7 Records of Alleged Abusive or Improper Conduct where the event type is “Civil Liberties or Privacy Infringement”

Mid-September 2023

Customs and Border Protection (CBP), along with other U.S. law enforcement agencies, bought access to—and has used for years—commercially sourced location data harvested from U.S. citizens’ and others’ smartphones, revealed 404 Media.

The U.S. Government Accountability Office (GAO) released a report on September 12 finding that the Department of Homeland Security’s (DHS) Office of Intelligence and Analysis (OIA) “is not fully implementing activities intended to monitor whether personnel are following its policies to protect the privacy, civil rights, and civil liberties of U.S. persons, including U.S. citizens and lawful permanent residents.” (Original link)

A former location data company worker indicated that Commercial Telemetry Data (CTD) is typically used to track “herds of people”, but that it can be and has been used to monitor specific targets. Reports indicated that data has been used to identify border crossings and consequently arrest people. Since the agencies paid a commercial vendor for the data, they have not been required to acquire a warrant or another court order to obtain the information.

CBP, in response to investigations, stated that “CBP officers, agents, and analysts are provided with access to the vendor’s interface on a case-by-case basis, and are only able to view a limited sample of anonymized data consistent with existing border security or law enforcement operations.”

CBP discontinued the use of CTD at the end Fiscal Year 2023, on September 30, 2023. The reasons for discontinuation are unknown. Nonetheless, CBP publicly stated that if the agency “identifies a critical mission need to re-acquire a vendor who provides CTD, we would ensure CBP would engage Oversight, Legal, and Privacy entities at the agency and department level.”

—“Homeland Security: Office of Intelligence and Analysis Should Improve Privacy Oversight and Assessment of Its Effectiveness.” Washington: U. S. Government Accountability Office, August 28, 2023. https://www.gao.gov/products/gao-23-105475.

—Cox, Joseph. “Customs and Border Protection Says It Will Stop Buying Smartphone Location Data.” 404 Media, September 12, 2023. https://www.404media.co/customs-and-border-protection-stop-buying-location-data

Sector(s): Border-Wide

Agency(ies): CBP, DHS

Event Type(s): Civil Liberties or Privacy Infringement

Last Known Accountability Status: GAO Investigation Closed, Unknown

Victim Classification:

End of July 2023

Newsite Government Executive reported that the Department of Homeland Security’s Inspector General Joseph Cuffari agreed to pay a former official $1.17 million in a settlement agreement after allegedly firing her in retaliation for her whistleblower claims.  

Jennifer Costello is a former deputy who worked for the Department of Homeland Security under Inspector General Joseph Cuffari. When Costello discovered that Cufarri had delayed a report into the Trump administration’s family separation policy at the southern border, Costello brought forth complaints to Congress and the Council of Inspectors General on Integrity and Efficiency in 2019. 

Then, Cuffari launched a third-party investigation into Costello and two of her colleagues, resulting in a $1.4 million cost. The investigation concluded that she had engaged in divisive and unprofessional behavior, which Costello argued was a “farce” launched in retaliation for her claims. She was fired in June 2020. 

According to the official settlement, the Inspector General’s Office did not admit to any guilt or wrongdoing. Instead, Costello’s firing was overturned, and she is now formally listed as an employee who resigned from the DHS. Cufarri continues to push back against allegations that he is an ‘unethical’ employee. He launched a lawsuit against the Council of the Inspectors General on Integrity and Efficiency for investigating the IG’s office. This lawsuit was dismissed on November 2nd, 2023 after a judge deemed Cufarri failed to prove that the Council’s investigation was harassment. Despite the investigation, he continues to serve as the Inspector General for the DHS.

Katz, Eric. “DHS Inspector General Pays $1.2M Settlement to Former Deputy.” Government Executive, July 27, 2023. https://www.govexec.com/management/2023/07/dhs-inspector-general-pays-12m-settlement-former-deputy/388892/.

Sector(s):

Agency(ies): DHS

Event Type(s): Civil Liberties or Privacy Infringement, Insubordinate or Highly Politicized Conduct

Last Known Accountability Status: Shared with Congressional Oversight Committees, Under DHS Review

Victim Classification: Advocate or Humanitarian Worker

September 15, 2022

Sen. Ron Wyden (D-Oregon), a member of the Senate Select Committee on Intelligence, sent a letter to CBP Commissioner Chris Magnus voicing concerns about the electronic privacy of travelers who pass through U.S. ports of entry, including land border crossings and airports. Sen. Wyden accused CBP of “pressuring travelers to unlock their electronic devices without adequately informing them of their rights” and “downloading the contents of Americans’ phones into a central database, where this data is saved and searchable for 15 years by thousands of Department of Homeland Security employees, with minimal protections against abuse.”

