LexisNexis did sell aggregated consumer location data to U.S. Immigration and Customs Enforcement (ICE) through its Accurint database service—but the federal lawsuit challenging this practice was dismissed in April 2024. Immigration activists and community groups sued the data broker, alleging that LexisNexis sold detailed location information without adequately disclosing to consumers how their data would be used or by whom, or making clear that ICE was a buyer.
The court ruled that the individual plaintiffs lacked legal standing to bring the claims under Illinois consumer protection law, though the underlying concerns about data broker transparency, consent, and government surveillance remain unresolved. The LexisNexis-ICE contract itself was substantial: a $22.1 million agreement giving immigration enforcement access to billions of location records. Over 80 privacy, human rights, and government accountability organizations have called on the Department of Homeland Security not to renew the contract, highlighting ongoing controversy over whether data brokers should be permitted to profit from selling location tracking data to enforcement agencies—particularly when consumers have no way to know their data is being sold or how it will be used.
Table of Contents
- What Data Did LexisNexis Sell to ICE?
- How Did the Data Broker Model Enable This Sale?
- Why Did the Lawsuit Against LexisNexis Fail?
- What Is the Scope of LexisNexis’s Contract With ICE?
- What Legal Claims Did the Plaintiffs Raise and What Are the Gaps?
- What Do Advocacy Groups Say About the LexisNexis ICE Contract?
- What Does This Case Reveal About Data Broker Regulation?
What Data Did LexisNexis Sell to ICE?
The core of the lawsuit centered on LexisNexis’s Accurint database, a commercial data compilation built from thousands of sources including government records, utility bills, phone records, medical records, and crucially, real-time and historical location data purchased from mobile applications. The Accurint database contains billions of records, making it one of the largest commercial data repositories in the country. When ICE accessed this database through its contract with LexisNexis, agents gained the ability to track where individuals worked, shopped, slept, and moved through their daily lives—information that could be used to locate and apprehend people for immigration enforcement.
The location data component of Accurint is particularly invasive because it captures precise, continuous movement patterns rather than snapshot information. A person’s daily location history reveals sensitive details: visits to medical facilities, religious institutions, union meetings, or immigration attorneys’ offices. The lawsuit alleged that when LexisNexis sold this aggregated data to ICE, the company did not adequately disclose to consumers where their location information came from, what it contained, or that it would be used for government enforcement purposes. However, it is important to note that most consumers who contributed data to Accurint (through app usage, utility bills, or other channels) had no direct relationship with LexisNexis and had not knowingly agreed to have their data compiled and sold for law enforcement use.
How Did the Data Broker Model Enable This Sale?
The data broker industry operates with minimal transparency. LexisNexis and similar companies aggregate data from thousands of sources—some public, some obtained through data brokers themselves, some purchased from mobile apps and other intermediaries—then repackage and sell that information to businesses, government agencies, and other buyers. This model means that a person’s data can be collected, bought, sold, and resold multiple times without the individual’s knowledge or explicit consent.
In LexisNexis’s case, the company purchased location data from mobile applications and other sources, compiled it into the Accurint database, and then sold access to that database to law enforcement and other government agencies. The issue plaintiffs raised was one of disclosure: when a consumer uses an app that sells location data to data brokers, there is often no clear disclosure that this data will eventually be purchased and used by agencies like ICE. Consumers may understand that their app usage generates data, but they typically have no idea that their location history is being packaged into a government surveillance tool. However, the fact that the lawsuit was dismissed suggests that under current law, individual consumers face significant barriers to holding data brokers accountable—even when the sale of their data to government agencies raises serious civil rights concerns.
Why Did the Lawsuit Against LexisNexis Fail?
The lawsuit, brought by immigration activists and three individual plaintiffs (Maria Fernanda Castellanos Ramirez, Rosa Carrasco, and Claudia Marchan Torres), alleged violations of the Illinois Consumer Fraud and Deceptive Practices Act and related claims of intrusion upon seclusion and unjust enrichment. However, in April 2024, a federal court dismissed the case, ruling that the individual plaintiffs lacked legal standing to bring claims under the Illinois law. The court found that the plaintiffs had failed to adequately plead their claims of intrusion upon seclusion and unjust enrichment. Legal standing is a significant hurdle in data broker litigation.
To have standing, a plaintiff must demonstrate that they suffered a concrete injury—not merely that a company’s practices were questionable or invasive, but that the plaintiff themselves were directly harmed in a legally recognizable way. In the LexisNexis case, proving that specific plaintiffs were injured by the sale of aggregated data—rather than by the practice of data aggregation and sale itself—proved difficult. This reveals a gap in consumer protection law: even conduct that advocates argue is deeply problematic (selling location tracking data to ICE without disclosure) may be difficult to challenge through private litigation because courts set a high bar for proving direct, individual harm. The dismissal did not mean the court found LexisNexis’s practices acceptable; rather, it meant the plaintiffs chose the wrong legal theory or failed to properly allege their claims in a way that satisfied the court’s requirements for standing.
