Since 2016, hundreds of US Immigration and Customs Enforcement employees and contractors have faced internal investigations into abuse of confidential law enforcement databases and agency computers. The alleged misconduct includes a swath of unlawful behavior, from stalking and harassment to passing information to criminals.
ICE says these databases are vital tools for enforcing the law. However, agency records of internal misconduct investigations reveal that they can also be used to subvert it. They show for the first time how ICE employees allegedly exploited their access to these databases to unlawfully search or disclose sensitive information, including medical, biometric, and location data. And they detail how access to these databases can be misused to carry out personal schemes and vendettas.
According to an agency disciplinary database that WIRED obtained through a public records request, ICE investigators found that the organization’s agents likely queried sensitive databases on behalf of their friends and neighbors. They have been investigated for looking up information about ex-lovers and coworkers and have shared their login credentials with family members. In some cases, ICE found its agents leveraging confidential information to commit fraud or pass privileged information to criminals for money.
In total, ICE employees or contractors have been investigated for misusing agency data or computers at least 414 times since 2016. In nearly half of those incidents, the misconduct triggered investigations by the Office of Professional Relations (OPR), a division responsible for investigating allegations of serious misconduct, both criminal and noncriminal.
Of these serious misconduct cases, 109 were “substantiated” or “referred to management” after an internal investigation by OPR fact finders. Those include a Vermont-based enforcement and removals officer accused of “online solicitation of an intellectually disabled adult”; a special agent who received gifts from a Colombian drug trafficker in exchange for information; a Virginia deportation officer who altered electronic records to assist a family member; and an ICE attorney who stole immigrants’ identities in an attempt to defraud credit card companies.
ICE categorizes allegations as “substantiated” or “referred to management” if the evidence shows that the alleged misconduct is more likely to have occurred than not—a lower standard of proof than in criminal investigations.
The records do not include what disciplinary measures, if any, were imposed on ICE employees or contractors whose allegations of misconduct were substantiated by investigators.
While many of the records lack enough detail to discern the full nature of the allegations, two dozen investigations were categorized as criminal. And in at least 14 incidents, the records explicitly say that agents were investigated for allegedly using agency databases or computers to harass someone or make threats.
In March of 2021, for instance, a special agent in McAllen, Texas, allegedly used information from a US Department of Homeland Security (DHS) database called TECS to threaten a coworker. And in July 2020, employees at the Port Isabel Detention Center were investigated for illegally accessing a detainee’s medical records and sharing videos of detainees.
ICE did not respond to requests for comment in time for publication.
An ICE official familiar with the way internal investigations are conducted at the agency reviewed the records WIRED obtained. The official, who asked not to be named because they are not authorized to speak to the media, says that because ICE agents collectively query confidential law enforcement databases “many millions of times a year,” the presence of a few “bad apples” is inevitable and not particularly surprising.
But legal experts and privacy advocates who reviewed the data resoundingly disagree with the ICE official’s characterization of the issue as likely isolated to a handful of problematic officers.
“This isn’t about a few bad apples, it’s about a tree that’s rotten to the core,” says Albert Fox Cahn, the founder and executive director of the Surveillance Technology Oversight Project (STOP). “There’s no version of mass surveillance that’s compatible with civil rights.”
Erik Garcia, an organizer and program manager with the Long Beach Immigrant Rights Coalition, a Southern California-based migrant advocacy organization, says ICE agents’ abuse of confidential databases “very much is the culture of abuse and unchecked power at ICE. It’s part of the culture of policing generally, which makes me question whether they should be collecting this data in the first place.”
Data Visualization: Datawrapper
ICE is already under increased scrutiny for how agents are misusing the law enforcement tools at their disposal. In February, for example, the DHS inspector general released a report detailing how agents at ICE’s Homeland Security Investigations (HSI) division conducted illegal surveillance of cell phones using a controversial tool called a cell-site simulator.