The Washington Post and Gizmodo reported on the letter, and on CBP’s apparent exception to the Constitution’s Fourth Amendment allowing it to carry out “advanced searches” of travelers’ phones—including those of U.S. citizens—if they have a “reasonable suspicion” that the individual is breaking the law or poses a “national security concern.” “It’s not immediately clear what a ‘national security concern’ is, or what differentiates it from reasonable suspicion, an already low evidentiary standard,” Gizmodo reported.

Even without such suspicion, CBP claims the power to access travelers’ electronic devices, looking at “anything that ‘would ordinarily be visible by scrolling through the phone manually,’ including contact lists, calendar entries, messages, photos and videos,” the Washington Post explained citing a 2018 CBP “Privacy Impact Assessment Update.” With the “reasonable suspicion” standard, CBP can copy the entire contents of the phone or device. “That data is then stored in the Automated Targeting System database, which CBP officials can search at any time.”

CBP is collecting further, “advanced” data from “less than 10,000” border-crossers’ devices each year, Sen. Wyden’s letter indicates that agency personnel told his office. The number appears to refer only to the “advanced” searches: CBP’s Enforcement Statistics web page indicates that the agency subjected 45,499 international travelers to “electronic device search” in fiscal year 2022, a 21 percent increase over 2021. In the case of “advanced” searches, CBP retains the copied data for 15 years.

Sources told the Washington Post that about 2,700 or 3,000 CBP personnel have access to this collected data, all without a warrant. CBP personnel are not required to record the purpose of their searches, Sen. Wyden noted, “even though auditable records of this sort are an important safeguard against abuse.”

Sen. Wyden’s letter called on CBP to change its policy, laid out in a January 2018 directive, and halt warrantless searches of U.S. citizens’ phones. The Senator asked the CBP Commissioner for “a written plan,” by October 31, 2022, describing the steps that CBP would take to address his concerns.

CBP officials declined to answer Washington Post questions “about how many Americans’ phone records are in the database, how many searches have been run or how long the practice has gone on, saying it has made no additional statistics available ‘due to law enforcement sensitivities and national security implications.’”

— Sen. Ron Wyden (D-Oregon). “Wyden Letter to CBP on Border Searches of Devices,” September 15, 2022. <https://www.wyden.senate.gov/imo/media/doc/Wyden%20letter%20to%20CBP%20on%20border%20searches%20of%20devices.pdf>.

— Harwell, Drew. “Customs Officials Have Copied Americans’ Phone Data at Massive Scale.” Washington Post, September 19, 2022. <https://www.washingtonpost.com/technology/2022/09/15/government-surveillance-database-dhs/>.

— Dell Cameron and Lauren Leffer. “Border Agents Are Taking Data From Americans’ Phones Without Warrants.” Gizmodo, September 15, 2022. <https://gizmodo.com/border-patrol-surveillance-cell-data-no-warrants-1849540504>.

— “Privacy Impact Assessment Update for CBP Border Searches of Electronic Devices.” U.S. Customs and Border Protection, January 4, 2018. <https://www.dhs.gov/sites/default/files/publications/PIA-CBP%20-%20Border-Searches-of-Electronic-Devices%20-January-2018%20-%20Compliant.pdf>.

Screenshot from CBP Enforcement Statistics web page, January 14, 2023 (Washington: U.S. Customs and Border Protection, January 14, 2023) <https://www.cbp.gov/newsroom/stats/cbp-enforcement-statistics>.

— “CBP Directive 3340-049A: Border Search of Electronic Devices.” U.S. Customs and Border Protection, January 4, 2018. <https://www.cbp.gov/sites/default/files/assets/documents/2018-Jan/CBP-Directive-3340-049A-Border-Search-of-Electronic-Media-Compliant.pdf>.

Sector(s): Border-Wide

Agency(ies): CBP

Event Type(s): Civil Liberties or Privacy Infringement

Last Known Accountability Status: Unknown

Victim Classification:

July 18, 2022

Documents obtained by the American Civil Liberties Union (ACLU) show that CBP was among DHS agencies that purchased large amounts of location data from a contractor that harvested it from hundreds of millions of mobile phones across the United States. “In just three days in 2018, the documents show that the CBP collected data from more than 113,000 locations from phones in the Southwestern United States—equivalent to more than 26 data points per minute—without obtaining a warrant,” Politico reported. “By searching through this massive trove of location information at their whim, government investigators can identify and track specific individuals or everyone in a particular area, learning details of our private activities and associations,” the ACLU warned.

— Shreya Tewari, Fikayo Walter-Johnson, “New Records Detail DHS Purchase and Use of Vast Quantities of Cell Phone Location Data” (United States: American Civil Liberties Union, July 18, 2022) https://www.aclu.org/news/privacy-technology/new-records-detail-dhs-purchase-and-use-of-vast-quantities-of-cell-phone-location-data.

