It’s not just the private sector leaking data at alarming rates! Well, it is still the private sector, but it’s leaking data on behalf of the government! So… somewhat different. But still alarming.
Trust Stamp, a government contractor that develops facial recognition and surveillance tools for agencies like Immigration and Customs Enforcement, left the personal information of several dozen people unsecured on a breached database, Insider has learned. This information included names, birthdays, home addresses, and driver’s license data.
An anonymous tipster who said they were a security researcher contacted Insider and disclosed the breach. Insider confirmed the authenticity of the data with the people named in the data leak. Trust Stamp then confirmed the security vulnerability and breach to Insider.
LOL. “Trust Stamp.” Nice job there with both the name and the security practices. Trust Stamp says this isn’t really a problem because most of the exposed data was clearly fake and just used for training. But alongside fake people like “Heidi Sample,” real people’s data was exposed, as was verified by both Business Insider and the security researcher who forwarded the tip.
That sort of service is apparently worth $7.2 million in federal tax dollars. It’s one thing to have a poorly secured testing environment. It’s quite another to have a poorly secured testing environment that apparently includes real-world data for reasons that have gone completely unexplained by Trust Stamp.
Another question that has gone unanswered by Trust Stamp is where this real-world data came from. The company was hired to assist ICE in monitoring immigrants processed at border crossings. But the real-world data exposed (and verified by BI and researchers) did not come from the expected source of Trust Stamp data.
None of the several dozen people whose names were included in the data leak were migrants who had been processed at the US southern border. Of the people Insider was able to reach by phone, none were familiar with Trust Stamp or any of its services.
So, where did this data come from? Did Trust Stamp just upload information it had gathered via other customers (an SEC filing lists a potential “39 commercial opportunities”) into its dummy testing database, neglecting to inform ICE that the test environment contained plenty of real-world data? And if it was using actual US persons’ info to pad its test database, why didn’t it do more to ensure the test environment was sufficiently safeguarded against leaks/breaches?
We still have no answers. Trust Stamp only says it is aware of the problem and has rectified it. It has yet to explain where this data originated and why it was included in the demo environment it crafted for ICE. Maybe Congress might want to start asking a few questions about this breach and pass along the same set of questions to other private contractors who may be playing fast and loose with personal data they’ve collected.
Immigration and Customs Enforcement (ICE) has long made its own case for abolishment. Before ICE earned its current reputation as a fake-school running, report-altering, rogue agency interested in ejecting as many non-white people from America as possible, ICE ran interference for entrenched industries.
This led to things like ICE officers raiding small repair shops to prevent people from having their iPhones fixed without Apple’s explicit blessing (and premium fees), or seizing websites en masse without even the slightest nod towards due process.
That was supposedly the “customs” part of its enforcement efforts. Once Donald Trump took office, ICE was given permission to take the gloves off its immigration enforcement efforts. Galvanized by rhetoric that portrayed any brown person as inherently dangerous (and propelled by the enthusiasm of a failed casino owner who has filed for bankruptcy multiple times), ICE went all in on punishing people who didn’t seem white enough to be allowed to live in this country.
Because ICE mainly deals with people it doesn’t consider to be people (alleged scofflaws, undocumented immigrants), it has repeatedly decided things like local laws and/or the US Constitution do not apply to its activities. Sidestepping Supreme Court rulings and long-held constitutional rights, ICE has partnered with private contractors to engage in surveillance very few people would consider to be either lawful or constitutional.
What kind of monster has ICE become? A recent report — sourced from hundreds of public records gathered by several rights organizations — says ICE’s surveillance dragnet is almost unimaginably large. And it definitely surpasses anything its supposed first level of oversight (that’s your Congressional reps, folks!) believes ICE is engaged in.
ICE has scanned the driver’s license photos of 1 in 3 adults.
ICE has access to the driver’s license data of 3 in 4 adults.
ICE tracks the movements of drivers in cities home to 3 in 4 adults.
ICE could locate 3 in 4 adults through their utility records.
So. Why does an agency mainly focused on non-Americans have access to so many records pertaining to actual Americans? Well… because it can. For several reasons.
The Third Party Doctrine eliminates the expectation of privacy needed to create a warrant requirement. State and local partnerships with federal agencies allow agencies like ICE to trawl local law enforcement databases. Advancements in tech have increased the number of inputs ICE can access, as well as the productivity of the devices adding those inputs. And hardly anyone in power seems to be interested in directly overseeing ICE, much less pushing back against its dragnet expansion.
Since its formation in 2003, ICE has desired more data and less oversight. Thanks to this combination of contributing factors, it is now sitting dead center in this perfect storm.
After 9/11, ICE paired those programs with much broader initiatives, tapping vast databases held by private data brokers as well as state and local bureaucracies historically uninvolved with law enforcement. Through those initiatives, ICE now uses information streams that are far more expansive and updated far more frequently, including Department of Motor Vehicle (DMV) records and utility customer information, as well as call records, child welfare records, credit headers, employment records, geolocation information, health care records, housing records and social media posts.
Since 2003, ICE has spent $2.8 billion on surveillance and data collection. The ROI has been tremendous. Leveraging law enforcement partnerships and private contractors has turned ICE into a surveillance entity on par with the NSA — and all without attracting too much attention from its Congressional oversight.
