Database abuse by law enforcement is far from exclusive to ICE agents. Over the past decade, local US law enforcement have repeatedly abused their access to sensitive databases. In 2016, a associated press investigation found that police officers across the country misused confidential law enforcement databases to obtain information on romantic partners, business associates, neighbors, and journalists.
Misconduct records obtained by WIRED detail similar allegations. However, given ICE’s increasing access to data sets from federal, state, local and private entities, experts are particularly concerned about how an agency with a prolific history of misconduct could abuse these tools.
Last May, Tucker and three colleagues wrote a report called “American Dragnet: Data-Driven Deportation in the 21st Century.” Their report, based on a review of ICE spending transactions, found that the agency has amassed an enormous trove of databases containing billions of data points that allow the agency “to obtain detailed records on almost any person, apparently at any time”.
“The databases that ICE employees can access contain just about everything you could want to find out about someone: who they are, where they live, where they drive, and who their relatives are,” says Nina Wang, policy associate at the Center on Privacy & Technology and one of the co-authors of “American Dragnet”. “All that access to big data leaves the door open for misconduct.”
ICE is one of 22 agencies housed under DHS. In 2021, the American Immigration Council used the DHS Privacy and Compliance Documents to compile a list of databases and information systems that DHS uses in connection with immigration enforcement. The list captures the breadth of databases that ICE officers can access, some of which are referenced in misconduct records.
Among the databases that ICE agents allegedly misused were those containing medical records, license plate reader data, and biometric data. One of the most misused databases in registries is the Investigative Case Management (ICM), software developed by data mining company Palantir that serves as the primary database for information collected by ICE during criminal and civil investigations.
According documents obtained by InterceptICM allows ICE agents to access a kaleidoscope of data that reportedly includes information on “a subject’s education, family relationships, employment information, phone records, immigration history, foreign exchange program status , personal connections, biometric traits, criminal records, and home and work addresses.”
Palantir representatives declined to be interviewed for this article. But in an email, Courtney Bowman, the company’s director of Privacy and Civil Liberties, told WIRED public documents detailing ICM’s oversight mechanisms, including its ability to log and log every query a person makes.
Much of the ICM misconduct that internal investigators pointed to involves employees seeking information about themselves, so-called self-inquiries. While this type of misconduct may seem harmless, Adam Schwartz, a senior attorney at the Electronic Frontier Foundation, says he speaks to a culture of impunity at ICE. “When you have officers take a database intended for a specific purpose and subvert it for their own gain, it exposes a dangerous and lawless mindset,” says Schwartz.