Privacy's last stand

September 2025, Disney got caught collecting your kids' data illegally, $10 million fine. Google paid $425 million for a decade of snooping on your smartphone. Microsoft cut off a military unit for using their tools to survey millions of civilians. A Chinese toy company was caught tracking children's locations without telling parents. And while government hit corporations with fines, they're simultaneously pushing digital ID systems that would make corporate surveillance look like child's play. Here's what you need to understand. Your privacy isn't dying from a thousand cuts. It's under coordinated attack from two directions at once. Corporations want your data for profit. Governments want it for control. And September 2025 is the month when the surveillance shifted from corporate to government, from voluntary to mandatory, from profit-driven to power-driven.

This is Trust Revolution. I'm Sean Yeager, and today we're connecting the dots on why corporate surveillance is crumbling while government surveillance is being built in its place, and what you can do to escape both before the trap closes. Over 19 episodes across two seasons so far, we've talked to builders creating alternatives. John Robb on decentralized networks, Mark Secure Enclaves protecting your privacy by design, Max Hillebrand and Matthias Boos proving that peer-to-peer systems work at scale, Fran's Zap Store bypassing App Store monopolies, OpenState exposing how financial regulations create surveillance nets, Nicholas Anthony and Alex Newman showing how centralized control threatens freedom. Jeffrey Tucker breaking the spell of consensus thinking. But why are these alternatives suddenly urgent? Because both the corporate surveillance model and the government control model are reaching their breaking points simultaneously. One through enforcement and public backlash, the other through increasingly

aggressive digital ID mandates that would centralize surveillance even further. Let me show you what happened just this month and what's coming. On September 3rd, the FTC took action against a Chinese robot toy maker, Aperture Technology, for allowing a third party to collect geolocation data from children without parental consent. Kids ages 6 through 14 bought these educational robots, downloaded the companion app, and the company was secretly sharing their precise location with servers in China through a software kit called JPush. Parents had no idea. That same day, Disney agreed to pay $10 million to settle allegations that the company enabled unlawful collection of children's personal data on YouTube. Disney failed to properly label videos as made for kids, which allowed targeted advertising and data collection from children under 13 without parental consent. Two enforcement actions in a single day.

One against a Chinese company tracking kids' physical locations. won against Disney, one of the most sophisticated media companies on earth, for failing to protect kids online. This isn't about fining bad actors. It's about admitting the system is broken. If Disney, with unlimited resources and legal teams, can't figure out how to comply with privacy laws meant to protect children, what does that tell you about the model itself? On September 4th, a federal jury ordered Google to pay $425.7 million for improperly snooping on people's smartphones during a nearly decade-long period of intrusions. Your smartphone, the device in your pocket right now, Google was tracking you even when you thought you'd turn tracking off. And it took a jury to make them pay for it. Not regulators, a jury of regular people who heard the evidence and said, this is unacceptable. And it's not just U.S. companies.

On September 25th, Microsoft announced it had disabled services to a unit within the Israeli military after a company review determined its AI and cloud computing products were being used to help carry out mass surveillance of Palestinians. Microsoft voluntarily shut down a paying customer because the reputational and legal risk of enabling surveillance outweighed the revenue. Think about that. The risk of being associated with surveillance is now higher than the revenue from enabling it. On September 23rd, Canadian privacy authorities released findings that TikTok's efforts to keep children off the platform and prevent the collection and use of their sensitive personal information are, quote, inadequate. The investigation found TikTok was collecting data on hundreds of thousands of Canadian children who shouldn't have been on the platform at all, including biometric information like facial and voice data.

Meanwhile, authorities in Australia say social media platforms should not require age verification for all users when a ban on children under 16 having accounts goes into effect in December. Australian eSafety Commissioner Julie Inman Grant said on September 16th that it would be, quote, unreasonable for platforms to re-verify everyone's age. Now, notice the impossible position. Regulators say platforms must keep kids off, but they can't require invasive age verification because that creates more privacy violations for everyone. It is a catch-22 by design. And this brings us to the other shoe-dropping. Governments using this exact problem as justification for centralized digital ID systems. So what's the pattern? Three things. First, corporate surveillance is collapsing under its own weight. Bigger penalties, faster enforcement, no mercy for big brands. The business model that made big tech rich is becoming legally untenable.

