Ikner logged off. Four minutes later, prosecutors say, he killed two people and injured six at Florida State. Ikner faces charges of murder and attempted murder. He has pleaded not guilty.

Ikner’s case is one of at least two known instances in just over a year in which mass shooting suspects have turned to AI chatbots as confidants to discuss violent scenarios or as sounding boards to plan attacks. The carnage is sparking lawsuits, government and law enforcement investigations and internal debate inside AI companies over a question Silicon Valley is struggling to answer: When a chatbot appears to be helping plan violence, who intervenes—and how fast?

OpenAI’s ChatGPT, the market leader in free chatbots, scans its chats for indications of potential violence. Yet OpenAI employees have raised alarms internally that the company routinely fails to alert law enforcement even when dangerous cases are flagged, valuing user privacy over the risk that someone may act out violent scenarios they describe to ChatGPT, according to people familiar with the matter.

Disagreement over what cases should be reported to law enforcement was visible at an internal OpenAI meeting last summer, convened to review how earlier cases had been handled, according to some of the people. Some staff felt two cases should be reported to authorities, but they ultimately weren’t.

This April, Florida Attorney General James Uthmeier said his office opened a criminal investigation into OpenAI over ChatGPT’s role in the Florida State shooting.

“If this were a person on the other end of the screen, we would be charging them with murder,” Uthmeier said, adding: “People need to be held accountable.”

A spokeswoman for OpenAI has said the company doesn’t believe ChatGPT was responsible for Ikner’s actions and said OpenAI proactively shared the conversations with law enforcement after the incident.

“We have a zero-tolerance policy for using our tools to assist in committing violence,” another spokeswoman for OpenAI said, adding that “We continue to strengthen our safeguards.”

She said that includes improving how ChatGPT responds to signs of distress, connecting people with local support and mental health resources, strengthening how the company assesses and escalates potential threats of violence and improving detection of repeat policy violators.

She said OpenAI aims to immediately revoke access to its services as soon as it determines that a user broke one of its rules. She said revoking access can include disabling the account, banning other accounts of the same user and taking steps to detect and stop the user from opening new accounts.

OpenAI has also said it trains its models to discourage users from committing real-world harm.

News Corp, owner of The Wall Street Journal, has a content-licensing partnership with OpenAI.

A vigil after the shooting at Florida State University on April 17, 2025, in Tallahassee, Fla. Miguel J. Rodriguez Carrillo/Getty Images

A memorial after the Florida campus shooting. Miguel J. Rodriguez Carrillo/Getty Images

The scrutiny extends beyond Florida. In Canada, the families of victims and a survivor of a February 2026 mass shooting that killed eight people in the mining town of Tumbler Ridge, British Columbia, are accusing OpenAI of failing to alert authorities after the company’s internal review system flagged the shooter’s conversations as troubling.  

They filed seven lawsuits in U.S. District Court in Northern California last week alleging wrongful death, negligence, violations of product liability standards and aiding and abetting the shooting.

In December, a coalition of 42 state attorneys general demanded safeguards to protect vulnerable users from harmful interactions with chatbots, warning that “developers may be held accountable for the outputs of their GenAI products” for “encouraging an individual to commit a criminal act.” The attorneys general shared their concerns in a letter to major AI companies including OpenAI, Meta, Anthropic, Google and xAI.

“This world-changing technology is exciting and alluring on many levels, but it is also extremely dangerous when unbridled, as we have seen in tragedies all across the country,” Pennsylvania Attorney General Dave Sunday said in a statement.

Credible and imminent risk

OpenAI has long wrestled with how to balance users’ privacy against public safety. OpenAI says it has a specialized team of safety experts who refer accounts to law enforcement when users make comments to ChatGPT that appear to constitute a credible and imminent risk of serious physical harm to others.

An automated system at OpenAI reviews user chats and alerts employees to potentially serious cases when someone appears to be using ChatGPT for violence, threats, self-harm or other cases that violate OpenAI’s rules. Employees then can review the material and flag it to the safety experts if they believe the case warrants a referral to law enforcement.

