Aug 30 2019

3rd Circuit finds TSA checkpoint staff conduct “searches” and can be sued for misconduct

By a vote of 9 to 4, the 3rd Circuit Court of Appeals has found that TSA checkpoint staff are “officers or employees” of the Federal government who “execute searches… for violations of Federal law”, and therefore that the US government is subject to private lawsuits for damages for  certain intentional torts by TSA “screeners” including “assault, battery, false imprisonment, false arrest, [and] malicious prosecution.”

The decision by the judges of the 3rd Circuit following rehearing en banc in the case of Pellegrino v. TSA reverses an earlier decision by a three-judge panel that would have given impunity to checkpoint staff for even the most egregious violations of travelers rights.

The language of the Federal Tort Claims Act and its applicability to TSA checkpoint staff are clear. The TSA’s strained attempt to exempt checkpoint staff from FTCA lawsuits should never have gotten this far.

But the TSA’s highest priority, ahead of protection of transportation safety or security, has always been the protection of itself and its  activities against judicial review.

Any lawsuit against the TSA or anyone associated with it is regarded by the agency as an existential threat to its assertion of unlimited discretion to define, by its own secret internal procedures, which people, possessions, and activities are and aren’t allowed at TSA checkpoints — as if the conduct to date of the TSA and its minions had earned the  agency the entitlement to expect and demand that travelers defer to its good judgment and self-restraint. The TSA doesn’t want to have to respond to allegations of misconduct by its employees, contractors, or law enforcement or industry “partners”. Nor does it want to have to explain or defend its actions in court. It wants all such cases dismissed out of hand.

In order to intimidate travelers into submission to its unlawful orders with a show of purported authority, while keeping itself above the law, the TSA’s takes a two-faced position that was its comeuppance in the en banc decision in Pellegrino v. TSA.

TSA checkpoint employees wear blue police-type uniforms and badges that identify them as Transportation Security “Officers”, while even the rent-a-cop contractors who staff TSA checkpoints at SFO and some other airports wear similar uniforms and badges prominently emblazoned with “TSA” insignia. They present themselves to travelers as though they were police, and they claim police-type (or even greater) powers to demand obedience to their orders and to search travelers and their personal property.

But the TSA always refers to these searches by the euphemism of “screening”, to avoid the obvious implication that as “searches” they are subject to the 4th Amendment to the US Constitution. In court, the TSA claims that these aren’t the “searches” meant by the provision of the FCTA which refers to officers or employees who “execute searches”.

In some cases, the TSA claims the right to search documents, papers, currency, and electronic data, which can’t possibly pose a direct threat to aviation safety or security, notwithstanding special statutory protection for many such items, “if criminal activity  is suspected” and even if the suspected crimes are unrelated to aviation safety or security.

But when its actions are challenged, the TSA claims that its searches are not conducted for general law enforcement purposes and thus are exempt from the FCTA provisions intended to hold those who conduct such searches legally accountable for torts (violations of civil rights) against individuals.

The 3rd Circuit judges took due note of these self-contradictory TSA claims, and of the consequences that would follow from accepting them as a basis for TSA impunity:

Consequences of Our Ruling

Before concluding, we note the implications of the choice before us. If TSOs [Transportation Security Officers] are not “investigative or law enforcement officers” under the proviso, then plaintiffs like Pellegrino are left with no avenue for redress. We have already held (and correctly so) that TSOs are not susceptible to an implied right of action under Bivens for alleged constitutional violations, see Vanderklok, 868 F.3d at 209, so a Tort Claims Act action is the only remaining route to recovery. Without recourse under that Act, plaintiffs like Pellegrino will have no remedy when TSOs assault them, wrongfully detain them, or even fabricate criminal charges against them.

We look forward to seeing at least some TSA checkpoint staff found liable for damages for these sorts of actions in the wake of the 3rd Circuit’s en banc decision in Pellegrino v. TSA.

