Papers, Please!

The Identity Project

Category Archives: Freedom To Travel

Mar 15 2017

Palantir, Peter Thiel, Big Data, and the DHS

San Francisco and Silicon Valley are among the centers of opposition to President Trump and his fascism, especially as it relates to restrictions on movement, border controls, immigration, and asylum.

Bay Area technology companies and their better-paid classes of employees like to think of themselves as building a better world that reflects the distinctive values that have attracted dreamers and futurists to this region  from across the country and around the world. But some of these companies are key developers and providers of “big data” tools for the opposite sort of “Brave New World“.

On Saturday, Edward Hasbrouck of the Identity Project was invited to speak to an ad hoc group of picketers outside the Pacific Heights mansion of Palantir Technologies founder and Trump supporter Peter Thiel (photo gallery from the SF Chronicle, video clip from KGO-TV; more photos from the East Bay Express).

As Anna Weiner reported in the New Yorker (“Why Protesters Gathered Outside Peter Thiel’s Mansion This Weekend“):

David Campos, a former member of the San Francisco board of supervisors, who emigrated from Guatemala, in 1985, stood on the brick stoop and raised a megaphone. “The reason we’re here is to call upon the people who are complicit in what Trump is trying to do,” he said. Clark echoed the sentiment. “If your company is complicit, it is time to fight that,” she said. Trauss, when it was her turn, addressed Thiel, wherever he was. “What happened to being a libertarian?” she asked. “What happened to freedom of movement for labor?”

Edward Hasbrouck, a consultant with the Identity Project, a civil-liberties group, took the stand, wearing a furry pink tiger-striped pussyhat. “The banality of evil today is the person sitting in a cubicle in San Francisco, or in Silicon Valley, building the tools of digital fascism that are being used by those in Washington,” he said. “We’ve been hearing back that there are a fair number of people at Palantir who are working really hard at convincing themselves that they’re not playing a role — they’re not the ones out on the street putting the cuffs on people. They’re not really responsible, even though they’re the ones who are building the technology that makes that possible.”

It’s easy to rationalize the creation of technological tools by saying that they can used for good as well as evil. But you can’t separate the work of tool-making from the ways those tools are being used. Palantir workers’ claims to “neutrality” resemble the claims made in defense of IBM and Polaroid and when they were making and selling “general purpose” computers, cameras, and ID-badge making machines to the South African government in the 1970s. None of this technology and equipment was inherently evil. But in South Africa, it was being used to administer the apartheid system of passbooks and permissions for travel, work, and residence.

The same goes for “big data” today. To understand what’s wrong with the work being done by Palantir for the US Department of Homeland Security, it’s necessary to look not just at what tools Palantir is building but at how and by whom they will be used; not just at the data tools but at the datasets to which they are applied, the algorithms they use, and the outcomes they are used to determine.

Read More

Mar 06 2017

Asylum seekers and the right to travel

“If you have a current valid visa to travel, we welcome you. But unregulated, unvetted travel is not a universal privilege.” (US Secretary of Homeland Security John Kelly, March 6, 2017)

Taking his words literally, Secretary Kelly got it half right. But fundamentally, he got it all wrong, in his statement today on the #MuslimBan 2.0 Executive Order signed today by President Trump. (Here’s a redlined comparison with the #MuslimBan 1.0 Executive Order which it replaces.)

Travel by asylum seekers isn’t a universal “privilege”. It’s a universal right.

Much can, and no doubt will, be said about other aspects of today’s Executive Order. Most of our comments on #MuslimBan 1.0 apply equally to #MuslimBan 2.0, which will continue to be enforced (illegally) primarily by airline and travel agency staff at ticket offices and check-in counters at foreign airports.

But as defenders of the right to travel and of the rights of refugees and asylum seekers, we want to make sure that Secretary Kelly’s denial of the existence of these rights doesn’t go unchallenged:

Read More

Feb 24 2017

“Border” search and ID demand from passengers on a domestic flight

Earlier this week at least two US Customs and Border Protection officers boarded a domestic Delta Air Lines flight from San Francisco when it arrived at JFK Airport in New York, stood at the doorway as passengers disembarked, and “requested” that each passenger hand over their identification “documents”.