Second, governments are using this collapse as an opportunity. The companies can't be trusted with your data, so give it to us instead. Digital IDs, biometric verification, centralized identity systems, all sold as solutions to the corporate surveillance problem. Third, you're being offered a false choice Corporate surveillance or government control Facebook or digital ID But there's a third option nobody in power wants you to know about Systems that don't require you to trust anyone And that's what this episode is really about While corporations are getting fined for surveillance Governments worldwide are accelerating digital ID mandates And they're using the exact problems we just discussed, age verification, identity theft, fraud, as justification. Let me walk you through what's happening globally because this is not isolated. This is coordinated. The EU is mandating digital identity wallets for all member states.

By 2026, every EU citizen is supposed to have access to a government-issued digital wallet that stores identity credentials, driver's licenses, educational certificates, health records, everything. The pitch? One secure place for all your documents. Convenience, security, protection against identity theft. The reality, a centralized system where every interaction, logging into websites, proving your age, accessing services gets routed through government infrastructure. Every verification creates a data trail. Every transaction gets logged. And unlike corporate surveillance, you cannot opt out. It's government mandated. Australia is implementing a ban on social media for children under 16 effective December 10 of this year And here the catch Authorities say platforms shouldn require age verification for all users to comply So how do you prove someone's under 16 without verifying everyone's age?

You can't, which means either platforms implement invasive verification anyway and get sued for privacy violations, or the government steps in with a centralized age verification system tied to digital IDs. Guess which way this is heading. Australia is already piloting government-backed age verification systems. Your ID, your age, your access to platforms, all controlled through a government gateway. The UK has been building its digital identity and attributes trust framework, great name there, a system for verifying identity across public and private services. The pitch is public-private partnership. The reality is government-certified identity providers acting as gatekeepers. Want to open a bank account? Digital ID verification. Want to rent an apartment? Digital ID. Access government services? Digital ID. Prove you're old enough to view certain content? Digital ID. Every verification creates a record, every record gets stored, and every interaction

becomes traceable. The U.S. doesn't have a federal digital ID mandate yet, but states are moving fast. Several states are already issuing mobile driver's licenses, digital IDs stored on your phone. The pitch? Convenience. The reality, your government-issued ID is now connected to a device that tracks your location, your app usage, your communications. And here's where it gets darker. The Real ID Act already created a de facto national ID system through standardized driver's licenses with machine-readable data. Digital IDs are the next step, connecting that standardized data to online verification systems. Some states are piloting these for age verification on adult websites and social media. Once the infrastructure exists for age verification, it gets expanded. Okay. Always, mission creep isn't a bug, it's a feature.

Now, connect this to what Nicholas Anthony told us about central bank digital currencies. CBDCs are programmable government money. Digital IDs are the authentication layer. Combine them. You get programmable money and government verified identity. And the result is total financial surveillance and control. Every purchase tied to your identity, every transaction logged and traceable, every financial decision subject to government policy. Sorry, you've exceeded your carbon allowance this month. Transaction denied. Sorry, you're not eligible to purchase that. Transaction blocked. This isn't a conspiracy theory. This is the stated goal of multiple CBDC pilot programs. China's digital yuan already does this. the EU's digital euro proposals include identity verification requirements. The pieces are being assembled. Here's how governments are selling this. Step one, point to corporate surveillance abuses.

Big tech cannot be trusted with your data, they say. Step two, offer government-controlled alternatives. We'll protect you with secure, verified digital IDs. Step three, mandate adoptions for safety, for security, for the children. Step four, expand the scope. Now that we have the infrastructure, let's use it for age verification, financial transactions, healthcare access, voting, benefits. It's the same playbook every time. Crisis, solution, mandate, expansion. And here's the kicker. Unlike corporate surveillance where you can switch platforms or use alternatives, government surveillance is backed by law. You can delete Facebook. You cannot delete your government. Corporate surveillance is bad. We've established that. But government surveillance is categorically different. Corporations want your data for profit. That's constraining. They won't do things that destroy the business model. Governments want your data for control. That is unbounded.

They'll do whatever serves power. You can choose not to use Facebook. You can't choose not to have a government. Corporations compete with each other. If one platform gets too invasive, you can switch. Government monopolizes identity. There's no alternative provider. Corporate surveillance creates business risk. Data breaches, lawsuits, reputational damage. Government surveillance creates existential risk. Political persecution, financial control, social engineering. And the two are converging. Governments mandate digital IDs. Corporations are required to verify users through those IDs. Now your government knows every platform you use, every service you access, every transaction you make. One system, total visibility, no escape. This is the trap. You're being offered a choice between corporate surveillance and government control. Mark Zuckerberg or your national government.

