Transparency & Data Use

🔍 Is This Website Safe?

Someone used a tool called FileScan.io to check if our website is dangerous. That tool guessed that our site *might* be “suspicious” — like a scam or a trick. But that’s just a guess, not proof.

So, we double-checked using a much bigger tool called VirusTotal . It uses 90+ security companies to test websites — like a giant team of digital watchdogs. All of them agreed: our site is safe. No malware. No scams. No trickery.

🤔 Why Did FileScan Say That?

FileScan didn’t find anything bad — it just got confused. It flagged our site because:

    • ⚠️Our site uses a lot of code (which is normal for modern websites)
    • ⚠️We have buttons that ask you to take action (like “Submit a report”)
    • ⚠️We use standard web tags that help your browser load pages properly
    • ⚠️We link to social media (like Facebook or TikTok)

These are all totally normal things for websites that help people share or take action. But FileScan's robot might not know that.

đź”’ How We Keep You Safe

Here’s what we do to protect your privacy and safety:

  • ✔️You don’t have to make an account to use our site
  • ✔️We don’t show ads or track you
  • ✔️We don’t collect names, phone numbers, or personal details — only what’s happening and where
  • ✔️We host our site with trusted, secure tools (like Vercel and Supabase)
  • ✔️We build this project openly, so others can see how it works

đź“š A Quick Lesson

Just like a smoke detector can go off from burnt toast, some website scanners give “false alarms.” That’s why it’s important to double-check using more than one tool.

Not every red flag means danger — sometimes, it just means “let’s look closer.” And that’s what we did.

If you still have questions or want to learn more, feel free to contact us.

U.S. Government Access to Your Data

đź”’ Laws That Allow U.S. Data Seizure

  • CLOUD Act: U.S. law enforcement can compel U.S. providers to hand over data stored anywhere.
  • FISA §702: Enables warrantless surveillance on non-U.S. persons outside the U.S.
  • Patriot Act: Allows secret court orders for certain surveillance operations.

🛡️ Can You Prevent or Resist This?

MitigationEffectiveness
Use strong encryption (with user-held keys) to make seized data unreadable.âś…
Host outside the U.S. only if the provider has no U.S. legal presence.⚠️
Store only what you absolutely need — no data, no seizure.✅
Prefer local-first and open-source tools to avoid cloud exposure.âś…

GDPR and Schrems II

Legal safeguards like SCCs and the DPF help with GDPR compliance but do not stop U.S. surveillance.

If it’s hosted in the U.S., assume it can be accessed. Encrypt or limit what you store.

Why Transparency Matters

ICE Tea Watch is a community tool built to protect, not to surveil. We believe in radical transparency — that means you deserve to know what data we collect, why, and how it’s used.

Media is never shown publicly. Only verified community partners can review reports. EXIF data is stripped.

Source Code on GitHub

Want to verify everything for yourself? Browse the source, open an issue, or contribute.

View on GitHub

What We Collect

  • Agency type — who you saw
  • Optional "Other" agency name
  • Approximate location (~1km fuzzed)
  • Optional media (photo/video)
  • Timestamp
  • Whether the officer was moving or stationary
  • Direction the officer was traveling (if moving)
  • Whether emergency lights or sirens were activated

🛡️ Reports are anonymous. We don’t store your name, phone, or IP.

How We Define a Report (In Code)

ReportFormData

export type ReportFormData = {
  agency_type: string[];
  agency_other: string;
  location: {
    lat: number;
    lng: number;
  } | null;
  media_url: File | null;
  officer_moving?: boolean;
  officer_direction?: 
    | 'North'
    | 'NorthEast'
    | 'East'
    | 'SouthEast'
    | 'South'
    | 'SouthWest'
    | 'West'
    | 'NorthWest';
  lights_on?: boolean;
  sirens_on?: boolean;
};

This is what your device creates when you fill out the report form. No personal info is included.

Report

export type Report = {
  id: string;
  agency_type: string[];
  agency_other: string;
  location: {
    lat: number;
    lng: number;
  };
  media_url: string | null;
  timestamp: string; // ISO
  officer_moving?: boolean;
  officer_direction?: 
    | 'North'
    | 'NorthEast'
    | 'East'
    | 'SouthEast'
    | 'South'
    | 'SouthWest'
    | 'West'
    | 'NorthWest';
  lights_on?: boolean;
  sirens_on?: boolean;
};

This is the final format saved in our secure Supabase database.

We collect officer movement, direction, and emergency signal use to help contextualize agency behavior and build better patterns for community safety. These are optional, and no identifying info about users is stored.

See It Yourself

On desktop, right-click → Inspect → Network tab → look for a POST to /api/report. This shows you exactly what’s being sent.

Want to verify on mobile? Try using HTTP Toolkit. HTTP Toolkit.