ICE trawls drivers license databases because some states allow immigrants to get licenses before they become citizens. This doesn’t mean every immigrant targeted is here illegally. Driving is essential in America, and immigrants (undocumented or not) need to get to work, buy groceries, visit relatives/friends… all of this requires the driver to possess a valid license. This may be an easy way to find immigrants subject to removal but it also gives ICE agents the ability to surf DMV databases for other reasons, including their own personal amusement.
Some immigrants may not trust the government. But they still need the basics of life, like electricity and running water. ICE is all over this as well. Not only does it harvest records from private utility companies, it leverages the capabilities of other private companies to make sense of this data, as well as make the agency one step further removed from both the process and accountability. This free ride to utility records may be (belatedly) coming to an end thanks to the efforts of Senator Ron Wyden, but for years it was just another way ICE was able to access records belonging to millions of actual Americans.
So, how does ICE end up running a massive surveillance apparatus that has mostly flown under the radar? Well, it doesn’t happen in a vacuum. The reasons listed above — the tech explosion, the support of multiple presidents, the lack of meaningful oversight, the resourcefulness and drive of the agency itself — all contributed to the erection of this massive dragnet.
But it also happens in a vacuum. This one is created by a nearly complete lack of oversight, something that’s likely prompted by ICE’s directives. When an agency is tasked with removing non-Americans, it’s easy to ignore its means and methods since it’s only dealing with people we (both as constituents and representatives) deem are not worthy of the rights the federal government can barely be persuaded to recognize when dealing with natural born citizens.
Most congressional leaders did not learn about ICE face recognition scans of DMV photos until The Washington Post ran an exposé on the practice, reporting on records obtained by the Center on Privacy & Technology. […] ICE’s surveillance initiatives have regularly flown under Congress’ radar. While a few political leaders have pressed ICE in oversight letters and used appropriations riders to end the most aggressive of ICE’s actions, to date there has not been one full congressional hearing or Government Accountability Office (GAO) report focused on ICE surveillance.
The report ends with several recommendations. At the top of the list is the request that Congress actually get back into the oversight business. It also recommends most state-level oversight to ensure local law enforcement agencies aren’t ignoring state laws to provide ICE with access to government databases or private companies’ records. And it says ICE should not be allowed to use utility company records for the purpose of seeking out people to deport.
Thanks to the release of this report, Congressional members will no longer be able to pretend they’re unaware of ICE’s massive surveillance dragnet. This will hopefully prompt fast and direct action that limits what ICE has access to and what it is allowed to do to carry out its deportation efforts. The fact that a majority of US citizens are subject to the same surveillance should hopefully tip the scale towards swift Congressional action.
When the National Archives and Records Administration (NARA) was established in 1934, it could not have possibly foreseen the exponential growth in records the move to electronic communications would create.
Perpetually short on funding, oversight, or (seemingly) interest in fulfilling its duties, the NARA has been forced to allow agencies to write their own rules on retention — something that further limits the power of taxpayers to understand what federal agencies are doing with their tax dollars or provide a comprehensive view of these agencies’ activities.
But the NARA hasn’t completely abdicated its duties in the face of this unprecedented wave of records. It is now asking tough questions of the Customs and Border Protection (CBP) — an agency that recently suggested it should be able to destroy misconduct records because it would lighten the load on the overloaded archival agency. Since NARA had already given ICE the option to treat misconduct records as “temporary,” CBP assumed it would be granted the same deference.
Now, CBP and NARA are interacting again. Only this time, it’s NARA demanding CBP do more to retain records, rather than less. As Ben Goggins and Louise Matsakis report for NBC News, CBP officers and employees are using ephemeral messaging services to conduct government business — something that has the potential to thwart accountability efforts, NARA’s archival obligations, and undermine public trust in border security efforts.
In October, Laurence Brewer, the chief records officer of the National Archives and Records Administration, told officials at U.S. Customs and Border Protection he was worried about how the agency was using an app called Wickr. The Amazon-owned encrypted messaging platform is known for its ability to automatically delete messages.
Brewer, who is responsible for ensuring that government officials handle records correctly, wrote in a letter that he was “concerned about agencywide deployment of a messaging application that has this functionality without appropriate policies and procedures governing its use.”
The letter [PDF], sent late last year, also mentions the use of WhatsApp, which also allows timed destruction of messages. The only response from the agency so far has been in response to litigation recently filed by Citizens for Responsibility and Ethics in Washington (CREW).
Tammy T. Melvin, a spokesperson for CBP, said the agency could not comment on pending litigation. “The distribution/use of Wickr is currently under review,” she said in an email. Since 2019, she said, the agency has only used the app in “several small-scale pilots.”
Whatever the alleged limitations of the Wickr rollout, the CBP has yet to provide any details to CREW in response to its FOIA request. CBP has ignored request for information on the agency’s Wickr use since last September, approximately one month before the National Archives began asking some of the same questions.
