Something happened this week that should terrify you. Well, two things actually. They are connected, and almost nobody is talking about the connection.

On Wednesday, Anthropic quietly rolled out identity verification for Claude users. Government photo ID. Live selfie. Processed by a company called Persona.

On Thursday at 2 AM, Congress voted to extend Section 702 of the Foreign Intelligence Surveillance Act until April 30. The warrantless surveillance program that allows the government to collect communications of foreign targets and, inevitably, millions of Americans caught in the net.

One event creates the identity database. The other creates the legal authority to search it.

What Persona Actually Is

Anthropic did not build its own verification system. It chose Persona Identities, a San Francisco company valued at $1.5 billion. Anthropic describes Persona as its “verification partner,” selected for “the strength of their technology, privacy controls, and security safeguards.”

Here is what Anthropic did not mention.

In February 2026, security researchers published an investigation that exposed Persona’s entire government dashboard codebase. 53 megabytes across 2,456 files, sitting unprotected on a FedRAMP-authorized government endpoint. No hacking required. No credentials used. The files were served publicly by Persona’s own web server.

What was inside those files rewrites the story Persona tells about itself.

269 Checks Per Selfie

When you verify your identity through Persona, the software does not simply confirm you are who you say you are. It performs 269 distinct verification checks. The exposed source code revealed:

Facial recognition watchlist matching. Your selfie gets compared against photos of politicians, public figures, and flagged individuals. A system called “SelfieSuspiciousEntityDetection” flags faces as suspicious based on undisclosed criteria.

Adverse media screening across 14 categories. Terrorism, espionage, money laundering, drug trafficking, etc.. Your name gets run against media databases looking for connections to any of these.

Cryptocurrency activity monitoring. Integrations with Chainalysis and TRM Labs scan for crypto wallet activity.

Sanctions list cross-referencing. Your identity checked against OFAC and international sanctions databases.

Social Security Administration lookups. Are you in the deceased-person database?

Automated re-screening. Cron jobs re-run these checks on users periodically. Not once. Ongoing.

All of this from a company that markets itself as an identity verification service. All of this triggered by uploading a selfie to use a chatbot.

Direct Line to the Feds

The exposed code revealed something most users would never expect. Persona files Suspicious Activity Reports directly with FinCEN, the U.S. Treasury’s Financial Crimes Enforcement Network, and FINTRAC in Canada. This is not speculation. Persona’s own help documentation includes instructions for filing SARs, complete with FinCEN submission workflows.

Banks file SARs when they suspect money laundering or fraud. Now an identity verification company for AI chatbots has the same capability.

The researchers also found internal references to “Project SHADOW” and “Project LEGION.” Unexplained intelligence program codenames embedded throughout the government codebase. Nobody has explained what these are.

Follow the Money

Persona’s Series C funding round of $150 million was led by Founders Fund. Peter Thiel’s venture capital firm. Founders Fund followed with Persona’s $200 million Series D. Combined, Thiel’s firm invested $350 million and acquired roughly ten percent of the company.

The same Peter Thiel who co-founded Palantir. The surveillance analytics company that holds billions in contracts with the CIA, NSA, FBI, and ICE. The company that built the ELITE targeting system for immigration enforcement. The company whose entire business model is turning identity data into intelligence products for government agencies.

The man who built the machine that watches what governments do with your data now owns a significant piece of the machine that collects your biometric identity when you use AI.

Three Years of Your Face

Persona retains your data for up to three years. Your selfie. Your government ID. Your IP address. Your browser fingerprint. Your device fingerprint. What is behind you in your selfie. All of it stored, all of it searchable, all of it available for those 269 checks to run against repeatedly.

Anthropic says Persona is “contractually limited” in how it uses your data. Anthropic says your data is “encrypted in transit and at rest.” Every technology company says these things, and yet every technology company at some point experiences data breaches. It’s not a matter of “if,” but instead “when.”

