Skip Navigation
Capitol Hill
traffic_analyzer/Getty
Expert Brief

The Dangers of the Trump Administration’s Data Consolidation Efforts

Congress and state and local governments must create new safeguards around the collection, integration, and misuse of people’s data to protect privacy and First Amendment rights.

July 9, 2026
Capitol Hill
traffic_analyzer/Getty
July 9, 2026

The Trump administration is seeking to build on the remnants of a decades-old data fusion project and a burgeoning trove of commercial information to create an extensive and invasive surveillance system, with the Department of Homeland Security emerging as a hub for data consolidation.

Shortly after the 9/11 terrorist attacks, the Pentagon proposed fusing government records and private-sector data into a unified counterterrorism system that would track people’s buying habits, travel plans, medical records, political beliefs, and other information to identify “suspicious” behavior. This “Total Information Awareness” program was condemned across the political spectrum, and it was ultimately abandoned. But elements have persisted as the government has collected and stored more and more data and also turned to purchasing commercially available information from data brokers.

The federal government already holds reams of personal information about Americans, including taxes paid, Medicaid benefits, charitable donations, wage history, and student debt. States hold a wealth of data as well, including records about residence, voting, driver’s licenses, vehicle ownership, and criminal activity. Information collected by government agencies is typically kept in segregated databases and, under the Privacy Act of 1974, used only for the purposes for which it was collected.

But the Trump administration has ushered in a sea change in data consolidation, undermining privacy protections in its reported attempt to build a centralized database of government data. Many of these data troves have been funneled into DHS. And DHS is integrating some of that information with the voluminous personal data generated daily from our phones and online interactions, which the government can buy from data brokers. This data reveals some of the most intimate details of our lives, from religious affiliation to political preferences and more.

While this endeavor has been justified as a means of combating fraud and abuse, DHS intends to integrate many of these data streams into its surveillance infrastructure to identify and target people for deportation and to monitor constitutionally protected speech.

As the administration pursues dubious “domestic terrorism” investigations to deter political dissent, DHS will be able to deploy AI-augmented tools to monitor and analyze people’s travel patterns, social networks, online posts, and commercial activity to predict their threat levels and identify protesters. The administration also intends to use some of its newly consolidated data to purge voter rolls, in a process that is bound to wrongly disenfranchise eligible Americans.

Congress can act to protect Americans’ privacy and First Amendment rights, and so can state and local governments.

More on

How the Government Can Use Data Integration

Data integration is the process of combining information from disparate sources into a unified, accessible system. In government, it transforms data scattered across agencies and stored in various formats into a searchable repository. This can include government taxpayer records containing data about earnings, charitable contributions, and employment status; citizenship and immigration status collected from federal and state benefits programs; and biographical and biometric information collected by law enforcement and border and immigration agencies.

Consolidating this intimate information expands the government’s ability to deport, arrest, or incarcerate people or target them for retribution. It can also facilitate intrusive data searches, improper access by government agents, or arbitrary actions like denying a federal job to an otherwise highly qualified applicant or releasing information to embarrass a critic. While stringent safeguards on use and access could mitigate these dangers, those safeguards can always be removed by an administration with authoritarian tendencies or be defeated through hacking or other technical means. The consolidation alone thus poses grave risks that are magnified in the absence of meaningful oversight and controls.

Data integration also provides access to large volumes of information that can be analyzed to try to flag suspicious patterns or anomalies, map relationships, identify threats, and determine people’s opinions. AI-augmented tools vastly expand those capabilities, making it easier to extrapolate information from enormous datasets. Essentially, these tools enable the government to piece together and analyze disparate information — like location data, medical information, faceprints, fingerprint records, web-browsing history, purchase history, taxpayer return data, social media posts, and citizenship records — to create a more comprehensive picture of people’s lives and deduce revealing inferences at a previously unimaginable speed and scale. This type of data integration and analysis undermines Americans’ privacy and runs afoul of federal privacy protections that require the government to use data only for the purposes for which it was collected.

 

How the Trump Administration Has Accelerated Data Integration

Prior administrations built mechanisms to facilitate information sharing and coordination between federal, state, and local law enforcement, particularly after 9/11. But the Trump administration has dramatically expanded data sharing and consolidation, trampling privacy protections meant to prevent government abuse of individuals’ sensitive information and repurposing that information far beyond its original intent.

In March 2025, President Trump issued an executive order directing the federal government to broadly share information and ensure agencies have “unfettered access” to state data related to federally funded programs. The newly created DOGE initially led this charge, accessing sensitive information stored across computer systems and reportedly working to unify that data into “a single centralized database.” Reporting later indicated that DOGE was helping integrate once-segregated government datasets into a “master database” at DHS, likely a reference to the accumulation of new data sources that would be linked to a U.S. Citizenship and Immigration Services program initially designed to check eligibility for government benefits.

