// tl;dr
Palantir is building a “Super API” for the IRS Criminal Investigation division on its Foundry platform, making IRS data accessible to any authorized government application. The 404media report published the actual contract, which shows the scope extends to tax returns, bank statements, FinCEN data, and cryptocurrency records across Bitcoin, Litecoin, Ethereum, and Ripple. DOGE’s stated goal is for Foundry to be “the read center of all IRS systems,” with a cross-agency vision extending to immigration and Social Security records.
The Pentagon operated a covert AI-generated propaganda network called La Tilde targeting Latin America, with no public congressional disclosure, according to a new Intercept investigation. The operation is run by U.S. Special Operations Command South (SOCSOUTH). AI text-detection service Pangram flagged its content as machine-generated. Its predecessor network, Entorno Diario, ran 553 URLs generating 56 million views. SOCSOUTH denied involvement.
Headway, the largest US telehealth therapy network, is now requiring patients to complete a facial biometric scan or lose access to their prescriber. The requirement is tied to DEA compliance under the Ryan Haight Act and currently applies to patients in medication management. Therapy-only patients are not yet subject to the mandate. Patients were not told which third-party service processes the scan or how long biometric data is retained.
Android 12 and newer can now alert you in real time when a caller cannot be verified as the number they claim to be calling from. The feature is designed to detect AI voice-clone impersonation scams. INTERPOL estimates global fraud losses at $442 billion annually, with impersonation fraud among the leading categories. The feature requires both parties to use the Google Phone app.
Four stories about what AI governance looks like when it stops being abstract. The IRS Criminal Investigation division is building a Palantir-powered Super API that makes tax records readable by any authorized government app, with DOGE aiming to extend the same interface to immigration and Social Security data. A Defense Department command ran a covert AI-generated content mill in Latin America, and the only reason it surfaced was an investigative report, not a congressional hearing. The biggest US telehealth therapy network now makes a facial biometric scan a condition of access to your prescriber, citing DEA compliance under a law originally written for pill mills. And Android, among all of these, is the one actor this week that handed individuals a concrete defensive tool.
The connective thread is not surveillance in the broad sense. It is the specific gap between what AI systems are authorized to do and what authorization actually means in practice. The IRS contract uses the phrase “any authorized application” without defining who controls the authorization layer. The Pentagon propaganda program continued for years after Congress defunded its predecessor because the word “successor” was not in the defunding language. Headway’s biometric requirement is DEA-compliant, but the DEA does not require biometrics specifically, only identity verification. Android’s caller verification is opt-in. In all four cases, the consequential decision is not in the headline; it is in the implementation detail that the headline does not name.
The IRS already has your financial history. The Pentagon already has a content mill targeting populations it deems strategically relevant. Your therapy platform already has your session notes. This week, each of them acquired a new capability, and one of them is trying to help you rather than just watch you.
1. Palantir is building a Foundry Super API making IRS Criminal Investigation records accessible to any authorized government app, with DOGE targeting cross-agency access to immigration and SSA data.
The DOGE-IRS data-sharing has been covered, but not through the lens of the Palantir contract.
On June 2, the investigative outlet 404media published the actual contract between the Internal Revenue Service and Palantir Technologies for what 404media described as a “Super API”: a unified data interface built on Palantir’s Foundry platform that would make IRS Criminal Investigation division records accessible to any authorized government application. The contract is not new. Palantir has held contracts with the IRS since 2018, and the agency has paid the company over $130 million across 26 contracts for the Lead and Case Analytics (LCA) platform, which runs on both Palantir Gotham and Palantir Foundry.
The contract language, as reported by 404media and corroborated by The Intercept’s April 2026 reporting based on American Oversight FOIA documents,
describes the current IRS CI systems as lacking “a centralized law enforcement case management system that allows for deconfliction, lead tracking, centralized evidence/case file management, chain of custody tracking, or investigative file sharing.”
The Super API is the stated solution: a Foundry-based interface that makes data from IRS CI’s currently siloed systems accessible to any authorized application through a single API layer. The data scope in the contract includes individual tax returns and tax forms, Affordable Care Act records, bank statements and transaction records, data from the Treasury’s Financial Crimes Enforcement Network (FinCEN), and cryptocurrency records for Bitcoin, Litecoin, Ethereum, and Ripple.
The contract’s justification language states that IRS systems have become “increasingly complex and siloed, creating an opportunity to modernize data access and enhance secure information sharing,” and that the API will make “IRS data easily accessible to any app.”
