Papers, Please!

The Identity Project

Category Archives: Freedom To Travel

Feb 25 2025

“TSA must go away”


Thanks to a mutual fan, we were invited to speak about the work of the Identity Project with Alex Newman on the latest edition of The Liberty Report on Patriot.tv and Rumble.

We talked about current and long-term concerns including digital ID, the REAL-ID Act, how demands for ID enable surveillance and control and are being increasingly integrated into a global system of surveillance and control of our movements, and the importance of anonymous cash payment for protection against financial surveillance.

What can be done? We talked about the need for popular vigilance and popular resistance, but also about what the government could do:

If the Department Of Government Efficiency (DOGE) is really concerned about identifying  unnecessary and ineffective government programs to cut, they could start with the TSA.

Members of Congress could do their part by reintroducing the Freedom To Travel Act and working to abolish the TSA.

Most importantly, though, we the people can continue to resist these attacks on our freedom.

Thnaks to Alex Newman and his crew for giving us a chance to bring these issues to his listeners and viewers.

Jan 28 2025

Surveillance as a service (SAAS)

Does SAAS stand for “software as a service” or “surveillance as a service”?

As we’ve reported previously, the UN Security Council and ICAO have illegally ordered all UN and ICAO members to create national agencies for surveillance of airline passengers and global sharing of airline reservations (PNR) and passenger manifest (API) data.

Through bilateral and multilateral efforts and the UN Countering Terrorist Travel program, the US and Dutch governments have made available ready-made software for creating and managing travel watchlists, blocklists, and profiling algorithms and rulesets.

These aren’t the only options, though, for national governments wanting or feeling pressured by the US, UN, and/or ICAO to get on the traveler profiling bandwagon.

Caitlin Chandler of Wired, in conjunction with Andrew Couts, Crofton Black, Ariadne Papagapitos, and Daniel Howden of the European nonprofit newsroom Lighthouse Reports,  has a ground-breaking report putting the spotlight on four commercial providers of outsourced and privatized air travel surveillance, profiling, and control systems: Swiss-based SITA (an established joint venture formed by airlines to provide shared IT services) and Travizory, French-based Idemia, and Dutch-based WCC.

These are the companies that make presentations, lurk on the sidelines and in the booths, and negotiate public-private partnership agreements at the annual FTE Global trade show, ICAO’s  annual TRIP symposium in Montreal, and similar regional events.

Each of these companies offers a turn-key solution, either user-installed or cloud-based, to governments that want to jump-start their air travel surveillance and control programs  and “push their borders offshore”, as one of these vendors describes their service.

Another vendor quoted by Wired says that with their system and its interconnections, “Participating governments are then able to respond to the carrier … in real-time, authorizing or denying the boarding of each and every passenger.” These systems are also designed to interface with electronic travel authorization (departure permission) systems.

[SITA brochure on the “Exported Border”.]

Each of these systems supports drag-and-drop importing of watchlists and blocklists from other countries, creation and addition of entries to new watchlists and blocklists, and creation of new profiling and travel blocking algorithms and alerts. Each also allows government customers to enable the vendor’s preconfigured pre-crime and artificial unintelligence profiles and algorithms as part of their surveillance, blocking, and alert ruleset.

In interviews reported in Wired, these companies disclaim responsibility for how these tools are used by government customers or what rules customers add to their algorithms — a claim that is at best disingenuous, especially when government customers turn on pre-crime and AI profiling and scoring algorithms provided by the vendor as part of a black box.

It would be a mistake to focus too much on these surveillance-as-a-service providers, to the exclusion of the governments that have contracted and paid for their services. That governments and their commercial partners are illegally interfering with the right to freedom of movment, the right to leave any country, the right to travel by common carrier, and the right to asylum is more significant than the specific systems they are using to do so. But the report in Wired outing these companies and their role in travel surveillance and control is an important step. These vendors and their surveillance-as-a-service products, as well as the government agencies they work with, deserve continuing scrutiny and oversight from human rights activists and international human rights bodies alike.

