Over 11 million undocumented immigrants live in the United States today. Immediately after taking office, the Trump administration issued two executive orders pumping resources into border and immigration enforcement agencies, heightening fears of deportation, harassment, and family separation among immigrant communities. In the following months reports emerged of increased immigration enforcement activity and hints about the deployment of new high-tech methods by the immigration enforcement agency. I will discuss the current state of immigration enforcement in the US and associated surveillance capabilities, the results of a study with undocumented immigrants about their technology practices, and the takeaways for the technology and privacy community in supporting communities of heightened risk.
In this talk, I will first discuss the current state of immigration enforcement in the United States, including recent immigration policy changes, known surveillance capabilities of enforcement agencies, and recent efforts by these agencies that hint at an expansion of technical sophistication. I will then discuss lessons and insights from a series of interviews we conducted with undocumented immigrants and immigrant rights organizations about this community’s technology practices, risk awareness, and security and privacy behavior online. We find that in the face of acute risk of detention, harassment, and deportation, this community is well-versed in managing risks offline. Their most common strategies for managing risk online—self-censorship and controlling access to spaces—are largely the same techniques used in the physical world. However, the immigrants we interviewed are extremely uncertain about the effectiveness of their defenses against adversaries online, which are typically conceptualized as nebulous and all-knowing.
We find that managing privacy and immigration status disclosure, a responsibility that rests not only with individuals but in communities, is more complex online. This is in part due to a diminishing sense of control online over where and how information is exposed. Furthermore, this community places a surprising amount of trust in the platforms that host their community spaces, which exposes a potentially dangerous gap in understanding about information collection and use by companies. Based on our findings, I will discuss what technologists, security tool developers, and activists should be aware of in order to more effectively support communities of heightened risk in protecting themselves online.