7 hours ago
7
On November 21, 2023, field intelligence officers within the Department of Homeland Security quietly deleted a trove of Chicago Police Department records. It was not a routine purge.
For seven months, the data—records that had been requested on roughly 900 Chicagoland residents—sat on a federal server in violation of a deletion order issued by an intelligence oversight body. A later inquiry found that nearly 800 files had been kept, which a subsequent report said breached rules designed to prevent domestic intelligence operations from targeting legal US residents. The records originated in a private exchange between DHS analysts and Chicago police, a test of how local intelligence might feed federal government watchlists. The idea was to see whether street-level data could surface undocumented gang members in airport queues and at border crossings. The experiment collapsed amid what government reports describe as a chain of mismanagement and oversight failures.
Internal memos reviewed by WIRED reveal that the dataset was first requested by a field officer in the DHS’s Office of Intelligence & Analysis (I&A) in the summer of 2021. By then, Chicago’s gang data was already notorious for being riddled with contradictions and error. City inspectors had warned that police couldn’t vouch for its accuracy. Entries created by police included people purportedly born before 1901 and others who appeared to be infants. Some were labeled by police as gang members but not linked to any particular group.
Police baked their own contempt into the data, listing people’s occupations as “SCUM BAG,” “TURD,” or simply “BLACK.” Neither arrest nor conviction was necessary to make the list.
Prosecutors and police relied on the designations of alleged gang members in their filings and investigations. They shadowed defendants through bail hearings and into sentencing. For immigrants, it carried extra weight. Chicago’s sanctuary rules barred most data sharing with immigration officers, but a carve-out at the time for “known gang members” left open a back door. Over the course of a decade, immigration officers tapped into the database more than 32,000 times, records show.
The I&A memos—first obtained by the Brennan Center for Justice at NYU through a public records request—show that what began inside DHS as a limited data-sharing experiment seems to have soon unraveled into a cascade of procedural lapses. The request for the Chicagoland data moved through layers of review with no clear owner, its legal safeguards overlooked or ignored. By the time the data landed on I&A’s server around April 2022, the field officer who had initiated the transfer had left their post. The experiment ultimately collapsed under its own paperwork. Signatures went missing, audits were never filed, and the deletion deadline slipped by unnoticed. The guardrails meant to keep intelligence work pointed outward—toward foreign threats, not Americans—simply failed.
Faced with the lapse, I&A ultimately killed the project in November 2023, wiping the dataset and memorializing the breach in a formal report.
Spencer Reynolds, a senior counsel at the Brennan Center, says the episode illustrates how federal intelligence officers can sidestep local sanctuary laws. “This intelligence office is a workaround to so-called sanctuary protections that limit cities like Chicago from direct cooperation with ICE,” he says. “Federal intelligence officers can access the data, package it up, and then hand it off to immigration enforcement, evading important policies to protect residents.”
Records trace the incident back more than four years, but the ambitions behind it haven’t faded. DHS’s budget will soon exceed $191 billion, and its leaders are pursuing technologies to fuse sensitive data across agency systems once kept deliberately apart. A March 2025 executive order encouraged federal departments to “eliminate information silos across the government,” while DHS’s own AI initiatives promise to merge public and commercial data into tools for enforcement and surveillance. Those ambitions ride on a federal watch-listing apparatus that screens travelers at airports, borders, and visa desks.
An integral part of that apparatus is the Terrorist Screening Dataset, the FBI’s own consolidated watch list. Alongside it, the bureau’s Threat Screening Center runs the Transnational Organized Crime Actor Detection Program, or TADP—a companion list aimed at flagging cartel and gang actors at border checks and police encounters. Its charter draws a clear line: No US citizens or lawful permanent residents are to be included. I&A’s guidelines allow for temporary retention of such data, but only to determine its foreign intelligence value.
Reynolds warns that the scope of those watch-listing activities has grown. “Thanks to how the government characterizes people with some connection to a cartel as ‘terrorists,’ it could impact the lives of millions more people in this country,” he says. “This can potentially justify federal targeting of family members, churches, food banks, and others who support immigrants.”
The lapses at I&A began with a June 2021 FBI decision to expand the TADP to include the Latin Kings, a Chicago-born street gang with regional factions. The group’s name appears redacted in the documents reviewed by WIRED, except on a single page. The TADP list itself isn’t classified, but remains restricted from public view. The inclusion of the Latin Kings has not been previously reported.
Spurred by the FBI decision, an I&A field officer contacted two Chicago PD officials the next month, requesting a bulk extract of the city’s gang records. The goal, they said, was to “fully exploit the list.” Because bulk transfers automatically trigger internal privacy reviews, the pull went to DHS’s Data Access Review Council (DARC), an oversight body that handles sensitive requests. More than six months went by as it considered the field officer’s plan to ingest the Chicagoland data.