Jan 20 2025

UK “Electronic Travel Authorization” sets a bad example

Effective January 8, 2025, the United Kingdom began requiring citizens of the USA and most other countries who previously could enter the UK without visas for short visits for tourism and some other purposes to obtain a so-called Electronic Travel Authorization (ETA) as a new precondition for admission to the UK for those purposes.

The UK ETA is significant both in its own right and as a case study in what’s wrong with similar requirements and systems already in effect in other countries, including the USA, Canada, Australia, and in preparation in many more countries including all members of the European Union.

The requirement for an ETA is intended for a pupose fundamentally contrary to international treaties on aviation and the rights of refugees, and has been implemented in ways that facilitate surveillance of ETA applicants and arbitrary control by a few private companies of who can and who can’t travel to the UK.

We hope the EU and other countries will learn from and avoid, not emulate, this bad example set by the UK.

The UK ETA system is not the first of its kind, but it’s the first that most US citizens, except those who have traveled to Australia, will encounter. US citizens don’t generally see what foreign citizens have to go through to enter the US, even as tourists or in transit. And US and Canadian citizens visiting each other’s countries are exempt from the electronic travel authorization requirements that their governments apply to visitors from other countries.

But while it may be a new experience for US citizens, the UK ETA is similar to what’s already required for most tourists and short-term business visitors to the USA, Canada, or Australia. And the UK ETA is similar to the system that the EU plans to roll out for citizens of the US, Canada, UK, and many other countries.

Australia pioneered this concept with its ETA system, beginning in 1996 (and modified several times since them). The USA launched its ESTA system, modeled on the Australian ETA, in 2009. Canada followed with its eTA system in 2016. Now the UK is rolling out its similar ETA system in 2025.

The EU EES and ETIAS schemes were planned to go into operation several years ago, sooner than the UK ETA, but have been postponed repeatedly. The most recent announcement by EU authorities is that EES — a system for collecting mug shots and fingerprints of visitors to the EU, as the US already does with visitors —  will be launched sometime in 2025, and ETIAS — an electonic travel authorization like the US ESTA and the UK ETA — will go into effect six months after the EES launch. (The EU is also considering a related system for a “travel permission app” with problematic implications.)

Acronym soup and national variations aside, what’s an ETA? How do ETA requirements violate international law? What’s wrong with the way the UK has implemented its ETA program? Read More

Jan 06 2025

Human Rights and “Countering Terrorist Travel”

In late 2023 the U.N. Special Rapporteur on Counter-Terrorism and Human Rights released perhaps the most significant independent assessment to date of the human rights implications of travel surveillance and control.

The Special Rapporteur’s report was released without publicity on the next-to-last day of the Special Rapporteur’s term. Aside from an article by Statewatch, it got little notice.

A year later, an update from Privacy International reminds us of the Special Rapporteur’s report and calls attention to how little its recommendations have been heeded — and how urgently important they remain.

The Special Rapporteur’s report provides both a call to action and an analysis of travel surveillance and control as a human rights issue.

The report by Special Rapporteur Fionnuala Ní Aoláin and her staff reviewed the U.N. Countering Terrorist (CT) Travel Programme and the goTravel software being provided by the U.N. to its member states for them to use in monitoring and controlling travel worldwide on the basis of airline passenger manifest (API) and reservation (PNR) data.

This wasn’t the first time that the Special Rapporteur has addressed the use of API and PNR data for travel surveillnace and control. But it was the most detailed assessment by to date any of the U.N. human rights bodies of the system of travel surveillance and control based on airline reservations against the norms of international human rights law. The Special Rapporteur’s report addressed privacy — the focus of the recent follow-up by Privacy International — but also other human rights including, perhaps most importantly, the right to freedom of movement.

