Private Public Surveillance Partnerships

We have already discussed surveillance by private actors and state surveillance in detail in the past.

A sideline we want to address this time is the partnership that private and public bodies often enter into in this context, especially in the context of government surveillance.

These collaborations can take many different forms, such as the disclosure of customer data and personal information by IT service providers. This type of collaboration is rarely entirely voluntary but, at least in functioning democracies, is usually subject to strict legal regulations and court orders.

These collaborations can take many different forms, such as the disclosure of customer data and personal information by IT service providers. This type of collaboration is rarely entirely voluntary but, at least in functioning democracies, is usually subject to strict legal regulations and court orders.

Unfortunately, many of the service providers themselves are not fully aware of the high requirements, which may lead to the unjustified disclosure of information in individual cases. Other IT service providers committed to transparency, such as the email providers Posteo and Tuta, on the other hand, examine requests very carefully and publish annual transparency reports and aggregate information on corresponding requests. Posteo, for example, also reports on how many of the requests were formally correct and how often data was actually disclosed.

Since these are strict legal requirements involving court orders and types of legitimate investigative work, in this blog post we will instead focus on more voluntary types of cooperation with security authorities, in which information is freely shared by companies. Since such types of cooperation are much less common in the EU than in other parts of the world, we are broadening our focus to the global level. However, this is also of interest to citizens of the European Union, as in a globally connected world, people in the EU can of course also be affected by this. Furthermore, it also raises awareness of the dangers posed by the weakening of data protection laws and the expansion of official access rights, as was recently the case in the EU-level vote on so-called chat control.

Private CCTV networks

Already in the first half of the year, there were increasingly worrying reports from the United States of America about cooperation between the security company Flock Safety and the US security and immigration authorities. Flock is a company that sells systems for automated vehicle licence plate recognition, among other things. It also sells audio-visual systems for locating firearm use and other surveillance systems. [1, 2]

Licence plate recognition systems came under public scrutiny when investigative journalists revealed that Flock enriched its databases with personal data from public sources and data leaks in order to link not only vehicle owners but also additional information about the occupants of a car. [1]

This information was also willingly passed on to security authorities, as well as to the Immigration and Customs Enforcement (ICE) agency. In recent years, and particularly since 2025, the latter has attracted attention for its questionable and presumably illegal actions in violently enforcing the deportation of migrants from the United States. [1, 3, 4, 5, 6]

This process is particularly critical because Flock’s AI-assisted cameras are used relatively extensively throughout the United States. This situation is further exacerbated by Flock’s acquisition of Amazon’s doorstep surveillance system Ring. Ring is already used millions of times over in the United States, but almost as frequently outside the country, e.g. here in Europe. Like Flock, Amazon had also willingly and uncritically cooperated with authorities in what were allegedly illegal actions. However, the concentration of information and power in the hands of a single player further complicates the situation. [3, 7, 8, 9]

The excesses of rampant surveillance of private-sector cooperation with public authorities, particularly in monopolised and centralised markets, are particularly evident in the United States of America. 10, 11, 12 But mass surveillance, private-sector cooperation and the corresponding impact on marginalised groups are also commonplace in other countries. In the United Kingdom, for example, information from social media and digital devices has been used for mass surveillance of the population for over a decade. Here, too, the British authorities rely in part on cooperation with private sector actors. [13, 14, 15, 16]

European Surveillance Cooperations

Although the situation in most of the European Union is nowhere near as dystopian as in the US or the UK. Efforts towards mass surveillance are repeatedly coming to light here too, all of which have in common that they rely on cooperation with private sector actors or seek to compel them to cooperate.

Here, too, a distinction should be made between legitimate investigative work in the digital space in cases of suspicion regarding individual suspects and a disproportionate expansion of the authorities’ rights and mass surveillance of innocent people.

The surveillance of private and encrypted communications via messenger apps (A), B), C)), which has been mentioned several times now, is a particularly striking example. Although the current push for indiscriminate mass surveillance of all EU citizens is off the table for now, the EU Council has left itself a back door open for the project. Internet services are now free to decide whether to screen (i.e. surveil) their users’ content before encryption and pass this information on to the authorities. Data protection activists see this as a stepping stone for later tightening of the rules, which the original proposal is now intended to establish in stages in order to avoid public pressure. [17]

The issue of data retention, which is repeatedly discussed in Germany, also fits into this picture. This would require internet service providers to store access information for all their customers on websites, apps, etc. without justification and to keep it available for a certain period of time for possible investigations of criminal offences. Although the proposal has been met with widespread public protest for decades, it makes its annual comeback in German and European politics just as often – to put it cynically. [18]

The Gotham database and analysis software from the controv ersial US company Palantir is also being used more and more frequently in Germany and Europe. Critics complain that the use of the solution is opaque and gives the security apparatus capabilities that are really only common in undemocratic surveillance regimes. [19, 20]