Aug 28 2019

Public/private partnerships for travel surveillance

In preparation for the annual Future Travel Experience – Global conference next month in Las Vegas, which will include tours of the TSA’s prototype biometric checkpoint and a “Biometrics Summit” featuring joint presentations by the TSA, CBP, and their partners, both the DHS and its airline, airport, and industry partners (Part 1, Part 2) have released new previews of their plans for collaboration in surveillance and control of air travel through automated facial recognition.

As we’ve noted before, one of the more significant lies being told by the US Department of Homeland Security about its plans for increased surveillance and tracking of travelers is  that airlines and airport operators have no commercial interest in retaining or using facial images and other biometric data collected on behalf of DHS components including the TSA and CBP.

In reality, airlines and airport operators are eager to share facial recognition insfrastructure (cameras, kiosks, etc.) and data with the DHS. Airlines, airports, and the DHS all see this collaboration as fundamental to their plans to transform the airline and airport passenger “processing” experience through a panopticon of shared-use biometric ID systems.

According to a  two-part post in the Future Travel Experience conference blog (Part 1, Part 2), “Biometric technology is expected to play a key role in shaping the seamless passenger experience of the future.”

One of the briefings at the FTE Global 2019 Biometric Summit will be given by CBP’s “Director of Entry/Exit Transformation”, who described his mission as “developing U.S. biometric entry/exit system through private sector partnerships”.

Some of the airline and airport executives quoted in the FTE blog post have begun to argue that airline passengers should be allowed to opt out of biometric identification. But there’s no mention of how that would work or how long those who opt out would be delayed.

The FTE blog post also notes that:

[A]s the use of biometrics is becoming more widespread and the technology is advancing quickly, there have been rising concerns around privacy and data security from a civil rights point of view. For instance, San Francisco became the first US city to ban facial recognition technology as part of an anti-surveillance ordinance, though the ban doesn’t affect federal agencies, such as San Francisco International Airport.

This claim that SFO is a Federal agency exempt from San Francisco legislation is wishful thinking on the part of proponents of biometric surveillance and control of air travelers. While SFO is located in unincorporated San Mateo County, the land and buildings are owned by the City and County of San Francisco and operated by an instrumentality of the City and County of SF. The San Francisco ordinance applies to all City and County departments, including SFO.

Most other major airports are, like SFO, operated by state, county, or municipal governments and/or by other public or publicly-chartered entities subject to state and local public records laws and accountable, at least in theory, to state and local elected officials. These entities could, and should, prohibit any use of automated facial recognition on their property or by their lessees or contractors. Only Federal agencies themselves could escape the jurisdiction of such conditions on use of airport property.

Contradicting the public claim that airlines and airports have no interest in using biometric data shared with CBP, the FTE blog says that, “CBP’s view is that we will see further expansion into other aspects of the travel continuum, such as bag drop, international boarding and improved arrival process.” And of course a CBP spokesperson also tells the FTE blog that, “This is not a surveillance programme .”

Meanwhile, the DHS has released a Privacy Impact Assessment for the Travel Document Checker Automation Using Facial Recognition to be tested and first deployed at LAS airport, with its unveiling to attendees of the FTE Global 2019 conference.

The PIA acknowledges, in a footnote, that, “For passengers who are unable to present verifying identity documentation, TSA offers an alternative identity verification process in which passengers answer knowledge-based questions.” But the PIA ignores the fact that this questioning is being conducted illegally, without the required OMB approval, in violation of the Paperwork Reduction Act and other statutes.

In late 2016, the TSA gave notice that it planned to request OMB approval for the form that air travelers without ID or with ID deemed unacceptable are asked to complete. But the TSA received numerous objections, including ours, in response to this notice, and has not yet submitted a request to OMB for approval of the form or the “knowledge-based” questioning of travelers (which is based on commercial data aggregated by the Accurint division of Lexis-Nexis).

The last time we tried to attend a government-industry lovefest like FTE Global, we were ordered to leave and our registration fee and, eventually, our travel expenses were refunded. We’d welcome reports from our readers, workers at the conference venue, or other whistleblowers or leakers as to what gets said at FTE Global 2019.