The DOGE dimension was first reported by Wired in April 2026. A three-day hackathon involving DOGE representatives, Palantir engineers, and IRS career engineers took place around April 10. DOGE’s stated objective at the hackathon was for Foundry to become “the read center of all IRS systems.” The cross-agency vision goes further than what the contract text covers: the interface is envisioned to support interoperable queries across IRS records, immigration files, and Social Security Administration data from a single interface. The Palantir engineers at the hackathon estimated the API could be completed within 30 days.
Why this matters: The question is not whether the IRS should use analytics software. It has, since 2018, and financial crime investigation is a legitimate function. The question is what the data architecture implies. A Super API that makes IRS data accessible to “any authorized application” is a different posture from the software used by IRS CI agents for their own casework. “Any authorized application” means any agency or system that can obtain authorization from whoever controls the authorization layer, and that definition is not in the contract. The cross-agency vision described at the DOGE hackathon, where IRS, immigration, and Social Security records are queryable from a single interface, would make it operationally trivial to correlate tax compliance status with immigration status for any person in the US database. The contract is lawfully procured. The architecture it describes is not illegal. The governance gap is in who controls the “authorized” designation, under what standards, with what audit trail, and with what congressional authorization for the cross-agency extension. None of those questions are answered in the published contract.
Action this week: If you are a tax professional, privacy attorney, or congressional staffer, the 404media contract publication is the primary source, and The Intercept’s April 2026 reporting based on American Oversight FOIA documents adds the DOGE-hackathon context. The Senate Finance Committee and the House Ways and Means Committee have jurisdiction over IRS contracting; if members pursue oversight hearings, those are the venues. If you advise clients on government data-sharing risk, the FinCEN and cryptocurrency scope in the contract means this system is not limited to traditional tax-filing data, and the cross-agency vision means your client’s IRS exposure may also extend to immigration and SSA.
404media.co: Here Is the Contract for Palantir’s Super API for the IRS
theintercept.com: Palantir Is Helping Trump’s IRS Conduct ‘Massive-Scale’ Data Mining (April 24, 2026 · American Oversight FOIA)
techmeme.com / Wired: DOGE-Palantir hackathon, “read center of all IRS systems” (April 12, 2026)
2. The Pentagon operated a covert AI-generated propaganda network called La Tilde targeting Latin America, run by SOCSOUTH with no public congressional disclosure. The Intercept reported on June 2.
The broader Pentagon AI influence-operations arc has been covered; this is a new, named network with new contract details.
On June 2, The Intercept published an investigation identifying a nascent Pentagon-linked AI-generated propaganda network called La Tilde, targeting Latin American audiences with Spanish-language content and operating without public congressional disclosure. The network is operated by U.S. Special Operations Command South (SOCSOUTH), which runs special operations missions across South and Central America and the Caribbean. Web design for La Tilde was subcontracted to Antpack, a Colombian digital marketing firm. The AI text-detection service Pangram flagged La Tilde’s content in both English and Spanish as machine-generated. SOCSOUTH denied any connection to La Tilde in a statement to The Intercept. General Dynamics Information Technology, whose Google Ads identifier code appears in the network’s site code, according to researcher Renée DiResta, did not respond to multiple requests for comment.
La Tilde is described by The Intercept as nascent, having begun development in early 2026. Its predecessor network, Entorno Diario, operated from July 2023 through September 2025 at a significantly greater scale: 553 URLs analyzed, generating 56 million views across 227 tweets over that period. Among Entorno Diario’s articles, approximately 70 percent mentioned China or Chinese entities, a figure that reflects the predecessor network’s counter-messaging mandate rather than La Tilde’s current content profile; La Tilde is still nascent, and its full content scope is not yet established. La Tilde is described by The Intercept as a third-generation successor to the Trans-Regional Web Initiative (TRWI), a Pentagon program that Congress defunded in 2014 after deeming it a failure, whose operational model has continued in subsequent programs with minimal public disclosure. The TRWI network originally spawned 10 websites targeting the Middle East and South Asia; the current generation has shifted focus to Latin America.
The Lawfare analysis “Fewer Bots, More Ads: The Pentagon’s Evolving Online Influence Campaigns,” published separately from The Intercept’s investigation, corroborates the “third generation of TRWI-style semi-overt propaganda sites” characterization and the General Dynamics connection, and predates The Intercept’s La Tilde report. As of June 3, the story has not been independently picked up by AP, Reuters, BBC, or Politico. It is a single-source investigative exclusive with secondary structural corroboration from the Lawfare analysis. SOCSOUTH’s denial is on record.