— Alfred Ng, “Homeland Security records show ‘shocking’ use of phone data, ACLU says” (Washington: Politico, July 18, 2022) https://www.politico.com/news/2022/07/18/dhs-location-data-aclu-00046208.

Sector(s): Border-Wide

Agency(ies): CBP, DHS, ICE

Event Type(s): Civil Liberties or Privacy Infringement

Last Known Accountability Status: Unknown

Victim Classification:

December 11, 2021

A Yahoo News investigation told the story of Jeffrey Rambo, a Border Patrol agent assigned to the Counter Network Division of CBP’s National Targeting Center in 2017 and 2018. The investigation pointed to very troubling CBP intrusions into the private lives of U.S. citizens not suspected of committing any crimes, while all involved have avoided punishment.

Though assigned to a project with the ostensible goal of combatting forced labor, Rambo and his Division ended up digging through classified government databases to uncover information about the private lives of as many as 20 U.S. journalists. The resulting leak investigation ensnared reporter Ali Watkins, revealing her romantic relationship with a married Senate staffer. Rambo, Yahoo News’s Jana Winter reported,

ran Watkins through an assortment of databases. Those included, among others, CBP’s Automated Targeting System, a tool that compares travelers against law enforcement and intelligence data; TECS, which tracks people entering and exiting the country; the Treasury Department’s FinCEN, used for identifying financial crimes; and the State Department consular database, which included details of her passport application.

Dan White, Rambo’s supervisor at the Counter-Network Division, testified about Charlie Ratliff, a program analyst in the Division who “worked on DOMEX, a program that collects information from the contents of a person’s electronic device when they cross a U.S. border.”

According to White’s later testimony, Ratliff regularly investigated congressional staffers’ travel captured by CBP to run against the Terrorist Screening Database. “White stated that when Congressional ‘Staffers’ schedule flights, the numbers they use get captured and analyzed by CBP,” the inspector general report says. White told the investigators that Ratliff “does this all the time,” looking at “inappropriate contacts between people.”

Starting in 2018, the DHS Inspector-General and CBP’s Office of Professional Responsibility carried out a two-year investigation into Rambo’s activities, focused on whether Rambo improperly accessed government databases, and sought information outside the scope of his official duties.

The Inspector-General found grounds for potential criminal charges against Rambo, White, and Ratliff, and presented criminal referrals to the Justice Department in October 2020. In the end, Mark Lytle, the head of financial crimes at United States Attorney’s Office for the Eastern District of Virginia, declined to prosecute, in part because CBP lacked clear policies and procedures governing Rambo’s duties.

“We’re in a very dangerous place if having no rules means officers can’t break any rules,” Hugh Handeyside, a senior staff attorney with the American Civil Liberties National Security Project, told Yahoo News.

That same month, Jeffrey Rambo was taken off administrative leave and returned to duty as a Border Patrol agent, where he remained as of the time of Yahoo News’s investigation, assigned to the San Diego Sector. Dan White, Rambo’s former supervisor, was back running the same team as before at the CBP National Targeting Sector’s Counter Network Division. “When the inspector general requested any new policies or procedures the division had for contacts with journalists and people outside government, it received no reply,” Yahoo News found.

Ali Watkins, the reporter whose personal life came most heavily under CBP scrutiny and was working at the New York Times as of December 2021, told Yahoo News, “I’m deeply troubled at the lengths CBP and DHS personnel apparently went to try and identify journalistic sources and dig into my personal life. It was chilling then, and it remains chilling now.”

— Jana Winter, “Operation Whistle Pig: Inside the secret CBP unit with no rules that investigates Americans” (Yahoo News, December 11, 2021) https://news.yahoo.com/operation-whistle-pig-inside-the-secret-cbp-unit-with-no-rules-that-investigates-americans-100000147.html.

Sector(s): Border-Wide

Agency(ies): Border Patrol, National Targeting Center

Event Type(s): Civil Liberties or Privacy Infringement, Misuse of Intelligence Capability

Last Known Accountability Status: Criminal Charges Dropped, DHS OIG investigation Closed, OPR Investigation Closed

Victim Classification: Journalist, U.S. Citizen or Resident

January 2, 2019

Reverend Kaji Douša, a senior pastor at Park Avenue Christian Church in New York City, won a case against the U.S. Department of Homeland Security (DHS), Customs and Border Protection (CBP), and Immigration and Customs Enforcement (ICE) for allegedly targeting and surveilling her due to her pastoral services to migrants and refugees.

In 2018, Douša supported the organization of the “Sanctuary Caravan,” a mobile clinic of faith leaders providing pastoral services, such as church-blessed marriage ceremonies and prayer, to migrants seeking asylum in the United States. During this period, the increase in mass border crossings led CBP agencies to enhance patrolling, resulting in an operational plan known as “Operation Secure Line.” The objective of Operation Secure Line was to collect information related to “immigration-related crimes” and generate reports for field agents and other law enforcement officers. Consequently, caravan organizers, including humanitarian aid providers such as activists, lawyers, and journalists, became people of interest.