Amazon tracking you or a digital ID system tracking you. But that is a false binary. There's a third option, systems that do not require surveillance at all. Peer-to-peer verification instead of centralized databases. Zero-knowledge proofs instead of data collection. These aren't theoretical. They exist, they work, and they're being deliberately kept out of the conversation because neither corporations nor governments benefit from systems they cannot surveil. While governments push digital IDs, they're simultaneously passing privacy laws that make corporate data collection increasingly difficult. The result? A compliance nightmare that will drive more companies toward government-provided solutions. By the end of 2025, 16 comprehensive state privacy laws will be in force in the U.S. Each state is ratcheting up requirements. It's a race to the top, not the bottom. Companies can't just pick the weakest standard and apply it everywhere.

State enforcers are ramping up. Data brokers are under siege. The data broker ecosystem that powers target and advertising credit scoring and, quote, personalization is being dismantled piece by piece and not fast enough. But here's what's happening. Privacy regulations make corporate surveillance harder and more expensive. Companies look for easier ways to verify identity and comply with laws. Governments offer centralized digital ID systems as the solution. It's a deliberate compression. Squeeze the private sector with regulations. Offer government infrastructure as relief. The result? Surveillance shifts from corporate to government, but it doesn't decrease. It centralizes. And once it's centralized, it's much harder to escape. For 20 years, the surveillance economy worked on a simple equation. revenue from data exploitation greater than the cost of compliance plus the risk of fines.

That equation just broke. Google, half a billion dollars. Disney, 10 million. Apatour, half a million. Data brokers, settlements over location data, compliance costs multiplied now by 16 states. Reputational damage, Microsoft cutting off major government customers. And here's what people miss. These are just the cases we know about. For two decades, we've been told, give us your data, trust us to protect it. People are done trusting. And here's the deeper shift. People are realizing they shouldn have to trust That what Open State was getting at about financial surveillance The system is designed to require trust which creates power asymmetries It's what Bronwyn Williams told us about when discussing the unraveling cycles of society. When trust in centralized institutions breaks down, people seek alternatives. The alternative is trust-minimized systems. Don't trust the app store,

verify the cryptographic signature. Don't trust the payment processor. Use Bitcoin. Don't trust the government with your identity. Use zero-knowledge proofs. That's the future. And anyone still betting on the trust-us model, whether corporate or government, is on the wrong side of history. Here's why this matters for Trust Revolution. Over 19 episodes, every guest we've had isn't just complaining about surveillance. They're proposing or building alternatives that work without requiring you to trust them. Season 1 Builders showed us the foundation. John Robb's decentralized networks enabling coordination without central control. Mark's secure enclaves proving your data can stay on your device while still being useful. Max Hillebrand demonstrating peer-to-peer economies at scale. Fran building's app store. App distribution with zero surveillance, zero accounts, zero tracking. Season 1 Analysts helped us understand the stakes. David Strayhorn decoded how trust actually works.

Yael Ossowski showed us the balance of power shifting toward individuals. Bronwyn again revealed we're in a historical cycle of institutional unraveling and renewal. Rashad Tobakawala reminded us that trust is the currency of the future in business. Are you serious? warned us about the Internet's lost promise not to let centralization capture the next wave of technology. And on the policy front, Stephen Pollack explained Bitcoin and American statecraft, why decentralized money threatens centralized power. Matt O'Dell gave us the full Freedom Tech stack, Signal, Tor, Bitcoin, Noster. Open State exposed how AML and KYC creates a global surveillance grid and showed us how to fight back with FOI requests, freedom of information, and transparency. In Season 2, we further bring it home. Nicholas Anthony showed us the endgame. CBDCs are total financial control tied to government identity. Matthias proved that peer-to-peer infrastructure can and is working at scale.

Jeffrey Tucker reminds us to break out of consensus thinking and away from centralized systems. Alex Newman mapped paths to renewal through this trust crisis. Notice the pattern across all. Privacy by design, not privacy by policy. Policy-based privacy says we promise to protect your data. Then they get breached or sell it or get subpoenaed or change the term of service or the government mandates access. Design-based privacy says we architecturally cannot access your data. The promise isn't a policy document. It's in the code. It's not trust us. It's you don't have to trust us. Here's the cryptographic proof. That's the shift. In September of this year, the enforcement wave plus the digital ID push proves why it matters. The technologies exist right now to solve the problems that governments claim digital IDs are meant to solve without the centralized surveillance.

