But on March 31, “Reddit received another message from the feds,” The Intercept reported. “This time, instead of requesting information on an individual user, the government ordered Reddit itself to appear before a grand jury—not in California, but in Washington.”

The subpoena was issued by prosecutors from the US Attorney’s office in DC, and the “records sought spanned a period roughly three times longer than what ICE had originally requested,” the article said. The US Attorney for the District of Columbia is Jeanine Pirro. The grand jury subpoena is a new tactic being used by the Trump administration after it repeatedly lost attempts to subpoena information in court, The Intercept was told by CLDC Executive Director Lauren Regan.

Grand jury proceedings are not public. Grand juries may issue indictments after assessing evidence presented by prosecutors to determine whether there is probable cause that someone committed a crime. Witnesses may be called to give testimony. If an indictment is issued, the accused would be put on trial.

“The only valid use of a grand jury is to investigate federal crimes,” Regan told The Intercept. It’s unclear how Doe’s Reddit posts are evidence of a crime, and the administration is “able to hide what they are doing under the guise of a federal grand jury,” she said.

While the now-withdrawn summons is public, we do not have a copy of the subpoena. The CLDC told Ars today that it has no further comment on the case and noted that grand jury subpoenas are issued in secret.

Reddit: “We do not voluntarily share information with any government”

David Greene, senior counsel for the Electronic Frontier Foundation, “knew of no examples during the recent wave of immigration enforcement-related investigations in which a leading tech company has been called to appear before one of the secret panels,” The Intercept article said. “Free speech protections are at their weakest in the context of a grand jury, he explained: The proceedings are not adversarial; their purpose is to permit a prosecutor to file charges.”

https://arstechnica.com/tech-policy/2026/04/trump-admin-hounds-reddit-to-reveal-identity-of-user-who-criticized-ice/

“We’re not rookies on technology,” he said.

After receiving the data dump on his daughter’s Discord account, a couple of things stuck out immediately as odd to Frey.

“There’s no age recorded at signup, but there’s something worth flagging: her data includes an age_group field set to ’13–17,’ confirming Discord’s system knows she’s a teen,” Frey told Ars.

According to the data, Discord updated this field on March 9, about nine days before the account was hacked on March 18.

“They changed the age on their side, even though we can’t change the age on ours,” Frey said.

Additionally, Frey noticed that a separate field, “is_underage,” was set to “false.” He told Ars that he thinks that “discrepancy matters because the underage flag likely controls whether stricter ad protections” for kids are “applied.”

Since his daughter set up the account with an 18+ setting, it’s possible that the field corresponded to her self-reported age. But Frey could see that Discord updated the setting twice: once two days after the hack, and again after her account was restored. Each time, she was marked as not underage, despite support forum messages that repeatedly informed Discord she was 13.

Seemingly, that meant that the platform could create “a detailed behavioral ad profile” on the teen, even though its internal system had categorized her in the 13–17 age group, Frey said.

Samantha Baldwin, a policy and research staff technologist for the Electronic Frontier Foundation (EFF), told Ars that Discord’s hesitancy to formally update the age setting is telling. Frey’s case shows why privacy advocates believe that age verification laws aren’t about “protecting children” but about “surveillance and censorship,” she said.

“That they would not recategorize a minor’s account demonstrates this clearly,” Baldwin said. “Discord is in the business of making money by selling their users’ personal data. They are implementing ‘age verification’ to meet regulatory compliance and to collect more data about their customers, not protect children.”

https://arstechnica.com/tech-policy/2026/04/dad-stuck-in-support-nightmare-after-teen-lied-about-age-on-discord/

The department’s “relationship with Anthropic has deteriorated to the extent that Anthropic’s CEO has publicly described the Department’s statements regarding the controversy as ‘completely false’ and ‘just straight up lies,’” the court said. “Under these circumstances, requiring the Department to prolong its use of Anthropic’s AI technology, whether directly or through contractors, strikes us as a substantial judicial imposition on military operations. And, of course, we do not lightly override the Department’s judgments on matters involving national security.”

While the court said the balance of equities favors the government in determining whether to issue a stay, it acknowledged that Anthropic raised substantial questions that should be addressed quickly.

“In our view, the equitable balance here cuts in favor of the government,” the court said. “On one side is a relatively contained risk of financial harm to a single private company. On the other side is judicial management of how, and through whom, the Department of War secures vital AI technology during an active military conflict. For that reason, we deny Anthropic’s motion for a stay pending review on the merits. Nonetheless, because Anthropic raises substantial challenges to the determination and will likely suffer some irreparable harm during the pendency of this litigation, we agree with Anthropic that substantial expedition is warranted.”

