US immigration agencies read visa applicant's social media

Privacy and Security News
1

The US Immigration and Customs Enforcement (ICE) has used an AI-powered data-scanning tool called Giant Oak Search Technology (GOST) to scour social media looking for post containing “derogatory” comments about the nation.

The GOST database ranks social media scores from one to 100, and is searchable by name, address, email address, and country of citizenship. Immigration agencies and service providers have apparently been using the data in enforcement actions, according to an The American Civil Liberties Union lawsuit filed under the Freedom of Information Act (FOIA), and first reported by 404 Media.

[…]

Other documents detail analysts using GOST to review “potentially derogatory social media,” giving images either a “thumbs up” or “thumbs down” rating, and reportedly scanning the individual’s social media profile to understand their connections to other social media users.

2

It’s from these kinds of things that I get mixed feelings. Technically nothing is wrong as the posts made on social media are publicly accessible and can be archived by anyone, and no one is forced to use social media. The main issue is the intent and who is doing the harvesting that I really don’t like. It’s one of many reasons why I avoid social media all together, and what little I do use is done through pseudonyms.

The GOST database ranks social media scores from one to 100

Sounds similar to a Social Credit Score to me.

3 Likes
3

I’m fine with this, but i do have three main concerns:

  1. So we know GOST has access to publicly available information. What about profiles marked Private. Does GOST have access to those accounts, under the guise of national security? In my opinion, that’s where the line is. Sure, scan anything that’s publicly available, I can guarantee half a dozen companies are doing the same (without your knowledge/permission).
  2. My other issue is with data retention. How long is this data kept? I can understand keeping it for the duration of the visit (whether it be one week or one year), but if it’s stored when they’re no longer in the country… that’s a bit much.
  3. How is that data stored? If it’s done properly, only the AI should have access to the data (folders and contents). If it’s not, pretty much anyone could have access. It’d be only a matter of time until you get a malicious actor take advantage of GOST’s data.
1 Like
4

I had exact same thoughts.

Sure “technically nothing wrong”. For me was just a good example how information you post are out of your control and you have no idea how they may be used.

1 Like