ICE Records Reveal How Agents Abuse Access to Secret Data

Law enforcement abuse of databases is far from unique to ICE agents. In the past decade, local police around the US have repeatedly abused their access to confidential databases. In 2016, an Associated Press investigation found that police officers across the country misused confidential law enforcement databases to get information on romantic partners, business associates, neighbors, and journalists. 

The misconduct records that WIRED obtained detail similar allegations. However, due to ICE’s sprawling access to data sets from federal, state, local, and private entities, experts are particularly concerned about how an agency with a prolific history of misconduct could abuse these tools.

Last May, Tucker and three colleagues coauthored a report called “American Dragnet: Data-Driven Deportation in the 21st Century.” Their report, based on a review of ICE spending transactions, found that the agency has amassed an enormous trove of databases containing billions of data points that enable the agency “to pull detailed dossiers on nearly anyone, seemingly at any time.”

“The databases ICE employees can access contain almost everything you might want to find about someone: who they are, where they live, where they drive, and who their family is,” says Nina Wang, a policy associate at the Center on Privacy & Technology and one of the “American Dragnet” coauthors. “All of that access to bulk data leaves the door wide open for misconduct.” 

ICE is one of 22 agencies housed under DHS. In 2021, the American Immigration Council used DHS privacy and compliance documents to compile a list of databases and information systems that DHS uses in relation to immigration law enforcement. The list captures the breadth of databases that ICE officials can access, some of which are referenced in the misconduct records. 

Among the databases that ICE agents allegedly misused were those containing medical records, license plate reader data, and biometric data. One of the most widely misused databases in the records is the Investigative Case Management (ICM) system, software developed by the data-mining firm Palantir that serves as the primary database for information collected by ICE during criminal and civil investigations.  

According to documents obtained by the Intercept, ICM allows ICE agents to access a kaleidoscope of data that reportedly includes information about “a subject’s schooling, family relationships, employment information, phone records, immigration history, foreign exchange program status, personal connections, biometric traits, criminal records, and home and work addresses.” 

Representatives from Palantir declined to be interviewed for this story. But in an email, Courtney Bowman, the company’s director of Privacy and Civil Liberties, pointed WIRED to public documents detailing ICM’s oversight mechanisms, including its ability to log and record every query an individual makes.

Much of the ICM misconduct that internal investigators flagged involves employees looking up information about themselves—so-called self-queries. While this kind of misconduct might seem harmless, Adam Schwartz, a senior staff attorney at the Electronic Frontier Foundation, asserts that it speaks to a culture of impunity at the ICE. “When you have officers taking a database intended for a specific purpose and subverting for self-gain, it exposes a lawless and dangerous mindset,” Schwartz says.