404 Media

2026-04-06 13:53:56

Wildlife Conservation Police Are Searching Thousands of Flock Cameras for ICE

Florida’s Fish and Wildlife Conservation Commission (FWC) police are performing dozens of license plate lookups on Flock cameras for Immigrations and Customs Enforcement (ICE), according to public records that show details of the searches.

The practice highlights how ICE, which does not have a contract with Flock, continues to get access to Flock’s AI-powered license plate scanning cameras through local and state police, and often in ways that are unusual, unexpected, and difficult for the public to track or hold the agency accountable for. In this case, ICE has gained access to Flock data through a law enforcement agency that is nominally supposed to be focused on conservation, protecting endangered species, and investigating boating and maritime issues. 404 Media initially reported on how ICE was getting side-door access to Flock data via local police in May 2025.

That reporting led to a series of reforms and safeguards that are supposed to make it easier for law enforcement agencies that use Flock to opt out of having their surveillance camera data passed to federal agencies; a blog post by Flock called “Does Flock Share Data With ICE?” now states plainly “No. Flock does not work with U.S. Immigration and Customs Enforcement or any other sub-agency of the Department of Homeland Security.” But in practice, the public records show that as of the end of January (the most recent data available) thousands of agencies around the country were sharing their camera data with the Florida Fish and Wildlife Conservation Commission police, which was then regularly performing lookups for ICE.

Flock cameras continually scan the license plate, brand, and color of every vehicle that drives by. Law enforcement can then search the Flock system to see where else a vehicle has travelled. Crucially, Flock maintains a national lookup tool where agencies in one state can search data generated by cameras in another, even if those cameras are on the other side of the country. Law enforcement typically do this without a warrant.

💡
Do you know anything else about Flock? I would love to hear from you. Using a non-work device, you can message me securely on Signal at jason.404. Otherwise, send me an email at jason@404media.co.

A January Flock network audit for Ball State University, a public university in Indiana that has a contract with Flock, shows that the Florida Fish and Wildlife Conservation Commission police performed 38 different Flock searches for reasons that were listed as “immigration.”

Flock network audits are spreadsheets that have a separate entry for each time a police department’s Flock data is queried by another agency. Each entry contains information about how many different networks and cameras were searched, the time of the search, and the stated “reason” for the search. The searches performed by the Florida Fish and Wildlife Conservation Commission had reasons that ranged from “Immigration (civil/administrative) - I.C.E.” to “Immigration (criminal) - General Criminal Investigation” to “Immigration (criminal) - I.C.E.” The network audit indicated that more than 5,000 different Flock networks were searched in each case, indicating that, as of January, thousands of towns and cities were still sharing data with agencies that ultimately work with ICE despite new safeguards put in place by Flock.

“This highlights when you do mass surveillance, you really can’t control the data,” Jay Stanley, a senior analyst with the American Civil Liberties Union’s (ACLU) Speech, Privacy, and Technology Project, told 404 Media. “I doubt there were many cities that were debating the Florida Fish and Wildlife Services doing searches for ICE when they were talking about whether they should get Flock. It shows these searches can come from really any direction.”

The records in question were obtained from Ball State University by the journalist David Covucci, who covers college sports for his website FOIABall. Covucci shared the documents with 404 Media. The documents showed that, beyond the Florida Fish and Wildlife Conservation Commission police, the Texas Department of Public Safety, Grant County Indiana Sheriff's Office, Lake County Indiana police, Sarasota County Florida police, Brevard County Florida Sheriff's Office, Nebraska State Patrol, Tennessee Highway Patrol, Fort Pierce Florida Police Department, and Mississippi Department of Public Safety had all done immigration-related Flock searches in January. This means that all of these agencies ultimately searched Flock cameras on Ball State’s campus (and thousands of others across the country) for immigration-related purposes.

Police with the Florida Fish and Wildlife Conservation Commission are able to do these lookups for ICE because in August, Florida Gov. Ron DeSantis enrolled nearly 800 of its officers in 287(g), a Department of Homeland Security (DHS) program that gives state and local police certain immigration enforcement powers. DeSantis has essentially turned many state police into an extension of ICE: “Florida is setting the example for states in combating illegal immigration and working with the Trump Administration to restore the rule of law,” DeSantis said in a press release announcing the move. “By allowing our state agents and law enforcement officers to be trained and approved by ICE, Florida will now have more enforcement personnel deputized to assist federal partners. That means deportations can be carried out more efficiently, making our communities safer as illegal aliens are removed.”

The ACLU published a report in February about how the expansion of the 287(g) program has vastly increased the Trump administration’s deportation force. “While in recent months the nation’s attention has rightly focused on the violence and abuse perpetrated by ICE and Border Patrol agents in places like Minneapolis, in Florida and around the country, communities are experiencing another kind of terror: Their own law enforcement agencies, working hand in glove with the Trump administration, are the perpetrators of blatant racial profiling, harassment, and even violence,” the report says.

The report specifically notes that “Florida appears to have devoted more state and local law enforcement resources to immigration enforcement than any other state, resulting in numerous cases of harassment and profiling of U.S. citizens and noncitizens alike, a climate of extreme fear in communities, and reports of serious civil rights violations.”

The ACLU’s Stanley said that the expansion of 287(g) has made a lot of the debates that communities are having about federal access to Flock data feel outdated, because they may fail to grapple with the fact that local police around the country are now doing work on behalf of federal authorities. “A lot of the focus in communities and elsewhere where Flock is controversial have focused on this question of ‘Will the feds be able to access this data?,’” Stanley said. “This is a reminder that the sharp expansion of 287(g) has made that almost moot because a lot of local authorities are working so closely with ICE.”

Flock has in recent months attempted to distance itself from ICE, in part with the “Does Flock Share Data With ICE?” blog post and with numerous media appearances and LinkedIn posts by its executives. Flock has repeatedly leaned on the idea that its customers own and control their data, and that Flock has made numerous changes to comply with several states’ laws that forbid the use of license plate reader data for immigration or abortion enforcement, or which ban the transfer of license plate camera data out of the state altogether.

“As we've shared with your organization many times, all our customers own their data and choose how to use it, provided it complies with local laws and statutes,” a spokesperson for Flock told 404 Media. “In cities and states where cooperating with federal immigration is against the law, we block that from happening within the product itself. In states where cooperation is legal, customers and their local values determine how they choose to enforce the law.”

The Florida Fish and Wildlife Conservation Commission did not respond to multiple requests for comment. A spokesperson for Gov. DeSantis’s office, however, told 404 Media that the Fish and Wildlife Conservation Commission continues to work with ICE. “Please note that it is NOT out of the ordinary for FWC to work alongside ICE as they have a 287 (g) agreement with them-as do all State of Florida law enforcement agencies,” they said.

404 Media, other reporters, and transparency advocates have been reporting on the use of Flock cameras primarily by obtaining network audits through public records requests. But the utility of those network audits is rapidly deteriorating; as we reported earlier this year, Flock has made changes to its network audits that makes each individual entry more vague, and authorities have warned police to be “as vague as permissible” about the reasons why they are using Flock. Many Flock search reasons simply say “investigation” or another blanket term, making it impossible to know why the system was really used. Because of this change, it may become harder to track which agencies are working with ICE, and how often it’s happening.

“I think everybody using Flock knows you can get away with putting something like a generic descriptor that won’t tip off communities to what’s going on,” Stanley said. “This window of visibility is closing, even this very limited flawed, manipulable window of visibility is closing.”

Police Told to Be ‘as Vague as Permissible’ About Why They Use Flock

The documents show law enforcement sees themselves as being consistently and universally under threat from the people it is supposed to protect.

^{Jason Koebler (404 Media)}

404 Media

2026-03-31 13:14:12

How Thomson Reuters Powers ICE and Palantir

Thomson Reuters, the media company which is also a data broker, has long provided underlying personal data for Immigration and Customs Enforcement (ICE) tools, according to documents obtained by 404 Media and sources. There are also indications its data is now part of the Palantir system ICE uses to find which neighborhoods to target.

The findings draw a clearer line between Thomson Reuters’ data business—which can involve selling names, addresses, car registration information, Social Security numbers, and details on someone’s ethnicity under the brand name CLEAR—and the specific tools ICE is ingesting the data into. The news also comes after Thomson Reuters employees sent leadership a signed letter expressing their unease with the company’s ICE and Department of Homeland Security (DHS) contracts, the Minnesota Star Tribune reported last month.

“If these allegations are true, they cut directly against Thomson Reuters’ claims that its products and services are limited to fighting serious crime and are not facilitating deportations,” Emma Pullman, head of shareholder engagement and responsible investment for the B.C. General Employees’ Union (BCGEU), told 404 Media. BCGEU is a minority shareholder in Thomson Reuters and has recently engaged the company concerning its work with ICE, BCGEU said.

💡
Do you work at Thomson Reuters, Palantir, or DHS? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.

This post is for subscribers only

Become a member to get access to all content
Subscribe now

How Thomson Reuters Powers ICE and Palantir

Thomson Reuters’ data, which can include peoples’ addresses and details on their ethnicity, is linked to tools used by ICE.

^{Joseph Cox (404 Media)}

404 Media

2026-03-11 14:27:56

From Flock to ICE, Here’s a Breakdown of How You’re Being Watched

It’s nearly impossible not to be watched these days. It can start right at home with your neighbors and their Ring cameras—a company that sold fear to the American public and is now integrating AI to turn entire neighborhoods into networked, automated surveillance systems.

Head out a bit further and you’ll likely be confronted by Flock’s network of cameras that not only track license plates, but also track people’s movements with detailed precision. And as the Trump administration raids cities across the U.S. for undocumented immigrants, tech giants like Palantir are powering tools for ICE, including one called ELITE that helps the agency pick which neighborhoods to raid.

To better understand what exactly we’re looking at in this dystopian hellscape, 404 Media’s Jason Koebler and Joseph Cox joined r/technology for an AMA.

Understandably, people are worried about violations of their privacy by companies and the government. And many wonder, is there any way to go back once we’ve released all this AI-powered, surveillance tech?

Questions and answers have been edited for clarity.

Q: How do you think we can as a society deescalate tools designed to spy on citizens? I feel like once the police state bottle is open it’s near impossible to put it back in?

JASON:This is something I grapple with a lot. For whatever reason, my reporting has gravitated to state and local surveillance tools owned by police. This is not uniformly true, but what I've seen based on watching zillions of city council meetings and reading thousands of pages of emails and public records is that police, in general, love new toys and love new gadgets. The strategy is very often ‘get the surveillance tech first and ask questions later.’ A lot of city councils are not very sophisticated about the risks of surveillance technology and a lot of them feel a lot of pressure to keep their city safe or whatever, and so they defer to the police and give them money for whatever they ask for. There are also tons of grants and pilot programs in which police can obtain technology for cheap or free, and so the posture cities take is often ‘why not try it?’ Police love telling each other about the new capabilities and tools that they've acquired, so this tech can spread from city to city very quickly.

All of this can be pretty demoralizing but something that we've seen is that when you shine even a tiny bit of light on the ways these systems work, how they can and are often abused, people learn a lot about the intricacies of them very quickly. At this point, I am getting emails and messages multiple times a week from people in a new city or town that has either decided not to buy Flock or has decided to stop working with Flock, and usually our reporting is cited in some way. The issue is that it's not just Flock, there's all sorts of surveillance tools and new companies are popping up all the time. So it does feel like it's hard to put the genie back in the bottle, but I do think that, overall, the public discussion on surveillance and privacy is getting a lot more sophisticated, and that gives me optimism.

Q: Given the breadth of these surveillance technologies, is there any hope or possibility of opting out or avoiding being “seen”? Do we accept surveillance and aggregated data about ourselves and our behavior as an inevitability?

