Madison Square Garden Sues WIRED Over Reporting on LGBTQ Data and Surveillance
MSG says WIRED distorted an ordinary customer database. The lawsuit follows reporting on LGBTQIA identity labels, celebrity risk scores, facial recognition and the alleged tracking of a trans woman.

Madison Square Garden’s internal systems had already been linked to facial recognition, visitor monitoring, exclusion lists and the alleged two-year tracking of a trans woman before the company sued WIRED over its latest investigation. The lawsuit is a new legal escalation in a surveillance record that was already raising questions about who MSG tracks, what information it retains and how that information may be used.
MSG Entertainment filed a defamation complaint after WIRED reported on an internal database containing 39,539 entries for celebrities, politicians, athletes and other public figures. Roughly 400 entries carried some form of risk designation, while other fields identified people as LGBTQIA or marked them “Do Not Host.” WIRED reported that 93 entries contained an LGBTQIA label.
MSG does not dispute that the database existed or that LGBTQIA identifiers appeared inside it. The company disputes what WIRED said those records revealed.
According to MSG’s public defense and court claims, WIRED took unrelated fields from a customer-relationship-management system and presented them as evidence that the company was targeting LGBTQ+ people for surveillance or exclusion. MSG says the identity labels supported outreach, event invitations, sponsorship opportunities, charitable giving and other relationship-management work.
WIRED stands by its reporting and has described the lawsuit as “baseless and ridiculous.” The outlet says it will continue investigating MSG and billionaire James Dolan’s use of technology throughout his entertainment empire.
The legal dispute is therefore not primarily about whether MSG collected the information. It is about what that collection meant, how the fields could be used and whether the LGBTQIA labels can be separated from the wider surveillance machinery operating inside the same institution.
That distinction matters because sensitive identity data does not exist in a vacuum. It existed inside an entertainment empire that has used facial recognition, maintained risk classifications, monitored critics and exercised broad authority over who could enter its venues.
For trans and LGBTQ+ people, the accountability question begins before a court decides whether WIRED’s headline crossed a legal line. It begins with why a corporation controlling major public-facing venues retained sexual-orientation and gender-identity information at all, who could access it and whether it could be searched, exported or compared with security and risk records.
MSG says the LGBTQIA field served inclusion. That explanation does not answer who was permitted to see the field, how long the information was retained or whether it remained restricted to marketing and community-relations staff. It does not establish whether the data could be viewed by security personnel or connected to other internal systems. It also does not explain what safeguards existed to prevent identity information from being repurposed after collection.
The database itself contained far more than LGBTQIA labels. WIRED reported that the overwhelming majority of its nearly 40,000 entries had no risk score, but approximately 400 did. Some records referenced social-media concerns, while separate classifications ranged from lower-level flags to complete venue bans. A source cited by WIRED said physical-security threats were documented in another database, underscoring that MSG maintained multiple systems with different stated functions.
Those distinctions must be preserved. The public record does not establish that every person marked LGBTQIA received a risk score, nor does it prove that sexual orientation automatically produced surveillance or exclusion. The lack of a documented automatic connection, however, does not make the collection harmless when the institution retaining those labels also possesses facial-recognition technology, internal dossiers, security cameras, exclusion authority and detailed information about visitors’ movements.
WIRED’s earlier investigation into Madison Square Garden’s surveillance operation showed what that capacity can look like when directed at one trans woman. The outlet used the pseudonym Nina Richards to protect her privacy and reported that MSG security followed her movements through its camera network over approximately two years, documenting when she sat down, ordered a drink, entered an elevator and used a bathroom. WIRED reported that current and former employees described the scrutiny as excessive, while a former security employee’s lawsuit alleged that her trans identity influenced how she was treated. MSG rejected the reporting and characterized the allegations as false or unverified.
Richards was a trans woman attending events in a public-facing venue while a private security operation allegedly turned her ordinary movement into an institutional record. Her reported experience reveals the imbalance built into private surveillance: the institution controls the cameras, the facial-recognition tools, the reports and the language used to justify monitoring, while the person being watched may never know what was written about them, who saw it or how the record shaped decisions about their access.
