Papers, Please!

In a final rule published last week at 75 Federal Register 5487-5481, the Department of Homeland Security has exempted most of the data used by the illegal “Automated Targeting System - Passenger” (ATS-P) from the various requirements of the Privacy Act that information used to make decisions about individuals must be accessible to them on request, accurate, relevant, collected directly from the data subjects whenever possible, and so forth.

The proposal to exempt ATS records from the Privacy Act has been pending for more than two years. In the final rule, the Obama administration adopts, with no changes whatsoever, all of the exemptions proposed by the DHS under the previous administration.  The analysis accompanying the final rule acknowledges, but dismisses more or less out of hand, our comments from two years ago objecting to the proposed exemptions as illegal.  (These followed two sets of comments we filed in 2006, when the ATS itself was first disclosed, objecting to the entire system as illegal.)

On the same day last week, the DHS published a separate final rule similarly exempting from the Privacy Act portions of the “Border Crossing Information” (BCI) system, a log of each person’s entries to and exits from the U.S. which was first disclosed as a part of ATS before being declared a separate system of records. The final BCI exemption rule similarly adopted all of the proposals the previous administration has proposed in 2008, and dismissed our objections to its illegality out of hand.

You can still request your own ATS and other travel records from the DHS.  Even if the newly-promulgated exemptions are upheld, they leave you entitled to substantial portions of your ATS dossier.  We are continuing to pursue our own pending Privacy Act requests and appeals, some of which are themselves more than two years old and all of which were made before the new exemptions were finalized and thus are not subject to the “exemptions”.

Our primary objection is to the very existence of a system under which the government requires common carriers to identify each would-be traveler and get the government’s permission (”clearance”) before they can travel.  Such a scheme is made far worse, however, when those “fly/no-fly” or “cleared/inhibited/not cleared” decisions are made not only in secret by unknown bureaucrats, not judges, and on the basis of secret files about each citizen.

The new exemptions, applicable to future requests for ATS records, are sweeping.  But we are particularly disturbed that the exemption rules purport to authorize the DHS to collect and use an entirely undefined and open-ended category of commercial data obtained from airlines as part of their Passenger Name Records (PNR), and withhold that commercial data, on grounds of “business confidentiality”, from the would-be travelers against whom it is used.

That exemption for commercial data in PNRs creates a limitless loophole through which the DHS could secretly make use, in passenger profiling and “targeting” decisions, of commercial data of any sort.  As long as it is channeled to the DHS through inclusion in PNRs (which as commercial records are themselves subject to no U.S. privacy or disclosure requirements at all), the DHS could base passenger “targeting” decisions on commercial blacklists, credit scores, or records or ratings by data aggregators.  But those are not legal grounds to prevent travel by common carrier.

We’ve been having a hard time keeping up with events over the last few weeks. Every time we think the keystone cops from the Department of Homeland Security can’t come up with anything dumber to do, they prove us wrong. At this point we’re not sure who is most deserving of derision: (1) the would-be terrorist who tried but failed to explode his underpants, and succeeded only in burning his balls, (2) the goons the TSA sent to intimidate bloggers who tried to tell travelers what to expect when they got to the airport, and find out who had “leaked” the TSA’s secrets, but who left their own notebook of “secret” notes about their investigation of this and other cases behind in a public place, or (3) the TSA agents who felt so ill at the smell of honey they found in checked luggage that they checked themselves into a hospital and shut down the airport. It’s a tough call. Leave your votes, or other nominations, in the comments.

What’s most striking about the government’s response to this unsuccessful bombing attempt is the complete lack of any rational relationship between the actions that have been taken and are being proposed, any analysis of which of these and similar tactics did or did not contribute to the success or failure of the Christmas Day attack on Northwest Airlines flight 253, and any likelihood that they would make future attempts at terrorism less likely to succeed.

