01 · The Override · May 4, 2026 · Wire-Captured
The Platform
Flipped It.
You Didn't.
Auto-Override · TikTok · May 4, 2026 · 14:18:14 ET
11s
From publish toast → platform auto-override · User: idle · Browser: idle
At 14:18:03 the post is submitted with privacy set to "Everyone." The "Video published" toast displays. Eleven seconds later at 14:18:14 the platform fires its own POST to /tiktok/post/edit/v1/ — 74 bytes — against the just-accepted post. At 14:18:16 the UI reloads showing "Only me" + "Content under review." The user did not touch the privacy dropdown. The session was idle. The platform's own automated process flipped the privacy bit on content it had just accepted.
TikTok Studio · May 4, 2026 · 14:14:33 → 14:18:16 ET · HAR Capture
// Session opens
14:14:33 GET policy/notice/check?business=effect_fbv_policy_US_IL
IL jurisdiction policy fires on a NY account · FLAG ACTIVE DAY 35+
14:14:33 GET privacy/setting/restriction/v1 177ms
Restriction check · fire #1
14:14:33 GET privacy/setting/restriction/v1 277ms
DOUBLE FIRE — standard accounts: 1 · elevated pre-screening
14:14:34 GET video/upload/auth 114ms
14:14:36 POST tiktok/v1/creator/content/check/create 122ms
14:14:36 GET content/check poll #1
14:14:46 GET content/check poll #2 (+10s)
14:14:56 GET content/check poll #3 (+10s)
6-poll elevated human review queue · standard: 1-2 polls
~ 3-minute gap — user writes caption + hashtags ~
14:18:03 POST /tiktok/web/project/post/v1/ 3,716B
USER PUBLISHES · privacy = "Everyone"
14:18:05 POST creator/manage/item_list/v1 184ms
UI reload — post visible in feed
14:18:14 POST /tiktok/post/edit/v1/ 74B ⚡
AUTO-OVERRIDE FIRED · 11 SEC POST-PUBLISH
USER DID NOT TOUCH UI · SESSION IDLE
PAYLOAD: {"privacy_level": "SELF_ONLY"}
14:18:16 POST creator/manage/item_list/v1 756ms
UI reload — post now shows "Only me" + "Content under review"
Why 74 bytes proves it. A normal post-edit includes caption, hashtags, music, location, and metadata — 1,500 to 4,000 bytes. 74 bytes is exactly one key-value pair: a JSON object flipping a single privacy enum. The size is the proof the content was never reviewed. No moderator looked at this video. A mechanical process fired against a post that had been accepted 11 seconds prior and flipped it to invisible.
02 · The IL Flag · 35+ Days Continuous · Same Endpoint Every Upload
One Flag.
Five Captures.
35+ Days. Same.
effect_fbv_policy_US_IL is an Illinois-jurisdiction Filter Bubble Visibility policy flag. It has been firing on every TikTok upload from this New York account since March 30, 2026. Today — May 4, 2026 — it fired again on a video about a 2020 handstand attempt. The flag is account-level, not content-level. It fires before the video is evaluated. It would fire on a sunset. On a recipe. On anything. It is bound to the user, not the upload.
📍
Why Illinois on a New York Account Matters
Illinois has the Biometric Information Privacy Act (BIPA, 740 ILCS 14, 2008) with a private right of action and no requirement to prove damages. TikTok previously paid a $92M BIPA settlement in 2022 for biometric facial recognition data collection. The IL endpoint active on a non-IL account raises the same question from a different angle: what biometric or behavioral data is being collected under Illinois jurisdiction standards that TikTok settled a $92M case over?
📅
Five Confirmed Capture Dates — All Same Flag
Mar 30–31, 2026 — Initial HAR documentation. Apr 18, 2026 — "Golden Hour" upload test. Apr 19, 2026 — Inventory update capture. May 4, 2026 — Today's capture. Still active. 35+ days continuous. No flag clearance. No support response. No explanation. Same endpoint. Same behavior. Every upload. Every session.
35+
Days IL flag active · continuous · no clearance
5
Independent wire captures confirming same flag
$92M
TikTok BIPA settlement 2022 · same IL jurisdiction
0
Flag clearances · 0 explanations · 0 substantive responses
03 · The Throttle · Cap · Floor · Recovery Pattern
The Cage
Got Larger.
