Dec 15 2016

Controls on land travel vs. the right to free movement

In a partial but symbolically significant victory, the Belgian government has postponed a final vote in the national Parliament on legislation to require certain international railways to provide passenger name records (PNRs) to the government for surveillance and advance “vetting” of train travelers, as is already being done for air travelers between the EU, the US, and other countries.

(Text of the proposed law in French and Flemish/Dutch; report on first reading in Parliament; analysis and commentary in English; legislative history; legislative status.)

The Belgian proposal was approved by the anti-terror committee in Parliament despite a threat by the German national railway to suspend its high-speed services to Belgium if the bill passes, as well as other criticism.

One Belgian think tank, analyzing the proposal in the context of other anti-terrorism proposals, concluded that, “The creation of a Belgian PNR system is a good illustration of this dynamic: taking it as a given that it will facilitate the arrest of terrorists who are planning attacks is something of a fairy tale…. Social sciences, unlike astrology, is not about predicting the future.”

The decisive factor in the Belgian government’s decision to postpone the scheduled final vote in the national Parliament appears to have been intervention by the European Commission in response to a formal complaint by Access Now that the law would violate the right of EU citizens to move freely within the EU.

As with “rights” for US citizens that aren’t recognized as human rights for all, a decision by the EU or Belgium based solely on the rights of EU citizens falls short of full recognition of the right to travel. But so far as we know, this is the first time that the EU has blocked any proposed travel surveillance or control measure, in the EU or any of its members states, on the basis of the right to freedom of movement.

We hope that the Belgian government will withdraw its railway PNR proposal entirely, not leave it pending, and that other EU member states will take note of the incompatibility of measures like this with fundamental European and human rights principles.

Dec 08 2016

The rhetoric and reality of counterterrorism

Remarks by President Barack Obama on the Administration’s Approach to Counterterrorism, MacDill Air Force Base, Tampa, Florida, December 6, 2016:

Let my final words to you as your Commander-in-Chief be a reminder of what it is that you’re fighting for, what it is that we are fighting for…

The United States of America is not a place where some citizens have to withstand greater scrutiny, or carry a special ID card, or prove that they’re not an enemy from within. We’re a country that has bled and struggled and sacrificed against that kind of discrimination and arbitrary rule, here in our own country and around the world.

We’re a nation that believes freedom can never be taken for granted and that each of us has a responsibility to sustain it…. We are a nation that stands for the rule of law.

That sounds great in theory. But in practice?

  • Some citizens do have to withstand greater scrutiny.  That’s the whole point of the pre-crime profiling that the Obama Administration has called “risk-based security” and that President-Elect Trump has called “extreme vetting”.
  • Under the REAL-ID Act and the TSA’s latest proposal, some citizens — those who want to exercise our right to freedom of movement and to air travel by common carrier — will have to carry a special “REAL-ID Act compliant” ID card and have our personal information added to a national ID database maintained by a private contractor that isn’t subject to government rules for transparency or accountability.
  • The DHS has held itself above the law, arguing that its actions should not be subject to judicial review and that it needs to be allowed to act secretly and unpredictably (i.e arbitrarily) in order not to reveal “rules” that would help terrorists “game” the system — as if asserting one’s legal rights was tantamount to terrorism.

We’ll be watching closely to see whether the gap between the rhetoric and reality of profiling, discrimination, rights, and rule of law widens or narrows under President-Elect Trump and his nominee for Secretary of Homeland Security, retired Marine Gen. John F. Kelly.

In the meantime, we’ll keep doing our part, as we encourage our readers to do theirs, to act on the President’s statement that “freedom can never be taken for granted and that each of us has a responsibility to sustain it.”

Nov 21 2016

TSA proposes to require ID to fly

Reversing its longstanding official position that no law or regulation requires air travelers to possess or show any ID credentials, the TSA has given notice of a new administrative requirement for all airline passengers:

In order to be allowed to pass through checkpoints operated by the TSA or TSA contractors, air travelers will be required to have been issued a REAL-ID Act compliant government-issued ID credential, or reside in a state which has been given an “extension” by the DHS of its administrative deadline for a sufficient show of compliance with the REAL-ID Act of 2005.

The TSA will still have a procedure and a form (TSA Form 415) for travelers who don’t have their ID with them at the checkpoint, typically because it has been lost or stolen or is in the process of being replaced or renewed. But that procedure will no longer be available to people who have ID from states the DHS hasn’t certified as sufficiently compliant with the REAL-ID Act, or who haven’t been issued any ID at all and who reside in noncompliant states (or outside the U.S).

