May 19 2020

TSA tries again to impose an ID requirement to fly

Air travel in the US has been reduced by more than 90%, measured by the numbers of people passing through checkpoints at airports operated by the Transportation Security Administration (TSA) and its contractors.

And the Department of Homeland Security (DHS) has postponed its threat to start unlawfully refusing passage to travelers without ID credentials compliant with the REAL-ID Act of 2005 for another year, from October 1, 2020, to October 1, 2021.

So relatively little attention is being paidright now to air travel or TSA requirements — making it the ideal time for the TSA to try to sneak a new ID requirement for air travel (to take effect in 2021) into place without arousing public protest.

Today, in collaboration with nine other organizations concerned with freedom of travel, identification, privacy, human rights, and civil liberties, we filed comments with the TSA in opposition to what is ostensibly a “Notice of intent to request approval from the Office of Mangement and Budget” for a new form, TSA Form 415.

Our comments were joined by the Identity Project, Freedom To Travel USA, Fiat Fiendum, Inc., National Center For Transgender Equality (NCTE), Restore The Fourth, Inc., Patient Privacy Rights, Defending Rights And Dissent, The Constitutional Alliance, Privacy Times, and Just Futures Law.

According to our comments, the TSA is attempting to “use the innocuous-seeming device of a request for approval of an information collection to introduce a fundamental and profoundly controversial change in substantive TSA requirements and the rights of travelers”: Read More

May 11 2020

Will courts finally make the TSA comply with FOIA?

The tenor of questioning by the judge in a Federal court hearing last week raises hope that the Transportation Security Administration (TSA) might soon be ordered to correct some of its longest standing and most systemic violations of the Freedom Of Information Act (FOIA).

It’s no exaggeration to say that, from its creation in November 2001, the TSA has acted with complete contempt for the FOIA law and the requirements that law imposes on the TSA and all other Federal agencies. Time after time, TSA failure to comply with FOIA has delayed, complicated, or completely frustrated our research and reporting on TSA policies and procedures, and has deprived the public of the opportunity for informed scrutiny and comment on what the TSA is doing, why, and with what effects on our rights.

One chronic problem is the way the TSA responds to FOIA requests for digital records.

Provisions of the FOIA statute that went into effect as part of the Electronic FOIA Amendments Act of 1996 —  years before the TSA came into existence — require that:

5 USC § 552(a)(3)(B)  — In making any record available to a person under this paragraph, an agency shall provide the record in any form or format requested by the person if the record is readily reproducible by the agency in that form or format. Each agency shall make reasonable efforts to maintain its records in forms or formats that are reproducible for purposes of this section.

When it set up its FOIA office and procured software for responding to FOIA requests, the TSA completely ignored this provision of FOIA. In a display of either gross incompetence or gross bad faith, the TSA and its parent the Department of Homeland Security (DHS) appear to have entirely omitted this legal requirement for production of records in any form and format in which they are readily reproducible from their procurement specifications and criteria for evaluation of proposals. Instead, the DHS and TSA standardized on the use of cloud-based FOIAXpress software that is designed to munge all records by converting them to rasterized images embedded in PDF files, regardless of the original file format.

There’s lots of other software that was, and is, capable of redacting files in native formats. But it’s impossible for any Federal agency to fulfill its FOIA obligations with respect to the form and format of production of records by using FOIAXpress. FOIAXpress should have been summarily eliminated from consideration for any Federal agency contracts as not capable of satisfying the EFOIA requirements. No Federal agency should ever have used it.

Read More

May 06 2020

First court ruling on a COVID-19 travel ban

Judge William Bertelsman of the U.S District Court for the Eastern District of Kentucky at Covington has issued a preliminary injunction prohibiting Kentucky state authorities from enforcing a “Travel Ban” order issued by Gov. Andy Beshear that prohibited most travel  into or out of Kentucky, and required anyone crossing the state line to self-quarantine for fourteen days thereafter.

In so doing, and in concluding that “the Travel Ban does not pass constitutional muster,” Judge Bertelsman has become, so far as we know, the first Federal judge to opine on the Constitutionality of any of the hodgepodge of restrictions on interstate travel that have been imposed across the country in the name of control of the spread of COVID-19.

We are pleased that Judge Bertelsman correctly recognized that the Kentucky travel ban based its restriction on criteria (state lines and residency status that are meaningless to the novel coronavirus) that are unrelated to the protection of public health.

Covington, KY, is located directly across the Ohio River river from the larger city of Cincinnati, OH, with which it forms a single cross-border interstate metropolis. Judge Bertelsman sits in Covington, KY, but was born in Cincinnati, OH. The main airport for Cincinnati is located in Kentucky, not in Ohio, and uses the airport code “CVG” for Covington. In normal, non-pandemic times, more than 200,000 vehicles cross the bridges between Covington and Cincinnati every day, with no more thought than they would give to crossing a bridge within either state.