Now that the dust has settled a bit, perhaps it’s time to survey the security, security theater, surveillance, and travel control techniques at issue: (more…)

TSA Acting Administrator Gail Rossides testified today before the Subcommittee on Transportation and Infrastructure of the House Homeland Security Committee.  You can watch the archived video from the public portion of the hearing yourself; a closed subcommittee “executive session” with Acting Administrator Rossides followed. In addition to the anticipated spat over the TSA’s refusal to show the SOP to the members of the Congressional Committee, as the law requires, here are some things we thought were noteworthy:

• Rossides claimed that the unredacted version of the TSA’s Screening Management Standard Operating Procedures was “removed within hours” after the TSA learned last Sunday, December 6th, that it had been posted on a federal website at fbo.gov. That’s not true: it was available on the same site, although at a slightly more obscure URL, for several more days.
• Rossides mentioned that the TSA has “12 other SOPs”.  We’ve already filed a FOIA request for the two other SOPs whose names we now know (the “Checkpoint Screening SOP” and the “Checked Baggage Screening SOP”).  We’re following up with a FOIA request for all TSA SOPs regardless of what they are called. We’ll ask for the other ten by name as soon as we learn their names.  If you know, and you’d like to play, “Name that SOP”, leave a comment or send us a message.
• Rossides claimed that there had been “6 updates that had very significant changes” to the Screening Management SOP since the version that was posted.  But she wasn’t asked about, and didn’t repeat under oath, the TSA’s earlier claims that the version they posted (which matched the version number, date, and text of the redacted excerpts they sent us in response to our earlier FOIA request) “was neither implemented nor issued to the workforce”, or if that was true, why it posted or provided to us. We’re currently waiting for the TSA to act on our appeal of their stonewalling of our FOIA request for the most recent version of the Screening Management SOP, so that we can compare it.
• Rossides said she had “asked that we not release any other SOPs until we’ve completed a review.”  It wasn’t clear who she was referring to, but the only current effort to have any SOPs released are our and others’ similar FOIA requests.  In that context, Rossides appears to have been describing a directive, from the top, to stonewall those requests — which is exactly what seems to have been happening.  Rossides’ testimony could come back to haunt her, and the TSA, if the “good faith” and/or “diligence” of the TSA’s processing of FOIA requests for the SOPs becomes an issue in FOIA litigation.  If Rossides’ legal advisors know what’s good for the agency, they’ll have her issue a prompt, public disavowal of this statement, and a public overriding directive to the TSA FOIA office to process requests for the SOPs, like all other requests, in accordance with the law.
• The blatant discrimination in the SOP wasn’t mentioned by anyone.
• In response to a specific question about whether any effort was being made to identify who had downloaded the documents posted by the TSA, Rossides said that, “I believe that is part of what the [DHS] Inspector General is looking at…. The Inspector General has a list of those who have downloaded it and have it on their websites. We do know that.”  Rossides wasn’t asked, and didn’t say, what, if anything, the TSA or IG might do with that list.  But since we’re on that list — in good company with many others, of course — we’d love to know.

There’s more about the hearing on Flyertalk, where the unredacted SOP first came to light, and from a Flyertalk regular and blogger who spread the news further afield, and attended today’s hearing.

Today the Acting Director of the TSA is scheduled to appear before a Congressional subcommittee to testify about the posting of an unredacted version of the TSA’s “Screning Management Standard Operating Procedures (SOP)” on a government website.   (Confirmation of President Obama’s nominee for TSA Director has been held up by questions about whether he would allow TSA screeners to unionize.)

Members of the Committee have already asked questions about whether the TSA will ignore the First Amendment and prosecute people who legally reposted the information released by the government. On the other hand, we doubt that they will ask about the blatantly discriminatory and illegal provisions in the SOP, even though we’ve discussed our complaint with the subcommittee’s staff and made sure they had a copy.

We had to fight to get even censored excerpts from the Screening Management SOP in response to our earlier FOIA requests and appeals, and we’re not surprised that the TSA is stonewalling our current appeal for the complete current version. This morning, the Washington Times reports that the TSA is resisting showing the current SOP even to Congress:

[W]hen Gale Rossides, acting administrator of the Transportation Security Administration (TSA), testifies before a House panel Wednesday, key members say they will press for a copy of what the government says is a newer, more secretive manual to examine for themselves.