To fly without showing ID, travelers will have to sign an affirmation that they have been issued a “compliant” ID (even if they don’t have that ID with them), or that they reside in a state that has been given an extension of time by the DHS for REAL-ID Act compliance.

The new TSA administrative policy requiring air travelers to certify that they have been issued with government ID credentials is not embodied in, or based on, any statute or regulation. Instead, it was buried in a “Paperwork Reduction Act” notice  issued on November 3rd and published in the Federal Register on Election Day. It was adopted neither by act of Congress nor through formal agency rulemaking, but by TSA decree. The notice cites no purported statutory authority for the new requirement. It is unlawful, violates fundamental rights, and should be rescinded.

If it is not reversed, it should be resisted: Resisted by travelers who refuse to carry or show ID at TSA checkpoints, resisted by plaintiffs in the Federal litigation against the TSA and its agents and contractors which will inevitably ensue, and resisted and challenged in litigation by states whose residents’ rights are violated because they have not been sufficiently submissive or compliant with Federal desires for their states to participate in a national ID database.

Read More

Nov 18 2016

What does Donald Trump’s election mean for our work?

We endorsed neither Hillary Clinton, Donald Trump, nor any other candidate for elected office. So what does the presumptive election of Donald Trump as President of the U.S. — when the electors cast their ballots on December 19, 2016, and the votes are counted on January 6, 2017 — mean for the work of the Identity Project?

First and foremost, it means that our work, and the need for it, will continue — as it has under previous administrations, both Democratic and Republican.

Human and Constitutional rights are, by definition, no more dependent on the party affiliation of the President, if any, than on our own. Freedom is universal. Our defense of the right of the people to move freely in and out of the U.S. and within the country, and to go about our business, without having our movements tracked and our activities logged or having to show our papers or explain ourselves to government agents, has been and will remain entirely nonpartisan.

We will continue to criticize those who restrict our freedoms and infringe our rights, regardless of their party, just as we have criticized the actions of both the Obama and Bush administrations and of members of Congress and other officials of both parties, many of whom remain in power despite the changes at the top.

Attacks on our liberty have been, and remain, just as bipartisan as our resistance to them. This is especially true of the imperial power which the Presidency has been allowed to accrue, and which is exercised through Presidential proclamations, executive orders, and the secret law (or, to be more accurate, lawlessness) of Federal agency “discretion”. Those who acquiesced in the expansion of Presidential power and executive privilege because they thought that it would be used to their benefit by a President of their own party have only themselves to blame if that power is later used against them by a new President of a different party, or without allegiance to a traditional party hierarchy.

Many of the most imminent ID-related threats are those that arise from existing laws or extrajudicial administrative practices, the limits of which — in the absence of legislative or judicial oversight and checks and balances — are set solely by executive order. Where President Trump can make changes to ratchet up repression, to register and track both U.S. and foreign citizens, and to monitor and control our movements within the country and across borders, with the stroke of a pen, we don’t expect that he will hesitate to wield the power he has inherited to govern by issuing public decrees or by giving secret orders to his minions.

In some of these cases, Federal officials and the homeland-security industrial complex of contractors, confident that the incoming occupant of the White House will bless their efforts to anticipate has desires, may take action even before they are ordered to do so. This seems especially likely, in our area of concern, with respect to (1) the DHS implementation schedule and requirements for the REAL-ID Act,  (2) the TSA’s longstanding desire to enforce and eliminate exceptions to a de facto ID requirement for air travel that lacks any basis in statute and contravenes the U.S. Constitution and international law, and (3) expanded use of ID and surveillance-based pre-crime profiling (President-to-be Trump calls it “extreme vetting”) as the basis for control of movement, especially across borders.

We will be watching closely and reporting on signs of activity on all these fronts, some of which are already visible.

Now more than ever, we need your support — not just helping us to defend your rights, but asserting your rights and taking direct action to defend them yourselves. “The limits of tyrants are prescribed by the endurance of those whom they oppress.”

We invite you to join us in our continued resistance to all lawless attacks from any and all sides on our Constitution, our freedom, and our human rights.

Oct 25 2016

Profiling travelers to find the “good guys” — and recruit them as informers

targeting [Some of the multiple sources and types of targeting rules in the TECS algorithms used to profile international travelers, from a CBP/FBI flowchart published by The Intercept. Click on image for larger version. “PAU” = CBP Passenger Analysis Unit at a specific international airport in the USA or abroad.]