In January 2022, before the paperwork closed, the officer who launched the project left office. In what was later described as a “serious staffing gap,” their replacement would not arrive for eight months. Even so, the DARC team finalized a set of terms and conditions: Delete all US-person data in the gang dataset within a year and file a six-month report so leadership could track its use. Neither requirement was met.
According to I&A’s own terms, the Chicago PD extract included names, addresses, birth dates, and alleged gang affiliations and factions, along with sex and race.
“What is striking about the factual record during the spring of 2022,” an I&A oversight officer later wrote, “is the complete lack of awareness on the part of any I&A senior leader that the terms and conditions were even under consideration.” On April 18, 2022, the agreement was signed not by the undersecretary for intelligence and analysis, or a designated surrogate, as policy required, but by the office’s chief information officer. Investigators later reported the reasons for this “are unclear.”
In the background, Chicago’s own audit trail was public and unambiguous. City inspectors issued a report years prior that described not one “gang database,” but at least 18 forms and locations where the Chicago’s gang data lived. Police could not “definitively account for all such information in its possession and control,” the report says. More than 500 outside agencies had queried those systems over a million times in a decade. The report documented the same failures repeated throughout: impossible ages, blank identifiers, even slurs. Chicago PD’s lack of data controls served as an example, inspectors said, of how such dossiers might be used to “demean and dehumanize members of the public.”
The report found there was effectively no process for notice or appeal and no routine purge of records for people who had left gangs or gone years without a police encounter. Ninety-five percent of those labeled were Black or Latino.
Chicago’s systems spread the labels widely. Inside the department’s data network, known as CLEAR, officers could map gang factions and territory using a tool called Caboodle; chart associations between suspect gang members using a tool called Link Analysis; and pull up arrest histories through its Gang Members Search portal. The Chicago public school system alone was associated with 87,302 gang‑related queries over 10 years—more than all immigration agencies combined—illustrating how far the information traveled.
In response to public pressure, Chicago police proposed a new system with published criteria, an appeals process, and a five-year removal rule for anyone without new qualifying offenses. It promised audits, officer training, and limits on data sharing. Whether those changes materialized as promised—and how the department handled legacy flags—became the fight that followed.
Four months before I&A’s request, the city’s inspector general found that Chicago PD had made “minimal progress” towards reform. Two years in, the department still had no timetable, no uniform policy, and continued to rely on old data. In the meantime, it broadened the criteria for adding people into the system—but never disclosed the change, leaving outdated policies online. The watchdog concluded that the department had fallen “critically short” of meeting the commitments it made after its 2019 review.
Chicago PD did not respond to questions about the project or its current use of gang data.
At I&A, its window for evaluating the data closed in April 2023. (Officials had an opportunity to request an extension that March, but failed to do so.) Months passed before oversight staff noticed. A preliminary inquiry found that I&A retained at least 797 “documents” in violation of its own rules prohibiting the collection or retention of domestic intelligence. On paper, the plan had been narrow—review local police intelligence with a focus on noncitizens and delete the rest on schedule. The records describe what followed as a total compliance failure.
In August 2023, a Chicago city commission voted to reject the police department’s proposed replacement database. Three months later—and just two weeks after the database was formally scrapped by the city—I&A deleted the Chicago dataset. In February 2024, DHS’s then undersecretary for I&A, Kenneth Wainstein, approved mitigation measures requiring staff training and other procedures to ensure bulk transfers don’t proceed without his office’s sign-off.
DHS declined to discuss the incident or detail what corrective steps were ultimately taken. A spokesperson says the agency “abides by strict standards for data keeping and record maintenance” and that “all records are handled in accordance with existing law and regulation.”
Congressional auditors reached a different conclusion this summer. The Government Accountability Office (GAO) reported in July that I&A still lacks basic controls needed to track how intelligence is collected and used. The office produced its first consolidated intelligence budget in 2025—12 years after that became a legal requirement. Meanwhile, WIRED reported in September that a misconfiguration in the Homeland Security Information Network’s intelligence portal left hundreds of I&A reports open to thousands of unauthorized users.
“Robust oversight has long taken a back seat at the department,” says Reynolds adds, pointing to the recent gutting of DHS’s civil rights and civil liberties office. “Would an oversight inquiry like this even happen now? Probably not.”
Analysts from multiple DHS offices told congressional auditors that finished intelligence reports continue to circulate without proper review and are sometimes published with factual errors. At the time of the audit, the agency’s own internal list of offices conducting intelligence work hadn’t been updated in nine years, all but ensuring fragmented policy and compliance.
As in previous reviews, DHS pledged new procedures and set deadlines stretching into the new year.
While Chicago’s gang database is gone, Illinois maintains its own. State police continue to operate a statewide gang file through what’s called the Law Enforcement Agencies Data System, or LEADS. State records show DHS’s Enforcement and Removal Operations directorate signed a new LEADS data-sharing agreement last year. Chicago police did not respond to questions about what role they play, if any, in the statewide system.
English (US) ·