The Watchers: Persona Code Leak Uncovers Hidden Surveillance Pipeline
A major source code leak exposes how routine age-verification selfies for popular apps are feeding a massive government surveillance and reporting machine.
Introduction
When you snap a selfie to verify your age for a popular app, you expect that data to stay between you and the company. A recent discovery shatters that expectation. Cybersecurity researchers uncovered a massive, undisclosed data pipeline connecting Persona—the identity verification service used by OpenAI, Discord, LinkedIn, and Roblox—directly to the US federal government.
What Happened?
The exposure didn't require advanced hacking. Persona accidentally left 53MB of its original source code publicly accessible due to misconfigured Vite build tooling. Anyone with a web browser could download the entire codebase.
Investigators analyzing this code found that routine ID checks are being routed into a dedicated "watchlist" database that has been active since November 2023. The leaked files revealed a fully functional module designed to file Suspicious Activity Reports (SARs) directly to FinCEN—the US Treasury's Financial Crimes Enforcement Network—and its Canadian equivalent, FINTRAC.
Instead of basic data integrations, these are direct government filings. The code even contains dropdown menus to tag user data with specific public-private intelligence program codenames, including Project SHADOW, ANTON, and ATHENA.
What's the Impact?
This leak shows a simple login step for consumer apps acting as a live feed for a national surveillance apparatus. The codebase outlines 269 distinct verification checks. These go far beyond basic ID validation, including facial recognition matching against world leaders, Aadhaar database checks, and deep browser fingerprinting.
Users think they are just proving they are old enough to use an AI chatbot. Instead, their facial biometrics and device data are screened against global watchlists and law enforcement databases.
The code explicitly allows biometric face lists to be retained for up to three years, or 1,095 days. This directly conflicts with privacy policies from partners like OpenAI that claim a one-year limit. Researchers also found a FedRAMP-authorized government platform running this exact same codebase, blurring the line between commercial identity verification and state-level surveillance.
Another alarming detail involves a new subdomain, onyx.withpersona-gov.com, which appeared in certificate transparency logs in early February 2026. US Immigration and Customs Enforcement (ICE) separately purchased a $4.2 million AI surveillance tool named Fivecast ONYX. While the code itself doesn't explicitly name ICE, the naming correlation is documented.
How to Avoid this
Because this pipeline operates entirely on the backend, individual users have very little technical recourse once they submit their ID. You can't just install a privacy extension to block a server-side data transfer.
You can take practical steps to limit your exposure. Heavily scrutinize any app demanding biometric verification or a government ID just to access basic features. If a platform forces you to scan your face, weigh if the service is actually worth the privacy trade-off.
Seek out privacy-respecting alternatives that allow anonymous sign-ups or rely on decentralized identity protocols rather than centralized data brokers.
Finally, advocate for strict transparency. Companies must be forced to disclose exactly where biometric data flows and whether it interfaces directly with financial intelligence databases.