Rep. Charlie Dent, Pennsylvania Republican and ranking member of the House of Homeland Security subcommittee on transportation security and infrastructure protection, along with Rep. Gus Bilirakis, Florida Republican and ranking member of the investigations and oversight subcommittee, asked for a copy of the current version in a letter to Ms. Rossides on Friday.

But the agency is stonewalling and allowed only select committee staffers to review the new manual and its half-dozen revisions for one hour on Monday.

Mr. Dent questions whether the revisions are as substantial as the TSA claims, why mitigation efforts are being put in place if there are no new risks exposed by the leak, and why Congress can’t have a copy.

Today’s hearing will be webcast, and we’ll be watching with interest.

Three members of Congress have sent a joint letter to Secretary of Homeland Security Janet Napolitano about the posting of a version of the TSA’s Screening Management Standard Operating Procedures on a Federal government website.  (We’re still pursuing our FOIA appeal for the current version and related documents, which the TSA has been stonewalling, as well as our complaint against the blatantly discriminatory portions of the procedures.)

The signers of the letter to the DHS Secretary include Rep. Pete King, ranking Republican members of the House Homeland Security Committee, which has scheduled a hearing on the release of the TSA procedures this Wednesday, December 16, 2009.  (The Committee’s Chairman has already sent the TSA some questions of his own in advance of the hearing.)

Among the questions the three Representatives ask are the following:

6. How has the Department of Homeland Security and the Transportation Security Administration addressed the repeated reposting of this security manual to other websites and what legal action, if any, can be taken to compel its removal?

7. Is the Department considering issuing new regulations pursuant to its authority in section 114 of title 49, United States Code, and are criminal penalties necessary or desirable to ensure such information is not reposted in the future?

Perhaps these members of Congress haven’t bothered to read the current law that protects the right to “use” (such as by removing the black blocks that were coded to appear over portions of the document) and “redissemination” of documents (such as by reposting on other websites), once they are made available to the public as this one was on a public government website:

44 U.S.C. 3506(d)

With respect to information dissemination, each agency shall—

(1) ensure that the public has timely and equitable access to the agency’s public information, including ensuring such access through—
(A) encouraging a diversity of public and private sources for information based on government public information;
(B) in cases in which the agency provides public information maintained in electronic format, providing timely and equitable access to the underlying data (in whole or in part); and
(C) agency dissemination of public information in an efficient, effective, and economical manner;

(2) regularly solicit and consider public input on the agency’s information dissemination activities;

(3) provide adequate notice when initiating, substantially modifying, or terminating significant information dissemination products; and

(4) not, except where specifically authorized by statute—
(A) establish an exclusive, restricted, or other distribution arrangement that interferes with timely and equitable availability of public information to the public;
(B) restrict or regulate the use, resale, or redissemination of public information by the public;
(C) charge fees or royalties for resale or redissemination of public information; or
(D) establish user fees for public information that exceed the cost of dissemination.

In the course of testimony before the Senate Homeland Security Committee, the Director of the FBI’s “Terrorist Screening Center” (TSC) has, for the first time, stated publicly what the government claims to be the “substantive derogatory criteria” used in the (secret, non-adversarial, extra-judicial) process of determining whether to place a name on the “No-Fly” list, i.e to deny a person their Constitutional and human rights to travel, as well as some tidbits about how that decision-making process works.

We wonder about the cadre of people Director Healy of the TSC is describing: Federal employees (your tax dollars at work!) who spend their working hours, day after day, in some secret room in a secret FBI facility, reviewing one dossier of one-sided “derogatory” information after another, never meeting or communicating with any of the people they judge, and deciding based solely on the dossier (including the records about the subject and their travel history from the “Automated Targeting System”) whether or not to “permit” that person to continue to exercise their rights.

Until someone from this team comes forward to talk about their work, the closest we can come to understanding what it might be like may be the Federal bureaucrats of an earlier era of infamy whose job it was to evaluate interned Japanese-Americans to decide which to allow out of the camps, which to allow to live where in the country, and which to allow to hold which jobs.  Their story is told by Prof. Eric Muller (isthatlegal.org) of the University of North Carolina Law School in American Inquisition: The Hunt for Japanese American Disloyalty in World War II. But unlike today’s TSC staff, they were able to interview and/or see responses to questionnaires completed by internees, rather than judging completely in the dark, from the file of “derog” alone.

