A recent study from Oregon State University estimated that more than 3,500 animal species are at risk of extinction because of factors including habitat alterations, natural resources being overexploited, and climate change.

To better understand these changes and protect vulnerable wildlife, conservationists like MIT PhD student and Computer Science and Artificial Intelligence Laboratory (CSAIL) researcher Justin Kay are developing computer vision algorithms that carefully monitor animal populations. A member of the lab of MIT Department of Electrical Engineering and Computer Science assistant professor and CSAIL principal investigator Sara Beery, Kay is currently working on tracking salmon in the Pacific Northwest, where they provide crucial nutrients to predators like birds and bears, while managing the population of prey, like bugs.

With all that wildlife data, though, researchers have lots of information to sort through and many AI models to choose from to analyze it all. Kay and his colleagues at CSAIL and the University of Massachusetts Amherst are developing AI methods that make this data-crunching process much more efficient, including a new approach called “consensus-driven active model selection” (or “CODA”) that helps conservationists choose which AI model to use. Their work was named a Highlight Paper at the International Conference on Computer Vision (ICCV) in October.

That research was supported, in part, by the National Science Foundation, Natural Sciences and Engineering Research Council of Canada, and Abdul Latif Jameel Water and Food Systems Lab (J-WAFS). Here, Kay discusses this project, among other conservation efforts.

Q: In your paper, you pose the question of which AI models will perform the best on a particular dataset. With as many as 1.9 million pre-trained models available in the HuggingFace Models repository alone, how does CODA help us address that challenge?

A: Until recently, using AI for data analysis has typically meant training your own model. This requires significant effort to collect and annotate a representative training dataset, as well as iteratively train and validate models. You also need a certain technical skill set to run and modify AI training code. The way people interact with AI is changing, though — in particular, there are now millions of publicly available pre-trained models that can perform a variety of predictive tasks very well. This potentially enables people to use AI to analyze their data without developing their own model, simply by downloading an existing model with the capabilities they need. But this poses a new challenge: Which model, of the millions available, should they use to analyze their data? 

Typically, answering this model selection question also requires you to spend a lot of time collecting and annotating a large dataset, albeit for testing models rather than training them. This is especially true for real applications where user needs are specific, data distributions are imbalanced and constantly changing, and model performance may be inconsistent across samples. Our goal with CODA was to substantially reduce this effort. We do this by making the data annotation process “active.” Instead of requiring users to bulk-annotate a large test dataset all at once, in active model selection we make the process interactive, guiding users to annotate the most informative data points in their raw data. This is remarkably effective, often requiring users to annotate as few as 25 examples to identify the best model from their set of candidates. 

We’re very excited about CODA offering a new perspective on how to best utilize human effort in the development and deployment of machine-learning (ML) systems. As AI models become more commonplace, our work emphasizes the value of focusing effort on robust evaluation pipelines, rather than solely on training.

Q: You applied the CODA method to classifying wildlife in images. Why did it perform so well, and what role can systems like this have in monitoring ecosystems in the future?

A: One key insight was that when considering a collection of candidate AI models, the consensus of all of their predictions is more informative than any individual model’s predictions. This can be seen as a sort of “wisdom of the crowd:” On average, pooling the votes of all models gives you a decent prior over what the labels of individual data points in your raw dataset should be. Our approach with CODA is based on estimating a “confusion matrix” for each AI model — given the true label for some data point is class X, what is the probability that an individual model predicts class X, Y, or Z? This creates informative dependencies between all of the candidate models, the categories you want to label, and the unlabeled points in your dataset.

Consider an example application where you are a wildlife ecologist who has just collected a dataset containing potentially hundreds of thousands of images from cameras deployed in the wild. You want to know what species are in these images, a time-consuming task that computer vision classifiers can help automate. You are trying to decide which species classification model to run on your data. If you have labeled 50 images of tigers so far, and some model has performed well on those 50 images, you can be pretty confident it will perform well on the remainder of the (currently unlabeled) images of tigers in your raw dataset as well. You also know that when that model predicts some image contains a tiger, it is likely to be correct, and therefore that any model that predicts a different label for that image is more likely to be wrong. You can use all these interdependencies to construct probabilistic estimates of each model’s confusion matrix, as well as a probability distribution over which model has the highest accuracy on the overall dataset. These design choices allow us to make more informed choices over which data points to label and ultimately are the reason why CODA performs model selection much more efficiently than past work.

There are also a lot of exciting possibilities for building on top of our work. We think there may be even better ways of constructing informative priors for model selection based on domain expertise — for instance, if it is already known that one model performs exceptionally well on some subset of classes or poorly on others. There are also opportunities to extend the framework to support more complex machine-learning tasks and more sophisticated probabilistic models of performance. We hope our work can provide inspiration and a starting point for other researchers to keep pushing the state of the art.

Q: You work in the Beerylab, led by Sara Beery, where researchers are combining the pattern-recognition capabilities of machine-learning algorithms with computer vision technology to monitor wildlife. What are some other ways your team is tracking and analyzing the natural world, beyond CODA?

A: The lab is a really exciting place to work, and new projects are emerging all the time. We have ongoing projects monitoring coral reefs with drones, re-identifying individual elephants over time, and fusing multi-modal Earth observation data from satellites and in-situ cameras, just to name a few. Broadly, we look at emerging technologies for biodiversity monitoring and try to understand where the data analysis bottlenecks are, and develop new computer vision and machine-learning approaches that address those problems in a widely applicable way. It’s an exciting way of approaching problems that sort of targets the “meta-questions” underlying particular data challenges we face. 