The ruling this week on the Kentucky ban on interstate travel came in a lawsuit, Roberts v. Neace, filed as a class action on April 14, 2020. The complaint raised objections both to the ban on interstate travel and to other provisions of Gov. Beshear’s executive orders restricting mass gatherings  — including, but not limited to, gatherings for religious purposes — within the state of Kentucky.

Most of the argument on both sides, intervention by friends of the court, and news reporting about the case focused on the dispute over intrastate religion gatherings. Judge Bertelsman denied the plaintiff’s motion for a preliminary injunction on that claim, however, on the basis that it treated religious gatherings the same as all others, and was not specifically religious (or anti-religious) in intention or effect.

The claim that was upheld was against the interstate travel ban, on the following grounds which we hope that other courts considering similar cases will find persuasive:

The “‘constitutional right to travel from one State to another’ is firmly embedded in our jurisprudence.” Saenz v. Rose, 526 U.S. 489, 498 (1999) (quoting United States v. Guest, 383 U.S. 745, 757 (1966)). Indeed, the right is “virtually unconditional.” Id. (quoting Shapiro v. Thompson, 394 U.S. 618, 643 (1969)). See also United States v. Guest, 383 U.S. 745, 757 (1966) (“The constitutional right to travel from one State to another … occupies a position fundamental to the concept of our Federal Union. It is a right that has been firmly established and repeatedly recognized.”).

To be valid, such orders must meet basic Constitutional requirements. As the Supreme Court has stated: “(E)ven though the governmental purpose be legitimate and
substantial, that purpose cannot be pursued by means that broadly stifle fundamental personal liberties when the end can be more narrowly achieved. The breadth of
legislative abridgment must be viewed in the light of less drastic means for achieving the same basic purpose.” Aptheker v. Sec. of State, 378 U.S. 500, 508 (1964) (quoting NAACP v. Alabama, 377 U.S. 288, 307-08 (1964)).

The travel restrictions now before the Court violate these principles.

They have the following effects, among others:

  1. A person who lives or works in Covington would violate the order by taking a walk on the Suspension Bridge to the Ohio side and turning around and walking back, since the state border is several yards from the Ohio riverbank.
  2. A person who lives in Covington could visit a friend in Florence, Kentucky (roughly eight miles away) without violating the executive orders. But if she visited another friend in Milford, Ohio, about the same distance from Covington, she would violate the Executive Orders and have to be quarantined on return to Kentucky. Both these trips could be on an expressway and would involve the same negligible risk of contracting the virus.
  3. Family members, some of whom live in Northern Kentucky and some in Cincinnati less than a mile away, would be prohibited from visiting each other, even if social distancing and other regulations were observed.
  4. Check points would have to be set up at the entrances to the many bridges connecting Kentucky to other states. The I-75 bridge connecting Kentucky to Ohio is one of the busiest bridges in the nation. Massive traffic jams would result. Quarantine facilities would have to be set up by the State to accommodate the hundreds, if not thousands, of people who would have to be quarantined.
  5. People from states north of Kentucky would have to be quarantined if they stopped when passing through Kentucky on the way to Florida or other southern destinations.
  6. Who is going to provide the facilities to do all the quarantining?

The Court questioned counsel for defendants Beshear and Friedlander during oral argument about some of these potential applications of the Travel Ban, and counsel indeed confirmed that the Court’s interpretations were correct. (Doc. 38 at 9-13).

The Court is aware that the pandemic now pervading the nation must be dealt with, but without violating the public’s constitutional rights. Not only is there a lack of procedural due process with respect to the Travel Ban, but the above examples show that these travel regulations are not narrowly tailored to achieve the government’s purpose.

The trauma of 9/11 led to a tendency, all too pervasive even today, to treat air travel as per se more dangerous than other modes of travel and thus as warranting restrictions in the name of “security”, even though it was and remained the safest mode of travel.

We fear that the trauma of the COVID-19 pandemic will lead to a similar impulse to equate the risk of infection with the risk of disease, and to impose restrictions on travel on this basis. We are especially pleased, therefore, that Judge Bertelsman recognized that travel — in a closed private vehicle, for example — carries in itself little risk of disease transmission, and that restrictions on travel do not necessarily serve to restrict the spread of disease.

We hope that this common-sense analysis, based on recognition of the right to travel and strict fact-based scrutiny of proposed travel restrictions and the justifications for them offered by government authorities, is followed by other judges.

May 04 2020

Dare County tries to evade court review of its entry controls

Local government controls on travel to the Outer Banks (barrier-beach islands) of North Carolina remain in place, but local officials are making changes to try to head off a court decision on the Constitutionality of their emergency orders restricting free movement.