CBP says that this was a “request“.  One passenger told Rolling Stone, “the Delta flight attendant alerted passengers, ‘You’ll need to show your papers to agents waiting outside the door.'” As shown in photos posted to Twitter by passengers here and here, the agents appear to have been between the passengers they were questioning and the exit, closing them in so that they couldn’t have left.

It’s often unclear whether a statement of what law enforcement officers “need” is a request or a demand. Another passenger, a photo editor for Vice News,  says passengers were given an order, not a potentially ambiguous statement of “need”: “We were told we couldn’t disembark without showing our ‘documents.'”

Many air travelers in the US have become inured to requests or demands for ID documents by airline clerks and TSA checkpoint staff and contractors before they are allowed to board domestic flights. But the presence of Customs and Border Protection officers on a domestic flight, and ID checks after an otherwise uneventful flight, have prompted many questions.

Is this normal? Is this legal? Should it be legal? And what should you do if this happens to you?

Read More

Feb 16 2017

Executive Orders, lawsuits, and the right to travel

[D]ue process requires… notice and a hearing prior to restricting an individual’s ability to travel.

(9th Circuit Court of Appeals, Order on Motion for Stay, February 9, 2017, State of Washington and State of Minnesota v. Trump)

President Trump’s Executive Orders prohibiting entry to the US by citizens of specified blacklisted countries and cutting off all Federal grants to designated “sanctuary jurisdictions” that decline to spend their local funds and direct their employees to enforce certain Federal immigration laws have prompted a wave of litigation by individuals and, significantly, by states and cities across the US.

We welcome the increased public interest in Federal government attempts to control the free movement of free people, the new activism on the issues of freedom to travel, and the new willingness of states and municipalities to challenge restrictions on their residents’ right to travel.

There’s been much discussion and analysis of the implications of these lawsuits for these specific Executive Orders. Relatively little attention has been paid, however, to the implications for litigation over other ongoing and emerging issues of freedom to travel of what is being said, and by whom, in the litigation over the recent Executive Orders.

Here are some of our thoughts, from the trenches of more than 15 years of legal and political struggle for the right to travel, on what these cases may portend:

Read More

Feb 01 2017

Carrier sanctions kill. Airlines collaborate.

[Sign carried by Dan Malashock at San Francisco International Airport, January 29, 2017. Photo by Ruth Radetsky.]

Since the start of our work against restrictions on freedom to fly, well before September 11, 2001, we’ve been wondering what further outrage it would take to provoke mass protests at airports, and when that would finally happen.

Now we know. Thousands of protesters (including at least one of President Trump’s fellow billionaires) filled international airports across the country for several days and nights starting last weekend, in reaction against President Trump’s executive order to detain and deport any arriving non-US citizen known to be a citizen (even a dual citizen) of one of seven publicly blacklisted Muslim-majority countries: Iraq, Iran, Libya, Somalia,  Syria, Sudan, and Yemen.

We’ve been talking about related issues for years. Now that they are out in the open, the question is what the outraged public will do, at whom the outrage will be directed, and how airlines — yes, airlines, and not just governments — will respond.

For what it’s worth, it’s unclear whether this executive order would apply to an asylum seeker who renounces their original citizenship in one of the blacklisted countries, even one who makes that renunciation at the check-in counter or in flight, and thereby arrives in the US stateless.  This may seem a far-fetched scenario, but it is common for stateless asylum seekers to use “invalid”, forged, or fraudulent documents to board flights, and then to destroy those documents in flight so as to arrive without papers. Deportation of any stateless person, and most of all a stateless asylum seeker, is especially problematic under international human rights law. But that’s the least of the problems with President Trump’s executive order.

Here are some key things we’ve learned from our work over the last 20 years that people — including those just now beginning to think about the right to fly, especially as it relates to immigrants, refugees, and asylum seekers — need to understand about what is happening, who is responsible, what will happen next, and what can be done:

Read More

Jan 29 2017

Trump repudiates agreement with EU on PNR data

In a panel discussion Wednesday at the Computers, Privacy, and Data Protection conference in Brussels, Edward Hasbrouck of the Identity Project pointed out that that both the so-called Privacy Shield and the EU-US agreement on transfers of Passenger Name Record (PNR) data from the European Union to the US government depend on non-treaty “promises”, “commitments”, “undertakings”, and executive orders by the Obama Administration.