The computer vision algorithms I’ve worked on that count migrating salmon in underwater sonar video are examples of that work. We often deal with shifting data distributions, even as we try to construct the most diverse training datasets we can. We always encounter something new when we deploy a new camera, and this tends to degrade the performance of computer vision algorithms. This is one instance of a general problem in machine learning called domain adaptation, but when we tried to apply existing domain adaptation algorithms to our fisheries data we realized there were serious limitations in how existing algorithms were trained and evaluated. We were able to develop a new domain adaptation framework, published earlier this year in Transactions on Machine Learning Research, that addressed these limitations and led to advancements in fish counting, and even self-driving and spacecraft analysis.

One line of work that I’m particularly excited about is understanding how to better develop and analyze the performance of predictive ML algorithms in the context of what they are actually used for. Usually, the outputs from some computer vision algorithm — say, bounding boxes around animals in images — are not actually the thing that people care about, but rather a means to an end to answer a larger problem — say, what species live here, and how is that changing over time? We have been working on methods to analyze predictive performance in this context and reconsider the ways that we input human expertise into ML systems with this in mind. CODA was one example of this, where we showed that we could actually consider the ML models themselves as fixed and build a statistical framework to understand their performance very efficiently. We have been working recently on similar integrated analyses combining ML predictions with multi-stage prediction pipelines, as well as ecological statistical models. 

The natural world is changing at unprecedented rates and scales, and being able to quickly move from scientific hypotheses or management questions to data-driven answers is more important than ever for protecting ecosystems and the communities that depend on them. Advancements in AI can play an important role, but we need to think critically about the ways that we design, train, and evaluate algorithms in the context of these very real challenges.

By stimulating cancer cells to produce a molecule that activates a signaling pathway in nearby immune cells, MIT researchers have found a way to force tumors to trigger their own destruction.

Activating this signaling pathway, known as the cGAS-STING pathway, worked even better when combined with existing immunotherapy drugs known as checkpoint blockade inhibitors, in a study of mice. That dual treatment was successfully able to control tumor growth.

The researchers turned on the cGAS-STING pathway in immune cells using messenger RNA delivered to cancer cells. This approach may avoid the side effects of delivering large doses of a STING activator, and takes advantage of a natural process in the body. This could make it easier to develop a treatment for use in patients, the researchers say.

“Our approach harnesses the tumor’s own machinery to produce immune-stimulating molecules, creating a powerful antitumor response,” says Natalie Artzi, a principal research scientist at MIT’s Institute for Medical Engineering and Science, an associate professor of medicine at Harvard Medical School, a core faculty member at the Wyss Institute for Biologically Inspired Engineering at Harvard, and the senior author of the study.

“By increasing cGAS levels inside cancer cells, we can enhance delivery efficiency — compared to targeting the more scarce immune cells in the tumor microenvironment — and stimulate the natural production of cGAMP, which then activates immune cells locally,” she says. “This strategy not only strengthens antitumor immunity but also reduces the toxicity associated with direct STING agonist delivery, bringing us closer to safer and more effective cancer immunotherapies.”

Alexander Cryer, a visiting scholar at IMES, is the lead author of the paper, which appears this week in the Proceedings of the National Academy of Sciences.

Immune activation

STING (short for stimulator of interferon genes) is a protein that helps to trigger immune responses. When STING is activated, it turns on a pathway that initiates production of type one interferons, which are cytokines that stimulate immune cells.

Many research groups, including Artzi’s, have explored the possibility of artificially stimulating this pathway with molecules called STING agonists, which could help immune cells to recognize and attack tumor cells. This approach has worked well in animal models, but it has had limited success in clinical trials, in part because the required doses can cause harmful side effects.

While working on a project exploring new ways to deliver STING agonists, Cryer became intrigued when he learned from previous work that cancer cells can produce a STING activator known as cGAMP. The cells then secrete cGAMP, which can activate nearby immune cells.

“Part of my philosophy of science is that I really enjoy using endogenous processes that the body already has, and trying to utilize them in a slightly different context. Evolution has done all the hard work. We just need to figure out how push it in a different direction,” Cryer says. “Once I saw that cancer cells produce this molecule, I thought: Maybe there’s a way to take this process and supercharge it.”

Within cells, the production of cGAMP is catalyzed by an enzyme called cGAS. To get tumor cells to activate STING in immune cells, the researchers devised a way to deliver messenger RNA that encodes cGAS. When this enzyme detects double-stranded DNA in the cell body, which can be a sign of either infection or cancer-induced damage, it begins producing cGAMP.

“It just so happens that cancer cells, because they’re dividing so fast and not particularly accurately, tend to have more double-stranded DNA fragments than healthy cells,” Cryer says.

The tumor cells then release cGAMP into tumor microenvironment, where it can be taken up by neighboring immune cells and activate their STING pathway.

Targeting tumors

Using a mouse model of melanoma, the researchers evaluated their new strategy’s potential to kill cancer cells. They injected mRNA encoding cGAS, encapsulated in lipid nanoparticles, into tumors. One group of mice received this treatment alone, while another received a checkpoint blockade inhibitor, and a third received both treatments.

Given on their own, cGAS and the checkpoint inhibitor each significantly slowed tumor growth. However, the best results were seen in the mice that received both treatments. In that group, tumors were completely eradicated in 30 percent of the mice, while none of the tumors were fully eliminated in the groups that received just one treatment.

An analysis of the immune response showed that the mRNA treatment stimulated production of interferon as well as many other immune signaling molecules. A variety of immune cells, including macrophages and dendritic cells, were activated. These cells help to stimulate T cells, which can then destroy cancer cells.

