Surveillance technology regulation in immigration enforcement: governance failures at ICE and the call for enhanced oversight
Table of contents
- Analytics through data and trends
- Contrasting governance expectations with practice
- Cause-and-effect dynamics
- Expert reconstruction and reforms
In January 2026, Renee Good and Alex Pretti, two American citizens, were fatally shot by Department of Homeland Security (DHS) agents during the ICE surge in Minneapolis. Their deaths sharpen a broader debate about how immigration enforcement officers wield powerful surveillance tools that collect vast data on U.S. residents and nonresidents alike. Sens. Mark Warner and Tim Kaine have highlighted not only the immediate human cost but also the structural risk that unprecedented funding for information-collection tools may enable unsupervised deployments that skirt constitutional protections. This piece treats surveillance technology regulation as the central constraint on the power of federal immigration enforcement and asks: what governance structure can restore legitimacy, accountability, and respect for due process in this space?
Brookings colleagues Rashawn Ray and Gabriel R. Sanchez have traced a rapid expansion of ICE authority that has outrun oversight, leaving racial profiling, hiring practices, and training gaps to shape enforcement outcomes. Yet a third factor compounds these dynamics: Congress’s failure to regulate the technologies themselves. When lawmakers do not articulate clear rules for how surveillance technologies are acquired, deployed, and governed, agencies interpret—often broadly—their own mission, incentives, and legal obligations. The result is a governance vacuum in which powerful tools operate with discretion that citizens cannot credibly contest. This analysis builds from that deficit, focusing on cell-site simulators and related capabilities, and asks what regulatory architecture is needed to curb potential abuses while preserving legitimate public safety aims.
To map the problem and the remedy, the piece proceeds in four analytic modes: (1) an analytical read of data, budgets, and capabilities; (2) a contrast between stated policy promises and observed practice; (3) a causal chain linking regulatory gaps to real‑world outcomes; and (4) an expert reconstruction of reforms that could align ICE’s conduct with constitutional norms. Along the way, it engages with a Washington Post primer on surveillance tools funded by the so‑called One Big Beautiful Bill Act, and reviews past congressional inquiries into cell-site simulators that illuminate both progress and persisting blind spots. The overarching question remains: how can Congress impose credible supervision over surveillance technologies to protect privacy, civil liberties, and due process without paralyzing enforcement?
Analytics overview: data, budgets, and the tech stack
The central analytical question is not whether ICE should use surveillance tools, but whether their deployment is governed by a coherent, rights-respecting framework. The onset of the ICE surge in Minneapolis and the subsequent fatalities draw attention to the way funding decisions, procurement processes, and operational doctrines interact with surveillance tech. The expenditure story is not accidental; it tracks an explicit policy trajectory toward data-centric enforcement that treats information as a force multiplier rather than a constraint. In other words, the more data ICE can collect and analyze, the more expansive its operational latitude appears to become. This dynamic underwrites the concern that a vast, under-regulated toolkit will outpace accountability mechanisms and erode Fourth Amendment protections over time.
The main keyword here—surveillance technology regulation—anchors the analysis. Its presence signals a structural problem: without explicit, binding constraints on what tools may be used, when, and under what protections, agencies interpret legal permissions as enabling rather than restricting. In the current environment, the generic promise of “effective enforcement” collides with the reality that data ecosystems create incentives for broader collection, retention, and cross‑agency sharing. The data story also reveals a budgetary pressure point: public funds directed toward sensor-rich, interoperable systems create a cohort of decision-makers who are motivated to expand capabilities to justify sustained or increased appropriations. This discipline problem—how to align funding with appropriate safeguards—lies at the heart of governance failure in ICE surveillance practice.
Technologies and capabilities in the ICE ecosystem
- Facial recognition: BINs, watchlists, and data fusion across identities raise accuracy and bias concerns, especially when deployed in civil and protest contexts.
- Automatic license plate readers (ALPRs): Large‑scale vehicle data repositories enable retrospective profiling and mobility patterns with limited transparency.
- Cell-site simulators (Stingrays): Real-time geolocation and service disruption capabilities in a single sweep; a high risk to privacy when used in protests or crowd phenomena.
- Phone location databases: Aggregated geolocation data that may be retained and accessed with minimal oversight or warrants in some contexts.
