Tag: PRIVACY

The U.S. Border Patrol has quietly built a nationwide vehicle tracking system that functions much like location surveillance but without ever touching a car’s GPS, an AP investigation first revealed last week. It coincides with the disclosure that Immigration and Customs Enforcement has equipped agents with a mobile app that is capable of scanning a license plate and instantly pulling up a vehicle’s travel history, ownership records, and associated personal data.

Together, these developments show that the Department of Homeland Security’s (DHS) enforcement components are converging on a shared surveillance architecture that reaches deep into the driving habits of millions of Americans and far beyond the geographic limits Congress once assumed governed border operations.

“This isn’t national security. It’s dragnet surveillance masquerading as border enforcement,” said Change.org. “This is unconstitutional, unregulated, and unsafe. Mass surveillance of innocent Americans isn’t the solution to anything – it’s the problem.”

Through a combination of automated license plate reader (APLR) cameras, commercial surveillance vendors, predictive analytics, and partnerships with state and local police, Border Patrol has created a program that is capable of mapping how Americans drive with a degree of precision that closely resembles GPS-level tracking.

The system identifies drivers who travel rural back-country roads, avoid checkpoints, use rental cars, make short turnaround trips near border regions, repeatedly appear in known smuggling corridors, drive through certain choke points at night, or otherwise fit the algorithmic profile of what the agency deems to be “suspicious travel.”

This classification is not limited to the borderlands. The system has spread across the interior of the United States, reaching cities like Chicago, Detroit, and Phoenix, in counties and neighborhoods that have no obvious connection to U.S. borders or a land port of entry.

The backbone of the system is a vast network of automated license plate readers using fixed cameras on poles, mobile units mounted on law enforcement vehicles, and covert devices hidden along remote roads.

Each camera captures the license plate number, time, date, and the GPS coordinates of the camera itself. Some devices also capture an image of the driver’s face.

Over the past decade, these cameras have expanded beyond interstates and ports of entry to include rural county roads, farm-to-market routes, outlying state highways and arterial roads, cross-border ranch roads, private subdivisions, HOA gates, commercial parking lots, and small-town intersections that once fell outside traditional surveillance grids.

Many of these cameras were not installed by Border Patrol but were placed by local police departments, county sheriffs, homeowner associations, and private entities using systems sold by Flock Safety, Vigilant Solutions, and Rekor Systems.

Through federal grants, especially the DHS Operation Stonegarden (OPSG) program, local agencies acquired the cameras, while the resulting data quietly flowed back into regional and national surveillance networks that Border Patrol later gained access to.

Operation Stonegarden is a grant program that funds state, local, and tribal law enforcement agencies in designated border states to support “enhanced border security operations.”

Administered by the Federal Emergency Management Agency under the Homeland Security Grant Program, Stonegarden provides money for overtime, equipment, vehicles, surveillance technology, and intelligence-sharing activities intended to assist Border Patrol along the northern and southern borders.

Although framed as a border security support program, Stonegarden has effectively helped local agencies acquire tools such as ALPR cameras, drones, and tactical equipment that later feed data and operational support into federal immigration enforcement, often extending DHS surveillance capabilities far beyond the physical border.

Once a license plate is imaged, the scan is fed into Customs and Border Protection’s (CBP) Conveyance Monitoring and Predictive Recognition System (CMPRS), which analyzes the data to identify travel patterns associated with smuggling or other border-related crimes.

Though CMPRS doesn’t appear to have been the subject of a standalone public directive, manual, or privacy assessment, it does appear throughout DHS budget justifications, privacy filings, and other documents located by Biometric Update.

It first appeared in CBP congressional budget materials, where the agency described it as a platform that collects license plate images, compares them against hot lists, and analyzes the resulting data to detect travel patterns associated with border crime.

CBP’s FY 2022 budget documents reference CMPRS as a funded program line, and internal DHS award write ups describe it as a “vital tool” supporting Border Patrol’s targeting and interdiction operations.

A 2024 CBP budget justification document – under the heading, “Border Security Assets and Infrastructure” – states that CMPRS uses license-plate imagery to identify patterns “indicative of illegal border-related activities.”

The White House acknowledged the system more directly in July 2024, when the Office of National Drug Control Policy honored the “CMPRS Team,” housed within CBP’s Land Border Integration Division, for developing an intelligence targeting system that identifies vehicle plates, boat hull numbers, and aircraft tail numbers using high-speed cameras deployed on trailers, vehicles, and at marinas and airports.

In August, 2024, SAIC congratulated CBP’s CMPRS Team for having been “selected as a winner of the 2023 United States Interdiction Coordinator Awards in the emerging threat category.”

Although CMPRS does not have its own privacy impact assessment, the data environment it depends on is governed by DHS’s License Plate Reader Technology assessments from 2017 and 2020, which authorize CBP’s use of fixed, mobile, and covert license-plate readers as well as access to commercial ALPR vendors.

