The American Civil Liberties Union plans to fight newly revealed practices by the Department of Homeland Security which used commercially available cell phone location data to track suspected illegal immigrants.
"DHS should not be accessing our location information without a warrant, regardless whether they obtain it by paying or for free. The failure to get a warrant undermines Supreme Court precedent establishing that the government must demonstrate probable cause to a judge before getting some of our most sensitive information, especially our cell phone location history," said Nathan Freed Wessler, a staff attorney with the ACLU's Speech, Privacy, and Technology Project.
Earlier today, The Wall Street Journal reported that Homeland Security, through its Immigration and Customs Enforcement (ICE) and Customs and Border Protection (CBP) agencies, was buying geolocation data from commercial entities to investigate suspects of alleged immigration violations.
The location data, which aggregators acquire from cellphone apps, including games, weather, shopping and search services, is being used by Homeland Security to detect undocumented immigrants and others entering the U.S. unlawfully, the Journal reported.
According to privacy experts interviewed by the Journal, because the data is publicly available for purchase, the government practices don't appear to violate the law — despite being what may be the largest dragnet ever conducted by the U.S. government using the aggregated data of its citizens.
It's also an example of how the commercial surveillance apparatus put in place by private corporations in Democratic societies can be legally accessed by state agencies to create the same kind of surveillance networks used in more authoritarian countries like China, India and Russia.
“This is a classic situation where creeping commercial surveillance in the private sector is now bleeding directly over into government,” Alan Butler, general counsel of the Electronic Privacy Information Center, a think tank that pushes for stronger privacy laws, told the newspaper.
Behind the government's use of commercial data is a company called Venntel. Based in Herndon, Va., the company acts as a government contractor and shares a number of its executive staff with Gravy Analytics, a mobile-advertising marketing analytics company. In all, ICE and the CBP have spent nearly $1.3 million on licenses for software that can provide location data for cell phones. Homeland Security says that the data from these commercially available records is used to generate leads about border crossing and detecting human traffickers.
The ACLU's Wessler has won these kinds of cases in the past. He successfully argued before the Supreme Court in the case of Carpenter v. United States that geographic location data from cellphones was a protected class of information and couldn't be obtained by law enforcement without a warrant.
CBP explicitly excludes cell tower data from the information it collects from Venntel, according to what a spokesperson for the agency told the Journal — in part because it has to under the law. The agency also said that it only accesses limited location data, and that data is anonymized.
However, anonymized data can be linked to specific individuals by correlating that anonymous cell phone information with the real-world movements of specific individuals, which can be either easily deduced or tracked through other types of public records and publicly available social media.
ICE is already being sued by the ACLU for another potential privacy violation. Late last year the ACLU said that it was taking the government to court over the DHS service's use of so-called "stingray" technology that spoofs a cell phone tower to determine someone's location.
At the time, the ACLU cited a government oversight report in 2016 that indicated that both CBP and ICE collectively spent $13 million on buying dozens of stingrays, which the agencies used to “locate people for arrest and prosecution.”