Immigration and Customs Enforcement accidentally posted the names, birth dates, nationalities and locations of more than 6,000 immigrants who claimed to be fleeing torture and persecution to its website this week.
The unprecedented data dump could expose the immigrants — all of whom are currently in ICE custody — to retaliation from the very individuals, gangs and governments they fled, attorneys for people who have sought protection in the U.S. said. The personal information of people seeking asylum and other protections is supposed to be kept confidential; a federal regulation generally forbids its disclosure without sign-off by top officials in the Department of Homeland Security.
The agency is investigating the incident and will notify the affected immigrants about the disclosure of their information. The agency has said it will not deport immigrants whose information it mistakenly posted until it is determined whether the disclosure affects their cases.
The government will notify people who downloaded the information that they should delete it.
ICE officials are concerned about the posting of the data — which included information about migrants who sought to avoid deportation to countries such as Iran, Russia and China — and are focused on quickly fixing the issue, an agency official said.
The agency mistakenly posted the data, which included immigrants' names, case status, detention locations and other information, during a routine update of its website.
The immigrant advocacy group Human Rights First notified ICE officials about the data breach Monday and shortly after, the agency took steps to delete the data from its website. The file was contained on a page where ICE regularly publishes detention statistics.
The information was up for five hours and officials quickly worked to take it down after being notified it had been posted.
"Though unintentional, this release of information is a breach of policy and the agency is investigating the incident and taking all corrective actions necessary," an ICE spokesperson said in a statement.
The disclosure is "embarrassing" and potentially dangerous for those affected, another DHS official told the Los Angeles Times.
Many immigrants fear that gangs, governments or individuals back home will find out that they sought protection in the U.S. Asylum-seekers regularly ask their immigration lawyers whether their home countries will find out about their applications. In one case documented by Human Rights Watch, a Cameroonian man the U.S. deported to his home country was summoned to court upon his return for "having, in the United States, spread false news ... by declaring to be a victim of abuses by the Cameroonian Government."
Anwen Hughes, a lawyer at Human Rights First, said that she has a recurring nightmare about leaving a bag full of client information on the subway.
She has never done so. But the fact that the possibility haunts her dreams offers some indication of the seriousness of posting immigrants' personal information on the internet, she said. She hoped the error would serve as a reminder to the government to be especially careful with such data.
"Refugees' willingness to trust the U.S. government with their information depends on reliable competence as well as a general intention to honor the law," she said.
Diana Rashid, managing attorney of the National Immigrant Justice Center, found the name of one of her organization's clients — a Mexican woman — on the list.
"We are deeply concerned about our client's safety after ICE publicly shared this very sensitive information about her and thousands of others like her," she said. "She is seeking protection from removal because she fears persecution if returned to her country of origin. Revealing this information makes her more vulnerable to the persecution and abuses she fears if deported."
The disclosure of the information put lives at risk, said Heidi Altman, director of policy at the National Immigrant Justice Center, an immigrant advocacy organization.
"The U.S. government has a crucial obligation to hold asylum-seekers' names and information in confidence so they don't face retaliation or further harm by the governments or individuals whose persecution they fled," Altman said. "ICE's publication of confidential data is illegal and ethically unconscionable, a mistake that must never be repeated."
Blaine Bookey, the legal director at the Center for Gender & Refugee Studies at the UC Hastings College of the Law in San Francisco, said she was aware of cases in which detained immigrants have been threatened when information about their status has become public.
"Any breach of asylum-seeker information in such a public way could quite literally have life or death consequences and the government must take every precaution to protect their safety," she said.
The agency has made other high-profile mistakes over the years, including accidentally arresting U.S. citizens.
"This episode adds to ICE's well-documented history of dysfunction and internal accountability lapses," said Nate Wessler, an attorney with the ACLU who specializes in privacy issues.
The agency has fallen under heavy criticism over the years — at one point it was the least-liked federal agency — but has attempted to shift its practices during the Biden administration. Under Biden, ICE has limited the arrests of pregnant women and expanded "sensitive" areas such as playgrounds where arrests are generally off-limits.
The agency said the data were posted at 6:45 a.m. Pacific time on Monday and included the names and information of 6,252 immigrants seeking protection. Just before 11 a.m., Human Rights First notified the agency of the breach. ICE will tell the attorneys of the impacted immigrants or the immigrants themselves about the disclosure.
"This will allow noncitizens or their attorneys-of-record to determine whether the disclosure may impact the merits of their protection claim," an agency spokesperson said in a statement.
The agency is also monitoring the internet for potential reposting of the data, a spokesperson said.
———