In the considered judgement of the Special Rapporteur as the holder of the relevant human rights mandate within the U.N. framework, this system fails the test of human rights law. “The roll-out of the system must be paused and an urgent review initiated”:

This position paper carries out an in-depth analysis of human rights implications and concerns associated with the CT Travel Programme and its promulgation of goTravel. The position paper demonstrates how UNOCT and its UN implementing partners appear to be failing to adequately mainstream human rights in the development of the underlying system for collection, use, and sharing of API/PNR data, and how the system which is now being rolled out internationally at pace, risks squarely contravening international law, particularly international human rights law, in multiple respects….

The CT Travel Programme’s API and PNR collection and sharing system was never designed with human rights in mind. It is marked by ad hoc thinking and the absence of rigorous analysis of how the technology and the international framework for data sharing it facilitates could be designed and operated in a manner which complies with relevant legal obligations, particularly international human rights law. The absence of that analysis has led to a situation in which the UN is now directly implicated in an approach to API and PNR data collection and sharing being rolled out globally which risks placing immensely powerful tools in the hands of States which may misuse them, intentionally or inadvertently, to jeopardize human rights, without any evidence of sufficient prior vetting, and without any practical or legal recourse to prevent or sanction such misuse….

The current UN approach to API and PNR data collection and sharing which is facilitated by the UNOCT and UN implementing partners in the CT Travel Programme and go Travel software platform represents a profound human rights risk and a serious reputational risk for the UN itself.

The Special Rapporteur’s report notes, with appropriately grave concern, that the U.N. itself has mandated — as we have reported — that the government of each U.N. member state must establish an airline passenger surveillance and control agency (“Passenger Information Unit”), compel airlines to provide the government with mirror copies of airline reservations (PNRs), and make that data available on request to all other U.N. members.

Read More

Dec 02 2024

DEA pays airline staff to target innocent travelers

In response to a scathing report by its Office of the Inspector General (OIG), the US Department of Justice has directed the Drug Enforcement Agency (DEA) to suspend most of its suspicionless “consensual” questioning and searches of travelers at airports and in other transportation facilities, pending an internal review of these practices.

For years, DEA agents, sometimes in partnership with local law enforcement task forces, have been searching travelers in ways that make travelers think that they are being detained and are legally required to submit to searches and answer questions.

The OIG report stops short of calling for an end to these “consensual” searches and interrogations, but is pausing them indefinitely. According to the report, “the Deputy Attorney General (DAG) issued a memorandum directing the DEA to suspend the program until an assessment is completed, identified concerns addressed, and the DAG approves resumption of tbe program.”

Much of the OIG report concerns procedural and training issues. The DEA has failed to keep its previous promises (1) to train its agents on travelers’ rights before sending them into airports to stop, question, and interrogate travelers, without probable cause to suspect them of crimes, and (2) to keep records of these “consensual” encounters with travelers.

The lack of records makes it harder to tell whether DEA agents have been engaged in profiling on the basis of race or national origin.

The OIG also found that DEA agents didn’t wear body cameras. If you want a record of what happens, film the police yourself if you are stopped, questioned, or searched.

Even in the absence of demographic data about which travelers were stopped, searched, and questioned, or bodycam recording of these interactions, the OIG found evidence of continuing disregard for travelers’ rights:

[P]roceeding with such interdiction activities… creates substantial risks that DEA SAs [Special Agents] and TFOs [Task Force Officers] will conduct these activities improperly [and] impose unwarranted burdens on, and violate the legal rights of, innocent travelers.

The goal of these “consensual searches” is to find and seize cash, not drugs, from travelers. Rather than being based on suspicion of crimes, they are based on suspicion of carrying cash. Airline staff are given a cut of the seized cash to finger passengers to be stopped by DEA agents in the hope that they will “consent” to searches so that any cash that is found on their person or in their luggage can be seized: Read More

Nov 04 2024

TSA launches smartphone-based digital ID scheme

Brushing off objections from the Identity Project and others, the US Transportation Security Administration (TSA) has issued regulations creating the framework for an all-purpose smartphone-based national digital ID and tracking system.

