Digital Deportation: DHS Surveillance That Could Fuel Trump’s Plans for Mass Deportations

Once again, Donald Trump’s presidential administration will heavily feature hardline immigration policies, with the incoming president aiming to carry out “the largest deportation operation” in U.S. history. On his first day back in office, Trump restricted immigration, suspended the U.S. refugee admissions, and denied birthright citizenship for U.S. born children of unauthorized parents—a move that is already facing constitutional challenges. At the same time, Trump declared a national emergency at the U.S.–Mexico border, directing military support for border security and immigration enforcement operations. With Trump having vowed to initiate mass deportations of over 11 million undocumented immigrants (or 3 percent of the U.S. population), many cities are bracing for the impact of Trump’s policy changes.

At the center of mass deportation efforts will be the Department of Homeland Security (DHS), where a history of inappropriate data and technology practices could be galvanized—and potentially expanded—to target undocumented immigrants. Over the past decade, DHS has steadily grown its technical prowess, advancing data collection and integrating artificial intelligence (AI) across the agency. At the same time, DHS has historically avoided transparency and oversight, often allowing the agency to abuse its power and expand surveillance capabilities. For authorized immigrants and U.S. citizens alike, DHS’s practices compromise data privacy and contribute to a growing threat of government surveillance under a president who promises retaliation against civil servants, journalists, and people he views as political foes.

While there are serious legal and logistical challenges standing in the way of the Trump administration’s implementation of mass deportations, the threat against undocumented immigrants is unmistakable. But the incoming administration’s immigration agenda is poised to impact more than undocumented immigrants. Trump’s suspension of asylum and parole programs places the future of over 1.3 million migrants who are legally in the U.S. awaiting asylum in limbo. Trump’s appointed “border czar,” Tom Homan, who previously oversaw family separations at the border, even stated in an interview with CBS that “families can be deported together,” though there would be constitutional challenges to this approach if members of those families are citizens.

With the livelihoods of millions at stake, civil society, policy makers, and industry must take action to hold DHS accountable and protect the rights and privacy of individuals across the United States.

Investigations into DHS—especially within the U.S. agencies of Immigration and Customs Enforcement (ICE), Customs and Border Patrol (CBP), and Customs and Immigration Services (USCIS)—reveal how the Department surveils immigrants. There are three concerning trends that arise from these investigations, and they provide insights into how the Department may mobilize data and technology for mass deportations.

1. DHS collects, accesses, stores, and shares troves of personal data, circumventing traditional privacy protections and facilitating government surveillance.

DHS collects a wide range of sensitive data, which can be used to identify, locate, and potentially discriminate against migrants. During the first Trump administration, Trump restored a Bush- and Obama-era biometric data sharing program with law enforcement and removed Privacy Act protections for immigrants. Later in 2020, DHS accelerated its biometric data collection, gathering over 1.5 million DNA samples to include in a national law enforcement database. Collection often occurred without appropriate notice or under misleading or intimidating circumstances, violating constitutional protections. This data may be used to locate migrants as Trump taps local police to aid deportation efforts. Trump may further expand biometric data collection of immigrants by renewing a proposed rule initiated under his first term but withdrawn under the Biden Administration.

DHS also collects data through smartphone apps, ankle monitors, and smartwatches used to monitor migrants awaiting immigration decisions. Documents uncovered by immigrant rights groups revealed that ICE had used these tools for undisclosed invasive data collection—which included harvesting real-time location data, addresses, employment and financial information, religious affiliations, and health histories. The agency further monitors migrants through social media, attempting to identify “derogatory” content and “criminal patterns” among migrants.

Where DHS does not collect data directly, its components use other avenues to gain access to personal information. ICE and CBP, for example, access DMV records and purchase commercially-available data from private brokers. By purchasing information from data brokers, DHS uses a legal loophole to obtain personal data that would traditionally be protected or require a warrant for government access.

To find undocumented immigrants, DHS must sift through the data of millions of Americans. One investigation found ICE has access to the driver’s license data of three in four adults, and could locate just as many through their utility records—regardless of citizenship status. ICE has also used administrative subpoenas to seek information from schools, nonprofits, and news outlets. DHS’s ability to access this data often occurs without state, Congressional, or judicial review, bypassing legal protections.

