Masked engagement: how thousands of anti-immigration agents go undercover to spy on American citizens

In partnership with

At Debrief, we mostly tell stories about people who assume other identities to enter places they would otherwise be unable to access. We usually write about journalists doing this to expose matters of public interest, but we have also covered unusual cases in which intelligence agents or police officers operate undercover. The principle is always the same: undercover work is an extreme method that often produces extraordinary stories, but it is justifiable only when it serves to protect a greater good. It should never be tolerated or normalized if its application risks undermining democratic principles, as in the case of the story we are telling today.

According to an internal document from the U.S. Department of Homeland Security (DHS), thousands of anti-immigration agents from agencies such as ICE and the Border Patrol may be able to infiltrate the digital lives of citizens using false identities, without the authorizations that a standard undercover police operation would require, such as judicial approval. The workaround used to justify these operations at the edge of legality hinges on a single term: “masked engagement.”

This issue is written by Luigi and edited by Sacha.

Masked engagement

On February 13, 2026, American journalist Ken Klippenstein published on his Substack an internal Customs and Border Protection document titled “Component Plan for Operational Use of Social Media.” He had received it from an anonymous source. The Department of Homeland Security (DHS), contacted for comment, did not deny its authenticity.

To understand what the document contains, one must first understand how the system worked before it was issued. Over time, the DHS had built a five-tier operational hierarchy for collecting intelligence through social media. At the lowest level was open interaction, in which the agent openly declared their identity. At the fourth level was “masked monitoring”: agents using fake accounts to passively observe public content without interacting. At that level, agents could not request access to private groups, send friend requests, or comment. They could only watch. At the highest level was “undercover engagement”: full-scale undercover operations, built around structured false identities, subject to strict internal approvals and rigorous legal review.

The document published by Klippenstein introduces a sixth category, positioned between the fourth and fifth levels. It is called masked engagement. Under this framework, DHS agents may create false profiles without disclosing their identity, send friend requests, join closed groups, access photographs, contact lists, and otherwise private content. And they may do so without formal authorization. The only limitation imposed, according to Klippenstein’s reporting, is that agents must not cross the threshold of “substantive engagement”, in other words, they must not interact “too much,” a concept the document intentionally leaves undefined. Which raises the obvious question: what, in practical terms, distinguishes traditional undercover work from this so-called “masked” engagement?

According to a senior DHS official who spoke to Klippenstein anonymously, masked engagement would currently be available to more than 6,500 agents and intelligence operators within the department. It represents a significant expansion, described by the same official as “explicitly linked to more intense monitoring of American citizens”. The source added something rarely heard from an insider at a security agency: masked engagement, they said, would be only the first step toward violating individuals’ privacy settings in ways they are unaware of. This is not an external critic making that claim. It is someone inside the system.

Some tools that are a little … Creepy

The document is not the only material that Ken Klippenstein examined. Behind masked engagement lies a technological infrastructure designed to make it practically invisible, and some of its tools carry names that sound as if they were lifted from a John le Carré novel.

The central system is called Silo, developed by the cybersecurity company Authentic8. It functions as an intermediary layer between the agent and the internet. Instead of connecting directly to social media, leaving traces that could be traced back to a government network, the agent navigates through an isolated, remote browser combined with a controlled network egress specifically configured to conceal the true origin of the connection. The government IP address effectively remains invisible. This infrastructure would therefore allow, for example, a federal agent to join one of the many Facebook groups that report and document misconduct by ICE agents, appearing to the group’s administrator as an entirely ordinary user, and to do so while leaving almost no trace.

Alongside Silo, the documents reviewed by Klippenstein reveal an arsenal of tools with specific functions: GOST, Giant Oak Search Technology, is the search engine used to cross-reference social media profiles with real-world identities; ShadowDragon, a well-known OSINT tool in law enforcement circles, reconstructs online activity to identify behavioral patterns in individuals of interest; and then there is Creepy: a free, open-source tool that extracts geolocation data from the metadata embedded in photos posted online. If you uploaded a photo taken with your phone without disabling location services, Creepy can determine exactly where you were when the image was captured. As Klippenstein pointedly notes, the name alone is revealing.