The specifics of these consolidation efforts are still coming to light, but DHS has emerged as a central player in the administration’s broader data integration effort. Through data-sharing agreements, ICE has gained access to taxpayer return information and home addresses, public housing data, and Medicaid recipients’ personal data — potentially including sensitive medical information. While some of these agreements have been challenged in court, ICE is seeking to repurpose this information to locate individuals for deportation, violating the trust and privacy of immigrants and U.S. citizens who provided this data to pay taxes or receive government services. Following a March executive order, DHS is also set to repurpose information from Social Security databases and other federal data sources to create a likely inaccurate list of U.S. citizens in each state to challenge voter eligibility.

Meanwhile, DHS has been expanding its existing data integration and analytics infrastructure, procuring tools to help link government data with commercial and public datasets and accelerate its targeting and enforcement operations. It is also seeking to combine its massive biometric data repositories into a single platform, supercharging privacy intrusions, identification and deportation of non-U.S. citizens without due process, and targeting of First Amendment–protected activity.

Private Sector Involvement

Private sector companies sell access to personal information, provide software that organizes federal data into a searchable and accessible format, and offer tools to mine that data for insights. DHS has ramped up the acquisition of these capabilities following the passage of Trump’s July 2025 budget bill, which poured unprecedented sums into the agency’s coffers.  

Like other law enforcement and intelligence agencies, DHS exploits gaps in our outdated privacy laws to buy up vast amounts of sensitive information from data brokers, including location data captured from cell phones, purchase histories, health information, and browsing histories. For example, ICE and Customs and Border Protection (CBP) buy access to billions of records, including credit histories, address and employment histories, driver’s license and vehicle data, utility customer data, and jail bookings, from data brokers LexisNexis and Thomson Reuters. ICE has also resumed buying access to cell phone location records after stopping the practice in 2024. And in January, the agency put out a call to data brokers and ad tech companies, asking how they could support ICE’s expanding data collection efforts, such as by providing sensitive location data. It may soon benefit from the intelligence community’s endeavor to consolidate this commercially available information into a single “data consortium” that could be accessible to Homeland Security Investigations, ICE’s investigative arm that claims broad investigative and intelligence authority encompassing any federal crime.

DHS also relies on vendors to collect and analyze a huge range of data about citizens and noncitizens: vehicle location datapoints across the country; social media posts, online geotags, and friends lists; billions of photos scraped from the web and social media; iris and facial prints obtained during operations via smartphone applications; and files extracted from phones seized at the border or during arrest. Other vendors process aggregated data to reveal additional sensitive information. Penlink, for example, sells a tool that combines social media data with cell phone location information to build detailed dossiers. Some vendors analyze text and social media to conduct scientifically dubious sentiment analysis.

To make sense of all this information, DHS has contracted with data integration and analytics provider Palantir. Palantir developed ICE’s investigative case management system, which structures and links data collected from these vendors and other commercial entities — along with data from DHS and other government databases — in a centralized platform that can be searched and analyzed to facilitate DHS’s deportation and law enforcement functions. Since the summer of 2025, Palantir has been enhancing the investigative case management system to serve as Homeland Security Investigations’ “authoritative data source” and support more data analytics capabilities and integrations with partners such as the Department of Justice, CBP, and the Office of Biometric Identity Management. The company has also created ImmigrationOS for ICE’s Enforcement and Removal Operations, the division tasked with apprehending, detaining, and deporting undocumented people. ImmigrationOS assembles ICE’s data streams into a central hub where Enforcement and Removal Operations can track noncitizens and identify deportation targets in real time.

ICE also has access to Palantir’s ELITE app, which reportedly generates lists of people for arrest and deportation that can be filtered and depicted on a map, complete with individual dossiers incorporating information from governmental and commercial sources. Agents used ELITE in Minneapolis to find densely populated areas of potential targets, where agents carried out warrantless arrests.

 

Information from States and Cities

States have typically shared data with the federal government to administer benefits programs and to coordinate joint counterterrorism and crime control efforts, but the administration is seeking even more access to ramp up deportations and, potentially, to monitor protests and disenfranchise voters.