The researchers were able to elicit these responses with just a small dose of cancer-cell-produced cGAMP, which could help to overcome one of the potential obstacles to using cGAMP on its own as therapy: Large doses are required to stimulate an immune response, and these doses can lead to widespread inflammation, tissue damage, and autoimmune reactions. When injected on its own, cGAMP tends to spread through the body and is rapidly cleared from the tumor, while in this study, the mRNA nanoparticles and cGAMP remained at the tumor site.

“The side effects of this class of molecule can be pretty severe, and one of the potential advantages of our approach is that you’re able to potentially subvert some toxicity that you might see if you’re giving the free molecules,” Cryer says.

The researchers now hope to work on adapting the delivery system so that it could be given as a systemic injection, rather than injecting it into the tumor. They also plan to test the mRNA therapy in combination with chemotherapy drugs or radiotherapy that damage DNA, which could make the therapy even more effective because there could be even more double-stranded DNA available to help activate the synthesis of cGAMP.

When the independent Tunisian online media collective Nawaat announced that the government had suspended its activities for one month, the news landed like a punch in the gut for anyone who remembers what the Arab uprisings promised: dignity, democracy, and a free press.

But Tunisia’s October 31 suspension of Nawaat—delivered quietly, without formal notice, and justified under Decree-Law 2011-88—is not just a bureaucratic decision. It’s a warning shot aimed at the very idea of independent civic life.

The silencing of a revolutionary media outlet

Nawaat’s statement, published last week, recounts how the group discovered the suspension: not through any official communication, but by finding the order slipped under its office door. The move came despite Nawaat’s documented compliance with all the legal requirements under Decree 88, the 2011 law that once symbolized post-revolutionary openness for associations.

Instead, the Decree, once seen as a safeguard for civic freedom, is now being weaponized as a tool of control. Nawaat’s team describes the action as part of a broader campaign of harassment: tax audits, financial investigations, and administrative interrogations that together amount to an attempt to “stifle all media resistance to the dictatorship.”

For those who have followed Tunisia’s post-2019 trajectory, the move feels chillingly familiar. Since President Kais Saied consolidated power in 2021, civil society organizations, journalists, and independent voices have faced escalating repression. Amnesty International has documented arrests of reporters, the use of counter-terrorism laws against critics, and the closure of NGOs. And now, the government has found in Decree 88 a convenient veneer of legality to achieve what old regimes did by force.

Adopted in the hopeful aftermath of the revolution, Decree-Law 2011-88 was designed to protect the right to association. It allowed citizens to form organizations without prior approval and receive funding freely—a radical departure from the Ben Ali era’s suffocating controls.

But laws are only as democratic as the institutions that enforce them. Over the years, Tunisian authorities have chipped away at these protections. Administrative notifications, once procedural, have become tools for sanction. Financial transparency requirements have turned into pretexts for selective punishment.

When a government can suspend an association that has complied with every rule, the rule of law itself becomes a performance.

Bureaucratic authoritarianism

What’s happening in Tunisia is not an isolated episode. Across the region, governments have refined the art of silencing dissent without firing a shot. But whether through Egypt’s NGO Law, Morocco’s press code, or Algeria’s foreign-funding restrictions, the outcome is the same: fewer independent outlets, and fewer critical voices.

These are the tools of bureaucratic authoritarianism…the punishment is quiet, plausible, and difficult to contest. A one-month suspension might sound minor, but for a small newsroom like Nawaat—which operates with limited funding and constant political pressure—it can mean disrupted investigations, delayed publications, and lost trust from readers and sources alike.

A decade of resistance

To understand why Nawaat matters, remember where it began. Founded in 2004 under Zine El Abidine Ben Ali’s dictatorship, Nawaat became a rare space for citizen journalism and digital dissent. During the 2011 uprising, its reporting and documentation helped the world witness Tunisia’s revolution.

Over the past two decades, Nawaat has earned international recognition, including an EFF Pioneer Award in 2011, for its commitment to free expression and technological empowerment. It’s not just a media outlet; it’s a living archive of Tunisia’s struggle for dignity and rights.

That legacy is precisely what makes it threatening to the current regime. Nawaat represents a continuity of civic resistance that authoritarianism cannot easily erase.

The cost of silence

Administrative suspensions like this one are designed to send a message: You can be shut down at any time. They impose psychological costs that are harder to quantify than arrests or raids. Journalists start to self-censor. Donors hesitate to renew grants. The public, fatigued by uncertainty, tunes out.

But the real tragedy lies in what this means for Tunisians’ right to know. Nawaat’s reporting on corruption, surveillance, and state violence fills the gaps left by state-aligned media. Silencing it deprives citizens of access to truth and accountability.

As Nawaat’s statement puts it:

“This arbitrary decision aims to silence free voices and stifle all media resistance to the dictatorship.”

The government’s ability to pause a media outlet, even temporarily, sets a precedent that could be replicated across Tunisia’s civic sphere. If Nawaat can be silenced today, so can any association tomorrow.

So what can be done? Nawaat has pledged to challenge the suspension in court, but litigation alone won’t fix a system where independence is eroding from within. What’s needed is sustained, visible, and international solidarity.

Tunisia’s government may succeed in pausing Nawaat’s operations for a month. But it cannot erase the two decades of documentation, dissent, and hope the outlet represents. Nor can it silence the networks of journalists, technologists, and readers who know what is at stake.

EFF has long argued that the right to free expression is inseparable from the right to digital freedom. Nawaat’s suspension shows how easily administrative and legal tools can become weapons against both. When states combine surveillance, regulatory control, and economic pressure, they don’t need to block websites or jail reporters outright—they simply tighten the screws until free expression becomes impossible.

