Tell Etsy, Reddit, Tinder & Duolingo: Stop Feeding Surveillance Tech

The websites and services we trust for shopping, socializing, and learning shouldn’t be tools for surveillance. Yet, a new investigation by 404 Media has revealed that ShadowDragon, a U.S. government contractor, is exploiting publicly available data from websites and services like Etsy, Reddit, Tinder, and Duolingo — to fuel mass surveillance programs for U.S. government agencies like Immigration and Customs Enforcement (ICE).

ShadowDragon’s SocialNet and similar tools track your connections, map your movements, and piece together your digital life, turning your ordinary online activity into a powerful surveillance tool. That’s why Mozilla is launching an urgent campaign targeting 30 key websites and services currently being used as fodder for shady surveillance tech, calling on them to:

  • Protect our data. Proactively detect and block surveillance tools like ShadowDragon’s SocialNet, which exploit the data we share with these websites and services.
  • Increase transparency. Publicly report known attempts by surveillance contractors like ShadowDragon to access user data, and what measures they have taken to stop and prevent it.
  • Strengthen privacy protections. Limit the exposure of our sensitive data and make privacy the default — so firms like ShadowDragon can’t easily exploit our conversations, connections, and activities online.

Sign Mozilla’s petition to demand websites and services like Etsy, Reddit, Tinder and Duolingo block ShadowDragon’s SocialNet, and protect our data from mass surveillance.

Which websites and services is Mozilla targeting?

Mozilla will directly pressure 30 companies, chosen based on their size, the volume of user data they hold, the vulnerability of their users, and the value of their data to ShadowDragon — especially platforms where users share sensitive information, including personal communications, affiliations, political speech, geolocation, and immigration status. Review sites and other platforms where people express personal, emotional content are particularly at risk.

The Mozilla community is currently targeting the following websites and services:

1. Major Tech & Social Platforms

  • Amazon
  • Apple
  • Facebook + Instagram
  • LinkedIn
  • Nextdoor
  • Pinterest
  • Reddit
  • Snapchat
  • TikTok
  • Twitter
  • BlueSky

2. Search, Data & Professional Networks

  • Google
  • Github
  • Glassdoor
  • Substack
  • TripAdvisor
  • Yelp
  • GoFundMe

3. Entertainment, Gaming & Lifestyle

  • Xbox
  • YouTube
  • Twitch
  • Duolingo
  • Strava
  • OnlyFans
  • Tinder
  • Etsy

4. Communication, Parenting & Travel

  • Discord
  • WhatsApp
  • BabyCentre
  • FlightAware

If you use any of these platforms, take a moment to contact them now — express your concerns and demand immediate action to protect your data from shady mass surveillance firms.

Over the coming weeks, the Mozilla community will be ramping up the pressure on these companies. Keep an eye on your inbox and Mozilla’s social media channels for next steps!

The full list of the 200+ websites monitored by ShadowDragon’s SocialNet has been released by 404 Media in this spreadsheet.

How do surveillance tools piece together our data?

Here’s how scraped public data from different platforms can be stitched together to infer identity, location, status, beliefs, and networks — even if no one website reveals all that alone.

  • GoFundMe + Etsy: Fundraisers for medical bills, legal aid, or immigration fees can indicate vulnerability — particularly for undocumented people, refugees, or activists needing support.
  • Duolingo + LinkedIn + Glassdoor: A user learning English or a regional language on Duolingo might be flagged if they also have a job history on LinkedIn or Glassdoor that suggests they recently moved or are working in an industry with high rates of undocumented labor.
  • Google + TripAdvisor + Yelp: Reviews, location data, and travel history can help create a pattern of movement. Used together, they can reveal where someone lives, works, or regularly travels — even if they never explicitly say it.
  • Strava + FlightAware: Fitness tracking data and travel logs can create real-time movement maps, showing when someone is out for a run, at the gym, or flying to a specific location — particularly concerning for activists or people fleeing danger.
  • BabyCentre + Nextdoor: Participation in parenting or neighborhood groups can reveal the presence of children, family networks, and location data — all of which can factor into targeting undocumented families, mixed-status households or pregnancies.
  • Reddit + Substack + Twitter + Bluesky + Facebook/Instagram: Posts, comments, and follows can expose a person’s views on immigration, protest movements, labor organizing, or political ideology. This data can be used to target individuals engaged in dissent or advocacy.

No single website or services tells the whole story. But when tools like ShadowDragon’s SocialNet pull data from all of them, it becomes dangerously easy to track, profile, and target people.

How can I find more information about this investigation?

​For an in-depth understanding of this investigation, you can read the original article by 404 Media: The 200+ Sites an ICE Surveillance Contractor is Monitoring (12 March 2025).

For more insights, 404 Media also produced a podcast that delves deeper into this investigation: The Websites An ICE Contractor is Monitoring (19 March 2025)

Stylized green eye symbol on a black background with a green grid pattern. The grid bends around the eye, suggesting surveillance or digital observation.

