LexisNexis illegally collected and sold people's personal data, lawsuit alleges
Data broker LexisNexis Risk Solutions allegedly violated Illinois law by collecting and combining extensive personal information and selling it to third parties including federal immigration authorities, according to a lawsuit filed Tuesday by immigration advocates.
The result is "a grave threat to civil liberties," the activists and two immigration advocacy groups argued. The lawsuit asks a Cook County judge to prevent the data broker from selling personal information without consent.
The complaint also notes that LexisNexis' Accurint product, which is sold to law enforcement, incorporates information that isn't publicly available, including correctional bookings, vehicle collision records and license plate reader databases.
"Using Accurint, law enforcement officers can surveil and track people based on information these officers would not, in many cases, otherwise be able to obtain without a subpoena, court order, or other legal process," the complaint alleges, accusing LexisNexis' technology of enabling "a massive surveillance state with files on almost every adult U.S. consumer."
A representative for Georgia-based LexisNexis Risk Solutions declined comment, citing the pending litigation.
Contract with ICE
Immigration advocates have called attention to a $22 million contract between Immigration and Customs Enforcement and LexisNexis for that product, revealed in the results of a Freedom of Information Act request. They argue it poses a particular risk to activists and immigrants.
Sejal Zota, legal director at Just Futures Law and an attorney on the lawsuit, said the data broker makes it possible for ICE to "instantly access sensitive personal data — all without warrants, subpoenas, any privacy safeguards or any show of reasonableness."
"Our plaintiffs view this alleged violation of their privacy as dehumanizing and unacceptable," she said.
In the case of one woman, the information available through Accurint includes her past and current addresses, phone number, date of birth and an incorrect Social Security number, according to the lawsuit. The detailed reports produced on two other women participating in the case included full Social Security numbers.
"There is a critical difference between the gathering of bits of personal information through publicly available resources (the internet, court files, archives, etc.) and the collection of information through an encyclopedic dossier that compiles all of the records, including ones that are not publicly available, into one easily accessible and computerized profile," the complaint said.
The lawsuit was filed in Cook County, which includes Chicago. Local officials have investigated whether federal immigration authorities can use information from data brokers to circumvent the county's ban on compliance with ICE requests to detain people without legal authority to be in the country.
Antonio Gutierrez, strategic coordinator and co-founder of Organized Communities Against Deportation, said the organization signed onto the lawsuit because they see data brokers as a way for ICE to circumvent existing limits. Gutierrez said it took years of advocacy to create policies preventing cooperation by Illinois cities, counties and state government with federal immigration authorities.
"We just wondered 'How do we fight this?'" he said, noting that some of the information comes from basic consumer interactions like setting up a utility account or getting a car loan. "The entity that needs to be accountable for how they're operating is LexisNexis."
In California, the data broker Thomson Reuters faces a similar lawsuit that accuses the company of violating state law by collecting and selling residents' personal information to corporations, law enforcement and government agencies. That case was filed in 2020 by two activists backed by several privacy rights groups.
At the national level, the Federal Trade Commission last week announced an effort to asses the effects of companies' data collection and the potential benefit of new rules to protect consumers' privacy.
"Many of us have grown used to the idea that companies constantly collect information about us as we go about our daily lives," Seena Gressin, an attorney at the FTC, wrote in a post Tuesday on the agency's site. "It may be information we give up willingly, like a credit card number for a purchase. But it also may be information that we don't know we're surrendering, and may not want to share."