The way the government collects and stores data on immigrants is about to change in a big way that could invade the privacy of undocumented people, but also the people to whom they are connected. A proposed rule change at the Department of Homeland Security would affect how information in their records is shared and with whom, in ways that could be disruptive across the government. For individuals who are swept up in raids, under the new rule their information could be shared much more freely throughout the government, including perhaps, with local law enforcement. That freer sharing has unintended consequences for people who may not even know that they are connected to those undocumented individuals, according to privacy advocates critical of the proposal.
The memo, released on Friday, outlines new draft guidance for immigration enforcement. It says, in part, that government agents with Immigration and Customs Enforcement, or ICE, can ignore the 1974 Privacy Act when it comes to finding undocumented immigrants who don’t have legal status. That could create logistical burdens for government and impact the privacy and personal data of people well beyond undocumented workers.
The memo is brief. The portion that applies to privacy is but a single paragraph.
Most federal agencies extend some Privacy Act protections to immigrants that do not hold green cards, so that green card holders, legal aliens, and other foreigners are classified in the same way (called a mixed data system) in most U.S. data systems in terms or privacy protections—a policy that dates back to the George W. Bush administration, said Neema Singh Guliani, a legislative counsel with the ACLU.
There’s a very practical reason for that. A record for a single person, say someone seeking a green card, might contain information on dozens of other people. Their visa application could include information about a fiancé who is also applying for residence or services. One might find information on someone outside of the country awaiting entry, within the same record of someone already in the country, etc. By applying privacy protections to everyone, the government can better ensure that they aren’t leaking data of someone that should be covered.
Undoing that rule means agents and analysts would spend a lot more time figuring out what privacy protections apply to individuals in each category, and in what type of records. It could be especially time-consuming in cases where a record of one person mentions multiple other people. “You can imagine that applied to the number of data pieces throughout the federal government. From a pure resource implementation standpoint, you’re creating a nightmare and you’re creating the possibility of error,” Guliani told Defense One.
If ICE agents arrest someone, the agents still need a warrant to go through that individual’s phone. Once the government “has collected it and they have the information, the limitations on how that information can be shared, the process that the agencies have to go through, is going to be diminished” under the new rules, according to Guliani. “Even if they could be shared before, there was a process the agencies had to go through. They had to request permission. There was paperwork. In some cases it was a natural limiter or a natural protector.”
Under the proposed new rules, the warrant requirement would still exist, but any data that is collected could be shared more freely. That could cause a privacy nightmare for people who are mixed up in those digital records even if they aren’t undocumented.
Now think about all the information that an average person creates in a year. If you count all your digital interactions, it’s approximately 6 sextillion bytes (zettabytes) per year. Most of it is pretty unremarkable: music and movies streamed, for example. But much of it is personal. Where you’ve been, who you’ve texted, emailed, etc. You might not think that you share any digital data with an undocumented individual, but there are more than 11 million such individuals in the United States. Can you really be sure? Those network effects are why a loss of privacy for some affects a wider network than is immediately perceivable.
Consider that with just four location data points connected to a single phone number, over the course of an hour it’s possible to reconstruct the identity of a mobile phone user, something that MIT researchers Yves-Alexandre de Montjoye and César A. Hidalgo discovered in 2013.
“Personal data about an individual often contains personal information about others. The phone records or emails of a person can contain information about the whereabouts, or the social interactions of other people,” said Hidalgo, now the director of the Collective Learning Group at the MIT Media Lab. “Our data is connected. It is data about communications. That’s why saying that you can violate the privacy of some, while assuring others that their privacy is not being violated, is most likely naive or misleading.”