Papers, Please!

The Identity Project

Category Archives: Freedom To Travel

Apr 07 2010

Testimony to the European Parliament on PNR data

Identity Project consultant and technical expert Edward Hasbrouck is testifying Thursday in Brussels on the proposed agreement between the European Union and the U.S. Department of Homeland Security on transfers of Passenger Name Records (PNR’s) from the European Union to the DHS, at a public hearing on “Protection of Personal Data in Transatlantic Security Cooperation: SWIFT, PNR & Co. – which way forward?”, hosted by Jan Philipp Albrecht, Member of the European Parliament. 14:00-17:00 (8-11 a.m. Eastern time, 5-8 a.m. Pacific time), European Parliament, Brussels, room ASP 1G-3 (open to the public, but prior arrangement required for access to the building).

Apr 02 2010

DHS shifting from national origin to ID-based passenger profiling

Today the DHS announced that it is partially replacing its practice of illegally profiling air travelers seeking to board flights destined to the US by national origin — the subject of our still-unanswered formal complaint — with a new scheme to illegally profile passengers individually, bsed on based on mining of commercial data in passenger name records (PNRs) obtained from airlines and other travel companies and on secret DHS dossiers about would-be passengers including their lifetime travel histories maintained in the illegal Automated Targeting System and other databases.

The consequences if you fit the secret profile would continue to include, as before, being subjected to “secondary screening” (more intrusive search and/or interrogation, with no publicly-disclosed rules governing which questions you are required to answer) or having the airline not be given “clearance” under the APIS permission system to allow you to board the flight.  (Under the APIS system already on the books, the default is “No fly” unless the airline receives an affirmative, individualized, per-passenger, per-flight “clearance to board” message from the DHS.)

The new profiles reportedly could include both individual identities and vaguer patterns of suspicion such as countries previously visited (a clear case of targeting based on activities protected by the First Amendment), association (a matching phone number in a PNR, such as from having reconfirmed flights form the name hotel as thousands of other travelers), or appearance (leaving room for continued racial and/or ethnic profiling).

The profiling and selection algorithm, the identity of the decision-makers, and the data on which they will base their determinations remain secret.  No mechanism for judicial review of these decisions, or of actions taken on the basis of them, was mentioned in the DHS press release or FAQ.

The new practice greatly increases the significance of the DHS’s decision in February of this year to exempt much of the information in PNRs, including derogatory personal information submitted by travel companies without travelers’ knowledge, from release to data subjects in response to requests under the Privacy Act. It also highlights the significance of the DHS’s routinely late, incomplete, and improper responses to requests for travel records, when they respond at all.

Some of our Privacy Act requests to the DHS for travel records are 6 months old with no response at all (a year is not unusual), while one of our appeals of an obviously incomplete and improper response has been pending for more 2 1/2 years without a decision.  Of the responses we have seen to requests for PNRs and ATS travel history records, all are obviously incomplete, and invoke inapplicable exemptions (such as invoking the broader exemptions applicable to third-part requests under FOIA in response to first-party requests under the Privacy Act, to which FOIA exemptions don’t apply).  None actually appear to have been processed under the Privacy Act, only under the more limited FOIA rules, even when the requests were explicitly made under the Privacy Act.

So far as we know, nobody has actually received the “accounting of disclosures” (access log) that the DHS is required to provide on request.  And none of the major computerized reservation systems (CRSs) to which airlines outsource hosting of their PNR databases maintains logs of access to PNRs, which would be necessary for CRSs or their airline and travel company subscribers to comply with “Safe Harbor”, European Union data protection law, and other international privacy norms.  Since CRSs keep no records, nobody knows who actually accesses PNRs.

There are also still unanswered questions as to the extraterritorial US claim of jurisdiction over actions related to boarding of foreign-flag aircraft at foreign airports, especially where international aviation treaties between the US and those countries require airlines to operate as “common carriers” and transport all passengers willing to pay the fare and comply with the rules in the published tariff.

Both Americans and foreigners — including members of the European Parliament who are currently debating whether to approve continued DHS access to European PNR data — should be outraged that the DHS is simultaneously increasing the weight given to commercial and other information in secret DHS dossiers about us, while hiding even more of that information from us, even if we specifically ask to see it.  We’ll be bringing this to their attention in meetings and testimony in Brussels and Strasbourg, and talks with European activists, over the next few weeks.

Mar 30 2010

Comments on passport fee increases re-opened through April 8

While cancelling its plans for a public hearing in response to the outcry against its plans to increase fees to travelers to pay for the RFID chips in passports, the State Department has re-opened the public comment period on the proposal through next Thursday, April 8th.

An uninformative supplemental notice (PDF) was published in the Federal Register on  March 24, 2010, with a new docket number (DOS-2010-0037) so that people searching or monitoring the original docket wouldn’t know that comments have been re-opened.

You can submit comments by e-mail to fees@state.gov with “RIN 1400-AC57 and 1400-AC58” in the subject line until 5 p.m. Washington time on Thursday, April 8, 2010.  You can use our comments (also available in OpenOffice .odt and MS-Office .doc formats) as a model if you need ideas for what to say.