The Computer & Communications Industry Association (CCIA), a trade group that filed briefs in both cases, said that tech companies are concerned about the “Pentagon’s means of blacklisting Anthropic without following typical procurement procedures,” and that the appeals court “denial will prolong ambiguities regarding whether political considerations can drive federal procurement.”

“Designating a company as a supply chain risk is a tool normally reserved for foreign adversaries, and should be used with discretion and proper procedure,” CCIA CEO Matt Schruers said. “It is risky to US innovation and competition to allow the government to unfairly discourage doing business with a US AI company as it competes with foreign AI companies.”

https://arstechnica.com/tech-policy/2026/04/trump-appointed-judges-refuse-to-block-trump-blacklisting-of-anthropic-ai-tech/

A corporal in the Pennsylvania state police yesterday pleaded guilty to a mind-boggling set of crimes that include going through his co-workers’ underwear, possessing a stolen gun, having child sexual abuse material on his hard drives, and using AI tools to create over 3,000 pornographic “deepfakes.”

One of the deepfakes involved a district court judge, while many of the others were created based on photos downloaded illicitly from state databases, including driver’s license photos.

Some of the imagery was even created at police barracks, using state-owned devices.

Deepfakes from driver’s licenses

Stephen Kamnik, 39, was arrested last year and charged with nine felonies and six misdemeanors. According to the Pennsylvania attorney general, “For years, Kamnik allegedly misused Commonwealth computer resources for his own personal sexual gratification, including the creation of AI-generated pornography of numerous female citizens of Pennsylvania.”

The Philadelphia Inquirer notes that the investigation began back in 2024 after police officials “noticed that the computer assigned to [Kamnik] had been using an unusually high amount of Internet bandwidth” and that an external hard drive had been repeatedly attached to it.

This aroused suspicion and eventually led to searches of Kamnik’s phone, computer, and external hard drive, which revealed a massive trove of illicit material. This material included thousands of pornographic deepfakes that Kamnik had generated using AI tools.

The attorney general said yesterday that Kamnik got material for this process through several methods, such as “secretly filming and photographing individuals, including coworkers.” Investigators even found “an unlawfully recorded video of a Montgomery County magisterial district judge during a court proceeding which Kamnik also edited for apparent lewd purposes.”

But many of the AI deepfakes were generated using the faces of women pulled from state databases. Kamnik’s devices showed that he had used “a secured database, JNET, to obtain hundreds of photographs of females—in violation of JNET usage policies,” the attorney general said. One of the rules JNET users must agree to before searching is “that personal use of JNET is strictly prohibited.”

https://arstechnica.com/tech-policy/2026/04/state-police-corporal-created-porn-deepfakes-from-drivers-license-photos/

Man kept making AI nudes after arrest

The Take It Down Act was passed in May 2025, and Strahler was arrested on federal charges by June.

The Federal Bureau of Investigation was called in after Strahler’s phone was seized in April, after one of his victims called local police. Confronted by the local cops, Strahler admitted to creating and sending the images, then was arrested and jailed.

Once the FBI got involved, an analysis of his device showed that he had “similarly harassed two ex-girlfriends and their mothers,” The New York Times reported. The FBI also found images of two boys on the phone.

That arrest was not enough to stop Strahler from creating more images, though. While he was on pre-trial release in the first case, another Ohio police department arrested him in June after he continued sending fake nudes to harass one of his victims. A search of his new phone uncovered more than 2,400 images and videos “depicting nudity, child sexual abuse material, or violence,” the press release said.

Celebrating Strahler’s conviction, the US Attorney in the Southern District of Ohio, Dominick S. Gerace II, said that his office is “committed to using every tool at our disposal to hold accountable offenders like Strahler, who seek to intimidate and harass others by creating and circulating this disturbing content.”

“We believe Strahler is the first person in the United States to be convicted under the Take It Down Act,” Gerace said. “We will not tolerate the abhorrent practice of posting and publicizing AI-generated intimate images of real individuals without consent.”

On X, Melania Trump also claimed the conviction as a win after championing the Take It Down Act and joining Donald Trump in signing it into law. On Tuesday, she praised Gerace’s team for putting an end to Strahler’s harassment and “protecting Americans from cybercrimes in this new digital age.”

https://arstechnica.com/tech-policy/2026/04/first-man-convicted-under-take-it-down-act-kept-making-ai-nudes-after-arrest/

We contacted Teamfluence today and will update this article if it provides a response.

“Unfortunately, this is a case of an individual who lost in the court of law, but is seeking to re-litigate in the court of public opinion without regard for accuracy,” LinkedIn said.

Lawyer: LinkedIn “does not meaningfully deny” allegation

It’s not uncommon for lawyers to file class action lawsuits shortly after explosive claims are made by media outlets or advocacy groups. The Farrell lawsuit against LinkedIn extensively quotes the BrowserGate report and describes Fairlinked as a “European advocacy group” without mentioning its ties to Teamfluence. We contacted the lawyers who filed the lawsuit and will update this article if we get a response.