A month ago, as we reported earlier,  Dare County, North Carolina, set up checkpoints on all three roads leading into or out of the county. Police began denying passage along these public rights-of-way on the basis of  criteria including whether travelers have government-issued ID (even if they are passengers rather than drivers, or traveling on foot or by bicycle,  for which no drivers’ license is needed); what address is shown on their ID (if any —  U.S. passports, for example, show no address); which direction they are traveling; and whether they have been sponsored for an “entry permit” by an entity with a business license issued in Dare County.

County officials represented their emergency orders imposing these restrictions on travel  as health measures in response to the COVID-19 pandemic. But none of the criteria for who is allowed to pass through the checkpoints, or in which direction, have anything to do with whether travelers were believed, suspected, or likely to be infected with the novel coronavirus.

The emergency orders gave no indication of what, if any, procedures were available for administrative or judicial review of decisions to deny passage in or out of the county. But non-resident owners of homes in Dare County quickly brought suit in Federal court against the prohibition on traveling to their own seasonal, rental, or second homes.

Since then, the case has been referred for mediation, and the parties (non-resident property owners and the Dare County government) have requested and been granted a delay on the basis that they are in negotiations towards a possible settlement.

Today Dare County is beginning to allow passage across the bridges and into the county by non-resident owners of real property in Dare County, if and only if they have both an “entry permit” issued by the county and matching government-issued ID.

Read More

Apr 29 2020

No cellphone? Not at address on your ID? Hawaii threatens arrests.

“Aloha!” Passengers arriving at Honolulu International Airport on April 28th are interrogated and their cellphones are tested. Photo provided by the Hawaii Department of Transportation.

We’ve been puzzling over this press release issued April 24th by the Department of Transportation of the State of Hawaii, entitled, “Improved verification process implemented for airline passenger,” which begins as follows:

The Hawaii Department of Transportation (HDOT) has implemented improved measures to verify incoming passenger information before they leave the airport to help ensure people are abiding by the traveler quarantine order. The enhanced process is underway at the Daniel K. Inouye International Airport (HNL) and will begin statewide in the coming days.

We’ve read through the emergency proclamations by the Governor of Hawaii, and can’t find anything in the quarantine orders purporting to give authority to state officials to “verify passenger information.”

The press release threatens that anyone who arrives without  a working cellphone, charged, with service and coverage in the arrival area at the airport, will be arrested:

An airport representative will collect the two forms and begin verifying their information. First, they will call their mobile phone number to confirm it rings right in front of them. If it does not ring, the person may have listed inaccurate information and is asked to verify the number. If the person refuses to provide a phone number that can be answered on the spot, law enforcement is contacted and they are subject to citation and arrest.

We have no idea what the purported basis would be for arresting someone who isn’t carrying a cellphone, whose phone doesn’t have service in Hawaii (especially likely if they are arriving from another country), or whose cellphone battery has run down from watching  videos or playing games in airplane mode during a trans-oceanic flight.

But that’s not all:

Read More

Apr 20 2020

COVID-19, the REAL-ID Act, and ID to fly

A month ago — in what seems like it was long ago and in a galaxy far, far, away, before the COVID-19 pandemic reduced air travel in the US by more than 95% —  the US Department of Homeland Security was stepping up its baseless threats to begin “enforcement” of the REAL-ID Act against airline passengers on October 1, 2020.

There’s been no change (yet) in the REAL-ID Act or the regulations for its implementation, despite proposals that remain pending in Congress.

Over the last month, though, President Trump, Acting Secretary of Homeland Security Chad Wolf, and the Transportation Security Administration have each issued formal or informal notices or statements about their intentions with respect to the REAL-ID Act and ID demands for air travel.

As of now, it appears that the DHS/TSA “ultimatum” to air travelers to obtain “compliant” ID cards or be denied passage through TSA and contractor checkpoints at airports will be postponed yet again, this time for another year, until October 1, 2021.

After that date, it appears that the TSA intends to continue to allow people to fly even if they don’t show ID at checkpoints, but only if it the TSA or its contractors thinks that they have been issued some compliant ID (even though they don’t have it with them).

Is this legal? No. Does this make any sense? No. But it’s what the TSA seems to saying it plans to propose. The TSA  is asking for comments on this proposal from the public through May 19, 2020.

Read More

Apr 14 2020

Dare County wants to see your papers

Providing the rest of the USA with an object lesson in how not to react to a pandemic,  Dare County, North Carolina, has established checkpoints on all roads crossing the county borders, at which travelers must show their papers to enter the county.

Pursuant to a series of emergency declarations issued by the Dare County Board of Commissioners, law enforcement officers are demanding that each person seeking to enter the county show either a government-issued ID card with an address in Dare County, or both some other government-issued photo ID and a county-issued entry permit.

