Immigration and Customs Enforcement (ICE) contracted with a spyware company that tells customers it ensures they can use the tool without the agency being caught doing so, according to documents obtained by 404 Media through our ongoing lawsuit against ICE.
In September, we sued ICE for documents related to its $2 million contract with Paragon, a company that makes powerful spyware for remotely hacking phones and accessing encrypted messaging apps. In response to the lawsuit we’ve now been given the first batch of documents by ICE, but have many more to go. The vast majority of the documents it has provided so far are heavily redacted, and it is still withholding information in the public interest that would more fully explain why the agency wanted to buy such a potent and controversial surveillance tool.
🚨🧑⚖️ If you would like to support our lawsuit against ICE, please consider becoming a paid 404 Media subscriber, here. We also have a tip jar, here. And if you’d like to make a larger tax-deductible donation, please contact us on donate@404media.co. Thank you!
“404 Media has asked ICE to disclose agency records relating to its contract with a company known for its powerful spyware tool whose potential use in the agency’s ongoing mass-deportation campaign has prompted lawmakers, civil liberties organizations, and immigration groups to express deep concerns over potential civil rights abuses,” our original complaint said. Paragon makes a spyware system called Graphite that is capable of remotely hacking mobile phones and obtaining messages from apps such as Signal, WhatsApp, and Facebook Messenger.
404 Media first filed a Freedom of Information Act (FOIA) request in October 2024 for documents related to Homeland Security Investigation’s (HSI) Paragon purchase. HSI is a part of ICE. Under the law, agencies are required to provide a response within 20 days, or provide an explanation of why they require an extension. At the time, ICE did not respond to any of our follow up inquiries, so we filed the lawsuit the following September.
💡
Do you work at ICE or Paragon? Do you know anything else about the company? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.
On Tuesday in a first interim release letter, ICE said it had found 673 potentially responsive pages of records in response to our FOIA request. The same day, ICE provided 77 of those pages, but it still owes us more.
Screenshots of the documents. Image: 404 Media.
The documents produced so far include a “pricing narrative” made by Paragon for ICE, which presumably included a breakdown of the price of the software but which is heavily redacted. The documents also include an overview of the software and the contract’s objectives.
Sections of that document are redacted, but it suggests Paragon may be used, as expected by ICE, to enforce “immigration and customs laws.” The section reads: “Paragon brings our capabilities in response to this [REDACTED] RFP [request for proposals], to support the [REDACTED] mission protecting national security by enforcing the nation’s immigration and customs laws, including criminal activities.”
Paragon has long tried to position itself as a more ethical player in the government spyware industry, a space that is riddled with controversy and abuse. In the overview document Paragon writes, “From the outset, Paragon has enshrined ethical conduct, practices, and standards as core company values. Our core ethical principles cover three main areas: legal, customer, and technology, all of which are hard coded into our business operations and software offering.”
The company says it only sells “our products to government intelligence and law enforcement agencies from a specific list of [REDACTED] whose commitment to democracy, human rights, and the rule of law have passed its internal and external due diligence.” (Paragon cut off the Italian government after authorities there used Paragon’s software to target activists and journalists.)
The overview says that “Paragon’s technology is developed in-house by elite teams of researchers and developers,” and that its operational security team makes sure customers can use the tools without getting caught, essentially.
“Our Operational Security (OPSEC) team ensures that the customer can meet operational requirements while minimizing the risk of exposure and attribution,” it continues. “To that end, the team provides ongoing threat analysis, up-to-date guidelines, and continuous risk management updates. In addition, the OPSEC guidelines are incorporated into the System’s function and serve as built-in guardrails for operational activity.”
The document also includes “Release Notes” related to Paragon’s software which are almost entirely redacted, which would describe the features of the software that ICE purchased.
Screenshots of the documents. Image: 404 Media.
These redactions, and especially those around the contract’s objectives, are despite ICE recently publicly providing some details about why it bought the spyware. In an April 1 letter to lawmakers, Acting Director of ICE Todd M. Lyons said he approved the purchase and use of the technology “in response to the unprecedented lethality of fentanyl and the exploitation of digital platforms by transactional criminal organizations.” He also pointed to “the specific challenges posed by the Foreign Terrorist Organizations’ thriving exploitation of encrypted communication platforms.” In January, President Trump designated a number of South American drug cartels and other groups as foreign terrorist organizations.
“Use of the technology will align with and support the Homeland Security Task Force’s strategic initiatives to identify, disrupt, and dismantle Foreign Terrorist Organizations, addressing the escalating fentanyl epidemic and safeguarding national security,” Lyons continued.
Many of the redactions in the documents center around what ICE describes as trade secrets and records compiled for law enforcement purposes. We believe the redactions are an overreaction, withholding information in the public interest about what capabilities ICE bought and for what purpose. ICE gave Paragon the opportunity to request certain parts of the documents be redacted.
Soon after ICE contracted with Paragon in 2024, the Biden White House put a freeze on the deal as it investigated whether it violated an executive order that aimed to curb the government’s use of spyware, WIRED reported at the time. Then in August during the second Trump administration, ICE reactivated the contract, independent journalist Jack Poulson reported. In January, ICE closed out that contract, according to public procurement data 404 Media reviewed at the time. In May, a Department of Homeland Security (DHS) spokesperson told NPR that ICE has no current contract or relationship with Paragon or the company that later acquired it. The agency declined to clarify whether or not ICE still has access to Paragon-developed tools, NPR reported.
404 Media has published the first batch of responsive documents in full, here. As the lawsuit continues, we’ll provide our subscribers with updates.
🚨🧑⚖️ If you would like to support our lawsuit against ICE, please consider becoming a paid 404 Media subscriber, here. We also have a tip jar, here. And if you’d like to make a larger tax-deductible donation, please contact us on donate@404media.co. Thank you!
