Archive for the ‘Secret Law’ Category

Congress investigates TSA treatment of whistleblowers

Monday, September 8th, 2014

Former TSA “Air Marshall” Robert MacLean will be one of the witnesses testifying at a hearing tomorrow before the House Oversight Committee, “Examining the Administration’s Treatment of Whistleblowers“.

As we’ve previously reported, Mr. Maclean is the petitioner in a case to be argued this term before the US Supreme Court, DHS v. MacLean.  Mr. Maclean was fired for disclosing “secret” but unclassified “Sensitive Security Information” (SSI) that was only designated as SSI by the TSA three years after Mr. Maclean shared it with the DHS Office of the Inspector General,  members of Congress, and journalists.

DHS regulations prohibit the designation of information as SSI to conceal official misconduct, but that appears to have been a common practice, and to be ongoing (although under challenge) in other cases.

The House Oversight Committee has sometimes been accused of partisan witch-hunting. That doesn’t appear to be the case with this issue, however. A recent bipartisan report by the committee staff — itself the result of whistleblowing by the former head of the TSA’s Office of SSI – focuses on the political use of SSI designation decisions, in Mr. Maclean’s case in particular, to block the release of information that might embarrass the TSA, regardless of whether it fits the definition SSI in the law and regulations.

Government asks for “do-overs” and delays in no-fly lawsuits

Tuesday, September 2nd, 2014

Faced with a series of Federal court rulings upholding challenges to “no-fly” orders, or allowing them to proceed toward trial, the US government agencies responsible for “no-fly” orders have responded by pretending that they don’t understand what the courts have ordered them to do.

Instead of complying with court orders, the responsible agencies are asking for months of additional time.

In one case, the request for delay is to get “clarification” of a straightforward court order — and to prepare and submit a different set of pleadings than the exhibits and summaries of testimony the court had demanded.

In another case, the government has asked the court — which has already found that the defendants’ secret no-fly decision-making process unconstitutionally denied the plaintiffs due process of law — to remand the case to the defendants themselves, and give them six months to devise and subject the plaintiffs to yet another extra-judicial “review” of the no-fly list by the defendants, before the court even considers whether that (yet to be devised) new-and-improved administrative no-fly listing and internal kangaroo-court “review” system would be Constitutional.

The first court ruling that the no-fly system or a specific no-fly decision was unconstitutional came in January 2014, following the trial last December in San Francisco in Ibrahim v. DHS.  But Dr. Rahinah Ibrahim is not a US citizen, the US government won’t give her a visa to return to the US, and under US law visa denials are generally not subject to judicial review.  So Judge William Alsup’s ruling in that case has had little practical effect either on Dr. Ibrahim or on no-fly listing and decision-making practices affecting other would-be travelers.

Two other pending cases, however, involve US citizens (and in one of the cases some permanent residents or  green-card holders as well) who would be able to travel freely if they weren’t on the no-fly list.

(more…)

FOIA appeals reveal problems with PNR data

Thursday, August 21st, 2014

We’ve noticed a disturbing pattern in how the DHS, and specifically US Customs and Border Protection (CBP), has responded to people who have asked the DHS for its files about themselves.

Eventually — typically months later than the statutory deadline for responding to a FOIA request — CBP has sent the requester a file of information about their international travel, including a log of entries, exits, and borders crossings.

But even when the requester has explicitly asked for the Passenger Name Record (PNR) data that CBP has obtained from their airline reservations, or has asked CBP for “all” its records about their travel, or for all data about themselves from the CBP “Automated Targeting System” (most of which consist of CBP copies of PNRs), CBP has completely omitted PNR data — or any mention of it — from its response.

People who don’t work in the air travel industry typically don’t know what PNRs look like. So it isn’t obvious to most recipients of these incomplete responses that what they’ve been given doesn’t include any PNR data. Only when these people showed us copies of the responses they received from CBP have we been able to point out, or confirm, that PNR data was completely absent from the initial CBP response.

