Papers, Please!

The Identity Project

Category Archives: Biometrics

Mar 11 2019

US government strategy for surveillance and control of travel

In December 2018, the White House announced that President Trump had sent Congress a  classified “National Strategy to Combat Terrorist Travel”.

Two months later, in February 2019, the White House released both this “National Strategy to Combat Terrorist Travel” (supposedly as signed in December 2018, and with no indication that it had ever been classified) and a companion “National Strategy for Aviation Security” (also unclassified and dated December 2018).

Together, these two documents give an overview of both the extent and the manner in which the US government intends — and believes that it has the authority — to surveil all travelers, monitor and log all movement of persons in the US and worldwide, and exercise administrative prior restraint over all such travel based on extrajudicial “pre-crime” predictions.

Nowhere in either of these vision statements is there any mention of the First Amendment, the right of the people peaceably to assemble, the right to travel, or international human rights treaties.

Nor is there any mention of existing legal means for restricting movement through court orders (injunctions or restraining orders), of judicial review of administrative controls, or indeed of any role at all for the courts.

While these documents were signed by President Trump, they express goals that have been pursued by both Republican and Democratic administrations.

Here are some of the main themes in these road maps for government action: Read More

Jan 04 2019

Issues for the revitalized Privacy and Civil Liberties Oversight Board

With its recent revival, the Federal government’s Privacy and Civil Liberties Oversight Board (PCLOB) has a chance to take a fresh look at how far the USA has gone since 9/11 in implementing a combination of “pre-crime” policing (à la Minority Report) and “social credit scoring” integrated with commercial service providers (à la China) as a means of control of what people can and cannot do, and where they can and cannot go.

The PCLOB didn’t have a quorum since early 2017, and was down to only one member. But three new members were confirmed in October 2018. An Executive Director – who may end up with longer-term influence than the members of the Board, especially given that the new members weren’t appointed and confirmed until just three months before one of their terms is scheduled to end – is currently being hired. Civil libertarians able to obtain a security clearance and willing to relocate to DC are encouraged to apply.

>What should the PCLOB focus on, with its limited time and resources? The PCLOB is an advisory committee with neither legislative nor prosecutorial authority. The best use it can make of its limited mandate is to ask hard questions and raise issues that Federal agencies won’t otherwise acknowledge or address.

The TSA and DHS were created in haste after 9/11 without consideration of the privacy and civil liberties implications of their new activities, many of which have never been explicitly approved by Congress. The reactivation of the PCLOB after the latest hiatus is a chance to take a fresh look at the big picture of what these agencies are doing, and what this means for privacy and civil liberties. It might be tempting to focus on “emerging” threats, but the first priority should be to assess the DHS surveillance and control systems that are already in place:

  1. Conversion of state licensing of motor vehicle operators into a national ID system. More than a decade after Congress enacted the REAL-ID Act of 2005, we are entering the endgame of DHS efforts to pressure states into participating in an outsourced, privately-operated, national ID database created to enable compliance with the REAL-ID Act. SPEXS already includes records sourced from states about more than 50 million Americans, but is not subject to any direct government control and has never been the subject of any publicly-disclosed review of its implications for privacy and civil liberties.

  2. Mass surveillance and permission-based predictive control of movement and travel. Congress has never debated whether air travelers should be required to identify themselves,whether the government should keep histories of innocent citizens’ movements (compiled from commercial airline reservations for common carrier travel, license plate readers for travel by private vehicle, and facial recognition for pedestrian movement), or whether existing judicial mechanisms for restricting the right to travel and movement through injunctions or restraining orders should be replaced with secret, extrajudicial administrative prior restraint and similar orders. How has travel been transformed from a right to a privilege exercised only by government permission? How does this implicate the 1st Amendment right to assemble and the right of freedom of movement recognized by international human rights treaties? How widely, and with what implications for privacy and civil liberties, has the precedent set by real-time “pre-crime” predictive control of travel expanded to other activities and transactions?

  3. Suspicionless dragnet administrative searches. Today, the most common hands-on interaction between a Federal agent and a person not suspected of any crime is a TSA pat-down. But there’s never been any comprehensive review of the legality or the implications for privacy and security of the proliferation of suspicionless administrative searches since the creation of the DHS and TSA: security theater in airports, warrantless searches at internal checkpoints (domestic airports, CBP roadblocks on roads that don’t cross the US border, and attempts to claim the right to impose searches on the public in other forms of transportation.