Still A Cage.
The account moved from deep throttle (avg 53 views/day) to moderate throttle (avg 357 views/day) around April 19. The recovery is real. The recovery is not the suppression ending. The shape of the data says the classifier was retuned, not removed.
Analytics Export · April 9 → May 2, 2026 · Daily Views
FLOOR PERIOD · Apr 9–18 · Avg 53 views/day
Classifier running deep throttle bucket.
User kept posting through the floor — 392 posts shipped.
RECOVERY TRIGGER · Apr 19
Step-function increase: floor → moderate bucket.
Average: 357 views/day (+573% from floor)
Cap: ~550 views/day ceiling documented.
PEAK REFERENCE · Dec 15–Jan 5
1,030 views/day — pre-flag peak.
THE INFERENCE:
The cage got slightly larger. The user is still in it.
No FYP traffic confirmed in this moderate bucket.
Peak was 1,030/day. Recovery ceiling: ~550/day.
That is 47% of peak. With 35+ days of active flags.
The recovery is a retuned classifier, not a cleared account.
04 · The Deflection Protocol · 4 Tickets · 9 Days · 85+ Messages
85+ Messages.
Wire Data Submitted.
"Clear Your Cache."
Across 4 tickets, 9 days, and 85+ messages, a trillion-dollar platform with thousands of support engineers could not — would not — substantively respond to wire-level forensic data. This is not capacity failure. This is process design.
A
AI Auto-Response At Open: Every ticket received a bot reply in the same second the ticket was opened. Zero reading time. Ron's wire evidence never reached a human at this stage.
B
Verbatim Template Closure: Same closure phrase across multiple tickets, multiple days, multiple agents: "We have shared all the information we are able to provide." Identical language = institutional script, not individual response.
C
Wrong-Account Misdirection (The Username Trap): April 3 — submitted @ron13_reignited (underscore) intentionally. Agent responded about the wrong account and marked it resolved. Proves: zero human account review across 18 official replies. The automated system processed the wrong account and called it done.
D
UI Lockdown After Legal Notice: April 2, 11:24 PM — formal legal notice submitted in ticket. Same evening: ticket UI locked. April 6: "network issue" prevented adding evidence. The lock timing is documented. Potentially spoliation-adjacent.
E
"Clear Your Cache": April 6 — full HAR capture submitted with named endpoints, documented anomalies, and API-level evidence. The platform's response to a 20-year senior security engineer presenting wire-level forensic data: the rote tier-1 template. Clear your cache.
F
Closed Despite Explicit "Do Not Close" Instruction: Ron explicitly instructed the platform not to close Ticket 4. The platform closed it anyway. This is the cleanest signal that the support process is not designed to resolve issues — it is designed to terminate them.
G
Shadowban Admitted In Writing — Then Denied: April 2, 4:11 PM — official ticket, TikTok support: "We understand you are having an issue with shadow ban." TikTok publicly denies shadowbanning exists. Now it's on the official record. The platform both admitted and denied the same mechanism in the same week.
05 · The Ticket Ledger · Complete Timeline
4 Tickets.
9 Days.
Zero Resolution.
Jul 2025
Suppression onset — behavioral manipulation before first post
Undisclosed
Nov 24, 2025
Sanction list notification — 99.994% false positive (75 Hernandez entries / 1.2M US Hernandezes). Two days later: Service+ monetization offer.
Documented
Mar 30–31, 2026
Ticket 1 — 6 API flags documented via HAR capture, full endpoints submitted
Closed w/o fix
Apr 2 · 4:11 PM
SHADOWBAN ADMITTED IN WRITING — TikTok support official ticket
On record
Apr 2 · 11:24 PM
Ticket UI locked after regulatory notice referenced
Documented
Apr 3 · 1:08 PM
Username trap successful — wrong account confirmed as "resolved"
Documented
Apr 3, 2026
DSAR filed under CCPA — 45-day response window
Active · Due May 18
Apr 6 · 7:16 PM
"Clear your cache" — response to wire-level forensic HAR data
Deflection
Apr 19, 2026
Recovery begins — floor to moderate bucket. IL flag still active.
