Protesters opposing ICE's mass deportation operations are increasingly turning to data leaks and homegrown surveillance tools.
Why it matters: The latest wave of U.S.-based hacktivism — where hackers launch attacks to make a political statement, rather than to make money or steal state secrets — reflects a more strategic, cohesive embrace of digital tools.
Driving the news: Someone leaked a trove of sensitive information about approximately 4,500 ICE and Border Patrol employees, including 2,000 frontline enforcement agents, to the site ICE List last week.
- The trove appears to be the largest known breach of Department of Homeland Security staff data. It follows the killing of Renee Good in Minneapolis.
- "It is a sign that people aren't happy within the U.S. government, clearly," ICE List founder Dominick Skinner told the Daily Beast.
- Homeland Security Secretary Kristi Noem and other officials have condemned the "doxing" of agents and threatened to prosecute offenders.
The big picture: This form of strategic hacktivism has been more common overseas in recent years, particularly during uprisings, invasions and geopolitical conflicts.
- Think of hackers taking sides in the war in Gaza, or Ukraine mobilizing local hackers at the start of Russia's invasion.
The intrigue: Sensitive data and surveillance have become central to the battle between ICE and those protesting its operations.
- DHS directed much of its $75 billion cash infusion from President Trump's One Big Beautiful Bill Act toward new surveillance contracts, including those with Israeli spyware vendors and Palantir to track potential targets for deportation.
- U.S. activists have increasingly weaponized leaked data and built counter-surveillance tools since 2020, when the Black Lives Matter protest hit a fever pitch, Cooper Quintin, security researcher and senior public interest technologist at the Electronic Frontier Foundation, told Axios.
Zoom in: Hackers and digital activists have targeted the wide array of surveillance tools ICE uses in its mass deportation efforts.
- Protesters have built tools to map Flock Safety cameras, flag Bluetooth signals from law enforcement surveillance devices, and report ICE raid locations.
- One YouTuber found a flaw in Flock cameras that allowed anyone to access the internal interface controlling the live surveillance feed.
- The Com, a loose-knit hacker community behind a wave of major data breaches, leaked the personal information of hundreds of DHS and ICE officials in October.
Flashback: These efforts are far more controlled, strategic and quiet than the U.S. is used to seeing from hacktivists, Quintin noted.
- Anonymous, the hacking collective known for attacking major companies, governments and religious organizations, leaned on louder tactics — like boasting about its work on YouTube and Twitter — than today's digital protesters.
What to watch: The litigation threats to hackers and other activists chronicling ICE's actions online are very real.
- ICE has been pushing courts to give it "unlimited subpoena authority" to force social media companies to identify people running anonymous accounts tracking and monitoring the agency's work.
- Three women were indicted in September for allegedly following an ICE agent to their home, livestreaming the encounter, and posting the agent's home address on Instagram.
Go deeper: "We will be ungovernable": Resistance 2.0 pivots to disruption