JOSEPH: I don't think privacy is dead. I don't think people need to give up and say fine, take my data. There are concrete things people can do. But they do introduce friction. The trade off with security is efficiency. The more efficient, the less secure you might be. The more secure, the less efficient. An extreme example would be not owning a mobile phone. Well, you're immune to producing any mobile phone telecom data because you don't own one. But that's gonna be a massive pain.

Concrete things people can do:

• Explore legislation that will let you demand a company deletes your data. Google a template of the language to send, it's pretty easy
• Maybe delete your AdID in your phone, or change it. Here's how on Android. This is the digital glue advertisers, and parties that buy that data, use to stick together your device and its usage.
• Use a different email for each service. This is too much work to make constant new addresses (unless you just use one junk one). I like Apple's iCloud Hide My Email feature which gives you (they say) an unlimited number of emails to generate. Then if a website is hacked or your data sold, it is not necessarily clear that the data belongs to you. Obviously it depends on the service but I use that every day.

playlist.megaphone.fm?p=TBIEA2…
Q: Are new phones being built with spyware technology and how will we know? Will Independent Media be able to continue reporting if all of our technology blocks the truth from ever reaching the masses?

JOSEPH: Supply chain attacks are what really scare me. You have a device you trust, or a piece of software you download from a legitimate source, and even then someone has snuck in some malware. The biggest one right now which was reported just recently is the Notepad++ case.

That said, we haven't seen much widespread reporting about it happening to new phones (beyond there being annoying sketchy apps, that does happen). I'd flag that the Bloomberg piece claiming the Apple supply chain was somehow compromised was widely debunked by the infosec community.

Q: What can you infer from the info you learned to explain why some ICE agents just pull cars on the street to arrest people instead of going after them from their home?

JOSEPH: I think there are a few things going on. Some parts of DHS want there to be targeted raids, against specific people, specific addresses. Others (Bovino) want a more blanket, indiscriminate approach. I'd point to this really good reporting in The Atlantic about that tension inside the agency.

But other than that, data can only go so far. Data by itself can't make these agents fulfill their arbitrary and extreme quotas of how many people to detain. At some point, the mass deportation effort becomes distinctly low tech. It's almostttt like the XKCD comic about password security and wrench attacks. It basically boils down to grabbing who they can or feel they can.

Q: Do you ever hear from workers at Palantir (or other similar companies) about what things are like there?

JOSEPH: I won't talk about sources specifically, but a couple of things: some people inside Palantir are clearly motivated enough by what the company is doing with ICE to then leak details of that work to journalists. That started with this piece, Leaked: Palantir’s Plan to Help ICE Deport People. That was a pretty unusual leak in that it contained both Slack messages and an internal Palantir wiki in which company leadership explained and justified its work with ICE.

Leaked: Palantir’s Plan to Help ICE Deport People
Internal Palantir Slack chats and message boards obtained by 404 Media show the contracting giant is helping find the location of people flagged for deportation, that Palantir is now a “more mature partner to ICE,” and how Palantir is addressing employee concerns with discussion groups on ethics.
404 MediaJoseph Cox

Broadly, I think a lot of people inside tech companies (both social media giants and surveillance companies) are often conflicted about their work. Some leave. Some put it out of mind and stay. Some leak.

Q: Do we know what information was handed over to Palantir from DOGE? I don’t think the majority of Americans understand just how dangerous this company is right now.

JOSEPH: I think we are still learning the specifics of that. When we reported on the ELITE the Palantir-made tool ICE is using, the user guide said the tool included data from the Department of Health and Human Services. Now, I don't think the list in the user guide is exhaustive by any stretch. It says ELITE integrates new data sources.

What new data sources has ICE gotten recently? IRS. CMS. Medical insurance databases. I'm not saying that data is being fed into ELITE. I don't know that and can't report it. But I absolutely think it's possible and would make sense.

Q: Are public record requests Flock's Achilles heel?

JASON: I think you've hit on something here—the business model of not just Flock but of a lot of surveillance companies is to go city by city pitching and selling their tech to local police officers. Because of the hollowing out of local news over the last 20 years, there have been fewer journalists paying attention to city council meetings, and a lot of this tech is acquired directly by police through discretionary budgets. So for years, surveillance companies have been able to essentially go to a couple small police departments, demo their tech, get a contract. Then, through police listservs and conferences and email chains, the police start to talk about their new toys with other districts, and companies can quickly go from having just a few contracts to having dozens, hundreds, or thousands of contracts. That is more or less what's happened with Flock—a lot of officers within the police departments that were early adopters of the tech have actually been hired by the company to be lobbyists and salespeople. I've focused a lot of my reporting over the years on this dynamic and how this usually goes.

But what has happened, as you've noted, is that because these surveillance companies are working with so many police departments and cities, they are subject to public records from all of them. When a company sells only to the federal government, they may be able to be very careful about what they say, what they put in writing, how they pitch their product etc. But when a company is hyperfocused on growth at the local level, they have to explain how their tech works over and over again, and highlight different features and capabilities. They create a lot of public records doing this, and journalists and concerned citizens have noticed this and have been vigilant about requesting documents that their tax dollars are paying for. So yes, this is how we're learning a lot about Flock, and it's also how governments that may not have known about abuses or how pervasive this tech is are learning about Flock too.

So my very long answer to your question is not that public records requests are Flock's achilles heel—I think Flock's design, business model, and approach to surveillance are its achilles heel, but that the way it operates its company across tons of cities leaves it more vulnerable than it would have expected to the transparency we all deserve, and it cannot plausibly fight against the release of public documents in thousands and thousands of cities at once.

Police Unmask Millions of Surveillance Targets Because of Flock Redaction Error
Flock is going after a website called HaveIBeenFlocked.com that has collated public records files released by police.
404 MediaJason Koebler

Q: Our local PD has stated that they have control over their Flock data. To me this implies that other Flock users can’t search the ALPR data from our city. Can you talk about what in particular Flock users can search for?

JOSEPH: Yeah, the ownership of Flock data is interesting. Flock says the police own it. Police say and believe that too. I think that is correct... mostly. Until our reporting (and maybe still now) many police forces seem to fundamentally misunderstand the Flock product, especially the nationwide network. When we contacted police departments when we were verifying that local cops were doing lookups for ICE, some of them had no idea what we were talking about. We had to explain how the system worked. Then many police departments realized what was happening and changed their access policies. So, police departments do own the footage (unless it's in Washington where a court has said actually it's a public record). But they might not realize who they are accidentally giving access to their cameras to.

Q: What is the state of the Fourth Amendment in the courts (and Supreme Court clarification) regarding Flock type surveillance currently?

JASON: There are a few lawsuits. One in San Jose. There was one in Norfolk, Virginia which just got decided in the city's favor (Flock's favor). It's being appealed.

The general argument is that you don't have an expectation of privacy in public and that you can take pictures of anything from public roads (basically). Another argument is that license plates are government data, roads are funded by taxpayers and are therefore public, so no problem here. What our law hasn't grappled with is the fact that all of these are networked together and automated, so it's a little different, in my opinion, from having one discrete camera that takes one discrete picture and then has to be accessed by a human. Instead you have thousands of networked cameras building a comprehensive database over time. I feel like that's functionally something different but our laws have not evolved to deal with this yet.

Q: Have we seen any of this technology spread (or attempt to spread) beyond the US, perhaps to other governments?

JOSEPH: Yep, absolutely. The UK has a robust facial recognition program, scanning people in public constantly, for example.

I would say it is often the other way around: technology is made or used overseas then it comes to the U.S. Cobwebs, which makes the Webloc location data tool ICE has bought access to, is from Israel (they're now part of an American company called Penlink). Paragon, the spyware that ICE bought, is also from Israel.

Q: Regarding the story posted on 404 Media about Apple’s Lockdown mode, is this the first time (publicly perhaps) the government has had issues accessing a phone with that mode enabled?

JOSEPH: I believe this is the first time we've seen the government admit it cannot access an iPhone running Lockdown Mode. Maybe it is in other court documents, but I don't think it's been reported.

FBI Couldn’t Get into WaPo Reporter’s iPhone Because It Had Lockdown Mode Enabled
Lockdown Mode is a sometimes overlooked feature of Apple devices that broadly make them harder to hack. A court record indicates the feature might be effective at stopping third parties unlocking someone’s device. At least for now.
404 MediaJoseph Cox

I don't think Apple will make changes based on this. That's for a few reasons:

• Apple has continued to make changes that thwart mobile forensics tools, like the silent reboot we revealed
• Frankly I don't think this case is high profile enough to cause that kind of response. San Bernardino was a freak, horrible event. An actual terrorist attack. That is part of why the DOJ came down so hard
• It went against their long standing ideas of just making their product more secure

Now, Cook has obviously gotten more close to President Trump. It is embarrassing. Giving him a gold statue, or whatever. But that's different from undermining their users' security (pushing the product into China and making concessions there, that's another story).

Q: What surveillance tools do you anticipate seeing develop and integrate further into American society in the next three years without legislative oversight?

JASON: I hate that this is my answer but I think that there's going to be a lot, and I am pretty concerned at what I've seen. Here we go:

• Police departments are obsessed with Drone as First Responder programs (called DFR), which are basically little autonomous drones that fly out to the location of a 911 call as the call is happening. Some reporting has shown that this ends up with lots of people getting drones sent at them when they're mowing the lawn too loudly or something. This is being integrated with ALPR cameras and other AI tools. Not into it.
• I think real time facial recognition and AI cameras that are networked together is the next big thing. New Orleans is already doing this through a quasi public “charity,” which I'm writing about for next week. We've also written about a company called Fusus which is quite concerning.
• We've seen some early AI persona bots being used by police to infiltrate social media groups. I think these are very goofy but also cops seem generally obsessed with cramming AI and facial recognition into everything they can and I think we're about to see an explosion in this space.

Q: Outside of 404 Media, what books or resources do you recommend to folks looking to learn more about surveillance in America or globally?

JOSEPH: I definitely recommend Means of Control, Byron Tau's book. He was the first journalist to report that government agencies (including ICE and CBP) were buying smartphone location data from data brokers. It's a great book to give you a true idea of the scale of the interaction between private industry and the government. This is much more important than, say, any links between, for example, Facebook and the government. Here they just literally buy the data.

For families, I think Flock is a good one. Everyone understands what it is like to drive around and how they sometimes go places they might not want others to know for personal privacy reasons. Well, are you okay with authorities being able to query that without a warrant? And are you okay with law enforcement in, say, a town in Texas being able to then look up the movements of people across the country? I think it's a pretty good tangible example that doesn't require a lot of tech stuff.

JASON: I'll add to this briefly. This is not an exhaustive list, but off the top of my head:

Zack Whitaker's This Week in Security newsletter is really good.

Our old colleague and friend Lorenzo Franceschi-Bicchierai at TechCrunch does really great work. Groups like the EFF, ACLU, Electronic Privacy Information Center, and Center for Democracy and Technology all focus on different things but are often surfacing interesting surveillance-related cases and can be helpful in terms of understanding some of the legal issues around surveillance. Lucy Parsons Lab does amazing work. The Institute of Justice is a libertarian group that always finds very interesting privacy and surveillance cases.

With Ring, American Consumers Built a Surveillance Dragnet
Ring’s ‘Search Party’ is dystopian surveillance accelerationism.
404 MediaJason Koebler

Another one I feel people understand immediately is Ring cameras. So many people have them, and I think a lot of people like them. But I have found Ring cameras as a useful intro point just because they are so popular. Should we be filming our neighbors at all times? Putting it on Nextdoor and social media sites? Connecting it to local police? What about the entire neighborhood's cameras? Should it go to ICE, etc? I think that unfortunately a lot of people will say ‘I want to protect my house and my family,’ but I do find it's usually possible to have a nuanced talk about Ring cameras, at least in my personal life, and that often opens people's eyes to other, similar systems.

