FOIA litigation

the issue

 

On November 28, 2022, Immigration and Customs Enforcement (ICE) posted personally identifiable information (PII) for approximately 6,252 individuals in its custody seeking protection-based relief in the United States publicly on its website. This information included names, A numbers, detention locations, countries of origin, and results of fear interviews, among other things – information that could put those pursuing protection-based claims from their home countries at high risk if obtained by the wrong people. ICE left this highly sensitive data available on its website, for anyone to download, for approximately XX hours. And indeed, multiple users on the internet did download it. The Department of Homeland Security (DHS) then further compromised this PII on December 7, 2022 by again disclosing it, this time to the Cuban government. 

 

The data breach is unprecedented and constitutes a serious violation of the confidentiality assured to asylum-seekers in the United States under federal law. ICE and DHS have provided very little information to date, including how the breach came about and what measures they are taking to remedy the repercussions for individuals whose information was compromised as well as prevent further similar data breaches, despite a query from Congress members. ICE and DHS have also refused to answer questions about what entities have downloaded the information. The answer to this question is of particular importance given the possibility that the countries that individuals seek protection from may have learned that individuals claimed asylum as to those countries, which can result in further retaliation and danger for asylum-seekers upon return these countries. This is also true of any other possible entities, including organized criminal organizations that also engage in the persecution and torture of individuals seeking protection in the United States.

 

Thus, the stakes are high for asylum-seekers: after all, this was the rationale behind extending confidentiality protections to their applications under federal regulations in the first place. The U.S. government must treat this data breach with the upmost urgency and in the spirit of transparency, release all records that provide insight to the public about the data breach and its repercussions.

 

what ILD is doing about it

 

ILD filed a request on November 9, 2023 for information from ICE and DHS regarding communications between and among agencies regarding the agencies’ data breach. The request also seeks records regarding any investigation into the data breach, the potential identities of parties that accessed information, any conclusions regarding the breach and last, training materials specifically referenced by ICE in its response to a Congressional inquiry.

current status

 

ILD’s request for information from ICE and DHS is currently pending.