This holiday travel season, it doesn’t matter if you’ve been naughty or nice: Immigration and Customs Enforcement (ICE) is tracking everyone’s travel.

Over Thanksgiving, ICE arrested and immediately deported a 19-year-old Dreamer flying home to surprise her family for the holiday.

Turns out that was only the start.

As the New York Times reporter Hamed Aleaziz broke today: The Transportation Security Administration is providing passenger lists to Immigration and Customs Enforcement to identify and detain travelers subject to deportation orders (gift link).

Needless to say, it’s not just targets for deportation flying this holiday season. With this arrangement, ICE now has access to the flight information of every traveler who flies through an American airport.

The implications of this extend far beyond immigration enforcement. This represents a fundamental shift in how sensitive data is handled and risks undermining Americans’ constitutional right to privacy. Information collected for one essential purpose (airport security screening) is being repurposed for another (surveillance) without the checks and balances that protect against abuse.

A pattern of evading oversight

The TSA-ICE data-sharing arrangement is part of a broader pattern by this administration to access the sensitive data of Americans without following established legal guardrails. ICE has sought millions of tax records from the Internal Revenue Service. The Department of Homeland Security (DHS) has offered to match state voter lists against unreliable Social Security records in a baseless hunt for illegal votes. The Department of Health and Human Services (HHS) is poking around in Medicaid records for information to send to DHS. And the Department of Agriculture is demanding states turn over to them five years’ worth of SNAP application data on millions of Americans.

In each case, agencies are leveraging data collected for legitimate governmental purposes — tax compliance, pensions, medical and food security benefits, and now airport security — and repurposing it for surveillance.

Privacy guardrails exist for a reason. When agencies can freely share data across purposes, it creates what privacy scholars call “function creep” — the gradual repurposing of data beyond the scope for which it was originally collected.

As the Times reported:

Airline passengers have long been subject to some federal scrutiny. Airlines typically provide passenger information to T.S.A. after a flight is reserved. That information is compared against national security databases, including the Terrorist Screening Dataset, which includes the names of individuals on a watch list of known or suspected terrorists.

But the T.S.A. previously did not get involved in domestic criminal or immigration matters, said one former agency official, who spoke on the condition of anonymity to discuss the issue freely.

How we got here: A Privacy Act loophole

Under normal circumstances, when one federal agency shares millions of sensitive records with another agency, the Privacy Act of 1974 requires public disclosure through a System of Records Notice detailing what information is being shared, how it will be used, and what protections govern the data.

However, because Congress merged both ICE and TSA into the DHS in 2002, they’re treated as a single “agency” under the Privacy Act. No public notice appears to have been filed for this data-sharing arrangement, despite its scope affecting millions of travelers.

This is not how data governance should work in a democracy. TSA collects highly sensitive information — passenger names, travel dates, itineraries, and potentially much more — for the specific, essential purpose of screening passengers for aviation security threats. That doesn’t mean it should become an unbounded surveillance program for whatever ICE deems worthy of investigation.

An end-run around the airlines

What makes this particularly concerning is that it appears to be a deliberate workaround.

Earlier this year, ICE was purchasing similar passenger data from the Airlines Reporting Corporation (ARC), a data consortium owned by major U.S. airlines. Customs and Border Protection (CBP) had bought this same data, although ARC made CBP agree not to reveal the source of its information(!). When members of Congress raised concerns and called on airlines to end these contracts, ARC indicated it would discontinue the data-sharing program by the end of 2025.

ICE’s deal with TSA circumvents that congressional accountability.

Rather than working through airlines and with Congress, ICE simply found another path to the same data — one with even less transparency.

What’s needed: A privacy law for the 21st century

Our federal privacy laws should prevent ICE from snooping on our travel plans. But our woefully outdated laws are failing to prevent this sort of data sharing within agencies.

Several legislative proposals would help close these gaps. Last year, Senators Wyden, Merkley, Markey, and Van Hollen introduced the Privacy Act Modernization Act of 2025, which would strengthen disclosure requirements and limit function creep. In the House, Rep. Lori Trahan has been collecting proposals for Privacy Act improvements and is expected to introduce reform legislation.

These bills represent a starting point for ensuring that the data the government collects for one purpose isn’t automatically available for any other purpose the agency chooses. But to some degree, modernizing the Privacy Act only nibbles at the edges of what’s needed: substantive federal privacy protections that control what the government can do with our private information, not just the paperwork it has to fill out first.

In a democracy, that kind of check on executive power shouldn’t be controversial — it should be fundamental.

TSA and ICE may have valid reasons to coordinate on specific threats. But sweeping access to millions of travelers’ records should require clear legal authority, public transparency, and meaningful limits.

This isn’t about a false choice between security and privacy. It’s a choice between security that respects privacy and unbounded surveillance. Right now, we have the latter — and that should concern every American, regardless of their views on immigration enforcement.

This holiday season, it’s not just Santa Claus who is making a list and checking it twice.