It’s not that government agents and officials shouldn’t have access to secure messaging services. It’s that these need to be deployed with firm rules in place that minimize destruction of communications the government is obligated to turn over to the public. And it certainly shouldn’t be left up to government employees’ discretion which communications should be saved and which should be automatically deleted just because the platform provides them that option. The government exists to serve the public, not the other way around.
ICE has never really cared about the people it detains and processes for removal. It cared even less when President Trump made it clear he believed anyone less white and privileged than he is deserved to be excluded from the “American dream.”
Trump claimed he wanted the “worst of the worst” removed to make America “safer.” Then he decided he just wanted any non-white foreigners removed, stoking the flames of xenophobia by claiming people illegally in this country were more dangerous than lifelong residents, despite a mountain of evidence indicating the opposite.
ICE threw itself into its work. And it threw a bunch of people into detention facilities. Those efforts garnered it worldwide criticism and some some federal lawsuits. Internal investigations of ICE by the DHS Inspector General showed many accusations against the agency were true: ICE was cramming people into overcrowded facilities and denying them access to their rights.
It’s 2022 and there’s a new president in office. Things have not improved. An investigation [PDF] of the Torrance County Detention Facility in Estancia, New Mexico shows ICE still believes it’s in the business of handling livestock, rather than actual human beings.
One problem? Way more detainees than government employees capable of handling them. Understaffing isn’t acceptable, especially when there are supposed national security issues on the line. ICE (and its private prison partner CoreCivic) have had plenty of time to fix this. Neither party has.
The ICE contract for Torrance requires specific staffing levels for the safety and security of detainees. At designated staffing levels the facility should have 245 full-time staff. At the time of our inspection, Torrance was at 54 percent of required staffing, with 133 full-time employees. Torrance has 112 staffing vacancies, with the majority (94 positions) in the area of security.
ICE issued a Contract Discrepancy Report in December 2020 related to medical staffing shortages, but the report also indicated that staffing issues extended beyond medical vacancies. ICE warned the facility that the Contract Discrepancy Report may be expanded to include other staffing areas that are currently showing critical shortages. [Torrance] is not at 95% staffing levels across the board and a comprehensive plan needs to be developed to meet these shortages. Nevertheless, Torrance continues to remain severely understaffed over 1 year later, requiring current staff to work a minimum of six overtime shifts per month to help bridge the gap.
ICE’s contractor can’t fill these vacancies, despite offering subsidized housing and other incentives for employees who would most likely be required to drive an hour from the nearest major city (Albuquerque). Rather than find ways to limit the facility’s intake of detainees to keep the limited staff from being further stretched, CoreCivic and ICE decided to start skimping on the necessities of life.
Torrance houses ICE detainees in 8 of their 11 housing units. We reviewed all 157 cells in the 8 housing units holding detainees and found 83 detainee cells (roughly 53 percent) with plumbing issues, including toilets and sinks that were inoperable, clogged, or continuously cycling water…
[…]
In addition, we encountered mold and water leaks throughout the facility… These issues exacerbate unsanitary conditions and can lead to slips and falls by detainees or facility staff. Further, it could also lead to health issues for both detainees and staff breathing in the mold. Work orders showed that most problems we observed during our inspection went unresolved for 12 or more days.
Then there are the security problems. Supervision is nearly nonexistent. Sight lines from control rooms to holding cells are obstructed. Blind spots are numerous. Much of the job is handed over to unmonitored cameras which can only provide evidence of something that has already happened, rather than allow staffers to address problems as they arise or head off escalations. Detainee control was also apparently achieved with the use of electronic door systems, according to ICE, an assertion that means nothing when supposedly “locked” doors were left ajar.
The Inspector General’s recommendation is harsh but fair:
We recommend the immediate relocation of all detainees from the facility unless and until the facility ensures adequate staffing and appropriate living conditions.
ICE (and, presumably CoreCivic, which gets paid more the more detainees it houses) disagrees with this recommendation. Its lengthy response contains plenty of literally incredible assertions and accusations that the DHS IG staged photos to misrepresent the condition of the facility.
As for the former (the disagreement with the assessment,) it’s par for the course for an agency that routinely fails to live up to even its own internal standards. As for the accusations the Office of the Inspector General falsified information… whoo, boy. It certainly would help ICE to be any other agency than ICE, which has been the target of plenty of confirmed abuse allegations over the years.
The response, penned by acting ICE Chief of Staff Jason Houser, opens with a literally unbelievable claim:
ICE is fiercely committed to ensuring that noncitizens residing in its custody reside in safe, secure, and humane environments, and under appropriate conditions of confinement.
More seriously, ICE accuses the IG of staging the photo of a detainee obtaining drinking water from a floor mop sink as part of the evidence that regular sinks are not working properly. In response to the IG noting that hot water handles are broken (and have apparently not been repaired), ICE insists hot water would have run out of the only operable taps (the cold water ones) if investigators had simply waited longer.
The draft report at p. 4 states that some faucets did not produce hot water. In fact, during the inspection ICE informed the OIG inspector that, like many faucets, the hot water takes some time to arrive in a faucet that starts cold. The inspector, however, declined to run the tap to determine if that was true.
LOL.