The company has struggled to implement the policy consistently because of differing views on where to draw the line on users’ privacy, people familiar with the matter said.

Last summer, OpenAI gathered a team of executives and employees to examine previous conversations between users and ChatGPT that discussed violence, including school shootings, the people said. The team, including workers from investigations, operations, product policy and legal, analyzed about 10 cases in an effort to clarify criteria for when to refer cases to law enforcement.

Staff from the investigations team who participated in the meeting told colleagues they believed the company should be calling law enforcement more frequently than the approximately 15 to 30 users they refer to authorities each year. Such a belief broadly matches the feelings of the investigations department employees in their day-to-day assessments, the people said.

The legal team at the meeting, however, often argued that users should be afforded more privacy, echoing a sentiment that OpenAI Chief Executive Sam Altman has expressed internally, the people said.

The company has said it weighs the risk of violence against privacy considerations and the potential distress to individuals and families of involving law enforcement. A spokeswoman for OpenAI said referring cases to law enforcement too broadly can introduce unintended harm, and over-enforcement in these situations can be distressing for a young person and their family, particularly when police show up unannounced.

Some employees have expressed frustration that the company appeared reluctant to share cases that might alarm authorities about the ways its chatbot responded to some users.

Staff reviewed a case at the meeting in which the company had contacted law enforcement about a high-schooler in Tennessee who appeared to be using ChatGPT to plan a school shooting. 

The OpenAI team debated alerting law enforcement about a teen that some in the review meeting believed was contemplating shooting classmates at his Texas high school, the people said. 

Often when he came home from school, the chat logs indicated, the teen asked ChatGPT to role-play a scenario in which he would shoot his teachers and classmates. He uploaded images of himself with a gun.

“The kid would tell ChatGPT let’s fantasize about shooting up my school,” one person familiar with the conversations recalled. “And ChatGPT would play along.”

He uploaded a map of the layout of his school, as well as photos of cheerleaders whom he said he wanted to imagine killing, along with their boyfriends, the people familiar with the matter said. In hourslong sessions, he asked ChatGPT to create scenarios, such as how he would enter the school, which victims he would encounter, and when he would open fire.

ChatGPT remembered the names of the classmates he said he wanted to imagine killing, and advised the teen on where he would enter and exit the building, and what he could say when cops arrived, the people said.

OpenAI leaders ultimately decided not to contact authorities about the Texas teen. He hasn’t committed any acts of violence that employees are aware of.

A real mass shooting

Some staff also advocated alerting law enforcement when they examined the chat logs from a user named Jesse Van Rootselaar, the people said.

Van Rootselaar’s descriptions of gun violence over the course of several days made several employees uncomfortable. They interpreted the writings as an indication of potential real-world violence, the Journal has previously reported.

OpenAI leaders ultimately decided not to contact authorities.

Months later, in February, Van Rootselaar would allegedly conduct the mass shooting that devastated Tumbler Ridge.

Officials and others after the mass shooting in Tumbler Ridge, British Columbia, in February. Jennifer Gauthier/Reuters

People comfort each other at a vigil for the victims of the Tumbler Ridge shooting. Christinne Muschi/The Canadian Press/Associated Press

OpenAI has said that it has bolstered safety protocols since the shooting and that under its enhanced law enforcement referral rules, it would have referred Van Rootselaar’s account to law enforcement if it were discovered today.

The OpenAI spokeswoman said mental and behavioral health experts now help OpenAI assess difficult cases, and the company broadened its referral criteria to be more flexible to account for the fact that a user may not explicitly discuss the target, means and timing of planned violence in a ChatGPT conversation but that there may still be potential risk of imminent and credible violence.

In late April, Altman apologized in a letter to the town of Tumbler Ridge for not alerting police sooner to the activity of Van Rootselaar, an 18-year-old transgender woman. He said his company will work more closely with governments to prevent future tragedies. “I want to express my deepest condolences to the entire community,” Altman wrote. “No one should ever have to endure a tragedy like this.”