That’s why what happens in Tunisia matters far beyond its borders. It’s a test of whether the ideals of 2011 still mean anything in 2025.

And Nawaat, for its part, has made its position clear:

“We will continue to defend our independence and our principles. We will not be silenced.”

By Gigi Sohn, Chair, EFF Board of Directors 

With the impending departure of longtime, renowned, and beloved Executive Director Cindy Cohn, EFF and leadership advisory firm Russell Reynolds Associates have developed a profile for her successor.  While Cindy is irreplaceable, we hope that everyone who knows and loves EFF will help us find our next leader.  

First and foremost, we are looking for someone who’ll meet this pivotal moment in EFF’s history. As authoritarian surveillance creeps around the globe and society grapples with debates over AI and other tech, EFF needs a forward-looking, strategic, and collaborative executive director to bring fresh eyes and new ideas while building on our past successes.  

The San Francisco-based executive director, who reports to our board of directors, will have responsibility over all administrative, financial, development and programmatic activities at EFF.  They will lead a dedicated team of legal, technical, and advocacy professionals, steward EFF’s strong organizational culture, and ensure long-term organizational sustainability and impact. That means being: 

• Our visionary — partnering with the board and staff to define and advance a courageous, forward-looking strategic vision for EFF; leading development, prioritization, and execution of a comprehensive strategic plan that balances proactive agenda-setting with responsive action; and ensuring clarity of mission and purpose, aligning organizational priorities and resources for maximum impact. 

• Our face and voice — serving as a compelling, credible public voice and thought leader for EFF’s mission and work, amplifying the expertise of staff and engaging diverse audiences including media, policymakers, and the broader public, while also building and nurturing partnerships and coalitions across the technology, legal, advocacy, and philanthropic sectors. 

• Our chief money manager — stewarding relationships with individual donors, foundations, and key supporters; developing and implementing strategies to diversify and grow EFF’s revenue streams, including membership, grassroots, institutional, and major gifts; and ensuring financial discipline, transparency, and sustainability in partnership with the board and executive team. 

• Our fearless leader — fostering a positive, inclusive, high-performing, and accountable culture that honors EFF’s activist DNA while supporting professional growth, partnering with unionized staff, and maintaining a collaborative, constructive relationship with the staff union. 

It’ll take a special someone to lead us with courage, vision, personal integrity, and deep understanding of EFF’s unique role at the intersection of law and technology. For more details — including the compensation range and how to apply — click here for the full position specification. And if you know someone who you believe fits the bill, all nominations (strictly confidential, of course) are welcome at eff@russellreynolds.com.  

More than 80 law enforcement agencies across the United States have used language perpetuating harmful stereotypes against Romani people when searching the nationwide Flock Safety automated license plate reader (ALPR) network, according to audit logs obtained and analyzed by the Electronic Frontier Foundation. 

When police run a search through the Flock Safety network, which links thousands of ALPR systems, they are prompted to leave a reason and/or case number for the search. Between June 2024 and October 2025, cops performed hundreds of searches for license plates using terms such as "roma" and "g*psy," and in many instances, without any mention of a suspected crime. Other uses include "g*psy vehicle," "g*psy group," "possible g*psy," "roma traveler" and "g*psy ruse," perpetuating systemic harm by demeaning individuals based on their race or ethnicity. 

These queries were run through thousands of police departments' systems—and it appears that none of these agencies flagged the searches as inappropriate. 

These searches are, by definition, racist. 

Word Choices and Flock Searches 

We are using the terms "Roma" and “Romani people” as umbrella terms, recognizing that they represent different but related groups. Since 2020, the U.S. federal government has officially recognized "Anti-Roma Racism" as including behaviors such as "stereotyping Roma as persons who engage in criminal behavior" and using the slur "g*psy." According to the U.S. Department of State, this language “leads to the treatment of Roma as an alleged alien group and associates them with a series of pejorative stereotypes and distorted images that represent a specific form of racism.” 

Nevertheless, police officers have run hundreds of searches for license plates using the terms "roma" and "g*psy." (Unlike the police ALPR queries we’ve uncovered, we substitute an asterisk for the Y to avoid repeating this racist slur). In many cases, these terms have been used on their own, with no mention of crime. In other cases, the terms have been used in contexts like "g*psy scam" and "roma burglary," when ethnicity should have no relevance to how a crime is investigated or prosecuted. 

A “g*psy scam” and “roma burglary” do not exist in criminal law separate from any other type of fraud or burglary. Several agencies contacted by EFF have since acknowledged the inappropriate use and expressed efforts to address the issue internally. 

"The use of the term does not reflect the values or expected practices of our department," a representative of the Palos Heights (IL) Police Department wrote to EFF after being confronted with two dozen searches involving the term "g*psy." "We do not condone the use of outdated or offensive terminology, and we will take this inquiry as an opportunity to educate those who are unaware of the negative connotation and to ensure that investigative notations and search reasons are documented in a manner that is accurate, professional, and free of potentially harmful language."

Of course, the broader issue is that allowing "g*psy" or "Roma" as a reason for a search isn't just offensive, it implies the criminalization an ethnic group. In fact, the Grand Prairie Police Department in Texas searched for "g*psy" six times while using Flock's "Convoy" feature, which allows an agency to identify vehicles traveling together—in essence targeting an entire traveling community of Roma without specifying a crime. 

At the bottom of this post is a list of agencies and the terms they used when searching the Flock system. 