Earlier this month, a WIRED investigation revealed how ICE used customs summonses to demand data from elementary schools, news organizations, and abortion clinics in ways that experts say could be illegal. “Calling ICE a rogue agency doesn’t even quite get at how bad the problem is with them,” said Emily Tucker, the executive director at the Center on Privacy & Technology at Georgetown Law, in response to those findings. “They are always pushing to the limits of what they are allowed to do and fudging around the edges without oversight.”
Law enforcement abuse of databases is far from unique to ICE agents. In the past decade, local police around the US have repeatedly abused their access to confidential databases. In 2016, an Associated Press investigation found that police officers across the country misused confidential law enforcement databases to get information on romantic partners, business associates, neighbors, and journalists.
The misconduct records that WIRED obtained detail similar allegations. However, due to ICE’s sprawling access to data sets from federal, state, local, and private entities, experts are particularly concerned about how an agency with a prolific history of misconduct could abuse these tools.
Last May, Tucker and three colleagues coauthored a report called “American Dragnet: Data-Driven Deportation in the 21st Century.” Their report, based on a review of ICE spending transactions, found that the agency has amassed an enormous trove of databases containing billions of data points that enable the agency “to pull detailed dossiers on nearly anyone, seemingly at any time.”
“The databases ICE employees can access contain almost everything you might want to find about someone: who they are, where they live, where they drive, and who their family is,” says Nina Wang, a policy associate at the Center on Privacy & Technology and one of the “American Dragnet” coauthors. “All of that access to bulk data leaves the door wide open for misconduct.”
ICE is one of 22 agencies housed under DHS. In 2021, the American Immigration Council used DHS privacy and compliance documents to compile a list of databases and information systems that DHS uses in relation to immigration law enforcement. The list captures the breadth of databases that ICE officials can access, some of which are referenced in the misconduct records.
Among the databases that ICE agents allegedly misused were those containing medical records, license plate reader data, and biometric data. One of the most widely misused databases in the records is the Investigative Case Management (ICM) system, software developed by the data-mining firm Palantir that serves as the primary database for information collected by ICE during criminal and civil investigations.
According to documents obtained by the Intercept, ICM allows ICE agents to access a kaleidoscope of data that reportedly includes information about “a subject’s schooling, family relationships, employment information, phone records, immigration history, foreign exchange program status, personal connections, biometric traits, criminal records, and home and work addresses.”
Representatives from Palantir declined to be interviewed for this story. But in an email, Courtney Bowman, the company’s director of Privacy and Civil Liberties, pointed WIRED to public documents detailing ICM’s oversight mechanisms, including its ability to log and record every query an individual makes.
Much of the ICM misconduct that internal investigators flagged involves employees looking up information about themselves—so-called self-queries. While this kind of misconduct might seem harmless, Adam Schwartz, a senior staff attorney at the Electronic Frontier Foundation, asserts that it speaks to a culture of impunity at the ICE. “When you have officers taking a database intended for a specific purpose and subverting for self-gain, it exposes a lawless and dangerous mindset,” Schwartz says.
To Fox Cahn of STOP, the presence of so many self-queries in the data might say more about how ICE monitors its databases for abuse than about the volume of underlying misconduct. Fox Cahn suggests that the likely reason so many self-queries appear in the records is that it’s easy for agencies to spot this kind of behavior. “They should really be going query by query to make sure that someone has a legitimate reason to do a search,” he says.
Because ICE did not answer specific questions about how it monitors misconduct, it’s unclear how the agency spots abuse of its databases.
Every expert we spoke to, including the current ICE official, says that because the vast majority of misconduct probably goes undetected, the records the agency released likely only detail a small fraction of the total abuse.
“If you’ve got hundreds of abuses, you have a systemic problem that needs a systemic solution,” says Schwartz. “This is a flood of misconduct,” he adds. “It raises serious questions about whether this is just the tip of the iceberg.”
WIRED categorized each record using the case summary for the incident to attempt to discern the nature of the underlying misconduct and the database or type of data that was abused. Each of the 414 allegations of misconduct in the database includes a short case summary of the incident, information about the employee involved, and a brief summary explaining how an internal investigation was conducted. We reviewed each summary and redacted any personally identifying information of victims or officers whose misconduct is unsubstantiated. WIRED is making the raw data available here.