These are not binding on President Trump, and there is no reason to expect Trump do anything just because Obama said he would do it.

Quite the contrary: President Trump has no intention of continuing many of President Obama’s policies, and every intention of reversing many of them — even if Trump continues others, such as mass surveillance, profiling of US citizens and foreigners, and reliance on executive orders to avoid the need for Congressional approval of his program, which Trump presumably will continue.

“As of this week, with Trump’s inauguration, the EU-US PNR agreement and Privacy Shield are dead letters. The only question is whether the Trump administration will officially renounce them, or whether it will simply ignore them,” Hasbrouck told the audience at CPDP.

The answer came just a few hours later the same day, when President Trump issued an executive order including the following:

Sec. 14.  Privacy Act.  Agencies shall, to the extent consistent with applicable law, ensure that their privacy policies exclude persons who are not United States citizens or lawful permanent residents from the protections of the Privacy Act regarding personally identifiable information.

The US recognized privacy as a human right when it ratified the International Covenant on Civil and Political Rights:

Article 17

1. No one shall be subjected to arbitrary or unlawful interference with his privacy, family, home or correspondence….

2. Everyone has the right to the protection of the law against such interference or attacks.

But as we have complained to the relevant UN treaty bodies, the US has flouted its obligations under this and other provisions of the ICCPR related to freedom of movement as a human right, and has provided no effective means of redress for these violations.

Instead, on this and other issues the US has acted as though there are no human rights, only privileges of US citizenship. President Trump’s executive order on privacy is only the latest official restatement of this longstanding and bipartisan US government position.

With this Presidential decree, the EU-US PNR agreement is dead.

The next question is when EU institutions will recognize this legal fact, and what they will do about it.

Read More

Jan 09 2017

IDP comments on TSA proposal to require ID to fly

Today the Identity Project and the Cyber Privacy Project filed comments with the Transportation Security Administration opposing a stealthy TSA proposal to start requiring ID to fly.

The TSA has long harassed people who try to fly without being required to show their “Papers, Please!” at TSA checkpoints.

But the TSA’s official position in court has always been that ID is not required to fly: “You don’t have to show ID to fly. You can fly without ID. We have a procedure for that.”

You can fly without ID, if you (1) fill out and sign the obscure TSA Form 415, (2) satisfy the TSA with your answers to a bunch of questions about what’s the file about you obtained by the TSA from the commercial data broker Accurint, and (3) submit to more intrusive than standard search (“secondary screening”) as a “selectee”.

That’s the way it is, and that’s the way it’s been for years.

Now, as we reported in November of last year, the TSA is contemplating a new pattern and practice of preventing anyone from passing through a TSA checkpoint or getting on an airline flight unless either  they have ID the TSA deems acceptable, or they reside in a state that the TSA deems sufficiently compliant with the REAL-ID Act.

Read More

Dec 25 2016

Obama Admin’s parting gift to foreign visitors: social media surveillance

In the Obama Administration’s parting gift to foreign visitors, the Office of Management and Budget (OMB) has approved the collection of social media IDs from foreign visitors to the US.  As part of the online Electronic System for Travel Authorization (ESTA), tourists, business travelers, and foreign citizens visiting friends and relatives in the US are now being asked whether they have accounts on any social media platforms, and if so, their user names or IDs.

Read More

Dec 21 2016

“AFI” is the latest DHS name for “extreme vetting”

We’ve heard a lot of talk in recent months about “extreme vetting” of immigrants, Muslims, and foreign visitors to the US. But what does “extreme vetting” really mean?

“Vetting” of both domestic and international travelers — making predictive pre-crime decisions as to whether or not to allow them to travel — is already extreme, and already routine.

“Vetting” means examining people and deciding who to allow, and who not to allow, to do something.