Please. The complaint in the OIG report refers to taps where the hot water tap handle had been broken off. No amount of running cold water would turn it hot. And the photo being complained about by ICE shows a broken handle, not a sink with two working handles no inspector could be persuaded to run until hot.
Rebuttals work better when you’re credible, ICE. Good luck talking your way out of yet another completely unsurprising report that the agency treats “noncitizens” like subhumans. ICE is an agency with an alarming tendency to go rogue. This report shows why the new administration needs to rein it in, reform it, and make it better before another leader of the free world takes the helm and starts fucking things up again.
ICE wants data and doesn’t care how it gets it. Its recently-elevated pursuit of all things not considered naturally American has increased its demands for information on… well, everybody. It works with private sector data brokers and data analysts to hoover up location info — something not strictly limited to movements at or near borders. Nor is it limited to the non-Americans ICE believes should be tracked, captured, and ejected.
ICE has also gathered information collected by American utility companies, which includes customers’ names, addresses, cards/accounts used to pay bills, and usage records. This was also accomplished via a private party: the CLEAR database run by Thomson Reuters. ICE paid $21 million a year for access. It no longer has that access, thanks to pressure applied by Senator Ron Wyden.
ICE has shut down another data collection because Wyden started asking questions. And this collection may very well have been illegal. Using only self-issued administrative subpoenas, ICE was able to obtain millions of financial records from two money transfer companies, Western Union and Maxitransfers Corporation.
Beginning in 2019, HSI [Homeland Security Investigations — a division of ICE] sent eight administrative subpoenas to these financial services companies asking that they turn over all records for money transfers over $500 to or from California, Texas, New Mexico, Arizona, and Mexico. Each administrative subpoena sought records for six-months at a time. In response, Western Union and Maxi provided 6.2 million financial records, including personal information such as names and addresses, to HSI. All of the information was entered into a database called Transaction Record Analysis Center (TRAC), which is run by a non-profit and facilitates law enforcement access to bulk financial data for 5 years.
Once again, Wyden’s pressure has resulted in a change.
According to Sen. Wyden, HSI terminated the program in January 2022 after his office contacted HSI about it.
But that’s not good enough for Wyden. His letter [PDF] wants more answers from ICE, leveraging its hasty abandonment of the program against it. It’s an illegal collection, as the EFF explains:
[T]his kind of bulk surveillance is illegal. By statute, these administrative subpoenas must seek records “relevant” to an agency investigation. Simply put, there is no way these broad requests for bulk records would turn up only documents “relevant” to specific investigations; instead it put everyone who transferred money, including U.S. persons, under surveillance.
From Wyden’s letter:
[T]he fact that HSI employees in Phoenix, AZ continued to send out these highly problematic |bulk summonses, every six months, without oversight by HSI and DHS headquarters indicates a weakness in the central supervision of this surveillance tool. Moreover, the fact that just one request fora briefing from a Senate office prompted HSI to immediately halt the flow of data suggests that the internal oversight system within DHS and HSI failed.
This is far from the only problematic aspect of this program. For one thing, the program ran for years prior to ICE’s adoption of the questionable bulk surveillance. An agreement between Western Union and the Arizona Attorney General in 2010 over money laundering allegations opened up this firehose, providing millions of transaction records from 2010 to 2019 — all of which could be accessed by federal, state, and local law enforcement agencies without any judicial approval.
According to HSI, this agreement expired in 2019. That’s when ICE took over, demanding the same production for the next two years. In 2021, ICE expanded these demands to include Maxitransfers. Those actions resulted in ICE obtaining more than 6 million financial records — something it managed to accomplish using only eight self-issued subpoenas. This is classic bulk surveillance, Wyden points out. There’s no way all six million records were “relevant” to HSI investigations.
His letter points out HSI’s February 2022 testimony resulted in members of its Congressional oversight hearing about the long-running program for the first time. And ICE’s internal oversight was bypassed as well, according to HSI’s own statements.
While HSI told my staff that the Special Agent in Charge of HSI Phoenix spoke to the HSI Assistant Director of Investigative Programs and with an attorney in the field office before issuing the first summons, no one sought legal guidance from HST or DHS headquarters and HSI never wrote or published a Privacy Impact Assessment analyzing this program. Indeed, HSI officials acknowledged that they only alerted DHS privacy officials after my office contacted HS to request a briefing about the program in January 2022.
Wyden says he’s all for engaging in legitimate law enforcement activity to stop money laundering and drug trafficking. But this ain’t it. This is an illegitimate and illegal bulk collection that was hidden from ICE’s multiple levels of oversight. It also allowed ICE to keep doing the sort of things that have many calling for it to be abolished… like disproportionately targeting minorities, low-income families, and immigrants who often utilize services like these because traditional banking options aren’t available.
If ICE wants to fight money laundering and stymie drug cartels, it needs to do better. And it needs to play by the rules.
Instead of squandering resources collecting millions of transactions from people merely because they live or transact with individuals in a handful of Southwestern states or have relatives in Mexico, HSI and other agencies should focus their resources on individuals actually suspected of breaking the law.
Hastily killing the illegal program isn’t going to stop Wyden from demanding answers. While it’s great the program is now dead, the flipside is that there’s likely another, equally-problematic program still in operation. It just hasn’t been uncovered yet.