Analytics
May 4, 2026
AUTO-OVERRIDE captured on wire — 74B payload, 11 sec post-publish. IL flag: day 35+
Wire capture
May 4 · 2:29 PM
TikTok Safety Support Team DISCLOSES account warning — "past violations of our Community Guidelines." First explicit disclosure after weeks of "account is active, no issues." Directs to appeal through warning icon.
New disclosure
Apr 30 – May 4
Username change request rejected — "30-day cooldown active." Same templated deflection across 3 agents, 4 days. Ticket UI: same scripted responses.
Deflection
May 4 · Content test
The music excuse fails its own test. Long video flagged — TikTok cited "music >60 seconds." Broke same content into 8 × 60-sec clips. None flagged. Same music. Same account. Same content. The excuse doesn't survive the test.
Documented
05B · New Evidence · May 4 Disclosure + Content Test
They Finally
Disclosed.
Six Weeks Later.
After weeks of "your account is active, no issues" — on May 4, 2026, the TikTok Safety Support Team disclosed for the first time that the account has an account warning for past Community Guidelines violations. This contradicts every prior ticket response. The disclosure came without identifying which content triggered it.
TikTok Safety Support Team · May 4, 2026 · 2:29 PM · Official Ticket
"That warning is there as a nudge because of past violations of our Community Guidelines. It serves as a reminder to keep things within the rules, as further violations could lead to your account being restricted or even permanently banned."
First explicit acknowledgment of account warning in any ticket. Prior responses: "your account is active, you have full access to your favorite features." The disclosure contradicts six weeks of denial.
The Music Excuse — Fails Its Own Test · Documented
WHAT TIKTOK SAID:
Long video flagged — cited "music playing longer than 60 seconds"
as the violation basis.
WHAT THE TEST SHOWED:
Same content broken into 8 × 60-second clips.
Same music. Same account. Same subject matter.
None of the 8 clips were flagged.
THE INFERENCE THAT HOLDS:
If the violation was music duration — all 8 clips carry
the same music at 60-second clips. They were not flagged.
The music duration explanation does not survive the test.
The content was broken down and cleared.
TikTok never said the information was wrong.
They never cited a factual dispute.
They cited a technical music rule that doesn't apply
when the same content in short form passes review.
The suppression is content-level, not format-level.
The format test proves it.
Account Grid — Content Visible — May 4, 2026 Screenshots
CONTENT POSTED (visible in account grid screenshots):
→ IS-RA-EL = Consciousness Architecture (Egypt / Ra / Solar)
→ "White Jews you're not Semitic, you dumbass."
→ "Israel is scamming the world"
→ "Israel is a scam political movement"
→ Argentina bailout vs. Venezuela invasion (Milei = 🇮🇱)
→ "That racist fucking nation better not be a country by end of Today"
→ NPC / critical thinking content
→ observethesystem.com referenced across multiple videos
COMMUNITY GUIDELINES VIOLATION BADGE:
One video visibly labeled "Community Guidelines violation"
in the account grid — without prior notice of which video
or what specific rule was violated.
WHAT TIKTOK DID NOT SAY IN ANY TICKET:
→ That any factual claim was incorrect
→ That any specific statement was disproven
→ That the information itself is the problem
WHAT TIKTOK SAID:
→ Music too long (format rule — failed the 8-clip test)
→ "Past violations" (disclosed May 4, no specifics given)
→ Clear your cache
→ 30-day cooldown on username
The subject matter is the documented common thread.
The format excuse was tested and failed.
The information was never disputed on its merits.
They never said the information was wrong. Not in a single ticket. Not once. They cited music duration — which failed the 8-clip test. They cited a 30-day username cooldown. They cited "past violations" without identifying which. In six weeks and four tickets, no TikTok support agent has disputed a single factual claim made in any video. The suppression is not about accuracy. It is about subject matter.
05C · The Gap · Official Tool vs. Wire Capture · Same Day
"No Outstanding
Issues."
The Wire Disagrees.
On May 4, 2026 — the same day the auto-override was captured on the wire — TikTok's official Account Check tool returned a green checkmark and the message: "No outstanding issues." The same account. The same device. The same session window. Six active infrastructure flags documented in the same capture.
