Privacy and Data Protection Failures in Digital Immigration Systems
Civil society groups have called on the UK's Information Commissioner's Office (ICO) to investigate the Home Office's digital-only eVisa scheme, citing systemic data errors and design flaws that have led to breaches of sensitive personal information and left migrants unable to prove their lawful status. The complaints highlight operational failures, such as the wrongful disclosure of personal data and the lack of effective support for users locked out of their accounts, raising concerns about the scheme's compliance with GDPR and its impact on vulnerable populations who may be digitally excluded.
Separately, the US State Department has implemented a policy requiring H-1B visa applicants and their dependents to make their social media profiles public before consular interviews, exposing them to significant privacy and security risks. This move, intended to facilitate online presence reviews for national security vetting, affects hundreds of thousands of skilled workers and their families, many of whom are employed in sensitive industries. Critics warn that this forced digital exposure increases the risk of doxxing, surveillance, and exploitation by malicious actors, while also raising broader concerns about the erosion of privacy rights for immigrants.
Sources
Related Stories
EU Digital Omnibus Proposals Face Privacy Watchdog Backlash Over GDPR Changes
European privacy watchdogs and digital rights advocates are pushing back against the European Commission’s proposed **“Digital Omnibus”** package, arguing that amendments billed as regulatory “streamlining” could **weaken EU privacy protections** and erode fundamental rights. Reported concerns focus on proposed changes to the **GDPR**, including narrowing the definition of **personal data** so that not all data that could potentially be linked to an identifiable person would qualify, alongside other adjustments intended to reduce compliance friction (e.g., reducing cookie banner requirements in some cases and simplifying multi-law breach notification processes). Separately, UK officials told Parliament that **legacy IT** is impeding implementation of technical controls meant to prevent repeats of the Ministry of Defence’s highly sensitive Afghan data exposure, where roughly **19,000** resettlement applicants’ details were compromised via a **CC instead of BCC** email error. The government’s Information Security Review recommended shifting cross-government information sharing away from email/attachments and toward source-based sharing, but ministers and the chief data officer cited departmental system fragmentation as a barrier to rolling out attachment-blocking and safer data-transfer mechanisms at scale.
1 months ago
Government Digital Identity Initiatives Expand via Mobile Wallets and Biometrics
UK and US government agencies are expanding digital identity programs, but with uneven adoption and growing scrutiny. In the UK, the Government Digital Service reported that just over **15,000** veterans have applied for a digital veterans ID since its October launch—under **1%** of the roughly **1.8 million** eligible former service members—highlighting slow uptake and limited utility compared with the physical Veteran Card. The digital credential is stored in the *GOV.UK One Login* app (planned to be rebranded as the *GOV.UK Wallet*), and currently has constrained use cases, including not being accepted as photo ID for domestic flights or for some veteran benefits, and not yet being usable online. In the US, Customs and Border Protection and the Transportation Security Administration are accelerating deployment of **facial biometric** identity verification for travelers, with CBP requiring biometric verification for **all non-citizens** entering or leaving the US (with US citizens able to opt out for manual checks). Officials described facial biometrics as foundational to vetting and border security operations, while lawmakers and civil society groups continue to raise privacy and civil-rights concerns; TSA’s use of facial recognition has also drawn oversight attention, including a Department of Homeland Security watchdog investigation. Together, the developments reflect a broader shift toward mobile and biometric identity systems, alongside adoption, usability, and governance challenges.
1 months agoLegal and Policy Actions Targeting Social Media Use in US Immigration Enforcement
Lawyers from the Electronic Frontier Foundation (EFF) are representing three US labor unions in a lawsuit against the Trump administration, challenging a social media surveillance program that they argue infringes on First Amendment rights. The unions claim that the program, which requires nearly all US visa applicants to disclose all social media handles used in the past five years, has had a chilling effect on free speech and union engagement. This policy, implemented under the Trump administration but proposed during the Obama era, also mandates that noncitizens on F, M, and J visas make their social media accounts publicly viewable. The surveillance initiative, known as "Catch and Revoke," is a collaborative effort between the Department of Homeland Security, the State Department, and the Department of Justice, and uses AI to monitor visa holders' social media for expressions of support for Hamas, Palestine, or antisemitism. Individuals found to express views deemed anti-American or non-conforming risk having their visas or immigration benefits revoked. In a related legal development, a federal court in Massachusetts ruled that the executive orders underpinning these surveillance measures were unconstitutional, temporarily halting enforcement actions based on social media activity. The government is expected to appeal this decision. Separately, the Trump administration has been accused of pressuring Facebook to remove a large group page used to track and publicize the locations of ICE agents in Chicago. The Department of Justice contacted Meta after reports that the group, which had over 84,000 members, was being used to dox ICE agents, leading Facebook to remove the group for violating its policies against coordinated harm. Attorney General Pam Bondi stated that the DOJ would continue to work with tech companies to eliminate platforms that could incite violence against federal law enforcement. The White House has claimed a dramatic increase in attacks on ICE officers, though independent reporting has found no public evidence to support the scale of these claims. Meta, Facebook's parent company, confirmed the removal of the group but did not specify the exact policy violation. The actions taken by both the government and social media platforms highlight the intersection of immigration enforcement, online speech, and civil liberties. These developments have raised concerns among advocacy groups about the potential for overreach and the suppression of lawful dissent. The ongoing legal battles and policy debates underscore the contentious nature of social media monitoring in the context of US immigration and law enforcement. Both the surveillance program and the removal of online groups reflect broader efforts by the Trump administration to control narratives and activities related to immigration on digital platforms. The outcomes of these legal and policy actions are likely to have significant implications for privacy, free expression, and the rights of both citizens and noncitizens in the United States.
5 months ago