Comment on DHS Records Modification

November 28, 2025

We received notice from Restore the Fourth about a comment period on a DHS change to the agency’s record system. Disturbingly, they have already made the change, but now are asking for retroactive approval. Sorry, no approval from us!

There are just 3 days left to comment, so have your say at this link.

Here is the text of Restore the Fourth’s e-mail announcing the comment period, which I sadly did not notice days ago when it was sent:

US Citizenship and Immigration Services (“USCIS”), for the first time, has begun pooling data from DHS, the Social Security Administration, the IRS and state voter rolls, to generate a list of US citizens in its “Systematic Alien Verification for Entitlements (SAVE)” database.

They have begun doing this without notifying the American public of this change in practice, and without offering an opportunity before they began for people to comment, violating the National Privacy Act of 1974. That Act, responding to Watergate, intentionally siloed federal datasets, preventing different federal agencies from sharing data except in very specific cases where justification and notification of the subject of the “investigation” is required.

Without that siloing, the government can go fishing across all of government to find anything that a pre-selected person has done wrong; and doing that violates the Fourth Amendment.

What USCIS is doing now is asking for public comment on these changes that have already happened, in order to get some sort of retrospective blessing and insulate themselves from legal challenges. We don’t bless it. We urge you to write comments objecting to it.

Below is the Restore the Fourth suggested e-mail with a list of talking points; use one or more, paraphrase, or write your own comment:
  • I oppose the change that DHS/USCIS has implemented to the US Citizenship and Immigration Service’s (USCIS’) Systematic Alien Verification for Entitlements (SAVE) database. Pooling data from DHS, the Social Security Administration, the Internal Revenue Service (IRS), and state voter data and other sources violates the National Data Privacy Act of 1974. The fact that DHS/USCIS is belatedly asking for comment about the changes that it has already implemented by accessing data from other federal agency databases in order to gather additional information on immigrants in violation of the National Data Privacy Act is deeply troubling because many Americans would have opposed this change had they been consulted ahead of the change, as the Act requires.
  • The National Privacy Act of 1974 created silos in order to prevent different federal agencies from sharing data except in very specific cases, and in those cases justification and notification of the subject of the “investigation” is required. Enacted in the aftermath of Watergate, the National Privacy Act was designed to protect Americans from investigations where the government is fishing for evidence that someone has committed a crime with no predicate based on probable cause that they have done anything criminal. Access by any agency to another agency’s data without probable cause to see specific data on a suspect is illegal in order to protect all of us, regardless of our political party or our immigration status. Every resident of the U.S. is entitled to the protections enshrined by the Fourth Amendment of our Constitution.
  • The legal justification provided by DHS in its SORN for its merger of federal databases is a 1999 opinion in which the Department of Justice limited the kinds of restrictions agencies could put on sharing data with law enforcement. It provides for the lawful disclosure of citizenship- or immigration-related information, but it does not grant the Social Security Administration the authority to disclose information without adhering to the requirements of the Privacy Act. 
  • The repurposing of data from different agencies is also dangerous because different people’s records may be incorrectly linked together because of a name misspelling or even a failure to update a name change.
  • DHS/ICIS has implemented additional changes to normal practices as part of its consolidation. Until recently there was no way to deactivate a person’s Social Security number and prevent them from receiving benefits unless there was documentation of their death. Under SAVE, DHS now uses a special indicator code to flag what it considers questionable data or special circumstances concerning an application for an SSN. This allows DHS, without any form of review, to terminate someone’s Social Security benefit. In one case earlier this year when the Social Security Administration under DOGE accidentally declared an 82-year-old man dead (see https://www.livenowfox.com/news/seattle-man-social-security-error), he lost his Social Security benefits, Medicare coverage, and even access to his bank fund. Since in the system being implemented by DHS there will be challenges in matching up names across various databases, the risk of accidental terminations of benefits is heightened.
  • In 2023, a lawyer from the Social Security Administration wrote to the Fair Elections Center that “while SSA records provide an indication of citizenship, they do not provide definitive information on U.S. citizenship,” so it is very concerning that SSA data can now be used to eliminate Americans from voter rolls without further verification.
  • Until now, undocumented Immigrants who lawfully paid federal taxes on their earnings using an Individual taxpayer identification number (ITIN) were promised that their personal information would remain confidential. DHS access to the IRS database completely undermines this protection, making it much less likely that they will file. This reduces government revenue and will result in increased taxes for the rest of us.
  • We are seeing more frequent and broader hacking operations affecting federal agencies by foreign states and other actors (see https://www.justice.gov/opa/pr/justice-department-charges-12-chinese-contract-hackers-and-law-enforcement-officers-global and https://www.reuters.com/technology/cybersecurity/us-treasurys-workstations-hacked-cyberattack-by-china-afp-reports-2024-12-30/ and https://oversight.house.gov/wp-content/uploads/2016/09/The-OPM-Data-Breach-How-the-Government-Jeopardized-Our-National-Security-for-More-than-a-Generation.pdf). By combining databases as DHS/USCIS is doing, hundreds of millions of Americans’ data may be compromised by hackers.
  • For all of these reasons, I ask DHS/USCIS to terminate the changes to the SAVE program.