A federal judge ruled Norfolk’s Flock surveillance cameras don’t invade people’s privacy – yet

The judge wrote that these cameras don’t violate people’s rights but warned they could in the future. Privacy advocates say that future is already here.

^{Toby Cox (WHRO Public Media)}

404 Media

2026-03-05 15:19:28

ICE Phishing: Scammers Are Sending 'Support ICE' Emails to Steal Credentials

Clients of a long-running email marketing platform are getting targeted with a phishing campaign telling them that their emails would begin automatically inserting a “‘Support ICE’ donation button” into every email they send. The strategy suggests that scammers are trying to capitalize on people’s revulsion to ICE by coming up with strategies that would cause users to quickly log into their accounts to disable the setting. In reality, clients would be revealing their username and password to hackers.

The move indicates that hackers are targeting clients of enterprise software companies with extremely controversial political emails. The scam targeted customers of Emma, a long-running email marketing platform whose clients include Orange Theory, Yale University, Texas A&M University, the Cystic Fibrosis Foundation, Dogfish Head Brewery, and the YMCA, among others. 404 Media was forwarded a copy of the phishing email from an Emma client.

“As part of our commitment to supporting U.S. Immigration and Customs Enforcement (ICE), we will be adding a ‘Support ICE’ donation button to the footer of every email sent through our platform,” the phishing email reads. “This button will appear automatically in all outgoing emails starting next week […] all emails sent from your account will include the Support ICE footer element […] this change helps us demonstrate our platform’s civic commitment.” The email adds that it is possible to opt out of this feature, and that “we appreciate your understanding as we implement this platform-wide initiative.”

Lisa Mayr, the CEO of Marigold, which owns Emma, told 404 Media that the company “would never publish anything like this. This is a very common phishing attempt.”

Mayr is right—clients of other email sending services have recently been targeted with similar attacks. In January, programmer Fred Benenson wrote about phishing emails he had gotten that were targeting users of SendGrid, another email marketing service. At least one of the emails Benenson got used the same “Support ICE button” language and has the subject line “ICE Support Initiative.”

“If you’ve been paying any attention at all to US politics, you’ll know how insidiously provocative this would be if it were a real email,” Benenson wrote in a blog post about the email. “This phishing campaign is a fascinating example of how sophisticated social engineering has become. Instead of Nigerian 419 scams, hackers have evolved to carefully craft messages sent to professionals that are designed to exploit the American political consciousness. The opt-out buttons are the trap.”

In SendGrid’s case, Benenson found that the emails looked “real” because they were sent from other SendGrid user accounts. Basically, hackers compromised the account of a SendGrid user and then used that account to send phishing emails using the SendGrid infrastructure. “The emails look real because, technically, they are real SendGrid emails sent via SendGrid’s platform and via a customer’s reputation–they’re just sent by the wrong people and wrong domains,” he wrote.

Besides the ICE-themed phishing emails, Benenson also received an email that said SendGrid was going to add a “pride-themed footer to all emails” and another that said “all emails sent from your account will feature a commemorative theme honoring George Floyd and the Black Lives Matter movement.”

“The political sophistication on display here (BLM, LGBTQ+ rights, ICE, even the Spanish language switch playing on immigration anxieties) suggests someone with a deep understanding of American cultural fault lines,” Benenson wrote.

The Emma email was sent via Survey Monkey through an email address called “myemma@help-myemma.app.” When users clicked a “Settings” button that would have allowed them to opt out of the feature, they’re sent to a generic-looking site designed to steal credentials hosted at app-e2maa.net. By the time 404 Media got the email, Chrome had detected it as a “Dangerous site” and warned users not to visit it.

SendGrid isn’t emailing you about ICE or BLM. It’s a phishing attack.

For the past several months, I’ve been receiving and then ignoring a steady stream of concerning emails from Sendgrid, the popular email delivery service owned by Twilio that I use for sendin…

^{fredbenenson.com}

404 Media

2026-03-03 14:03:26

CBP Tapped Into the Online Advertising Ecosystem To Track Peoples’ Movements

📄
This article was primarily reported using public records requests. We are making it available to all readers as a public service. FOIA reporting can be expensive, please consider subscribing to 404 Media to support this work. Or send us a one time donation via our tip jar here.

Customs and Border Protection (CBP) bought data from the online advertising ecosystem to track peoples’ precise movements over time, in a process that often involves siphoning data from ordinary apps like video games, dating services, and fitness trackers, according to an internal Department of Homeland Security (DHS) document obtained by 404 Media.

The document shows in stark terms the power, and potential risk, of online advertising data and how it can be leveraged by government agencies for surveillance purposes. The news comes after Immigration and Customs Enforcement (ICE) purchased similar tools that can monitor the movements of phones in entire neighbourhoods. ICE also recently said in public procurement documents it was interested in sourcing more “Ad Tech” data for its investigations. Following 404 Media’s revelation of that ICE purchase, on Tuesday a group of around 70 lawmakers urged the DHS oversight body to conduct a new investigation into ICE’s location data buying.

💡
Do you work at CBP, ICE, or a location data company? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.

This sort of information is a “goldmine for tracking where every person is and what they read, watch, and listen to,” Johnny Ryan, director of the Irish Council for Civil Liberties (ICCL) Enforce, which has closely followed the sale of advertising data, told 404 Media in an email.

This post is for subscribers only

Become a member to get access to all content
Subscribe now

CBP Tapped Into the Online Advertising Ecosystem To Track Peoples’ Movements

^{Joseph Cox (404 Media)}

404 Media

2026-02-27 16:10:27

Lawmakers Demand DHS Define ‘Domestic Terrorist’ As It Uses Vast Array of Surveillance Tools

A group of more than a dozen Democratic lawmakers have demanded the Department of Homeland Security (DHS) provide its definition of “domestic terrorist,” after the agency labelled U.S. citizens Renée Good and Alex Pretti, which DHS officers killed, as such. The move also comes as DHS and its various components purchase and deploy a wide range of surveillance technologies and demand sensitive information from tech companies to unmask people criticizing ICE.

This post is for subscribers only

Become a member to get access to all content
Subscribe now

Lawmakers Demand DHS Define ‘Domestic Terrorist’ As It Uses Vast Array of Surveillance Tools

Rep. Bennie G. Thompson and a host of other Democrats made the demand in a letter to DHS Secretary Kristi Noem. “Your actions are abhorrent, blatantly unconstitutional, and corrosive to the functioning of a peaceful society.”

^{Joseph Cox (404 Media)}

404 Media

2026-02-23 14:51:52

How ICE and CBP Use Free Walkie-Talkie App ‘Zello’ to Power Their Operations

Immigration and Customs Enforcement (ICE) and Customs and Border Protection (CBP) officials, including a CBP officer who was on the scene when another officer shot a U.S. citizen, are using a free walkie talkie app called Zello to coordinate their operations, 404 Media has found.

The findings give insight into the sort of technology that ICE and CBP are relying on during the Trump administration’s ongoing mass deportation effort. Zello was previously criticized for allowing at least two January 6 insurrectionists who broke into the Capitol to coordinate on the app that day, and for hosting hundreds of far-right channels.

404 Media reviewed multiple pieces of bodycam footage from Chicago which showed CBP officials using the app. We also confirmed that multiple Zello user accounts on the app are associated with ICE email addresses, with some usernames containing acronyms such as ERO, which stands for ICE’s Enforcement and Removal Operations, and verified that multiple ICE group channels exist on the platform. Some of these channels have names mentioning immigration operations, “surveillance,” and “strike team.”

💡
Do you know anything else about Zello? Do you work at ICE or CBP? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.

Zello is a smartphone app that acts much like a push-to-talk walkie-talkie. Users can communicate directly with one another, or create and join larger channels with groups of participants. On its website, the app claims to have 5 million active monthly users. The app offers a free version that anyone can download and start using, and a paid “Zello Work” option which has more features.

This post is for subscribers only

Become a member to get access to all content
Subscribe now

How ICE and CBP Use Free Walkie-Talkie App ‘Zello’ to Power Their Operations

^{Joseph Cox (404 Media)}

404 Media

2026-02-11 18:06:01

Government Loses Hard Drives It Was Supposed to Put ICE Detention Center Footage On

The legal saga over surveillance footage from within an Immigration and Customs Enforcement detention center in suburban Chicago has reached new levels of Kafkaesque absurdity, with the federal government losing three hard drives it was supposed to put footage on, refusing to provide footage from five critical surveillance cameras, and delivering soundless video of a highly contested visit from Department of Homeland Security Secretary Kristi Noem.

We have repeatedly covered an abuse lawsuit about living conditions within the Broadview detention facility. The federal government has claimed that 10 days of footage from within the facility, taken during a critical and highly contested period, was “irretrievably destroyed” and could not be produced as part of the lawsuit, which was brought by people being held at Broadview in what were allegedly horrendous conditions. It later said that due to a system crash, the footage was never recorded in the first place. The latest update in this case, however, deals with surveillance camera footage that was recorded and that a judge has ordered the federal government to turn over.

For this footage, the federal government first claimed that it could not afford the storage space necessary to take the footage that it did have and produce it for discovery to the plaintiffs’ lawyers in the case. The plaintiffs’ lawyers, representing Broadview’s detainees, then purchased 78 terabytes of empty hard drives and gave them to the federal government, according to court records. This included three 8-terabyte SSDs and three 18-terabyte hard drives.

Court records note that “plaintiffs provided defendants with five large hard drives to facilitate Defendants’ production, yet Defendants inexplicably lost three of them.” Emails submitted as evidence suggest that the U.S. government and the plaintiffs’ attorneys had a call to discuss the lost hard drives.

One of the emails sent by plaintiffs’ attorneys to the Department of Justice in late January notes that the government had been exceedingly slow in producing footage, taking weeks to produce just a small amount of footage.

“There should be plenty of hard drive space at Broadview’s disposal,” the email reads. “The team there should currently have in its possession 5 hard drives with 72 terabytes of space, provided by plaintiffs’ counsel at the last 2 site visits. We have received only one hard drive back from Broadview to date. Copying of November/December footage should have taken place over the past week so that it could be delivered to plaintiffs’ counsel today when they visit Broadview this afternoon. At the very least, that footage should be being copied now.”

The two sides then arranged a phone call, a summary of which was emailed by plaintiffs’ attorneys to the Department of Justice:

“Thanks for the productive call this morning. For the benefit of everyone:

We discussed the production of video footage. You relayed that, at present, your agency contact knows where 2 of the 5 hard drives are and that you have relayed that copying of footage from November to present for all 10 feeds and footage from September to November for the 5 additional cameras should be underway. You will investigate further where the remaining hard drives are and will also work on a plan to exchange footage on a more regular basis than plaintiffs' counsel's weekly visits.

We discussed providing an accounting of the hard drives to facilitate your conversations with personnel at Broadview:

• On January 8, plaintiffs' counsel delivered four hard drives to Broadview during an attorney visit. One was a 20 TB hard drive; three were 8 TB SSD drives.
• On January 16, plaintiffs' counsel received from Broadview one of the 8 TB SSD drives containing 150 GB of footage from 5 cameras for one week in January.
• Also on January 16, plaintiffs' counsel provided personnel at Broadview (SDDO Taylor, in particular) with two 18 TB hard drives.
• The sum total of storage capacity Broadview should have is: 5 drives, with a total of 72 TB of space. Using the productions we have received to date, we anticipate that the Government owes us at least 15 TB of footage.”