Discord learned this lesson. In October 2025, hackers accessed the government IDs of more than 70,000 Discord users through a verification vendor. Discord then tested Persona as a replacement. After the vmfunc investigation exposed Persona’s surveillance infrastructure, Discord dropped them within a month.

Anthropic looked at this history and chose Persona anyway.

The 2 AM Vote

While Anthropic was rolling out identity verification, Congress was voting in the middle of the night.

Section 702 of FISA was set to expire on April 20. GOP leaders tried and failed to pass a full reauthorization. Instead, the House voted shortly after 2 AM on April 17 to extend the program for ten days, pushing the deadline to April 30.

Section 702 allows the government to collect communications of foreign intelligence targets without individual warrants. In practice, the NSA’s collection sweeps up enormous volumes of American communications. The FBI then searches this data using identifiers of U.S. persons. No warrant required for the search. Only for the initial collection, which targets foreigners.

Now consider the pipeline. Persona collects your government ID, selfie, and biometrics when you verify your identity on an AI platform. Persona runs 269 checks against watchlists and government databases. Persona files SARs with FinCEN. Persona retains your data for three years on FedRAMP-authorized infrastructure.

Section 702 authorizes warrantless searches of data collected on government-authorized infrastructure.

Nobody needs to conspire. The infrastructure connects itself.

Who Gets Hurt

Enterprise customers will not be affected. They have contracts, SSO, legal departments.

Government agencies will not be affected. They have their own access.

Journalists, researchers, whistleblowers, activists, dissidents, and anyone who needs to think privately about dangerous questions. They get hurt. The people who need anonymous access to thinking tools the most are the ones who now face a biometric checkpoint to use them.

The EFF warned that mandatory verification undermines anonymous speech, affecting “LGBTQ+ youth, survivors of abuse, political dissidents” who rely on pseudonymity for safe participation online.

Anthropic says this applies to a “small number of cases” involving “potentially fraudulent or abusive behavior.” Today it is a small number. The infrastructure does not care about the scope of the policy. The infrastructure cares about the scope of the architecture. And the architecture is built to scale.

The Red String

Peter Thiel co-founded Palantir. Palantir processes intelligence data for the CIA, NSA, ICE, and FBI. Thiel’s Founders Fund invested $350 million into Persona. Persona processes identity verification for OpenAI, Anthropic, Roblox, Reddit, Lime, and Coursera. Persona runs 269 surveillance checks per user on FedRAMP government infrastructure. Persona files Suspicious Activity Reports with federal financial intelligence. Congress just extended the surveillance law that authorizes searching data on government infrastructure.

You hand over your face to ask a question. Your face enters a system funded by the architect of government surveillance, running on government infrastructure, filing reports with government agencies, protected by a surveillance law renewed in the middle of the night.

There is no conspiracy here, there doesn’t need to be one. The money flows, the data accumulates, the legal authority extends, and the infrastructure simply does the rest.

Five hundred years ago, Machiavelli observed that Ferdinand of Aragon “never preaches anything else but peace and good faith, and to both he is most hostile.” The cloak of safety still conceals the same things it always has.

The only difference now is that the cloak requires a selfie…

Sources

• Anthropic Identity Verification Support Page (updated April 17, 2026) -

• vmfunc: “The Watchers” — Persona/OpenAI Investigation (February 16, 2026) -

• State of Surveillance: Researchers Expose Persona (February 20, 2026) -

• Fortune: Discord Distances from Thiel-Backed Verification Software (February 24, 2026) -

• Engadget: Anthropic Will Ask Claude Users to Verify Their Identities (April 16, 2026) -

• Open Rights Group: Biometric ID System Backed by Palantir Co-founder (February 15, 2026) -

• NPR: Congress Extends Surveillance Powers for 10 Days (April 17, 2026) -

• NYT: House Votes to Extend FISA Surveillance Law (April 17, 2026) -

• The Register: Anthropic Starts Checking ID for Some Claude Users (April 16, 2026) -

• Persona Help: File a SAR

• Persona: OpenAI Customer Case Study