, such as removing the microphone or camera. Their customer bases are often disproportionately serious organized criminals, including drug traffickers, hitmen, and money launderers. 

After shuttering Phantom Secure, a seller of the devices who used the moniker “Afgoo” approached the FBI with a staggering proposition: would the agency like to take the new encrypted phone company they had started, called Anom, and run it themselves? This meant the FBI could secretly backdoor Anom’s phones, and if criminals started using them, read all of their messages. 

That would only work if criminals bought the phones, and if people in the encrypted phone industry sold them. That’s where the defendants Aurangzeb Ayub, Shane Ngakuru, Seyyed Hossein Hosseini, and Alexander Dmintrienko come in. Prosecutors allege they became part of Anom and sold Anom devices to criminals around the world.

Anom became a popular tool for serious criminals in Australia, Europe, South America, and South East Asia. Customers used the phones to coordinate massive, multi-ton shipments of drugs. In June 2021, authorities launched a global relay race of raids, with more than nine thousand law enforcement officials acting across a single day.

In a twist, even though the FBI secretly managed the Anom company, deciding which features should be included and those which shouldn’t, authorities also decided to charge what they saw as some of Anom’s most significant sellers. That indictment named seventeen people, including Hakan Ayik, who was Australia’s most wanted man and a key reason why Anom went global. Associates called him the “encryption king.”

The new plea agreements point to the defendants’ communications with criminal users of the phones. “Defendant assured his criminal customers that Anom would be safe from law enforcement and that Anom was more secure than other hardened encrypted device companies that had recently been infiltrated by law enforcement,” Ayub’s plea agreement reads. 

In March 2021, authorities shut down Sky, one of the largest encrypted phone companies. Ayub then told Anom higher ups he was ready to sell 100 Anom devices and another 600 devices down the line, the record adds. “Defendant recognized that the criminal market for hardened encrypted device brands were overlapping and that the fall of a competitor provider presented opportunities for the growth of the Anom Enterprise,” it reads.

Hosseini’s agreement mentions a conversation where some of the men discussed keeping Anom underground. “Remeber. Word of mouth only. No social media nothing We don’t exist xx,” one called Edwin Harmendra Kumar wrote (Kumar previously pleaded guilty). “Yes we don’t advertize [sic],” Dmitrienko added. Hosseini then wrote “This one of the policies of ANOM no advertising!! I know you guys are aware of it.. Just a minder… 😉.” The irony, of course, was that all of these messages were being collected and then read by the FBI.

Some of the phone sellers also discussed drug sales in their messages, according to the plea agreements. Ngakuru coordinated a shipment of methamphetamine to New Zealand; Ayub spoke about the sale of kilograms of cocaine; and Hosseini discussed cocaine trafficking, according to the documents. Those three men have entered their pleas, but Dmintrienko’s hearing has been delayed to February, according to the court docket. Hosseini’s plea agreement mentions Dmintrienko in the cocaine discussion.

The guilty pleas close those cases, but some of the people charged by the U.S. remain overseas, including “encryption king” Ayik and Maximilian Rivkin, a Serbia-born drug trafficker who was also crucial to Anom’s aggressive expansion.

The FOIA Forum is a livestreamed event for paying subscribers where we talk about how to file public records requests and answer questions. If you're not already signed up, please consider doing so here. 

Recently we had a FOIA Forum where we focused on getting information from federal government agencies. With any new administration there is a flurry of activity, and Freedom of Information Act (FOIA) requests are a way to get more information on what is happening inside government.

We start this week with Emanuel's rundown on the DeepSeek situation, the Chinese-made AI that has rocked stock markets and the wider AI industry. After the break, Sam explains how metadata in U.S. government memos lists Project 2025 members as the memo authors. In the subscribers-only section, Jason and Sam explain how GitHub is showing the U.S. government's purging of information in real time.

Listen to the weekly podcast on Apple Podcasts, Spotify, or YouTube. Become a paid subscriber for access to this episode's bonus content and to power our journalism. If you become a paid subscriber, check your inbox for an email from our podcast host Transistor for a link to the subscribers-only version! You can also add that subscribers feed to your podcast app of choice and never miss an episode that way. The email should also contain the subscribers-only unlisted YouTube link for the extended video version too. It will also be in the show notes in your podcast player.

• DeepSeek Mania Shakes AI Industry to Its Core
• Memos to Federal Employees Were Written By People With Ties to Project 2025, Metadata Shows
• Trump’s Administration Is Taking Down Sites About Gender Identity All Over the Internet
• GitHub Is Showing the Trump Administration Scrubbing Government Web Pages in Real Time

The hackers behind the massive breach of AT&T data last year hunted through the data for phone numbers and records associated with top officials and their families, including members of the Trump family such as Melania and Ivanka Trump; Kamala Harris; and Marco Rubio’s wife, people familiar with the matter told 404 Media.