OpenAI has also wrestled with how to respond when people outside the company submit concerns about the behavior of ChatGPT users.

On the April day a San Francisco woman’s ex-boyfriend walked out of jail, where he had been held on charges of stalking and harassment, she had her lawyer ask OpenAI to block him from using ChatGPT.

For months, the woman had asked OpenAI to stop his chatbot-fueled attacks against her, including fake psychological reports about her he sent to her colleagues, a chat log he created titled “violence expansion list” and a death threat he made using ChatGPT.

Initially, OpenAI described her report as “extremely serious and troubling.” Then the company stopped responding to her.

“It’s hard to overstate the impact this had on our client,” said Jay Edelson, the attorney representing the woman. “She was under siege.” Edelson also represents the plaintiffs in the lawsuits related to the Canada case.

In April, a San Francisco judge ordered OpenAI to ban the ex-boyfriend’s account.

Banning accounts doesn’t always stop people from finding their way back to their chatbots. In Canada, Van Rootselaar opened a new account after deactivation by using the same name with a different email address, according to one of the lawsuits in the case.

OpenAI didn’t discover the second until after Van Rootselaar was identified publicly as the suspect in the mass shooting.

‘Happy (and safe) shooting!’

The AI industry as a whole is struggling with the issue of potentially violent users. OpenAI rival Anthropic also reviews users’ chats with its chatbot, and when its safety systems identify exchanges that show intent of harmful or violent behavior toward a person or organization, a special team of people reviews them, according to a spokeswoman. If they deem it necessary, they share the exchanges with law enforcement, the spokeswoman said.

Anthropic’s chatbot, Claude, outperformed ChatGPT in tests, according to the Center for Countering Digital Hate and CNN, which assessed how chatbots respond when users seek help with violent attacks.

The researchers posed as people planning attacks, asking 10 popular chatbots about locations to target and weapons to use.

“Within minutes, a user can move from a vague violent impulse to a more detailed, actionable plan,” said Imran Ahmed, chief executive of Center for Countering Digital Hate, a nonprofit that aims to combat online hate speech and misinformation. “Those requests should have prompted an immediate and total refusal.”

The nonprofit found eight of the 10 chatbots assisted the testers in more than half of responses, providing advice on targets and weapons to use. ChatGPT gave one researcher who feigned interest in school violence maps to a high school campus. 

While ChatGPT occasionally offered discouragement, only the chatbots from Snap and Anthropic reliably refused these requests, according to the researchers.

One response the nonprofit cited as typical of messages from Anthropic’s Claude chatbot: “I’m stating this plainly: Do not harm anyone. Violence is never the answer to political disagreement.” Claude then refused to assist the user further and directed the user to a mental health helpline.

“Anthropic’s Claude proves this isn’t a question of whether platforms can implement safeguards. The question is: why on earth haven’t they?” Ahmed said.

In contrast, DeepSeek, a Chinese AI company, concluded its answers to a user’s questions about weapons selection with a foreboding farewell.

“Happy (and safe) shooting!”

Illustrated excerpts are taken from Phoenix Ikner chats with ChatGPT, according to a transcript of the exchanges reviewed by The Wall Street Journal.

Now, the cannibals are at the gate.

Altman’s leadership as chief executive officer of OpenAI is in the spotlight; the growth story of the company he built is facing scrutiny ahead of an IPO; and his home in San Francisco was recently under attack. Bringing it all to a head: a civil trial began last week in a federal court where Elon Musk was trying to oust Altman, his former partner, and gunk up OpenAI’s going-public ambitions.

What happens in the weeks and months to come will define Altman’s legacy. Will he be remembered as the Musk of his era, a glass-eating founder who overcame great obstacles to prove everyone wrong? Or will he become like Travis Kalanick, a talented entrepreneur who flamed out in the midst of scandals before Uber Technologies could go public and reward investors who had worried that he wasn’t the guy to land the plane despite everything already accomplished.

