To place ICE surveillance within a legal and historical context, the authors and approximately a dozen supporting researchers, including Center staff and fellows, Georgetown Law students and Georgetown University undergraduates, employed a range of research methods.
First, we filed over 200 Freedom of Information requests with state and local entities. Those requests fell into three categories:
- 51 requests to the DMVs for all 50 states plus Washington, D.C., focusing on the DMVs’ use of face recognition systems and their disclosure of driver information to data brokers;
- 60 requests to the nation’s largest municipal gas, water and electric utilities, focusing on their disclosure of customer information to ICE and to data brokers; and
- 102 requests to the DMVs and lead state law enforcement agencies in all 50 states plus the district focusing on ICE’s queries to their employees and via direct access to those entities’ databases.
Those requests resulted in more than 9,000 pages of responsive documents. Our Appendix includes the model language for each of those requests. We informed our review of those responses with a separate survey of agency, congressional, and other reports and regulatory filings regarding INS’ and ICE’s approaches to interior enforcement.
Second, we conducted three separate legal surveys to understand the existing landscape of state and federal laws reining in ICE access to different kinds of data. These included:
- a survey of privacy laws applicable to gas, water, electric, cable and phone companies in all 50 states plus the district;
- a survey of state privacy laws for driver data held in the 17 jurisdictions (16 states plus the district) that offer driver’s licenses or privilege cards to undocumented residents; and
- a survey of federal privacy laws, including the DPPA and federal privacy laws applying to cable and phone providers.
Third, to estimate ICE’s surveillance capacities and investments, we reviewed every publicly available ICE procurement transaction listed on USAspending from 2008 to 2021, which totaled over 100,000 transactions. That involved an initial review to manually identify surveillance, data collection and data-sharing investments, followed by a second review aided by an algorithm trained on those known surveillance-related transactions. For more information on our use of process to identify ICE surveillance transactions and a detailed overview of our procurement review methodology, see the Appendix.
Fourth, we conducted a public source survey of all information regarding the Thomson Reuters CLEAR database, the LexisNexis Accurint database and the data broker Equifax to better understand how those entities secured access to customer address information held by utilities companies. Our research revealed that those companies were likely tapping into data held by a little-known trade group, the National Consumer Telecom & Utilities Exchange (NCTUE)—likely unbeknownst to millions of people whose data that organization held. We felt ethically bound to disclose that information as soon as possible and so released the information to The Washington Post in February 2021. The publication of our findings, combined with the advocacy of Just Futures Law and Mijente, led Senator Ron Wyden of Oregon to push NCTUE to cease the sale of over 170 million utility customers’ names, addresses and other personal information. As a result of these efforts, NCTUE instructed Equifax in October 2021 to end the sale of this data.
Fifth, to understand the harms this surveillance caused, we reviewed sociological and other scholarly literature on the impact of modern, data-driven immigration enforcement on the everyday lives of immigrants: their willingness to go to the doctor, to take their kids to school or to allow them to play on a public playground. That evidence-based and peer-reviewed research offers critical insight into the impact of surveillance and is not often taken into account in modern policy making around surveillance.
Finally, before and throughout this two-year period, we engaged in two advocacy initiatives that have given us a much clearer picture of the federal and state authorities that can limit ICE’s surveillance activities and conduct oversight to rein the agency in. We worked with the Brennan Center for Justice, NIJC and several other civil society organizations to mobilize a coalition of national immigrant rights and privacy organizations to press Congress to block ICE’s use of data from detained, unaccompanied children to target their sponsors for arrest and deportation. That effort succeeded in the passage of a 2018 appropriations rider that cut off ICE’s use of the data in many, but not all, instances. DHS Secretary Alejandro Mayorkas finally ended the program in 2021.
We also partnered with CASA, the mid-Atlantic region’s leading immigrant rights organization, in conjunction with Georgetown Law’s Federal Legislation Clinic to pass privacy laws in Maryland protecting utility customer records, driver records and other state-held data against warrantless disclosure to ICE or other immigration authorities. Those efforts succeeded in the passage of the Maryland Driver Privacy Act (HB 23, SB 234).
This report was peer-reviewed by 10 experts, a group of scholars, advocates and former government officials, including individuals previously employed by DHS. While some of our peer reviewers chose to remain anonymous, others are named in our Acknowledgments.