Papers, Please!

The Identity Project

Monthly Archives: February 2026

Feb 17 2026

Show ID or pay a fee to attend a “public” meeting?

Is it an “open” meeting if you have to identify yourself, show ID, and/or pay a fee to attend?

That’s the question presented by today’s meeting of the Minneapolis-St. Paul Metropolitan Airports Commission (MAC), which is scheduled to be held in the “secure” area of the MSP airport reachable only by passing through the Transportation Security Administration (TSA) checkpoint.

As of February 1, 2026, this means individuals who want to attend a MAC meeting, including those who want to make public comments and those who just want to observe, must either (A) show ID credentials the TSA finds satisfactory or (B) pay the illegal $45 per person TSA Confirm.ID fee, answer whatever questions the TSA asks (based on records of the Accurint data broker), and be “allowed” by the TSA, in its unreviewable and arbitrary discretion, to enter the secure area of the airport. The MAC website says that “the MAC will cover this cost for up to three meetings”, but doesn’t say what will happen after that.

This is the first time — in Minnesota or any other state — that we have seen a demand for ID, a demand for a fee, a limit on the number of meetings that can be attended without a fee, or delegation of authority (authority the MAC itself would lack) to an independent third party to demand answers to questions or to decide in its discretion  who to allow to attend a meeting of a government body required by law to be open to the public.

Is any of this legal? We doubt it.

Rules for meetings of government decision-making bodies vary by state. The MAC is a Minnesota state agency whose members are appointed by the Governor.  The Minnesota Open Meeting Law (Minnesota Statutes Chapter 13D) requires that all decision-making meetings of entities such as the MAC “must be open to the public”.

The Minnesota law doesn’t define what “open to the public” means, but we don’t think it includes any of these conditions and restrictions on attendance:

  1. Requiring individuals to identify themselves (rather than attending anonymously, as they may wish to do if e.g.  they fear retaliation for attending or making public comments).
  2. Requiring individuals to have or show ID credentials.
  3. Requiring individuals to answer questions including questions from a third party (in this case, the TSA).
  4. Require individuals to pay a fee, or limiting the number of open meetings an individual may attend without paying a fee. (In this case, the fee is patently illegal, and having agreed to pay the fee on behalf of individuals attending MAC meetings, the MAC itself would have standing to challenge the fee.)
  5. Granting a third party discretion to decide who will, and who will not, be allowed to attend a meeting. (The MAC website notes that “Verification is not guaranteed”, i.e that the TSA may choose not to allow an individual to pass through the checkpoint, even if they identify themselves verbally, pay the $45 fee or have it paid for them, and answer all of the TSA’s questions.)

None of this fits within any reasonable definition of “open to the public”.

Any member of an entity subject to the Minnesota Open Meetings Law who violates this law, including by attending a business meeting of an agency that isn’t open to the public, is personally liable for a $300 fine for each “occurrence”. They have to pay the fine themselves. The agency isn’t allowed to pay it for them. Under a “three strikes you’re out” provision of this law, any office-holder found guilty of three separate violations of the Open Meetings Law forfeits their office for the remainder of their term.

Meanwhile, we’re still waiting for a full response to our request under the Minnesota Government Data Practices Act for information about the basis for the MAC’s dubious claim that it lacks any authority to limit where in the airport Federal agents can go.

The last word we received is that we can expect a response to our public records request tomorrow — the day after the monthly MAC meeting today at which we and others might (if we were allowed by the TSA to attend) have asked questions of MAC members about the decision to give Federal agents free run of the airport without challenge.

Feb 11 2026

First-hand reports confirm you can still fly with no ID

First-hand reports confirm that some people can still fly with no ID card or documents, despite a new scheme of the Transportation Security Administration (TSA) to extort an illegal $45 fee from each airline passenger who doesn’t have, or doesn’t choose to show, ID that the TSA deems to be “compliant” with the REAL-ID Act.

As long as they pay the $45 fee, travelers with no ID or with noncompliant ID have been treated the same way as before the the TSA began demanding the fee on February 1, 2026:

We’ve seen no report of the TSA stopping travelers without ID or without REAL-ID from flying, as long as a they have paid the illegal $45 per person fee.

The only apparent change since the imposition of the $45 fee on February 1 of this year is that instead of phoning the TSA’s ID Verification Call Center (IVCC) and relaying questions and answers verbally between the IVCC and travelers without ID, TSA checkpoint staff are now using a laptop or tablet app to receive the questions and send back the  answers.

The TSA has complied with none of the legal requirements for notice and approval of the information-collection app being used for questioning of travelers without ID. This leaves it unclear whether a human is still involved in fly/no-fly decisions about travelers without ID or whether this decision-making has been delegated to secret algorithms encoded within the app or at the central site that connects the app to Accurint.

