Digital Prison Break: 100 Tactics to Escape the Surveillance State

How Israeli-owned VPNs went from protecting your online activity to becoming America’s largest online dragnet

It has finally arrived: The dreaded Digital ID. It has already been rolled out in various forms throughout 140 countries and is fast approaching U.S. shores.

On October 13th, 2025, our very own California Governor Gavin Newsom signed a law dubbed the Digital Age Assurance Act, AB 1043.

If Newsom and California lawmakers have their way, the law will take effect on January 1, 2027, requiring people setting up new smartphones, tablets, and computers to provide their age or birthdate. Device and app makers must sort users into age brackets and provide these details to app developers, who will be held responsible for compliance. For older devices and software set up before 2027, there’s a grace period until July 1, 2027, for compliance to fully ramp up.

CALIFORNIA PUSHBACK

Although this law drew full support from tech giants like Google, Meta, OpenAI, and Snap -- who I’m sure are smacking their digital lips over this one -- it has spurred significant pushback from other arenas. Major Hollywood studios, including Amazon and Netflix, lobbied against AB 1043, arguing that device-based age verification could cause confusion when multiple family members share profiles, thus potentially undermining user experience and privacy.

However, none of them mentioned that this is the first step toward the beginning of California’s digital gulag and I, personally, won’t go down without a fight.

And I’m not alone, civil liberties and privacy advocates, have expressed concern that age-gating could still erode user privacy and set new precedents for digital identification.

They warn this law paves the way for age-based “signals” to become a default part of digital life, which many have warned for years would inevitably expand into more invasive forms of surveillance looking something like this, minus the social credit score:

THE ISRAELI VPN DRAGNET

I recently reported, HERE, on Israel’s covert geofencing campaign targeting American evangelical churches, using digital tracking to flood worshippers with pro-Israel propaganda across multiple states, including California and Arizona. This operation, executed under a multi-million-dollar contract by the firm Show Faith by Works, weaponizes faith communities for foreign political influence, a disturbing prelude to broader surveillance concerns explored here.

If that wasn’t enough, it looks like the state of Israel and its IDF co-co-horts have been up to more than just surveilling Christians….

As you could imagine, in response to the passage of California’S Digital Age Assurance Act, there’s increased interest among Californians in privacy tools like VPNs and encrypted services as workarounds.

For those who are not familiar with VPNs: A VPN, or Virtual Private Network, is a service that creates a secure, encrypted connection between your device and the internet, masking your IP address, and protecting your online activities from surveillance or hacking.

HOWEVER, there’s a massive snag regarding VPNs… it has recently been revealed by multiple tech and privacy watchdogs that a significant portion of the leading VPN companies used in the US, including ExpressVPN, CyberGhost, Private Internet Access, ZenMate, Hotspot Shield, Betternet, and Touch VPN, are owned or controlled by entities with Israeli links, mainly through firms like Kape Technologies and Aura (formerly Pango Group).

SOURCE: https://www.middleeasteye.net/live-blog/live-blog-update/outcry-over-expressvpn-ownership-what-israeli-connection-means-user

Many of these companies are led or staffed by veterans of Israel’s military intelligence (Unit 8200). In other words, it’s a massive dragnet operation that scoops up vital data and communications from privacy-conscious Americans.

Unfortunately, the surveillance doesn’t stop when you’re not actively using your VPN to protect your online activity.

By simply downloading and installing an Israeli-owned VPN like ExpressVPN, Israeli entities can access data on your device or monitor your online activities. As mentioned earlier, this is due to the close ties of the VPN ownership (Kape Technologies) to Israeli military intelligence units, and past evidence suggesting capabilities for massive surveillance and data harvesting linked to such networks.

The personal risks resulting from this breach cannot be overstated, exposing individuals to identity theft, financial fraud, long-term privacy violations, and, I would wager, later, political persecution; think “anti-semitism” laws.

There are VPN companies not owned or linked to Israeli interests. Notable trustworthy options include Mullvad (Sweden), IVPN (Gibraltar), and BuycatVPN, which was created specifically to offer privacy without Israeli military or spyware ties. PLEASE NOTE, PROTONMAIL IS NO LONGER ON THIS LIST AS A TRUSTWORTHY SOURCE. THANK YOU, MIRA, FOR THE HEADSUP!

These providers emphasize transparency, strong no-logs policies, and are generally favored by privacy advocates wary of surveillance concerns tied to Israeli ownership seen in popular VPNs mentioned earlier. Choosing such alternatives can help users avoid potential risks related to Israeli-connected surveillance networks.​

This offers a practical way to maintain digital privacy with VPNs free from those ownership concerns. However, users should always verify the current status of ownership and privacy audits before subscribing.

DIGITAL ID COMES TO CALI

Now back to Newsom and his recent signage of AB 1043.

Activists and grassroots organizations have begun ramping up campaigns to educate residents and pressure lawmakers about the outright dangers of AB 1043, with civil debate ongoing about how such laws may disproportionately impact privacy, marginalized youth, and the principle of online anonymity.