These documents make clear that Border Patrol is permitted to place temporary covert cameras along smuggling routes, feed plate data into internal analytic tools, and share information with other agencies.

What the PIAs do not specify is how CMPRS analyzes the data, how long commercial vendors retain the underlying imagery, or how much historical information CBP can retrieve through third-party systems. ‘

Because CMPRS is built on top of this infrastructure rather than existing as a standalone system, its rules are defined mainly through these indirect disclosures.

Together, these documents reveal a system that operates with substantial federal investment and executive branch recognition yet remains largely undocumented in public facing policy.

Border Patrol intelligence units are now able to reconstruct a driver’s routes based on where the vehicle was scanned and the sequence of those hits, converting a series of time-stamped scans into a behavioral map of the driver’s movements.

CBP publicly claims that this system merely augments traditional investigative practices, but in reality it functions as a nationwide pattern-of-life tool that shows which roads Americans take, how often they take them, and how their choices compare to a library of pre-modeled indicators of suspicious behavior.

Many Americans assume Border Patrol must have access to a car’s GPS to know when a driver uses a remote route. The agency does not. ALPR placement density creates the effect of continuous location monitoring.

If Camera A on a state highway captures a plate at 1:04 p.m., Camera B on a gravel road captures it at 1:23 p.m., and Camera C on a different rural road sees it minutes later, the algorithm can infer the route with remarkable accuracy.

The system works even if the roads are unpaved. Over days or weeks, these sequences produce a pattern-of-life model that flags drivers who consistently take roads traditionally associated with smuggling or who travel through certain areas at certain times.

The ALPR system approximates GPS-level detail through camera placement alone, creating a form of location surveillance built not on telematics but on geographic coverage.

These same ALPR hits also reveal whether a vehicle is a rental. Rental cars are identified not through onboard electronics but through basic vehicle registration data.

When a plate is scanned, the system automatically queries DMV databases, the National Law Enforcement Telecommunications System, National Crime Information Center, and commercial ownership records which identify the registered owner.

Vehicles owned by Hertz, Avis, Enterprise, Budget, and other car rental companies are immediately identifiable because they are registered in bulk to corporate entities. ALPR vendors incorporate this information directly into their systems, automatically tagging plates as rental fleets or lease vehicles.

This allows Border Patrol to flag vehicles for “rental usage” without accessing onboard GPS, telematics, OnStar, or any proprietary vehicle systems.

The behaviors flagged by the system often lead to what are known as “whisper stops.” In these scenarios, Border Patrol passes a referral to local law enforcement, which then conducts a traffic stop based on a pretextual violation like a rolling stop, a failure to signal, a cracked windshield, window tint, or a dangling air freshener.

Drivers are almost never informed that the stop originated from a federal surveillance system that had analyzed weeks or months of their travel history.

Local law enforcement officers frequently do not know the underlying basis for the referral, and they may prolong the stop, question the driver about immigration status or travel purpose, search the vehicle if possible, or summon Border Patrol agents to the scene.

Because the official stop appears to be based on a traffic infraction, defendants and courts often never learn that a federal algorithm triggered the encounter.

The legality of this program is deeply unsettled. Border Patrol’s authority originates in the Immigration and Nationality Act, which grants the agency broad powers to police border-related crime and allows certain warrantless searches within 100 miles of the border. But this program now extends hundreds or thousands of miles into the interior.

When questioned by reporters about the geographical scope of its operations, CBP asserted that Border Patrol is “legally allowed to operate anywhere in the United States” that it wants, a sweeping interpretation that appears to depart from longstanding understandings of border enforcement authority.

A July Congressional Research Service report underscored the absence of a federal statute governing ALPR-based mass tracking. Courts have not yet resolved whether the Supreme Court’s modern location-privacy precedents, including limitations on warrantless cell-site monitoring, apply to the aggregation of ALPR-derived travel data.

And because many stops are pretextual and the underlying data is concealed, courts rarely have the opportunity to evaluate the legality of the system. Whisper stops resemble the “parallel construction” controversies that once embroiled the Drug Enforcement Administration, raising questions about whether law enforcement can conceal the true investigative origins of a stop while still relying on its fruits.

Even DHS’s own disclosures do not clarify the full scope of the program. Privacy impact assessments acknowledge the use of covert ALPR cameras and confirm that license-plate data can be used to generate investigative leads, but they do not detail how long vendors retain data, how those vendors use the data independently, or how much historical information Border Patrol can access through third-party networks.

Flock Safety automatically deletes most non-hit data after 30 days unless agencies contract for longer retention, while Vigilant Solutions is known to retain plate data for extended periods depending on customer agreements.

CBP’s retention rules apply only to CBP-owned systems, not to the commercial networks CBP queries. The result is a loophole that gives the agency access to historical data far older than the limits imposed on its own systems.