Heavily redacted records released by the Transportation Security Administration (TSA) last month, more than six years after they were requested by the Electronic Privacy Information Center (EPIC), give fragmentary clues to the answer to an important question: Just how many air travel blacklists does the US government have?
Today the US Transportation Security Administration released a detailed TSA Biometric Roadmap for Aviation Security & the Passenger Experience, making explicit the goal of requiring mug shots (to be used for automated facial recognition and image-based surveillance and control) as a condition of all domestic or international air travel.
This makes explicit the goal that has been apparent, but only implicit, in the activities and statements of both government agencies and airline and airport trade associations.
It’s a terrifyingly totalitarian vision of pervasive surveillance of air travelers at, quite literally and deliberately, every step of their journey, enabled by automated facial recognition and by the seamless collaboration of airlines and airport operators that will help the government surveil their customers in exchange for free use of facial images for their own business purposes and profits.
The closest contemporary counterpart to what the TSA envisions for the USA is the pervasive surveillance and control of travelers in China through automated facial recognition by the Public Security Bureau.
Another “deadline” for enforcement of the REAL-ID Act of 2005 passed uneventfully today.
The US Department of Homeland Security had advertised that DHS extensions of time for voluntary compliance with the REAL-ID Act by many states would expire today.
The DHS threatened that starting today it would “enforce” the REAL-ID Act through harassment or denial of the right to travel of airline passengers without ID or with ID issued by states or territories that the DHS, in its standardless administrative discretion, deemed insufficiently compliant with Federal wishes.
Every US state and territory subject to the REAL-ID Act was either certified by the DHS as sufficiently compliant to satisfy the DHS (at least for now), or was given a further extension of time to comply without penalty until at least January 10, 2019.
Yesterday, the day before the “deadline”, the DHS quietly posted notices on its website that it had granted further extensions until January 2019 to the last two states, California and New Jersey.
Perhaps the DHS is still unwilling to provoke riots at airports by stopping people without ID, or with ID from disfavored states and territories, from flying. Perhaps it isn’t yet prepared to face, and likely lose, the inevitable lawsuits from would-be flyers.
Even American Samoa, which — because the second-class status of American Samoans as US subjects but not US citizens would make it harder for them to challenge DHS restrictions of their rights — had been the first trial by the DHS of enforcement of the REAL-ID Act, was given an extension until October 10, 2019.
So far as we can tell, REAL-ID Act “enforcement” meant only modestly enhanced harassment of American Samoans at airports. Our FOIA request for records of how many people tried to fly with American Samoa IDs, and what happened to them, remains pending with no response after more than five months.
American Samao isn’t the limit of REAL-ID Act expansion beyond US borders and overseas. H.R. 3398, a bill to extend eligibility for REAL-ID Act compliant drivers licenses and IDs to citizens of several nominally independent de facto US dependencies, has passed the House and is pending in the Senate.
Meanwhile, the real movement toward state compliance with the REAL-ID Act is behind the scenes — as the DHS, its collaborators among state driver licensing agencies, and AAMVA, the operator of the outsourced and pseudo-privatized national ID database, want it to be.
Since we last reported on the status of REAL-ID Act compliance six months ago, agencies in three more states — Pennsylvania, New Mexico, and most recently Washington in September 2018 — have uploaded information about all licensed drivers and holders of state-issued IDs to the SPEXS national database. That brings to 19 the number of states whose residents’ personal information is included in the aggregated database.
But even as the database grows to include information about more and more US residents, the DHS persists in denying its existence. According to the DHS public FAQ about the REAL-ID Act:
A: Is DHS trying to build a national database with all of our information?
No…. REAL ID does not create a federal database of driver license information.
To the extent that there is any truth at all in this statement, it’s that the SPEXS national database isn’t under direct Federal or state control, but has been handed over to AAMVA and AAMVA’s contractors. (The database is apparently actually hosted by Microsoft.)
For obvious reasons, nobody is more eager than AAMVA to have you pay no attention to the national ID database behind the REAL-ID Act curtain.
In June 2018, we were honored to receive an urgent letter by Fedex from the President & CEO of AAMVA, demanding that we immediately remove from our website the specifications for the SPEXS database, which we had obtained in 2016 from AAMVA’s own public website. After AAMVA made that whole section of its site “members-only”, we posted a copy of the SPEXS specification to help readers understand the details of the system, and as one of the key sources for our analysis of SPEXS.
SPEXS already includes personal information obtained from government records of drivers licenses and state IDs, including dates of birth and the last five digits of Social Security Numbers, for more than 50 million US residents. We think the people whose data is included in this system are entitled to know what information is being kept about them, who has access to it, and how it is used.
According to the SPEXS specifications, development of SPEXS was funded by grants from components of the DHS and the Department of Transportation. (We’re waiting for responses to our FOIA requests for those agencies’ records about SPEXS.) If SPEXS were being operated directly by a Federal agency, the Privacy Act would require it to provide notice of the types of records in the system, how they are used, and with whom they are shared, as well as procedures for individuals to see the records about themselves and to obtain an “accounting of disclosures” to third parties of information about themselves.
But because the SPEXS database has been outsourced to a nominally private contractor, AAMVA, both Federal and state agencies can disclaim any responsibility for it. That leaves the SPEXS specifications as the best available evidence of what the system is and does.