Most (although certainly not all) of the people who contact the Identity Project for assistance in finding out what information the government has about their travels, or interpreting responses to their requests for travel records, are Muslims. Many of them, Muslim or not, can’t figure out why they were “targeted” for special treatment at US borders and/or airports despite having done nothing wrong. “What do they suspect me of, and why?” they want to know.

A recent report by The Intercept based on documents from an anonymous whistleblower source confirms what we, and many of the people who have sought our help, already suspected: The FBI is systematically “looking for ‘good guys’ not ‘bad guys'” among international travelers, to recruit them as informers (“confidential human sources”).  US Customs and Border Protection is using profiles and identities provided by the FBI to mine the information airlines are required to collect and provide CBP about passengers on upcoming flights to anticipate when potential informer recruits will be passing through US airports.

Once these potential informers are targeted, CBP arranges special joint CBP/FBI “welcome parties” to interrogate and search them and assess their ability, willingness, and suitability to serve as CHSs.  CBP uses its “border search” authority to conduct the searches and questioning, but FBI agents supply the questions and targeting lists and rules, sit in on the interrogations, and follow up with those who are determined to be potential recruits or who come under suspicion as a result of their response to the attempt to recruit them as informers.

The story in the The Intercept and the leaked documents published along with it don’t reveal much that we and others hadn’t already suspected. But they do fill out the some of the details.  And for anyone who was still in doubt, they show clearly how the government is already using its systematic access to airline reservations for surveillance of non-suspects, and for other general police purposes, contrary to the hollow assurances it has provided to the public and to foreign governments that this data will only be used for prevention of specific categories of crimes.

Oct 24 2016

Is it suspicious to avoid the police when they might want to ask for ID?

In a case resting on the same Nevada law that was at issue in the Supreme Court’s 2004 decision in Hiibel v. Nevada, the 9th Circuit Court of Appeals has held that someone who runs away from approaching police can be found guilty of “obstructing” the police by denying them the opportunity to question him about his identity.

The 9th Circuit overturned findings by the U.S. District Court for the District of Nevada that the police lacked reasonable suspicion to detain the person in the first place and, even if they had a basis to detain him, lacked probable cause to arrest him. The decision signficantly undermines, in the 9th Circuit, the positive aspects and the limitations in the Supreme Court’s decision on police demands for ID in Hiibel v. Nevada, as well as the right to remain silent and the right to be free from unreasonable searches.

Read More

Oct 20 2016

DHS continues to threaten states that resist the REAL-ID Act

[Status of REAL-ID compliance as of October 17, 2016 (Source: AAMVA.org)]

Last week the Department of Homeland Security denied requests by five states for “extensions” of time to comply with the REAL-ID Act of 2005. The DHS denials of requests for extensions were accompanied by renewed threats of  restrictions on residents of those states: “Starting January 30, 2017, federal agencies and nuclear power plants may not accept for official purposes driver’s licenses and state IDs from a noncompliant state/territory without an extension,” said DHS spokesman Aaron Rodriguez in a statement.

Does this mean that a deadline is approaching? That every state except these five has “complied” with the REAL-ID Act? That these “holdouts” have no choice but to comply? That the sky will fall on these states, or their residents, if they don’t?

No, no, no, and no.

As we told the Washington Times:

Not everyone thinks states will, or should, be swayed by the federal government’s determination.

“These are not states that stand out because they are less compliant,” said Edward Hasbrouck, a spokesman for the privacy advocacy group The Identity Project.

He says Homeland Security is arbitrarily enforcing aspects of the Real ID Act by deeming states compliant even when they have not met every requirement, noting specifically few “compliant” states have met the requirement that they provide access to information contained in their motor vehicle database via electronic access to all other states.

“It’s a game of chicken, it’s a game of intimidation, and very little of it has to do with actual requirements or actual deadlines,” Mr. Hasbrouck said.

If Homeland Security, which repeatedly has pushed back compliance deadlines for Real ID, does go through with the commercial airline restrictions in 2018, Mr. Hasbrouck said he expects grounded passengers would eventually bring litigation challenging the law.

