Papers, Please!

The Identity Project

Monthly Archives: September 2009

Sep 28 2009

Now that Ted Kennedy’s dead, the TSA’s found somebody else in Congress to harass

Senator Edward M. Kennedy (D-MA) used to have constant trouble at airports because a name similar to his was on the TSA’s “no-fly” list.  Even as a senior Senator he couldn’t find out why, and couldn’t get the harassment stopped (which he eventually mentioned publicly during a Senate hearing) for more than three weeks.  For ordinary mortals, “redress” takes months or years, if it ever happens at all.

Now it’s Representative Jason Chaffetz (R-UT) — sponsor of the amendment passed overwhelmingly by the House in June, despite opposition from the leadership of both major parties, to restrict the TSA’s use of virtual strip search (“Whole Body Imaging”) machines at checkpoints in airports — who’s gotten on the TSA’s VIP list for special treatment.

According to reports in the Salt Lake Tribune and Deseret News, frequent-flyer freshman Congressman Chaffetz — who has refused to move to Washington, sleeps on a cot in a back room of his Congressional office during the week, and flies home to Utah to be with his family every weekend — got into trouble at SLC last week after he (1) refused to “consent” to a virtual strip search (“Chaffetz had told the House, “You don’t have to look at my wife and 8-year-old daughter naked to secure an airplane.” He says he didn’t want the TSA looking at him naked either. He told the Deseret News the TSA has not lived up to promises to post signs about what the whole-body imaging machine does”) and then (2) tried to read the name on a TSA agent’s badge (which the agent only showed him after Chaffetz identified himself as a member of Congress, although the TSA agents said they already knew who he was).

Of course, Chaffetz was then “randomly” selected for extra groping (“secondary screening”).  But we’re sure that had nothing to do with his political opinions or attempts to hold the TSA accountable to the laws he helps make.

Sep 28 2009

FBI wants records from travel data aggregators

Ryan Singel of Wired News has reported that documents (see the links to some of them at the end of the Wired story) provided in response to requests under the Freedom of Information Act show that the FBI’s National Security Branch “National Security Analysis Center” (NSAC) has obtained a variety of commercial travel records from hotel chains and franchisers, car rental companies, and the operator of the financial clearinghouse for most airline tickets (and some other travel services) issued or sold by travel agents in the USA.

The numbers of these records Wired reports that the FBI has already obtained are small compared to the numbers of customers these companies have, but Wired also reports that the FBI documents they obtained also show that the FBI is seeking, as part of a lengthy “wish list” of data types and sources, to get greater and perhaps routine and comprehensive access to these travel records.

Given the lax rules for inter-agency data sharing, and the FBI’s lead role in the inter-agency “Terrorist Screening Center” where no-fly decisions enforced by the TSA are made, it’s less important which specific federal agency has or is seeking this data than what information they are after, and from whom.

Read More

Sep 09 2009

More travel records, more exemptions from the Privacy Act

An anonymous traveler has posted the records of their international travel that were provided by the Customs and Border Protection (CBP) division of the Department of Homeland Security, in response to a request under the Privacy act using these forms updated from those used by the Identity Project in our original investigation of the CBP “Automated Targeting System” (ATS).  As noted by philosecurity.org, which published the latest example of the government’s travel data vacuum cleaner, as provided by one of the site’s readers,

The document reveals that the DHS is storing the reader’s:

  • Credit card number and expiration (really)
  • IP address used to make web travel reservations
  • Hotel information and itinerary
  • Full Name, birth date and passport number
  • Full airline itinerary, including flight numbers and seat numbers
  • Cruise ship itinerary
  • Phone numbers, incl. business, home & cell
  • Every frequent flyer and hotel number associated with the subject, even ones not used for the specific reservation

There are also the details of a reservation at a hotel the person didn’t end up staying at, but which they had a reservation for when the CBP pulled a snapshot of their PNR from the airline or CRS. Sadly, all this is typical of what’s in a PNR and what we found in our continuing investigation of CBP/DHS travel records.

Meanwhile, even as more travelers are finally getting portions of their travel records, the DHS published a new final rule on August 31, 2009 (74 Federal Register 45070-45072) exempting portions of those records from the Privacy Act. Read More