Together, these practices offer deeply detailed insights into the private lives and locations of millions of migrants. This data is likely to be included in the Homeland Advanced Recognition Technology System (HART), which is a database slated to collect and share biometric data, invasive personal information, and subjective officer comments of over 272 million citizens and non-citizens in the United States. While this data collection may be biased or incorrect, it can be used to facilitate mass deportations and unchecked government surveillance.

2. The Department’s integration of AI into immigration services and enforcement can amplify the risks of inappropriate data collection and surveillance.

DHS uses AI to assist in data collection and surveillance—for example, mining social media and digitizing border patrol. Facial recognition advancements, often at the heart of surveillance technology, are increasingly integrated into DHS databases and migrant-facing technologies. These tools enable mass surveillance of individuals—including minors—from a variety of image sources without notice or consent. Studies show that the technology is less accurate for women and people of color, raising discrimination and accuracy concerns.

The ways that DHS uses AI also impacts critical decisions about migrants. A 2024 report raises concerns about AI used to evaluate immigration applications and determine a detained migrants’ likelihood of evading agency supervision, known as their “Hurricane Score.” The score informs agency decisions regarding deportation, detention, and digital monitoring.

3. DHS lacks transparency and oversight for the data and technology practices that fuel migrant surveillance.

DHS’s pattern of inadequate privacy measures for personally identifiable information (PII)—despite government protections of such data being legally required—puts sensitive information and individuals at risk. For example, ICE accidentally posted over 6,000 asylum seekers’ personal information, publicly exposing the identities of individuals fleeing government persecution. Privacy concerns also extend to DHS’s biometric data use. DHS has previously neglected to implement sufficient data safeguards, provide notice of use, and audit partners with access to facial recognition.

At the same time, opaque systems make it difficult for individuals to know what data is collected by DHS and how it is used. For example, the HART database that is currently being developed by DHS is exempt from Privacy Act accuracy and redress requirements, meaning individuals will not be able to verify if their personal data is included or correct any errors in the data collected. Such privacy exemptions help DHS data collection strategies, which are often done by bypassing traditional protections. Even when violations are exposed, corrective action is not always taken. For example, an internal investigation found ICE’s and CBP’s use of commercial cell phone data violated DHS’s own privacy standards. And while DHS ended the practice, the agency continues to buy other commercial data, and recent actions suggest the Department may soon resume purchasing cell phone data.

While DHS’s internal AI policies are aligned with the Biden Administration’s Executive Order for Responsible AI, it’s unclear if the Department sufficiently safeguards against AI misuse. Over 140 civil society groups raised concerns about AI practices in immigration and border surveillance, questioning DHS’s compliance with federal guidelines. A 2024 GAO report further emphasized these issues, noting DHS’s AI inventory is incomplete and lacks processes to document and verify AI reporting. With the incoming Trump Administration repealing the executive order, even minimal AI protections may disappear.

To identify, locate, and deport over 11 million people is a massive undertaking that will require access to personal information about individuals across the United States. DHS immigration agencies have long been expanding their surveillance and data capabilities—most recently seen with ICE’s contract with Paragon, a foreign-based spyware company. Trump’s second presidency may result in increasingly invasive practices. In November 2024, just hours after Trump was elected President of the United States, ICE released a notice looking to expand its surveillance technology contracts with private companies.

Holding DHS accountable and scaling back its undue, invasive data collection and surveillance is unlikely to occur under the incoming administration, which prioritizes curbing immigration and dismantling government oversight. In addition to repealing the Executive Order for Responsible AI, Trump may roll back other safeguards and expand AI-powered surveillance to advance his agenda—as he did during his first term. Without proper transparency and safeguards in place, it will be increasingly difficult to prevent government misuse of technology.

While there are some safeguards to prevent unprecedented mass deportations and government surveillance, action is needed to address current and future DHS abuses. Even under a presidential administration that will likely galvanize DHS’s bad data practices, civil society, industry, and state and federal policymakers can still take action to curb data collection, shore up data vulnerabilities, and push back against potential surveillance expansions.

Civil society should continue to call out DHS’s violations of legal protections and individual rights. State and federal policymakers can push for stronger protections for sensitive data—including protecting state-held databases from DHS access, prohibiting government agencies from purchasing commercial data, and creating stricter data protection requirements for government contractors. Industry can also play a role in supporting accountable practices by creating responsible AI tools or refusing to contract with immigration agencies. To curb government access to personally identifiable information, service providers can limit the sensitive data collected on individuals, especially location data. Together, these small actions can help protect sensitive data privacy and limit surveillance expansions.