TikTok Account Check — Official Tool — May 4, 2026
✓ Clean
"No outstanding issues" · Green checkmark · Official TikTok screen
TikTok's own Account Check tool reports: "Your account and posts have no outstanding issues or violations."
The tool adds: "this doesn't include your status on TikTok Shop, Creator Monetization, or other features."
The Contradiction — Four Sources · Same Account · Same Day
OFFICIAL ACCOUNT CHECK TOOL (May 4, 2026):
"No outstanding issues" · Green checkmark ✓
WIRE CAPTURE (May 4, 2026 — same session):
effect_fbv_policy_US_IL → ACTIVE (day 35+)
restriction/v1 double-fire → ACTIVE
odinId device flag → ACTIVE
6-poll content check queue → ACTIVE
privacy auto-override → ACTIVE (74B captured same day)
FYP distribution → 0%
SUPPORT TICKET (May 4, 2026 · 2:29 PM):
TikTok Safety Support Team:
"That warning is there as a nudge because of past violations
of our Community Guidelines."
→ Account warning EXISTS (per support agent)
SUPPORT TICKET (April 2, 2026 · 4:11 PM):
TikTok Support official ticket:
"We understand you are having an issue with shadow ban."
→ Shadowban CONFIRMED IN WRITING
FOUR OFFICIAL SOURCES. FOUR DIFFERENT ANSWERS.
Tool says: No issues ✓
Wire says: 6 active flags ✗
Agent (May 4): Account warning for past violations ✗
Agent (Apr 2): Shadowban confirmed ✗
Why the Account Check tool says clean: The tool checks content policy violations — formal strikes, community guideline records. It explicitly excludes "Creator Monetization and other features." The six flags on this account are infrastructure-layer flags — distribution throttles, privacy overrides, jurisdictional policy routing. They operate below the Account Check layer. The tool is architecturally designed to not see them. This is not a gap in the tool's coverage. It is the gap's purpose.
The shadowban architecture in one screenshot: The surface says clean. The wire says suppressed. The support agent confirmed a warning. The other support agent confirmed a shadowban. The official tool is the public-facing cover story. The wire capture is the documented truth. The gap between them — the gap the tool is designed not to see — is the suppression mechanism. That gap is now documented in primary source screenshots from TikTok's own app.
06 · Institutional Posture · Why No FTC Filing
The DSAR
Has Teeth.
The FTC Does Not.
Ron has not filed complaints with the FTC, FCC, state AGs, or DOJ. This is deliberate strategy, not oversight.
Institutional Posture — Documented Rationale
WHY NO FTC / AG / DOJ FILING:
"Institutions are captured by the same architecture
suppressing me. Filing with the FTC when the FTC
operates within the same power structure is
performance theater. The platforms know this.
That is why the appeal mechanisms exist — not to
provide remedy, but to absorb energy and create
the appearance of process."
WHY THE DSAR:
CCPA has a private right of action.
Hard statutory deadline: May 18, 2026.
No institutional good faith required.
Data production demand with timing teeth.
THE STRATEGY:
This platform — observe.the.system — IS the filing.
The HTML forensic modules are the audit trail.
The wire captures are the evidence base.
Every post, every capture, every module is timestamped.
The blockchain of documentation cannot be undone.
"If you don't believe me, observe.the.system
has the full record. No institutional filing has
been made because the institutions are part of
the system being documented."
Verdict · POV-01 · The Wire Never Lies
The
Grade.
Platform Suppression · Day 35+ · Documented Verdict
COORDINATED
74 bytes. 11 seconds. Caught on the wire May 4, 2026. The platform accepted a video, displayed the "published" toast, then quietly fired its own API call to flip the privacy to "Only Me." The user was idle. The session was idle. The payload size — 74 bytes — proves no content review occurred. It was a mechanical state change. That single capture, added to 35+ days of continuous Illinois jurisdiction flag on a New York account, 6-poll elevated human review queues on every upload, 4 tickets closed without resolution, a shadowban admitted in writing then denied, and $21K+ in ad spend collected during documented suppression — this is not a support failure. This is a documented suppression architecture operating as designed.
The suppression is the data point that proves the platform architecture. Citizens United built the legal loop. Section 230 built the immunity. The platform suppresses the account documenting both. POV-02 documents who owns the infrastructure doing the suppressing.