Under DHS procedures that have been in place for a decade, no airline operating to, from, or within the US is allowed to issue a boarding pass or let you on a plane unless and until it has sent your personal information to DHS and received an individualized, per-passenger, per-flight “Boarding Pass Printing Result” (BPPR) message giving the airline “permission” to “allow” you to exercise your right to travel by common carrier. The default if DHS doesn’t respond is “no”, and both the algorithms used for the decision and the data put into that algorithmic black box are secret.

What could be more “extreme”? Manual strip searches for all travelers, instead of just virtual strip searches using as-though-naked imaging machines?

But as President-Elect Trump’s “extreme” rhetoric suggests, the government’s desire for surveillance and control of our movements is insatiable. It’s always possible to make yet another mirror copy of the government’s warehouse of metadada about our movements, disseminate it more widely, and pile on another layer of pre-crime profiling algorithms. More is always better, right — especially if you call it “intelligence”?

The latest replication and propagation of travel data, and the latest layer of traveler “vetting” tools, is the so-called “Analytical Framework for Intelligence” (AFI) operated by, or under contract to, US Customs and Border Protection (CBP).  As we told Spencer Woodman of The Verge for his story today about AFI:

“When Trump uses the term ‘extreme vetting’, AFI is the black-box system of profiling algorithms that he’s talking about,” says Edward Hasbrouck of the Identity Project, a civil liberties initiative that focuses on the rights of travelers. “This is what extreme vetting means.”

DHS in general, and CBP in particular, have been playing a shell game for many years with their travel surveillance and control systems.

Government copies of airline reservations (Passenger Name Records) were first claimed to be part of a system of records called TECS, then declared to be part of a “new” system of records called the Automated Targeting System (ATS), although still stored in the TECS database. (Huh?)  Now an additional mirror copy of all this PNR data (still stored in TECS and still also deemed part of ATS) is being created as part of another “newer” system of records known as AFI.

AFI is one several new user interfaces and front-ends to TECS data being developed for use by multiple DHS components including US Customs and Border Protection (CBP) and Immigration and Customs Enforcement  (ICE) as part of a long-term “TECS modernization” project.

If you’re confused by all the acronyms and name changes, and don’t know which government files you should ask for or worry about, that’s exactly what DHS wants.

AFI itself has changed fundamentally and for the worse in the last few months, at least if we can believe what DHS says. It’s always been a suspicion-generating and guilt-by-association machine, but now it’s a much more powerful one. More powerful, to be clear, does not mean “better” or “more accurate”. It means, “capable of placing more people under suspicion” based on more intrusive data aggregation, data mining, and profiling. Here’s how:

Read More

Dec 15 2016

Controls on land travel vs. the right to free movement

In a partial but symbolically significant victory, the Belgian government has postponed a final vote in the national Parliament on legislation to require certain international railways to provide passenger name records (PNRs) to the government for surveillance and advance “vetting” of train travelers, as is already being done for air travelers between the EU, the US, and other countries.

(Text of the proposed law in French and Flemish/Dutch; report on first reading in Parliament; analysis and commentary in English; legislative history; legislative status.)

The Belgian proposal was approved by the anti-terror committee in Parliament despite a threat by the German national railway to suspend its high-speed services to Belgium if the bill passes, as well as other criticism.

One Belgian think tank, analyzing the proposal in the context of other anti-terrorism proposals, concluded that, “The creation of a Belgian PNR system is a good illustration of this dynamic: taking it as a given that it will facilitate the arrest of terrorists who are planning attacks is something of a fairy tale…. Social sciences, unlike astrology, is not about predicting the future.”

The decisive factor in the Belgian government’s decision to postpone the scheduled final vote in the national Parliament appears to have been intervention by the European Commission in response to a formal complaint by Access Now that the law would violate the right of EU citizens to move freely within the EU.

As with “rights” for US citizens that aren’t recognized as human rights for all, a decision by the EU or Belgium based solely on the rights of EU citizens falls short of full recognition of the right to travel. But so far as we know, this is the first time that the EU has blocked any proposed travel surveillance or control measure, in the EU or any of its members states, on the basis of the right to freedom of movement.

We hope that the Belgian government will withdraw its railway PNR proposal entirely, not leave it pending, and that other EU member states will take note of the incompatibility of measures like this with fundamental European and human rights principles.