When these people have filed administrative appeals, specifically pointing out that their requests included PNR data, CBP has responded to their appeals by sending them redacted copies of CBPs mirror archive of airline PNRs, as contained in ATS.  But there’s been no apology, and explanation in any of these responses to appeals of why the PNR data wasn’t included in the initial response. It seems likely that CBP didn’t even bother to search its PNR database in response to the initial requests, either out of gross negligence, gross incompetence, malice, and/or bad faith. (CBP has refused to disclose how PNR data and other information in ATS is indexed, queried, or retrieved. Even though the Privacy Act requires this information to be published in the Federal Register, the judge hearing our lawsuit ruled that it was exempt from disclosure.)

We’ve seen this pattern even in responses to requests from journalist and public figures which, according to DHS policy, would have been subject to pre-release review and approval by the DHS “front office”.  The DHS front office has been intimately involved in international disputes related to PNR data, and is fully aware of the existence of this component of DHS dossiers about innocent travelers. So the incomplete responses to FOIA requests can’t be blamed on low-level staff or a lack of oversight or awareness by senior officials.

One of those high-profile cases was that of Cyrus Farivar, Senior Business Editor at Ars Technica.  As Mr. Farivar reported earlier this year, CBP’s initial response included no PNR data, even though he specifically included PNR data in his request.  After Mr. Farivar appealed, CBP gave him the PNR data he had originally requested.

There was nothing Mr. Farivar’s DHS file that we haven’t seen in other DHS copies of PNRs.  But his report about what he received highlights some of the problems with the contents of these DHS records.

(more…)

Sai v. TSA: A case study in TSA secrecy

Tuesday, August 19th, 2014

Time and time again, the TSA has acted as though its middle name was “secrecy” rather than “security”.

Case in point: Sai v. TSA.

There’s a lot at issue in this case, but here are some of the problems with the TSA that it has exposed:

Sai poses no threat to aviation security. He has an unusual but recognized medical condition, attested to by documentation from his doctor that he carries when he travels, for which he needs ready access to liquids.  The TSA is required by law to accommodate such medical disabilities, as it easily could.  TSA press releases claim that travelers are allowed to bring medically necessary liquids through TSA checkponts in any quantity.

But TSA employees at airport checkpoints at Logan Airport in Boston and the TSA contractors who staff the checkpoints at San Francisco International Airport have, among other improper actions, seized Sai’s medical liquids, denied him access to his medical liquids while detaining him, and refused to allow him to pass through checkpoints or travel by air unless he abandoned his medical liquids.

While detaining Sai, TSA employees and contractors have conducted searches unrelated to weapons or explosives (but directly related to activities protected by the First Amendment), including reading through and copying documents Sai was carrying.

The TSA has never tried to claim that any of these actions were justified by “security” concerns. Instead, the TSA has responded to Sai’s requests for information, administrative complaints, and eventual federal lawsuit solely on the basis of secrecy, when it has responded at all, arguing that it isn’t required to divulge anything about what it has done, why, or whether it is justified.

The TSA claims to practice “layered security,” but Sai’s saga shows how the TSA actually practices “layered secrecy” to shield its activities from public and judicial accountability.

(more…)

Lawsuit challenges “watchlisting” of Michigan Muslims

Thursday, August 14th, 2014

A lawsuit filed today in Federal District Court in Michigan challenges “the widespread government practice of placing names on watch lists without providing individuals with any notice of the factual basis for their placement and without offering a meaningful opportunity to contest the designation.”

According to the complaint:

This lawsuit is an expression of anger grounded in law.  Our federal government is imposing an injustice of historic proportions upon the Americans who have filed this action, as well as thousands of others.  Through extra-judicial and secret means, the federal government is ensnaring individuals into an invisible web of consequences that are imposed indefinitely and without recourse as a result of the shockingly large federal watch lists that now include hundreds of thousands of individuals.

So far as we can tell, this is the first lawsuit informed by the publication last month of the US government’s “Watchlisting Guidance“, and last week of a breakdown of who has been “watchlisted”.

