May 27 2011

European Commission wants to immunize DHS collaborators in travel surveillance and control

A leaked copy of the latest draft of a proposed “Agreement between the United States of America and the European Union on the use and transfer of Passenger Name Record [PNR] data to the United States Department of Homeland Security” has been published by the civil liberties watchdog and investigative reporting group Statewatch.

The leaked draft “agreement” fails to satisfy the criteria set by the European Parliament for its ratification of such an agreement, including that any PNR agreement should:

  1. Take the form of a duly ratified international treaty binding on all parties. (The draft “agreement” is not a treaty, and would not be binding on the U.S., as discussed in more detail below.)
  2. Recognize and respect fundamental rights including the freedom of movement guaranteed by Article 12 of the International Covenant on Civil and Political Rights. (The draft “agreement” does not mention freedom of movement, the ICCPR, or any fundamental rights other than those related to privacy and data protection.)
  3. Require that the use of PNR data for law-enforcement and security purposes must be in line with European data protection standards. (There is no mention of these standards in the draft “agreement”.)
  4. Prohibit the use of PNR data for data mining or profiling. (There is no mention of data mining or profiling in the draft “agreement”.  The draft claims that the U.S. will not make decisions that produce significant adverse actions affecting the legal interests of individuals based solely on automated processing of PNR. But all other data mining and profiling is permitted, as long as there is the slightest element of non-automated human rubber-stamping before adverse actions are taken against an individual.)
  5. Take into consideration “PNR data which may be available from sources not covered by international agreements, such as computer reservation systems located outside the EU.” (There is no mention in the draft “agreement” of computerized reservation systems, indirect transfers of PNR data, or any of the other means by which, as we have testified to members of the European Parliament, the DHS and other U.S. government agencies could bypass the “agreement”.)
  6. Provide for independent review and judicial oversight. (The only review provided for under the draft “agreement” is self-review by the DHS Privacy Office, which is directly controlled by the DHS itself, has no independence, and is the subject of an ongoing scandal and attempted cover-up involving political interference with requests — including ours — for DHS records. The only judicial oversight contemplated in the draft “agreement” is limited to violations of laws that contain no protections for privacy or other substantive fundamental rights.)

The proposed “agreement” has been negotiated in secret between the European Commission (on behalf of the EU) and an interagency Executive Branch working group led by the DHS (on behalf of the USA).

Just as the U.S. Constitution requires that any international treaty negotiated and signed by the President must be ratified by the Senate before it becomes effective, international agreements negotiated by the European Commission and approved by the Council of the European Union must be ratified by the European Parliament.

Some people and groups who ought to know better, including lobbyist and former DHS Assistant Secretary for Policy Stewart Baker — the principal architect of an earlier US-EU “agreement” on PNR data — and the Heritage Foundation, have suggested that for the European Parliament not to ratify whatever the Commission and Council propose would be to “renege” on their agreement with the US. That’s nonsense, obviously. The European Parliament has no more obligation to ratify treaties proposed by the European executive than the U.S. Senate is obligated to ratify every treaty proposed by the President.

(Writing in the Heritage Foundation blog, Baker’s former assistant Paul Rosenzweig also repeats the bogus claim that the Chicago Convention treaty provisions for flights arriving at U.S. airports somehow give the U.S. extra-territorial jurisdiction over foreign citizens boarding foreign-flag aircraft at foreign airports. This clearly false claim by Baker and Rozenzweig was first made by their then boss, Secretary of Homeland Security Chertoff, in a speech to the European Parliament in 2007, and we debunked it in detail at that time. The proposed agreement goes far beyond the explicitly detailed and narrow specifications in the Chicago Convention for what data elements are required to be provided to governments, how, when, and where. )

Both the European Parliament and the U.S. Senate have approved resolutions intended to provide guidance to their respective negotiators as to what sort of agreement they would or would not ratify. Neither legislative body is any more or less out of line in doing so.

The draft “agreement” does not appear to be intended to constitute a treaty, and would not be binding on the U.S., so it would not need to be presented to the U.S. Senate for ratification. The recent Senate resolution, however, makes clear that even if the “agreement” were presented to the Senate, the Senate is unwilling to make any concessions to privacy or human rights, or to enact any new or expanded protections for privacy or for any of the other fundamental rights at stake.

The European Parliament resolution is less intransigent. While it starts from the explicit (and proper) premise that fundamental rights must be respected, and provides details of how that might be done, it still leaves open the possibility of compromise with the U.S. and of modifying existing EU data protection rules.