It’s a strange juncture for Altman, a man who just a few months ago seemingly orchestrated making OpenAI, through many interconnected tech-industry deals, too big to fail.

The would-be master of the universe was even having a hard time managing his own schedule—let alone his narrative. On Tuesday, Altman should have been celebrating a deal at a swanky downtown San Francisco event put on by Amazon Web Services. Instead, he was across the bay in Oakland, Calif., for opening arguments in the Musk lawsuit.

Elon Musk in Oakland, Calif., for testimony in his lawsuit. Benjamin Fanjoy/Getty Images

“I wish I could be there with you in person today,” Altman told the Amazon audience via a recorded video message played on a giant screen. “Uh, my schedule got taken away from me.”

Things are getting away from Altman in more ways than one. Now, the question is whether Altman is the right guy to take OpenAI to the next level.

That is especially poignant as the company’s bitter AI rival Anthropic is capturing market share and seeing a rapidly rising valuation in a race with OpenAI to go public.

And then there is my colleague Berber Jin’s report that OpenAI has missed its own revenue targets. That is an especially troubling sign for a company fueled by investors counting on massive growth to justify its recent $852 billion valuation. (In response to the report, Sarah Friar, chief financial officer at OpenAI, told Bloomberg News, “We feel like we’re beating our plan at the highest level.”)

News Corp, owner of The Wall Street Journal, has a content-licensing partnership with OpenAI.

We’ve seen these kinds of dramas play out before. A hot Silicon Valley tech player on the cusp of going public, a payday for all of those who gambled on its once unlikely success that somehow became obvious…and then trouble.

Musk knows this kind of moment. He has lived his own version of it.

His dream for Tesla could have easily crashed. Some on the Tesla board in 2008 questioned having him as CEO. 

It’s easy to imagine how the then-struggling company could have pivoted to become a battery-pack supplier rather than continuing on a path that would eventually make it the world’s most-valuable car company.

Yet Musk muscled through, and his lore was born.

Part of Musk’s narrative was described in the opening arguments Tuesday. “His own personal story is pretty compelling,” Musk’s lawyer told the jury.

The early days of startups have a way of making enemies out of early partners. (Musk doesn’t have nice things to say about one of Tesla’s co-founders.)

In this case, Musk and Altman created OpenAI as a nonprofit. Along the way, the two had a falling-out, and Altman created a for-profit subsidiary.

A courtroom sketch shows Musk during cross-examination as Judge Yvonne Gonzalez Rogers and Altman look on. Vicki Behringer/Reuters

OpenAI’s lawyers have denied wrongdoing. They argue that Musk knew a for-profit arm was needed to raise funding and recruit talent, and that the lawsuit is motivated by competition. Years after breaking with OpenAI, Musk developed his own for-profit AI ambitions through xAI, now part of SpaceX, which is also preparing for an IPO.

For Musk, the stakes in the case might be as much about hubris as financial considerations—though he is seeking damages that could exceed $180 billion. While some legal scholars think the odds are against his winning, Musk has already won in a lot of ways. He has spent the past two years framing his former partner as “Scam Altman”—something of an AI-era flimflam man.

To be sure, both men came into the trial with baggage—the judge has essentially said as much.

And Musk didn’t disappoint those who see him as a “world-class jerk,” as one juror described him in a questionnaire before the trial. At times, Musk spent his days on the witness stand coming off as thin-skinned.

He might be a villain to some. But the lore of Musk is still rooted in an element of wonder. Say what you will about his politics; the Tesla Model Y drives like a bird-dog in the hunt. His antics might be off-putting, but his pursuit of renewable rockets has helped reignite humanities’ dreams for space and beyond.

Like Musk, Altman, who is expected to testify later in May, has adopted a similar habit of talking about a bright future made possible by technology. His record for changing the world, however, is less obvious.

