ICE is Using WhatsApp Metadata to Track Suspect Networks, Court Order Reveals

The U.S. Immigration and Customs Enforcement (ICE) has been using WhatsApp as a tool for surveillance. According to a recently declassified court order, the Homeland Security Investigations (HSI) division obtained authorization to track the contacts of suspects through metadata from the messaging platform — without accessing the content of their conversations. This strategy enables the agency to identify entire networks of individuals involved in illicit activities by analyzing only the timing and recipients of messages.

In one case detailed in the order, HSI, under the Biden administration in 2024, was granted authorization to deploy a pen register — a system for collecting communication metadata — on the account of a Guatemalan national suspected of selling forged documents. Although the contents of WhatsApp messages remain encrypted, ICE could still see who the suspect communicated with and when. By cross-referencing the phone numbers in her contacts with multiple databases, an agent was able to identify most of her interlocutors. One of them turned out to be another seller of counterfeit IDs, who was subsequently arrested and charged. Authorities now intend to trace the buyers of these documents to locate additional undocumented migrants residing in the United States.

The order also permitted the government to unlock a seized phone using biometric methods, such as fingerprint or facial recognition. Such measures have alarmed civil liberties advocates, who argue that these warrants circumvent the traditional requirement of demonstrating “probable cause,” allowing authorities to collect data in an excessively broad and intrusive manner. Court filings reveal that hundreds of similar warrants have been issued across various U.S. states this year, most of which remain classified.

At the core of this surveillance infrastructure lies PenLink, a Nebraska-based company founded by entrepreneur Mike Moorman. PenLink supplies ICE and the FBI with tools for creating pen registers and analyzing data from social networks. Under a $25 million federal contract, the company provides ICE with systems capable of monitoring and analyzing voice, text, and web communications, including interactions on platforms like Facebook, which were previously off-limits for such operations.

A Forbes investigation emphasizes that these practices form part of a broader digital surveillance framework in the United States — one in which technologies originally designed to combat crime are steadily transforming into instruments of mass monitoring and control.

Support Our Threat Intelligence

If you find our technology report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee PayPal Crypto

USDT (TRC20):

TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm Copy

USDT (ERC20):

0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce Copy