In short: The law takes effect January 1, 2027, and while pitched as a mild alternative to other states’ digital ID schemes, it’s igniting a fierce debate about California’s digital future and the risks of normalizing “age checks” as a gateway to broader digitally enforced identification…. because we all know it would do just that.

However, we DO NOT have to surrender our autonomy to the Digital ID prison.

Far from it.

Every one of us has the power to push back, right now, in small but meaningful ways. Whether it’s choosing cash over card, refusing a biometric scan, or writing a letter to your local representative, each act chips away at a system that only thrives when we comply.

Below is a practical list: 100 ways to fight back against digital ID and the surveillance state. Please note, this was taken from a post on Facebook originating in the UK, and I tailored it for the U.S. with some additions (thank you, Susan for sending me the original post).

It’s an extensive list.

The good news? You don’t have to do all of it. Pick what fits, keep at it, share what works, and show others they can do the same. This isn’t a sprint; it’s a marathon of awareness, courage, and community. The sooner we start resisting, the stronger we’ll be when the digital walls start to close in. Our freedom depends on habits we build today, not the technologies they sell tomorrow.

Grab a few of the below suggestions, make them habits, and pass them on. Resistance multiplies when it’s shared.

RESIST THE SURVEILLANCE STATE: 100 WAYS TO FIGHT DIGITAL ID!

Personal Tech & Behaviour

1. Turn off Face ID and fingerprint unlock on your phone.

2. Delete or refuse to install government apps.

3. Delete or refuse to install health agency apps (e.g., CDC or state health department apps).

4. Stop using biometric check-ins at shops and airports when possible.

5. Refuse self-scan at checkouts that use cameras/biometrics.

6. Use cash for as many purchases as you can.

7. Keep and use a physical wallet with cash on hand.

8. Draw out small amounts of cash regularly and spend them.

9. Use pre-paid cash cards (that can be bought with cash) for some purchases.

10. Use an old/basic phone (feature phone) for calls and texts where feasible.

11. Use a separate smartphone for sensitive services and keep it minimal.

12. Use a burner or prepaid SIM bought with cash for activities you want unlinked.

13. Avoid “log in with” social sign-ins (Google/Facebook/Apple) where possible.

14. Use privacy-forward browsers and block trackers.

15. Install and use browser adblockers and anti-tracking extensions.

16. Use encrypted services for private messaging.

17. Use end-to-end encrypted email solutions where appropriate.

18. Limit social media sharing of identifying info (DOB, address, job).

19. Do not upload biometric photos (face scans) to apps or services unless essential.

20. Opt out of optional data-sharing consent boxes on websites.

21. Regularly check and revoke app permissions (camera, mic, location).

22. Turn off location services and Bluetooth when not needed.

23. Use separate email addresses for financial and social accounts.

24. Use strong, unique passwords and a reputable password manager.

25. Use two-factor authentication.

26. Back up important documents in physical form, not only cloud.

Financial & Consumer Actions

27. Boycott businesses that refuse to accept cash.

28. Publicly call out shops that go cashless; leave reviews and complaints.

29. Write formal complaints to cashless businesses and cc state consumer protection agencies or the FTC.

30. Bank with institutions that keep meaningful in-branch cash service.

31. Move some savings to local credit unions or community banks that accept cash and value privacy.

32. Use cash-to-gift-card services for certain online purchases.

33. Avoid companies that explicitly partner with ID-as-a-service providers.

34. Boycott specific vendors known for surveillance or ID contracts (e.g., facial recognition firms), research locally and act.

35. Divest from funds/companies that provide digital ID surveillance tech when possible.

36. Pressure retirement plans and fund managers to disclose holdings in ID vendors.

Civic & Political Actions

37. Sign petitions opposing mandatory digital ID.

38. Submit responses to federal or state agency consultations.

39. Write personalized letters to your congressional representative or senators explaining your concerns.

40. Meet your representative at town halls and insist on answers in writing.

41. Organize or attend town-hall or city council Q&As about digital ID.

42. Attend city council or county board meetings and ask questions about procurement and ID pilots.

43. Join public consultations and demand PIAs (Privacy Impact Assessments) and independent audits.

44. File Freedom of Information Act (FOIA) requests about digital ID pilots, contracts, and costs.

45. Ask for equity impact assessments to protect vulnerable groups.

46. Push for congressional hearings or resolutions on digital ID.

47. Support or lobby for bills that protect cash rights and limit compulsory digital ID.

48. Build relationships with sympathetic city council members, state legislators, or members of Congress and give them briefing packs.

49. Support candidates who oppose mandatory digital ID at election time.

50. Vote and encourage others to vote on these issues.

51. Organize letter-writing and phone-banking campaigns to representatives and agency officials.

52. Request public hearings on procurement decisions relating to ID systems.

53. Demand cost-benefit and risk analyses be published before any rollout.

Legal & Formal Resistance

54. File complaints to the FTC (Federal Trade Commission) or state attorneys general about privacy risks and data-sharing.