Days later, the Department of Justice told the plaintiffs’ attorneys that “they are still searching for those hard drives at Broadview.” The plaintiffs’ attorneys responded: “Losing multiple drives provided to facilitate speedy production is not acceptable,” and “the missing hard drives and lack of production of any footage predating January remains a significant, prejudicial issue.”

A filing by the plaintiffs with the court highlights some of the ongoing issues they have had with the government complying with court-ordered discovery requirements, which includes the lost hard drives, missing footage, footage from only five of the 10 cameras that were supposed to be delivered. A separate filing notes that footage produced by the government from a high-profile visit by Noem is missing audio “despite visible professional microphones and cell phones with audio capabilities in the footage.”

“Plaintiffs have gone above and beyond their obligations under federal law to streamline rolling production of such footage, purchasing expensive hard drives and agreeing to transport and pick up those drives from Broadview during weekly attorney visits. Defendants agreed to this arrangement,” they wrote in the filing. “Yet, Defendants have fallen unacceptably short of their production obligations. Defendants have provided no footage from five of the ten camera feeds […] Defendants have also failed to provide footage for a near-two-month span for the remaining five camera feeds. What’s more, Defendants have purportedly lost multiple hard drives provided by Plaintiffs’ counsel […] There is no excuse for Defendants’ discovery failures.”

The filing notes that the five missing cameras are specifically from detainee isolation cells, “despite those cells being a key part of Plaintiffs’ complaint. The produced feeds show egregious conditions but were insufficient to provide Plaintiffs the discovery necessary to fully investigate their claims.” These cells were designed to hold one person at a time, but were allegedly being used to hold multiple detainees at a time during a critical period that the lawsuit covers; “such cells are also where ICE holds detainees with acute medical or mental health conditions, including those who have suffered medical emergencies while in detention, and where it holds detainees who have been subjected to use of force by ICE officers while inside the facility,” they add.

The filing says that the plaintiffs learned that the government lost the hard drives in late January, when the government claimed that it had returned all of the hard drives to the plaintiffs’ attorneys, and that it had run out of storage space with which to provide them court-ordered footage.

“On January 28, Defendants’ counsel relayed that Broadview personnel had advised that they were out of storage space on drives provided by Plaintiffs, reporting that all hard drives provided by Plaintiffs had been returned to them.This was the first indication that some or all of 70 terabytes’ worth of hard drives were unaccounted for,” they wrote. “In the days since, the Government has admitted that it cannot find three of the five hard drives that should be in its possession.”

“Plaintiffs are waiting on months of footage. Every day that passes without this evidence compounds the prejudice to Plaintiffs’ ability to prepare for the upcoming hearing. Defendants’ foot dragging and poor organizational practices—and their instinct to rely on Plaintiffs to take the laboring oar for the purchase, delivery, pickup, and return of storage devices to facilitate Defendants’ discovery obligations—cannot be permitted.”

154

^{www.documentcloud.org}

404 Media

2026-02-03 15:33:05

Hackers and Trolls Target Wave of ICE Spotting Apps

Over the last few days hackers and trolls have targeted a slew of ICE spotting apps and their users in an apparent attempt to intimidate and stop them from reporting sightings of ICE. These hackers sent threatening text messages to users of StopICE, claiming their personal data has been sent to the authorities; attempted to wipe uploads on Eyes Up, which aims to document ICE abuses; and even sent push notifications to DEICER app users claiming their data has also been sent to various government agencies.

There is little evidence that hackers have actually provided data to the government. But it shows that apps like these, many of which Apple and Google have already kicked from their respective app stores, in some cases after direct government pressure, can be targeted by hackers or those looking to harass their users.

“Yes there is a targeted spike in attacks targeting similar [sites],” Sherman Austin, the developer of StopICE, told 404 Media in an email.

This post is for subscribers only

Become a member to get access to all content
Subscribe now

Hackers and Trolls Target Wave of ICE Spotting Apps

^{Joseph Cox (404 Media)}

404 Media

2026-01-30 14:49:01

Here is the User Guide for ELITE, the Tool Palantir Made for ICE

Earlier this month we revealed Immigration and Customs Enforcement (ICE) is using a Palantir tool called ELITE to decide which neighborhoods to raid.

The tool lets ICE populate a map with potential deportation targets, bring up dossiers on each person, and view an address “confidence score” based on data sourced from the Department of Health and Human Services (HHS) and other government agencies. This is according to a user guide for ELITE 404 Media obtained.

404 Media is now publishing a version of that user guide so people can read it for themselves.

💡
Do you know anything else about ELITE? Do you work at Palantir, ICE, or CBP? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.

This post is for subscribers only

Become a member to get access to all content
Subscribe now

Here is the User Guide for ELITE, the Tool Palantir Made for ICE

^{Joseph Cox (404 Media)}

404 Media

2026-01-19 14:28:36

ICE’s Facial Recognition App Misidentified a Woman. Twice

When authorities used Immigration and Customs Enforcement’s (ICE) facial recognition app on a detained woman in an attempt to learn her identity and immigration status, it returned two different and incorrect names, raising serious questions about the accuracy of the app ICE is using to determine who should be removed from the United States, according to testimony from a Customs and Border Protection (CBP) official obtained by 404 Media.

ICE has told lawmakers the app, called Mobile Fortify, provides a “definitive” determination of someone’s immigration status, and should be trusted over a birth certificate. The incident, which happened last year in Oregon, casts doubt on that claim.

💡
Do you know anything else about this app? Do you work at ICE or CBP? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.

This post is for subscribers only

Become a member to get access to all content
Subscribe now

ICE’s Facial Recognition App Misidentified a Woman. Twice

In testimony from a CBP official obtained by 404 Media, the official described how Mobile Fortify returned two different names after scanning a woman's face during an immigration raid.

^{Joseph Cox (404 Media)}

404 Media

2026-01-15 14:03:04

‘ELITE’: The Palantir App ICE Uses to Find Neighborhoods to Raid

Palantir is working on a tool for Immigration and Customs Enforcement (ICE) that populates a map with potential deportation targets, brings up a dossier on each person, and provides a “confidence score” on the person’s current address, 404 Media has learned. ICE is using it to find locations where lots of people it might detain could be based.

The findings, based on internal ICE material obtained by 404 Media, public procurement records, and recent sworn testimony from an ICE official, show the clearest link yet between the technological infrastructure Palantir is building for ICE and the agency’s activities on the ground. The tool receives peoples’ addresses from the Department of Health and Human Services (HHS) among a range of other sources, according to the material.

The news comes after Department of Homeland Security (DHS) head Kristi Noem said the agency is sending hundreds more federal agents to Minneapolis amid widespread protests against the agency. Last week ICE officer Jonathan Ross shot and killed 37 year old U.S. citizen Renee Nicole Good. During Operation Metro Surge, which DHS calls the “largest immigration operation ever,” immigration agents have surrounded rideshare drivers and used pepper spray on high school students.

“Enhanced Leads Identification & Targeting for Enforcement (ELITE) is a targeting tool designed to improve capabilities for identifying and prioritizing high-value targets through advanced analytics,” a user guide for ELITE obtained by 404 Media says. The tool aims to be nearly all encompassing when it comes to finding ICE targets, from identifying subjects in the first place, to building a list of people, to supervisors approving selections for officers to ultimately go into the field and apprehend.

💡
Do you know anything else about this tool? Do you work at ICE, CBP, or Palantir? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.

One feature of ELITE is the “Geospatial Lead Sourcing Tab,” according to the user guide. This lets ICE see people it may potentially want to detain on a map interface, based on various criteria such as “Bios & IDs,” “Location,” “Operations,” and “Criminality.” An ICE officer can then select people one by one, or draw a shape on the map to see people in that selected area.

ELITE has already been used by ICE to target specific areas, according to sworn testimony from an ICE official in Oregon. In October, immigration officers waited in three unmarked SUVs outside an apartment complex in Woodburn. They went on to bust a driver’s window and pull a 45-year-old woman from a van, used ICE’s facial recognition app Mobile Fortify on her, and agents had the goal of making eight arrests per team per day, Oregon Live reported. Lawyers representing the woman say authorities arrested her and more than 30 other people in a “dragnet.”

“One of our apps, it’s called ELITE. And so it tells you how many people are living in this area and what’s the likelihood of them actually being there,” a deportation officer with ICE’s Fugitive Operations Unit, identified in court records as JB, testified about the raid in early December. 404 Media purchased a transcript of JB’s testimony from the court. “It’s basically a map of the United States. It’s kind of like Google Maps.”

“It pulls from all kinds of sources,” JB continued. “It’s a newer app that was actually given to us in ICE.” JB said ELITE is what ICE sometimes uses to track the apparent density of people at a particular location to target. “You’re going to go to a more dense population rather than [...] like, if there’s one pin at a house and the likelihood of them actually living there is like 10 percent [...] you’re not going to go there.” For that raid in Woodburn, JB suggested the immigration officers used ELITE to generate leads. Additionally, in a text thread of immigration officers, someone described the area as “target rich,” which JB explained meant the officials had run multiple license plates in that area and found vehicles registered to people “who had either a criminal or immigration nexus.”

Screenshots of the ICE official's testimony. Image: 404 Media.

JB and other officials were testifying in the case of MJMA, the woman pulled from the van during the Woodburn raid. She is being represented by attorneys from Innovation Law Lab.

Once a person is selected on the map interface, ELITE then shows a dossier on that particular person, according to the user guide. That includes their name, a photo, their Alien Number (the unique code given by the U.S. government to each immigrant), their date of birth, and their full address. ELITE notes the source of the address (such as the government agency that supplied it), and gives an “address confidence score.” One address confidence score example in the guide is 98.95 out of 100; another is 77.25 out of 100. This score is based on both the source of the address and how recent the data is, the user guide says. (ICE is paying skip tracers, private investigators, and bounty hunters to help verify peoples’ addresses.)

Those sources can include HHS, U.S. Citizenship and Immigration Services (USCIS), and “CLEAR.” The guide does not provide any more specifics on what CLEAR might be, but ICE has repeatedly contracted with Thomson Reuters which sells a data product called CLEAR. Thomson Reuters did not respond to a request for comment. HHS did not respond to a request for comment.

The documents don’t say if those are the only entities providing data for ELITE. The user guide says ELITE is “integrating new data sources” to reduce officer workload.

ICE can also use ELITE to look up people based on an unique identifier, such as their Alien Number, name, or date of birth. ELITE also lets ICE do this in bulk, selecting up to 50 people at once, according to the guide.
playlist.megaphone.fm?p=TBIEA2…
ICE can filter the map by what the guide calls Special Operations. These are “groups of pre-defined aliens specifically targeted by Leadership for action.” ICE officers are told to consult ICE leadership or “broadcasts” on when to use these operation filters. DHS’s surge in Minneapolis is focused at least in part on the city’s Somali community after renewed focus on a COVID-19 fraud case. The overwhelming majority of Somalis who live in the Minneapolis and St. Paul area are U.S. citizens, PBS reported.

“These records give us behind-the-scenes insight into the kind of mass surveillance machine ICE is building with help from powerful tech companies like Palantir,” Laura Rivera, senior staff attorney at Just Futures Law, told 404 Media. “When combined with what we know from ICE testimony and other public information, it gives us a blueprint into how ICE is going into communities and identifying people for arrest in real-time.”

Senator Ron Wyden, who represents Oregon where ELITE was discussed, told 404 Media in a statement, “The fact ICE is using this app proves the completely indiscriminate nature of the agency's aggressive and violent incursions into our communities. This app allows ICE to find the closest person to arrest and disappear, using government and commercial data, with the help of Palantir and Trump's Big Brother databases. It makes a mockery of the idea that ICE is trying to make our country safer. Rather, agents are reportedly picking people to deport from our country the same way you'd choose a nearby coffee shop.”
Screenshot of the Palantir contract, via highergov.com.
The ELITE user guide does not say who developed the system. But the tool’s distinctive title—Enhanced Leads Identification & Targeting for Enforcement—exactly matches one included in an addendum to a Palantir contract from last year. It says Palantir should “continue configuration and engineering services” for ELITE and some other ICE tools. That supplemental agreement for $29.9 million started in September and is planned to go on for at least a year.