The news further stresses the catastrophic nature of the breach, which impacted “nearly all” of AT&T’s customers’ call and text metadata during a certain timeframe. The breach not only impacted the general U.S. public, but also presented a significant national security risk. People familiar with the incident told 404 Media the hackers also planned to release a lookup tool that would have let anyone search the records for a fee, and said that the number of breached records is larger than previously reported. 404 Media granted multiple sources in this story anonymity because they were not authorized to speak to the press. 

The news of lawmakers’ and top officials’ families being targeted also comes as the FCC, the agency which would potentially fine AT&T for the breach, is now being led by Brendan Carr, who has historically been very friendly to the country’s telecommunications giants. 

“It is clearer than ever that AT&T's lax cybersecurity and Trump's ineffective, corrupt FCC pose a serious threat to U.S. national security,” Senator Ron Wyden told 404 Media in a statement. “Instead of throwing the book at AT&T for failing to secure Americans' sensitive data, FCC Chairman Carr is coddling Trump's corporate donors and raising the white flag to hackers. It's time for the public and the U.S. government to stop relying on the insecure voice and text message services provided by phone companies, which are beyond salvaging, and embrace secure, end-to-end encrypted voice, video and text communications.”

We start this week with the TikTok ban: how we got here, what happened, and, most importantly, why it means we need more decentralized services. Jason runs us through it. After the break, Joseph breaks down a site called GeoSpy which is marketing geolocation technology to the cops. In the subscribers-only section, we all scroll through an archive of old Nokia (yes, Nokia) designs. Good stuff in there.

Listen to the weekly podcast on Apple Podcasts, Spotify, or YouTube. Become a paid subscriber for access to this episode's bonus content and to power our journalism. If you become a paid subscriber, check your inbox for an email from our podcast host Transistor for a link to the subscribers-only version! You can also add that subscribers feed to your podcast app of choice and never miss an episode that way. The email should also contain the subscribers-only unlisted YouTube link for the extended video version too. It will also be in the show notes in your podcast player.

• Decentralized Social Media Is the Only Alternative to the Tech Oligarchy
• The U.S. Wants to Ban TikTok for the Sins of Every Social Media Company
• The Powerful AI Tool That Cops (or Stalkers) Can Use to Geolocate Photos in Seconds
• Nokia’s Weird Y2K Designs Show the Future We Could Have Had

An issue with Cloudflare allows an attacker to find which Cloudflare data center a messaging app used to cache an image, meaning an attacker can obtain the approximate location of Signal, Discord, Twitter/X, and likely other chat app users. In some cases an attacker only needs to send an image across the app, with the target not clicking it, to obtain their location.

Although the obtained location data is very coarse—in some of 404 Media’s tests it showed what city or state someone was in but did not provide more accurate information than that—the news shows the importance for some at-risk users to protect not just their message contents, but their network activity as well. 

“It's more of an oversight in the way the mobile application works than a vulnerability in the actual code but regardless, I thought it should be fixed,” daniel, an independent security researcher who reported the issue to Cloudflare, told 404 Media in an email. daniel said Cloudflare has since fixed the specific issue his custom-made tool was using.

A powerful AI tool can predict with high accuracy the location of photos based on features inside the image itself—such as vegetation, architecture, and the distance between buildings—in seconds, with the company now marketing the tool to law enforcement officers and government agencies.

Called GeoSpy, made by a firm called Graylark Technologies out of Boston, the tool has also been used for months by members of the public, with many making videos marveling at the technology, and some asking for help with stalking specific women. The company’s founder has aggressively pushed back against such requests, and GeoSpy closed off public access to the tool after 404 Media contacted him for comment.  

Based on 404 Media’s own tests and conversations with other people who have used it and investors, GeoSpy could radically change what information can be learned from photos posted online, and by whom. Law enforcement officers with very little necessary training, private threat intelligence companies, and stalkers could, and in some cases already are, using this technology. Dedicated open source intelligence (OSINT) professionals can of course do this too, but the training and skillset necessary can take years to build up. GeoSpy allows essentially anyone to do it.

This week, Google shoved various capabilities from Gemini, its AI tool, into Workspaces for Business and Enterprise customers, including associated Gmail accounts. You might now see buttons for “Summarize this email,” which when clicked will provide a bullet point list of what the email (allegedly) says and, in email threads, peoples’ sentiment towards it in their replies. There’s also a button in the top right that brings up a Gemini prompt bar, and a couple of ways Gemini offers to help. “Show unread emails from today,” and “show unread emails from this week,” are two I’m looking at right now.

Many people are going to love this. Others are going to want to run away from it as quickly as possible. Many people—incluing us—are already furious that they were automatically opted into it. Turns out, disabling it isn’t straightforward, as I found out why I tried to opt 404 Media out of it.

“Today we announced that we’re including the best of Google AI in Workspace Business and Enterprise plans without the need to purchase an add-on,” Google wrote in a blog post on Wednesday. 

The “Summarize this email” button took me by surprise. I opened my Gmail iOS app and it was just there. When I asked a Google spokesperson if Google gave clients a heads up this was coming, they provided me with a couple of links (including that one above), both of which were published Wednesday. So, no not really.

