Sign up to Newsletter

The Trump Administration wants your DNA and social media

The U.S. Government intends to force visitors to submit their digital history and DNA as the price of entry. With this much data AI tools will likely be deployed to unlock details of your life for border and immigration agencies.

Key points
  • Trump Administration is expanding its systems so that visitors to the US must submit social media, email identifiers, and even DNA data for entry.
  • The US Government wants to require five years of social media data, ten years of email addresses, including business accounts.
  • Accumulating this most intimate personal data will create an unprecedented immigration system.
  • Analysing this data will likely require AI tools to summarise our lives.
  • Companies and governments must push back now, lest they enable and copy these practices.
News & Analysis
Post date
11th December 2025

Yesterday the Trump Administration announced a proposed change in policy for travellers to the U.S. It applies to the powers of data collection by the Customs and Border Police (CBP).

If the proposed changes are adopted after the 60-day consultation, then millions of travellers to the U.S. will be forced to use a U.S. government mobile phone app, submit their social media from the last five years and email addresses used in the last ten years, including of family members. They’re also proposing the collection of DNA.

Data details

The changes include:

  • All visitors must submit ‘their social media from the last 5 years’
  • ESTA (Electronic System for Travel Authorization) applications will include ‘high value data fields’, ‘when feasible’
    • ‘telephone numbers used in the last five years’
    • ‘email addresses used in the last ten years’
    • ‘family number telephone numbers (sic) used in the last five years’
    • biometrics – face, fingerprint, DNA, and iris
    • business telephone numbers used in the last five years
    • business email addresses used in the last ten years.
  • All these travellers will now have to use an app provided by CBP (‘CBP Home’) and an app for their ESTA application (‘ESTA Mobile App’). The ESTA website is being decommissioned.
  • The ‘CBP Home’ mobile app will be used by people to provide biometric proof of their departure, to ‘close the information gap’. The app will disclose the user’s location once they have left the U.S. and run a liveness detection on the selfie photo.

If approved, this policy would apply to all visitors who currently travel without a visa. For the estimated 14 million annual ESTA travellers, CBP thinks that this will take the average visitor 22 minutes to submit themselves and their family members.

The inclusion of DNA is particularly alarming: the US Government is setting the ground for the day when it can require the DNA of all travellers. As Ed Hasbrouck helpfully points out, currently no mobile phone enables the collection of DNA samples. But this is not stopping the US Government’s ambitions for that (strange?) future.

Unlocking mass data analysis

As we’ve previously stated earlier in 2025 the Trump Administration early on declared its expanded surveillance ambitions. Yesterday’s announcement is the next step, extending it to visa-free travel, and expanding the dataset including to DNA. Over 70 million people visit the US every year, which means this could end up being a vast datastore of people’s data.

One particularly dangerous aspect to this announcement is this: the data the US Government is now seeking unlocks even more data. Leaving the DNA profiling question out (for now, at least until governments start forcing our blood or spit or tears at points of entry), the inclusion of email identifiers and social media is troubling.

With email accounts, the purpose for demanding 10 years of email identifiers is bewildering even to us. The usefulness of mass surveillance of ten years’ worth of business email communications to determine a family’s visit to Disney World seems not just disproportionate, but also a legal and computational nightmare.

For social media, it’s unlikely that there will be a U.S. Government official looking through your photos, videos, likes, and shares as you queue to be fingerprinted. More likely is that AI tools like Retrieval-Augmented Generation will be used to scan and summarise all your social media behaviours to ascertain what kind of person you or your family members are, and who you associate with, like and follow. This may lead to AI-enabled automated decisions that have significant consequences to people’s lives and livelihood.

Government agencies will likely need to get deep-level access to all social media platforms to gather social media intelligence. Of course they could scrape the content for each social media account for each visitor’s application. It’s more likely they’ll seek direct access to the platforms’ databases, or use third-party firms who can do this for them.

This moment has been years in the making

At the US border, your social media and your devices are at risk, making you a target. It wasn’t always this way.

We’ve been working on border surveillance since 9/11, when governments began tracking you ahead of travel, profiling you at the border, and grabbing your fingerprints. Countless new databases were developed with a plethora of methods to harvest our data. This was led by the Bush Administration, and after initial resistance, others around the world followed suit.

Every few years, governments ratchet up their border surveillance ambitions. In 2016, the US Government piloted requesting social media identifiers, adding them to application forms for US visas and ESTA forms. Russia then did the same with their visa programme.

In 2017 we objected when the US Department of Homeland Security planned to expand immigration records to include social media, your internet history and other forms of data companies held about you. Then in 2018 we objected when the US Department of State sought access to five years of social media identifiers for visa applications.

This has resulted in massive and unprecedented powers and capabilities for border and immigration agencies in the U.S., including expansive use of surveillance, enabled by industry.

Beyond America, it affects everyone

Many governments follow the US’s lead on border surveillance. European governments are currently launching their own biometric registration programme for visitors that will include vast data collection, all at a cost to travellers.

We must urgently curb this trend.

People deserve rights wherever they are. This is why human rights are universal, and why constitutions limit the power of governments. Fundamental protections and safeguards should apply to all people, including at borders. Governments should be calling out these abuses, protecting us from this treatment, and in turn living up to these commitments.

Most urgently, industry need to be protecting our data from being used for profiling and targeting. Social media intelligence tools allow governments and others to accumulate our data, discern our preferences, and profile us to their advantage and without our knowledge. Scraping social media for photos is what led to notorious facial recognition firm Clearview AI being able to sell its wares to police across the world. That’s why we demanded that people be protected from this type of abuse.

We can’t resist this surge in data-intensive border policies just deleting or locking our social media accounts. Governments may still access your data despite the protections you seek to apply.

It’s therefore urgent that the tech industry increase protections for people everywhere. They must act now before they become even more integral and complicit in automated surveillance machinery that will affect people across the world every day. Now’s not the time to seek profit by enabling injustice, it’s the time to step up and protect everyone and our data.

And even if only to say ‘no we will never build DNA collection into our phones’. (It’s embarassing that it ever had to be said, but that’s 2025 for you!)

Learn more
Migrants
Immigration Enforcement
Direct Access by Government
DNA and Genetic Data
Migration and Borders
Mass Surveillance
Social Media Surveillance
Tech at the Border
Our campaign
Ban biometric mass surveillance
Police unlocking your data in the cloud
Protecting migrants at borders and beyond
When Social Media makes you a target
Location
United States of America
What PI is calling for

A universal rights framework protects people everywhere.

PI has led the push for privacy to be recognised globally.
Read more

We may challenge consequential decisions

Individuals should be able to know about, understand, question and challenge consequential decisions that are made about them and their environment. This means that controllers too should have an insight into and control over this processing.
Read more

Control over intelligence

Individuals should have control over the data generated about their activities, conduct, devices, and interactions, and be able to determine who is gaining this intelligence and how it is to be used.
Read more

Related Content

Long Read
Jamillah Knowles & Digit / https://betterimagesofai.org / https://creativecommons.org/licenses/by/4.0/

Toward Regulation: Addressing the Legal Void in Facial Recognition Technology

There is an urgent need for the regulation of facial recognition technologies in the UK to protect people from the grave risk it poses to human rights. In light of this, we conducted research to see how other states and jurisdictions are regulating biometric technologies.

Continue reading
News & Analysis
Face mask design

Can a Covid-19 face mask protect you from facial recognition technology too?

Can the masks that we now wear to protect each other from Covid-19 also protect our anonymity, preventing the latest mass facial recognition systems from identifying us? The short answer is 'no, most probably not'.

Continue reading