Let’s look at some of the questions skeptical citizens and state legislators ought to be asking about these DHS scare tactics:

    • How many states have complied with the REAL-ID Act? Noncompliant states are neither alone nor isolated. According to the Washington Times, “Homeland Security reports that 23 states and Washington, D.C., have met enough of the Real ID standards to be deemed in compliance with the law.” In fact, as we’ve reported previously and as we noted in the comments above, the most significant component of compliance with the REAL-ID Act is participation in the national ID database (the one the DHS keeps claiming doesn’t exist). That database, called SPEXS, is operated by a subcontractor to the American Association of Motor Vehicle Administrators (AAMVA) as a component of its S2S system. When last we checked, in February of this year, only 4 of 55 US jurisdictions (states, the District of Columbia, and US territories) had connected their state drivers license and ID databases to S2S. With the addition of the latest two states this month, the total of states participating in S2S is up to nine, as shown on the AAMVA map at the top of this article. We don’t know whether all nine of those states have implemented all the other requirements of the REAL-ID Act. But we do know that no state not participating in S2S is in compliance. So at most nine states are in compliance with the REAL-ID Act. The vast majority of jurisdictions are noncompliant. And at this rate, it will take many years, if it ever happens at all, for the DHS to whip the rest of them into line.

 

    • When is the deadline for states to comply with the REAL-ID Act? There is no deadline for compliance in the law itself. The DHS could set deadlines by promulgating regulations, but it could also change them in the same way, at any time, for any reason. In practice, the current DHS threats aren’t event based on DHS regulations, but on dates specified solely in DHS press releases and changeable at DHS whim.

 

    • What is required for DHS certification of material compliance or progress toward compliance by individual states? There are no criteria in the law. The law leaves this up to the “discretion” of the DHS, which in practice means that it can be standardless, secret, and arbitrary. DHS choices of which states to threaten are political and tactical choices about which states the DHS thinks it can intimidate, and in which order. They aren’t based, or required to be based,  on any actual measurement, checklist, or relative degree of compliance.

 

  • What will happen, and when will it happen, to residents of states that don’t comply sufficiently or quickly enough? Probably nothing. What the DHS will try to do, and when, is once again totally up to its discretion. There are no deadlines in the law. But as our analysis and the responses to our FOIA requests have shown, the threat to deny access to Federal facilities is a red herring.  Most workers at these facilities, for example, already have Federally-issued employee IDs, and don’t rely on state-issued IDs for entry. Members of the public generally enter these facilities to exercise various of their rights, which the DHS recognizes they have a right to do without any ID. If the DHS changes its tune, and tries to interfere with those rights, what the DHS can get away with will be determined by Federal judges in the inevitable lawsuits brought by residents of disfavored states (hopefully with the support of state governments) whose rights are interfered with on the basis of the REAL-ID Act.
Oct 14 2016

CDC proposes martial law in the guise of “medical quarantine”

In the guise of a proposal for “medical quarantine“, the U.S. Centers for Disease Control and Prevention (CDC) have proposed regulations that would give CDC employees sweeping martial-law powers of warrantless search, interrogation, tracking of movements, arrest, and extrajudicial mass detention (at the detainees’ own expense!) of individuals or entire groups of unlimited numbers of people for unlimited periods of time.

The proposal revives a dormant decade-old rulemaking initiated after the 2001 and 2005 anthrax scares in Washington, DC. But rather than finalizing the rules proposed (and widely criticized) in 2005, or responding to the comments submitted back then in response to the original proposal, the CDC has published a new and different but perhaps even more objectionable replacement proposal.  It’s unclear why this is happening now, but it seems likely that the CDC feels a political necessity to be seen as “doing something” to prepare for the possibility of another outbreak of Ebola virus disease.

As we say in comments we filed today with the CDC:

The NPRM [Notice of Proposed Rulemaking] describes the proposed rules as a medical quarantine program. But they go far beyond what is medically indicated, authorized by statute, or permitted by the Constitution.

The CDC’s proposal completely ignores existing medical and legal procedures for involuntary commitment of individuals determined to constitute a danger to themselves or others. Instead, the proposed rules include:

  1.  indefinite extrajudicial mass detention without due process,
  2. compelled responses by travelers to extrajudicial interrogation concerning their exercise of First Amendment rights including rights of movement and assembly, regardless of whether there is any current outbreak of any communicable disease, much less whether there is any basis for belief that any specific traveler subjected to this interrogation is infected with such a disease; and
  3. charging innocent detainees for the costs of their detention.

These misguided, unauthorized, and unconstitutional proposals should be withdrawn.

[Details: Complete comments of the Identity Project, all 13,000+ public comments on the CDC proposal.]