Palantir has worked with ICE for years and was focused on criminal investigations, supporting Homeland Security Investigations’ (HSI) Investigative Case Management (ICM) system. That changed in the second Trump administration, with Palantir now working on ICE’s deportation efforts.

After participating in a three-week coding sprint, ICE updated an ongoing Palantir contract related to “Enforcement Prioritization and Targeting,” to “support the development of an accurate picture of actionable leads based on existing law enforcement datasets to allow law enforcement to prioritize enforcement actions,” according to an internal Palantir wiki previously obtained by 404 Media. The goal was to find the physical location of people marked for deportation, and Palantir said it believes its work with ICE is “intended to promote government efficiency, transparency, and accountability.”

The leaked material described Palantir’s deportation-focused work as “concentrated on delivering prototype capabilities” and lasting around six months. It left open the room for more work with ICE, and said “Palantir has developed into a more mature partner for ICE.” Documents ICE published described Palantir’s work as building a tool called ImmigrationOS.

More than eight months have passed since Palantir discussed the issue internally. Neither Palantir nor DHS responded to multiple requests for comment.

In their testimony, JB said, “it’s a tool that we use that gives you a probability. But there’s never [...] there’s no such thing as 100 percent.” The user guide adds, “As always, make sure you do your due diligence on each target to confirm removability prior to action.”

How ICE raids in Minnesota connect to a years-old fraud scandal

The Trump administration is using a years-old scandal first prosecuted under the Biden administration to justify its immigration crackdown in Minnesota.

^{David Ingram (NBC News)}

404 Media

2026-01-15 14:00:41

New Legislation Would Rein In ICE’s Facial Recognition App

A group of six Democratic lawmakers is proposing legislation that would dramatically rein in Immigration and Customs Enforcement’s (ICE) facial recognition app, according to a copy of the draft bill shared with 404 Media. ICE and Customs and Border Protection (CBP) have been scanning peoples’ faces with the app, called Mobile Fortify, across the country, using it to verify their citizenship and claiming that a result in the app should be trusted over a birth certificate.

The move signals the first potential legislative move against the app after 404 Media first revealed Mobile Fortify’s existence in June based on leaked ICE emails. Since then, 404 Media has covered its continued use against U.S. citizens, the 200 million images it uses, and the Department of Homeland Security’s (DHS) plan to roll out a version of the app to local law enforcement.

💡
Do you know anything else about this app? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.

“When ICE claims that an image it snaps and runs through an unproven app can be enough evidence to detain people for possible deportation, no one is safe,” Rep. Bennie G. Thompson (D-MS), ranking member of the Committee on Homeland Security, and who authored the legislation, said. “ICE’s use of Mobile Fortify to determine a person’s legal status is an outrageous affront to the civil rights and civil liberties of U.S. citizens and immigrants alike. DHS should not be conducting surveillance by experimenting with Americans’ faces and fingerprints in the field—especially with unproven and biased technology. It is time to put an end to its widespread use. We can secure the Homeland and respect the rights and privacy of Americans at the same time.”

The bill is being cosponsored by by Rep. Lou Correa (D-CA), Ranking Member of the Subcommittee on Border Security & Enforcement; Rep. Shri Thanedar (D-MI), Ranking Member of the Subcommittee on Oversight, Investigations & Accountability; Rep. Yvette D. Clarke (D-NY), Chair of the Congressional Black Caucus; Rep. Grace Meng (D-NY), Chair of the Congressional Asian Pacific American Caucus; and Rep. Adriano Espaillat (D-NY), Chair of the Congressional Hispanic Caucus. It follows some of the lawmakers demanding answers from DHS about the app in September.

The proposed law, called the Realigning Mobile Phone Biometrics for American Privacy Protection Act, aims to curtail both Mobile Fortify and Mobile Identify, the local law enforcement version, in a few ways. First, it would ban use of the apps except for identification at ports of entry. As 404 Media showed, Mobile Fortify uses CBP systems that are usually reserved for identifying and taking photos of people as they enter the U.S. Mobile Fortify turned that capability inwards to American streets.

The law would also require all photos and fingerprints of U.S. citizens captured before the practices introduced by the bill be deleted, and require that all photographs or fingerprints of U.S. citizens be destroyed within 12 hours of being taken. The law would also prohibit DHS from sharing the apps with non-DHS law enforcement agencies, effectively killing the local law enforcement version. (404 Media reported the app became unavailable on the Google Play Store in early-December.)

When an immigration officer scans someone’s face with Mobile Fortify, the app runs their face against a bank of 200 million images held by DHS, according to the app’s user manual previously obtained by 404 Media. If the app finds what it believes is a matching face, it returns a name, their nationality, age and date of birth, unique identifiers such as their “alien registration,” and a field titled “Immig. Judge Decision,” the manual says. This appears to refer to whether an immigration judge has ruled on this person’s case, and may include a result that says “remove.”

404 Media previously obtained an internal DHS document through the Freedom of Information Act (FOIA) which showed ICE does not let people decline to be scanned by the app. 404 Media has found likely cases of the app being used in Chicago. In a partnership with Reveal, 404 Media reported the app has been used on U.S. citizens.

One video posted to social media this week showed an officer using the app to take a photo of an identification document in what the video said was Minnesota. 404 Media compared the app shown in the video to the user interface in the leaked Mobile Fortify user manual and they matched.

“The Trump Administration has weaponized federal agencies against the American people. This latest effort to use facial recognition to further target immigrant families is reckless and dangerous,” said Rep. Espaillat in a statement. “I’m proud to stand with Ranking Member Thompson to introduce legislation to combat ICE and DHS, prohibiting the use of facial recognition as yet another ruthless tactic to further this administration’s mass deportation agenda.”

“The abuse of this type of technology by DHS agents is not only invasive, it is likely unconstitutional and certainly un-American,” Rep. Meng added. “Immigration enforcement should not be conducted by an app and DHS should not conduct dragnet operations that terrorize communities and violate people's constitutional rights. I am proud to have worked with Ranking Member Thompson and my colleagues to introduce this commonsense legislation.”

A DHS spokesperson told 404 Media in a statement, “Claims that Mobile Fortify violates the Fourth Amendment or compromises privacy are false. The application does not access open-source material, scrape social media, or rely on publicly available data. Its use is governed by established legal authorities and formal privacy oversight, which set strict limits on data access, use, and retention.”

“Mobile Fortify is a lawful law-enforcement tool developed under the Trump Administration to support accurate identity and immigration-status verification during enforcement operations. It operates with a deliberately high matching threshold and queries only limited CBP immigration datasets. Mobile Fortify has not been blocked, restricted, or curtailed by the courts or by legal guidance. It is lawfully used nationwide in accordance with all applicable legal authorities,” the statement continued.

Update: this piece has been updated to include a statement from DHS.

Inside ICE’s Supercharged Facial Recognition App of 200 Million Images

404 Media has seen user manuals for Mobile Fortify, ICE’s new facial recognition app which allows officers to instantly look up DHS, State Department, and state law enforcement databases by just pointing a phone at someone’s face.

^{Joseph Cox (404 Media)}

404 Media

2026-01-08 14:00:08

Inside ICE’s Tool to Monitor Phones in Entire Neighborhoods

A social media and phone surveillance system ICE bought access to is designed to monitor a city neighborhood or block for mobile phones, track the movements of those devices and their owners over time, and follow them from their places of work to home or other locations, according to material that describes how the system works obtained by 404 Media.

Commercial location data, in this case acquired from hundreds of millions of phones via a company called Penlink, can be queried without a warrant, according to an internal ICE legal analysis shared with 404 Media. The purchase comes squarely during ICE’s mass deportation effort and continued crackdown on protected speech, alarming civil liberties experts and raising questions on what exactly ICE will use the surveillance system for.

💡
Do you know anything else about this tool? Do you work for ICE, CBP, or another agency? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.

“This is a very dangerous tool in the hands of an out-of-control agency. This granular location information paints a detailed picture of who we are, where we go, and who we spend time with,” Nathan Freed Wessler, deputy project director of the American Civil Liberties Union’s (ACLU) Speech, Privacy, and Technology Project, told 404 Media.

This post is for subscribers only

Become a member to get access to all content
Subscribe now

Inside ICE’s Tool to Monitor Phones in Entire Neighborhoods

^{Joseph Cox (404 Media)}

404 Media

2026-01-07 22:25:03

DHS Is Lying To You

A maroon Honda Pilot SUV sits perpendicular across a residential road in Minneapolis. At the time, federal authorities were in the neighborhood as part of the Department of Homeland Security’s (DHS) recently announced surge of thousands of officials. A silver Nissan Titan drives up the road and stops because the Honda is blocking its path. Two officers dressed in body armor, pouches, and badges saying “police” exit the Nissan.

The two people walk towards the Honda. Someone can be heard saying “get out of the fucking car.” One of them tries to open the driver’s door and reach through the open window. The driver of the Honda reverses and turns, getting straighter with the road. The driver then slowly accelerates and starts to turn to the right, leveling the car out with its front pointing away from the two officers.

A third officer, who has been standing on the other side of the road, pulls out a firearm while the car is turning away from him and fires into the car three times. The officer fires two of the shots when the vehicle is already well past him. He is not in front of the car, but to the side. The officer calmly holsters his weapon.

This post is for subscribers only

Become a member to get access to all content
Subscribe now

DHS Is Lying To You About ICE Shooting a Woman

^{Joseph Cox (404 Media)}

404 Media

2025-12-18 17:19:25

ICE Contracts Company Making Bounty Hunter AI Agents

Immigration and Customs Enforcement (ICE) has paid hundreds of thousands of dollars to a company that makes “AI agents” to rapidly track down targets. The company claims the “skip tracing” AI agents help agencies find people of interest and map out their family and other associates more quickly. According to the procurement records, the company’s services were specifically for Enforcement and Removal Operations (ERO), the part of ICE that identifies, arrests, and deports people.

The contract comes as ICE is spending millions of dollars, and plans to spend tens of millions more, on skip tracing services more broadly. The practice involves ICE paying bounty hunters to use digital tools and physically stalk immigrants to verify their addresses, then report that information to ICE so the agency can act.

This post is for subscribers only

Become a member to get access to all content
Subscribe now

ICE Contracts Company Making Bounty Hunter AI Agents

^{Joseph Cox (404 Media)}

404 Media

2025-12-13 08:01:06

How a US Citizen Was Scanned With ICE's Facial Recognition Tech

This article is a partnership between Reveal and 404 Media.

Jesus Gutiérrez, 23, was walking home one morning from a Chicago gym when he noticed a gray Cadillac SUV with no license plates. He kept walking, shrugging it off. Then the car pulled over and two men got out.

The federal immigration officials told him not to run. They then peppered Gutiérrez with questions: Where are you going? Where are you coming from? Do you have your ID on you?

Gutiérrez is a U.S. citizen. He told the officials this. He didn’t have any identification on him, but, panicking, he tried to find a copy on his phone. The agents put him into the car, where another two agents were waiting, and handcuffed him. Just sit there and be quiet, they said.

💡
Has this happened to you or someone you know? Do you have any videos of ICE or CBP scanning people's faces? Do you work for either agency? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.

Without Gutiérrez’s ID, the agents resorted to another approach. They took a photo of his face. A short while later, the agents got their answer: “Oh yeah, he’s right. He’s saying the right thing. He does got papers,” Gutiérrez recalled the agents saying.