* indicates a required field







The websites and services we trust for shopping, socializing, and learning shouldn’t be tools for surveillance. Yet, a new investigation by 404 Media has revealed that ShadowDragon, a U.S. government contractor, is exploiting publicly available data from websites and services like Etsy, Reddit, Tinder, and Duolingo — to fuel mass surveillance programs for U.S. government agencies like Immigration and Customs Enforcement (ICE).

ShadowDragon’s SocialNet and similar tools track your connections, map your movements, and piece together your digital life, turning your ordinary online activity into a powerful surveillance tool. That’s why Mozilla is launching an urgent campaign targeting 30 key websites and services currently being used as fodder for shady surveillance tech, calling on them to:

  • Protect our data. Proactively detect and block surveillance tools like ShadowDragon’s SocialNet, which exploit the data we share with these websites and services.
  • Increase transparency. Publicly report known attempts by surveillance contractors like ShadowDragon to access user data, and what measures they have taken to stop and prevent it.
  • Strengthen privacy protections. Limit the exposure of our sensitive data and make privacy the default — so firms like ShadowDragon can’t easily exploit our conversations, connections, and activities online.

Sign Mozilla’s petition to demand websites and services like Etsy, Reddit, Tinder and Duolingo block ShadowDragon’s SocialNet, and protect our data from mass surveillance.

Which websites and services is Mozilla targeting?

Mozilla will directly pressure 30 companies, chosen based on their size, the volume of user data they hold, the vulnerability of their users, and the value of their data to ShadowDragon — especially platforms where users share sensitive information, including personal communications, affiliations, political speech, geolocation, and immigration status. Review sites and other platforms where people express personal, emotional content are particularly at risk.

The Mozilla community is currently targeting the following websites and services:

1. Major Tech & Social Platforms

  • Amazon
  • Apple
  • Facebook + Instagram
  • LinkedIn
  • Nextdoor
  • Pinterest
  • Reddit
  • Snapchat
  • TikTok
  • Twitter
  • BlueSky

2. Search, Data & Professional Networks

  • Google
  • Github
  • Glassdoor
  • Substack
  • TripAdvisor
  • Yelp
  • GoFundMe

3. Entertainment, Gaming & Lifestyle

  • Xbox
  • YouTube
  • Twitch
  • Duolingo
  • Strava
  • OnlyFans
  • Tinder
  • Etsy

4. Communication, Parenting & Travel

  • Discord
  • WhatsApp
  • BabyCentre
  • FlightAware

If you use any of these platforms, take a moment to contact them now — express your concerns and demand immediate action to protect your data from shady mass surveillance firms.

Over the coming weeks, the Mozilla community will be ramping up the pressure on these companies. Keep an eye on your inbox and Mozilla’s social media channels for next steps!

The full list of the 200+ websites monitored by ShadowDragon’s SocialNet has been released by 404 Media in this spreadsheet.

How do surveillance tools piece together our data?

Here’s how scraped public data from different platforms can be stitched together to infer identity, location, status, beliefs, and networks — even if no one website reveals all that alone.

  • GoFundMe + Etsy: Fundraisers for medical bills, legal aid, or immigration fees can indicate vulnerability — particularly for undocumented people, refugees, or activists needing support.
  • Duolingo + LinkedIn + Glassdoor: A user learning English or a regional language on Duolingo might be flagged if they also have a job history on LinkedIn or Glassdoor that suggests they recently moved or are working in an industry with high rates of undocumented labor.
  • Google + TripAdvisor + Yelp: Reviews, location data, and travel history can help create a pattern of movement. Used together, they can reveal where someone lives, works, or regularly travels — even if they never explicitly say it.
  • Strava + FlightAware: Fitness tracking data and travel logs can create real-time movement maps, showing when someone is out for a run, at the gym, or flying to a specific location — particularly concerning for activists or people fleeing danger.
  • BabyCentre + Nextdoor: Participation in parenting or neighborhood groups can reveal the presence of children, family networks, and location data — all of which can factor into targeting undocumented families, mixed-status households or pregnancies.
  • Reddit + Substack + Twitter + Bluesky + Facebook/Instagram: Posts, comments, and follows can expose a person’s views on immigration, protest movements, labor organizing, or political ideology. This data can be used to target individuals engaged in dissent or advocacy.

No single website or services tells the whole story. But when tools like ShadowDragon’s SocialNet pull data from all of them, it becomes dangerously easy to track, profile, and target people.

How can I find more information about this investigation?

​For an in-depth understanding of this investigation, you can read the original article by 404 Media: The 200+ Sites an ICE Surveillance Contractor is Monitoring (12 March 2025).

For more insights, 404 Media also produced a podcast that delves deeper into this investigation: The Websites An ICE Contractor is Monitoring (19 March 2025)

Stylized green eye symbol on a black background with a green grid pattern. The grid bends around the eye, suggesting surveillance or digital observation.