Underestimated potential

However, even ‘traditional’ state surveillance cannot completely bypass private sector actors. They develop and distribute almost all of the software and hardware used, such as AI-supported surveillance cameras designed to recognise either the faces or actions of passers-by. The development of surveillance software, which is thus supported by public funds, can be converted into private-sector capital via the free market, while unsuspecting citizens involuntarily train the software, as in pilot projects in Hamburg, Mannheim and Berlin. [21, 22, 23, 24, 25]

A commonly underestimated source of surveillance data is modern vehicle on-board computers. Much is known about the exorbitant amounts of data that smartphones and apps collect about us. However, computers with the same capabilities and significantly less public focus are also found in modern cars. Manufacturers often use this information to learn more about their customers’ preferences, driving behaviour and location information. The latter information in particular is also of recurring interest to security authorities. [26, 27]

Another example of the potential for cooperation between the private sector and public authorities in mass surveillance is the so-called ‘data broker files’ that have been processed in recent years. These files concern the trade in sensitive information between private companies, including detailed location data that can be used to track the movements of individuals with pinpoint accuracy. At present, there is no known cooperation with security authorities. On the contrary, the Data Broker Files are proving to be a security problem for states and security authorities themselves. In principle, however, this treasure trove of data could presumably also be used for surveillance purposes. For this reason, too, it would be important to completely and decisively prohibit the excessive collection of data and the associated trade by law. [28, 29, 30]

So what now?

We have already reported on the dangers of surveillance on several occasions in the past, whether by the state or by private actors (e.g. A), B), C)). The intertwining of these two spheres has been mentioned repeatedly in passing, but rarely explained explicitly.

The commercialisation of privacy is not a solution to the underlying problem. If only because it often excludes those affected and marginalised from the process due to the cost involved. Public pressure in the case of chat control, but also data retention in recent years, clearly shows that democratic means and freedom of expression can lead to concessions and rethinking within politics. And, of course, ultimately to concrete improvements in this area or to the prevention of setbacks.

The conclusions remain the same. A democratic, free and trusting society can only exist where privacy is a protected commodity. Investigating criminal offences must of course be possible, but not by means of indiscriminate mass surveillance and the restriction of fundamental rights. Any expansion of surveillance should be carefully considered, weighed up thoroughly, open-ended and discussed within broad civil society. State and private surveillance reinforce each other and are inextricably linked. For many reasons, it is therefore worthwhile to advocate democratically for greater data protection and privacy.