This post is for subscribers only

Become a member to get access to all content
Subscribe now

How a US Citizen Was Scanned With ICE's Facial Recognition Tech

^{Joseph Cox (404 Media)}

404 Media

2025-12-09 14:02:09

Border Patrol Agent Recorded Raid with Meta’s Ray-Ban Smart Glasses

On a recent immigration raid, a Border Patrol agent wore a pair of Meta’s Ray-Ban smart glasses, with the privacy light clearly on signaling he was recording the encounter, which agents are not permitted to do, according to photos and videos of the incident shared with 404 Media.

Previously when 404 Media covered Customs and Border Protection (CBP) officials’ use of Meta’s Ray-Bans, it wasn’t clear if the officials were using them to record raids because the recording lights were not on in any of the photos seen by 404 Media. In the new material from Charlotte, North Carolina, during the recent wave of immigration enforcement, the recording light is visibly illuminated.

That is significant because CBP says it does not allow employees to use personal recording devices. CBP told 404 Media it does not have an arrangement with Meta, indicating this official was wearing personally-sourced glasses.

This post is for subscribers only

Become a member to get access to all content
Subscribe now

Border Patrol Agent Recorded Raid with Meta’s Ray-Ban Smart Glasses

^{Joseph Cox (404 Media)}

404 Media

2025-12-08 15:11:06

ICEBlock Creator Sues U.S. Government Over App’s Removal

The creator of ICEBlock, a popular ICE-spotting app that Apple removed after direct pressure from the Department of Justice, is suing Attorney General Pam Bondi and other top officials, arguing that the demand violated his First Amendment rights.

The move is the latest in the ongoing crackdown on ICE-spotting apps and other information about the Trump administration’s mass deportation effort. Both Apple and Google have removed other similar apps from their app stores, with Apple also removing one called Eyes Up that simply archived videos of ICE abuses.

This post is for subscribers only

Become a member to get access to all content
Subscribe now

ICEBlock Creator Sues U.S. Government Over App’s Removal

^{Joseph Cox (404 Media)}

404 Media

2025-12-05 17:05:47

DHS’s Immigrant-Hunting App Removed from Google Play Store

A Customs and Border Protection (CBP) app that lets local cops use facial recognition to hunt immigrants on behalf of the federal government has been removed from the Google Play Store, 404 Media has learned.

It is unclear if the removal is temporary or not, or what the exact reason is for the removal. Google told 404 Media it did not remove the app, and directed inquiries to its developer. CBP did not immediately respond to a request for comment.

Its removal comes after 404 Media documented multiple instances of CBP and ICE officials using their own facial recognition app to identify people and verify their immigration status, including people who said they were U.S. citizens.

💡
Do you know anything else about this removal or this app? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.

The removal also comes after “hundreds” of Google employees took issue with the app, according to a source with knowledge of the situation.

This post is for subscribers only

Become a member to get access to all content
Subscribe now

DHS’s Immigrant-Hunting App Removed from Google Play Store

^{Joseph Cox (404 Media)}

404 Media

2025-11-20 19:40:43

ICE Says Critical Evidence In Abuse Case Was Lost In 'System Crash' a Day After It Was Sued

The federal government claims that the day after it was sued for allegedly abusing detainees at an ICE detention center, a “system crash” deleted nearly two weeks of surveillance footage from inside the facility.

People detained at ICE’s Broadview Detention Center in suburban Chicago sued the government on October 30; according to their lawyers and the government, nearly two weeks of footage that could show how they were treated was lost in a “system crash” that happened on October 31.

“The government has said that the data for that period was lost in a system crash apparently on the day after the lawsuit was filed,” Alec Solotorovsky, one of the lawyers representing people detained at the facility, said in a hearing about the footage on Thursday that 404 Media attended via phone. “That period we think is going to be critical […] because that’s the period right before the lawsuit was filed.”

Earlier this week, we reported on the fact that the footage, from October 20 to October 30, had been “irretrievably destroyed.” At a hearing Thursday, we learned more about what was lost and the apparent circumstances of the deletion. According to lawyers representing people detained at the facility, it is unclear whether the government is even trying to recover the footage; government lawyers, meanwhile, said “we don’t have the resources” to continue preserving surveillance footage from the facility and suggested that immigrants detained at the facility (or their lawyers) could provide “endless hard drives where we could save the information, that might be one solution.”

It should be noted that ICE and Border Patrol agents continued to be paid during the government shutdown, that Trump’s “Big Beautiful Bill” provided $170 billion in funding for immigration enforcement and border protection, which included tens of billions of dollars in funding for detention centers.

People detained at the facility are suing the government over alleged horrific treatment and living conditions at the detention center, which has become a site of mass protest against the Trump administration’s mass deportation campaign.

Solotorovsky said that the footage the government has offered is from between September 28 and October 19, and from between October 31 and November 7. Government lawyers have said they are prepared to provide footage from five cameras from those time periods; Solotorovsky said the plaintiffs’ attorneys believe there are 63 surveillance cameras total at the facility. He added that over the last few weeks the plaintiffs’ legal team has been trying to work with the government to figure out if the footage can be recovered but that it is unclear who is doing this work on the government’s side. He said they were referred to a company called Five by Five Management, “that appears to be based out of a house,” has supposedly been retained by the government.

“We tried to engage with the government through our IT specialist, and we hired a video forensic specialist,” Solotorovsky said. He added that the government specialist they spoke to “didn’t really know anything beyond the basic specifications of the system. He wasn’t able to answer any questions about preservation or attempts to recover the data.” He said that the government eventually put him in touch with “a person who ostensibly was involved in those events [attempting to recover the data], and it was kind of a no-name LLC called Five by Five Management that appears to be based out of a house in Carol Stream. We were told they were on site and involved with the system when the October 20 to 30 data was lost, but nobody has told us that Five By Five Management or anyone else has been trying to recover the data, and also very importantly things like system logs, administrator logs, event logs, data in the system that may show changes to settings or configurations or deletion events or people accessing the system at important times.”

Five by Five Management could not be reached for comment.

Solotorovsky said those logs are going to be critical for “determining whether the loss was intentional. We’re deeply concerned that nobody is trying to recover the data, and nobody is trying to preserve the data that we’re going to need for this case going forward.”

Jana Brady, an assistant US attorney representing the Department of Homeland Security in the case, did not have much information about what had happened to the footage, and said she was trying to get in touch with contractors the government had hired. She also said the government should not be forced to retain surveillance footage from every camera at the facility and that the “we [the federal government] don’t have the resources to save all of the video footage.”

“We need to keep in mind proportionality. It took a huge effort to download and save and produce the video footage that we are producing and to say that we have to produce and preserve video footage indefinitely for 24 hours a day, seven days a week, indefinitely, which is what they’re asking, we don’t have the resources to do that,” Brady said. “we don't have the resources to save all of the video footage 24/7 for 65 cameras for basically the end of time.”

She added that the government would be amenable to saving all footage if the plaintiffs “have endless hard drives that we could save things to, because again we don’t have the resources to do what the court is ordering us to do. But if they have endless hard drives where we could save the information, that might be one solution.”

Magistrate Judge Laura McNally said they aren’t being “preserved from now until the end of time, they’re being preserved for now,” and said “I’m guessing the federal government has more resources than the plaintiffs here and, I’ll just leave it at that.”

When McNally asked if the footage was gone and not recoverable, Brady said “that’s what I’ve been told.”

“I’ve asked for the name and phone number for the person that is most knowledgeable from the vendor [attempting to recover] the footage, and if I need to depose them to confirm this, I can do this,” she said. “But I have been told that it’s not recoverable, that the system crashed.”

Plaintiffs in the case say they are being held in “inhumane” conditions. The complaint describes a facility where detainees are “confined at Broadview inside overcrowded holding cells containing dozens of people at a time. People are forced to attempt to sleep for days or sometimes weeks on plastic chairs or on the filthy concrete floor. They are denied sufficient food and water […] the temperatures are extreme and uncomfortable […] the physical conditions are filthy, with poor sanitation, clogged toilets, and blood, human fluids, and insects in the sinks and the floor […] federal officers who patrol Broadview under Defendants’ authority are abusive and cruel. Putative class members are routinely degraded, mistreated, and humiliated by these officers.”

404 Media

2025-11-18 15:05:59

Contractor Paying Random People $300 to Physically Track Immigrants for ICE

A current pilot project aims to pay former law enforcement and military officers to physically track immigrants and verify their addresses to give to ICE for $300 each. There is no indication that the pilot involves licensed private investigators, and appears to be open to people who are now essentially members of the general public, 404 Media has learned.

The pilot is a dramatic, and potentially dangerous, escalation in the Trump administration’s mass deportation campaign. People without any official role in government would be tasked with tracking down targets for ICE. It appears to be part of ICE’s broader plan to use bounty hunters or skip tracers to confirm immigrant’s addresses through data and physical surveillance. Some potential candidates for the pilot were recruited on LinkedIn and were told they would be given vehicles to monitor the targets.

This post is for subscribers only

Become a member to get access to all content
Subscribe now

Contractor Paying Random People $300 to Physically Track Immigrants for ICE

^{Joseph Cox (404 Media)}

404 Media

2025-11-18 14:58:52

Two Weeks of Surveillance Footage From ICE Detention Center ‘Irretrievably Destroyed’

The Department of Homeland Security claimed in court proceedings that nearly two weeks worth of surveillance footage from ICE’s Broadview Detention Center in suburban Chicago has been “irretrievably destroyed” and may not be able to be recovered, according to court records reviewed by 404 Media.

The filing was made as part of a class action lawsuit against the Department of Homeland Security by people being held at Broadview, which has become the site of widespread protests against ICE. The lawsuit says that people detained at the facility are being held in abhorrent, “inhumane” conditions. The complaint describes a facility where detainees are “confined at Broadview inside overcrowded holding cells containing dozens of people at a time. People are forced to attempt to sleep for days or sometimes weeks on plastic chairs or on the filthy concrete floor. They are denied sufficient food and water […] the temperatures are extreme and uncomfortable […] the physical conditions are filthy, with poor sanitation, clogged toilets, and blood, human fluids, and insects in the sinks and the floor […] federal officers who patrol Broadview under Defendants’ authority are abusive and cruel. Putative class members are routinely degraded, mistreated, and humiliated by these officers.”

As part of discovery in the case, the plaintiffs’ lawyers requested surveillance footage from the facility starting from mid September, which is when ICE stepped up its mass deportation campaign in Chicago. In a status report submitted by lawyers from both the plaintiffs and the Department of Homeland Security, lawyers said that nearly two weeks of footage has been “irretrievably destroyed.”

“Defendants have agreed to produce. Video from September 28, 2025 to October 19, 2025, and also from October 31, 2025 to November, 7 2025,” the filing states. “Defendants have indicated that some video between October 19, 2025 and October 31, 2025 has been irretrievably destroyed and therefore cannot be produced on an expedited basis or at all.” Law & Crime first reported on the filing.
A screenshot from the court filing
The filing adds that the plaintiffs, who are being represented by lawyers from the American Civil Liberties Union of Illinois, the MacArthur Justice Center, and the Eimer Stahl law firm, hired an IT contractor to work with the government “to attempt to work through issues concerning the missing video, including whether any content is able to be retrieved.”

Surveillance footage from inside the detention center would presumably be critical in a case about the alleged abusive treatment of detainees and inhumane living conditions. The filing states that the plaintiffs' attorneys have “communicated to Defendants that they are most concerned with obtaining the available surveillance videos as quickly as possible.”

ICE did not respond to a request for comment from 404 Media. A spokesperson for the ACLU of Illinois told 404 Media “we don’t have any insight on this. Hoping DHS can explain.”

