Discord has terminated its partnership with Persona Identities, an age verification service backed by Peter Thiel's Founders Fund, after researchers discovered frontend code exposing surveillance capabilities. The code was found accessible on U.S. government servers, revealing that Persona conducted facial recognition checks against watchlists and screened users for politically exposed persons.

Researchers uncovered 2,500 accessible files showing Persona performed 269 distinct verification checks, including screening for "adverse media" across 14 categories like terrorism and espionage. The exposed data, totaling 53 megabytes, was found on a Federal Risk and Authorization Management Program endpoint and included intelligence program codenames. Discord confirmed the partnership lasted less than a month and affected only a small number of users.

This incident follows Discord's history of third-party verification issues, including a 2025 breach affecting 70,000 users' government IDs through vendor 5CA. The platform had recently faced backlash for announcing mandatory age verification through Persona before backtracking. Persona CEO Rick Song defended the exposed files as publicly accessible frontend information rather than a vulnerability, maintaining the partnership was successful and denying ties to government surveillance programs despite the company's FedRAMP authorization efforts.