Anti-Roma Racism in an Age of Surveillance 

Racism against Romani people has been a problem for centuries, with one of its most horrific manifestations  during the Holocaust, when the Third Reich and its allies perpetuated genocide by murdering hundreds of thousands of Romani people and sterilizing thousands more. Despite efforts by the UN and EU to combat anti-Roma discrimination, this form of racism persists. As scholars Margareta Matache and Mary T. Bassett explain, it is perpetuated by modern American policing practices: 

In recent years, police departments have set up task forces specialised in “G*psy crimes”, appointed “G*psy crime” detectives, and organised police training courses on “G*psy criminality”. The National Association of Bunco Investigators (NABI), an organisation of law enforcement professionals focusing on “non-traditional organised crime”, has even created a database of individuals arrested or suspected of criminal activity, which clearly marked those who were Roma.

Thus, it is no surprise that a 2020 Harvard University survey of Romani Americans found that 4 out of 10 respondents reported being subjected to racial profiling by police. This demonstrates the ongoing challenges they face due to systemic racism and biased policing. 

Notably, many police agencies using surveillance technologies like ALPRs have adopted some sort of basic policy against biased policing or the use of these systems to target people based on race or ethnicity. But even when such policies are in place, an agency’s failure to enforce them allows these discriminatory practices to persist. These searches were also run through the systems of thousands of other police departments that may have their own policies and state laws that prohibit bias-based policing—yet none of those agencies appeared to have flagged the searches as inappropriate. 

The Flock search data in question here shows that surveillance technology exacerbates racism, and even well-meaning policies to address bias can quickly fall apart without proper oversight and accountability. 

Cops In Their Own Words

EFF reached out to a sample of the police departments that ran these searches. Here are five representative responses we received from police departments in Illinois, California, and Virginia. They do not inspire confidence.

1. Lake County Sheriff's Office, IL 

In June 2025, the Lake County Sheriff's Office ran three searches for a dark colored pick-up truck, using the reason: "G*PSY Scam." The search covered 1,233 networks, representing 14,467 different ALPR devices. 

In response to EFF, a sheriff's representative wrote via email:

“Thank you for reaching out and for bringing this to our attention.  We certainly understand your concern regarding the use of that terminology, which we do not condone or support, and we want to assure you that we are looking into the matter.

Any sort of discriminatory practice is strictly prohibited at our organization. If you have the time to take a look at our commitment to the community and our strong relationship with the community, I firmly believe you will see discrimination is not tolerated and is quite frankly repudiated by those serving in our organization. 

We appreciate you bringing this to our attention so we can look further into this and address it.”

2. Sacramento Police Department, CA

In May 2025, the Sacramento Police Department ran six searches using the term "g*psy."  The search covered 468 networks, representing 12,885 different ALPR devices. 

In response to EFF, a police representative wrote:

“Thank you again for reaching out. We looked into the searches you mentioned and were able to confirm the entries. We’ve since reminded the team to be mindful about how they document investigative reasons. The entry reflected an investigative lead, not a disparaging reference. 

We appreciate the chance to clarify.”

3. Palos Heights Police Department, IL

In September 2024, the Palos Heights Police Department ran more than two dozen searches using terms such as "g*psy vehicle," "g*psy scam" and "g*psy concrete vehicle." Most searches hit roughly 1,000 networks. 

In response to EFF, a police representative said the searches were related to a singular criminal investigation into a vehicle involved in a "suspicious circumstance/fraudulent contracting incident" and is "not indicative of a general search based on racial or ethnic profiling." However, the agency acknowledged the language was inappropriate: 

“The use of the term does not reflect the values or expected practices of our department. We do not condone the use of outdated or offensive terminology, and we will take this inquiry as an opportunity to educate those who are unaware of the negative connotation and to ensure that investigative notations and search reasons are documented in a manner that is accurate, professional, and free of potentially harmful language.

We appreciate your outreach on this matter and the opportunity to provide clarification.”

4. Irvine Police Department, CA

In February and May 2025, the Irvine Police Department ran eight searches using the term "roma" in the reason field. The searches covered 1,420 networks, representing 29,364 different ALPR devices. 

In a call with EFF, an IPD representative explained that the cases were related to a series of organized thefts. However, they acknowledged the issue, saying, "I think it's an opportunity for our agency to look at those entries and to use a case number or use a different term." 

5. Fairfax County Police Department, VA

Between December 2024 and April 2025, the Fairfax County Police Department ran more than 150 searches involving terms such as "g*psy case" and "roma crew burglaries." Fairfax County PD continued to defend its use of this language.

In response to EFF, a police representative wrote:

“Thank you for your inquiry. When conducting searches in investigative databases, our detectives must use the exact case identifiers, terms, or names connected to a criminal investigation in order to properly retrieve information. These entries reflect terminology already tied to specific cases and investigative files from other agencies, not a bias or judgment about any group of people. The use of such identifiers does not reflect bias or discrimination and is not inconsistent with our Bias-Based Policing policy within our Human Relations General Order.”

A National Trend

Roma individuals and families are not the only ones being systematically and discriminatorily targeted by ALPR surveillance technologies. For example, Flock audit logs show agencies ran 400 more searches using terms targeting Traveller communities more generally, with a specific focus on Irish Travellers, often without any mention of a crime. 

Across the country, these tools are enabling and amplifying racial profiling by embedding longstanding policing biases into surveillance technologies. For example, data from Oak Park, IL, show that 84% of drivers stopped in Flock-related traffic incidents were Black—despite Black people making up only 19% of the local population. ALPR systems are far from being neutral tools for public safety and are increasingly being used to fuel discriminatory policing practices against historically marginalized people. 