Trump admin says video footage inside ICE facility at center of lawsuit 'cannot be produced'

"Plaintiffs intend to explore the issue of missing footage," a recent filing reads.

^{Law & Crime}

404 Media

2025-11-17 14:28:00

This App Lets ICE Track Vehicles and Owners Across the Country

Immigration and Customs Enforcement (ICE) recently invited staff to demos of an app that lets officers instantly scan a license plate, adding it to a database of billions of records that shows where else that vehicle has been spotted around the country, according to internal agency material viewed by 404 Media. That data can then be combined with other information such as driver license data, credit header data, marriage records, vehicle ownership, and voter registrations, the material shows.

The capability is powered by both Motorola Solutions and Thomson Reuters, the massive data broker and media conglomerate, which besides running the Reuters news service, also sells masses of personal data to private industry and government agencies. The material notes that the capabilities allow for predicting where a car may travel in the future, and also can collect face scans for facial recognition.

The material shows that ICE continues to buy or source a wealth of personal and sensitive information as part of its mass deportation effort, from medical insurance claims data, to smartphone location data, to housing and labor data. The app, called Mobile Companion, is a tool designed to be used in real time by ICE officials in the field, similar to its facial recognition app but for finding more information about vehicles.

💡
Do you work at ICE or CBP? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.

This post is for subscribers only

Become a member to get access to all content
Subscribe now

This App Lets ICE Track Vehicles and Owners Across the Country

^{Joseph Cox (404 Media)}

404 Media

2025-11-13 14:06:56

Google Has Chosen a Side in Trump's Mass Deportation Effort

Google is hosting a Customs and Border Protection (CBP) app that uses facial recognition to identify immigrants, and tell local cops whether to contact ICE about the person, while simultaneously removing apps designed to warn local communities about the presence of ICE officials. ICE-spotting app developers tell 404 Media the decision to host CBP’s new app, and Google’s description of ICE officials as a vulnerable group in need of protection, shows that Google has made a choice on which side to support during the Trump administration’s violent mass deportation effort.

Google removed certain apps used to report sightings of ICE officials, and “then they immediately turned around and approved an app that helps the government unconstitutionally target an actual vulnerable group. That's inexcusable,” Mark, the creator of Eyes Up, an app that aims to preserve and map evidence of ICE abuses, said. 404 Media only used the creator’s first name to protect them from retaliation. Their app is currently available on the Google Play Store, but Apple removed it from the App Store.

“Google wanted to ‘not be evil’ back in the day. Well, they're evil now,” Mark added.

💡
Do you know anything else about Google's decision? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.

The CBP app, called Mobile Identify and launched last week, is for local and state law enforcement agencies that are part of an ICE program that grants them certain immigration-related powers. The 287(g) Task Force Model (TFM) program allows those local officers to make immigration arrests during routine police enforcement, and “essentially turns police officers into ICE agents,” according to the New York Civil Liberties Union (NYCLU). At the time of writing, ICE has TFM agreements with 596 agencies in 34 states, according to ICE’s website.

This post is for subscribers only

Become a member to get access to all content
Subscribe now

Apple takes down ICE tracking apps after pressure from Bondi DOJ

Apple dropped an ICE tracking app from its online store Thursday in response to the Department of Justice raising concerns that the app put law enforcement officers’ safety at risk.

^{Ashley Oliver (Fox Business)}

404 Media

2025-11-12 16:07:36

ICE Plans to Spend $180 Million on Bounty Hunters to Stalk Immigrants

Immigration and Customs Enforcement (ICE) is allocating as much as $180 million to pay bounty hunters and private investigators who verify the address and location of undocumented people ICE wishes to detain, including with physical surveillance, according to procurement records reviewed by 404 Media.

The documents provide more details about ICE’s plan to enlist the private sector to find deportation targets. In October The Intercept reported on ICE’s intention to use bounty hunters or skip tracers—an industry that often works on insurance fraud or tries to find people who skipped bail. The new documents now put a clear dollar amount on the scheme to essentially use private investigators to find the locations of undocumented immigrants.

💡
Do you know anything else about this plan? Are you a private investigator or skip tracer who plans to do this work? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.

This post is for subscribers only

Become a member to get access to all content
Subscribe now

ICE Plans to Spend $180 Million on Bounty Hunters to Stalk Immigrants

Newly released documents provide more details about ICE's plan to use bounty hunters and private investigators to find the location of undocumented immigrants.

^{Joseph Cox (404 Media)}

404 Media

2025-11-11 13:53:48

The Latest Defense Against ICE: 3D-Printed Whistles

Chicagoans have turned to a novel piece of tech that marries the old-school with the new to warn their communities about the presence of ICE officials: 3D-printed whistles.

The goal is to “prevent as many people from being kidnapped as possible,” Aaron Tsui, an activist with Chicago-based organization Cycling Solidarity, and who has been printing whistles, told 404 Media. “Whistles are an easy way to bring awareness for when ICE is in the area, printing out the whistles is something simple that I can do in order to help bring awareness.”

Over the last couple months ICE has especially focused on Chicago as part of Operation Midway Blitz. During that time, Department of Homeland Security (DHS) personnel have shot a religious leader in the head, repeatedly violated court orders limiting the use of force, and even entered a daycare facility to detain someone.

💡
Do you know anything else about this? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.

3D printers have been around for years, with hobbyists using them for everything from car parts to kids’ toys. In media articles they are probably most commonly associated with 3D-printed firearms.

One of the main attractions of 3D printers is that they squarely put the means of production into the hands of essentially anyone who is able to buy or access a printer. There’s no need to set up a complex supply chain of material providers or manufacturers. No worry about a store refusing to sell you an item for whatever reason. Instead, users just print at home, and can do so very quickly, sometimes in a matter of minutes. The price of printers has decreased dramatically over the last 10 years, with some costing a few hundred dollars.

0:00
/0:04
1×

A video of the process from Aaron Tsui.

People who are printing whistles in Chicago either create their own design or are given or download a design someone else made. Resident Justin Schuh made his own. That design includes instructions on how to best use the whistle—three short blasts to signal ICE is nearby, and three long ones for a “code red.” The whistle also includes the phone number for the Illinois Coalition for Immigrant & Refugee Rights (ICIRR) hotline, which people can call to connect with an immigration attorney or receive other assistance. Schuh said he didn’t know if anyone else had printed his design specifically, but he said he has “designed and printed some different variations, when someone local has asked for something specific to their group.” The Printables page for Schuh’s design says it has been downloaded nearly two dozen times.

This post is for subscribers only

Become a member to get access to all content
Subscribe now

3D Printing Patterns Might Make Ghost Guns More Traceable Than We Thought

Early studies show that 3D printers may leave behind similar toolmarks on repeated prints.

^{Matthew Gault (404 Media)}

404 Media

2025-11-04 17:43:04

DHS Gives Local Cops a Facial Recognition App To Find Immigrants

Customs and Border Protection (CBP) has publicly released an app that Sheriff Offices, police departments, and other local or regional law enforcement can use to scan someone’s face as part of immigration enforcement, 404 Media has learned.

The news follows Immigration and Customs Enforcement’s (ICE) use of another internal Department of Homeland Security (DHS) app called Mobile Fortify that uses facial recognition to nearly instantly bring up someone’s name, date of birth, alien number, and whether they’ve been given an order of deportation. The new local law enforcement-focused app, called Mobile Identify, crystallizes one of the exact criticisms of DHS’s facial recognition app from privacy and surveillance experts: that this sort of powerful technology would trickle down to local enforcement, some of which have a history of making anti-immigrant comments or supporting inhumane treatment of detainees.

Handing “this powerful tech to police is like asking a 16-year old who just failed their drivers exams to pick a dozen classmates to hand car keys to,” Jake Laperruque, deputy director of the Center for Democracy & Technology's Security and Surveillance Project, told 404 Media. “These careless and cavalier uses of facial recognition are going to lead to U.S. citizens and lawful residents being grabbed off the street and placed in ICE detention.”

💡
Do you know anything else about this app or others that CBP and ICE are using? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.

This post is for subscribers only

Become a member to get access to all content
Subscribe now

CBP Quietly Launches Face Scanning App for Local Cops To Do Immigration Enforcement

^{Joseph Cox (404 Media)}

404 Media

2025-10-31 13:47:10

You Can't Refuse To Be Scanned by ICE's Facial Recognition App, DHS Document Says

📄
This article was primarily reported using public records requests. We are making it free to read as a public service. FOIA reporting can be expensive, please consider subscribing to 404 Media to support this work. Or send us a one time donation via our tip jar here.

Immigration and Customs Enforcement (ICE) does not let people decline to be scanned by its new facial recognition app, which the agency uses to verify a person’s identity and their immigration status, according to an internal Department of Homeland Security (DHS) document obtained by 404 Media. The document also says any face photos taken by the app, called Mobile Fortify, will be stored for 15 years, including those of U.S. citizens.

The document provides new details about the technology behind Mobile Fortify, how the data it collects is processed and stored, and DHS’s rationale for using it. On Wednesday 404 Media reported that both ICE and Customs and Border Protection (CBP) are scanning peoples’ faces in the streets to verify citizenship.

This post is for subscribers only

Become a member to get access to all content
Subscribe now

You Can't Refuse To Be Scanned by ICE's Facial Recognition App, DHS Document Says

^{Joseph Cox (404 Media)}

404 Media

2025-10-29 14:40:03

ICE and CBP Agents Are Scanning Peoples’ Faces on the Street To Verify Citizenship

“You don’t got no ID?” a Border Patrol agent in a baseball cap, sunglasses, and neck gaiter asks a kid on a bike. The officer and three others had just stopped the two young men on their bikes during the day in what a video documenting the incident says is Chicago. One of the boys is filming the encounter on his phone. He says in the video he was born here, meaning he would be an American citizen.

When the boy says he doesn’t have ID on him, the Border Patrol officer has an alternative. He calls over to one of the other officers, “can you do facial?” The second officer then approaches the boy, gets him to turn around to face the sun, and points his own phone camera directly at him, hovering it over the boy’s face for a couple seconds. The officer then looks at his phone’s screen and asks for the boy to verify his name. The video stops.

💡
Do you have any more videos of ICE or CBP using facial recognition? Do you work at those agencies or know more about Mobile Fortify? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.

This post is for subscribers only

Become a member to get access to all content
Subscribe now

ICE and CBP Agents Are Scanning Peoples’ Faces on the Street To Verify Citizenship

^{Joseph Cox (404 Media)}

404 Media

2025-10-27 15:32:37

Con Edison Refuses to Say How ICE Gets Its Customers’ Data

Con Edison, the energy company that serves New York City, refuses to say whether ICE or other federal agencies require a search warrant or court order to access its customers’ sensitive data. Con Edison’s refusal to answer questions comes after 404 Media reviewed court records showing Homeland Security Investigations (HSI), a division of ICE, has previously obtained such data, and the FBI performing what the records call ‘searches’ of Con Edison data.

The records and Con Edison’s stonewalling raise questions about how exactly law enforcement agencies are able to access the utility provider’s user data, whether that access is limited in any way, and whether ICE still has access during its ongoing mass deportation effort.

“​​We don’t comment to either confirm or deny compliance with law enforcement investigations,” Anne Marie, media relations manager for Con Edison, told 404 Media after being shown a section of the court records.

In September, 404 Media emailed Con Edison’s press department to ask if law enforcement officers have to submit a search warrant or court order to search Con Edison data. A few days later, Marie provided the comment neither confirming nor denying any details of the company’s data sharing practice.

💡
Do you know anything else about how ICE is accessing or using data? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.