Zero-knowledge proofs prove you're over 18 without revealing your exact age, name, or any other information. This is mature cryptography, not science fiction. Decentralized identity. Control your own credentials. Share only what's necessary for each interaction. No central database to hack or subpoena. Secure enclaves. Computation can happen on encrypted data without ever exposing the underlying information. Peer-to-peer systems. You can coordinate economic activity and build communities with Bitcoin without centralized platforms extracting your data. Cryptographic signatures prove authenticity without disclosure, verify without revealing. These are, again, not theoretical. They're production-ready. Projects like Noster, Bitcoin, the Lightning Network, Signal, Tor, these are implemented right now. But you won't hear about them in government digital ID proposals.

Why? Because they solve the stated problem without creating the surveillance infrastructure. and surveillance, not solving problems, is their actual goal. First action I'd like you to consider taking, reduce your attack surface. Every piece of data you've shared, every account you've created, every digital trail you've left, it's all potential ammunition for surveillance. So here's some action items. Delete accounts you don't use. If you haven't logged into a service in six months, delete it, get rid of it. Audit your apps. Check what permissions you've granted. revoke everything that's not absolutely necessary. Request your data. Use GDPR, CCPA, and the like to request a copy of your data from major platforms. You will undoubtedly be horrified. Then use your right to deletion. Stop feeding the machine. Before you sign up for a new service, ask, do I really need this? Every new account is a new surveillance point.

Move number two, adopt privacy-preserving tools. Start using tools that are designed for privacy, not designed for data extraction. Switch to Signal. End-to-end encrypted by default, no metadata collection. Matt O'Dell walked us through why Signal's nonprofit model makes it trustworthy in ways that corporate messaging can never be. Consider SimpleX for anonymous messaging. No phone number, no identifier, fully private. When it comes to browsing, use Brave Browser or Firefox with privacy extensions. Block trackers by default. Use DuckDuckGo or Brave Search instead of Google. Consider Kagi. No search history, no profiling. Use Tor when you need maximum privacy. Money. Get a Bitcoin wallet. Learn self-custody. Stephen Pollack explains why this matters for sovereignty, as did Matt O'Dell. Use cash more often. Every card transaction is logged,

tracked, and tied to your identity. Speaking of identity, use email aliases for every service. One breach doesn't expose everything. Services like ProtonMail and others make this very easy. Use password managers, Bitwarden, 1Password, Proton, with end-to-end encrypted cloud services. The action item, pick one tool from this list this week and switch, just one. Then next week, add another. Third, and this is critical, when digital ID systems roll out in your jurisdiction, and they almost certainly will, resist adoption as long as possible. Every system depends on adoption rates. If 90% of people adopt digital IDs immediately, holdouts become marginalized. If only 50% adopt, the government can't make it truly mandatory without massive backlash. Your refusal matters, and it buys time for alternatives to develop.

Here's some action items. Don't be an early adopter. When your state or country launches digital ID products, don't be a volunteer. Use analog alternatives wherever possible. Physical driver's license instead of digital. paper documents instead of digital wallets, cash instead of CBDCs. Support businesses that don require digital verification Understand your rights In many jurisdictions digital IDs cannot legally be made mandatory for basic services at least not yet Know the law Push back when you're pressured. This isn't luddism. This is strategic resistance. Every day you delay adoption is a day you maintain privacy. Every person who resists makes it harder to normalize this surveillance infrastructure. Fourth, educate yourself on the technologies that solve problems without surveillance. Here are some action items. Learn what zero-knowledge proofs are. Understand

that you can prove things without revealing information. It's math, and it breaks the surveillance model. Understand how Bitcoin works, not as an investment, but as a system. How does money work without banks? How does trust work without central authorities? Bitcoin is the proof of concept for all decentralized systems. And beyond proof of concept, it is in production and has been for 15 years. Explore Noster. It's a protocol for censorship-resistant communication. See how social media works without data collection. Fran built ZapStore on it. That's how robust it is. Understand secure enclaves Mark showed us how computation can happen on your data Without anyone ever seeing the raw information Take Maple AI for a trial You don't need to become a cryptographer You just need to understand that solutions exist Because once you know they're possible You can't be fooled into thinking surveillance is inevitable Fifth, talk about this