The racially coded language in Flock's logs mirrors long-standing patterns of discriminatory policing. Terms like "furtive movements," "suspicious behavior," and "high crime area" have always been cited by police to try to justify stops and searches of Black, Latine, and Native communities. These phrases might not appear in official logs because they're embedded earlier in enforcement—in the traffic stop without clear cause, the undocumented stop-and-frisk, the intelligence bulletin flagging entire neighborhoods as suspect. They function invisibly until a body-worn camera, court filing, or audit brings them to light. Flock's network didn’t create racial profiling; it industrialized it, turning deeply encoded and vague language into scalable surveillance that can search thousands of cameras across state lines. 

The Path Forward

U.S. Sen. Ron Wyden, D-OR, recently recommended that local governments reevaluate their decisions to install Flock Safety in their communities. We agree, but we also understand that sometimes elected officials need to see the abuse with their own eyes first. 

We know which agencies ran these racist searches, and they should be held accountable. But we also know that the vast majority of Flock Safety's clients—thousands of police and sheriffs—also allowed those racist searches to run through their Flock Safety systems unchallenged. 

Elected officials must act decisively to address the racist policing enabled by Flock's infrastructure. First, they should demand a complete audit of all ALPR searches conducted in their jurisdiction and a review of search logs to determine (a) whether their police agencies participated in discriminatory policing and (b) what safeguards, if any, exist to prevent such abuse. Second, officials should institute immediate restrictions on data-sharing through Flock's nationwide network. As demonstrated by California law, for example, police agencies should not be able to share their ALPR data with federal authorities or out-of-state agencies, thus eliminating a vehicle for discriminatory searches spreading across state lines.

Ultimately, elected officials must terminate Flock Safety contracts entirely. The evidence is now clear: audit logs and internal policies alone cannot prevent a surveillance system from becoming a tool for racist policing. The fundamental architecture of Flock—thousands of cameras feeding into a nationwide searchable network—makes discrimination inevitable when enforcement mechanisms fail.

As Sen. Wyden astutely explained, "local elected officials can best protect their constituents from the inevitable abuses of Flock cameras by removing Flock from their communities.”

Table Overview and Notes

The following table compiles terms used by agencies to describe the reasons for searching the Flock Safety ALPR database. In a small number of cases, we removed additional information such as case numbers, specific incident details, and officers' names that were present in the reason field. 

We removed one agency from the list due to the agency indicating that the word was a person's name and not a reference to Romani people. 

In general, we did not include searches that used the term "Romanian," although many of those may also be indicative of anti-Roma bias. We also did not include uses of "traveler" or “Traveller” when it did not include a clear ethnic modifier; however, we believe many of those searches are likely relevant.  

A text-based version of the spreadsheet is available here. 

These days, the most important meeting attendee isn’t a person: It’s the AI notetaker.

This system assigns action items and determines the importance of what is said. If it becomes necessary to revisit the facts of the meeting, its summary is treated as impartial evidence.

But clever meeting attendees can manipulate this system’s record by speaking more to what the underlying AI weights for summarization and importance than to their colleagues. As a result, you can expect some meeting attendees to use language more likely to be captured in summaries, timing their interventions strategically, repeating key points, and employing formulaic phrasing that AI models are more likely to pick up on. Welcome to the world of AI summarization optimization (AISO)...

Rising utility bills have catapulted energy into the top tier of campaign issues.

Executives with the state's largest utility, Dominion, were asked whether a win by Abigail Spanberger could prompt President Donald Trump to retaliate against the large offshore wind project.

The tech tycoon's new online encyclopedia recognizes the root cause of global warming — humanity's burning of fossil fuels — but provides a platform for contrarian views.

The Rhodium Group found that international climate targets for this century are way off target.

The Illinois Legislature defeated a proposal aimed a minimizing property insurance premiums by strengthening state oversight of rates.

The letter targets the EU’s efforts to move ahead with the Corporate Sustainability Due Diligence Directive.

The plans show that Europe still sees itself as a champion of climate ambition.

The initiative will make possible relay-style flight missions to observe a storm that spans the countries' zones, according to an official.

The forecast is dire, with little sign of water supplies recovering in the months ahead, according to an official.

Managing a power grid is like trying to solve an enormous puzzle.

Grid operators must ensure the proper amount of power is flowing to the right areas at the exact time when it is needed, and they must do this in a way that minimizes costs without overloading physical infrastructure. Even more, they must solve this complicated problem repeatedly, as rapidly as possible, to meet constantly changing demand.

To help crack this consistent conundrum, MIT researchers developed a problem-solving tool that finds the optimal solution much faster than traditional approaches while ensuring the solution doesn’t violate any of the system’s constraints. In a power grid, constraints could be things like generator and line capacity.

This new tool incorporates a feasibility-seeking step into a powerful machine-learning model trained to solve the problem. The feasibility-seeking step uses the model’s prediction as a starting point, iteratively refining the solution until it finds the best achievable answer.

The MIT system can unravel complex problems several times faster than traditional solvers, while providing strong guarantees of success. For some extremely complex problems, it could find better solutions than tried-and-true tools. The technique also outperformed pure machine learning approaches, which are fast but can’t always find feasible solutions.

In addition to helping schedule power production in an electric grid, this new tool could be applied to many types of complicated problems, such as designing new products, managing investment portfolios, or planning production to meet consumer demand.

“Solving these especially thorny problems well requires us to combine tools from machine learning, optimization, and electrical engineering to develop methods that hit the right tradeoffs in terms of providing value to the domain, while also meeting its requirements. You have to look at the needs of the application and design methods in a way that actually fulfills those needs,” says Priya Donti, the Silverman Family Career Development Professor in the Department of Electrical Engineering and Computer Science (EECS) and a principal investigator at the Laboratory for Information and Decision Systems (LIDS).

