B ∙ R ∙ A I ∙ N

U.S. Reps. Michael McCaul and Henry Cuellar, both from Texas, reintroduced the BITMAP Authorization Act, a bipartisan bill that would formally establish the Biometric Identification Transnational Migration Alert Program (BITMAP) within the Department of Homeland Security (DHS).

The measure is designed to “push the border outward” by helping foreign partners identify high-risk travelers before they ever reach a U.S. port of entry, a goal McCaul framed as a way to stop traffickers, terrorists, and transnational gang members who may attempt to conceal their identities while moving along illicit migration routes.

Established in 2011, BITMAP is a Department of Homeland Security/ Immigration and Customs Enforcement (ICE) initiative that trains foreign partners to collect biometric and biographic data from special interest aliens, criminals, and known/suspected terrorists at foreign borders. It aims to identify and track threats before they reach the U.S. border.

HSI agents train foreign law enforcement partners to collect biometric data which is then uploaded into U.S. systems.

“Bad actors like traffickers, terrorists, and transnational gang members may lie about their identity in an attempt to enter our country undetected, but they can’t fake biometrics,” McCaul said in a statement. “The successful BITMAP program empowers our regional partners to identify and stop these individuals long before they reach our borders.”

The bill does more than simply “authorize” BITMAP. It would amend the Homeland Security Act of 2002 to formally create a new Section 448 establishing the program inside DHS, with Immigration and Customs Enforcement (ICE) specifically named as the operational lead, acting in consultation with the State Department and the Director of National Intelligence to facilitate the voluntary sharing of biometric and biographic information collected from foreign nationals.

In practical terms, the legislation would authorize DHS to provide partner countries with equipment, training, and operational support so they can collect biometric and biographic data from people moving through illegal travel pathways.

It would also let those partner governments compare that information against a range of U.S. databases, including DHS’s Automated Biometric Identification System system (IDENT) or its successor, the Federal Bureau of Investigation’s (FBI) Terrorist Screening Database, the FBI’s Next Generation Identification database, the Defense Department’s Automated Biometric Identification System, and any other relevant systems designated by DHS in consultation with other federal agencies.

That framework shows that the bill is not just about collecting more data, but about connecting foreign screening operations directly to the U.S. government’s existing counterterrorism, immigration, and law enforcement watchlisting architecture.

In 2018, when McCaul first introduced legislation to permanently authorize BITMAP, the American Civil Liberties Union, Immigrant Legal Resource Center, National Immigration Law Center, and the National Immigration Project of the National Lawyers Guild opposed the effort.

“The House should not permanently authorize the BITMAP program with limited information, no information on whether DHS takes any steps to protect privacy, no studies regarding its efficacy, and no statutory privacy or transparency protections,” the groups said.

“This bill raises significant concerns regarding the sharing of information across foreign governments related to suspicion of terrorism, gang violence, and other so-called national security concerns with very little information as to how this information is used and retained,” the groups added.

The legislation also tries to put more structure around how BITMAP expands internationally. Before launching operations in a new foreign country, DHS would have to enter into an agreement or arrangement with that government in which it lays out the program’s goals, the training and best practices to be used, and the scope of operations in that country.

Within 60 days of such an agreement taking effect, the department would have to provide Congress with a copy and identify the partner country and the goals of the operation, a requirement that addresses Cuellar’s concern about the need for stronger congressional oversight of partner agreements and program outcomes.

Oversight is a major feature of the bill. Within 180 days of BITMAP being formally established, and annually for the next five years, DHS would have to submit reports to the House and Senate homeland security committees detailing strategic goals, operational plans, partner-country progress, budget information, staffing and equipment support, enrollment numbers, training provided, the redress process, and the program’s effectiveness.

DHS would have to report not just on strategy and effectiveness, but also budget sources, anticipated expenditures, personnel, equipment, infrastructure support by country, enrollment numbers, training guidance, and the redress process.

Congress would also get briefings on how many BITMAP-enrolled individuals were later apprehended at the border or in the U.S. interior, and how many filed asylum claims.

In addition, the Government Accountability Office would have to conduct an audit within six months of enactment and every three years thereafter.

The bill includes a privacy-related provision directed at U.S. citizens. It says the secretary of homeland security must ensure that any biometric or biographic data of U.S. citizens captured through BITMAP operations is expunged from all databases to which it was uploaded, unless the information is being retained for specific law enforcement or intelligence purposes.

When civil rights group opposed the similar 2018 legislation, they said the “program includes the sharing of extraordinarily sensitive information regarding individuals without warrant or analogous legal process … the legislation fails to include any privacy standards that DHS must follow with regards to the program,” like “what information can be collected, how long can it be stored, when can it be disseminated to other agencies, and can it be shared with foreign partners?”

The bill also includes a six-year sunset, meaning Congress would have to revisit the authority rather than allow it to continue indefinitely without review.

Politically, the proposal fits into a broader border security strategy that emphasizes intercepting potential threats well beyond U.S. territory by relying on foreign governments as early screening partners.

McCaul’s office previously described BITMAP in similar terms, saying it helps the United States work with international partners to identify bad actors before they reach the border.

In announcing their bill, McCaul and Cuellar made clear that the current bill is a reintroduction rather than a wholly new concept, suggesting lawmakers are again trying to convert an existing DHS operational program into a permanent, congressionally authorized part of the homeland security apparatus.