Sep 19 2022

CBP aggregates and disseminates travel data from warrantless searches

A series of revelations in recent months have highlighted a pattern of misuse by US Customs and Border Protection (CBP) of data about travelers and their activities.

Information obtained without a warrant or probable cause under a under a variety of exceptions to the Fourth Amendment (including administrative searches and mug shots at airports, border searches, and “consent” to collection of location information by private third parties) has been aggregated, indexed, and made available for search and retrieval by other CBP staff, other law enforcement agencies, and foreign governments.

Use of the fruit of this surveillance of travelers hasn’t been limited to the government agency that first obtained it from travelers or commercial third parties, or to the purpose that purportedly allowed CBP to obtain it without warrant or probable cause. No access logs are maintained for some of these databases of travel surveillance data, so it’s impossible to audit how they have been used.

Here’s some of what CBP has been up to with its travel surveillance databases:

Read More

May 20 2022

New reports on DHS surveillance and profiling

Two new reports from university think-tanks call attention to surveillance and profiling — including surveillance of, and action against, domestic and international travelers — by the Department of Homeland Security and its components.

A Course Correction for Homeland Security, a report by the Brennan Center for Justice at New York University, cites to some of our work and some examples of cases we have been involved with in its analysis of DHS data collection (surveillance), and “risk assessments” (algorithmic profiling and control), especially as they relate to travelers.

American Dragnet: Data-Driven Deportation in the 21st Century, a report by the Center on Privacy and Technology at Georgetown University Law School, focuses on DHS’s Immigration and Customs Enforcement (ICE) division, especially ICE access to facial images and other information obtained from drivers licenses and commercial data brokers.

A common theme of both reports is that DHS surveillance is more pervasive, more intrusive, and less visible than is generally recognized.

Airline reservations and demands for ID from travelers are used not merely to check for currently blacklisted would-be travelers, but are retained and used to build travel histories and social networks maps that are then used by suspicion-generating guilt-by-association algorithms to expand the web of surveillance, profiling, and extrajudicial blacklisting.

ICE represents itself as an agency with jurisdiction only over non-US citizens, but in fact runs photos and drivers license and location data about a large fraction of the entire population of US citizens through its profiling and enforcement algorithms. DHS lurks (usually invisibly) in the background, “ingesting” or obtaining access to personal information, when individuals pose for drivers license photos, make airline reservations, or interact with businesses that “share” data directly or indirectly with DHS.

What is to be done about this sorry state of affairs?

Both of these reports suggest that some reforms could be made by policy, at the direction of the President, the Secretary of Homeland Security, or the heads of DHS components.

However, given the thoroughly bipartisan continuity of support by both Democratic and Republican administrations for the continual expansion of DHS surveillance, especially of travelers and foreigners and most especially of border crossers, since its creation 20 years ago, we have little hope for reform from within DHS or at the behest of the White House.

Exposure of abuses is good, but more is needed than a change of administration policy.

While we welcome any additional attention paid to the problems with the DHS, we think they call for court action to uphold the Constitutional and treaty rights of travelers and other individuals, and Congressional action to effectuate those rights and to facilitate judicial review and redress for government actions that violate those rights.

The DHS, as these reports reveal, is an ever-growing dragnet surveillance agency, operating outside the rule of law. What are we going to do to alter or to abolish it?

Apr 12 2022

Facial recognition signage at new Sea-Tac terminal flunks legal test

For several years the Identity Project has been engaging with the Port of Seattle over its expansion of automated facial recognition to track travelers at Sea-Tac Airport.

Today we made yet another (virtual) visit to the Port of Seattle Commission to give the following comments (PDF) on the latest test of the new International Arrivals facility at Sea-Tac, scheduled to open  next week:

Comments of the Identity Project to the Port of Seattle Commission
for the Commission meeting of April 12, 2022, re: signage for travelers about the collection of facial images at the International Arrivals Facility at Sea-Tac Airport

Members of the Port of Seattle Commission:

The Identity Project (PapersPlease.org) is a nonprofit civil liberties and human rights organization with expertise in identity-based surveillance and control of travelers.

We are submitting these comments to call to your attention the failure of both the Port of Seattle and US Customs and Border Protection (CBP) to provide notice to travelers of CBP’s collection of facial images (“biometrics”) at the new International Arrivals Facility (IAF) at Sea-Tac International Airport, as required both by Federal law and by the policies on use of biometrics adopted by the Port Commission.