The TSA’s new rules are piggybacked on the REAL-ID Act of 2005, and are ostensibly standards for what states will have to do to issue digital versions of driver’s licenses or ID cards that the TSA and other Federal agencies will accept for Federal purposes, in circumstances where ID is required by other Federal laws. This doesn’t include airline travel, for which no ID is legally required, although the TSA keeps lying about this.

The TSA’s new rules provide that acceptable digital IDs can only be issued to individuals who already have physical driver’s licenses or state-issued ID cards. And individuals are still required by standard state laws to “have their Physical Credential on their person while operating a motor vehicle”, even if they also have a digital ID on their smartphone. So this regulatory scheme isn’t really about driver’s licenses at all. It’s about pressuring states to move from uploading information about all their residents to a national ID database to putting a digital tracking app with a state-issued identifier on each resident’s smartphone.

We’ll have more to say in our next article about some of the ways this might be used for surveillance and control of individuals’ activities in the physical and online realms.

The TSA dismissed out of hand our suggestion that an individual could be provided with a digitally-signed file (signed by a government agency) containing the same information as is contained on a physical license or ID card. Such a  file could be carried on any sort of device and presented over any sort of connection. Instead, the TSA’s new rules require that a digital ID must be “provisioned” through an app on a smartphone. The smartphone must be “bound” to an individual (how is this possible?) and must have bluetooth-low energy (BTE) radio connectivity enabled so that the app containing the digital ID can be remotely interrogated by the government (perhaps without the user’s knowledge).

How will this work? What else will these apps do? In what situations, and for what purposes, will these apps and digital IDs be required? We don’t really know.

Read More

Sep 16 2024

TSA again backs down from its REAL-ID threats

The Transportation Security Administration (TSA) has again backed down from its decades-old threats to start requiring all airline passengers to show ID that the TSA deems to be compliant with the REAL-ID Act of 2005. But the new rules proposed by the TSA would create new problems that won’t go away until Congress repeals the REAL-ID Act.

In a notice published in the Federal Register on September 12th , the TSA has proposed another two-year postponement of the most recent  of the “deadlines” the agency has imposed on itself for REAL-ID enforcement.  But that postponement would be combined  with interim rules for the next two years that ignore the law and invite arbitrariness in how travelers are treated.

The TSA notes that “frustrated travelers at the checkpoint may also increase security risks” if the TSA stopped allowing travelers to fly without REAL-ID. But the TSA doesn’t mention its current procedures for flying without any ID or its position in litigation that no law or regulation requires airline passengers to show any ID. Instead, The TSA claims without explanation that without this postponment, “individuals without  REAL ID-compliant DL/ID or acceptable alternative would be unable to board federally regulated aircraft.”

Comments from the public on the proposed rule are due by October 15, 2024. Dozens of comments have already been submitted, almost all of them opposing requiring REAL-ID to fly.

We’ll be submitting comments opposing the proposed rules and reminding the TSA that (1) no state is yet in compliance with the REAL-ID Act, which would require sharing of driver and ID databases with all other states, and (2) neither the REAL-ID Act nor any other Federal law requires air travelers to have, to carry, or to show any ID.

Unless the law is changed to try to impose an unconstitutional ID requirement as a condition on the right to travel by common carrier, the TSA must continue to recognize the right to fly without ID. Any distinction by the TSA or other Federal agencies between state-issued ID, when no state complies with the REAL-ID Act or could do so until all states participate in the national REAL-ID database (SPEXS), would be arbitrary and unlawful.

Read More

Sep 06 2024

Planned new European travel restrictions follow US precedents and pressure

Citizens of the USA and some other most-favored nations have long been able to travel to many European countries for tourism or business without visas or prearrangements and with minimal border formalities, as long as they didn’t stay too long or seek local residence or employment.

This is scheduled to change with the imposition of new controls on foreigners — including US citizens — visiting Europe starting in November 2024. This is to be followed by a further ratcheting up of control and surveillance of  foreign travelers to Europe scheduled for some time in 2025.