Donti, senior author of an open-access paper on this new tool, called FSNet, is joined by lead author Hoang Nguyen, an EECS graduate student. The paper will be presented at the Conference on Neural Information Processing Systems.

Combining approaches

Ensuring optimal power flow in an electric grid is an extremely hard problem that is becoming more difficult for operators to solve quickly.

“As we try to integrate more renewables into the grid, operators must deal with the fact that the amount of power generation is going to vary moment to moment. At the same time, there are many more distributed devices to coordinate,” Donti explains.

Grid operators often rely on traditional solvers, which provide mathematical guarantees that the optimal solution doesn’t violate any problem constraints. But these tools can take hours or even days to arrive at that solution if the problem is especially convoluted.

On the other hand, deep-learning models can solve even very hard problems in a fraction of the time, but the solution might ignore some important constraints. For a power grid operator, this could result in issues like unsafe voltage levels or even grid outages.

“Machine-learning models struggle to satisfy all the constraints due to the many errors that occur during the training process,” Nguyen explains.

For FSNet, the researchers combined the best of both approaches into a two-step problem-solving framework.

Focusing on feasibility

In the first step, a neural network predicts a solution to the optimization problem. Very loosely inspired by neurons in the human brain, neural networks are deep learning models that excel at recognizing patterns in data.

Next, a traditional solver that has been incorporated into FSNet performs a feasibility-seeking step. This optimization algorithm iteratively refines the initial prediction while ensuring the solution does not violate any constraints.

Because the feasibility-seeking step is based on a mathematical model of the problem, it can guarantee the solution is deployable.

“This step is very important. In FSNet, we can have the rigorous guarantees that we need in practice,” Hoang says.

The researchers designed FSNet to address both main types of constraints (equality and inequality) at the same time. This makes it easier to use than other approaches that may require customizing the neural network or solving for each type of constraint separately.

“Here, you can just plug and play with different optimization solvers,” Donti says.

By thinking differently about how the neural network solves complex optimization problems, the researchers were able to unlock a new technique that works better, she adds.

They compared FSNet to traditional solvers and pure machine-learning approaches on a range of challenging problems, including power grid optimization. Their system cut solving times by orders of magnitude compared to the baseline approaches, while respecting all problem constraints.

FSNet also found better solutions to some of the trickiest problems.

“While this was surprising to us, it does make sense. Our neural network can figure out by itself some additional structure in the data that the original optimization solver was not designed to exploit,” Donti explains.

In the future, the researchers want to make FSNet less memory-intensive, incorporate more efficient optimization algorithms, and scale it up to tackle more realistic problems.

“Finding solutions to challenging optimization problems that are feasible is paramount to finding ones that are close to optimal. Especially for physical systems like power grids, close to optimal means nothing without feasibility. This work provides an important step toward ensuring that deep-learning models can produce predictions that satisfy constraints, with explicit guarantees on constraint enforcement,” says Kyri Baker, an associate professor at the University of Colorado Boulder, who was not involved with this work.

"A persistent challenge for machine learning-based optimization is feasibility. This work elegantly couples end-to-end learning with an unrolled feasibility-seeking procedure that minimizes equality and inequality violations. The results are very promising and I look forward to see where this research will head," adds Ferdinando Fioretto, an assistant professor at the University of Virginia, who was not involved with this work.

Good management of aid projects in developing countries reduces violence in those areas — but poorly managed projects increase the chances of local violence, according to a new study by an MIT economist.

The research, examining World Bank projects in Africa, illuminates a major question surrounding international aid. Observers have long wondered if aid projects, by bringing new resources into developing countries, lead to conflict over those goods as an unintended consequence. Previously, some scholars have identified an increase in violence attached to aid, while others have found a decrease.

The new study shows those prior results are not necessarily wrong, but not entirely right, either. Instead, aid oversight matters. World Bank programs earning the highest evaluation scores for their implementation reduce the likelihood of conflict by up to 12 percent, compared to the worst-managed programs.

“I find that the management quality of these projects has a really strong effect on whether that project leads to conflict or not,” says MIT economist Jacob Moscona, who conducted the research. “Well-managed aid projects can actually reduce conflict, and poorly managed projects increase conflict, relative to no project. So, the way aid programs are organized is very important.”

The findings also suggest aid projects can work well almost anywhere. At times, observers have suggested the political conditions in some countries prevent aid from being effective. But the new study finds otherwise.

“There are ways these programs can have their positive effects without the negative consequences,” Moscona says. “And it’s not the result of what politics looks like on the receiving end; it’s about the organization itself.”

Moscona’s paper detailing the study, “The Management of Aid and Conflict in Africa,” is published in the November issue of the American Economic Journal: Economic Policy. Moscona, the paper’s sole author, is the 3M Career Development Assistant Professor in MIT’s Department of Economics.

Decisions on the ground

To conduct the study, Moscona examined World Bank data from the 1997-2014 time period, using the information compiled by AidData, a nonprofit group that also studies World Bank programs. Importantly, the World Bank conducts extensive evaluations of its projects and includes the identities of project leaders as part of those reviews.

“There are a lot of decisions on the ground made by managers of aid, and aid organizations themselves, that can have a huge impact on whether or not aid leads to conflict, and how aid resources are used and whether they are misappropriated or captured and get into the wrong hands,” Moscona says.

For instance, diligent daily checks about food distribution programs can and have substantially reduced the amount of food that is stolen or “leaks” out of the program. Other projects have created innovative ways of tagging small devices to ensure those objects are used by program participants, reducing appropriation by others.