Read More

Jan 30 2022

ID-Me-Not

The IRS is reportedly reconsidering its previously-announced plan to require taxpayers to share facial images and other personal data with an unregulated private company, ID.me, in order to file tax returns online or access information about their filings, payments, and returns through the IRS website.

The hesitation by the IRS comes after ID.me was caught lying about whether it uses “one to many” facial recognition to try to identify facial images against large databases of selfies or other mug shots. ID.me had falsely claimed that it only uses “1 to 1” matching to “verify” that a selfie matches previously stored images of a specific person. But the company has now admitted that’s incorrect. ID.me actually  compares selfies submitted by taxpayers (or by hackers or identity thieves, who could easily copy a facial image from a targeted victim’s or their friend’s social media posts) to its own “internal” database of images of tens of millions of people aggregated from unknown sources.

Read More

May 19 2021

A race to the bottom: DHS “Biometric Tech Rally”

Today the U.S. Department of Homeland Security (DHS) announced a competition between hardware and software vendors to demonstrate the facial-recognition systems that are most useful for surveillance and other malign uses: cameras or other sensors and facial and/or other biometric matching algorithms that can identity travelers (or other people in public places) even if they are wearing masks:

[T]he 2021 Biometric Technology Rally will focus on evaluating the ability of systems to reliably collect and/or match images of individuals, including those wearing face masks. The intent is to improve the ability to recognize people without requiring travelers to remove protective equipment….

The 2021 Biometric Technology Rally will be held at the Maryland Test Facility (MdTF) in Upper Marlboro, Maryland, later this fall. Testing will be performed in controlled scenarios relevant to DHS operations….

Providers of face and multi-modal biometric acquisition systems, as well as providers of biometric matching algorithms, are encouraged to participate.

Requiring travelers to remove their masks at checkpoints operated by or on behalf of the Transportation Security Administration (TSA) and/or other DHS components endangers travelers and makes clear that the U.S. government has put surveillance and tracking of travelers ahead of safety and health.

But the way to completely eliminate the threat to travelers’ health and safety posed by unmasking is to stop trying to identify travelers,  which is based on the “pre-crime” fantasy that identity-based algorithms can read travelers’ minds and predict which of them intend to  commit future aviation-related crimes. Instead, the TSA should confine its searches to those intended to detect genuinely threatening objects: weapons and explosives.

Feb 01 2021

CDC orders air travelers to unmask for government surveillance

Putting government surveillance and control of travelers ahead of what is supposed to be their mission of protecting of the public against infectious diseases, the U.S Centers for Disease Control and Prevention (CDC) has ordered that, effective today, all air travelers must risk their lives by removing their face masks on demand of Transportation Security Administration (TSA) checkpoint staff or airline ticketing or gate agents.

Until today, as we have noted previously, many state and local health orders issued in response to the COVID-19 pandemic required everyone in public indoor spaces such as airports to wear face masks, without any exception that would have applied at TSA checkpoints. Although we are not aware of any litigation that ensued, air travelers could have asserted their right — and even their  duty — not to remove their face masks, under pain of criminal penalties for violating public health orders.

The CDC order effective today appears to be designed to preempt those state and local health orders, and open the door for the TSA, TSA contractors, and airline staff to endanger the lives of air travelers in the interest of surveillance and control (by the TSA) and “revenue protection” against transfers of nontransferable tickets  (by airlines):

The requirement to wear a mask shall not apply under the following circumstances: … When necessary to temporarily remove the mask to verify one’s identity such as during Transportation Security Administration screening or when asked to do so by the ticket or gate agent or any law enforcement official.

The CDC order aloows — and, in fact, requires — TSA and airline staff and contractors to leave their masks on. Only travelers’ lives are to be endangered.

It remains unclear, of course, whether it is “necessary .. to verify one’s identity” either to the TSA, its contractors, or airline staff, much less whether looking at faces is the way to do so. We think not. But whatever the legality of “ID verification”, the CDC officials responsible for this unmasking order should be ashamed of their betrayal of their medical mission and for promulgating an “insecure flight” requirement.

Dec 21 2020

We say “No” to mug shots at airports and borders

[Illustration from CBP website. The claim that facial recogntion “helps to prevent the spread of germs” is especially bogus, since facial recognition requires travelers to remove their face masks wherever it is used.]

Today the Identity Project (IDP), Restore the Fourth, Privacy Times, and the National Workrights Institute  filed joint comments with U.S. Customs and Border Protection (CBP) in opposition ot the CBP proposal to require mug shots (and possibly collection of other biometrics) from all non-U.S. citizens at all border crossings and international airports and seaports:

The purported NPRM [Notice of Proposed Rulermaking] was promulgated under purported authority delegated by an official purporting to exercise the duties of the Secretary of Homeland Security. That official was not appointed in accordance with the Vacancies Reform Act and therefore lacks authority to promulgate notices of proposed rules or final rules, or to delegate authority to do so which they do not themselves hold….

