Discord Severs Persona Links After Peter Thiel-Backed Verification Software's US Surveillance Ties Are Revealed
The decision follows scrutiny over Persona's identity verification system and its potential exposure of user data
Discord has cut ties with Persona after revelations that the Peter Thiel-backed identity verification software was linked to US surveillance infrastructure.
The decision follows mounting scrutiny over how Persona's system was deployed and whether sensitive user data could have been exposed through government-connected endpoints. The controversy has reignited debate about privacy, age verification and the role of surveillance-linked technology in mainstream social platforms.
Government Endpoints and Surveillance Concerns
According to a report, researchers discovered that Persona's front-end code was accessible on the open internet and hosted on a US government-authorised server. Nearly 2,500 files were reportedly sitting on a Federal Risk and Authorization Management Program endpoint, raising concerns about the software's scope.
Researchers claimed that Persona conducted facial-recognition checks against watchlists and screened users against lists of politically exposed persons. The software was also said to perform 269 distinct verification checks, including screening for 'adverse media' in categories such as terrorism and espionage.
'We didn't even have to write or perform a single exploit, the entire architecture was just on the doorstep,' researchers wrote in a blog post, adding that 53 megabytes of data were visible on a FedRAMP government endpoint that allegedly 'tags reports with codenames from active intelligence programmes'. Those findings fuelled concerns that Persona's systems may have been tied to broader US surveillance frameworks.
Discord has announced that it's cutting ties with Persona, the AI software they used for age and identity verification
— Dexerto (@Dexerto) February 24, 2026
via The Verge pic.twitter.com/oYZ0uoHsXn
Discord Moves Swiftly to Distance Itself
Discord confirmed it had severed its partnership with Persona, with both companies stating that the collaboration lasted less than a month and involved only a limited test group. Discord added that any information submitted during the trial could be stored for up to seven days before deletion, and stressed that only a small number of users were affected.
Still, the association with a Peter Thiel-backed system allegedly tied to US surveillance proved damaging.
A Troubled Safety Overhaul
The fallout arrives at a sensitive moment for Discord. The company had recently announced plans to default all accounts to teen-safety settings, requiring users to verify their age via Persona to access certain features—a move that drew criticism. Discord later clarified that age verification would remain optional unless users sought access to age-restricted servers and channels.
'We offer multiple privacy-forward options through trusted partners,' the company said, adding that 'facial scans never leave your device' and that Discord and its vendors do not receive biometric data. However, an archived version of Discord's FAQ appeared to contradict claims about data storage timelines, suggesting that UK users in an experimental group might have their information temporarily stored for up to seven days. This discrepancy further eroded trust at a time when Discord was already recovering from a previous third-party data breach affecting more than 70,000 users.
Persona's Defence
Persona's chief executive, Rick Song, defended the company's practices, saying the product had performed 'incredibly well' and that data was redacted immediately upon processing, not deleted merely because the contract ended. Song also denied any relationship with Palantir, ICE or government surveillance bodies.
'We have no relationship whatsoever with ICE, Palantir,' he said in an email exchange shared online, explaining that Persona is pursuing FedRAMP authorisation as part of its work in workforce security, not social media monitoring. While Persona does offer know-your-customer and anti-money laundering services, Song maintained that the checks highlighted by researchers are configurable options rather than universal practices.
In essence, he argued, a social media age check does not equate to a law enforcement background investigation.
The Peter Thiel Factor
The controversy has been amplified by Persona's financial backing. Thiel co-founded Palantir, a data analytics firm often associated with government contracts and intelligence work, and despite Persona's insistence that it has no operational link to the firm, the association intensified scrutiny once US surveillance endpoints were identified in the code analysis. For critics, the episode illustrates the blurred lines between commercial identity verification tools and government-aligned infrastructure.
Trust at Stake
For Discord, the immediate priority is restoring user confidence. The platform reiterated that it receives only a user's confirmed age, not identity documents, and that IDs are deleted quickly after verification. 'Discord only receives your age — that's it. Your identity is never associated with your account,' the company said.
Yet the rapid unravelling of its partnership with Persona underscores how fragile digital trust can be. As platforms face growing pressure to protect minors while safeguarding privacy, the balance between safety and surveillance grows ever more delicate.
Discord's decision to cut links with the Peter Thiel-backed verification software may close one chapter, but questions about US surveillance connections and third-party verification systems are unlikely to fade soon.
© Copyright IBTimes 2025. All rights reserved.
- Recommended For You