There’s much more that we and others could say about each of these issues, if the PCLOB choses to consider them. But the first challenge for the PCLOB is whether it will tackle these big-picture issues.

Dec 03 2018

Smile, travelers! You’re on candid DHS cameras.

The Department of Homeland Security has posted the latest update to a series of Privacy Impact Assessments attempting to whitewash the invasions of privacy and human rights inherent in a comprehensive system of automated facial identification of travelers.

The latest PIA reveals more than the DHS has previously admitted about the nature and scope of its planned use of automated facial ID technology.

The DHS plans to use image data aggregated from commercial surveillance systems operated by airlines and airports, as well as DHS cameras, including non-obvious cameras, to identify air travelers (including both domestic and international travelers), international ferry and cruise passengers, and travelers crossing US land borders in vehicles or on foot.

Automated identification of travelers based on facial images would be used as the basis for who is, and who is not, allowed to travel, based on travel histories and algorithmic “risk assessments” that form the US counterpart of, and predecessor to, China’s control of  travel and other activities through facial recognition and “social credit” scoring.

The latest PIA makes a variety of claims about how the risks to privacy and human rights inherent in this scheme will purportedly be “mitigated”. Some of these “reassurances” are implausible, while others are already contradicted by the facts on the ground. And none of them would cure some of the ongoing violations of Federal law in current DHS practices.

Read More

Nov 02 2018

What China calls “social credit”, the US calls “risk assessment”

A viral video of an announcement on a Chinese high-speed train and a series of reports (here and here) on NPR have prompted a surge of interest this week in China’s “social credit” system:

Dear passengers: People who travel without a ticket, behave disorderly, or smoke in public areas will be punished according to regulations, and the behavior will be recorded in individual credit information system. To avoid a negative record of personal credit, please follow the relevant regulations and help with the orders on the train and at the station.

Despite unwarranted comparisons to US financial credit scores, “social credit” scoring in China is used by the government and para-statal entities, not just private companies, and not just for financial decision-making.

One of the NPR stories as well as a report last month by the Australian Broadcasting Co. include interviews with people who discovered they were barred by the Chinese government from travel on high-speed trains as a result of “social credit” scores, regardless of their ability to pay for tickets.

Dystopian? Yes.

Unjust? Yes?

“It can’t happen here?” No.

It already happens here, every day, to everyone who travels by airline or engages in bank or credit card transactions.

You may not realize it until you are mysteriously unable to obtain a boarding pass or complete a financial transaction, but each of these activities is already subject to secret, permission-based, extrajudicial prior restraint by the US government.

The default is “no”.  Since a little over 10 years ago, US Federal regulations have forbidden any airline from issuing a boarding pass unless and until it has sent the would-be traveler’s itinerary and identifying information to the DHS and has received back an individualized, per-passenger, per-flight, permission-to-travel message from the DHS. The DHS generates a secret “risk score” for each passenger, which determines how closely they are searched and questioned, whether the airline is instructed to call the police when they try to check in, and other aspects of how they are treated.

Even before airlines or banks get to the point of consulting the government, “carrier sanctions” and similar sanctions against financial institutions give them a financial incentive to err on the side of saying “no”, not “yes”.

You don’t have to be on a government blacklist for your air travel or financial transactions to be blocked by the US government or by airlines or banks acting at the government’s behest. There are multiple air travel blacklists (euphemistically and inaccurately called “watchlists”), but no-fly and transaction-processing decisions are also made in real time, on the basis of algorithmic “pre-crime” predictions (euphemistically and misleadingly called “risk assessments”, despite the lack of any evidence of a correlation between these scores and actual “risk”).

What China calls “social credit scoring”, the US calls “risk-based screening”.

Government blacklists and real-time pre-crime policing are being applied to control a growing range of activities of daily life. But air travel and financial transactions are the areas where the US government already has a fully deployed and operational real-time “social credit” system in which private service providers are seamlessly integrated with government agencies to surveil and control our everyday activities.

The question isn’t whether the US should have a “social credit” system — it already does — but whether it should be expanded to more aspects of our lives, or rolled back.

It can happen here. It is happening here. It will continue to happen here until we stop it.

