By
Stuart Kerr, Technology Correspondent,
LiveAIWire
The EU AI Act, which entered its
enforcement phase for high-risk applications in 2025, explicitly prohibits
real-time remote biometric surveillance in public spaces and bans AI systems
designed to categorise people by race, political opinion, or religion. In the
United States, the Trump administration’s national AI policy framework
released in March 2026 urged wider deployment of AI tools across American
industry and proposed letting federal agencies use vast personal datasets for
AI training, a move that legal scholars say raises serious privacy concerns
given the lifetime of biographical, tax, and employment data those records
contain. The gap between those two policy directions has created the
conditions for a growing digital resistance movement: people and
organisations developing and deploying AI-powered tools to push back against
surveillance, protect privacy at scale, and make the institutional uses of AI
more accountable.
The scale of the surveillance expansion
that movement is responding to is significant. By late 2025, the US State
Department had expanded social media screening to cover H-1B visa applicants
and their dependents, F, M, and J non-immigrant visa holders, reviewing
platforms that contain years of private communications and associations. AI
facial recognition is deployed in airports, shopping centres, and by law
enforcement agencies in dozens of countries, often without the knowledge of
the individuals being identified. Jake Laperruque, deputy director of the
Security and Surveillance Project at the Centre for Democracy and Technology,
warned in late 2025 that the hasty adoption of AI by law enforcement agencies
will prove increasingly controversial in 2026, a prediction borne out by the
legal and political battles that have followed in jurisdictions on both sides
of the Atlantic.
For anyone trying to understand what is
actually available for digital privacy protection, what tools are being built
in direct response to AI surveillance, and where the lines of accountability
are being drawn, this is where the picture stands in
2026.
The AI Surveillance Infrastructure Being Built
The
resistance movement needs context: what it is resisting. AI surveillance in
2026 encompasses several distinct capabilities that are often conflated.
Facial recognition identifies individuals in public spaces from camera feeds.
Gait recognition identifies people from body movement patterns even when
their face is obscured. Behavioural analytics systems flag individuals whose
patterns of movement or association deviate from statistical norms. Social
graph analysis maps relationships between individuals from communication
metadata. Predictive policing tools assess risk scores for individuals or
locations based on historical data. Each presents different civil liberties
concerns and is subject to different regulatory treatment in different
jurisdictions.
The EU
AI Act categorises real-time biometric identification in public
spaces as a prohibited practice with limited law enforcement exceptions
subject to judicial authorisation. The US has no equivalent federal law,
leaving a patchwork of state-level regulations that vary from comprehensive
bans in some jurisdictions to unrestricted deployment in others. That
regulatory asymmetry is itself a driver of the resistance movement: in places
where legal protection is weak or absent, technical countermeasures become
the primary recourse.
The Tools Being Built in
Response
The resistance toolkit has evolved substantially
since the early privacy-tool era. Signal, the encrypted messaging platform,
has explicitly chosen not to integrate AI features in order to preserve the
end-to-end encryption guarantees that make it the gold standard for private
communication. This “AI refusal” design choice reflects a
deliberate resistance to the data-hungry architecture that AI integration
typically requires. Privacy-preserving AI tools are being developed that run
entirely locally on a user’s device, ensuring that the data they process
never leaves the device and is therefore not accessible to surveillance
systems, advertisers, or data brokers. The shift toward local AI processing
is, paradoxically, being driven partly by the same efficiency improvements in
small models that make AI cheaper to deploy
generally.
Adversarial fashion, a category that sounds
absurd until you examine the research behind it, uses optical patterns that
confuse facial recognition systems into failing to identify a face or
generating a false identity. Academic research has demonstrated that specific
patterns applied to clothing, accessories, or makeup can reliably defeat
commercial facial recognition systems in controlled settings. The
effectiveness in uncontrolled real-world deployment against continuously
updated recognition models is more limited, but the field has attracted
serious research investment as part of a broader project of making facial
recognition less reliable as a surveillance
instrument.
Accountability AI: Fighting Surveillance With
Surveillance
The most consequential development in digital
resistance may be the use of AI to audit, document, and challenge the AI
systems being deployed against the public. Automated tools that submit
freedom of information requests to government agencies asking for disclosure
of which AI systems they use, what training data they were built on, and what
error rates they have accepted for deployment are being developed by civil
liberties organisations. The Centre
for Democracy and Technology has documented systematic cases where
AI systems deployed in criminal justice and benefits administration have
produced discriminatory outcomes that would not have been identified without
computational auditing tools. The accountability infrastructure is still
primitive relative to the surveillance infrastructure being deployed, but it
is developing.
Understanding the broader context of AI
in law enforcement and the accountability questions it raises helps
situate the resistance movement within a longer debate about who controls the
most powerful information tools in society. And the accuracy
limitations of AI systems documented in benchmark testing are
particularly consequential in surveillance contexts, where a system running
at 95 percent accuracy across millions of identifications will still generate
tens of thousands of false positives. The resistance is not, at its core,
anti-technology. It is a response to the deployment of powerful and imperfect
technology in high-stakes contexts without adequate accountability
mechanisms, and the tools being built to challenge it are designed to create
the accountability that policy has not yet delivered.
For
those navigating how
AI detection tools create their own false accusation problems in
educational settings, the pattern is recognisable: powerful AI tools deployed
quickly, generating consequential decisions about individuals, without
adequate testing of error rates or oversight of outcomes. The digital
resistance movement is, at its most coherent, a demand for that oversight to
be built before deployment rather than litigated after
harm.
What Individuals Can Actually
Do
For individuals navigating the surveillance landscape
in 2026, the practical options divide into passive and active categories. On
the passive side, using end-to-end encrypted communication tools like Signal
for sensitive conversations, reviewing and restricting location permissions
on smartphone apps, using privacy-focused browsers and search engines that do
not build behavioural profiles, and being selective about which AI tools
receive access to personal communications or calendar data represent meaningful
risk reduction. None of these eliminate exposure entirely, but they
significantly reduce the volume and sensitivity of data available to both
commercial surveillance infrastructure and the data brokers who sell to
government agencies. On the active side, the growing ecosystem of
accountability tools gives individuals the ability to submit data access
requests under GDPR, the California Privacy Rights Act, and equivalent
legislation, requiring organisations to disclose what data they hold about
you and how it is used. Enforcement of these rights remains inconsistent, but
the requests generate compliance costs that influence corporate behaviour
even when individual enforcement is limited.
About the
Author
Stuart Kerr is Technology Correspondent at
LiveAIWire, covering artificial intelligence, cybersecurity, and the social
impact of emerging technology. He publishes daily at
LiveAIWire.com.