Rachel Levinson-Waldman, director of the Liberty and National Security Program at the Brennan Center for Justice, described the program as “insidious”: “This new capability is being shoehorned in one step below undercover engagement (which already allows for a lot of overreach), it appears CBP believes that friending someone, following them, or joining a group is not as invasive as directly engaging or interacting with individuals.”. She adds that operations of this kind “will weaken trust in government and weaken the trust that is critical to building community both online and off.”

The Montco Community Watch case

In September 2025, a few months before masked engagement became public knowledge, the Department of Homeland Security sent a subpoena to Meta requesting the identification of the administrators of a Facebook and Instagram page called Montco Community Watch. It was a bilingual social media profile, in English and Spanish, that posted alerts about ICE operations in Montgomery County, Pennsylvania. Meta notified the administrators of the request. The American Civil Liberties Union (ACLU) of Pennsylvania intervened in court. Before a judge could issue a ruling, the DHS withdrew the subpoena.

During the same period, the DHS sent a subpoena to Google seeking to identify a retired man who had written a polite email to a federal attorney involved in an asylum case, urging the agency to “apply common sense and decency.” Weeks later, DHS agents appeared at his home. That subpoena, too, was withdrawn after legal intervention by the ACLU.

On February 10, 2026, just days before Ken Klippenstein published the masked engagement document, the Electronic Frontier Foundation (EFF), a nonprofit focused on digital civil liberties, sent an open letter to Amazon, Apple, Discord, Google, Meta, Microsoft, Reddit, Snap, TikTok, and X. The letter urged these companies to resist such subpoenas and to require judicial oversight before complying. The requests were far from random: they aimed at systematically de-anonymizing anyone who documents, criticizes, or even simply observes the operations of U.S. security agencies.

In every instance in which its actions were legally challenged, the DHS withdrew its requests before a judge could rule. As the EFF has observed, this pattern suggests that the government is fully aware of the constitutional fragility of what it is attempting to do.

Renaming to evade: the politics of definitions

There is a mechanism at the center of this story that goes beyond any political position on immigration or dissent. It might be called the engineering of categories. It works like this: take something the law regulates carefully, say, an undercover operation, and invent a new word to describe a slightly modified version of the same practice. The new word does not appear in legal codes, is not expressly provided for by statute, and lacks case law support. It exists in a space that, by its very nature, is difficult to challenge directly until a judge rules on it specifically.

This mechanism is not new. It is the same logic that produced “enhanced interrogation techniques” instead of “torture” during the George W. Bush administration. “Targeted killing” instead of “assassination” for drone strikes. “Administrative detention” instead of “internment without trial” at the Guantanamo Bay detention camp. In each case, a new term is coined to carry out an old act without the constraints that originally accompanied it.

In the case of masked engagement, the new term appears to have been crafted to allow roughly 6,500 agents to conduct undercover activity without calling it undercover. The operational boundary is essentially undefined, and an undefined boundary can be interpreted in a thousand different ways.

Until the next Debrief,
Sacha & Luigi

Wake up to better business news

Some business news reads like a lullaby.

Morning Brew is the opposite.

A free daily newsletter that breaks down what’s happening in business and culture — clearly, quickly, and with enough personality to keep things interesting.

Each morning brings a sharp, easy-to-read rundown of what matters, why it matters, and what it means to you. Plus, there’s daily brain games everyone’s playing.

Business news, minus the snooze. Read by over 4 million people every morning.

Try Morning Brew for Free

Se ti sei imbattuto in un’inchiesta sotto copertura che secondo te dovremmo raccontare, segnalacela qui:
👉 https://forms.gle/1JbqMBJUfoRU9MBp7

Se hai consigli, domande, segnalazioni (o insulti), scrivici per email a:
👉 [email protected]

Se questa newsletter ti è piaciuta, passala agli amici con questo link:
👉 https://debrief-newsletter.beehiiv.com/

Questo è il nostro Instagram, ogni tanto caricheremo delle cose diverse dalla newsletter:
👉 https://www.instagram.com/debrief_undercover/

Abbiamo anche iniziato un podcast, con interviste agli autori di inchieste undercover memorabili:
👉 https://open.spotify.com/show

E se proprio non ti basta, c'è anche il nostro canale Telegram dove possiamo continuare la conversazione:
👉 https://t.me/debrief_undercover