404 Media then sent several follow-up inquiries, including whether ICE requires a warrant or other legal mechanism to obtain user data. Con Edison did not respond to any of those follow-ups.

Con Edison’s user data is especially sensitive, and likely valuable to authorities, because in many cases it will directly link a specific person to a particular address. If someone is paying for electricity for a home they own or rent, they most likely do it under their real name.

Federal agencies have repeatedly turned to Con Edison data as part of criminal investigations, according to court records. In one case, the FBI previously said it believed a specific person occupied an apartment after performing a “search” of Con Edison records and finding a Con Edison account in that person’s name. Another case shows the FBI obtaining a Con Edison user’s email address after finding it linked to a utilities account. A third case says “a search of records maintained by Con Edison, a public utilities provider to the greater New York City area” revealed that a specific person was receiving utilities at a target address. Several other cases contain similar language.
playlist.megaphone.fm?p=TBIEA2…
Court records also show HSI has accessed Con Edison data as part of criminal investigations. One shows HSI getting data from Con Edison that reveals the name associated with a particular Con Edison account and address. Another says “there was no indication in the records from Con Edison that the SUBJECT PREMISES is divided into multiple units.” A third shows that HSI “confirmed with Con Edison” who was a customer at an address at a particular point in time.

Ordinarily HSI is focused on criminal investigations into child abuse, money laundering, cybercrime, and other types of criminal networks. But in the second Trump administration’s mass deportation effort, the distinction between HSI and ICE is largely meaningless. HSI has reassigned at least 6,198 agents, or nearly 90 percent, and 12,353 personnel overall to assist the deportation arm of ICE, according to data published by the Cato Institute in September. HSI also performs worksite enforcement.

The court records don’t describe how the investigators obtained the Con Edison data exactly, whether they obtained a search warrant or court order, or elaborate on how some officials were able to “search” Con Edison records.

Usually companies and organizations readily acknowledge how and when law enforcement can access customer data. This is for the benefit of users, who can then better understand what legal mechanisms protect their data, but also for law enforcement officials themselves, so they know what information they need to provide during an investigation. Broadly, companies might require a law enforcement official to obtain a search warrant or send a subpoena before they provide the requested user data, based on its sensitivity.

Megaphone Embeddable Player

^{playlist.megaphone.fm}

404 Media

2025-10-24 15:31:52

DHS Tries To Unmask Ice Spotting Instagram Account by Claiming It Imports Merchandise

The Department of Homeland Security (DHS) is trying to force Meta to unmask the identity of the people behind Facebook and Instagram accounts that post about Immigration and Customs Enforcement (ICE) activity, arrests, and sightings by claiming the owners of the account are in violation of a law about the “importation of merchandise.” Lawyers fighting the case say the move is “wildly outside the scope of statutory authority,” and say that DHS has not even indicated what merchandise the accounts, called Montcowatch, are supposedly importing.

“There is no conceivable connection between the ‘MontCo Community Watch’ Facebook or Instagram accounts and the importation of any merchandise, nor is there any indicated on the face of the Summonses. DHS has no authority to issue these summonses,” lawyers with the American Civil Liberties Union (ACLU) wrote in a court filing this month. There is no indication on either the Instagram or Facebook account that the accounts are selling any type of merchandise, according to 404 Media’s review of the accounts. “The Summonses include no substantiating allegations nor any mention of a specific crime or potential customs violation that might trigger an inquiry under the cited statute,” the lawyers add.

💡
Do you know anything else about this case or others like it? We would love to hear from you. Using a non-work device, you can message Joseph securely on Signal at joseph.404 or Jason at jason.404

A judge temporarily blocked DHS from unmasking the owners last week.

“The court now orders Meta [...] not to produce any documents or information in response to the summonses at issue here without further order of the Court,” the judge wrote in a filing. The move to demand data from Meta about the identities of the accounts while citing a customs statute shows the lengths to which DHS is willing to go to attempt to shut down and identify people who are posting about ICE’s activities.

Montcowatch is, as the name implies, focused on ICE activity in Montgomery County, Pennsylvania. Its Instagram posts are usually titled “Montco ICE alert” and include details such as where suspected ICE agents and vehicles were spotted, where suspected agents made arrests, or information about people who were detained. “10/20/25 Eagleville,” one post starts. “Suspected dentention [sic] near Ollies on Ridge Pike sometime before 7:50 am. 3 Agents and 3 Vehicles were observed.”

The Instagram account has been posting since June, and also posts information about peoples’ legal rights to film law enforcement. It also tells people to not intervene or block ICE. None of the posts currently available on the Instagram account could reasonably be described as doxing or harassing ICE officials.

On September 11, DHS demanded Meta provide identifying details on the owners of the Montcowatch accounts, according to court records. That includes IP addresses used to access the account, phone numbers on file, and email addresses, the court records add. DHS cited a law “focused on customs investigations relating to merchandise,” according to a filing from the ACLU that pushed to have the demands thrown out.
playlist.megaphone.fm?p=TBIEA2…
“The statute at issue here, 19 U.S.C. § 1509, confers limited authority to DHS in customs investigations to seek records related to the importation of merchandise, including the assessment of customs duties,” the ACLU wrote. “Identifying anonymous social media users critical of DHS is not a legitimate purpose, and it is not relevant to customs enforcement.” As the ACLU notes, a cursory look at the accounts shows they are “not engaged in commerce.” The court record points to an 2017 Office of the Inspector General report which says Customs and Border Protection (CBP) “regularly” tried much the same thing with its own legal demands, and specifically around the identity of an anonymous Twitter user.

“Movant now files this urgent motion to protect their identity from being exposed to a government agency that is apparently targeting their ‘community watch’ Facebook and Instagram accounts for doing nothing more than exercising their rights to free speech and association,” those lawyers and others wrote last week.

“Movant’s social media pages lawfully criticize and publicize DHS and the government agents who Movant views as wreaking havoc in the Montgomery County community by shining a light on that conduct to raise community members’ awareness,” they added.

The judge has not yet ruled on the ACLU’s motion to quash the demands altogether. This is a temporary blockage while that case continues.

The Montocowatch case follows other instances in which DHS has tried to compel Meta to identify the owners of similar accounts. Last month a judge temporarily blocked a subpoena that was aiming to unmask Instagram accounts that named a Border Patrol agent, The Intercept reported.

Earlier this month Meta took down a Facebook page that published ICE sightings in Chicago. The move came in direct response to pressure from the Department of Justice.

Both Apple and Google have removed apps that people use to warn others about ICE sightings. Those removals also included an app called Eyes Up that was focused more on preserving videos of ICE abuses. Apple’s moves also came after direct pressure from the Department of Justice.

Montcowatch directed a request for comment to the ACLU of Pennsylvania, which did not immediately respond.

Courts Block Meta From Sharing Anti-ICE Activists’ Instagram Account Info With Feds

For now, Meta cannot disclose to federal investigators the identities of Instagram users who named and shamed a Border Patrol agent.

^{Shawn Musgrave (The Intercept)}

404 Media

2025-10-20 15:16:50

Hackers Say They Have Personal Data of Thousands of NSA and Other Government Officials

A hacking group that recently doxed hundreds of government officials, including from the Department of Homeland Security (DHS) and Immigration and Customs Enforcement (ICE), has now built dossiers on tens of thousands of U.S. government officials, including NSA employees, a member of the group told 404 Media. The member said the group did this by digging through its caches of stolen Salesforce customer data. The person provided 404 Media with samples of this information, which 404 Media was able to corroborate.

As well as NSA officials, the person sent 404 Media personal data on officials from the Defense Intelligence Agency (DIA), the Federal Trade Commission (FTC), Federal Aviation Administration (FAA), Centers for Disease Control and Prevention (CDC), the Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF), members of the Air Force, and several other agencies.

The news comes after the Telegram channel belonging to the group, called Scattered LAPSUS$ Hunters, went down following the mass doxing of DHS officials and the apparent doxing of a specific NSA official. It also provides more clarity on what sort of data may have been stolen from Salesforce’s customers in a series of breaches earlier this year, and which Scattered LAPSUS$ Hunters has attempted to extort Salesforce over.

💡
Do you know anything else about this breach? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.

“That’s how we’re pulling thousands of gov [government] employee records,” the member told 404 Media. “There were 2000+ more records,” they said, referring to the personal data of NSA officials. In total, they said the group has private data on more than 22,000 government officials.

Scattered LAPSUS$ Hunters’ name is an amalgamation of other infamous hacking groups—Scattered Spider, LAPSUS$, and ShinyHunters. They all come from the overarching online phenomenon known as the Com. On Discord servers and Telegram channels, thousands of scammers, hackers, fraudsters, gamers, or just people hanging out congregate, hack targets big and small, and beef with one another. The Com has given birth to a number of loose-knit but prolific hacking groups, including those behind massive breaches like MGM Resorts, and normalized extreme physical violence between cybercriminals and their victims.

On Thursday, 404 Media reported Scattered LAPSUS$ Hunters had posted the names and personal information of hundreds of government officials from DHS, ICE, the FBI, and Department of Justice. 404 Media verified portions of that data and found the dox sometimes included peoples’ residential addresses. The group posted the dox along with messages such as “I want my MONEY MEXICO,” a reference to DHS’s unsubstantiated claim that Mexican cartels are offering thousands of dollars for dox on agents.

Hackers Dox Hundreds of DHS, ICE, FBI, and DOJ Officials
Scattered LAPSUS$ Hunters—one of the latest amalgamations of typically young, reckless, and English-speaking hackers—posted the apparent phone numbers and addresses of hundreds of government officials, including nearly 700 from DHS.
404 MediaJoseph Cox

After publication of that article, a member of Scattered LAPSUS$ Hunters reached out to 404 Media. To prove their affiliation with the group, they sent a message signed with the ShinyHunters PGP key with the text “Verification for Joseph Cox” and the date. PGP keys can be used to encrypt or sign messages to prove they’re coming from a specific person, or at least someone who holds that key, which are typically kept private.

They sent 404 Media personal data related to DIA, FTC, FAA, CDC, ATF and Air Force members. They also sent personal information on officials from the Food and Drug Administration (FDA), Health and Human Services (HHS), and the State Department. 404 Media verified parts of the data by comparing them to previously breached data collected by cybersecurity company District 4 Labs. It showed that many parts of the private information did relate to government officials with the same name, agency, and phone number.

Except the earlier DHS and DOJ data, the hackers don’t appear to have posted this more wide ranging data publicly. Most of those agencies did not immediately respond to a request for comment. The FTC and Air Force declined to comment. DHS has not replied to multiple requests for comment sent since Thursday. Neither has Salesforce.

The member said the personal data of government officials “originates from Salesforce breaches.” This summer Scattered LAPSUS$ Hunters stole a wealth of data from companies that were using Salesforce tech, with the group claiming it obtained more than a billion records. Customers included Disney/Hulu, FedEx, Toyota, UPS, and many more. The hackers did this by social engineering victims and tricking them to connect to a fraudulent version of a Salesforce app. The hackers tried to extort Salesforce, threatening to release the data on a public website, and Salesforce told clients it won’t pay the ransom, Bloomberg reported.

On Friday the member said the group was done with extorting Salesforce. But they continued to build dossiers on government officials. Before the dump of DHS, ICE, and FBI dox, the group posted the alleged dox of an NSA official to their Telegram group.

Over the weekend that channel went down and the member claimed the group’s server was taken “offline, presumably seized.”

The doxing of the officials “must’ve really triggered it, I think it’s because of the NSA dox,” the member told 404 Media.

Matthew Gault contributed reporting.

How Google, Adidas, and more were breached in a Salesforce scam | Malwarebytes

Hackers tricked workers over the phone at Google, Adidas, and more to grant access to Salesforce data.

^{David Ruiz (Malwarebytes)}