The proposed rules and procedures would violate the Privacy Act, and must therefore be revised or withdrawn.

The proposed rules and procedures would violate the Paperwork Reduction Act (PRA), and must therefore be revised or withdrawn.

The impact assessment in the NPRM is incomplete, inaccurate, and grossly underestimates the costs which would be imposed on individual travelers by the proposed rule. The NPRM fails to consider how many (more) individuals would opt out of collection of biometrics, if they were provided with the notices required by the PRA, or the cost to those travelers who are so delayed that they miss their flights. The impact assessment must be revised.

Read More

Nov 30 2020

CBP proposes to require mug shots of all non-US citizen travelers

Last December we called attention to plans  by US Customs and Border Protection (CBP) to require mug shots of all travelers entering or leaving the US by air or sea, including US citizens.

Within days, CBP issued a press release falsely accusing us of incorrectly reporting  the official CBP notice of its plans, and saying that it would withdraw its notice the next time the regulatory agenda was published.

So what happened?

Earlier this month, CBP withdrew the notice of proposed rulemaking (NPRM)… and issued a new notice of proposed rulemaking the same day that wouldn’t apply to US citizens, but would require all non-US citizens, including permanent US residents (green-card holders) to be photographed whenever they enter or leave the US by any means: air, land, or sea.

(This proposed rule is for collection of biometrics from international travelers at airports, cruise ports, and land borders. There’s a separate pending proposal which we and others have criticized  for collection of biometrics including fingerprints and DNA samples, in advance of travel, from visa applicants, other would-be US visitors, and their US sponsors.)

At airports, the scheme contemplated by CBP would follow the public/private partnership model that CBP and the Transportation Security Administration (TSA) have been collaborating on with airlines and airport operating authorities in the USA and abroad:

Generally, when travelers present themselves for entry or exit, they will encounter a camera connected to CBP’s cloud-based TVS facial matching service via a secure, encrypted connection…. The camera may be owned by CBP, the air or vessel carrier, another government agency such as TSA, or an international partner governmental agency….

At the departure gate, each traveler stands for a photo in front of a partner-provided camera. Aided by the authorized airline or airport personnel, the partner-owned camera attempts to capture a usable image and submits the image, sometimes through an authorized integration platform or vendor, to CBP’s cloud-based TVS facial matching service.

The key element in this partnership, CBP makes clear, is that airlines and airports will pay to operate cameras and send photos of passengers to CBP, in exchange for getting uncontrolled use of the CBP facial recognition system for their own business purposes:

The hardware cost in the regulatory period will be borne by the carriers and airports who partner with CBP.  CBP will give carriers and airports access to its facial recognition system and the carriers and airports will choose (and pay for) the hardware that best fits their needs. While this partnership is voluntary, CBP expects that all commercial carriers and major airports will elect to participate within five years.

Unless airlines and airports were given free use of the CBP facial recognition service for their own purposes, they would have no business reason to bear the cost of installing and operating cameras at all departure gates, or to send the photos to CBP. CBP has limited authority to force airlines to surveil their customers, so CBP’s scheme depends on successfully bribing them — all of them — to collaborate by giving them free access to the facial recognition service. This quid pro quo is the key to CBP’s confidence in its plans.

Read More

Oct 09 2020

Port of Seattle continues debate on facial recognition

The debate continues on whether the Port of Seattle should allow or pay for continued or expanded use of facial recognition at Sea-Tac Airport (SEA) and the Seattle cruise port.

Yesterday Port of Seattle staff and a subcommittee of the Port Commission met with an advisory committee on biometrics appointed by the Port Commission.

Jennifer Lee of the ACLU of Washington State delivered a letter co-signed by a coalition of organizations including the Identity Project urging the Port Commission not to authorize, pay for, or participate in any use of facial recognition to identify travelers:

On December 10, 2019, the Commission adopted seven principles to guide its decision-making on if and how biometrics should be used at the Port. These principles are: justified, voluntary, private, equitable, transparent, legal, and ethical.

We do not believe that either the current or the proposed uses of biometrics to identify travelers on Port property can be implemented in a manner consistent with these principles. Port staff state that its recommendations “are not meant to suggest that the Port should implement public-facing biometrics, but rather how to do so in alignment with our guiding principles.”  The only action that would be aligned with those principles would be to ban the use of facial recognition technology to identify members of the public by the Port, as well as by the Port’s tenants and contractors….

