Assistant Director of Field Operations for U.S. Immigration and Customs Enforcement (ICE) Matthew Elliston’s badge and gun holster at a Q&A held for media during a two-day ICE job fair in Texas to help fill vacancies for deportation officers and attorneys, in Arlington, Texas, U.S. August 26, 2025. / REUTERS/Shelby Tauber

A recent executive order titled “Stopping Waste, Fraud, and Abuse by Eliminating Information Silos” mandates that the federal government be granted “unfettered access to comprehensive data from all State programs that receive federal funding,” including data held in third-party databases in order to enhance oversight.

“A rapidly expanding system of surveillance threatens not only the immigrant communities but the privacy rights of all Americans,” said Nicole Alvarez, Senior Policy Analyst for Technology Policy at the Center for American Progress, at an American Community Media briefing. 

“The Trump Administration Is Using Americans’ Sensitive Data To Build a Digital Watchtower”, is the title of a report authored by Alvarez. 

The personal information people share with the federal government when they apply for benefits, file taxes, register for public services, or interact with agencies in any official capacity for instance social security numbers, medical records, immigration status, tax returns form part of this digital watchtower. This data, given to individual agencies is reused, repurposed, and shared across agencies in ways that were never intended nor expected, said Alvarez.  

“The information provided to one federal agency for a specific purpose, like applying for benefits or paying your taxes, is reused by the same agency, a different agency, or a different entity entirely for a different purpose without people’s knowledge and consent, " warned Alvarez. 

Old systems are breaking down 

The Privacy Act of 1974 lays down “purpose limitation”, a principle in data protection and privacy law that agencies cannot share that information with anyone else unless the law allows it in very limited circumstances, or the person has given their written consent.

This Act however was written before the internet and mass data storage, and linked massive databases existed. Now, for example, the IRS has begun sharing taxpayer data with Immigration and Customs Enforcement (ICE) to help identify and deport immigrants who have paid taxes in good faith, This is a major shift, because this is not what the systems were built for when these people submitted their information to the IRS. 

The IRS commissioner, who was appointed by President Trump earlier in 2025 resigned in protest because of privacy concerns !

Unfortunately this isn't happening in isolation. Similarly Medicaid enrollment records have been reportedly used to identify immigrants for deportation.

“Often seeking care, or simply fulfilling their civic responsibilities the person is fed by healthcare safety nets into a surveillance pipeline going far beyond just privacy violations. They actively erode trust in public institutions,” said Alvarez. 

The Department of Government Efficiency (DGE) is copying or transferring the raw data into one centralized repository, which creates a single point of access where Doge staff and potentially other agencies can query across all records at once. 

Everyone who has interacted with a federal agency is now vulnerable.  The infrastructure that is being built is designed to scale, and once it's in place, it can and will be used against other groups, such as journalists, protesters, voters, and everyday Americans, warned Alvarez. The longer a centralized database remains in use the more deeply it becomes embedded in government operations and that makes it harder to unwind. 

Extensive digital surveillance power 

The federal government, through the Department of Homeland Security (DHS) has extensive digital surveillance powers, agreed Emerald Tse, Associate at Georgetown’s Center on Privacy & Technology. 

In their report, American Dragnet, Data-Driven Deportation in the 21st Century, which the Privacy Center published in 2022, they revealed that ICE uses digital surveillance to monitor the lives of a majority of people in the United States. 

The report documented that ICE has access to the driver's license data of three out of every four adults in the U.S. and has used facial recognition on the driver's license photos of approximately one in three. ICE was found to be tracking the movements of drivers in cities housing nearly 75% of the U.S. adult population. 

The report stated that ICE could locate 75% of adults in the U.S. through their utility records, which include information from gas, electricity, phone, and internet providers.

ICE built its surveillance dragnet by secretly tapping into data from private companies and state and local government agencies, often warrantlessly. This was achieved by leveraging third-party data brokers like Thomson Reuters and LexisNexis.

Between 2008 and 2021, ICE spent approximately $2.8 billion on new surveillance, data collection, and data-sharing programs. 

DNA is collected at the border

The federal government has expanded genetic surveillance 

The report “Rating the genome, how the United States government is abusing its immigration powers to Amass DNA, for future policing”, details the drastic expansion of a DHS program to take DNA from thousands of people to create profiles for a federal policing database called CODIS. Law enforcement across the country can search the profiles in this database to identify people who have committed crimes in the past. The federal government has defended DNA collection from immigrants, as a way to predict who might commit crimes in the future.

“We found that DHS was adding more profiles to the federal criminal policing database at a rate much faster than we originally anticipated,” said Tse. Profiles were added, regardless of whether a person committed a crime or had been charged with a crime. They had been added regardless of the person's age. 

These massive surveillance powers whether they be our personal information or our genetic information, our biometric information, this power is in the hands of the government.

Sophia Cope, Senior Staff Attorney at the Electronic Frontier Foundation shared another way the digital watchtower is conducting surveillance.  

Social media surveillance

In the first Trump administration the State Department added a question to the visa application, and to the ESTA form for visa waiver travelers asking folks for their social media handles that they've used over the prior 5 years. “The goal of that is for the consular officials, to actually look at any public social media and then evaluate whether or not a visa should be granted or ESTA form should be approved,” said Cope.

“Most recently, they announced they are gonna engage in continuous vetting of all visa holders here in the United States and they have said that that includes looking at their social media.”

Essentially, it grants Customs and Border Protection's (CBP), the authority to search devices in two ways. One is what they call basic search, which is a manual search by mousing, tapping, scrolling, etc. through a device or folders and files. The other is forensic search, where they actually plug another device, another computer, into the device and use sophisticated software to either download the entire hard drive or do sophisticated data searches and analyses on the data on the device.

How to prepare their devices, to cross the border

Cope advises at the border, power down your devices. Most importantly, make sure your data and your phone or laptop, is backed up either to a cloud or some other device, even a thumb drive.

In the 2018 policy, CBP explicitly says that they will not look at information in the cloud. They only look at data that's resident on the device. The officer has to put the device in airplane mode or otherwise disconnect it from the internet. 

“They can only look at the data that is accessible without internet access. Sometimes, even when the device is in airplane mode, some data will still be cached on the device,” she warned. She recommends “delete the app.”

Public social media handles may have already been reviewed in the granting of the visa. So it's possible you might still get questioned on information that was accessible. 

Cope advised that people regularly update their devices’ software, when prompted, because of so-called “zero click” spyware infiltrations. This means that, if a person’s device is not updated, and they open messages on an encrypted service like WhatsApp or Signal, it is accessible by this spyware, because the message is decrypted so that the receiver can read it.

“If there is a software update for your device, install it immediately, because most of the time, it’s a security update to patch a vulnerability.”

The U.S. government has steadily expanded its use of surveillance tools, often under the banner of fighting fraud, stopping crime, or detecting undocumented immigrants. But those same tools, from DMV database access, facial recognition, cellphone tracking and data broker contracts, are now building a vast infrastructure that reaches far beyond immigration enforcement.

This digital dragnet has the potential to place every American under unprecedented scrutiny. By compiling and cross-linking personal information, the state increases the risk of political targeting, identity theft, and massive data breaches. 

“What starts as surveillance of immigrants can quickly become surveillance of all, eroding the privacy rights of every resident.”