For instance, state agencies cooperate with the federal government to administer health care and food assistance programs, collecting data about applicants and recipients such as household composition, health information, and citizenship status. Cooperative agreements with states typically limit how much information can be accessed by the federal government, as well as how it can be used, and by whom. But the federal government is attempting to obtain more state data, allow access by more federal agencies, and use that information for immigration enforcement. Twenty-seven states have provided the Department of Agriculture with the personal information of millions of government food assistance program recipients, which may get fed into DHS’s data repositories for immigration enforcement. Meanwhile, the DOJ has requested statewide voter registration lists from at least 48 states and plans to share it with DHS for use in criminal and immigration investigations.

DHS also plans to incorporate state driver’s license databases into the Systematic Alien Verification for Entitlements (SAVE) program, a U.S. Citizenship and Immigration Services tool designed to check the citizenship status of people seeking government benefits. The administration has directed DHS to pool that data, along with other federal sources, to create a “citizenship list” that could be used to determine voter eligibility. The Brennan Center is challenging that order in court.

Much of the federal–state data-sharing infrastructure was set up to investigate and prevent terrorism following the 9/11 attacks. A national network of state and regional “fusion centers” collects, analyzes, and shares intelligence from and among federal, state, and local law enforcement, with support from DHS. Initially used to share counterterrorism information, many fusion centers have expanded their mission to include any crimes or hazards, resulting in a history of monitoring racial justice protesters and environmental activists. Fusion center personnel have access to vast databases that include sensitive governmental and commercial data about Americans not suspected of any criminal activity. That information may be disseminated in the form of intelligence reports across law enforcement agencies, including ICE, with few to no restrictions, and could be uploaded to ICE’s data integration infrastructure.

State and local law enforcement also share information with ICE under 287(g) cooperation agreements, where local officers are deputized to enforce federal immigration laws. While certain states and localities have enacted “sanctuary policies” to limit or prohibit participation in those agreements, 287(g) agreements have proliferated during this administration.

 

Risks of Data Integration

The unrestrained collection and merging of personal information imperils people’s fundamental right to privacy and undermines due process and the rule of law. It enables near-perfect surveillance, allowing the government to observe the most intimate details of people’s lives and to scrutinize and retaliate against any individual for any reason. The recent gutting of oversight and accountability functions across DHS and other agencies increases the likelihood that violations of civil rights or civil liberties will go unchecked.

Data integration under these circumstances poses several concrete risks.

Monitoring and Targeting Protesters

DHS has a history of monitoring protests against its operations. ICE leadership has vowed to use its expanded surveillance arsenal to target people who oppose its actions, activities the Trump administration has tried to define as “domestic terrorism.” The agency is already using tools like facial recognition and social media monitoring to identify and track protesters. Agents are even compiling dossiers of anonymous online critics and preparing threat assessments on constitutionally protected activities, despite lacking evidence of planned violence or alleged crimes. ICE has likewise suggested it aims to create a database of Americans who observe and record federal agents, on the grounds that they are “impeding” law enforcement — actions that DHS claims support domestic terrorism.

DHS’s integrated surveillance infrastructure will amplify its ability to clamp down on people who oppose the administration’s policies. DHS can cast a wide net, using AI-augmented tools on consolidated datasets to analyze social media posts, social networks, behaviors, and movements to monitor a particular target or identify potential dissenters for additional scrutiny. Some of these AI-powered analyses may incorrectly flag people as threats, and this infrastructure will make it easier for a lawless government to find pretextual reasons to repress dissent.

Ramping Up Mass Deportations

DHS has also deployed its expanding surveillance infrastructure to indiscriminately target and deport immigrants, focusing its efforts on people who are easiest to locate rather than the “worst of the worst.” ICE has leveraged court records, household and school information, and home addresses to try to meet its reported quota of 3,000 deportations a day, targeting people without criminal histories who are attending religious services, going to work, taking their kids to school, or appearing in immigration court. Immigrants pursuing lawful pathways may be even more vulnerable to surveillance since they engage with a wide range of government databases and thus are more trackable through enhanced data analytics.

These operations have affected American citizens as well. DHS arrested and detained almost 200 U.S. citizens last year, including children, with some caught up in immigration sweeps that profiled people based on their race, language, or employment.

DHS’s integrated data systems supercharge these efforts, amassing, storing, and analyzing intimate information about both citizens and noncitizens. For instance, ICE agents directed to focus on particular communities while carrying out immigration operations (as they did with the Somali, Latino, and Hmong communities in Minneapolis) may rely on analysis of centralized data to quickly generate a list of potential deportation targets based on race or national origin. They might then use that information to indiscriminately detain people in those neighborhoods without due process, based not on their actual immigration status but on their apparent ethnicity, skin color, or accent.

ICE’s reliance on opaque, proprietary AI-powered analytic tools will further erode due process in immigration enforcement. For example, agents may use AI tools to automatically flag people or conduct risk assessments that trigger arrest, detention, or deportation. The “black box” nature of these systems, as well as the routine invocation of trade-secrets protections, limits visibility into the justification behind government actions, frustrating people’s ability to meaningfully challenge enforcement actions.