China’s social credit system provides a useful object lesson in the three essential preconditions for a system of ID-based surveillance and control. We can block or impede the expansion of such schemes by undermining any of these three legs of the tripod:

  1. ID requirements to travel or engage in other transactions or activities — If you travel, pay, or act anonymously,  your individualized “score” can’t be used to control you. China’s “social credit” system is enabled by requirements to show government-issued ID to open a bank or mobile payment account or purchase a SIM card.  You can only rent a shared bicycle in China through an app, not by cash, and you can’t use the app without an ID-linked mobile phone and ID-linked payment account. So even if you travel around a Chinese city by shared bicycle, you can be tracked. Travel anonymously, and use cash or other anonymous forms of payment.
  2. Collection of ID-linked transaction and position data  — Chinese “social credit” scores and US “risk assessments” are based on travel, movement, and transaction histories. Some of this data is collected through biometric identification, primarily automated  facial recognition. Other data is “ingested” by the government from commercial databases such as travel reservations and financial transactions. Private companies can and should resist requests for this data, but can’t be counted on to do so. No airline, for example, has ever challenged government demands for warrantless access to the entirety of their reservation database, including free-text derogatory internal comments by front-line reservation and customer-service staff that are imported directly into permanent DHS files used for “risk” scoring. Once personally identified or identifiable data is collected, it’s almost impossible to resist demands for government access made in the name of “security”.  Any data that is collected about you can and will be used against you. The only real way to oppose this mass surveillance is #DoNotCollect. Just say no to requests for information, for consent to search, or for sharing of data with the government.
  3. Government control of movement, activity, and transactions — A key step in the implementation of the “social credit” system for air travel was the installation (at a cost to the airline industry of at least US$2 billion) of the control lines that transformed a reporting (i.e. surveillance) system into a “pre-crime” control system. It’s critical to defend against having our Constitutional and human rights redefined as privileges to be exercised only by prior permission of the government —  as the right to travel by common carrier has already been. Demand that restrictions on the exercise of rights be based on evidence-based court orders, not pre-crime fantasies.

As for the specific Chinese examples of travel by high-speed train, Amtrak, like the operators of Chinese trains, is a para-statal government-charterted corporation. In 2014, we made a FOIA request to Amtrak for records of Amtrak’s sharing of passenger data with the DHS and other law enforcement agencies. Amtrak has been releasing a trickle of responsive records, as we’ve been reporting. But Amtrak’s response remains incomplete, and this is now the oldest pending unanswered request in Amtrak’s FOIA queue.

 

Oct 15 2018

TSA announces “biometrics vision for all commercial aviation travelers”

Today the US Transportation Security Administration released a detailed TSA Biometric Roadmap for Aviation Security & the Passenger Experience, making explicit the goal of requiring mug shots (to be used for automated facial recognition and image-based surveillance and control) as a condition of all domestic or international air travel.

This makes explicit the goal that has been apparent, but only implicit, in the activities and statements of both government agencies and airline and airport trade associations.

It’s a terrifyingly totalitarian vision of pervasive surveillance of air travelers at, quite literally and deliberately, every step of their journey, enabled by automated facial recognition and by the seamless collaboration of airlines and airport operators that will help the government surveil their customers in exchange for free use of facial images for their own business purposes and profits.

The  closest contemporary counterpart to what the TSA envisions for the USA is the pervasive surveillance and control of travelers in China through automated facial recognition by the Public Security Bureau.

Read More

Oct 01 2018

Yes, the DHS wants mug shots of all air travelers

A new report by the DHS Office of Inspector General (OIG) gives perhaps the most detailed official picture to date of the US government’s plans for ed biometric identification, tracking, and control of international air travelers through automated facial recognition.

Contrary to specious claims in DHS propaganda that the current rollout of mug-shot machines at departure gates at airports across the country is “only a test,” the DHS OIG reports that US Customs and Border Protection (CBP) plans to expand the mug shot and automated facial image recognition program from 6 million air travelers in 2018 to 60 million in 2019, 120 million in 2020, and 129 million — 100% of international airline departures from the US — by 2021.

But that’s not all. “Over time, the program plans to … incrementally deploy biometric capabilities across all modes of travel — air, sea, and land — by fiscal year 2025,” according to the OIG report.

The scope of these plans should make clear that the only thing being “tested” is whether travelers will submit to this program, not whether it is justified or what interests it serves.

The OIG report mentions that US citizens have been “allowed” to opt out of the airport mug shot “pilot program “, but doesn’t say whether they were told they had a right to do so:

CBP allowed U.S. citizens to decline participation in the pilot. In such cases, CBP officers would permit the travelers to bypass the camera and would instead check the individuals’ passports to verify U.S. citizenship. When a U.S. citizen opted to participate in the pilot but did not successfully match with a gallery photo, the CBP officer would examine the individual’s passport but did not collect fingerprints. We observed biometric screening at four airports — a total of 12 flights — during our audit and witnessed only 16 passengers who declined to participate.

