Immigration and Customs Enforcement agents had access to private information about people arrested in King County, Washington, despite a so-called sanctuary law specifically written to prevent just that, an internal audit found.
The audit, released July 9, showed that the issue put residents at increased risk of deportation.
And on Tuesday, some residents spoke out at a King County Law and Justice Committee hearing about the failure to carry out the law.
“Because of this breach, people are more afraid than ever. They are worried to be thrown out of the country. They are worried about their lives. They are worried about their families,” Seattle citizen Eva Lopez told CNN affiliate KIRO.
King County Executive Dow Constantine said the county knew of no circumstances where federal agents used this data to detain or remove county residents.
But Victoria Mena of Colectiva Legal del Pueblo, an organization that supports undocumented immigrants, told CNN on Wednesday that the organization was working to figure out who was affected by the county’s failure to follow the law.
“We’re certain — yes, people have been impacted. We just have to figure out the scope,” she said.
She said the audit was “deeply disturbing” and that there were easy things the county could have been done to prevent the failures.
“All of the work that we have been doing was almost for nothing. There was really a lack of oversight, implementation and training,” she said.
“”We’re still going to continue to be resilient and will resolve the lack of oversight, implementation and training.”
The data breach dates to February 2018, when the King County Council adopted a law that it said would protect immigrants and refugees who seek county services. The law outlined the county’s relationship with ICE, which would not be allowed access to databases without a judicial warrant, according to the county.
The legislation made King County, which encompasses Seattle, into a so-called “sanctuary” county. The broad term applies to jurisdictions that have policies in place designed to limit cooperation with or involvement in federal immigration enforcement actions.
Immigrant rights advocates argue these laws protect undocumented immigrants who are not otherwise engaged in criminal activity from being detained or deported, and promote public safety by building trust between immigrant communities and local governments and police. Critics, like President Donald Trump, argue they protect criminals and endanger public safety.
Council members said at the time that the progressive policy was to protect residents from the Trump administration’s immigration crackdown.
“While the current federal administration continues to advocate for policies that seek to disenfranchise and marginalize immigrant and refugee residents and communities, I firmly believe that our county government has a vital role in ensuring that King County is a welcoming and affirming place for all,” Council Chair Joe McDermott said at the time.
ICE accessed private system more than 1,000 times
But despite that law, ICE agents’ logins to the system containing private data continued to work, the audit found.
Access logs show that ICE agents logged into a jail inmate lookup system for law enforcement agencies more than 1,000 times between March 2018 and April 2019, the audit found.
The system for law enforcement agencies provides the address, aliases, birthdate, booking photo and other personal information that is not available to the public.
That breach has since been closed. The auditors notified the Department of Adult and Juvenile Detention and the Department of Information Technology about the issue in April, and the ICE login accounts were deactivated just days later.
But there were other issues, including that ICE asked the King County Sheriff’s Office for unredacted case files 25 times between January 2018 and May 2019. In nearly all of those cases, the Sheriff’s Office handed over those documents, the audit found, even though the office did not determine whether the requests were for civil immigration enforcement or whether they required a warrant.
The auditors said these and other breaches were due to a lack of training on immigrant privacy protections. The county law that passed in February 2018 did not establish a timeline for that training, so the Office of Equity and Social Justice made it a low priority, the audit found.
“King County made a commitment to protect residents’ privacy but has not developed a robust program to carry it out,” the audit found.
“The County lacks a clear definition of personal information and a reliable inventory showing what personal information the County holds. Agencies have records retention schedules but do not follow them in ways that prioritizes people’s privacy,” the audit said.
King County Auditor Kymber Waltmunson said at Tuesday’s hearing that the county executive and the sheriff indicated they plan to implement all 14 of the audit’s recommendations.
Monserrat Padilla, the coordinator of the Washington Immigrant Solidarity Network, said it was important for King County to make this a priority issue.
“The community has been really afraid at this moment, both for the threats of Donald Trump’s massive immigration raids but also from the local lack of prioritization to stand with immigrant communities from our local government,” she said.