The crisis triggered by the US-Israel war on Iran has revealed a chilling truth: the very tools of mass public surveillance, that is, CCTV networks, biometric systems and open-source intelligence data collection can now be weaponised against powerful figures within government itself.Iranian Supreme Leader Ayatollah Khamenei was assassinated in a swift operation aided by artificial intelligence. Nearly all traffic cameras in Tehran were hacked and footage was transmitted to servers in Israel. This footage was used to track the movements of key government figures, those close to Ayatollah Khamenei and even their bodyguards. Data from the public domain, including addresses, work habits and family life, was analysed by Israel, and this information was then used to pinpoint the attack.Venezuelan President Nicolás Maduro was captured using similar surveillance techniques aided by Anthropic’s AI model.These incidents have triggered a debate disturbing reality unfolding in global power corridors. The digital security architecture that intrusively collected data from the public without consent has transformed into a security nightmare. Governments that dismissed public concerns about mass surveillance for decades are now confronting an uncomfortable truth: data control is not a one-way street.The ditch powerful governments dug for ordinary citizens can become a grave for themselves.The surveillance state The seeds of mass surveillance were sown in Britain in the early 1990s when CCTV cameras began proliferating in cities. While civil society raised concerns, successive governments dismissed them as paranoia by alarmists. They argued that security demanded visibility and that eliminating anonymity would reduce crime, deter terrorism and ensure public safety.Later, almost the entire world followed the same path. In India, too, a similar approach was adopted. The Aadhaar biometric database linked biometric data to almost every service provided by the government, and private entities like mobile companies, banks, and even entry at airports. Union and state governments both started installing CCTVs at traffic lights, markets, railway stations, universities, government offices, and religious sites. Even schools started placing cameras in classrooms, with live streaming for parents. Delhi under the Aam Aadmi Party, Hyderabad under the Telangana Rashtra Samithi (now, Bharath Rashtra Samithi), and Lucknow under the Bharatiya Janata Party became testing grounds for real-time facial recognition at mass scale. Hyderabad’s ‘360-degrees monitoring project’ named Samagra Vedika and Surat’s Safe City Project were the starting points. Now, 100 ‘smart cities’ have Integrated Command and Control Centres (ICCC).Questions were raised in Parliament regarding oversight, data protection, and the possibility of abuse. The answers were vague. Data protection laws were delayed. Successive Aadhaar database leaks failed to raise awareness or cause the required concerns. The pattern is not just limited to India. China now has a comprehensive surveillance infrastructure, the best ever in the world. Saudi Arabia, the Gulf states, Russia, Turkey, European Union countries, all expanded their surveillance architectures under the banner of counter-terrorism, immigration enforcement, or public order. The logic was simple: the state owned the power. It would keep a watch on citizens to keep them safe.But the watcher can also be watchedCommon citizens may have lost their privacy, but powerful leaders can also lose their lives. US and Israel have demonstrated how the surveillance infrastructure can be hacked and weaponised.If they can do it, can the non-state actors, hostile intelligence agencies and sophisticated criminal networks be far behind? Surveillance architecture can never be hundred percent secure, such is the nature of information technology and AI. No IT infrastructure is immune to hackers. The open-source intelligence revolution means that the movements, schedules, biometrics and vulnerabilities of powerful individuals are as exposed as those of ordinary people. The heads of governments, powerful officials movements are being tracked by CCTV networks. Even if highest degree of security is ensured to prevent hacking of indigenous systems, there is no control of their sovereign governments over the CCTV networks in other countries. The ‘pattern of life’ tracking template of Israel’s now has a proof of concept. It is not speculative anymore. It is now known to actors far beyond state intelligence services.For governments and leaders who supported digital surveillance to control the citizens, this is a profound reversal. The very surveillance architecture they created can now be used to track, catalogue and potentially target the leaders themselves. It is now known that digital surveillance state is not selective. In hands of a capable adversary, it obliterates the difference between the ruler and the citizen.The implications extend well beyond geopolitical rivalries between nation-states. The camera on the street corner does not know who is watching its feed. The biometric database does not verify the authorisation of whoever queries it. In a world of sophisticated data breaches, corrupted insiders and commercially available facial recognition APIs, the fiction that surveillance infrastructure serves only its intended masters is increasingly untenable.For most of recorded history, a head of state or senior official moved through the world with some reasonable expectation that their precise whereabouts at any given moment were not accessible to their enemies. That expectation is now largely extinct.The rulers across the world are therefore worried and privacy champions are having a loud laugh.Privacy now will not just remain a matter of concern for ordinary citizens. The powerful in governments will now begin to grasp, personally, what living under surveillance actually means. The abstract principle of privacy is becoming a concrete, visceral concern for those who previously dismissed it.It is now time to reignite the debate on privacy. The convergence of potential threats to the rulers and common masses can now produce real policy change. The sense to restrict, regulate or even partially dismantle surveillance infrastructure may now have willing buyers within the governments. A new beginning may emerge, though not out of any commitment to civil liberties, but from self-interest and insecurity.The surveillance architecture now stands inverted. Its control can no longer be guaranteed with governments and leaders, howsoever powerful or efficient they may be. The shadows of enemy nations, rogue non-state actors, terrorist networks will now lurk around. This insecurity may generate an appetite for privacy reforms that no public pressure could have ensured. No nation can afford to be a surveillance society that produces intelligence vulnerabilities that can be exploited by adversaries. It is an interesting phase. It vindicates the privacy advocates who stood outside Parliament with placards, the lawyers who filed petitions against facial recognition in public spaces, the journalists who wrote about the creeping normalisation of the surveillance state. They were not wrong. They were articulating truths that the powerful in the governments had not yet discovered. The incidents in Venezuela and Iran have jolted the powerful. They have seen that the surveillance architecture can boomerang. It remains to be seen if it produces genuine reforms. It remains to be seen whether governments will reimagine privacy concerns and protect biometric and locational data, or will the elites just scramble to protect their own movements while continuing to expose everyone else’s. But certainly, one verdict is out. Governments can no longer assume that surveillance is something only done by states to citizens. The CCTV sees everything. The question that governments are only now beginning to ask is who, exactly, is watching.Gurdeep Singh Sappal is a permanent invitee to the Congress Working Committee and executive trustee of the Samridh Bharat Foundation.