55. Request your employer to publish the legal basis for any identity checks and to provide non-digital alternatives.

56. Ask employers for a written policy on how I-9 or right-to-work checks are performed and how employees’ data is handled.

57. If you’re an employee, push your employer to oppose mandatory digital ID.

58. Support legal challenges, donate to or fundraise for lawsuits or judicial reviews.

59. Help crowdsource evidence (documents, policies) that could support litigation.

Community Organizing & Outreach

60. Hand out leaflets in your area explaining the risks.

61. Host local meetups to explain practical steps people can take.

62. Start or join a local community group focused on resisting digital ID.

63. Build a coalition with disability groups, privacy advocates, faith groups, and cash-reliant communities to broaden resistance.

64. Train volunteers on how to speak to neighbors about privacy and cash rights.

65. Set up community cash swaps or local barter networks.

66. Run workshops on digital hygiene and how to opt out of tracking.

67. Partner with small businesses to keep cash-acceptance visible.

Media, Messaging & Narrative Work

68. Write letters to local papers denouncing mandatory digital ID.

69. Produce short videos explaining risks and how to resist (shareable social clips).

70. Host a podcast interviewing experts, affected people, and whistleblowers.

71. Use social media to amplify stories of people harmed by digital ID pilots.

72. Make infographics showing vendor links, money flows, and conflicts of interest.

73. Run targeted ad campaigns to raise local awareness.

74. Pitch investigative journalists with FOIA findings.

Direct Economic & Corporate Pressure

75. Start a public petition to get a company to drop its digital-only policy.

76. Organize coordinated boycotts of companies that partner with ID vendors.

77. Contact company shareholders and ask questions at AGMs about ID contracts.

78. File consumer complaints with state attorneys general or the FTC against firms that refuse reasonable alternatives.

79. Pressure procurement officers at city councils or state agencies to refuse contracts with vendor-lock clauses.

80. Publicly shame companies on social platforms and review sites for surveillance partnerships.

81. Support competitors that offer privacy-affirming services.

Allies & Funding

82. Donate to and support grassroots projects/campaigns fighting surveillance: Electronic Frontier Foundation (EFF), Fight for the Future, or local privacy groups.

83. Fund or crowdfund legal action and investigations.

84. Build alliances with civil-society groups working on housing, health, finance, and inclusion, show them how ID affects their members.

85. Recruit sympathetic lawyers, academics, and technologists to produce legal briefs and technical critiques.

86. Encourage local businesses to join a “cash-friendly” charter.

Creative Disruption

87. Wear badges/stickers that say “I refuse mandatory digital ID” at public events.

88. Organize peaceful demonstrations outside city halls, state capitols, or federal buildings.

89. Stunt actions that are lawful and headline-grabbing (letter drops, flash-mob info sessions).

90. Stage public teach-ins or film screenings about surveillance and privacy.

91. Join regular protests organized by privacy advocacy groups like the EFF or local chapters.

Education & Long-Term Strategy

92. Educate youth and students: Partner with schools, homeschool groups, or youth organizations to teach digital privacy basics and the risks of mandatory ID systems.

93. Create toolkits for businesses: Develop and distribute guides for small businesses on how to resist digital ID mandates while staying compliant with laws like I-9 requirements.

94. Monitor state-level legislation: Track bills in state legislatures related to digital ID or surveillance; alert networks when action is needed and submit testimony.

95. Build alternative ID systems: Support or contribute to decentralized, privacy-preserving identity projects (e.g., blockchain-based or community-verified IDs) as opt-outs.

96. Archive surveillance vendor info: Create public databases or wikis documenting companies involved in digital ID contracts, their lobbying, and weaknesses for activists to use.

97. Train on secure communication: Offer workshops on using VPNs, Tor, encrypted drives, and secure file sharing to protect organizers from surveillance during campaigns.

98. Engage with tech whistleblowers: Connect with former employees of surveillance firms to gather insider info, testimonies, or evidence for legal and media challenges.

99. Plan for worst-case scenarios: Develop community mutual aid networks for scenarios where digital ID becomes mandatory, including cash-based support systems and legal aid funds.

Final Call to Action

100. Commit to ongoing vigilance: Make resisting the surveillance state a lifelong habit, review your tech, support allies, and adapt strategies as threats evolve. Share this list and inspire others to join the fight!

Remember, there is power in numbers. Every step you take, small or large, strenghens our resistance.

Pleaes share.

OTHER RELATED COLUMNS:

Tip Jar!

If you find these interviews and articles informative, please become a paid subscriber for under 17¢ a day. I don’t believe in paywalls, but this is how I make a living, so any support is appreciated. Either way…. it’s available to you….

Comments

[Jean-Baptiste Guillory]

A lot of valuable information. Too bad people are so hopelessly weak and needy that it went in one eye and out the other. 95% of the digital tyranny takes place via smartphone, yet asking people to dump them is like asking a crack smoker to dump his pipe. Ain't happening. Run out and get a old school flip phone. Make the smartphone the housephone and leave it there. Turn it off when not in use. Drop the pipe!

[Donna C]

RESIST!!