A Federal lawsuit has been filed, seeking to have this enjoined as unconstitutional (at least as applied to the named plaintiffs). But as discussed below, the lawsuit barely scratches the surface of the issues this raises.

Why is Dare County doing this? What’s wrong with this ID requirement? Is it legal?

Read More

Apr 09 2020

The Port of Seattle shouldn’t collaborate in Federal surveillance of travelers

The Identity Project is one of thirty organizations that have issued a joint open letter  calling on the Port of Seattle Commission to reverse its decision to purchase and deploy facial recognition systems, in collaboration and sharing data with US Customs and Border Protection (and through CBP with an unknown  variety of other Federal, foreign, and private entities), to track travelers passing through the  Seattle-Tacoma International Airport:

We, the undersigned organizations dedicated to protecting people’s rights and civil liberties urge the Commission to reverse the decision authorizing the Port to work collaboratively with U.S. Customs and Border Protection (CBP) to procure and implement facial recognition technology at SeaTac International Airport.

The Port of Seattle Commission:

  1. Has a choice to not collaborate with CBP.
  2. Should not facilitate the infrastructural expansion of powerful face surveillance technology.
  3. Should not facilitate CBP’s unauthorized surveillance of US citizens.
  4. Should abide by its professed principles by rejecting collaboration with CBP.

On March 10, 2020, Port Commissioners voted unanimously to collaborate with CBP in rolling out its facial recognition program, ignoring the many privacy, civil liberties, and community organizations that urged the Port to reject participation.

Instead of taking into account the serious constituent concerns about the Port participating in CBP’s unlawful mass collection of biometric data, Commissioners voted to authorize a $5.7 million Request for Proposal (RFP) to procure and implement a facial recognition system at SeaTac International Airport….

We urge you to reject collaboration in CBP’s face surveillance program and reverse the decision to
authorize the procurement of facial recognition systems.

The real motives of the members of the Port Commission in reneging on their professed principles and spending $5 million in Port funds to build an infrastructure of facial recognition surveillance into the new international terminal at Sea-Tac remain unclear.

But the reduction in demand for air travel during the COVID-19 pandemic, which will delay any need for a new terminal for many months, gives the members of the Port Commission time to reconsider and reverse the hasty decision they made last month under CBP pressure.

Do you live, work, or travel in the Seattle area? Do you care about the right to travel? The Port of Seattle Commission needs to hear from you.

The Port Commission has suspended in-person meetings. It’s not clear when the Commission’s next public meeting will take place, or what means of public input or participation will be available. So if you want to be heard by the Commissioners, it’s best to e-mail them now.

If you’d like to join us and the other 29 allied organizations in this call for action, the ACLU of Washington state has a form on their Web site to send a customizable message to each of the members of the Port of Seattle Commission.

Apr 06 2020

Airline passenger data and COVID-19

The New York Times published a lengthy but deeply flawed report last week,  “Airlines Refused to Collect Passenger Data That Could Aid Coronavirus Fight.” Here’s the lede:

For 15 years, the U.S. government has been pressing airlines to prepare for a possible pandemic by collecting passengers’ contact information so that public-health authorities could track down people exposed to a contagious virus.

The airlines have repeatedly refused, even this month as the coronavirus proliferated across the United States. Now the country is paying a price.

The implication of both the headline and the article is that airlines “could” have collected and provided the government with the (additional) information it wants. But that isn’t true.

While the Times’ reporters interviewed multiple government sources, they failed to fact-check this allegation with any sources independent of airlines or the government. And they failed to mention — if they even realized, which they may not have — that this isn’t an isolated dispute, but part of a continuing saga that has been going on since 9/11.

The supposed basis for the government’s demands for airlines to collect and pass on more information about travelers has shifted from “security” to “health.” But what’s happening is just another chapter in a long-running story.

Understanding that story requires a deep dive into twenty years of history of airline and government collaboration and conflict over collection and use of data about travelers.

Here’s some of the factual and historical context that the Times overlooked:

Read More

Mar 30 2020

“Known Traveler Digital Identity” (KTDI)

On March 26, 2020, the World Economic Forum published specifications  and launched a new website for a project it has christened “Known Travel Digital Identity” (KTDI):

KTDI is a “surveillance-by-design” vision for tracking and control of travelers more dystopian than anything we have seen before.

KTDI would use a blockchain-based distributed ledger to bind together, through an app on a traveler’s mobile device, all of the following data:

  • Biometrics (initially facial images, possibly also fingerprints, etc.)
  • Government-issued ID credentials (passport number, etc.)
  • Travel history including logs of border crossings, hotel stays, and possibly also car rentals and/or other events
  • Purchase logs and possibly bank account information and/or other financial and transaction records
  • Pre-crime predictive “risk assessment” and profiling scores generated at each “intervention” point before and during each trip or transaction

Read More