I tried out the email summarize feature on a non-sensitive email Emanuel had just forwarded me. It was an obvious scam email, with someone pretending to be from the family of Bashar Al-Assad and who said they could make us a lot of money. Emanuel forwarded me the email and joked “sounds good.”

Gemini’s summary said “Mohammed Karzoon, a former member of the Syrian President al-Assad’s cabinet, reaches out to Emanuel Maiberg to discuss potential investment portfolios.” The second bullet point read “Emanuel Maiberg expresses interest in the proposition.” Gemini, to little surprise, did not detect that Emanuel was being heavily sarcastic, a beautifully human act.

I then tried to opt us out of these sorts of Gemini features. I logged into Google Workspace, clicked the “Generative AI” drop down menu on the left, then clicked “Gemini app.” I changed the service status to “OFF for everyone.”

Nope, that’s wrong. The Google spokesperson told me that button referred to gemini.google.com, which is the Gemini app, not its integration with Workspace. I also tried in another section called “Gemini for Workspace” which sounded promising but that wasn’t helpful either.

I actually had to go to account, account settings, and “Smart features and personalization” where an administrator can set a default value for users. The spokesperson clarified that individual end users can go turn it off themselves in their own Gmail settings. They pointed to these instructions where users disable “smart features.” 

But it looks like it’s all or nothing. You can’t turn off just the new Gemini stuff without also disabling things like Gmail nudging you about an email you received a few days ago, or automatic filtering when Gmail puts emails into primary, social, and promotion tabs, which are features that Gmail has had for years and which many users are probably used to.

On iOS, you go to settings, data privacy, then turn off “Smart features and personalization.” A warning then says you’re about to turn off all the other stuff too that I mentioned above and much more. On Android, you go to settings, general, and then “Google Workspace smart features.”

Turning these off doesn’t actually get rid of the Gemini button at the top right of the inbox. It just means when you do click it (maybe by accident because it’s right next to the button to switch to a different inbox), it’ll prompt you to once again turn on smart features. It does get rid of the summarize this email button, though.

My first thought when I saw the “Summarize this email” button was, oh god, people are going to be submitting all sorts of sensitive, confidential business information into Gemini. We’ve already seen that with ChatGPT, and organizations have to write policies to stop employees doing it. And now you’re making that process one click, directly in the inbox? In its Privacy Hub page, Google says “Your content is not used for any other customers. Your content is not human reviewed or used for Generative AI model training outside your domain without permission.” I do not know if I have given permission or not, though, that’s part of the problem.

“You’ll see these end user settings will become even clearer and easier for people to use in the coming days as we’re rolling out updates (happening now) with language that’s specific to Gemini in Workspace features,” the spokesperson told me.

I hope so.

With Meta’s recent speech policy changes regarding immigration, in which the company will allow people to call immigrants pieces of trash, Mark Zuckerberg is laying the narrative groundwork for President-elect Trump’s planned mass deportations of people from the United States. 

Multiple speech and content moderation experts 404 Media spoke to drew some parallels between these recent changes and when Facebook contributed to a genocide in Myanmar in 2017, in which Facebook was used to spread anti-Rohingya hate and the country’s military ultimately led a campaign of murder, torture, and rape against the Muslim minority population. Although there are some key differences, Meta’s changes in the U.S. will also likely lead to the spread of more hate speech across Meta’s sites, with the real world consequences that can bring.

“We believe Meta is certainly opening up their platform to accept harmful rhetoric and mold public opinion into accepting the Trump administration's plans to deport and separate families,” Citlaly Mora, director of communications at Just Futures Law, a legal and advocacy organization focused on issues around deportation and surveillance. 

We've got much more on what is happening inside Meta with the company's recent speech policy changes. Jason runs us through it. After the break, Joseph explains how thousands of apps have been hijacked to steal your location data, possibly without the app developers' knowledge. In the subscribers-only section, we talk about various stories intersecting with the LA fires, such as Amazon delivery drivers and AI images. (YouTube version to come shortly.)

Listen to the weekly podcast on Apple Podcasts, Spotify, or YouTube. Become a paid subscriber for access to this episode's bonus content and to power our journalism. If you become a paid subscriber, check your inbox for an email from our podcast host Transistor for a link to the subscribers-only version! You can also add that subscribers feed to your podcast app of choice and never miss an episode that way. The email should also contain the subscribers-only unlisted YouTube link for the extended video version too. It will also be in the show notes in your podcast player.

• ‘It’s Total Chaos Internally at Meta Right Now’: Employees Protest Zuckerberg’s Anti LGBTQ Changes
• Meta Deletes Trans and Nonbinary Messenger Themes
• Candy Crush, Tinder, MyFitnessPal: See the Thousands of Apps Hijacked to Spy on Your Location
• Online Behavioral Ads Fuel the Surveillance Industry—Here’s How
• People Think AI Images of Hollywood Sign Burning Are Real
• An Amazon Delivery Confirmation Photo Is the Last Time a Palisades Resident Saw Her Burnt Down House
• ‘We’re Fine’: Lying to Ourselves About a Climate Disaster