1. We urge the Port of Seattle Commission to reject participation in, and funding of, CBP’s facial recognition exit and entry programs….

2. We urge the Port of Seattle Commission to prohibit use of facial recognition technology by private entities.

The Port of Seattle should prohibit business tenants such as airlines from integrating with CBP’s Traveler Verification Service (TVS) — the agency’s “Identity as a Service” biometrics system…. When Port tenants integrate with CBP’s TVS architecture, it is impossible to separate “private” or non-federal surveillance from federal government surveillance of travelers. Travelers may think that they are having their photo taken at a self-service kiosk solely for use by the airport or airline. But in reality, that photo will also be shared with DHS and CBP.

The Port, airlines, and contractors should not obscure the role of DHS and CBP by collecting facial images on their behalf. The Privacy Act, as discussed further below, requires that if an individual’s personal information is to be used by a federal agency, it must be collected by that agency directly from that individual. The best way to provide travelers with clear notice that facial images are being passed on to DHS is to require that any such images be collected by identifiable, uniformed DHS staff, using DHS equipment, at DHS’s expense.

The Port meeting also heard from the office of Rep. Pramila Jayapal, who represents the city of Seattle and environs (although not Sea-Tac Airport) in Congress.  Noting the concerns that led her to introduce a bill in Congress that would “place a prohibition on the domestic use of facial recognition technology by federal entities, which can only be lifted with an act of Congress,” Rep. Jayapal suggested that the Port Commission “consider a moratorium on the use of biometrics technology in all Port activities under its purview.”

Read More

Sep 17 2020

New CBP propaganda on facial recognition and other biometrics

US Customs and Border Ptotection (CBP) has launched an entire new subdomain of its website, biometrics.cbp.gov, devoted to propaganda intended to persuade the traveling public to submit to, and airlines and airport operating authorities to collaborate in, the use of facial recognition and other biometrics to identify and track travelers.

There’s nothing in CBP’s happy-talk sales pitch for facial recognition on this new website that we haven’t seen before. And there are still no answers to any of the questions we’ve asked CBP officials about these practices and the legal basis (not) for them.

Biometrics.cbp.gov features links to the (nonbinding) Privacy Impact Assessments (PIAs) that are supposed to describe how mug shots obtained by CBP or its airport and airline “partners” are to be used. But the new CBP site doesn’t link to the legally binding System Of Records Notices (SORNs) that disclose a much wider range of routine and permitted uses of these images.

If there’s anything noteworthy on this site, it’s under the Resources tab, where you can download  copies of the official CBP signs that are supposedly posted at airports, seaports, and land border crossings, including those for airport arrivals (shown at the top of this blog post), airport departures, cruise ports, and pedestrian lanes at land borders.

Leaving aside questions of the accuracy of the claims on these signs, they provide definitive confirmation that all of these biometric programs are in flagrant violation of Federal law — as we’ve pointed out repeatedly to CBP, but to no avail.

None of these signs contain any Paperwork Reduction Act (PRA) notice or any OMB Control Number. Even if the collection of photos or other biometric information were authorized by law, even if it were voluntary, even if it were limited to non-US persons, and even if none of the images or other data were retained, this collection of information would still have to be approved in advance by OMB, assigned an OMB Control Number confirming the approval, and accompanied by PRA notices including that OMB Control Number.

Some people wonder why we care about OMB approval or PRA notices. OMB approval is often little more than a rubber stamp. It’s not an onerous burden on the agency, and it doesn’t usually involve any meaningful scrutiny of the legal basis claimed by an agency for collecting information from individuals. PRA notices don’t give much information about how the data that’s being collected will be used.  Few people know to look for PRA notices or OMB Control Numbers, how to interpret them, or what they signify.

The significance of CBP’s complete disregard for the PRA — a minimal administrative formality that CBP could easily comply with — is that it is indicative of CBP’s complete disregard for the law in general. It’s not that CBP or its parent agency the US Department of Homeland Security (DHS) are lazy. The choice not to seek OMB approval for their actions, or to post PRA notices, is not an accident. It’s emblematic of the extent to which CBP and the DHS assume that they can disregard any of the substantive or procedural rules that apply to all other agencies, and make their own laws through secret diktats. The real problem is not the violation of the PRA, but that CBP and DHS have no greater respect for human rights treaties or the US Constitution than they do for Federal laws like the PRA.