Some US citizens are likely to be shocked and humiliated — as any traveler anywhere in the world should be, regardless of their citizenship — to be subjected to fingerprinting and mug shots and additional questionning on arrival in Europe and, starting next year, a de facto visa by another name that they will have to apply and pay for and have approved before they can board a flight (or international ferry or train) to any European destination.

European citizens can and should object to the imposition by their governments of these new restrictions on foreigners, including foreign tourists and business visitors and foreign citizens who reside in Europe. Europe could, and should, set a better example of respect for freedom of movement as a human right that shouldn’t depend on citizenship.

But US citizens who object to these new European measures should direct their objections and, more importantly, their agitation for changes in travel rules to the US government.

These impending new European travel control and surveillance measures are modeled on systems developed in, already in use in, and actively promoted to European and other governments around the world by the US government.

By its precedents and international pressure, the US government is making travel more difficult for everyone, including US citizens, everywhere in the world including in Europe.

Read More

Aug 15 2024

Travel blacklists target political critics

US government travel blacklists (euphemistically described by the government as merely “watchlists”) are being used to restrict airline travel and target searches of electronic devices of organizers of protests against US support for Israel’s military actions in Gaza, according to a complaint filed this week in Federal court by attorneys for two blacklisted Palestinian-American US citizens, Dr. Osama Abu Irshaid and Mr. Mustafa Zeidan.

It might be tempting to interpret the allegations in this complaint as indicative of the need for oversight or guardrails to prevent “abuse” of the blacklisting and travel control system. But we think it makes more sense to see this case as indicative of the risk of political weaponization inherent in the system of algorithmic, identity-based, extrajudicial administrative control of travel. This case shows why this travel control system should be abolished entirely, and why any restrictions on the right to travel should be imposed through existing judicial procedures for restraining orders and injunctions — adversary procedures that incorporate notice, the right to confront one’s accusers, and the other elements of Constitutional due process.

The heavy lifting that makes this use of travel controls to restrict political dissidents possible was carried out when airlines were required to install communication and control lines enabling the US government to decide, in real time, on the basis of information from airline reservations and travelers’ ID documents, whether or not to give airlines “permission” to transport each would-be passenger. That entailed more than $2 billion, by the US government’s own underestimate, in unfunded mandates imposed on airlines and their IT providers for changes to their reservation and departure control systems.

Now that this infrastructure is in place, only the ruleset needs to be changed to change who is, and who is not, allowed to travel by air, or how they are treated when they fly.

Names and other selectors (phone numbers, IP addresses, etc.) can be added to list-based rules. New category-based rules can be added to the ruleset. New real-time “pre-crime” profiling and scoring algorithms can be applied to fly/no-fly decision-making. New external databases and actors can be connected to the system.

All of this has, in fact, been done, making it harder and harder for anyone to exercise effective oversight over the system or the decisions generated by its secret algorithms.

The potential for targeting of dissidents and political opponents is a feature, not a bug, of secret administrative decision-making, especially in the absence of judicial review.

Here’s how it played out in this case, according to the complaint and other reports: Read More

Aug 01 2024

Customs officers need a warrant to search your cellphone at JFK

Judge Nina Morrison of the US District Court for the Eastern District of New York (Brooklyn, Queens, Staten Island, and Long Island) has ruled that police, including officers of U.S. Customs and Border Protection (CBP), need a warrant to search your cellphone at JFK International Airport, even when you are entering or leaving the US.

This ruling is certainly a positive development. It’s a break with a line of judicial decisions that have made US borders and international airports a Fourth Amendment-free zone, even for US citizens. It’s likely to influence other judges and other courts, even though — as a ruling from a District Court rather than an appellate court — it doesn’t set a precedent that’s binding even on other judges in the same Federal judicial district.

But there are important issues that weren’t addressed in this case, and important things you need to know to exercise your rights at JFK or other airports — even if judges in future cases in the same or other judicial districts are persuaded by the ruling in this case.
Read More