Federal agents from Homeland Security Investigations say they have been kicked out of joint drug operations, shunned by local police departments and heckled at campus career fairs. Their parent agency, U.S. Immigration and Customs Enforcement, carries a stigma that is undermining their investigative work across the country, the agents said in an internal report.
The agents say they face a backlash in liberal “sanctuary” jurisdictions where authorities strictly limit contact with ICE but also in some Republican-led states where politicians are vocal in their support for the agency. And the toll on HSI agents is “getting worse,” according to the report that was prepared by a working group of agents formed by HSI to consider changes to the agency’s place within the Department of Homeland Security.
ICE has always been controversial. Under President Trump, the agency was unleashed. It willingly embraced its awfulness, deploying everything from fake warrants to fake colleges in its war on foreign residents and would-be immigrants, many of whom were here legally. It courted controversial tech companies to expand its surveillance arsenal and made it clear it was interested in ejecting as many foreign people as possible, rather than the “worst of the worst” Trump claimed his immigration policies targeted.
But now it’s clear that working with ICE means not actually getting any work done. Homeland Security Investigations (HSI) agents have informed the DHS Secretary that partnering with ICE has all sorts of negative side effects. Agents are complaining about threats to their personal safety, crime victims being unwilling to engage with investigators due to ICE presence, and harming relationships with local law enforcement. ICE is a drain on resources due to its horrendous reputation. Here’s how the HSI agents put it in their letter to DHS officials:
“HSI’s affiliation with ICE significantly impedes investigations and HSI’s ability to fulfill its mission.”
Unfortunately, it appears this is unlikely to result in HSI decoupling from ICE. It would take an act of Congress to do so, and support for this sort of division is far from universal. The other solution is just as unlikely to happen: the rehabilitation of ICE’s image.
ICE has done a lot of damage to its reputation due to its willingness to become the embodiment of xenophobic presidential directives and policies. It could rein itself in, but any rehabilitation could easily be undone by the next president to take office. Most people never truly believed someone like Trump could ever be elected, but millions of Americans proved us wrong in 2016. All bets are off.
ICE’s response to the assertions in this letter is less than helpful. The agency, through a spokesperson, says nothing but uses a lot of words to deliver its nonexistent message:
In a statement, ICE spokeswoman Paige Hughes said the agency “relies on close working relationships with its state, local, and international partners,” but she did not elaborate on the details of the report. She added: “ICE refrains from discussing deliberations publicly with its partners to maintain operational security and in recognition of the sensitive nature of many of our activities.”
Congress may not be willing to bless a HSI-ICE divorce. But it’s clear from this letter that federal agencies forced to partner with ICE are being held back by ICE’s negative reputation. And ICE can’t blame anyone else for being so toxic its federal partners want nothing to do with it. It may have received questionable directives from the former president, but it was under no obligation to carry these out with as much enthusiasm and zeal as it did.
Plenty of federal agencies are capable of barely meeting the minimal requirements of Congressional and presidential mandates. ICE could have slow-walked its “toss out the brown people” directives until power changed hands. Instead, it showed itself to be an enthusiastic participant in bigoted policies, making it clear the 2016 regime change had simply allowed it to be the thuggish enforcer of immigration law it had always wanted to be.
Following protests over killings by law enforcement officers, the Department of Justice decided it might be a good idea to equip more police officers with body cameras. In May 2015, it announced the federal government would be spending $75 million over the next three years to purchase body cameras for local law enforcement agencies.
The DOJ saw the potential for body cameras to produce more accountability, lower the chances of deadly interactions, and rebuild some trust with the communities officers served. That’s presumably why it opted out of this push for body camera adoption. Five months after it announced the body cam grant program, DOJ reps told local law enforcement that use of body cameras wasn’t allowed when partnering with federal law enforcement. Either the cameras stayed home or the local cops did. No exceptions.
It wasn’t until five years later that the DOJ finally decided it was ok for federal agents to work with local law enforcement officers sporting body cameras, perhaps realizing the cameras simply weren’t going to go away. After all, it had encouraged adoption of the tech with three years of federal funding. But this still meant federal officers were going about their work unobserved, which still seemed problematic given all the advantages the DOJ said these cameras created when it started handing out federal cash in 2015.
It took another year before the DOJ finally decided federal officers should get with the body camera program. Six years after it invested in nationwide distribution of body cameras, federal officers are finally going to start wearing them. The ATF was the first to perform a test run of the cameras. Now, the DHS is following suit.
Agents with an investigative unit of the Department of Homeland Security will wear body cameras for the first time as part of a six-month pilot program that will focus on the costs and benefits of using the technology in federal law enforcement, officials said Tuesday.
The cameras will be used during the test by 55 members of the SWAT-like special response teams at Homeland Security Investigations in Houston, Newark, New Jersey, and New York, an official told reporters.
That’s the first wave of adoption for the DHS, albeit not one that guarantees permanent adoption. The second wave will rope in one of the federal government’s most controversial agencies.
The senior ICE official, who spoke to reporters on condition of anonymity to provide details on the program before the announcement, said the agency expects later to expand the pilot to include officers who conduct immigration enforcement arrests.
