ICE use of commercial phone tracking tool draws congressional scrutiny

A group of Democratic lawmakers on the House Committee on Oversight and Government Reform are pressing Department of Homeland Security (DHS) Secretary Kristi Noem for answers about Immigration and Customs Enforcement’s (ICE) reported use of a powerful commercial cellphone location tracking platform, warning that the technology could enable sweeping surveillance of entire neighborhoods without judicial oversight.

In a February 19 letter to Noem, the lawmakers said they were “concerned about recent reports” that ICE had acquired surveillance tools from Nebraska-based Penlink that are “designed to collect and analyze cellphone location data across entire neighborhoods.”

The lawmakers cautioned that “location data can reveal intimate details of a person’s life, including where they live, work, worship, go to school, or seek medical care.”

“Mass surveillance of entire communities or city blocks raises serious questions about data privacy and potential violations of civil liberties,” the lawmakers said in their letter to Noem.

The lawmakers warned that “DHS could use these tools to identify individuals for targeting based solely on their presence in certain locations, without a warrant or probable cause, and regardless of their citizenship or residency status.”

Penlink is a digital intelligence company that for decades has built tools widely used by law enforcement and national security agencies to collect and analyze communications data. Its platforms are used to aggregate wiretap data, call records, text messages, Internet metadata, and open source online information into a single analytical environment.

“Using this technology,” lawmakers said, “DHS can potentially access encrypted applications, the phone’s location data, and messages and photographs saved to the phone,” adding that the “continued acquisition of such spyware technology suggests DHS is relying on mass data collection techniques that the department can use without cell phone users’ knowledge and that may operate outside of constitutional guardrails.”

Historically, Penlink’s core business revolved around lawful intercept solutions that allow agencies to gather and manage court authorized wiretap data from telecommunications providers.

DHS is not new to PenLink. Public procurement records show that ICE Homeland Security Investigations (HSI), has maintained multiyear relationships with the Nebraska-based surveillance vendor.

One prominent award is a firm fixed-price contract supporting HSI monitoring and analysis of voice, text and web communications, carries a total value exceeding $25 million over its period of performance.

Additional DHS line items reflect license renewals, software support and related services tied to PenLink’s investigative platforms.

The DHS purchases mirror a wider federal pattern. The Department of Justice (DOJ) has relied on PenLink through long-running contract vehicles administered by its Office of Investigative Technology, including a multiyear basic ordering agreement that has supported recurring task orders for software, onsite support and analytic services.

The Bureau of Alcohol, Tobacco, Firearms and Explosives has separately used an indefinite delivery contract described in procurement summaries as a total communications collection program.

The Drug Enforcement Administration has also pursued sole source follow on actions covering PenLink software suites and related services, including analytic tools such as PLX, Tangles and GeoTime, along with engineering support, training and cloud delivered components.

Other federal entities, including inspectors general offices within DOJ and DHS, have procured PenLink licenses and maintenance packages, underscoring how deeply embedded the company’s platforms have become across investigative and oversight functions.

While the specific dollar values and technical scopes vary, the overall pattern shows repeated renewals and multiyear commitments rather than one off experiments.

For critics of ICE’s reported use of location analytics, that procurement history reinforces concerns that PenLink’s capabilities are institutionally integrated rather than exceptional.

Lawmakers told Noem they want a staff briefing by March 5.

They requested internal communications about the acquisition of location-based surveillance tools, any legal justification for conducting mass electronic surveillance without a warrant, details about how data collected through Penlink would be stored and disposed of, and information about who would have access to the data and how misuse would be monitored.

Civil liberties advocates argue that the same capabilities that make such platforms attractive to investigators create significant constitutional risks when applied to bulk location data.

The Supreme Court’s 2018 decision in Carpenter v. United States held that individuals have a reasonable expectation of privacy in historical cellphone location records maintained by wireless carriers, requiring law enforcement to obtain a warrant in most circumstances.

Since that ruling, privacy groups have contended that government agencies are attempting to sidestep Carpenter by purchasing commercially available location data rather than compelling it directly from telecom providers.

The lawmakers’ letter reflects that concern. By warning that DHS could identify individuals based solely on their presence in certain locations and without a warrant, the members signal unease that commercial data markets are being used to bypass traditional Fourth Amendment safeguards.

They also cite reporting that federal agents have identified and tracked individuals observing ICE operations, raising fears that location analytics could be deployed not only for immigration enforcement but to monitor activists or bystanders.

According to the lawmakers, the continued acquisition of such technologies suggests the department may be relying on mass data collection techniques that operate outside constitutional guardrails.

Privacy organizations have echoed those warnings. The American Civil Liberties Union has argued that bulk location tracking tools are particularly dangerous in the hands of agencies with broad enforcement mandates, noting that location trails can expose religious practices, medical visits, political activity and personal associations.

Critics contend that when such data is collected at scale and searched retrospectively, it effectively transforms every smartphone user in a geographic area into a potential subject of analysis.

Supporters of these tools within law enforcement counter that commercially available data is lawfully obtained from data brokers and that analytic platforms like Penlink help investigators identify suspects, corroborate timelines and disrupt criminal networks more efficiently than traditional methods.

They argue that internal policies, audit logs and supervisory review provide safeguards against misuse.

The lawmakers are now seeking clarity on exactly what those safeguards look like inside DHS. They have asked for an explanation of any legal theory the department believes authorizes mass electronic surveillance without a judicial or administrative warrant, as well as details about data retention and access controls.

Whether DHS provides the requested briefing by the March deadline could determine how quickly the issue escalates.

If lawmakers conclude that ICE is using commercial location data in ways that test constitutional boundaries, the dispute could expand into formal hearings, legislative proposals to restrict data purchases or renewed scrutiny of the largely opaque market for smartphone location information.

Article Topics

data privacy  |  DHS  |  ICE - U.S. Immigration and Customs Enforcement  |  location data  |  PenLink  |  smartphones  |  U.S. Government