ICE Arrogates the Right to Scan the Face of Any US Resident, at Any Time, for Any Reason
Posted on November 6, 2025
A new article from 404 Media reports that Immigration and Customs Enforcement (ICE) has deployed a new mobile application to agents’ devices which allows them to subject anyone they encounter to facial recognition. Shockingly, the piece cites an internal DHS document which stipulates that ICE agents have legal dispensation to compel anyone they have dealings with to be photographed for the app for facial recognition analysis.
In the piece, Joseph Cox, a veteran digital privacy reporter profiles the “Mobile Fortify” immigration enforcement application, its capabilities, and the policies that govern its use. The application was initially developed by Customs and Border Protection (CBP) to scan the faces and fingerprints of detained individuals to determine their US immigrations status. Since then, CBP has extended it to ICE for its own use.
Practically all of what Cox revealed about Mobile Fortify comes from an internal DHS privacy assessment document, known as a Privacy Threshold Analysis (PTA). Ratified within DHS in May, and obtained by Cox via FOIA request, the document plainly states that subjects of a face scan have no legal right to refuse. This pertains even to US citizens, and the document issues no particular guidance how agents should proceed in such cases.
Photos submitted to the application are queried against numerous DHS databases. Of these, the most notable is CBP‘s Traveler Verification Service, which is responsible for facilitating the facial recognition of all passengers flying into or out of the US. Photos submitted for analysis are retained for no less than 15 years, irrespective of whether or not the subject was subsequently detained or charged, and regardless of the subject’s citizenship status.
As such, Mobile Fortify affords ICE the formidable capacity to identify anyone, assuming their photo is present in a federal government database the app can tap into. It is hard to know how many photos these databases contain in aggregate, but as CCDBR has often noted, the FBI alone has hundreds of millions of face photos, many of which are submitted from state driver’s license records. Thus, in practice, this means that federal agents may well have the means to identify anyone at any time.
Closer review of the document unearths more details on the Mobile Fortify’s deployment, as well as on what elements DHS considers as part of their formal privacy reviews. The form’s respondent does specifically maintain that app data is not transmitted to any entities outside DHS. Given how notoriously national security peruse one another’s data, this claim merits much skepticism. What is most telling, though, is the criteria for screening a subject for facial recognition analysis. The document notes only an agent’s “encounter” with a subject as sufficient grounds for the agent to gather the subject’s biometric information via the app. No legal definition of “encounter” is supplied in the PTA document. In the context of state and local law enforcement, officers traditionally detained an individual before collecting biometric identifiers such as fingerprints. Whatever the legal scope of “encounter” may be, it is clearly distinct from that of “detention”.
ICE’s insistence that it may coerce anyone who crosses an agent’s path to submit to facial recognition begs the question: on what legal basis does DHS assert this authority? This is not explicated anywhere in the document. However, legal precedent does exist that DHS could readily point to upon challenge. First, according to the Immigration and Nationality Act, immigration agents are empowered to stop anyone they suspect may be a deportable alien. It is not obvious whether this extends to ICE “encounters”. Second, case law has established that those in public have no “reasonable expectation of privacy”. Just as those captured in photos taken in a public place have no legal recourse, law enforcement has availed itself of this pretext for deploying sprawling camera networks. It is simply an unhappy accident that photos of one’s face constitute vital biometric data.
If these two arguments are insufficiently persuasive, a fallback position is that most of the US population is located within a “border zone” in which there is no expectation of privacy. This has traditionally been applied to international airports, ports of entry, and the US land border with Mexico and Canada. But this legal distinction may be leveraged as the expediency of government policy demands.
With the application’s genesis in CBP, Mobile Fortify is yet another instance where immigration enforcement at the US Southern border is used as a test bed for the rest of the country. This area is also where domestic drone surveillance was first piloted, a practice which may soon be commonplace in American cities. It is also just one more of a myriad ways in which the ideal of personal privacy which animates the Fourth Amendment is being eroded. That it may not directly contravene the Fourth Amendment does not mean that civil liberties ought to concede security against omnipresent facial recognition. The emergence of the DHS’s internal records into the public sphere allows defenders of American liberty to tailor their court battles.
It also serves as a cue to constituents to exert their influence on their elected representatives. Congress has the means to legislate restrictions on this otherwise uninhibited employment of facial recognition technology by federal law enforcement. With the right framing, perhaps every political faction can be prompted to imagine the ills that would stem from their foes wielding such a potent and invasive tool as coercive facial recognition, and thus be motivated to prevent its proliferation at this still-early juncture.
You can read the full piece from 404 Media here.