Fortunately, this rollout is accompanied by something that often goes missing when the federal government deploys new tech: privacy impact assessments and written policies. In this case, there’s both. The DHS has issued a Privacy Impact Assessment [PDF] that contains the guidelines for camera use by officers. This one directly addresses the ICE pilot program.
The rules laid down are actually pretty solid, which is somewhat surprising given the federal government’s reluctance to adopt the tech and ICE’s roguelike reputation.
ICE personnel must record Pilot enforcement activities at the start of the activity, or, if not practicable, as soon as safely possible thereafter. Once a Body Worn Camera is activated, ICE personnel should only deactivate the Body Worn Camera when their participation or involvement in the enforcement activity has concluded. If ICE personnel fail to activate their Body Worn Camera, or if the recording is interrupted, they must provide a statement detailing the reason why they failed to activate the Body Worn Camera or why the recording was interrupted.
ICE personnel will verbally notify (i.e., provide notice to) individuals that they are being recorded if (or as soon as) it is operationally feasible. This notice should not be construed as a requirement for ICE to obtain consent from the subjects being recorded. The Body Worn Camera will be placed on a visible location on ICE personnel’s outerwear (e.g., on vest or helmet) so that individuals can see the Body Worn Camera.
ICE personnel are prohibited from intentionally making Body Worn Camera recordings in places or areas where cameras generally are not allowed or permissible (e.g., locker rooms, dressing rooms, medical facilities, restrooms, in facilities where recording is prohibited) unless related to an enforcement activity.
ICE personnel should not record encounters with undercover officers, confidential informants, and cooperating defendants.
ICE personnel should not record in a manner that would infringe on activity protected by the First Amendment (e.g., lawful protests).
Body Worn Cameras will not be used during undercover operations or in situations in which it would pose a risk to officer or public safety.
Body Worn Camera recordings will not be used for any facial recognition activities.
All recordings collected during this pilot period will be saved. Anything of evidentiary value will be sorted out. Recordings can (at least theoretically) be obtained with FOIA requests.
Of some concern is the directive forbidding the recording of First Amendment activities. On one hand, you don’t want federal agents to engage in surveillance of protected activities. On the other hand, you don’t want any interactions between federal officers and protesters to go unrecorded. So, this will have to be refined. It would seem that the rule ordering the recording of all “enforcement activities” would supersede the rule forbidding the recording of First Amendment activities when officers interact with protesters. But it will probably be months or years before the public knows how ICE officers have chosen to interpret these rules.
Still, it’s a good set of ground rules. And it gets a little better. ICE officers are expected to record any questioning of individuals (whether in custody or not), as well as any brief detentions or frisks of individuals they encounter. It’s also mandatory for all warrant service and searches incident to an arrest.
Better late than never. And a far better set of rules than was expected, given both the federal government’s resistance to early adoption and ICE’s general unwillingness to welcome examination of its enforcement efforts. Hopefully, the rollout will continue with similar rules in place for other federal agencies. While body cameras aren’t a panacea for law enforcement misconduct, they’re far better than having nothing but an officer’s word for what went down.
Another one of ICE’s (Immigration and Customs Enforcement) data spigots has been shut off. Don’t cry too many tears for poor old ICE. It still has plenty of options. It’s still hoovering up location data from app developers who either don’t know or don’t care that this data is buyable through data brokers. It also still has plenty of privileges, thanks to laws and judicial decisions that say most constitutional rights are null and void within 100 miles of our nation’s ports of entry (borders, coasts, and — making this far more concerning — any domestic airport offering international flights).
Plenty of data can still be had (and plenty of brokers willing to sell it), but ICE has just lost access to one source of data it uses to track down immigrants: utility bill information gathered, packaged, and sold to government agencies by third parties like Equifax and Reuters.
Equifax gathers this information ostensibly to assess the creditworthiness of United States residents. (It also leaks this information on occasion.) Thomson Reuters uses the same information (called “utility header data”) in its CLEAR database, which contains “billions of data points” and “leverages cutting-edge public records technology.” Its potent combination of bulk data and profit-seeking is sold to whoever wants access, which includes US law enforcement agencies.
A nationwide group of utility companies that provided sensitive data from millions of Americans’ cable, phone and power bills to U.S. Immigration and Customs Enforcement and other government agencies has agreed to end the practice in response to concerns the information was being misused to track the general public.
Wyden’s pressure on the National Consumer Telecom & Utilities Exchange (NCTUE) prompted change. The NCTUE told Equifax to stop selling this data. This means the data no longer flows to Reuters’ CLEAR database, which means agencies like ICE no longer have access to it.
But Reuters isn’t the only player in the data market. There are plenty of third parties purchasing data and selling it to government agencies and other third parties. That’s why Wyden is now demanding the Consumer Finance Protection Board start doing its job and start regulating the sale of Americans’ data.
Wyden, a longtime critic of government surveillance, called on the CFPB to further rein in a data-broker industry that he said had spun “out of control” due in part to “vague and undefined regulations.” He urged the agency to aggressively investigate how data gathered for commercial purposes was ending up in the hands of law enforcement without court approval or oversight.