In December 2018, Pastor Douša traveled to Mexico to conduct her latest round of border ministry. However, upon attempting to return to the United States on January 2, 2019, federal officials detained and interrogated her in a secondary interview before releasing her. She later learned that DHS had targeted her for heightened scrutiny and revoked her clearance for expedited border crossing as part of Operation Secure Line.

In July 2019, Douša filed a lawsuit challenging the surveillance operation for allegedly retaliating against her for providing support to migrants and refugees. This lawsuit came shortly after internal DHS documents were leaked, revealing that Douša was added to a secret blacklist database. It was later confirmed that she was one of at least 51 U.S. citizens tracked by the U.S. government for their proximity to asylum seekers, although there was no public evidence of illicit activities.

On March 21, 2023, a federal court ruled in her favor, concluding that the federal agencies involved had violated her fundamental rights of free exercise and free speech. The court’s decision was based on the finding that a CBP agent had emailed Mexican authorities, falsely claiming that Pastor Douša likely did not have adequate documentation to enter Mexico and should be returned to the United States in retaliation for her ministry to migrants in Mexico.

Devereaux, R. (2022, March 6). A Pastor’s Legal Fight Against CBP Exposes a Reckless Surveillance Operation. The Intercept. https://theintercept.com/2022/03/06/cbp-border-surveillance-migrant-caravan/

Devereaux, R. (2023, March 28). Pastor Wins Civil Rights Suit Against Trump Administration Border Surveillance. The Intercept. https://theintercept.com/2023/03/28/dhs-cbp-border-surveillance-kaji-dousa/

Findings of Fact & Conclusions of Law – #155 in Dousa v. U.S. Department of Homeland Security (S.D. Cal., 3:19-cv-01255) – CourtListener.com. (n.d.). CourtListener. Retrieved December 29, 2023, from https://www.courtlistener.com/docket/15889052/155/dousa-v-us-department-of-homeland-security/

Sector(s): Border-Wide

Agency(ies): CBP, DHS, ICE

Event Type(s): Civil Liberties or Privacy Infringement, Intimidation of Humanitarian Workers, Misuse of Intelligence Capability

Last Known Accountability Status: Lawsuit or Claim Filed

Victim Classification: Advocate or Humanitarian Worker, Black, Female

July 2016

Pregnant employees at the Department of Homeland Security have allegedly faced discrimination for years, prompting a lawsuit filed by a group of Customs and Border Protection (CBP) officers. This group was recently certified to bring their case as a class action.

Current and former employees of the CBP’s Office of Field Operations have been affected by the alleged discrimination. After taking the case to the Equal Employment Opportunity Commission (EEOC), an administrative judge ruled on April 21, 2023, that any pregnant employee required to enter “temporary light duty” (TLD) since July 2016 would be eligible to join the class action.

According to the agency’s policies and the protections provided by the 1978 Pregnancy Discrimination Act, light duty status and accommodations should only be provided at the pregnant employee’s request. Instead, employees report that as soon as their pregnancies were disclosed, supervisors placed them on TLD. This change in duties reportedly affected benefits, including training eligibility, promotional opportunities, overtime pay, the ability to obtain preferred work schedules, and the right to carry a firearm.

Roberta Gabaldon, a CBP employee, stated, “As soon as I let my supervisor know I was pregnant, I was immediately sent home and then put on light duty. There was no conversation about my ability; it was just assumed. It seemed that the agency believed that my pregnancy would impede my competency.”

In an attempt to counter the case, CBP argued that there was a lack of “commonality” among the employees’ complaints, adding that the complaints only stemmed from a handful of offices. They also argued that if mandatory TLD occurred, it was due to supervisors acting without proper authority rather than following agency policy.

Ultimately, Kevin Rung, an EEOC administrative judge, found the over two dozen testimonies—which came from 11 of the 20 CBP field offices—consistent enough to certify the class. It is estimated that since July 2016, at least 500 pregnant women were placed on TLD.

Hundreds of current and former employees are now eligible to join the case through the Gilbert Employment Law Firm’s website

Pregnant Employees at Customs and Border Protection Regularly Discriminated Against, Class Action Lawsuit Alleges. (2023, May 1). Government Executive. https://www.govexec.com/workforce/2023/05/pregnant-employees-customs-and-border-protection-regularly-discriminated-against-class-action-lawsuit-alleges/385817/

Sector(s): CBP

Agency(ies): CBP, DHS

Event Type(s): Civil Liberties or Privacy Infringement

Last Known Accountability Status: Lawsuit or Claim Filed

Victim Classification: DHS Employee, Female, Pregnancy