Aug 27 2019

Guilt by social media and cellphone association

Ismail B. Ajjawi, a Palestinian freshman admitted to Harvard College, arrived at Logan Airport in Boston last Friday, Lebanese passport and US student visa in hand.

But after Mr. Ajjawai complied with demands by US customs and immigration officers at the airport to unlock his cellphone and laptop, the officers read what his “friends” had posted on social media. Five hours later, after questioning Mr. Ajjawai about his religious beliefs and his friends’ political statements, the officers revoked Mr. Ajjawi’s visa on the spot, denied him entry to the US, and deported him back to Lebanon — at his own expense, of course, using the return ticket he was required to have before being allowed to board a flight to the US.

According to a report in the Harvard Crimson, which broke the story today:

“After the 5 hours ended, she called me into a room , and she started screaming at me. She said that she found people posting political points of view that oppose the US on my friend[s] list.” Ajjawi wrote that he told the officer he had not made any political posts and that he should not be held responsible for others’ posts. “I responded that I have no business with such posts and that I didn’t like, [s]hare or comment on them and told her that I shouldn’t be held responsible for what others post,” he wrote. “I have no single post on my timeline discussing politics.”

Harvard’s lawyers are working to get Mr. Ajjawi’s visa reinstated and get him admitted to the US. Most people turned away at US borders don’t have Harvard at their back, and are unlikely ever to be admitted to the US once they are branded as undesirable.

In a 2017 notice of intent to expand DHS surveillance of immigrants’ and visitors’ expressive activities on social media, the DHS claimed that “consular officers are directed not to request user passwords [and] not to violate or attempt to violate individual privacy settings or controls.” But that’s belied by what Mr. Ajjawi says happened to him at Logan Airport, according to the Crimson: “The … officer then asked him to unlock his phone and laptop, and left to search them for roughly five hours, Ajjawi alleges.”

It’s hard to imagine anyone from a place as politicized as Palestine (or Kashmir, or many other places) who doesn’t have any social-media “friends” who mention political opinions. The answer to social-media surveillance shouldn’t be that immigrants or visitors have to  try to isolate themselves from politics or ostracize their political associates.

Rather, the lessons reinforced by this incident are that:

  1. Nothing good can come of consenting to any search by law enforcement officers, including searches of your digital devices. Border guards and customs and immigration officers are police, not your friends. Their job is to find reasons to suspect you or bar your entry. No matter how “innocent” you think you are, anything you or your “friends” say, or have ever said, can and will be used against you.
  2. If government officials have access to social-media networks of “friends”, associations, and messages, they will use this information invidiously. The way to prevent misuse of information about how travelers exercise their First Amendment rights of expression and association is not to allow police access to this information in the first place. Just say no to requests for your passwords or data.
Aug 12 2019

CBP databases for travel surveillance and profiling

An advance notice posted last week by US Customs and Border Protection (CBP) of a forthcoming request for bids by IT contractors includes one of the most detailed inventories made public to date of the databases and interfaces used by CBP and its government and commercial partners (some of which are shown in the illustration above from the notice) for tracking, profiling, and control of travelers’ and our movements.

According to the 5-year plan in the draft Request For Quotations (RFQ), CBP’s Passenger Systems Program Directorate (PSPD) already outsources some of these databases to Saleforce.com, but plans to migrate them all to commercial cloud “Software-As-A-Service” contractors in 2020. According to the draft RFQ:

CBP’s vision for primary inspection processing of the future is to transform the way travelers are processed…  The paradigm will evolve from biographic data focused to biometric data centric. CBP will identify travelers biometrically based on information already in CBP holdings as an alternative to having the traveler present their travel document. A biometric-based approach allows threats to be pushed-out further beyond our borders before travelers arrive to the U.S…. Integration of facial recognition technologies is intended throughout all passenger applications.

Throughout the draft RFQ, facial recognition is described as a substitute for document checks, rather than as an (optional) alternative. “GE [Global Entry] kiosks are expected to be replaced with a facial recognition solution to identify GE members,” for example. There’s no mention of any provision in user interfaces for opt-out from facial recognition.