Why this matters: The TRWI was defunded by Congress in 2014 after lawmakers concluded that the program was ineffective and lacked adequate oversight. The programs that followed, Entorno Diario, now La Tilde, operated under a different legal framework with no public congressional notification, per The Intercept’s reporting. The addition of AI-generated content is not only a change in production efficiency. It scales output to a level where human editorial review of every piece is operationally impractical, removing the accuracy and appropriateness gatekeeping that theoretically existed in manually written operations. Latin American governments that find AI-generated US military content circulating in their information space without prior disclosure have no formal channel to contest it short of a diplomatic complaint. The SOCSOUTH denial is noted and on record, but it covers operational association, not the question of whether the program exists or who funds it -- questions that The Intercept and the Lawfare analysis address through contract and ad-network analysis.
Action this week: If you work in Latin American media, civil society, or government, the Pangram methodology for detecting AI-generated content is described in The Intercept’s investigation and can be applied to content you suspect is part of a similar network. If you are a US congressional staffer on the Armed Services or Intelligence committees, neither committee has held a public hearing on La Tilde or Entorno Diario; those are the oversight venues with jurisdiction over SOCSOUTH’s information operations. If you advise on AI-generated influence operations, the La Tilde network demonstrates the current state of the art: contractor-built sites with plausible local branding, AI-generated content that passes casual editorial review, ad-network infrastructure tied to a known defense contractor, and deniability maintained through subcontractor chains.
theintercept.com: The Pentagon Is Running an AI Propaganda Mill Targeting Latin America (June 2, 2026)
lawfaremedia.org: Fewer Bots, More Ads -- The Pentagon’s Evolving Online Influence Campaigns (secondary corroboration)
3. Headway, the largest US telehealth therapy network, now requires patients in medication management to complete a facial biometric scan or lose access to their prescriber.
Telehealth Ryan Haight Act compliance has been covered; this is a new named implementation at the largest US telehealth network.
Headway, which operates the largest network of telehealth therapists and prescribers in the United States, is now requiring patients to complete a facial biometric verification scan as a condition of continued access to their prescriber, according to an investigation by 404media. The requirement is framed by Headway as a compliance measure under the Ryan Haight Act, a 2008 federal law that restricts the prescribing of controlled substances via telemedicine and requires DEA-compliant patient identity verification. The mandate currently applies to patients who see prescribers or are in medication management on the Headway platform, including patients receiving stimulants for ADHD and other controlled medications. Therapy-only patients, who are not receiving prescriptions, are not currently subject to the facial scan requirement.
Patients who do not complete the facial scan lose access to their prescriber -- not only to their prescriptions, but to the provider relationship itself. For a patient in medication management for a controlled substance, refusal or inability to complete the biometric scan could interrupt a prescription regimen with no transition protocol. The 404media investigation includes patient accounts of receiving the facial scan requirement with no explanation of which third-party service conducts the scan, where the biometric data is stored, how long it is retained, or whether patients can choose an alternative DEA-compliant identity verification method. The Ryan Haight Act compliance rationale is facially legitimate: the DEA does require identity verification for controlled-substance prescribers using telemedicine platforms. The choice of facial biometric scanning rather than alternative DEA-compliant verification methods -- government ID check, video identification with a credentialed provider -- is Headway’s own decision, not a DEA mandate.
Why this matters: Telehealth expanded enormously during 2020-2022 on emergency DEA waivers that temporarily relaxed Ryan Haight Act requirements. Those waivers have been expiring, and the telemedicine industry is now implementing compliance measures that the pre-pandemic framework never required at scale. Millions of patients who established care with telehealth prescribers during that window, when verification was minimal, are now being asked to prove their identity through methods that did not exist in that original framework. Headway’s choice of facial biometric verification is the most invasive of the available DEA-compliant options. Facial biometric data is a permanent biometric identifier: unlike a password, it cannot be changed if the database is breached. The 404media patient accounts raise a specific governance gap that has not been publicly resolved: patients were not told which company processes the scan, a disclosure that would normally be required under HIPAA’s Business Associate Agreement framework if the scan processor qualifies as a covered entity or business associate. That question remains unresolved in the published reporting.
Action this week: If you are a Headway patient currently in medication management, review the platform’s stated rationale and the questions it has not answered about data retention and third-party processing. The DEA’s Office of Diversion Control lists compliant alternatives to facial biometric scanning for telemedicine-prescriber identity verification; if you prefer an alternative method, that documentation is the basis for a formal written request to Headway. If you work in health privacy law, the unanswered HIPAA Business Associate Agreement question is the leverage point for a formal complaint to the HHS Office for Civil Rights. If you manage patient advocacy at a mental health organization, the prescription-continuity risk for patients who cannot or do not complete the biometric scan is the near-term concern: no transition protocol was described in the 404media reporting.
