Every Database Is an Immigration Database Now
Four federal databases. Four court battles. One pattern.
Every Database Is an Immigration Database Now
Twenty-two states told a federal court this week that the Trump administration appears to have violated a court order limiting what Medicaid data can be shared with ICE. (Stateline)
The court had been specific: ICE could pull basic information — addresses, phone numbers, birth dates — but only for people in the country illegally. Data on citizens and lawful permanent residents was explicitly off-limits. (Courthouse News)
HHS has now admitted to sharing a “large and complex” data set with ICE anyway. It hasn’t confirmed whether it filtered out the protected individuals. The states are asking the court to let them examine what was actually handed over. (Vermont AG)
This would be alarming enough on its own. But it isn’t on its own.
The pattern
The Medicaid pipeline is one of at least four federal databases being repurposed for immigration enforcement, each following the same sequence: access first, legality later, remove anyone who objects.
IRS. In spring 2025, DOGE pushed the IRS to share taxpayer data with ICE. The acting general counsel identified legal deficiencies in ICE’s request for 7.3 million taxpayer addresses and refused. He was forced out two days later. His successor also resigned over the deal. In February 2026, a federal judge found that the IRS had violated federal law approximately 42,695 times by sharing taxpayer addresses without confirming ICE’s requests met statutory requirements. The IRS CEO confirmed to Congress that no one has been disciplined. (ProPublica; JURIST; Nextgov)
Social Security. DOGE employees accessed SSA systems containing bank account numbers, health records, wage histories, and immigration status. A court ordered the data deleted. The Supreme Court stayed that order on the shadow docket. Then the DOJ admitted it had made multiple misrepresentations to the court — including that a DOGE team member at SSA had signed a “voter data agreement” to analyze state voter rolls at the request of someone outside government. (AFSCME; Democracy Forward)
OPM. More than 100 federal workers sued after DOGE agents — many under 25, recently employed at Musk’s companies, without standard security vetting — received administrative access to personnel records covering millions of current and former federal employees. The case is ongoing; DOGE has retained access. (TechCrunch)
Four databases. Four court battles. One pattern.
What the pattern is
In 1974, Congress passed the Privacy Act specifically to prevent the executive branch from doing what is happening now: aggregating personal data across federal agencies to build a surveillance infrastructure. The law was a direct response to Watergate-era abuses — the recognition that when a government can cross-reference what it knows about you from your taxes, your health care, your employment, and your benefits, it has the machinery for political control, whether or not that’s the stated purpose.
Every safeguard designed to prevent this is failing in the same way. Courts issue orders. The administration violates them or renders them moot by firing the officials responsible for compliance. When judges block one pipeline, the data has often already been transferred. When they order data deleted, higher courts stay the deletion.
This is the capture cascade in action. When a federal judge found 96 court order violations in a single month by the same officials overseeing deportation operations, the administration’s response was not compliance — it was personnel replacement. The IRS general counsel who refused the 7.3 million address request — gone. His successor who resigned — gone. The SSA chief data officer who filed a whistleblower complaint about DOGE creating a copy of sensitive data on a vulnerable cloud server — gone.
The pattern isn’t a failure of the system. It’s the system working as redesigned.
What this means for everyone
Georgetown’s Center for Children and Families points out an irony that matters: undocumented immigrants aren’t eligible for full Medicaid coverage. The database doesn’t cleanly identify the people ICE says it’s looking for. What it does contain is detailed information on lawfully present immigrants — refugees, asylees, green card holders — and their citizen family members. The people most likely to be swept up are the people the court explicitly said should be protected. (Georgetown CCF)
This is already having the intended effect. Immigrants — including those here legally — are dropping Medicaid coverage rather than risk their information reaching ICE. When people forgo health care out of fear that their government will use their medical enrollment against them, we are no longer talking about immigration enforcement. We are talking about a system that punishes people for interacting with their own government.
These data pipelines feed a targeting system. In sworn testimony, an ICE agent described drawing shapes on a map to select who gets swept up — using software built by a company in which Stephen Miller holds a financial stake. The enforcement apparatus it serves has been documented from recruitment to deployment.
The court orders protecting Medicaid data only apply in the 22 plaintiff states that sued — all with Democratic attorneys general. If you live in a state with a Republican AG, there is currently no legal barrier between your Medicaid enrollment and ICE.
The hearing is April 30.
The RAMM documents the connections that beat reporting can’t see — sourced events at capturecascade.org.
Free subscribers get every investigation. Paid subscribers get draft chapters of the book and access to the research infrastructure.