TL;DR: Over 70 House and Senate Democrats sent a letter to DHS Inspector General Joseph Cuffari on March 3, 2026, demanding an investigation into whether ICE is purchasing illegally obtained location data. This is separate from the March 5 congressional briefing deadline: they want an independent IG probe. The allegation: data brokers may be violating federal law when harvesting location data, and ICE knows it. Senator Ron Wyden called it "warrantless surveillance by credit card." ICE canceled a scheduled briefing with no explanation, prompting lawmakers to escalate. The IG already found DHS agencies violated federal law with data purchases in 2023. They might be doing it again.
The Letter
Senator Ron Wyden (D-OR) led 70+ lawmakers in a March 3, 2026 letter to DHS Inspector General Joseph Cuffari. Their demand: open a formal investigation into ICE's location data purchases.[1]
This isn't just another oversight request. They're asking whether ICE is knowingly buying data that was illegally harvested, a potential federal crime.
From the letter:
"Given DHS' failure to adopt a policy for the use of commercial data, coupled with ICE awar[ing] a no-bid contract to a shady data broker that is likely violating federal law..."
That "shady data broker" is PenLink. ICE signed a $2.3 million contract with them in September 2025 for Webloc location tracking software. No competitive bidding. No warrant requirements.
ICE Canceled. No Explanation.
Here's what pushed lawmakers to escalate.
Wyden's office requested a briefing with ICE about the PenLink contract. ICE scheduled it for February 10, 2026. On February 9 (one day before) ICE canceled.[2]
No explanation. No offer to reschedule.
The letter describes it as "stonewalling congressional oversight." When an agency ghosts Congress about surveillance contracts, investigators notice.
What They're Alleging
The lawmakers want the IG to investigate four things:[3]
- Whether ICE is purchasing illegally obtained location data (not just warrantless data, but data that was illegally harvested in the first place)
- How that data has been used (targeting immigrants, monitoring protests, building profiles)
- Whether audits of employee access occur (who's looking at this data and why)
- What policies govern data usage (spoiler: probably none)
The letter emphasizes that "location data is extremely sensitive, and can reveal someone's religion, their political views, medical conditions" and social connections.
We've Been Here Before
A 2023 IG report already found that CBP, Secret Service, and ICE violated federal law through warrantless data purchases.[4]
The violations included:
- Inadequate privacy policies
- Shared accounts (no individual accountability)
- Poor record maintenance
- No supervisory review
After that report, ICE supposedly ended certain data collection programs. Then they started again.
The September 2025 PenLink contract suggests ICE just waited for attention to fade before resuming purchases. The lawmakers' letter notes DHS never implemented the policy changes the IG recommended.
How This Differs from March 5
You might be thinking: didn't we already cover this? Yes and no.
On February 19, Rep. Shontel Brown led 12 House Democrats demanding a staff briefing from DHS by March 5. That's a congressional oversight request: lawmakers asking an agency to explain itself.
This March 3 letter is different:
- 70+ lawmakers vs. 12
- Senate and House vs. House only
- IG investigation request vs. briefing demand
- Allegations of illegality vs. questions about policy
An IG investigation has subpoena power. It can compel documents and testimony. It leads to official reports with findings. Congressional briefings are often exercises in vagueness.
Wyden's escalating. The question is whether Inspector General Cuffari acts.
Key Players
- Senator Ron Wyden (D-OR): leading the investigation, has been tracking government surveillance purchases for years
- Joseph Cuffari: DHS Inspector General, will decide whether to open investigation
- Secretary Kristi Noem: runs DHS, testified before Senate Judiciary on March 3 but dodged surveillance questions
- PenLink: Nebraska-based company selling Webloc phone tracking to ICE
Where the Data Comes From
The lawmakers reference multiple data streams flowing into ICE:
- Cell phone location data: harvested from apps, sold by brokers
- DMV databases: driver's licenses, registrations, photos
- IRS data: tax records, addresses
- CMS data: Centers for Medicare & Medicaid Services
- TSA data: travel records
The combination creates a profile government could never get with a warrant. But apparently doesn't need one.
What Happens Now
The IG can:
- Open an investigation: compel documents, interview officials, issue findings
- Decline: cite resource constraints or ongoing investigations
- Defer: wait for the March 5 deadline response first
Given the 2023 findings and ICE's cancellation of the February briefing, the pressure is mounting. Seventy lawmakers don't write letters unless they expect action.
Tomorrow is March 5, the separate deadline for DHS to brief Congress on PenLink. If DHS no-shows again, expect more escalation.
What You Can Do
Contact Your Senators
Ask if they signed Wyden's letter. If not, ask why not. Find contact info at senate.gov.
Remove Your Location Data
California's DELETE Act lets you request removal from data brokers. Use the DROP platform when it launches.
Disable Advertising ID
iPhone: Settings → Privacy → Tracking → Off
Android: Settings → Privacy → Ads → Delete advertising ID
Support Legal Challenges
EFF and ACLU are fighting the data broker loophole in court. Their cases could close it permanently.
References
- The Register - 70 US Lawmakers Demand Probe Into ICE's Data Purchases (March 2026)
- DocumentCloud - Wyden Led Letter to DHS OIG on ICE Purchase of Location Data (March 2026)
- FedScoop - DHS ICE Data Sharing and Warrantless Purchases (March 2026)
- Common Dreams - Democratic Lawmakers Demand Probe Into DHS Warrantless Location Tracking (March 2026)