- Digital forensics tools: Access to encrypted devices—phones and computers—introduces more intrusive intrusions into private communications than conventional search methods.
The Washington Post primer linked such tools to recent funding streams and underscored a trend toward aggressive data-gathering practices. The disclosure that some technology purchases were tied to the One Big Beautiful Bill Act of July 2025 illustrates how legislative packaging can obscure the practical consequences for privacy and civil liberties. The learning here is stark: in the absence of robust regulation, procurement incentives tend to broaden the toolset rather than constrain it. The fourth‑amendment risk profile for real-time CSLI collection remains unsettled in courts and unresolved in Congress, amplifying the governance gap as a structural problem rather than a technical anomaly.
Why it matters: governance, not gadgets
Surveillance technology regulation matters because the tools themselves shape what counts as permissible policing. When policy guidance is nonbinding or unevenly implemented across DHS components, frontline officers receive ambiguous signals about acceptable use—signals that can drift toward expansive surveillance and investigative practices that intrude on speech, association, and movement. The risk is not merely privacy erosion, but a legitimacy crisis: if communities perceive enforcement as conducted with insufficient accountability, trust deteriorates, and cooperation with law enforcement erodes. The regulatory question then becomes how to codify constraints that are credible, enforceable, and adaptable to evolving technological landscapes while preserving ICE’s ability to respond to genuine threats.
Contrast: policy promises vs. actual practice
Historical oversight on cell-site simulators provides a useful mirror for current debates. In 2015, the House Committee on Oversight and Government Reform launched a bipartisan probe into law enforcement’s use of cell-site simulation technologies amid concerns about privacy, secrecy, and security. The result was a policy shift: the Department of Justice (DOJ) issued guidance requiring a warrant to authorize Stingray use in criminal investigations, with the pen register/statutory order as a supporting authority in certain cases. Homeland Security adopted the DOJ guidance as policy rather than law, leaving the warrant requirement as a policy choice rather than a binding legal obligation. The Supreme Court’s Carpenter decision left unresolved the precise Fourth Amendment status of real-time CSLI collection, and no federal circuit has squarely resolved the Stingray question since. This is a telling indicator of governance fragility: policy statements can outpace and, at times, outlive judicial clarity.
The contrast extends beyond Stingrays. The Washington Post primer catalogues a broader suite of tools that DHS deploys or may deploy, often with limited transparency around use cases, data retention, and cross‑agency sharing. The 2015 oversight findings emphasized that even well‑intentioned use of novel technologies can infringe constitutional rights if unaccompanied by robust oversight, meaningful warrants, and clear constraints. Yet a decade later, Congress has not enacted a comprehensive framework governing location data, geolocation access, or cross‑agency surveillance governance. The practical effect is a drift from principled oversight toward discretionary use by agencies that possess broad statutory authority and growing technological muscle. The contrast underscores the core takeaway: without binding regulatory guardrails, policy aspirations fail to constrain practice.
Cause-and-effect dynamics behind surveillance expansion
The expansion of ICE’s surveillance capabilities is not an inevitability; it is the product of a cascade of decisions that begin with a regulatory deficit. First, there is a structural gap in federal law governing surveillance technologies. The Electronic Communications Privacy Act (ECPA) turns 40 this year, and many of its rules lag behind contemporary digital realities. The result is a familiar mismatch: a legal regime framed for dial-up-era data that struggles to address modern geolocation, device forensics, and real-time monitoring. This misalignment creates a permissive policy environment that allows agencies to interpret “compliance” in ways that widen, not narrow, entanglements with civil liberties protections. The consequence is a systemic drift toward expanded collection and reduced accountability, particularly when budgets justify capabilities rather than impose limits.
Second, a lack of binding statutory constraints produces interpretive room for agency discretion. When Congress does not specify the conditions for deploying advanced surveillance tools, DHS components can justify broader uses by appealing to operational necessity, public safety, or security urgency. The effect is not merely methodological; it is political. Civil liberties protections recede into a background concern while the immediate imperative of enforcement takes center stage, a dynamic that undermines public trust and invites constitutional risk if accountability mechanisms prove inadequate.