404media.co: The Largest US Telehealth Therapy Network Now Requires Patients to Scan Their Faces
4. Android 12 now warns you in real time when a caller cannot be verified as the number they claim to be calling from, a defense against AI voice-clone impersonation scams.
INTERPOL fraud figure confirmed at $442 billion total fraud (all types); impersonation fraud is a leading contributor.
Google has rolled out a real-time call verification feature to Android 12 and newer devices running the Phone by Google app that warns users when a caller cannot be verified as the phone number they claim to be calling from. The feature is designed to detect AI voice-clone impersonation scams, where fraudsters use AI-generated audio to impersonate banks, government agencies, or family members. The alert appears during an active call automatically when the originating carrier metadata conflicts with the claimed caller ID. The feature is opt-in and requires that both the caller and the recipient use the Phone by Google app.
The timing reflects a real and growing attack surface. INTERPOL published findings in March 2026 estimating global fraud losses at $442 billion annually across all categories, with impersonation fraud identified as one of the leading contributors.
The AI voice-clone variant has grown substantially as the cost of generating convincing synthetic audio has dropped to near-zero. Several widely reported cases in 2025 involved synthetic audio impersonating family members—a modernized version of the grandparent scam —and bank fraud-prevention lines, where the fraudster impersonates the bank’s own security team to reverse-social-engineer the target into authorizing a transfer. Google's Phone verification feature does not require the recipient to evaluate the call in real time. It operates at the carrier-metadata layer and automatically surfaces the alert if the claimed caller ID cannot be authenticated. If the verification succeeds, no alert appears. If it cannot be verified, the alert appears during the call.
Why this matters: The INTERPOL $442 billion global fraud estimate means impersonation fraud is not a niche problem. The AI voice-clone variant is the newest and fastest-growing attack surface in that category because it removes the accent, cadence, and script-quality tells that historically let people identify fraud calls in real time. A real-time alert on the recipient’s phone shifts the verification burden from the user’s judgment call, made in a live conversation, under time pressure, against a voice that may sound exactly like someone they know, to a network-layer check that happens automatically before the user has to decide anything. The limitation is meaningful and worth stating clearly: both parties need to use Google Phone for the verification to work. That means this protection is most useful for calls within networks where everyone uses Android and the app is installed, and less useful for calls from institutions that do not use Phone by Google. The opt-in requirement also means the feature does not help users who are unaware of it.
Action this week: If you have an Android 12 or newer device, open the Phone app's settings and look for the caller verification toggle; it is off by default. If you help manage security awareness for an organization or a family with older relatives on Android, enabling caller verification is a concrete, no-ongoing-cost action that addresses the fastest-growing category of phone fraud. If your older relatives use Android, checking whether they have Phone by Google installed and enabling the feature is the most direct near-term defense against voice-clone fraud currently available on a consumer platform at no additional cost.
techcrunch.com: Google adds real-time fake call detection to Android
blog.google: New Phone by Google safety features (Google Blog)
» What to watch this week
Whether the Senate Finance or House Ways and Means committees request a briefing on the Palantir IRS Super API contract. The published contract’s “any authorized application” language and DOGE’s cross-agency vision (IRS, immigration, and SSA from a single interface) are the specific oversight questions; committee press offices are the right channel to watch for hearing announcements. The American Oversight FOIA team at americanoversight.org is also tracking this and will publish any follow-on documents they obtain.
Whether the Armed Services or Intelligence committees request a briefing on SOCSOUTH’s La Tilde and Entorno Diario information operations. No public hearing has been announced. The Intercept’s investigation is the first public naming of La Tilde; Lawfare’s secondary analysis of the TRWI successor network provides the broader pattern. A committee inquiry would be the first public accounting of whether the program continued after TRWI was defunded, with or without a new authorization.
Whether Headway discloses which biometric vendor processes its facial scans and its data retention policy. The unanswered HIPAA Business Associate Agreement question in the 404media investigation is the regulatory hook: if the scan processor qualifies as a covered entity or business associate, the required disclosure has not been made. The HHS Office for Civil Rights is the enforcement venue.
Whether Google expands Phone by Google caller verification to work across carrier networks regardless of what app the caller uses. The both-parties-must-use-the-app limitation is the current barrier to broad adoption. A carrier-level implementation, or a cross-app protocol, would make the feature useful for institutional calls (banks, government agencies), not just peer-to-peer calls.
Tomorrow’s signal lands here.
PickBits Daily Signal is a working brief by Mark Pickering. Twenty years of shipping apps and workflow automation, with the last stretch on agentic workflows on ServiceNow. The newsletter is free. If a friend forwarded this to you and you want it in your inbox, subscribe at pickbitsai.substack.com.