The key problem is that as long as both the DHS and the U.S. Senate (with, so far as we can tell, the full backing of the Obama Administration, and the concurrence of the U.S. House of Representatives) are completely unwilling to compromise or to provide travelers with any additional rights, any “agreement” will inevitably result only in more infringement of those rights.

No good can come of any such “agreement”. It would serve only to give airlines, Computerized Reservation Systems (CRSs), and other travel companies impunity from EU legal sanctions for ongoing transfers of PNR data to the U.S. that are currently in violation of EU data protection laws, and to remove EU authorities’ current responsibility, which they have been improperly shirking, to enforce those laws against travel companies.

If it is presented to the European Parliament in its present form, the draft “agreement” should be debated, and rejected, not as a “data protection” agreement but as a grant of immunity from EU data protection law to travel companies that are currently making their reservations (PNR) databases accessible to the U.S. government, and the EU authorities who have deliberately refrained from enforcing EU data protection laws against those companies.

The draft “agreement” would not be binding on the U.S., according to the U.S. Constitution, because it would not be a treaty and would not be presented to the U.S. Senate for ratification.  (That’s why we use the term “agreement” in quotation marks.)  By its own explicit terms, the draft “agreement” would not create any enforceable individual rights.  The “agreement” does not purport to contain any enforcement mechanisms or sanctions for breach of the agreement.

But if the “agreement” would not be a binding treaty, and would not provide any enforceable individual rights, what is it? What, if anything, would it accomplish? What purpose, and whose interests, would it serve? Read More

May 26 2011

Phil Mocek files claim for violations of his civil rights

After being acquitted by a jury of all of the charges filed against him after he was arrested at a TSA checkpoiunt at the Albuquerque airport, Phil Mocek has filed a claim against the City of Albuquerque and the Albuquerque Aviation Police Department for violations of his civil rights.

Mr. Mocek is still soliciting donations to pay off the costs of defending himself against the trumped-up criminal charges. He is being represented in his civil claim against the city and the police by the First Amendment Project, of which the Identity Project is a component.

There has been no immediate response to Mr. Mocek’s claim for damages. For updates, see our FAQ.

May 26 2011

US admits that TSA groping is sexual or offensive, and unconstitutional

We still don’t know what’s in the secret “Standard Operating Procedures” for TSA checkpoints, although we are still pursuing our FOIA requests and appeals for them.

But there’s an important admission about those procedures in a letter sent this week to the Texas legislature by the Texas representative of the U.S. Department of Justice, as part of a (successful, unfortunately) Federal lobbying campaign against a bill to outlaw sexual or offensive touching as part of searches required for access to public buildings and transportation.

The Texas bill, H.B. 1937, would have applied only to a “public servant” (including government employees and contractors) who “intentionally, knowingly, or recklessly: (i) touches the anus, sexual organ, buttocks, or breast of the other person, including touching through clothing; or (ii) touches the other person in a manner that would be offensive to a reasonable person,” and only if this action was not “performed … pursuant to consistent with an explicit and applicable grant the federal statutory authority that is consistent with the United States Constitution.”

According to the letter to Texas legislators from the US Attorney for the Western District of Texas:

[T]he bill makes it a crime for a federal Transportation Security Official (“TSO”) to perform the security screening that he or she is authorized in required by federal law to perform. The proposed legislation would make it unlawful for a federal agent such as a TSO to perform certain specified searches…. that provision would thus criminalize searches that are required under federal regulations.

Despite the label “Transportation Security Officer” and the US Attorney’s use of the term “agent”, TSOs and other checkpoint staff are not law enforcement officers. But there’s another implication to the US Attorney’s letter: The only searches that the Texas bill would have “criminalized” would have been those that involved sexual or offensive touching and were not performed pursuant to valid, Constitutional, federal statutory authority.

By claiming that the bill would have criminalized acts specifically required by TSA policy, the US Attorney’s letter constitutes an explicit admission that the checkpoint procedures (a) require sexual or offensive touching and (b) are not, in fact, being performed pursuant to Constitutional statutory authority. Otherwise, the bill wouldn’t have applied to them.

While we commend State Representative David Simpson and State Senator Dan Patrick for sponsoring HB 1937, we are disappointed that, after H.B. 1937 was approved by the Texas House, the Texas Senate allowed the bill to die without a vote in the face of Federal opposition and threats to ground all flights from Texas airports if it was approved.

Legislation like this should not, of course, be required. Offensive sexual touching at airport checkpoints, whether by TSA employees or by contractors, already violates sexual assault laws in most jurisdictions. The issue is not whether legislators will pass new laws, but whether local prosecutors will enforce existing laws.