Leave a Comment » | regulation | Tagged: , , , , , , , , , , , , , , , | Permalink
Posted by sallijane

USA Liberty Act Would Compromise Privacy

November 10, 2017

As Congress debates the “USA Liberty Act”, it is important to consider the implications for warrantless, back-door searches. The following information comes from the Brennan Center (https://www.brennancenter.org/blog/congress-cant-compromise-privacy); the entire article is worth reading to fully understand the importance of this issue and Section 702.

[T]he problem with the USA Liberty Act’s solution is not simply that it does not go far enough. In two key respects, it actually represents a step backward.

First, it would put Congress’s stamp of approval on backdoor searches. As it stands, Section 702 does not expressly authorize agencies to search for Americans’ communications. Indeed, the practice seems inconsistent with the law’s prohibition on targeting Americans, not to mention its requirement that the government minimize the retention and use of Americans’ communications. By codifying backdoor searches for foreign intelligence purposes, the USA Liberty Act would make the law worse, even if it improved on the government’s actual practice.

Even more worrisome, the USA Liberty approach would introduce a new and dangerous principle into the law: the notion that Americans have lesser rights when the government is acting with a “foreign intelligence” purpose. Currently, if the government wants to target an American directly for surveillance, it must obtain a warrant regardless of its motive. In criminal cases, the government typically obtains the warrant from a magistrate judge, while in foreign intelligence investigations, it applies to a special court known as the FISA Court. In both cases, however, the government must show probable cause of illicit activity.

There is no principled basis for lowering the standard of protection in foreign intelligence cases and allowing the government to access through the back door what it could not obtain through the front.

Leave a Comment » | Getting FISA right, regulation, Section 702, updates | Permalink
Posted by sallijane

GPS Privacy Legislation after the PATRIOT Act

November 26, 2016

This post is more a request for information than a provision of same.

I was discussing cell-phone privacy, and a friend mentioned that since the World Trade Center attacks all cell phones have GPS location devices that are trackable even when off.  I was not sure of the accuracy of that statement (though we all know that the so-called PATRIOT Act was a vast overreaction and overreach), so I went hunting for current law.

I did not find much; I did find a government site from 2014 that had a link to a page about pending legislation; that page was updated 2 months ago (28 Oct. 2016).  Here is the link:
http://www.gps.gov/policy/legislation/gps-act/

The original page (www.gps.gov/policy) also had information on the 2012 Jones decision and on lower-court rulings, including one that required a warrant for GPS-based vehicle trackers (later vacated and to be reheard, according to the site today [26 Nov. 2016]).

I think we have some work to do, between all the other ball-juggling that is happening: Electoral College, vote recounts, proposals for mass registration and deportations, Dakota Access water-protector repression, racist appointments, etc.  Already, many folks are talking about the need for encrypting e-mails and phone conversations/messages—is that actually useful, or just an illusion because Internet Service Providers give everything to the government, anyway?

1 Comment | regulation, technology | Tagged: , , , , | Permalink
Posted by sallijane

FCC’s Net Neutrality Regulations Survive Challenge

June 14, 2016

A panel of judges ruled today to uphold the FCC’s Net Neutrality rules—which prohibit blocking legal content or throttling based on type, as well as disallowing the so-called “fast lanes” for preferred content. Although the rules do not include mobile services that do not include streaming that does not count against a user’s data cap, they nonetheless protect the basic concept of an Internet that “plays fair”, allowing users free choice of the legal content they choose without artificial, marketing-based restrictions. Score one for us! (and keep watching in case we need to defend this further)

Leave a Comment » | news, regulation, technology, updates | Tagged: , , | Permalink
Posted by sallijane