Moreover, “The vision for Global Entry of the Future (GE Next Gen) is a kiosk-less solution that uses facial recognition to identify GE members…. GE-Face aligns with CBP’s Biometric Entry-Exit strategy of identifying travelers with biometrics.”

A “kiosk-less solution” suggests that travelers will be identified by cameras that surveil them as they walk through, with neither the need to “present” themselves at a kiosk nor any way to pass through the airport or checkpoint without being photographed and identified — and having one’s presence at that place and time entered into a permanent ID-based government surveillance log.

Capturing photos of all US citizens — including those who currently opt out — so that their movements can be accurately logged is an explicit goal of the planned systems:

Simplified Arrival (SA) is a new and innovative approach that incorporates advanced facial recognition technologies into the primary inspection…. The new Simplified Arrival application will eventually replace TPAC and TPAC-Face. Simplified Arrival leverages facial recognition technologies in … the processing of arriving passengers and airline crew…. Capturing facial biometrics of all passengers adds additional security, as currently there is no biometric verification of U.S. Citizens, most Canadians, citizens of a few other countries and travelers who are exempted for other reasons such as age and class of admission. Using facial matching as the primary biometric verification modality provides a previously unavailable method to verify and facilitate travel for almost everyone, not just those travelers for whom DHS has fingerprints…. The Simplified Arrival process for air travel … Replaces document scan with facial recognition.

Not all CBP databases or systems and interfaces for populating and accessing them are included in the draft RFQ. These include the “Secure Flight”pre-crime program for profiling and tracking air travelers, which is used by both CBP and the TSA but “owned” by the TSA.

Also not mentioned in the draft RFQ is CBP’s Silent Partner pre-crime program for algorithmic profiling, scoring, and targeting of travelers for more intrusive searches and surveillance, and the associated rule-sets and blacklists of targeted travelers.

Silent Partner was first mentioned publicly in DHS testimony to Congress in 2011 as “an aviation security screening program…. the details of this program are classified.” Quiet Skies, a TSA program which uses a subset of the Silent Partner database to target domestic air travelers within the US, was made public by DHS whistleblowers in 2018.

More information about Silent Partner and Quiet Skies was released in Sai v. Pekoske (a pro se challenge to TSA “orders” originally filed as Sai v. Neffenger) and  Elhady v. Kable (a challenge by CAIR to DHS blacklisting originally filed as Elhady v. Piehota).

Only then did the DHS publish a years-belated Privacy Impact Assessment for Silent Partner and Quiet Skies. The PIA makes clear that these are pre-crime programs based on algorithmic profiling, not on suspicion of having committed any criminal or civil violation of law. But the profiling and scoring rules remain a secret to those against whom action is taken.

Aug 08 2019

CBP lies about US citizen with ID detained at non-border checkpoint, held for 26 days

Francisco Erwin Galicia, an 18-year-old Dallas-born U.S. citizen, was detained by US Customs and Border protection officers at a checkpoint in Falfurrias, Texas, on June 27th, while on his way to a youth soccer event with a group of relatives and friends, and held until July 23rd. He was held incommunicado for the first several weeks, and was kept in  CBP custody even after he was able to contact his family and a lawyer. He was released less than 24 hours after his detention was reported by the Dallas News.

As what happened to Mr. Galicia has been more widely reported,  he’s become a poster child for everything that’s wrong with the CBP and it’s checkpoints. That’s appropriate, but it’s also worth noting that:

  1. This isn’t the worst mistreatment that’s been imposed on US citizens by CBP. Mr. Galicia was held in the US rather than being deported (because, despite threats and intimidation, he refused to consent to “voluntary” deportation), held for less than a month, and released without gross physical injuries (although presumably with psychological trauma) Other US citizens, including those cases have been tracked and documented by Prof. Jacqueline Stevens and her students at the Deportation Research Clinic at Northwestern University, whose  have been deported from the US, spend years or in some cases decades abroad before being able to return, or suffered permanent physical injuries from maltreatment, neglect, or violence in custody or in countries to which they were wrongfully deported.
  2. This isn’t about border security, immigration, or US borders. Mr. Galicia wasn’t detained at the US border, while trying to cross the border, or on the basis of any particularized suspicion that he had done so or tried to do so. He was detained at a suspicionless checkpoint operated for general law enforcement purposes (mainly to find small amounts of marijuana and sometimes other drugs) 60 miles from the border. This is about controls on internal movement within the US.
  3. This isn’t about not having, not carrying, or not showing ID. The permanent checkpoint in Falfurrias has been in continuous operation for years, and Mr. Galicia knew that — whether it was legal or not — he’d have to be interrogated by CBP officers, and quite likely have to show his papers, to get to the next town. Mr. Galica was carrying, and showed the CBP officers at the checkpoint, his birth certificate, state ID card, and Social Security card. Ironically, this is exactly the combination of documents that would be required to obtain a “REAL-ID Act compliant” ID: three separate documents providing evidence of citizenship (birth certificate showing birth in the US), state residence (Texas state ID), and Social security number.
  4. It wouldn’t matter if Mr. Galicia were a dual citizen. CBP later claimed to have been confused by other documents carried by Mr. Galicia that they though suggested he might have been a Mexican citizen. But it’s not a violation of US law or a bar to US citizenship to hold by birthright, or to acquire, citizenship of Mexico or of any other country or countries. Millions of US citizens are legal dual citizen or multiple citizens, with the largest numbers of US dual and multiple citizens holding citizenship in Mexico, Canada, Ireland, the UK, and/or Israel in addition to US citizenship. Evidence of Mexican or any other citizenship is not evidence of lack of US citizenship.
  5. CBP officials lied about what happened to try to justify their actions, with one CBP official perjuring himself before Congress in testimony whose falsehood is proven by official CBP records served on Mr. Galicia and his lawyer.  Brian S. Hastings, Chief of Law Enforcement Operations for the US Border Patrol division of CBP, told the House Judiciary Committee in response to questions at an oversight hearing on July 25th that throughout his time in custody Mr. Galicia had never told the CBP officers who arrested or detained him that he was a US citizen. (The question from Rep. Ted Lieu and Rep. Eric Swalwell and the perjured answer by Chief Hastings begin at 4:45:00 of this video of the hearing.) But the Notice to Appear served on Mr. Galicia and signed by the acting Border Patrol agent in charge, alleges on behalf of CBP that Mr. Galicia was “found” at the CBP checkpoint in Falfurrias, “more than 25 miles from the United States border with Mexico”,  on June 27th, and “At that time, you… represented yourself to be a citizen of the United States,” as in fact Mr. Galicia was and is. Rep. Lieu and several other members of Congress have asked for better answers from CBP, but that’s not enough. By now, Mr. Hastings should have been charged with perjury. So far as we can tell, he remains at large, on the job and on the payroll of CBP.
Aug 05 2019

Questions about the REAL-ID Act

Fragmentary and jumbled records related to the REAL-ID Act of 2005 released by the US Department of Homeland Security in response to one of our Freedom Of Information Act (FOIA) requests don’t reveal much about DHS policy, but do provide a glimpse of DHS practices and plans.

The DHS has been threatening to harass, interfere with, or bar access to facilities or passage through checkpoints (including, but not limited to, those at airports) to people who don’t have, don’t carry, or don’t show ID; show ID that the DHS doesn’t deem compliant with the REAL-ID Act; or show ID issued by states or territories that the DHS deems insufficiently compliant with the REAl_ID Act.

These threats to deny equal rights to residents of noncompliant states and territories have been central to the DHS campaign to extort compliance from state and territorial officials reluctant to upload their residents’ data to an outsourced, privately-held national ID database.

But what sort of enforcement problem, at what scale, is this likely to pose for the DHS and those collaborators carrying out its REAL-ID directives? How many people will be affected, at what sorts of facilities and locations, in what circumstances?  Inquiring minds want to know, including opponents of the REAL-ID Act like ourselves, but also including officials at DHS headquarters trying to devise a workable REAL-ID enforcement plan.

Read More