Instead, Altman has increasingly become the personification of AI technology. For some, that is good. For others, Altman is ushering in something worrisome, not wonderful.

Beyond the trial, the enduring risk for OpenAI, which Musk has gleefully helped fuel, is the concern that Altman can’t be trusted.

You can hear echoes of that away from the courthouse. 

As I reviewed Tuesday’s events at a bar near Altman’s home in San Francisco’s Russian Hill neighborhood, I couldn’t help but overhear a conversation. A tech bro was telling the bartender his worries about AI and job security. “Sam Altman,” the man declared for all to hear, “he’s actually Satan.”

It was another reminder that Altman’s lore is still being written. 

The Global AI Race

Coverage of advancements in artificial intelligence, selected by the editors

Get WSJ's AI Newsletter

AI Has Made Memory Chips One of the World’s Most Profitable Products

OpenAI Sued by Seven Families Over Mass Shooting Suspect’s ChatGPT Use

Oracle’s Deluge of AI Debt Pushes Wall Street to the Limit

America’s Largest Landowner Is Using AI to Digitize the Forest

“This is a warning,” an agent told her, according to court records and a video recording. “We know you live right here.” 

Liz McLellan took this photo of federal immigration agents making an arrest on Jan. 21 in Westbrook, Maine. Then an agent held up his phone to McLellan’s face. Agents went to McLellan’s house not long after. Liz McLellan

In the battle against illegal immigration, the U.S. is spending hundreds of millions of dollars on tools that give federal agents easy access to the home and workplace addresses of American citizens, their social-media accounts, vehicle information, flight history, law-enforcement records and other personal information, as well as data to track their daily comings and goings, The Wall Street Journal found. 

This newly expanded domestic surveillance system, a high-tech dragnet built to locate, track and deport people residing illegally in the U.S., allows thousands of federal agents nationwide to peruse a trove of data belonging to more than 300 million people, including citizens.

As agents gain more powerful tools—including the ability to crack encrypted messaging apps and scan a person’s WhatsApp and Reddit—department limits on their use are shrinking, according to interviews and a Journal review of DHS policy documents.

Privacy experts and former department employees say the administration is aggressively interpreting existing rules and ignoring limits set by prior administrations. The immigration crackdown is testing the legal and ethical boundaries of citizen surveillance and privacy rights, according to former department officials. 

In addition to McLellan, 48 years old, at least four other Maine residents say they were singled out and threatened after observing the work of federal agents, according to court records. Two of the people in a continuing civil rights lawsuit accuse DHS of unlawfully using their license plates and biometric data to track and intimidate them for exercising their First Amendment rights. DHS said it operates in full accordance with the law.

“The retaliation we’ve seen against Americans who chose to lawfully record DHS activities should alarm everyone,” said Rush Atkinson, a former Justice Department attorney who is representing the two people in the case. “This is a fundamental First Amendment right, and the public has the right to know why the government is collecting data on those who peacefully protest.”

Observers recording ICE agents on Feb. 5 in Minneapolis. Stephen Maturen/Getty Images

Federal immigration agents knocking at a residence in Minneapolis on Jan. 9. Bridget Bennett for WSJ

With the backing of Congress and President Trump, DHS spent a record $425 million on surveillance tech in the past year, a 17% increase from the prior year. Federal spending is on pace to set another record in 2026, according to an analysis of federal contract data by the Journal. DHS received $191 billion for immigration enforcement in last year’s One Big Beautiful Bill Act. 

Some Democratic lawmakers have questioned the department’s use of surveillance technology, including cellphone hacking tools. In response to those concerns, the DHS inspector general announced in February an investigation into the department’s collection of biometric data.

Civil rights groups and others have filed four federal lawsuits alleging the department’s use of surveillance tools to revoke visas and arrest immigrants without warrants, or to threaten bystanders observing federal agents, were all violations of the Constitution. DHS denied wrongdoing in those cases.

Enforcing immigration law “is essential to protecting America’s national security, public safety and economic strength,” DHS said in response to questions.