What Is the Scope of LexisNexis’s Contract With ICE?
LexisNexis’s contract with ICE was valued at $22.1 million, a substantial sum indicating that location data and other commercially aggregated information are significant tools for immigration enforcement operations. Through this contract, ICE officers gained access to the Accurint database, which includes not only location data but also employment history, financial information, and other records that can be used to locate and monitor individuals for enforcement purposes. The contract’s value and scope underscore the business model that has developed around government enforcement: data brokers collect consumer information, monetize it by selling to private businesses, and then sell it again to government agencies at different price points.
For ICE, the $22.1 million investment provides access to a comprehensive surveillance database that would be prohibitively expensive for the agency to build and maintain independently. For LexisNexis, the contract represents significant revenue from a single buyer. However, if consumers were aware that their location data—collected and sold by mobile apps and other services—was being purchased by immigration enforcement, many would likely object. The contract continued despite this lack of consumer awareness, highlighting how data broker revenue models depend on opaque transactions between companies and government agencies, with consumers kept in the dark about where their data ends up.
What Legal Claims Did the Plaintiffs Raise and What Are the Gaps?
The original lawsuit raised multiple theories of liability. The Illinois Consumer Fraud and Deceptive Practices Act claim argued that LexisNexis engaged in deceptive conduct by selling consumer data without adequately disclosing how it would be used. The intrusion upon seclusion claim alleged that the sale of detailed location tracking data to a government agency violated a fundamental expectation of privacy. The unjust enrichment claim contended that LexisNexis unfairly profited from selling consumers’ location information.
The court’s dismissal revealed gaps in existing consumer protection frameworks. Many state consumer fraud laws require consumers to suffer financial harm or direct deception in a transaction, but the injury in data broker cases is often indirect: harm comes from the surveillance, discrimination, or enforcement actions enabled by the data, not from the initial sale of aggregated information. Additionally, intrusion upon seclusion claims typically require a showing that the defendant’s conduct was “highly offensive” to a reasonable person and caused emotional distress—a high bar when the intrusion happens through a faceless data compilation rather than a visible surveillance mechanism. The dismissal suggests that consumers seeking to challenge data broker sales to government agencies may need to explore other legal avenues, such as regulatory complaints to attorneys general, legislative pressure for data broker transparency laws, or class action claims that can better establish group harm. A warning: individual lawsuits against data brokers for selling location data have generally been unsuccessful, so advocacy has increasingly shifted toward lobbying for new state and federal data privacy legislation rather than relying on tort law.
What Do Advocacy Groups Say About the LexisNexis ICE Contract?
Following the lawsuit’s dismissal, advocacy efforts shifted focus from litigation to contract pressure. Over 80 data privacy, human rights, and government accountability organizations signed letters calling on the Department of Homeland Security to cancel or not renew LexisNexis’s contract with ICE. These groups argue that selling location data to enforcement agencies raises serious civil rights concerns, enabling mass surveillance and potentially leading to discriminatory enforcement against immigrant communities.
The advocacy coalition includes digital rights organizations like the Electronic Privacy Information Center (EPIC), immigration rights groups, and civil liberties organizations. Their position is that even though the lawsuit failed to establish a private right of action for individual consumers, the underlying problem—that data brokers profit from enabling government surveillance—remains unresolved and unacceptable. The call for contract cancellation represents a shift in strategy: when litigation fails, advocacy organizations turn to administrative and legislative pressure. This approach acknowledges that existing consumer protection laws may not adequately address data broker sales to government agencies, and that change may need to come through regulation, executive action, or new legislation rather than court decisions.
What Does This Case Reveal About Data Broker Regulation?
The LexisNexis lawsuit and its dismissal illuminate a regulatory gap: the United States has no comprehensive federal law requiring data brokers to disclose to consumers what data they collect, how they sell it, or who buys their products. Some states have passed data broker transparency laws—California, Virginia, Colorado, and others have enacted privacy regulations that give consumers limited rights to access and delete their data from data brokers—but these laws vary widely and do not prevent sales to government agencies. Looking forward, the LexisNexis case may catalyze more targeted legislation.
Advocacy groups are pushing for laws that specifically restrict or require disclosure when data brokers sell to government enforcement agencies, and for data broker registration and transparency requirements at the federal level. The dismissal of the LexisNexis lawsuit has not ended the policy conversation; if anything, it has demonstrated that consumers cannot rely on existing tort law to challenge data broker practices and that legislative solutions are necessary. Future regulation may require data brokers to disclose government buyers, obtain explicit consent before selling location data to enforcement agencies, or prohibit such sales entirely.