“Selling personal information that people provide to sign up for power, water and other necessities of life, and giving them no choice in the matter, is an egregious abuse of consumers’ privacy,” Wyden wrote. “The personal privacy of hundreds of millions of people should not depend upon the goodwill of corporations worried about negative headlines.”
Currently, it’s third parties on top of third parties, buying data from wherever it can be purchased and repackaging it for sale to others. This has led to consumers being misled about everything, from the data being collected to how the data is being used. Boilerplate about sales or licensing to third parties doesn’t make it clear information collected to open and maintain necessities of life (like utility services) will ultimately be part of “billions of data points” accessible without a warrant by law enforcement.
As of right now, the data Wyden is concerned about is bought and sold in a gray market — one not directly affected by regulation. That’s what Wyden hopes to change.
The sale of credit payment histories and related data is closely regulated under federal law. But government agencies can access credit header data because the regulations do not clearly outline how the revealing information can be used. Wyden urged CFPB to clarify the law and investigate how the data is sold.
Government agencies and data brokers have long preyed on the disconnect between public perception and the far uglier reality of data harvesting. Customers and consumers understand utility companies need to collect information to provide service and collect payment. They may also make the small logical leap that payment histories will be forwarded to companies that assess credit ratings. What they almost never assume is that all this data — which includes names, addresses, social security numbers, and plenty of contact info — can be accessed at will by US law enforcement agencies.
Many data fire hoses are still in operation. But this move slows one form of data to a drip — one that travels to Equifax but goes no further. It’s a start, but as Sen. Wyden clearly realizes, there’s a long way to go before Americans can trust the entities that collect data from us.
A few years ago, tech companies stood up to the US government, issuing statements objecting to immigration policies instituted by the Trump Administration and, in some cases, threatening to pull contracts with ICE (Immigration and Customs Enforcement) and the CBP (Customs and Border Protection).
It wasn’t much of a stand, however. And whatever statements were issued by companies like Google, Microsoft, and Amazon were mainly prompted by hundreds of employees who wished to work for companies that didn’t aid and abet in civil liberties violations, and ongoing mistreatment of immigrants and their families.
Whatever statements came out of the front end of these companies haven’t been matched by the backend. According to a new report by Caroline Haskins for Business Insider, Google, Microsoft, and Amazon are still selling plenty of tech and software to ICE and CBP. They’re just getting better at hiding it. (Alt link)
Amazon, Google, and Microsoft have repeatedly used a common tactic to sidestep public scrutiny and work with US immigration agencies, despite employee backlash and some company policies against doing such work.
This tactic, in which the companies use third parties or act as subcontractors to sell their technology, has helped these tech giants quietly secure dozens of cloud contracts with Immigration and Customs Enforcement and Customs and Border Protection, Insider has found.
The products provided range from innocuous bundling of office software to analytics and APIs that are integral parts of surveillance systems. The use of third party resellers keeps these companies’ names from appearing in federal contracts, as well as allows them to sidestep internal protests and internal policies. Google, for instance, assured irate employees it would not assist the federal government with border surveillance. But use of third party contractors allows it to bypass the promises it made.
So much for taking a stand:
From 2015 to 2021, Amazon used third parties to sell its cloud services at least 16 times to ICE and CBP. Google used third parties to sell various cloud and professional tools at least 28 times to these agencies. Microsoft used third parties to sell its cloud services and software more than 200 times to immigration agencies from 2002 to 2021, in addition to selling to ICE and CBP directly more than 100 times.
Having briefly implied the status quo of selling to ICE and CBP was unacceptable, these companies quietly maintained the status quo by selling products via companies with far less-recognizable names like Panamerica Computers, Inc., Four Points Technology, LLC, and Systems Engineering Solutions.
And, while this reselling may not have been happening directly under these companies’ noses, it’s unlikely they were completely unaware the middlemen were securing contracts with these agencies to do the sorts of things company officials claimed they would no longer do. At best, there was an indifferent blindness. Contracts were signed with these companies and paper trails should have alerted them that their third-party partners were delivering tech to federal agencies. Employees spoken to by Haskins confirmed it’s all but impossible to remain unaware of what third party partners are doing with tech and software because of this.
These companies haven’t denied their indirect involvement in CBP and ICE border surveillance activities. But they also haven’t denied any knowledge of this use of their products. “No comment” across the board.
The surveillance business is still booming, and ICE wants more of it. It has $300 million to spend on a new system it calls RAVEn (Repository for Analytics in a Virtualized Environment) — one that will allow it to mine hundreds of thousands of documents for data in order to find people who aren’t authorized to work in the United States. All three companies are likely to get a piece of that $300 million, at least indirectly.
People who attended the April industry-day event told Insider that companies like Amazon, Google, and Microsoft would probably use intermediaries rather than bid on the contracts directly.
Google “typically will not pursue as a prime on non-cloud opportunities because of the potential conflicts of interest with ALL the other companies they work with,” a person who attended the industry day told Insider. “Google will only sub and they will be non-exclusive.”
“AWS, MSFT and Google typically sell through their reseller partners,” another person who attended the industry day told Insider.