These leaked documents, published by The Intercept, make clear that names can be added to “terrorism” watchlists without any individualized basis for suspicion. They also confirmed the overwhelming focus of “terrorist” watchlisting on Arab and Muslim Americans. The leaked documents don’t explicitly categorize watchlist entries by religion or ethnicity, but the correlation is strongly suggested by the fact that more people in Dearborn, Michigan, have been watchlisted than people in any other U.S. city except New York.  Dearborn has only 96,000 people, but 40% of them — the highest percentage of any U.S. city — are of Arab descent.  Not surprisingly in light of this pattern of watchlisting, the Council on American Islamic Relations (CAIR) has played a leading role in challenges to watchlisting practices and consequences.

(more…)

US government’s witchhunting manual made public

Monday, July 28th, 2014

The Intercept has published the March 2013 edition of the US government’s Watchlisting Guidance. This 166-page document, previously kept secret as Sensitive Security Information (SSI), provides standardized but not legally binding “guidance” to Federal executive agencies as to how, on what basis, and by whom entries are to be added to or removed from terrorism-related government “watchlists”, and what those agencies are supposed to do when they “encounter” (virtually or in the flesh) people who appear to match entries on those lists.

The Intercept didn’t say how it obtained the document.

The “Watchlisting Guidance” is the playbook for the American Stasi, the internal operations manual for a secret political police force.  As such, it warrants careful and critical scrutiny.

Most of the initial reporting and commentary about the “Watchlisting Guidance” has focused on the substantive criteria for adding individuals and groups to terrorism watchlists.  Entire categories of people can be added to watchlists without any basis for individualized suspicion, as discussed in Section 1.59 on page 26 of the PDF.

These criticisms of the watchlisting criteria are well-founded. But we think that there are at least as fundamental problems with what this document shows about the watchlisting procedures and the watchlist system as a whole.

(more…)

Is it a “state secret” that the no-fly list is unfair?

Monday, July 14th, 2014

Faced with a series of decisions by federal District Court judges that the procedures for putting names on the “no-fly” list lack the due process of law required by the Constitution, and with more no-fly and “watchlist” (blacklist) cases on track toward trial, the government is trying to claim that the basis (if any) for putting a US citizen on the no-fly list is a “state secret” exempt from judicial review.

The case of Gulet Mohamed, a Virginia teenager who was placed on the US no-fly list while he was visiting family members overseas, is one of the most egregious examples of the FBI’s systematic abuse of the no-fly list. It appears that Mr. Mohamed was placed on the no-fly list in order to pressure him to become an FBI informer, as was done with many other US citizens. When Mr. Mohamed’s visa expired and he couldn’t fly home to the USA, he was taken into immigration detention in Kuwait, where he “was repeatedly beaten and tortured by his interrogators,” one of whom spoke “perfect American English.”

After a series of government attempts to get Mr. Mohamed’s complaint dismissed for on jurisdictional and other grounds were rejected, the case was set for the first trial ever on the merits of a no-fly order. (The government had avoided such a trial in the case of Dr. Rahinah Ibrahim by conceding, on the eve of trial, that her initial placement on the no-fly list had been an FBI mistake.)

At this point, however, the government has invoked the “nuclear option” by moving to dismiss Mr. Mohamed’s complaint on the basis of a declaration by Attorney General Eric Holder that the reason (if any) why Mr. Mohamed is on the no-fly list is a “state secret” and that it would endanger national security to allow the court to review the no-fly decision or the evidence (if any) supporting it.

(more…)

Court rules “no-fly” review procedures lack due process

Thursday, June 26th, 2014

In a significant reaffirmation of the decision earlier this year in Ibrahim v. DHS, another federal District Court has now found that the US government’s administrative procedures for reviewing and appealing “no-fly” decisions violate both Constitutional standards of due process and the requirements of the Administrative Procedure Act.