The Ganan lawsuit doesn’t mention the BrowserGate report but makes similar allegations. J.R. Howell, the Santa Monica attorney who filed the complaint, told Ars today that the suit’s allegations “were based on the firm’s own review and analysis of LinkedIn’s client-side code and related technical behavior, as well as the applicable US and California legal framework.”

Howell told Ars that LinkedIn’s response to the claims does not refute the central allegation regarding lack of consent.

“LinkedIn’s public response does not meaningfully deny the core conduct alleged in the complaint,” Howell told Ars. “The real question is not whether LinkedIn says it was fighting abuse of the terms of service. The question is whether users were actually informed, in any clear and meaningful way, that LinkedIn would secretly probe their browsers for installed extensions, extract session-linked data, and make that data available to undisclosed third parties whose own uses could extend beyond a one-time compliance check.”

Howell argues that a “reasonable user does not consent to mass browser surveillance and third-party data exploitation through vague references to security, cookies, add-ons, or abuse prevention.”

Both lawsuits allege that LinkedIn violated the California Constitution’s protection against invasion of privacy and the California Comprehensive Computer Data Access and Fraud Act. The Ganan lawsuit also alleges that LinkedIn violated the federal Electronic Communications Privacy Act. Both lawsuits seek financial damages and an injunction forcing the company to change its data-collection and disclosure practices.

https://arstechnica.com/tech-policy/2026/04/linkedin-scanning-users-browser-extensions-sparks-controversy-and-two-lawsuits/

Hackers working on behalf of the Iranian government are disrupting operations at multiple US critical infrastructure sites, likely in response to the country’s ongoing war with the US, a half-dozen government agencies are warning.

In an advisory published Tuesday, the FBI, Cybersecurity and Infrastructure Security Agency, National Security Agency, Environmental Protection Agency, Department of Energy, and US Cyber Command “urgently” warned that the APT, or advanced persistent threat group, is targeting PLCs, short for programmable logic controllers. These devices, typically the size of a toaster, sit in factories, water treatment centers, oil refineries, and other industrial settings, often in remote locations. They provide an interface between computers used for automation and physical machinery.

Operational disruption and financial loss

“Since at least March 2026, the authoring agencies identified (through engagements with victim organizations) an Iranian-affiliated APT-group that disrupted the function of PLCs,” the advisory stated. “These PLCs were deployed across multiple US critical infrastructure sectors (including Government Services and Facilities, Waste Water Systems (WWS), and Energy sectors) within a wide variety of industrial automation processes. Some of the victims experienced operational disruption and financial loss.”

Among the PLCs being compromised or targeted are those made by Rockwell Automation/Allen-Bradley. Security firm Censys said Wednesday that an Internet scan it performed identified 5,219 such devices exposed to the Internet. A full 75 percent of them were located in the US and likely in far-off locations where equipment is located. The infrastructure being used to target the devices is a “single multi-home Windows engineering workstation running the Rockwell tool chain.”

https://arstechnica.com/security/2026/04/iran-linked-hackers-disrupt-operations-at-us-critical-infrastructure-sites/

Ars Technica: This is what you call your tyranny test.

Andrew Guthrie Ferguson: One of the times I feel this is most resonant, if you remember a couple years ago, people who are stalwarts of the Second Amendment were really worried that a Democratic government was going to come up with a federal list of all the gun owners in America. So at some moment there’d be a knock on the door and their guns would be confiscated. Well, with automated license plate readers, if you put those outside of the gun range and the gun show and where you buy your ammunition, you have your list.

You don’t need to have some government list. You literally, through the data that you give up by just living your life, you can show who has a gun in their home. That might worry people who believe the Second Amendment means that they should be able to have their own gun rights without the government necessarily knowing it, but it cuts both ways. Everyone is revealed. Everyone is exposed. And everyone should be worried about their government having that data that potentially could be used against them.

Ars Technica: What is the potential scenario that worries you the most as we move forward? As AI tools in particular keep developing, are we moving into even more serious uncharted waters?

Andrew Guthrie Ferguson: Yes. I think AI is going to supercharge police power in ways we’ve never seen. We’ve all lived in a world where we have cameras on our streets. If there was an individual problem, they could go back into an individual camera. The idea that all those cameras can be fused together in a central command center, like a real-time crime center, and AI video analytics can then observe every single object, foreground and background, identify man, woman, child, cat, door, car, what kind of car, and then track those objects throughout the city—that’s a whole new power that we’ve never had before.