Moscona combined the World Bank data with statistics from the Armed Conflict Location and Event Data Project (ACLED), a nonprofit that monitors political violence. That enabled him to evaluate how the quality of aid project implementation — and even the quality of the project leadership — influenced local outcomes.

For instance, by looking at the ratings of World Bank project leaders, Moscona found that shifting from a project leader at the 25th percentile, in terms of how frequently projects are linked with conflict, to one at the 75th percentile, increases the chances of local conflict by 15 percent.

“The magnitudes are pretty large, in terms of the probability that a conflict starts in the vicinity of a project,” Moscona observes.

Moscona’s research identified several other aspects of the interaction between aid and conflict that hold up over the region and time period. The establishment of aid programs does not seem to lead to long-term strategic activity by non-government forces, such as land acquisition or the establishment of rebel bases. The effects are also larger in areas that have had recent political violence. And armed conflict is greater when the resources at stake can be expropriated — such as food or medical devices.

“It matters most if you have more divertable resources, like food and medical devices that can be captured, as opposed to infrastructure projects,” Moscona says.

Reconciling the previous results

Moscona also found a clear trend in the data about the timing of violence in relation to aid. Government and other armed groups do not engage in much armed conflict when aid programs are being established; it is the appearance of desired goods themselves that sets off violent activity.

“You don’t see much conflict when the projects are getting off the ground,” Moscona says.” You really see the conflict start when the money is coming in or when the resources start to flow. Which is consistent with the idea of the relevant mechanism being about aid resources and their misappropriation, rather than groups trying to deligitimize a project.”

All told, Moscona’s study finds a logical mechanism explaining the varying results other scholars have found with regard to aid and conflict. If aid programs are not equally well-administered, it stands to reason that their outcomes will not be identical, either.

“There wasn’t much work trying to make those two sets of results speak to each other,” says Moscona. “I see it less as overturning existing results than providing a way to reconcile different results and experiences.”

Moscona’s findings may also speak to the value of aid in general — and provide actionable ideas for institutions such as the World Bank. If better management makes such a difference, then the potential effectiveness of aid programs may increase.

“One goal is to change the conversation about aid,” Moscona says. The data, he suggests, shows that the public discourse about aid can be “less defeatist about the potential negative consequences of aid, and the idea that it’s out of the control of the people who administer it.” 

The European Union Council pushed for a dangerous plan to scan encrypted messages, and once again, people around the world loudly called out the risks, leading to the current Danish presidency to withdraw the plan. 

EFF has strongly opposed Chat Control since it was first introduced in 2022. The zombie proposal comes back time and time again, and time and time again, it’s been shot down because there’s no public support. The fight is delayed, but not over.

It’s time for lawmakers to stop attempting to compromise encryption under the guise of public safety. Instead of making minor tweaks and resubmitting this proposal over and over, the EU Council should accept that any sort of client-side scanning of devices undermines encryption, and move on to developing real solutions that don’t violate the human rights of people around the world. 

As long as lawmakers continue to misunderstand the way encryption technology works, there is no way forward with message-scanning proposals, not in the EU or anywhere else. This sort of surveillance is not just an overreach; it’s an attack on fundamental human rights. 

The coming EU presidencies should abandon these attempts and work on finding a solution that protects people’s privacy and security.

I can’t believe that I haven’t yet posted this picture of a giant squid at the Smithsonian.

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Blog moderation policy.

When Congress eventually reopens, the 2026 National Defense Authorization Act (NDAA) will be moving toward a vote. This gives us a chance to see the priorities of the Secretary of Defense and his Congressional allies when it comes to the military—and one of those priorities is buying technology, especially AI, with less of an obligation to prove it’s effective and worth the money the government will be paying for it. 

As reported by Lawfare, “This year’s defense policy bill—the National Defense Authorization Act (NDAA)—would roll back data disclosures that help the department understand the real costs of what they are buying, and testing requirements that establish whether what contractors promise is technically feasible or even suited to its needs.” This change comes amid a push from the Secretary of Defense to “Maximize Lethality” by acquiring modern software “at a speed and scale for our Warfighter.” The Senate Armed Services Committee has also expressed interest in making “significant reforms to modernize the Pentagon's budgeting and acquisition operations...to improve efficiency, unleash innovation, and modernize the budget process.”

The 2026 NDAA itself says that the “Secretary of Defense shall prioritize alternative acquisition mechanisms to accelerate development and production” of technology, including an expedited “software acquisition pathway”—a special part of the U.S. code that, if this version of the NDAA passes, will transfer powers to the Secretary of Defense to streamline the buying process and make new technology or updates to existing technology and get it operational “in a period of not more than one year from the time the process is initiated…” It also makes sure the new technology “shall not be subjected to” some of the traditional levers of oversight. 

All of this signals one thing: speed over due diligence. In a commercial technology landscape where companies are repeatedly found to be overselling or even deceiving people about their product’s technical capabilities—or where police departments are constantly grappling with the reality that expensive technology may not be effective at providing the solutions they’re after—it’s important that the government agency with the most expansive budget has time to test the efficacy and cost-efficiency of new technology. It’s easy for the military or police departments to listen to a tech company’s marketing department and believe their well-rehearsed sales pitch, but Congress should make sure that public money is being used wisely and in a way that is consistent with both civil liberties and human rights. 

The military and those who support its preferred budget should think twice about cutting corners before buying and deploying new technology. The Department of Defense’s posturing does not elicit confidence that the technologically-focused military of tomorrow will be equipped in a way that is effective, efficient, or transparent.