The ruling this week by Judge Anna J. Brown of the US District Court for the District of Oregon, in Portland, comes in the case of Latif, et al. v. Holder, et al. This lawsuit was brought in 2010 by the ACLU on behalf of ten US citizens and permanent residents (green card holders). Their stories, as summarized in Judge Brown’s latest ruling, vary, but all of them have been prevented from boarding international flights to or from the US, and/or overflying US airspace.

Some of the plaintiffs in Latif v. Holder have been trapped in the US, separated from family and/or employment opportunities abroad, while others are trapped overseas, unable to return home. At least one of the plaintiffs who booked passage on a passenger-carrying ocean freighter to return to Europe from the USA was denied boarding by the ship’s captain as a result of a “recommendation” from the US Customs and Border Protection division of DHS.

In 2012, the 9th Circuit Court of Appeals overturned the government’s effort to prevent the District Court from hearing this case. Last year, finally beginning to consider the merits of the complaint, Judge Brown ruled that international travel by air is a right that can only be restricted in accordance with due process of law.

Judge Brown’s latest ruling addresses whether the government’s current procedures, particularly the DHS “Traveler Redress Inquiry Program” (TRIP), provide such due process. Judge Brown has now decided that they do not, and must be changed to provide the subjects of no-fly orders with:

  1. Notice (at least after they have been denied boarding on an international flight and sought redress) of whether they are on the US government’s no-fly list.
  2. At least a summary of the nature of the “suspicion” and the evidentiary basis for the administrative decision to place them on the no-fly list.
  3. An opportunity for some sort of in-person hearing to present evidence to rebut the allegations and evidence against them.

Echoing Judge Alsup’s finding in Ibrahim v. DHS, Judge Brown found that the opportunity to submit exculpatory or rebuttal evidence through the TRIP program is meaningless without notice of what allegations have been made, on what evidentiary basis, and thus of what needs to be rebutted.

(more…)

Can the TSA retroactively declare public information “secret”?

Sunday, June 1st, 2014

At the request of the government, the Supreme Court has agreed to review the decision of the Court of Appeals for the Federal Circuit in favor of Robert MacLean, a TSA “air marshal” who was fired for telling a journalist, members of Congress, and the DHS Office of the Inspector General about an unclassified text message that the TSA,  three years later, would designate as “Sensitive Security Information” (SSI).

Mr. MacLean challenged his firing as being in violation of the Whistleblower Protection Act, which prohibits retaliation against Federal government employees for certain types of disclosures of information.  But the law has an exception for disclosures “specifically prohibited by law.”

A 3-judge panel of the Court of Appeals found that the ex post facto administrative designation of the text message by the TSA as SSI did not make its disclosure “specifically prohibited by law.”  The Court of Appeals unanimously denied the government’s petition for rehearing en banc.  Now the Supreme Court has decided to hear the case, DHS v. MacLean, during its 2014-2015 term.

The issue presented to the Supreme Court is the meaning of the phrase, “specifically prohibited by law,” in the Whistleblower Protection Act.  But the case is also necessarily about the extent of the TSA’s authority to create “secrets” retroactively and by administrative fiat.

Federal laws and regulations shouldn’t be interpreted by the courts as though they were written in Orwell’s Newspeak.  Information known to the public is not “secret”. The TSA cannot make it “secret” by retroactive administrative action, and should not be allowed to punish those who talk about or disseminate it.

TSA includes all air travelers in pre-crime profiling

Friday, May 23rd, 2014

TSA-Pre-Crime

Since late last year, we’ve gotten several inquires from readers wondering why they got a boarding pass marked “TSA Pre-Check” or were sent through the “Pre-Check” lane at a TSA checkpoint even though they hadn’t participated in the “TSA Pre-Check Application Program”.

The confusion stems from the TSA’s own misleading publicity about the program, which tries to persuade travelers “voluntarily” to provide additional information to be used by the TSA, in exchange for the hope of being subjected to slightly less intrusive searches at TSA checkpoints.

The logical (but wrong) inferences are that TSA Pre-Check is a members-only program, and that the Pre-Check lane at a TSA checkpoint is only for those travelers who have “applied” and been “accepted” into the program.