Sources

1. Cox, J. (2025): License Plate Reader Company Flock Is Building a Massive People Lookup Tool, Leak Shows. URL: https://www.404media.co/license-plate-reader-company-flock-is-building-a-massive-people-lookup-tool-leak-shows/
2. Koebler, J. (2025): Home Depot and Lowe’s Share Data From Hundreds of AI Cameras With Cops. URL: https://www.404media.co/home-depot-and-lowes-share-data-from-hundreds-of-ai-cameras-with-cops/
3. Cox, J. (2025): ICE, Secret Service, Navy All Had Access to Flock’s Nationwide Network of Cameras. URL: https://www.404media.co/ice-secret-service-navy-all-had-access-to-flocks-nationwide-network-of-cameras/
4. Koebler, J. (2025): CBP Had Access to More than 80,000 Flock AI Cameras Nationwide. URL: https://www.404media.co/cbp-had-access-to-more-than-80-000-flock-ai-cameras-nationwide/
5. Koebler, J. (2025): Feds Used Local Cop’s Password to Do Immigration Surveillance With Flock Cameras. URL: https://www.404media.co/feds-used-local-cops-password-to-do-immigration-surveillance-with-flock-cameras/
6. Koebler, J. (2025): ICE Taps into Nationwide AI-Enabled Camera Network, Data Shows. URL: https://www.404media.co/ice-taps-into-nationwide-ai-enabled-camera-network-data-shows/
7. Silberling, A. (2025): Amazon’s Ring to partner with Flock, a network of AI cameras used by ICE, feds, and police. URL: https://techcrunch.com/2025/10/16/amazons-ring-to-partner-with-flock-a-network-of-ai-cameras-used-by-ice-feds-and-police/
8. Whittaker, Z. (2023): Amazon’s Ring to pay $5.8M after staff and contractors caught snooping on customer videos, FTC says. URL: https://techcrunch.com/2023/05/31/amazon-ring-ftc-settlement-lax-security/
9. Ring (2025): Ring Expands Community Requests to Additional Community Safety Partners. URL: https://blog.ring.com/about-ring/ring-expands-community-requests-to-additional-community-safety-partners/
10. Rissman, K. (2025): Arrests made in New York after protesters appear to foil ICE raid with barricade of bodies and garbage bags. URL: https://www.independent.co.uk/news/world/americas/us-politics/ice-new-york-chinatown-raid-b2875026.html
11. Trotta, D. (2025): The US border town that’s undergone a dramatic transformation after Trump’s immigration crackdown. URL: https://www.independent.co.uk/news/world/americas/san-diego-immigration-border-tijuana-mexico-b2869295.html
12. Rissman, K. (2025): At least 200 border patrol agents to flood New Orleans in coming weeks, report says. URL: https://www.independent.co.uk/news/world/americas/us-politics/new-orleans-border-patrol-agents-b2874989.html
13. Amnesty International (2024): UK intelligence forced to reveal secret policy for mass surveillance of residents’ Facebook and Google use. URL: https://www.amnesty.org/en/latest/news/2014/06/uk-intelligence-forced-reveal-secret-policy-mass-surveillance-residents-fac/
14. Kleinman, Z. & Singleton, T. (2024): ‘Mass surveillance’ fears over law change plans. URL: https://www.bbc.com/news/technology-68625232
15. Minsky, C. (2020): ‘Surveillance creep’ as cameras spread on campus. URL: https://www.ft.com/content/dd732ab4-3e0a-11ea-b84f-a62c46f39bc2
16. East, B. (2025): How Britain became a surveillance state. URL: https://www.telegraph.co.uk/news/2025/11/13/how-britain-became-a-surveillance-state/
17. Reuter, M. (2025): Schlimmster Giftzahn gezogen, aber weiterhin gefährlich. URL: https://netzpolitik.org/2025/eu-rat-einigt-sich-zur-chatkontrolle-schlimmster-giftzahn-gezogen-aber-weiterhin-gefaehrlich/
18. Meister, A. (2025): EU arbeitet an ausufernder Vorratsdatenspeicherung. URL: https://netzpolitik.org/2025/interne-dokumente-eu-arbeitet-an-ausufernder-vorratsdatenspeicherung/
19. Fürstenau, M. (2025): Palantir: Wie gefährlich ist die US-Software in Deutschland? URL: https://www.dw.com/de/palantir-%C3%BCberwachung-ki-spionage-geheimdienst-polizei-v2/a-73461470
20. Koch, M. C. 2025): Trotz Überrumpelung: Baden-Württemberg stimmt für Palantir. URL: https://www.heise.de/news/Baden-Wuerttemberg-entscheidet-ueber-Einsatz-von-Palantir-11072840.html
21. Gruber, A. (2018): Umstrittene Gesichtserkennung soll ausgeweitet werden. URL: https://www.spiegel.de/netzwelt/netzpolitik/berlin-gesichtserkennung-am-suedkreuz-ueberwachung-soll-ausgeweitet-werden-a-1232878.html
22. Schwarzbeck, M. (2025): Hier wird die Überwachung getestet, die so viele Städte wollen. URL: https://netzpolitik.org/2025/verhaltensscanner-im-mannheim-hier-wird-die-ueberwachung-getestet-die-so-viele-staedte-wollen/
23. Schwarzbeck, M. (2025): „Schaufenster in die Zukunft der Polizeiarbeit“. URL: https://netzpolitik.org/2025/ki-kameras-in-hamburg-schaufenster-in-die-zukunft-der-polizeiarbeit/
24. Filmakademie Baden-Württemberg (2021): All Eyes On You. URL: https://www.youtube.com/watch?v=3Q5jxXqDPGc
25. Meister, A. (2025): Innenminister Dobrindt plant neues Sicherheitspaket. URL: https://netzpolitik.org/2025/gesichtserkennung-und-ki-innenminister-dobrindt-plant-neues-sicherheitspaket/
26. Reuter, M. & Gille, J. (2025): Das wissen Autohersteller über Dich und Dein Fahrzeug. URL: https://netzpolitik.org/2025/intimes-ueberwachungsinstrument-das-wissen-autohersteller-ueber-dich-und-dein-fahrzeug/
27. Schwarzbeck, M. (2025): Sachsen will anlasslos mit Drohnen in fahrende Autos filmen. URL: https://netzpolitik.org/2025/novelle-des-polizeigesetzes-sachsen-will-anlasslos-mit-drohnen-in-fahrende-autos-filmen/
28. Dachwitz, I. & Meineck, S. (2025): Das Wichtigste zur Spionage-Gefahr durch Handy-Standortdaten in der EU. URL: https://netzpolitik.org/2025/databroker-files-das-wichtigste-zur-spionage-gefahr-durch-handy-standortdaten-in-der-eu/
29. Meineck, S. & Dachwitz, I. (2025): Das gefährliche Geschäft mit Standortdaten geht weiter. URL: https://netzpolitik.org/2025/berliner-datenmarktplatz-datarade-das-gefaehrliche-geschaeft-mit-standortdaten-geht-weiter/
30. Dachwitz, I. & Meineck, S. (2025): Diese EU-Firma soll Standortdaten aus Deutschland verkauft haben. URL: https://netzpolitik.org/2025/databroker-files-diese-eu-firma-soll-standortdaten-aus-deutschland-verkauft-haben/