That imbalance becomes even more dangerous when identity data is retained at scale. The records behind WIRED’s database report emerged after the ShinyHunters hacking group breached MSG’s systems and released stolen material. WIRED reported that a much larger customer database contained millions of unique email addresses, phone numbers and other personal details, with some records dating back more than a decade.
A proposed federal class action filed after the breach alleges that MSG failed to protect sensitive information belonging to employees, visitors and other individuals. The complaint says the compromised material may have included information connected to biometric monitoring and threat assessments. Those claims have not been adjudicated, but they sharpen the public consequence of MSG’s collection practices: information gathered for security, marketing or relationship management can become exposure once the institution loses control of it.
The accumulation of data gives an institution power over the people inside its systems, while long-term retention creates vulnerability that extends beyond the institution itself. Once a breach occurs, personal information, identity markers and security records can move into the hands of people who were never part of the original collection.
For trans and LGBTQ+ people, the danger is not limited to identity theft. Sexual orientation and gender identity can expose people to harassment, employment discrimination, family rejection, stalking or targeted violence when disclosed without consent. Even when an institution claims an inclusive purpose, storing that information creates a record that can be breached, misused or interpreted by people far removed from the original reason for collecting it.
MSG’s lawsuit now moves the fight from its internal systems to a courtroom. The company argues that WIRED manufactured a discriminatory narrative by combining ordinary customer data with separate security classifications, while WIRED argues that its reporting accurately described a database operating inside a company already facing sustained scrutiny over its surveillance practices. A court may eventually decide whether specific statements were defamatory, but that legal question does not erase the wider public record surrounding MSG’s technology.
WIRED previously reported that MSG’s security network monitored critics, protesters, attorneys and other people regarded as potential institutional problems. Its investigation described facial-recognition alerts, internal communications, detailed movement tracking and a security culture that former employees portrayed as driven by loyalty to Dolan and suspicion of perceived adversaries. MSG rejected those characterizations.
The lawsuit places legal and financial pressure on the newsroom examining that system. Press freedom matters here because the people inside surveillance records rarely control access to those records themselves. They often depend on whistleblowers, lawsuits, leaked documents and journalists to reveal what institutions collected and how that information was used.
At the center are Richards and the other people whose identities, movements or private information entered systems they could not see. That includes LGBTQ+ public figures whose identities appeared in an internal corporate database and customers whose personal information was allegedly exposed after MSG accumulated and retained it.
The collection leaves major accountability gaps. MSG has not publicly resolved who entered LGBTQIA labels, what sources were used, whether those fields could be searched or exported, whether security staff could view them, whether they could be compared with risk assessments or facial-recognition alerts, or what auditing existed to detect discriminatory use. The public record also leaves unanswered whether Richards’s trans identity appeared in any internal database and how many other people were monitored without knowing that institutional records were being created about them.
MSG describes its CRM system as ordinary, but ordinary software can become surveillance infrastructure when it operates inside an institution with cameras, biometric tools, private security teams and the power to classify or exclude. Its inclusion defense also does not require trans and LGBTQ+ communities to accept unseen identity files without knowing who can access them or how those files interact with the rest of the institution. The company may challenge WIRED’s interpretation in court, but litigation cannot erase the underlying records or the history that made those records alarming.
Madison Square Garden says its LGBTQIA labels were tools of outreach rather than discrimination. That defense does not remove the surveillance system surrounding the data, the reported tracking of a trans woman or the danger created when a corporation stores sensitive identities alongside the machinery to monitor, classify and exclude.
The lawsuit may determine what WIRED can prove in court. It cannot make the people inside MSG’s records disappear.
Trans people should not have to enter public venues wondering whether their identity, movements or private data are being recorded inside a surveillance system they cannot see.
Support Trans United’s work documenting anti-trans harm and strengthening trans safety, housing, healthcare and survival infrastructure.



So what if she’s trans… that’s her business. Why are they tracking everyday ordinary citizens?!? I think this is a “test case”. If this is accepted, if this becomes normalized….then everyone can be tracked in their everyday lives. For those who say that it won’t happen to them : “First they came for the Socialists/ Trade Unionists/ Jews…” And who will then have this data🤔?? No… this is a huge violation of privacy. Shut this down.