Alleged ICE, DHS location data purchases under scrutiny by Democrats

More than 70 Democrats in the House and Senate are pushing the Department of Homeland Security’s inspector general to open a new investigation into the agency’s “warrantless purchases of Americans’ location data.” 

In a letter sent Tuesday, the lawmakers tasked IG Joseph Cuffari with investigating whether Immigration and Customs Enforcement is purchasing illegally obtained location data about Americans, how that data has been used, whether audits of employee access to uncover abuse are occurring and the policies governing data usage. 

“Location data is extremely sensitive, and can reveal someone’s religion, their political views, medical conditions, addictions, and with whom they spend time,” the Democrats said. “It is for that reason that ordinarily, the government must obtain a warrant from a judge in order to demand such data from phone or technology companies.”

The letter comes nearly three years after an initial IG report found that Customs and Border Protection, the Secret Service and ICE violated federal law through warrantless purchase and use of location data.

As part of that 2023 report, the watchdog office said the DHS components did not adhere to established privacy policies, nor did they develop sufficient guardrails before procurement and use. Cuffari pointed to shared accounts, ad hoc record maintenance and no supervisory review of usage. 

The IG recommended that ICE discontinue use of commercial telemetry data until privacy impact assessments were completed, as well as suggesting the development and implementation of compliance controls. 

Despite ICE ending a program in 2023 that centered on Americans’ cell phone data after the probe, public contracting documents indicate the DHS component has since resumed the practice, according to lawmakers. 

“Your 2023 report noted that there was no DHS-wide policy governing component use of commercial location data,” lawmakers said in their letter. “Your office recently confirmed that this recommendation remains open.”

The oversight attempt by Democrats via Tuesday’s letter is the latest in a series of moves designed to rein in DHS’s broad data-gathering and sharing agenda. 

In late February, more than a dozen members of a House Oversight subcommittee expressed concern in a letter to Secretary Kristi Noem regarding cellphone data procurement. Similar to the newest letter, these lawmakers pointed to reports of DHS contracts with Penlink and Paragon, vendors known to provide access to mobile devices. 

In addition to third-party vendors, ICE has turned to other federal agencies as part of its massive data-collection efforts. ICE requested 1.28 million taxpayer records from the IRS last summer, leading the tax agency to share 47,289 addresses with law enforcement, in what is now characterized as an unlawful exchange, according to a court filing Thursday. ICE has also leaned on data from the Department of Motor Vehicles and the Centers for Medicare & Medicaid Services, as well as interagency coordination with the Transportation Security Administration.

The agency’s mobile biometric applications have spurred concern, too. 

In January, members of the House Homeland Security Committee sought to set limits on the use of apps like Mobile Fortify. The mobile app compares biometric information with agency records for identity verification, according to DHS’s AI inventory. The app has been deployed since May 2025 despite still needing to complete several minimum governance-related requirements, such as implementing monitoring protocols to identify adverse impacts and establishing an appeal process for impacted individuals. 

Lawmakers and privacy advocates have also warned of transparency gaps that raise questions about — and underline the need for — oversight mechanisms. 

The inspector general has already launched an audit of the agency’s processes around biometric data and personally identifiable information. The privacy probe, which began last month, is meant to determine how the data is collected, managed, shared and secured. The watchdog office told CyberScoop the investigation would include ICE and DHS’s Office of Biometric Identity Management, with the potential to encompass other components. 

DHS is said to operate more than 800 information systems across its 23 components, according to the inspector general office, which has kept an eye on the agency’s — sometimes lackluster — IT processes. In a report published in January, the watchdog office found the agency continues to “face significant challenges in ensuring consistent implementation of information security policies and controls across its components, leaving systems vulnerable to cyber threats.”