If anyone at the TSC wants to talk about their job, we’re all ears. In the meantime, here’s what the head of the TSC had to say about their work:  (more…)

To: TSA.OCR-ExternalCompliance@dhs.gov, civil.liberties@dhs.gov
Subject: National-origin discrimination in TSA “Screening Management SOP”
Date: Friday, 11 December 2009

According to the TSA Civil Rights Policy Statement:

“[T]he public we serve are to be treated in a fair, lawful, and nondiscriminatory manner, without regard to … national origin.”

However, according to Appendix 2A-2.C.1(b)(iv) of the TSA Screening Management SOP (Revision: 3, Date: May 28, 2008, Implementation Date: June 30, 2008), as posted at fbo.gov, and as we have discussed [on our website]:

“If the individual’s photo ID is a passport issued by the Government of Cuba, Iran, North Korea, Libya, Syria, Sudan, Afghanistan, Lebanon, Somalia, Iraq, Yemen, or Algeria, refer the individual for selectee screening unless the individual has been exempted from selectee screening by the FSD or aircraft operator.”

As applied to dual U.S. citizens or permanent U.S. residents from these countries traveling domestically within the U.S., this provision of the SOP imposing “selectee screening” (more intrusive search and/or interrogation) on the overt basis of national origin is, on its face, in flagrant violation of the TSA Civil Rights Policy Statement, statutory and Constitutional obligations, and obligations of compliance with Article 12 of the International Covenant on Civil and Political Rights (ICCPR), a treaty ratified by and binding on the U.S., and which all federal agencies have been specifically instructed to comply with by Executive Order 13107 on Implementation of Human Rights Treaties (61 Federal Register 68991).

Accordingly, the Identity Project requests that appropriate investigation, enforcement, and corrective action be taken against the agency and the personnel responsible for these illegally discriminatory procedures.

Please reply to confirm your receipt and docketing of this complaint as a complaint of a civil rights violation and a complaint of violation of the ICCPR, in accordance with Section 3 of Executive Order 13107:

“Sec. 3. Human Rights Inquiries and Complaints. Each agency shall take lead responsibility, in coordination with other appropriate agencies, for responding to inquiries, requests for information, and complaints about violations of human rights obligations that fall within its areas of responsibility or, if the matter does not fall within its areas of responsibility, referring it to the appropriate agency for response.”

We also specifically request that this complaint be included in your next report of complaints of violations of the ICCPR to the U.N. Human Rights Committee, as is required by Article 40 of that treaty.

If your office is not the office within DHS and/or TSA designated pursuant to Section 3 of Executive Order 13107 as responsible for responding to complaints of violations of human rights treaties including the ICCPR, we request that you refer this complaint to that office (in addition to your own action on this complaint of violation of domestic civil rights law), and inform us of the contact information for that office to which it has been referred and from which we can expect a response.

Sincerely,

The Identity Project

[Since the TSA and DHS have a habit of ignoring our email, we've also sent copies of this complaint by snail-mail.]

There are no legally binding rules (other than those provided by the federal Privacy Act, the U.S. Constitution, and international human rights treaties, all of which the TSA routinely ignores) specifying the limits of TSA authority at checkpoints, what you do and don’t have to do, and which questions you have to answer or orders you have to obey.

So the traveling public, and public interest organizations like the Identity Project, have been reduced to trying deduce the de facto “rules” from the TSA’s internal procedures manuals and directives to its staff, using the Freedom of Information Act — to the extent that we’ve been able to find out what documents to ask for by name, and that the TSA has been willing to release them, usually in incomplete and censored (”redacted”) form.

Now the TSA has done us a favor by posting an unredacted version of the document of which we’ve received only portions of an earlier version, and the complete current version of which is the subject of one of our current FOIA requests: the TSA’s “Screening Management Standard Operating Procedures (SOP)”.

