The phrase “surveillance state” used to belong to dystopian fiction. In 2026, it reads more like a budget line. Artificial intelligence has quietly become the most powerful surveillance instrument ever built, and the question of who gets to point it, and at whom, is no longer theoretical. It is being decided right now, mostly behind closed doors, in contracts the public will never see.
A Fight That Should Worry Everyone
This spring, the dispute moved into the open. After negotiations broke down over how the military could use its Claude models, the federal government designated the AI company Anthropic a supply chain risk to national security, a label historically reserved for firms tied to foreign adversaries. The trigger was not espionage. It was Anthropic’s refusal to drop two restrictions from its contract: a ban on using its technology for mass domestic surveillance and a ban on fully autonomous weapons.
Within hours of that designation, rival lab OpenAI announced its own agreement with the Department of Defense. The timing drew immediate scrutiny, and OpenAI later released portions of its contract language to address the criticism. Yet the most important detail is one both companies actually agree on. As the Center for American Progress documented, Anthropic and OpenAI both claim the same red lines against domestic mass surveillance and autonomous weapons. The real disagreement is not about which firm is more principled. It is about whether a private vendor can enforce those lines at all once the government decides it wants the capability.
Terms of Service Are Not a Constitution
Here is the uncomfortable truth at the center of this story. Right now, the main thing standing between an ordinary citizen and AI-enabled government surveillance is the usage policy of a handful of technology companies. That is an extraordinary amount of power to place in private hands, and it is also far too fragile to rely on.
Company policies shift with leadership, ownership, and market pressure. A redline in a contract today can be renegotiated tomorrow, quietly, with no public notice and no vote. We saw exactly that pressure play out this spring. When a company holds firm, it can be punished. When it yields, the public rarely learns what was traded away. Either way, citizens become spectators to decisions about their own privacy.
This is not an argument that technology companies should be the ones setting the rules. It’s the opposite. No private firm, however well-intentioned, should be the last line of defense for a democratic right. That job belongs to law.
What Actual Regulation Looks Like
So what would meaningful protection involve? It is more concrete than the abstract debate suggests.
First, clear statutory limits on government use of AI for mass surveillance of citizens, with the burden placed on the state to justify each use rather than on a vendor to refuse it. Second, a federal privacy law that restricts how much sensitive personal data can be collected, bought, and sold in the first place, because surveillance is only ever as powerful as the data feeding it. Third, mandatory transparency and independent auditing for biometric systems such as facial recognition.
That third point is the most urgent. The Guardian recently reported that oversight of facial recognition is lagging far behind the technology itself, with watchdogs warning that the rules meant to protect the public have not kept pace. When the tools that identify and track people in real time outrun the laws governing them, the gap is not a technicality. It’s exactly where abuses take root.
Consequential decisions should always require a human who can be held accountable, and government deployments should fall under the same warrant requirements and disclosure rules we already expect of other intrusive powers. None of this is anti-innovation. Clear rules are what let responsible builders move quickly without becoming the unwilling authors of a surveillance apparatus.
A Test of Whether We Lead
It is worth saying plainly that the government has a real argument too. The military insists it must be able to use lawful tools for lawful purposes, and that a single contractor should not be able to veto national security decisions from a server farm. That concern is legitimate. The answer is not to hand private companies a permanent veto. It’s to write democratic rules that bind the government and its vendors alike, with courts and Congress, not procurement officers, drawing the boundaries.
The supply chain designation itself is already being challenged as legally unprecedented and is working its way through the courts. However that litigation ends, it won’t answer the underlying question. Only legislation can do that.
We are at one of those rare moments when the rules for a generation are either written or skipped. Surveillance technology will keep improving whether or not we choose to govern it. The choice in front of us is simple to state and hard to make: decide now, in public, what we will not allow our most powerful tools to do. If we wait until the infrastructure is built and the data is already gathered, we’ll be arguing over limits on a system that no longer asks our permission.
By Nell Watson, AI Ethics and Emerging Technology Faculty at Singularity University