[Note the absence of any apparent notice that US citizens can “opt-out”.]

In preparing their report, OIG staff “met with a number of external stakeholders, including the Airlines for America trade association, Delta Airlines, JetBlue Airlines, and British Airways.” Notably, however, OIG made no attempt to consult consumer, civil liberties, or human rights organizations or to consider their objections to mandatory mug shots.

The only objections noted in the OIG report came from airlines and airport operators. But it would be a mistake to interpret this as “resistance” from the airline industry to biometric surveillance of airline passengers through automated facial recognition.

The OIG report makes clear that the only thing being disputed by airlines and airports is who will pay for equipment and staff, not whether these systems will be deployed: Read More

Sep 24 2018

Will the government get mug shots of all air travelers?

The dispute over government-mandated biometric identification of travelers through automated facial recognition continues to sharpen.

ID document requirements for air travel have been imposed on a de facto basis by DHS administrative fiat without ever having been approved by Congress or authorized by law.

In a similar way, requirements for US citizens to submit to mug shots — either by components of the Department of Homeland Security or by airlines, airport operators, or contractors who share photos with DHS — are being imposed on a growing scale without any Congressional debate or statutory  basis.

Last week the World Privacy Forum submitted a petition for rulemaking asking the DHS to “provide formal notice and solicit public comments pursuant to the Administrative Procedure Act” before proceeding with further “trials” of biometric identification of travelers: Read More

Sep 18 2018

Globalization and policy laundering of travel control

An interview with the head of US Customs and Border Protection (CBP) published this month by the U.S. Military Academy as part of a “View From The Foxhole” series provides an unusually revealing, and disturbing, picture of the expansion and globalization of surveillance and control of travelers. It also highlights the ways that policy is being “laundered” through the rationale of “compliance with international standards” to avoid any domestic political debate in the US or other collaborating countries.

CBP Commissioner Kevin K. McAleenan begins his overview of the role of the CBP by referring to “people who are… seeking that permission to travel to the United States”.

But US citizens don’t need “permission” from CBP or any other government agency to travel to the US. McAleenan’s comment makes clear the extent to which the US government has arrogated to itself, and now takes for granted, the illegitimate authority to condition the exercise of the right to freedom of movement on government permission.

CBP Commissioner McAleenan doubles down by asserting that “we have the responsibility to interview and inspect all travelers and make decisions on whether they present a risk.”

But that’s not true either. CBP’s authority to inspect travelers is limited to determining whether there is probable cause to charge them with violations of the law. We have a system of criminal law, not a pre-crime system of “risk-based” predictive denial of rights.

Read More

Aug 28 2018

CBP expands partnership with airlines on facial recognition

This month US Customs and Border Protection (CBP) posted the latest in a series of Privacy Impact Assessments (PIAs) for its Traveler Verification Service (TVS) program.

The  latest PIA gives notice (although not in the form required by Federal law) that CBP and its airline and airport  partners are carrying out a second expanded phase of “demonstrations” of TVS, an identity-as-a-service scheme designed to use automated recognition of images from a shared CBP/airline/airport database of facial photos for purposes including surveillance and control (for CBP) and business process automation and price personalization (for airlines and airports).

CBP (1) describes TVS as a “biometric exit” program, (2) describes the current use of TVS as merely a “demonstration”, (3) continues to claim that airlines and airports “have no interest in keeping or retaining” facial images any longer , or using them for any other purposes, than is required by CBP for “security”, and (4) says that U.S citizens aren’t required to submit to mug shots.

These claims are intended to lull the public into not protesting: “This is only a test, using photos for limited purposes. The photos will be deleted once you get on the plane, and not used for nay commercial or other purpose.” And so forth.

All that might be somewhat reassuring, if any of it were true. But  none of it is:

Read More

Jul 23 2018

Airlines, airports, and cruise lines “partner” with DHS

This month some cruise lines are joining airlines and airports in taking mug shots of travelers and passing them on to US Customs and Border Protection (CB P). CBP uses these facial images (“biometrics”) for border and travel control and general law enforcement (policing and surveillance) purposes, and shares them with other Department of Homeland Security components and other domestic and foreign entities.

Read More