We haven’t yet seen any reports of what happens if a traveler without ID or without REAL-ID who hasn’t paid the $45 fee or tries to go through a TSA checkpoint, or doesn’t leave when told to do so. Nor have we heard what happens if a traveler without ID exercises their right to remain silent when questioned about their Accurint file by checkpoint staff. We expect that they would be arrested by local police and/or assessed a civil penalty by the TSA. The Paperwork Reduction Act provides a “complete defense” against any such penalties, but raising that defense would be risky and could be expensive.

Feb 05 2026

CBP keeps its app for US visitors secret

Should a visitor to the US have to install and use a US government app that runs secret code to collect an unknown amount of data using any or all of their phone’s sensors, connects to other unknown data sources and recipients, and uses secret algorithms based on that secret dataset to “auto-deny” some ESTA applications to visit the USA?

We say no — and so does US law.

In December 2025, US Customs and Border Protection (CBP) announced that it planned to shift the Electronic System for Travel Authorization (ESTA) from a website to an app, greatly expand the range of data collected from ESTA applicants, and delegate authority to the app to “auto-deny” some applications.

CBP proposed no rules to govern the proposed “auto-denial” of ESTA applications. We can find no basis in any law for such an automated decision-making procedure. But CBP gave notice that it intends to seek approval for this new and revised app-based collection of ESTA information from the Office of Management and Budget (OMB).

According to the Paperwork Reduction Act (PRA), the request for OMB approval must be preceded by notice of the proposed collection of information, followed by a window of at least 60 days for members of the public to review and submit comments on the proposal.

PRA regulations at 5 CFR §1320.8(d)(2) require that this notice include a complete copy of the proposed collection of information or instructions on how any member of the public can obtain a copy, free of charge, and still have 60 days to review and comment on the proposal.

But CBP didn’t include a copy of the code or any other part of the ESTA app in any format in its notice in the Federal Register. As the 60-day notice-and-comment window runs out, CBP  still has not responded to our repeated requests for this information.

As we note in the comments we filed with CBP:

Since the day this notice was published in the Federal Register we have been diligently, but to date entirely unsuccessfully, attempting to request and obtain a copy of the proposed collection of information from the points of contacts specified in the notice.

This isn’t just a procedural error. The failure to provide valid notice denies us and all other members of the public the opportunity to provide informed comment on the ESTA app, which would require an expert review and audit of the source code.

As of now, we’ve seen none of the user interface screens of the proposed ESTA app; none of the PRA, Privacy Act, administrative appeal rights and procedures, and/or other notices (if any) provided to users of the app; none of the code specifying what data is collected, transmitted, and received by the app;  and none of the code embodying the algorithms and specifying the data they use as the basis for “auto-denial” of some ESTA applications.

The proposal for collection of more information and robo-adjudication of the equivalent of visa applications would be a bad idea even if PRA procedures were followed. We’ll have much more to say about these proposals if and when CBP provides us with proper notice and a chance to inspect the workings of the proposed new version of the ESTA app.

If you’re an Android and/or iOS app developer who might be willing to volunteer your expertise to help us analyze and audit the workings of the ESTA app, if CBP ever publicly discloses its code, please get in touch.

But as of now, because the  notice was plainly invalid, OMB can’t legally approve the CBP proposal.

CBP must either withdraw or abandon this proposal or provide a valid new notice, with a complete copy of the ESTA app including its source code, followed by a new 60-day comment period. If CBP submits this proposal to OMB without first doing this, OMB must reject it as being in clear violation of the PRA regulations.

CBP isn’t using the standard Regulations.gov system for submission of comments on this proposal. If you want to submit your own comments, send them by email by to CBP_PRA@cbp.dhs.gov by midnight EST Monday, February 9, 2026. Be sure to include “Comments to CBP re: OMB Control Number 1651–0111” in the subject line of your email message.

Feb 02 2026

“The TSA’s New $45 Fee to Fly Without ID is Illegal”

Edward Hasbrouck of the Identity Project has the lead article today on Frommers.com, “The TSA’s New $45 Fee to Fly Without ID is Illegal”, Says Regulatory Expert:

On Sunday, February 1, the Transportation Security Administration (TSA) began charging travelers without REAL ID $45 to fly.

This may come as a surprise, but no U.S. law requires you to show ID to get on a domestic flight—or pay the new $45 TSA fee.

It doesn’t matter if you have REAL ID or not. The law doesn’t mandate any ID….

The REAL-ID Act pertains only to which IDs are accepted by Federal agencies in circumstances where ID is required.

The Act did nothing to legally impose a new ID requirement where there wasn’t one already, such as for airline passengers….

Requiring ID won’t make us safer, but it enables surveillance and potential control of our movements….

If you try to defend your rights and refuse, you may be arrested and/or assessed a “civil penalty” by the TSA. Defending yourself in court or finding a lawyer with appropriate expertise may be hard.

But the law, as written, is clear: You have the right to fly without ID, without paying a $45 fee, and without answering questions. Exercising that right, however, is another matter.

Read the full article on Frommers.com.