There are actually three distinct components to “TSA Pre-Check” as a pre-crime scheme:

  1. “Voluntary” submission and collection of additional personal information about those travelers who chose to participate in the TSA Pre-Check Application Program.
  2. Pre-crime profiling of all travelers and determination of a “risk assessment” score for each traveler, based on all information available to the TSA including the information, if any, submitted through the TSA Pre-Check Application Program.
  3. Graduated treatment of travelers at TSA checkpoints, including searches of varied intrusiveness and potential total denial of passage, on the basis of these risk assessments and other secret algorithms.

Only the application component of the program — the submission of additional personal information by travelers to the TSA — is voluntary.  The TSA obtains information from various sources about all travelers. All travelers are profiled. All travelers are assigned risk assessment (pre-crime) scores based on whatever information is available to the TSA.  All travelers are subjected to a more or less intrusive search, and may or may not be allowed to pass through the checkpoint, on the basis of these scores and other secret factors.

Some travelers who are assigned sufficiently low risk assessment scores and meet other secret criteria are directed to the “Pre-Check” lane and subjected to slightly less intrusive searches, regardless of whether they participated in the TSA Pre-Check Application Program.  The TSA calls this process “managed inclusion” in TSA Pre-Check.

A traveler whose risk assessment score is low enough, and who meets the other secret criteria (again, regardless of whether they participated in the TSA Pre-Check Application Program) can be selected for less intrusive search when she applies for a boarding pass.  The TSA’s assignment of such a traveler to the Pre-Check lane is sent to the airline with, or as part of, the permission message or Boarding Pass Printing Result (BPPR) for that traveler sent to the airline by the TSA.

The TSA’s Pre-Check designation is printed on the boarding pass and included in a 2D bar code in IATA-standard format. “For flights originating in the USA, the digital signing of barcodes and the management of security certificates and key pairs is required by the TSA.”

The TSA also assigns some travelers to Pre-Check lanes on the spot at its checkpoints, using secret criteria and techniques including a randomizer app (like the magical Sorting Hat at Hogwarts) to determine how intrusively to search each person.

Through this process, the TSA chooses one of four basic levels of search and seizure for each traveler:

  1. “TSA Pre-Check” (slightly less intrusive search)
  2. “Standard screening” (including virtual strip-search or manual groping)
  3. “Secondary screening” (more intrusive search including more thorough groping)
  4. “No-fly” (denial of the right to travel by common carrier, possibly accompanied by other adverse actions)

There are refinements within these basic categories. In a document filed with the court following the trial of Dr. Rahinah Ibrahim’s lawsuit challenging her placement on the no-fly list, the government disclosed that that each entry in the Terrorist Screening Database (which includes the no-fly list and the list of “selectees” for secondary screening) includes a “handling code” indicating what airline and checkpoint personnel should do if that person attempts to check in for a flight or pass though a TSA checkpoint.

We don’t know how many handling codes there are. But according to the government’s court filing:

[FBI Agent] Kelley designated Dr. Ibrahim as “handling code 3.” … [T]he majority of individuals in the TSDB were assigned handling codes 3 or 4…. Defendants state that the advantages of Handling Code 3 include allowing law enforcement officers to ask the individual probing but non-alerting questions, and searching the individual’s passport [REDACTED].”

Presumably, other handling codes include those that tell airline or checkpoint personnel to attempt to detain the traveler and contact local law enforcement agencies, the FBI, or the Terrorist Screening Center.

You can’t “opt out” of pre-crime profiling by choosing not to participate in the TSA Pre-Check Application Program.  You will be profiled, on a per-flight basis, every time you try to fly.

“Anything you say may be used against you,” although the TSA doesn’t say this on the TSA Pre-Check application forms.  If you participate in the Pre-Check Application Program, the additional information you provide will be added to the other inputs to the TSA’s black box. It might result in the TSA assigning you a lower risk score, and subjecting you to a less intrusive search.  Or it might result in the TSA assigning you a higher score, and searching you more intrusively or preventing you from traveling by air.