Oct 07 2016

“Following the money” in travel surveillance

The growth of a homeland-security industrial complex funded by single-source contracts and shielded by knee-jerk invocation of “security” as an excuse for secrecy has created huge opportunities for cronyism and collusion between lobbyists, contractors, and government officials.

The poster child for this revolving door and its invidious effects on government policies and spending is former Secretary of Homeland Security Michael Chertoff and his work as a lobbyist for Rapiscan, the supplier of the TSA’s virtual strip-search machines.

Unsurprisingly, the US isn’t alone in allowing the commercial interests of spy-tech companies to drive government decisions to spy on travelers.

In the latest issue of the EDRi-gram newsletter, our friends  at the European Digital Rights Initiative explore “The curious tale of the French prime minister, PNR and peculiar patterns.”  It seems that the French military technology contractor Safran, whose “Morpho” division is one of the leading vendors of turnkey PNR-based traveler surveillance and profiling systems, is one of the largest employers in the home town of French Prime Minister Manuel Valls.

According to Estelle Massé and Joe McNamee of EDRi:

France has been particularly insistent on the unsubstantiated benefit of profiling all travellers — indiscriminately and in the absence of suspicion. French Interior Minister Bernard Cazeneuve pushed for swift adoption of the EU PNR directive before the EU Council, going so far as to accuse the European Parliament of being “irresponsible for delaying the vote” — implying that democratic debate over a privacy-invasive measure is simply wasting time. French Prime Minister Manuel Valls also pushed for the directive, allegedly arguing for adoption as a strong symbolic gesture in the fight against terrorism…

Safran has a major base in Evry, the small town south of Paris where Valls was mayor from 2001-2012. The company employs more than 3300 people and, earlier this year, Valls visited the site and discussed Safran’s role in ensuring long-term employment in the region. The French government said in a statement following the visit, “We have one aim: that the French industry stays ahead.”

The company now appears to be in fine fettle. It won major contracts to put in place expensive PNR systems in France and Estonia. Now that the PNR directive will make such systems mandatory across the EU, it is also seeking contracts in several other EU countries.

That’s not the end of the story. The pattern of links between Valls and Safran run even deeper. According to the French news outlet Marianne, in 2012, when a Safran contract was not renewed, Valls, who was then interior minister, allegedly intervened to help the company. He appears to have done so despite the fact that the proposed change to the contract could have saved 30 million euro of public funds.

Bertrand Marechaux, the police chief who questioned the contract, kept fighting to modify it and initiating legal proceedings against Morpho, a subsidiary of Safran. He was ultimately removed from his position. Valls’ office didn’t respond to Marianne’s request for comment at the time.

Oct 03 2016

How the DEA uses travel company spies to confiscate travelers’ cash

A report by the Office of the Inspector General (OIJ) of the U.S. Department of Justice (DOJ) sheds more light on how the Drug Enforcement Agency (DEA) pays workers for airlines, Amtrak, bus companies, and package delivery services to spy on their customers, troll through reservation and shipping records, and finger travelers and senders and recipients of packages to the DEA in exchange for a share of the cash which can be seized and “forfeited” to the government even if no drugs are found and no criminal charges are brought.

This practice was first reported in August 2016 by Brad Heath in USA  Today, based on case-by-case review of court filings describing the basis for DEA searches that led to “civil forfeiture” proceedings. And the DOJ OIG had released brief interim summaries of its investigations into DEA relationships with one Amtrak employee and one TSA employee who were paid to inform on travelers.

The new OIG report released last week provides much more detail about the scope of the DEA’s use of travel and transportation staff as paid “confidential sources” to target travelers and parcels for cash seizures on the basis of travel reservations and shipping records. The OIG found that the DEA is paying employees of Amtrak, airlines, bus companies, and other transportation companies millions of dollars for individual tips and copies of entire passenger manifests:

[DEA] Special Agents have various ways of receiving these “tips,” but generally receive the information on a daily basis via email or text message, some of which are sent to government accounts and others to non-government private accounts that are established and controlled by the Special Agents. Additionally, we found that although some Special Agents estimated receiving up to 20 “tips,” or passenger itineraries, per day from their… commercial airline confidential sources, the DEA does not maintain a record of receipt of the totality of the confidential source “tips.”….

[S]ome Agents requested that sources provide them with suspicious travel itineraries that met criteria defined by the Agents, and in some cases requested entire passenger manifests almost daily….

Read More