Most people don't know what's happening Here are the action items Share this episode Send it to friends who care about privacy, but don't follow the details. Have conversations. When digital IDs get proposed in your area, your jurisdiction, talk to people about what really means. Not in tinfoil hat terms, in practical terms. Support privacy-focused projects. Donate to Signal. Use Noster. Buy from companies that respect privacy. And pressure representatives. When digital ID legislation comes up, call them. Open State showed us how FOI requests can expose what governments don't want you to know, and it makes them uncomfortable. Use these tools. The surveillance infrastructure only succeeds if people don't resist. Your voice matters. Use it. Now, let's say you do nothing. You keep using the same surveillance-based tools. You adopt digital IDs when they're offered.

you trust governments and corporations to, quote, protect your privacy. What happens? The short term, over the next six to 12 months, more digital ID pilots launch, more jurisdictions make them optional but encouraged, more companies get hit with privacy fines, more data breaches expose your information. You notice services requiring digital verification to access. Over the medium term, the next one to three years, digital IDs become mandatory for an increasing number of services, banking, health care, social media, travel. Your government now has a complete profile of your online activity, financial transactions, and your physical movements. Alternative systems still exist, but they're marginalized, harder to use, socially stigmatized. Over the long term, the next three to five years, CBDC's launch tied to digital IDs, every financial transaction is tracked, logged, and subject to government policy. Social credit

systems emerge. Your behavior affects your access to services. The infrastructure is now complete. Dissent becomes more costly. Privacy becomes virtually impossible. This isn't dystopian fiction. China already has this. The EU is actively building it. Australia is implementing pieces. The U.S. is following. Their trajectory is clear. Now, let's say you act. What happens? In the short term, you reduce your surveillance exposure. Fewer data breaches affect you. Less tracking follows you. You start using tools that respect privacy. You resist digital ID adoption. You preserve optionality. In the medium term, you're part of a community using privacy-preserving tools. You've built resilience. When mandatory digital ID systems are proposed, there's resistance. Adoption is slower. Mandates are weaker. Privacy-first businesses grow because people like

use support them. Over the long term, alternative systems mature, the technology improves, more people adopt them. The surveillance infrastructure fails to achieve critical mass. Too much resistance, too many alternatives. You've maintained your privacy, your freedom, and your sovereignty. And you've helped build the infrastructure that preserves it for others. This is the fork in the road. Which path do you choose? So, let's bring it back. September 2025, Disney, Google, Microsoft, Apatow, billions in fines for corporate surveillance, 16 state privacy laws creating compliance nightmares, and simultaneously, governments worldwide pushing digital ID systems as the solution. You're being offered a false choice, corporate surveillance or government control. Mark Zuckerberg or a digital ID database. But there's a third option.

Systems that don't require you to trust anyone. Systems built on cryptographic proof, not policy promises. Systems your guests on this show have been building. The surveillance economy is breaking. The question is, what replaces it? Government-controlled digital identity infrastructure or decentralized privacy-preserving alternatives? That decision isn't being made in Congress or by corporations. It's being made by millions of individual choices. Your choice right now. Here's what I want you to do this week. Delete one surveillance app. Pick the worst offender, delete it. Replace it with a privacy-respecting alternative. Learn about privacy-preserving technology. Bitcoin, Nostra, secure enclaves, pick one. Understand how it works. Have one conversation about digital IDs with someone who doesn't follow this stuff. Make them aware of what's coming and what's at risk.

Resist one data request. When a website asks for information it doesn't need, do not give it. Subscribe to this podcast if you haven't, because we're going to keep covering the alternatives. September is the breaking point. Corporate surveillance is collapsing under fines and regulation. government surveillance is expanding through digital ID mandates and privacy preserving alternatives exist right now. The only question is, which system will you support with your choices? This is Trust Revolution. I'm Sean Yeager. The surveillance economy is breaking. Governments are offering false solutions and the real alternatives, the ones that don't require you to trust anyone, are being built now by people who understand what's at stake. Your privacy isn't a gift from corporations or governments. It's something you build, defend, and claim for yourself. The tools exist, the alternatives work, and your choices matter more than you think.

We'll be back next week with another conversation about building those alternatives. Until then, protect your privacy like your freedom depends on it, because it does. you