TSA “screeners” are not law enforcement officers, and the lack of authority or immunity for violations of local law committed in the course of their duties is even clearer for the contractors who carry out the groping of passengers at San Francisco International and a few much smaller airports. With Texas having backed down, the next test will be how the San Mateo County District Attorney acts on the next complaint of sexual assault by one of the Covenant Aviation Security employees groping passengers at SFO.

May 25 2011

US intervenes to block UK-to-Canada trip by ex-Gitmo prisoner

We aren’t sure how it’s been done, but the US government has somehow prevailed on Air Canada to deny boarding in London, for a flight to Toronto, to U.K. citizen Moazzam Begg.

Begg was imprisoned (and, he says, tortured) for more than three years by the U.S. at Bagram, Afghanistan, and Guantanamo, Cuba, but was released on the orders of President Bush and has never been charged with any crime in any country.  he works with Cageprisoners, “a [U.K.-based] human rights organisation that exists solely to raise awareness of the plight of the prisoners at Guantanamo Bay and other detainees held as part of the War on Terror.” Begg had been invited by his Edmonton-based attorney to speak at a conference on Islamophobia in Toronto, and at other events in Motreal and Edmonton.

One news report at and in the Vancouver Sun described the basis for the denial of boarding as follows:

In a statement to Postmedia News, Air Canada spokeswoman Angela Mah said only that the airline is in compliance “with the regulations of the countries in which we operate.

“This includes matters of security, details of which by their very  nature cannot be disclosed in order to ensure their effectiveness. For flights to and from the U.S., as well as flights which may overfly the U.S. due to unexpected re-routings, we are obligated by law to enforce the U.S. No Fly List.”

That’s a bizarre statement, indicative of the degree to whihc no-fly decisions have been detached from the rule of law. What law, of which country, does Air Canada claim requires them to “enforce the U.S. No-Fly List” (by which they appear to mean, “deny boarding in London”) on a flight which isn’t scheduled to overfly the U.S.?

What jurisdiction does the U.S. claim over a U.K. citizen, in the U.K., boarding a Canadian-flagged flight operated by a Canadian corporation, licensed under Canadian law and operating under the Canada-U.K. bilateral aviation treaty, and intending to fly to Canada? Read More

May 24 2011

US “Friends of Privacy” criticize US government efforts to weaken European privacy laws

A group of US-based privacy and civil liberties advocates, including the Identity Project, has issued joint open letters calling on Congress and President Obama “to protect privacy and civil liberties and not to undermine those fundamental rights in high-level negotiations that are underway with the European Union over the sharing of personal information including intimately revealing Passenger Name Records (PNRs) and other travel information. The joint letters also called on libertarians and defenders of privacy in Europe not to capitulate to U.S. pressure to reduce the protection of these fundamental rights of citizens and other travelers:

Read More

May 23 2011

Senator wants more ID-based controls on rail passengers

Earlier this month Sen. Chuck Schumer (D-NY) proposed that the TSA’s “Secure Flight” system be extended to passengers on domestic Amtrak trains. That would mean that Amtrak would be required to send passenger information to the government, and receive a “cleared” message for each passenger before allowing them to board a train.

Summary denial of transport by a common carrier, much less a government-operated carrier like Amtrak, would violate both the First Amendment right to assemble and the right to freedom of movement guaranteed by Article 12 of the International Covenant on Civil and Political Rights.

But extending “Secure Flight” to train travelers would be a stupid idea even if it were legal. Rail sabotage has often been a tactic of war, but it has rarely been carried out by passengers. Sabotage can be carried out anywhere along the tracks, or anywhere saboteurs can get access to rolling stock, including freight cars.

Even the Chicago Tribune, the conservative and usually hawkish newspaper-of-record of Amtrak’s main hub and the hub of America’s freight rail system, immediately responded to Schumer’s proposal with an editorial characterizing it as “security theater for Amtrak.”

Most press reports incorrectly characterized Schumer’s proposal as calling for the “creation” of a no-ride list for Amtrak trains.  That’s indicative of how little awareness there is of the scope of existing systems of ID-based prior restraint on common carrier travel, including international Amtrak trains.

Under the “Advance Passenger Information System” (APIS) used for international flights, passenger trains, and cruise ships, Amtrak already requires passengers on its international trains to and from Canada to provide personal information (beyond anything needed by Amtrak for operational purposes), and passes that information on to U.S. Customs and Border Protection (CBP) for inclusion in the Automated Targeting System (ATS) which is used to decide whether or not to give each passenger government permission to travel. Read More