Sam Altman wants to scan your eyeballs. His company Worldcoin – recently rebranded, blandly, to "World" – is installing chrome orbs in major US cities that read your iris, hand you some cryptocurrency and issue a digital "passport" certifying that you are a real human and not a bot. The bot problem it is trying to solve is one Altman's own OpenAI did much to create. Researchers Andreu Belsunces Gonçalves and Laura Forlano have a name for how a company sells something this strange as common sense – a "sociotechnical fiction".
To get people adopting the product, they explain, it was necessary to first create a crisis narrative, then use that narrative to cast biometric scanning of the product's users as an act of pre-emptive safety. In this way, World's AI-driven panopticon surveillance is portrayed as both natural and inevitable. All the while, the surveillance provider cashes in.
Post-Brexit UK has run exactly this playbook with its homegrown experiment in internet regulation – most clearly in the form of the Online Safety Act (OSA), which has been promoted since 2019 as an innovative solution that would keep children safe, fix social media and bring Big Tech to heel.
The problem is that none of those things are true. They never were.
It was always the vision of Theresa May, and her government, to expand the use of British technology for law and order. Brexit gave her the mandate to do so. From the start, the intention of the OSA was never actually child safety, nor fixing social media, nor taking on Big Tech. The act's main policy goal was to create a captive, lucrative market for the British safety tech sector. That includes the age verification providers whose offerings were mandated this week as technical intermediaries between all of us. It wasn't about child safety. It was about lobbying.
These shifts which decree mass surveillance and diminished freedoms would not have been possible under the EU-derived Digital Single Market framework
In the past fortnight, the OSA has been appended twice. The first was last week's announcement of a mandate for mass on-device scanning of all user-generated photo uploads, on the presumption of child nudity. There is no published independent evidence that this technology works reliably at scale; it has been adopted largely on the strength of its maker's own claims – a provider, SafeToNet, whose founder describes the company as doing God's work. (Small wonder the sales pitch has been taken as gospel.)
Then on Monday we had Keir Starmer's announcement of an "Australia plus" ban on social media for under-16s, plus age curfews for 16- to 17-year-olds, plus more restrictions to come. Identifying young people will mean identifying all of us, all of the time. What was striking was that Starmer chose to ignore what Australia’s own regulator has already found – that a third of 8- to 15-year-olds still had accounts, and while roughly 5 million had been deactivated, children were creating new ones and passing age checks. His response is to tell the tech sector to engineer the problem away: which for us, will involve more stringent and probably multiple forms of age and verification checking. All of that data about us – uploads of personal documents, facial scans and possibly even voice signals – becomes more vulnerable data about us sitting somewhere, a delicious honeypot for those who would use that information to do wrong. All the while, the surveillance provider will cash in.
It was hard not to feel a cautious optimism when Starmer, a human rights lawyer who literally wrote the book on the subject, came to power. So much for that. His descent into cheerleading for delegated corporate surveillance was solidified when a reporter challenged him on the social media ban's implications for children's rights to freedom of speech. Starmer replied: "On the question of free speech, how many people in this room are prepared to defend adult strangers contacting children online? We know what happens when that develops." By stooping to the trope (a common insult deployed against many of us, including this writer) that anyone questioning government plans is in line with paedophiles, we were given a glimpse of a man who had not just abandoned his own principles, but given up completely on his way out the door.
It was not the Conservative government, or their predatory visions of a societal panopticon for fun and profit, which brought these ideas to fruition – Keir Starmer finished the job which Theresa May began. Future writers will have the space to study the ultimate success or failure of the UK's experiment in delegated surveillance. That is, assuming those writers have any notes to study, or are allowed to communicate with each other.
The timing adds a sadder angle to the story: these policies have been mandated nearly 10 years to the day since the Brexit referendum. The OSA, and the policies which have followed, are Brexit. They are its purest manifestations in both law and in policy. These societal shifts which decree mass surveillance, a loss of personal agency, and diminished freedoms for all, would not have been possible under the EU-derived Digital Single Market framework, or without the dogma of "taking back control" which created a permission structure for state-supported technoauthoritarianism. With the success of these sociotechnical fictions, the Brexit experiment has reached its final form and concluded. Now is the time of monsters.
Heather Burns is a policy adviser who specialises in the impact of technology on human rights, privacy and freedom of expression