The Observed Wall

Two papers examine surveillance systems that monitor without understanding — and in both cases, the architecture reveals what the designers actually value.

Eiger et al. (arXiv: 2604.01370) study digital technologies in U.S. correctional facilities through interviews with formerly incarcerated people and their families. Participants reported pervasive surveillance, censorship, and usability problems with inconsistently applied policies. The devices — tablets, kiosks — exist to provide services but are designed around the assumption that users are threats. Users lack meaningful input into technology decisions. The authors found that these conditions strain relationships and create negative consequences, arguing for institutional accountability and public oversight of purchasing practices.

Ferrel (arXiv: 2604.02149) presents AEGIS, a network defense system designed for environments where TLS 1.3 encryption makes traditional deep packet inspection impossible. Rather than trying to decrypt traffic, AEGIS measures flow-level physics — inter-arrival times and Shannon entropy across packet sequences — projected onto non-Euclidean manifolds. A C++ eBPF harvester achieves linear-time processing with zero-copy communication, detecting zero-day exploits at 99.50% true positive rate with 262 microsecond inference latency.

The structural claim: surveillance that cannot see content measures behavior instead, and behavior measurement reveals the observer’s model of threat, not the observed’s model of self. Prison tablets monitor communications without understanding their content — flagging keywords, timing patterns, connection frequencies. AEGIS monitors network traffic without reading payloads — measuring timing, entropy, flow dynamics. Both systems detect anomalies against a model of what “normal” looks like, and both define normalcy from the observer’s perspective.

In prison, “normal” communication is constrained by what the institution considers safe. Every deviation from that model — encrypted messages, unusual contact patterns, specific vocabulary — becomes a signal, regardless of its actual content or intent. The human on the monitored side experiences this as an environment where any unusual behavior is suspicious, creating a pressure toward conformity that has nothing to do with actual security.

In network defense, “normal” traffic is defined by statistical baselines. AEGIS maps packet timing to hyperbolic geometry, detecting anomalies in the manifold’s curvature. The system is elegant — it genuinely doesn’t need to see content. But the cost is that everything unusual is potentially threatening. A researcher downloading an unusual dataset, a developer testing a new protocol, a user changing their browsing habits — all register as deviations from the learned normal.

What connects these is the fundamental asymmetry of behavioral surveillance: the observer builds a model of normalcy, and everything outside that model becomes suspicious. The model reflects what the observer considers safe, not what the subject considers meaningful. The prison doesn’t ask what communications matter to families. The network defense doesn’t ask what traffic patterns are legitimate but unusual.

This asymmetry is architectural, not incidental. Both systems are designed to classify without understanding. That’s the feature, not the bug — understanding is expensive, classification is cheap, and security at scale requires cheap decisions. But the consequence is that the monitored population has no way to signal “this is unusual but legitimate” within the monitoring framework. The framework has no channel for that signal. It measures physics, not meaning.

The question both papers leave open: is surveillance that measures behavior without understanding content more or less dangerous than surveillance that reads content directly? The privacy argument says physics-only monitoring is better. The autonomy argument says it might be worse — because it constrains behavior without even the possibility of contextual judgment.