There are currently no real rules limiting that. There used to be a cautiousness in rolling out new technology. But we are watching the federal government in the guise of immigration enforcement actually use all the technology that does exist, but without any guardrails or concerns. So for the first time we’ve seen mobile facial recognition in the wild. It’s not that that technology wasn’t theoretically around, but we did not see local police taking a smartphone camera out for facial recognition. We’re now seeing that with ICE and Customs Border Patrol (CBP). We knew that you could track individuals with location and social network analysis. But now we’re seeing that being used by ICE to identify the areas and people that they want to target, using the power of these new systems in ways that we haven’t seen before in local law enforcement.

https://arstechnica.com/culture/2026/04/how-our-digital-devices-are-putting-our-right-to-privacy-at-risk/

“That is not the law,” the judge wrote, noting that such a theory would allow a charitable donor like Musk to sue at basically any time, without limitations. “Accordingly, the Court will not instruct the jury on continuous accrual.”

In his latest filing, Musk tries to recover from the order, arguing that he’s changing the remedies so late in the game in order to ensure that the trial “remains focused” on “critical remedies.”

“The remedies Musk intends to seek are strictly tied to his purpose in bringing this lawsuit: to prevent the subordination of a public charity—one he co-founded and for which he was the primary supporter during its formative years—to private, for-profit interests,” the filing said.

Musk continues to accuse Altman, Greg Brockman, and other defendants of making false promises when soliciting “donations, labor, and public goodwill under solemn promises that OpenAI would operate as a nonprofit for the benefit of humanity.”

Their true goal, Musk has alleged, was to convert those assets “into a wealth machine for themselves, Microsoft, and Silicon Valley insiders.” (Musk is not alone in drawing such conclusions; his lawsuit was cited in a recent New Yorker investigation into Altman’s trustworthiness.)

To forever unplug Altman’s alleged “wealth machine,” Musk is suing to return profits to the charity, unseat Altman from the board and the company, and “unwind OpenAI’s for-profit conversion and restructuring,” so that OpenAI permanently stays a nonprofit charity.

Musk suit remains “baseless,” OpenAI says

Whether the jury’s ruling will be impacted by Musk’s efforts to update the remedies being sought will soon be tested, as the trial is expected to start this month.

His filing said that OpenAI’s alleged “breach of charitable trust, fraud, and unjust enrichment” is “at the heart of this case,” but for the extreme remedies he seeks, his argument seems somewhat weak and untested.

To justify the remedies, Musk points to California law, which, he said, “is clear that courts have broad equitable authority to remedy exactly this kind of misconduct.” But his lawyer placed emphasis on the part of the statute that says that “a plaintiff with standing may bring an action to ‘enjoin, correct, obtain damages for or to otherwise remedy a breach of a charitable trust.” Most likely it will be up to a jury to interpret the vague statute and determine if returning ill-gotten gains in the amounts calculated by Musk’s expert is an appropriate remedy.

https://arstechnica.com/tech-policy/2026/04/to-beat-altman-in-court-musk-offers-to-give-all-damages-to-open-ai-nonprofit/

Allowing Iran to continue to control the crucial waterway is likely to be highly unpalatable to Gulf states including Saudi Arabia, Qatar, and the UAE.

It also raises questions for Opec+, the oil producers’ group, with analysts warning that handing Iran control of Hormuz could fundamentally alter the balance of power within the organization by giving Tehran a potential veto over rival members’ exports.

Ali Shihabi, a commentator close to the Saudi royal court, said the kingdom would demand “unimpeded” access to global markets.

“Allowing Iran any form of control over the strait would be a red line,” Shihabi said. “The priority has to be unimpeded access through the strait.”

On Wednesday Saudi Arabia’s key East-West pipeline, which the kingdom has been using to reroute oil exports to the Red Sea, was struck by a drone, according to people familiar with the matter, despite the ceasefire.

Around 175 million barrels of crude and refined products are currently loaded onto 187 tankers in the Gulf, according to Kpler data—which could now start to move, depending on what happens in the strait.

Industry executives estimate that 300 to 400 ships are waiting to exit the Gulf as soon as it is possible to pass safely, with one describing it as a “car park.”

Several traders said they thought the situation in the coming days would resemble the system that has developed over the past fortnight, in which a handful of ships that have been approved by Iran are allowed to pass on a specific route.

During the conflict this was largely limited to vessels that had generally done business with Iran and that were not connected to the US, Israel, or Gulf states that had provided staging for attacks.

Martin Kelly, head of advisory at maritime intelligence group EOS Risk, said that there was “no way” that the backlog of ships waiting to get out could be cleared in two weeks.

Around 10 to 15 ships might be able to transit the strait per day, as the process was “quite time-consuming,” he said, down from 135 ships before the war.

Additional reporting by Andrew England.

© 2026 The Financial Times Ltd. All rights reserved. Not to be redistributed, copied, or modified in any way.

https://arstechnica.com/tech-policy/2026/04/iran-demands-cryptocurrency-toll-from-tankers-passing-through-strait-of-hormuz/