Third, there is a feedback loop between technology and practice. Each new capability expands the data ecosystem, which in turn fosters new analytical methods, predictive workflows, and interagency data fusion. This creates a powerful incentive to scale up rather than refine safeguards. The result is a self-reinforcing cycle where regulatory feet lag behind technical feet, enabling an ever-widening sphere of surveillance that touches U.S. citizens and noncitizens alike. In short, the cause is not simply the presence of a Stingray or an ALPR; it is a governance architecture that permits, and often encourages, expansion without commensurate oversight or legal certainty.
Expert reconstruction: reforms to restore legitimacy and protection
The prescription must confront both the conceptual and practical dimensions of surveillance technology regulation. It requires a robust, credible framework that constrains the use of powerful tools while preserving the ability of immigration authorities to manage genuine threats. The following elements sketch a plausible reform program built from expert reasoning and historical insights.
- Federal statutory framework for real-time geolocation: Pass a nationwide statute that requires a probable cause-based warrant, when possible, for real-time location tracking and the use of cell-site simulators except in narrow exigent circumstances. Such a framework should standardize when, how, and by whom real-time location data may be accessed.
- Unified privacy architecture across DHS: Establish a DHS-wide privacy office with binding authority over data minimization, retention, sharing, and destruction. Create a shared lexicon for surveillance technologies to prevent misinterpretation and inconsistent application across agencies.
- Independent oversight and auditing: Create independent audits of surveillance programs, with publicly releasable but redacted findings. Annual reports should map capabilities to constitutional safeguards, including explicit references to the Fourth Amendment and First Amendment protections when monitoring political speech or assembly.
- Privacy impact assessments and risk reviews: Require comprehensive privacy impact assessments before deploying new technologies, with ongoing revalidation after any material modification in data pipelines or use cases.
- Data minimization and retention controls: Limit data collection to what is strictly necessary for defined lawful purposes; implement sunset provisions and automatic deletion timelines unless renewal is justified by a current investigation and a legally warranted basis.
- Transparency and public reporting: Mandate clear, accessible disclosures about the types of surveillance technologies deployed, the purposes, the data flows, and the safeguards. Public reporting should accompany procurement outcomes to deter mission creep.
- Procurement guardrails and ethics reviews: Tie procurement to explicit ethics reviews, risk-of-harm assessments, and matching against civil liberties benchmarks. Prohibit proprietary secrecy that obscures the policy purpose and the rights implications of the tools.
- Sunset clauses and periodic reauthorization: Build automatic reviews and sunset triggers for surveillance authorities to ensure ongoing accountability and alignment with constitutional protections.
- Congressional oversight enhancements: Create joint committees or parallel oversight mechanisms across DHS and HHS that coordinate privacy protections, data governance, and civil liberties considerations in a cross-agency framework.
Operational safeguards for day-to-day use
Even with a legal architecture, day-to-day practice must reflect disciplined governance. Implement clear protocols that require supervisory authorization for high-risk deployments, require contemporaneous documentation of use, and mandate deprecation of tools the moment their legal basis or policy justification ends. Data sharing should be minimized, with strict controls over cross‑agency access and external third-party access. Agencies must be prepared to demonstrate how the use of each tool advances legitimate public safety aims without disproportionately impacting protected activities, such as peaceful assembly or lawful political expression.
Strategic accountability and public trust
To restore legitimacy, reforms must be paired with transparent accountability mechanisms that the public can scrutinize. This includes independent audit findings, accessible privacy impact assessments, and robust oversight that holds executives and line officers to constitutional norms. The objective is not to hobble enforcement but to calibrate it to a governance standard that respects civil liberties, maintains public safety, and preserves the legitimacy of immigration enforcement in a democracy.
In the end, the central move is to treat surveillance technology regulation as a core constitutional issue, not a technical afterthought. If Congress acts with resolve, it can reframe enforcement as a governed, rights-respecting enterprise rather than an unchecked expansion of capabilities. The result would be a credible, sustainable approach to immigration enforcement that protects both national interests and the civil liberties at the heart of American liberty.
Takeaway: Without credible regulation, ICE’s use of surveillance technologies risks accelerating a legitimacy crisis. With clear statutory guardrails, independent oversight, and strong privacy protections, Congress can restore public confidence while preserving the tools necessary for safe and effective enforcement.

Add a comment
To comment, you need to register and authorize
Comments