In posting the document on a federal government website (fbo.gov, for “Federal Business Opportunities”) as part of the public specifications for bidders on a TSA contract, the TSA added red outlines highlighting certain portions of the PDF document, and coded black rectangles to overlay them as a separate layer of the PDF file.  But they left the complete text and images unredacted, so that they could be selected, cut, and pasted into a text editor from any PDF reading software.  For your convenience, we’ve posted a copy with the black blocks removed, but the red highlights and everything else retained, so you can see what portions the TSA might have been trying (ineptly) to hide.  Despite false TSA claims that it “was immediately taken down from the Web site”, as of today the original version is still available on the same government site, although at a slightly more obscure URL.

If, like us, you were hoping to learn the non-rules for TSA checkpoints and “screening” (search and interrogation), the Screening Management SOP is disappointing.  It’s mostly about bureaucratic procedures for checkpoint supervisors.  There’s been a lot of excessive commotion about whether its posting was a security breach or provides a “road map for terrorists” (it doesn’t), but little attention is being paid to some more significant things it reveals.

Here’s what we think is really significant about this document, and its release, and what we’re doing next: (more…)

A traveler attempting to return home from a political conference (a gathering clearly protected by the First Amendment right to assemble) was arrested at a TSA checkpoint at the airport in Albuquerque, New Mexico on Sunday after they (1) politely declined to show tangible evidence of his identity and (2) began recording audio, video, and/or still photographs of the incident with a handheld device. The traveler, Phil Mocek, has been a regular participant in discussions of ID requirements and TSA procedures on Flyertalk.com, and has been mentioned here before for his efforts to uncover what the “rules” if any) are at TSA checkpoints. According to initial reports and discussion elsewhere, he was released Monday, after a night in jail, and charged with “concealing identity, disorderly conduct, refusing to obey an officer, and criminal trespass.”

As of now, it’s unclear whether the arrest was primarily in retaliation for Mr Mocek’s declining to proffer evidence of his identity or his recording of audio, video, and/or still photographs.  It’s also unclear whether he was arrested by, or at the behest of, Feds or local or state law enforcement officers (or TSA contractor rent-a-cops?), an issue that has figured prominently and sometimes decisively in other ID-demand and checkpoint cases.

We wish Mr. Mocek success in defending against these bogus charges and obtain obtaining redress from those responsible. We’ll have more to say as soon as we have a chance to see the actual complaint.

(We’ve been in touch with Mr. Mocek. As of now, he’s due in court on February 5th, 2010, but can’t comment on what happened, on the advice of counsel.  But if you’d like to help him fight back, you can contribute to his legal defense fund.)

As part of an effort to derail the lawsuit brought by the ACLU on behalf of Steve Bierfeldt — who was detained and interrogated at a TSA checkpoint at the St. Louis airport because he was (a) carrying an (entirely legal) amount of cash that the TSA agents apparently didn’t like, although they admitted that there was any suspicion that he had violated any TSA regulation or posed an threat to aviation, and (b) declined to answer questions about his money unless the TSA told him, which they persistently declined to do, whether he was legally required ot answer their questions — the TSA has filed a public declaration with the court that includes their latest “Management Directive” on searches of travelers.

The directive is the first official TSA document to be made public concerning the limits (if any) and authority (if any) for TSA searches of travelers. It’s part of the information the Identity Project is currently attempting to obtain through a pending request under the  Freedom of Information Act for the TSA’s “Screening Management Standard Operating Procedures” (SOP) as well as “any and all … interpretive or guidance notes, usage instructions, or the like”, such as the Management Directive included in the TSA’s court declaration.  Under FOIA, the TSA’s response to our request is due by this Friday, November 13th, unless they ask for a 10-day extension for special reasons, and we are eager to see the rest of the SOP and the directives interpreting and implementing it.

The “Management Directive” in the declaration filed with the court by the TSA only concerns searches.  It does cover  searches for evidence of identiy, although to avoid categorizing them as “searches” it describes them as “screening for identification media”.  But it’s completely silent regarding interrogations, Miranda warnings, or your right to remain silent.  So it looks like neither Steve Bierfeldt nor the public will get an answer, at least for now, to the question he kept asking the TSA agents who detained and interrogated him: “Am I legally required to answer that question?”