Showing solidarity with employees doesn’t mean much if you’re willing to let intermediaries do the dirty work for you. The end result is identical. The only difference is it keeps Amazon’s, Google’s, and Microsoft’s names out of the news whenever a new form of pervasive surveillance starts making the wrong kind of headlines.
Under president Donald Trump, ICE went from barely tolerable to fascist stormtroopery, doing anything in its power to kick people out of the country. Trump claimed he was just trying to make the nation safer by ridding us of the “worst of the worst.” His vague directives lit a fire under the worst ICE employees, giving them free rein to forcibly eject as many people as possible, even if those people were not the “worst,” nor even trending towards that direction.
ICE struggled to find (figuratively [but also maybe literally?]) boatloads of hardened criminals to send packing, so it decided quantity was preferable to quality. To cite just one example of ICE’s enthusiasm for ejecting even the best and brightest (along with everyone else), the agency set up and ran a fake college solely for the purpose of booting people trying to do nothing more than continue their education and satisfy the requirements of their student visas.
A court case currently being reviewed by the Eleventh Circuit Appeals Court appears to show ICE engaging in retaliation against protected speech in order to remove (check reports) a man who has lived in this country illegally, but definitely gainfully, for nearly two decades. Joel Rose has this report for NPR:
Activist Claudio Rojas says he was deported to his homeland, Argentina, for appearing in a film that criticized U.S. immigration authorities.
Rojas is one of the stars of The Infiltrators. He was invited to introduce the movie at the Miami Film Festival in 2019. Instead, Rojas was detained at a routine check-in with Immigration and Customs and Enforcement.
A few weeks later, he was deported.
Here’s a description of the film — one based partially on fact — via the Sundance Institute. The film took home two Sundance Film Festival awards at the 2019 ceremony.
Without warning, Claudio Rojas is detained by ICE officials outside his Florida home. He is transferred to the Broward Transitional Center, a detention facility used as a holding space for imminent deportations. Terrified of never seeing him again, Claudio’s family contacts the National Immigrant Youth Alliance (NIYA), a group of activist Dreamers known for stopping deportations. Believing that no one is free as long as one is in detention, NIYA enlists Marco Saavedra to self-deport with the hopes of gaining access to the detention center and impeding Claudio’s expulsion. Once inside, Marco discovers a complex for-profit institution housing hundreds of multinational immigrants, all imprisoned without trial.
In real life — like in the film — Rojas was released and headed back to his family. He was one of the lucky ones. The for-profit detention facility (along with its ICE overseers) did everything it could to keep detainees away from their legal representation prior to their almost inevitable expulsion from the country.
Rojas’ appearance in this film appears to have provoked ICE into removing him from the United States, sending him far away from the family he raised here. Need a second opinion on the optics of this ICE maneuver? Here’s the opening of Matt Fagerholm’s review of the film for Roger Ebert’s site.
A month after Cristina Ibarra and Alex Rivera’s “The Infiltrators” garnered two prizes at the 2019 Sundance Film Festival, one of its subjects, immigrant rights activist Claudio Rojas, was detained by U.S. Immigration and Customs Enforcement (ICE) during what was supposed to be a routine appointment. His subsequent deportation to Argentina, severing him from his family in the states, appears to have been a clear retaliation for Rojas’ attempts chronicled in this documentary to undermine Florida’s Broward Transitional Center, a for-profit institution that specializes in detaining immigrants without a trial or court-appointed lawyer.
Rojas challenged his removal, citing its retaliatory aspects. The district court refused to consider his request, considering everything about it moot because ICE had already sent him back to Argentina. Since he was here illegally, the court said ICE had the legal justification to kick him out, even though it had never pulled the trigger on this option until after he appeared in a film critical of ICE and its detention facilities.
What he’s heard from one of three-judge panel handling his case is promising.
[T]he Supreme Court’s ruling in the AADC case left the door open for a future deportation case that is so “outrageous,” as Justice Antonin Scalia wrote, that it would cross the line.
And appeals court Judge Robin Rosenbaum asked during the hearing whether the Rojas case fits that description.
“There’s possibly an outrageous First Amendment scenario where it could be a problem,” Rosenbaum said. “It seems to me the situation couldn’t be much more outrageous than what we have here.”
While challenging removals is less likely to end in a government loss than cases involving qualified immunity, there’s still hope that this decision — and ICE’s apparently retaliatory actions — will result in Rojas having his removal reversed.
But it’s a very slim chance. That decision does indeed say courts may be able to find an “outrageous” scenario that they can exercise jurisdiction over.
To resolve the present controversy, we need not rule out the possibility of a rare case in which the alleged basis of discrimination is so outrageous that the foregoing considerations can be overcome.
However, the rest of the concluding paragraph says this:
Whether or not there be such exceptions, the general rule certainly applies here. When an alien’s continuing presence in this country is in violation of the immigration laws, the Government does not offend the Constitution by deporting him for the additional reason that it believes him to be a member of an organization that supports terrorist activity.
It’s a long shot but it’s worth taking. If nothing else, further courtroom examination of ICE’s activities is likely to expose its selective enforcement of immigration laws — something it did plenty of under Trump, targeting the easiest-to-remove persons rather than the “worst of the worst” one of our worst presidents claimed immigration officers would prioritize.