Immigration and Customs Enforcement is responsible for tracking more than 7 million immigrants, including those ordered out of the U.S., released from detention or who await an immigration court hearing, DHS said. 

“We are not going to divulge law enforcement-sensitive methods,” DHS said, but the department employs various forms of technology, while “respecting civil liberties and privacy interests.”

“We do of course monitor and investigate and refer all threats, assaults and obstruction of our officers to the appropriate law enforcement,” DHS said. “Our law enforcement methods follow the U.S. Constitution.”

Who’s who

Palantir is the top beneficiary of DHS’s stepped-up spending on deportation and surveillance work, according to a Journal review of government records, contracts, documents describing privacy concerns and people familiar with the matter.

Palantir quadrupled its DHS contracts to $81.3 million after Trump’s return to the Oval Office last year, largely for work linking data streams for use in immigration enforcement. The department in February signed a four-year, $1 billion blanket agreement that allows for continuing work from the Miami-based data analysis company.

Last year, DHS paid Palantir $30 million to put a broad span of information about individuals into an app on agents’ smartphones, allowing them to plot the location of people in the U.S. The app, known as Enhanced Leads Identification and Targeting for Enforcement, or ELITE, lets officers research and track individuals based on criminal history, license plate searches, name, date of birth or locations. 

The results display on a map or as a list, according to ICE agents. The app pulls from a variety of government databases, including information compiled by private investigators known as “skip tracers” who track the current addresses of individuals. “Our work is focused on the address fidelity of noncitizens,” a Palantir spokeswoman said.

An ICE agent during court testimony last year compared ELITE to Google Maps: Targets appear as pins on a map, clustered around addresses where immigrants, including “lawful permanent residents,” are likely to live, court records show. 

Federal immigration agents chatting in April at the Border Security Expo in Phoenix. Rebecca Noble/Reuters

Palantir CEO Alex Karp speaking with employees at a company office in Washington last year. Stephen Voss for WSJ

Immigration agents used ELITE to identify an apartment complex outside Portland, Ore., in a town populated by agricultural workers, according to court records. On an early October morning, federal officers watched a white van leave the parking lot. 

They radioed the van’s license plate number to a field team, and the query returned the name of an immigrant on their target list. Agents pulled the van over and, without a search or an arrest warrant, handcuffed the driver and passengers, according to court records from a continuing federal lawsuit.

One ICE agent testified in court that the arrests were justified because at least one individual refused to share their name. That made the individual a flight risk with “no way to go locate this person again,” the agent said. Immigration law allows officers to make warrantless arrests if someone is both in the U.S. illegally and likely to escape before a warrant can be obtained.

In February, the federal judge in the case found that ICE was “casting dragnets over Oregon towns” and held that warrantless arrests made, in part, from use of ELITE violated the Constitution because federal agents determined several people were flight risks only after they were in custody—rather than because agents had probable cause before making an arrest.

A federal immigration agent using a facial recognition tool on a person at a hearing with his family last year at an immigration court in New York. The man was detained briefly and released. David Dee Delgado/Reuters

Visitors leaving a detention facility used by ICE last year in Adelanto, Calif. Patrick T. Fallon/AFP/Getty Images

Through the year beginning in January 2025, the U.S. paid consulting firms, including Deloitte, $130 million, to aid ICE’s deportation efforts and law enforcement support work. New consultant contracts call for analysts to monitor people on social media, identify threats and create dossiers about people who make them.

DHS awarded $15 million to tech company Cellebrite for forensic tools to unlock phones and extract call logs, GPS location data, text messages, deleted photos, contacts and email addresses, DHS documents show. CBP renewed agreements with vehicle-forensics firm Berla to retrieve data, including travel history, from the vehicles of suspects.

Last year, DHS reactivated a $2 million contract with the U.S. subsidiary of Israeli spyware company Paragon Solutions, which makes Graphite, a hacking tool that can infiltrate encrypted messaging apps such as Signal and WhatsApp.