Viewpoint-based Targeting of Non-U.S. citizens

Data consolidation also amplifies DHS’s ability to punish lawfully present noncitizens for expressing their views. The agency is already arresting people for their First Amendment–protected expression, instructing officers to deny green cards based on people’s political speech, and threatening to deport others for harboring “hateful ideology” or “hostile attitudes” toward U.S. culture and institutions, undermining constitutional protections. Its aggressive enforcement operations and promises to retaliate against noncitizens for their speech have discouraged people from attending rallies, speaking online, or even associating with targeted groups.

The ability to access and analyze large volumes of data in a centralized platform will supercharge these efforts — for example, by creating profiles connecting individuals’ names, social media handles, flagged posts, citizenship status, browsing habits, and location. Even the threat of this surveillance will magnify the climate of fear, chilling speech and association.

Propagating Errors and Biases

Research spanning back decades shows that datasets are inevitably prone to bias or errors, which will propagate when combined. Government databases have been plagued with incomplete and inaccurate records, while datasets purchased from data brokers are often tainted with inaccuracies and junk inferences. These data quality issues can have grave repercussions: People wrongfully marked as “deceased” in Social Security databases could lose access to critical government services. Applicants for federal student aid may receive less money than they deserve. People erroneously flagged as gang members might be targeted for arrest and deportation.

The administration’s recent push to create a “citizenship list” illustrates the dangers of pooling inaccurate data. In March, President Trump issued an executive order that directed DHS to create a list of voting-age U.S. citizens in every state by consolidating information from federal and state databases created for other purposes, including DHS’s SAVE program. SAVE was designed to help states verify the citizenship status of people applying for government benefits and has since been expanded to facilitate searches through Social Security numbers, driver’s licenses, U.S. passport records, and state voter records. Some of its data sources are known to be incomplete and inaccurate, and recent uses of the tool have frequently misidentified voters as noncitizens. While it doesn’t appear that all these data streams are being fed into ICE’s data integration platform, the known errors highlight the risk that combining multiple data sources will undermine rather than enhance accuracy, government services, and civil rights.

Jeopardizing National Security

Pooling data into a unified system also jeopardizes data privacy and national security by creating a single source vulnerable to attacks by hackers and adversaries. Recent data breaches have led to the theft of tens of millions of individuals’ sensitive information from multiple government agencies and contractors. Those breaches would pale in comparison to the amount of data exposed from a master database, providing a foreign adversary with intimate details to use as leverage over government employees or people in sensitive positions.

What Can Be Done to Protect Privacy and Civil Liberties

Congress must strengthen safeguards against the collection, compilation, and misuse of data.

To start, lawmakers should close the data broker loophole, which government agencies exploit to obtain personal information from commercial entities without a court order, bypassing Fourth Amendment and statutory protections. Congress should pass the bipartisan Fourth Amendment Is Not for Sale Act or similar reforms, which would bar agencies from purchasing sensitive information like location and communications-related data from commercial entities.

In addition, Congress should strengthen the inadequate patchwork of federal privacy laws. For starters, it should enact comprehensive consumer privacy protections that would limit the information collected, retained, and shared by commercial entities, reducing the amount of personal information available to data brokers. These privacy protections should also prohibit commercial entities from transferring data to law enforcement or intelligence agencies absent legal process, with narrow exceptions for clear indications of criminal activity or other threats.

It should also strengthen the Privacy Act, which limits federal agencies’ disclosure of individuals’ personal information and provides additional protections for First Amendment–related information. The law was passed in 1974 in response to revelations about COINTELPRO — the FBI’s politically motivated surveillance program — as well as abuses by the Nixon administration. However, it has not kept pace with data analytics capabilities, and its generous exceptions undermine safeguards against improper disclosures. Congress must modernize the Privacy Act, narrow its exceptions, and enact more robust enforcement mechanisms. It should also require the administration to reinstate DHS’s gutted oversight offices and significantly strengthen their influence and oversight functions.

In the meantime, states need not wait for Congress to act. They can protect their residents by enacting privacy protections that limit the flow of information among commercial and government entities. Privacy legislation in California and Montana provides a strong starting point for enabling easy data-deletion requests and prohibiting state and local law enforcement from buying sensitive information from commercial entities. States and local governments can also enact stronger protections to prohibit the federal use of state and local resources to expand the administration’s data holdings, such as by shielding information about residents from access by the federal government.

With thanks to Nasser Eledroos for the visualizations in this piece.