In a later message to our Web hosting provider, a lawyer for AAMVA claimed that, “The information contained in this work is sensitive and its unauthorized publication could jeopardize the security of the governmental program to which this document relates.” This is nonsense. AAMVA waived any claim of sensitivity by making the specifications public.
When it was still struggling to sell the first states on buying into SPEXS, AAMVA posted the SPEXS specification on its website for anyone to download. More than two years after we called attention to what this document reveals, AAMVA is trying to suppress it. Not because it contains any secrets — it’s been publicly available for years — but because it conclusively disproves the DHS big lie that there is no national REAL-ID database, and shows the essential role that AAMVA itself is playing in this surveillance system.
We encourage you to pay close attention to the AAMVA man behind the REAL-ID Act curtain. And if you have questions about SPEXS or the SPEXS specifications, feel free to contact us.
A 3-judge panel of the 9th Circuit US Court of Appeals heard arguments today in Portland, Oregon, in Kariye v. Sessions, the third and latest round of appeals to the 9th Circuit in a challenge to US government “No-Fly” orders that was filed in 2010 as Latif v. Holder.
The lawsuit has survived two previous appeals to the 9th Circuit. But most recently, the District Court dismissed the claims of those plaintiffs who remain blacklisted from domestic or international air travel. Today’s third round of argument in the 9th Circuit was on the appeal of that latest dismissal of the complaint.
Today’s oral argument was conducted in a courtroom closed to everyone except the judges, court staff, the parties to the case, and their attorneys. Presumably, the argument was closed because one of the issues was whether the government should have been allowed to submit evidence “ex parte and in camera” for the court to consider without the plaintiffs being able to see it, or whether the District Court and/or the Court of Appeals should consider such submissions.
If you think there’s something Kafka-esque about secret arguments about whether to consider secret evidence, we agree. It’s possible that redacted excerpts from the oral argument will be made available later in the 9th Circuit’s video and audio archives.
Legal documents in the case are available from the ACLU, which is representing the plaintiffs. The best summary of the issues in the current appeal, and the best overview of what’s wrong with the government no-fly decision-making procedures at issue in the case, is in the plaintiffs’ opening brief in the current appeal.
Good news: The 3rd Circuit Court of Appeals has decided to reconsider whether, as a panel of that court decided earlier this year, TSA checkpoint staff should have legal impunity to assault or otherwise violate the rights of travelers without consequences.
When it was issued in July 2018, we said that “The details of the opinion dismissing Ms. Pellegrino’s complaint might be described charitably as arcane, and uncharitably as twisted.” There was a well-argued dissent by one of the three members of the panel.
The majority of the panel recognized that the job of TSA checkpoint staff is to search travelers, but then somehow managed to conclude that they aren’t “officer[s] of the United States who [are] empowered by law to execute searches.” The majority of the panel also went outside the factual record to base their decision on false speculation that TSA checkpoint staff don’t conduct searches for general law enforcement purposes.
Based on these arguments and “facts”, the panel majority found that TSA staff are immune from lawsuits for travelers, even if they admit to assaulting travelers.
The decision by a majority of the judges of the 3rd Circuit to grant rehearing en banc in the case of Pellegrino v. TSA voids the original opinion by a three-judge panel. The appeal will now be re-argued de novo, after new briefing, before all of the judges of the 3rd Circuit.
Let’s hope that the full court gets it right this time, and recognizes that TSA checkpoint staff are not above the law.
A new report by the DHS Office of Inspector General (OIG) gives perhaps the most detailed official picture to date of the US government’s plans for ed biometric identification, tracking, and control of international air travelers through automated facial recognition.
Contrary to specious claims in DHS propaganda that the current rollout of mug-shot machines at departure gates at airports across the country is “only a test,” the DHS OIG reports that US Customs and Border Protection (CBP) plans to expand the mug shot and automated facial image recognition program from 6 million air travelers in 2018 to 60 million in 2019, 120 million in 2020, and 129 million — 100% of international airline departures from the US — by 2021.
But that’s not all. “Over time, the program plans to … incrementally deploy biometric capabilities across all modes of travel — air, sea, and land — by fiscal year 2025,” according to the OIG report.
The scope of these plans should make clear that the only thing being “tested” is whether travelers will submit to this program, not whether it is justified or what interests it serves.
The OIG report mentions that US citizens have been “allowed” to opt out of the airport mug shot “pilot program “, but doesn’t say whether they were told they had a right to do so:
CBP allowed U.S. citizens to decline participation in the pilot. In such cases, CBP officers would permit the travelers to bypass the camera and would instead check the individuals’ passports to verify U.S. citizenship. When a U.S. citizen opted to participate in the pilot but did not successfully match with a gallery photo, the CBP officer would examine the individual’s passport but did not collect fingerprints. We observed biometric screening at four airports — a total of 12 flights — during our audit and witnessed only 16 passengers who declined to participate.
In preparing their report, OIG staff “met with a number of external stakeholders, including the Airlines for America trade association, Delta Airlines, JetBlue Airlines, and British Airways.” Notably, however, OIG made no attempt to consult consumer, civil liberties, or human rights organizations or to consider their objections to mandatory mug shots.
The only objections noted in the OIG report came from airlines and airport operators. But it would be a mistake to interpret this as “resistance” from the airline industry to biometric surveillance of airline passengers through automated facial recognition.
The OIG report makes clear that the only thing being disputed by airlines and airports is who will pay for equipment and staff, not whether these systems will be deployed: Read More