ICE agents can access vehicle information and travel history from databases that collect information from electronic license-plate readers installed on highways and at the U.S. border. DHS paid $20 million last year to data brokers, including Thomson Reuters and LexisNexis, which said its tools aren’t used for “monitoring.”

Nearly $21 million went to companies that track and identify targets with biometric technology. That included $8 million to NEC for a facial-recognition algorithm that identifies passengers boarding planes. DHS rolled out an app last year that allows agents to identify people from images, using NEC technology. DHS also expanded its use of Clearview AI, another facial-recognition database, which contains more than 70 billion photos. 

NEC, which for years has aided airport screening for CBP, processed photo images of roughly 200 million travelers, according to congressional testimony. “We provide technology in accordance with U.S. law and contractual agreements,” an NEC spokesperson told the Journal.

In March last year, DHS deployed Mobile Fortify, an app that allows agents to point their phone camera at a person’s face and retrieve names, birth dates, citizenship or immigration status and information about family members, government documents show.

Around the same time, DHS officials deleted policy memos that set limits on the use of facial recognition in investigations, according to former department officials. The department archived and later restored mention of a policy that said the government can’t investigate individuals lawfully protesting government activities.

One DHS staffer who worked last year in the office that developed policies on border and immigration practices said even his team wasn’t sure what the agency’s rules were.

DHS policies governing facial-recognition and face-capture technologies remain unchanged, the department spokeswoman said.

In the Oregon case, agents took a photo of one individual and Mobile Fortify gave two possible identities, both of them wrong, according to court records.

‘Domestic terrorist’

In October, Marimar Martinez, en route to a Chicago church to donate clothes, saw an unmarked vehicle she suspected was carrying federal agents. She called out a warning to residents in Spanish, La migra! La migra! 

Martinez, a 31-year-old teaching assistant, had no clue she was under government watch.

Marimar Martinez, a U.S. citizen who was shot by a Border Patrol agent in 2025, at a relative’s home on April 11 in Chicago. Jamie Kelter Davis for WSJ

Federal agents knew Martinez had reshared a Facebook post ostensibly identifying an immigration officer’s personal YouTube account. Within a day of her sharing the post, CBP circulated her name and photo with a warning to agents in the field: Martinez, a U.S. citizen, was a potential threat.

She was following the unmarked vehicle and shouting her warning less than a week after she drew the government’s scrutiny. The two vehicles collided, officers got out and the driver, a Border Patrol agent, shot her five times.

Martinez, who survived her injuries, was called a “domestic terrorist” by DHS officials. She was charged with assaulting an officer by using her car as a weapon, a felony crime that carried a maximum prison sentence of 20 years. 

Martinez said the vehicle carrying federal agents sideswiped her. “They said I, quote unquote, rammed federal agents,” she said at a congressional hearing in February. “If they only knew I was a month away from paying off my truck, and I would never intentionally damage my vehicle, much less be crazy enough to hit” law-enforcement officers.

A photo of Marimar Martinez’s injuries after her shooting by a federal agent in October 2025. Jamie Kelter Davis for WSJ

Federal investigators used data from a network of license-plate readers and traffic-surveillance cameras collected by local police to retrace her movements in the days before the shooting, court documents show. They showed her running errands and commuting to work, according to Martinez’s lawyer.

The tracking information originated from Flock Safety, which contracts its services to about 100 police departments in the Chicago metropolitan area. “It is not Flock’s job to determine who should share or collaborate with the federal government,” said Joshua Thomas, a spokesman for the company, which operates in 49 states.

The government moved to drop its case against Martinez a month after the shooting, and the judge dismissed the charges. 

Martinez would see her bullet scars for life, she said at the congressional hearing, but “perhaps even worse, the mental scars will always be there as a reminder of the time my own government attempted to execute me.”

Read the methodology

By Jacob Siegel

By Mary Harrington

Already a subscriber? Sign In