The supplemental notice claims that comments can also be submitted through the Regulations.gov Web site, but because the notice wasn’t linked to the original docket and was mis-categorized as “non-rulemaking”, that isn’t currently possible.

[Update: Not surprisingly, in light of the problems with the online docket, few additional comments were submitted. The most significant are from United Airlines and the U.S. Travel Association, calling for the State Dept. to suspend the rulemaking until it discloses the cost basis for the proposed fee increases, holds a public meeting to explain them, and provided a new notice and comment period.]

Mar 27 2010

Second TSA nominee withdraws

Robert A. Harding, President Obama’s second nominee to head the TSA, has become the second such nominee to withdraw himself from consideration in response to questions about the ethics of his previous activities.

Earlier, Erroll Southers withdrew himself as nominee for TSA Administrator after it became public that he had abused his connections and access to police databases to try to dig up dirt on his ex-wife’s new lover.

After he retired from the U.S. Army as a Major General, Harding founded a company that provided services under contract to the his former buddies in the military, DHS, and TSA, in the typical revolving-door fashion of the military-industrial complex.

There are conflicting reports in separate articles in the Washington Post today about Harding’s withdrawal.

One story suggests that it was related to his successful claim to qualify for preferential treatment in applying for military and government contracts as a “”service disabled veteran” on account of sleep apnea, a serious ailment but one not considered likely to be related to a military desk job.

A second story points to questions about possible over-billing for services rendered by Harding’s company in providing “interrogators assigned to Iraqi prisons”.

Without knowing anything about whether any of these allegations are true, we’re glad that the TSA won’t be handed over to a “leader” whose model for Israeli-style “engagement” and questioning of citizens is the sort of interrogation practiced in Iraqi prisons, even down to compelling citizens, when questioned by airline staff or travel agents or while under detention at airports like SFO where “screening” has been outsourced, to answer questions from private contractors rather than actual law enforcement officers.

Mar 23 2010

Rules of engagement for the TSA

The U.S. Senate Committee on Commerce, Science, and Transportation held a desultory hearing this morning on the nomination of retired U.S. Army Major General Robert A. Harding to be Administrator of the Transportation Security Administration and an Assistant Secretary of the U.S. Department of Homeland Security.

Despite the nominee’s exclusively military background and total lack of experience with the rights of civilian U.S. citizens, domestic civil liberties, or law enforcement, neither any of our questions nor any others about the limits of TSA authority were asked.  Despite some questions about how quickly General Harding has gone back and forth through the military-industrial-government revolving door since his retirement, founding and selling a military “intelligence” consulting contractor and then serving as advisor to a venture capital firm investing in similar companies, Committee members from both sides of the aisle generally praised the nominee’s background.

General Harding, in turn, praised Secure Flight and Israeli-style vetting of would-be travelers, which typically involves both intrusive searches and compulsory responses to open-ended questioning:

We should move even more to an Israeli model where there’s more engagement with passengers.

Harding didn’t define ‘engagement’, although he used the term repeatedly.  In context, though, it was clear that it would include approaching and questioning travelers.

The problem with that, of course, is that that there are no rules of engagement for TSA agents at checkpoints.  No statute or regulation spells out what the TSA is allowed to demand, or what questions a would-be traveler can be required to answer as a condition of the exercise of their right to travel.  Without that, the greater “engagement” that Harding wants is an unconstitutionally open-ended all-purpose general administrative warrant for search and interrogation of people who are neither suspected nor accused of any crime, have received no Miranda warnings, and are not free to leave once they enter the TSA checkpoint.  Once can see why a soldier might like that, but that’s not the way civilians are supposed to be dealt with by civilian law enforcement agencies in the USA.

And near the end of his testimony, Harding gave a clue as to the importance being placed by the DHS on international lobbying:

International [air] carriers will meet in Canada in September.  If I’m confirmed, the Secretary [of Homeland secuirty] would send me to that.

It’s not clear whether he was referring to IATA or ICAO — both have their secretariats in Montreal and Geneva — but the rest of the world shouldn’t be talked into imposing a US-style permission-based travel control regime just because some old soldiers from the U.S. Army like Harding think that’s the way to run the civilian travel world.

Mar 23 2010

State Dept. backs away from public hearing on passport fees

As we noted earlier this month, the State Department told United Airlines that they planned to hold “a public meeting sometime in April or May of 2010” to explain the cost basis of their proposal to increase fees for passports, visas, and other international travel permissions and credentials.

We contacted the State Department as soon as we read this in United’s comments, to try to find out when and where the meeting would be.  At first, a State Department spokesperson said they had “no knowledge of any meeting being organized”.  After we pointed out the statement in United’s comments, they backpedaled, and told us they were “working out the details on whether there will be a public meeting”.  Then this week they  admitted that there had been a plan for a public meeting, but there no longer is. Instead, they now say the State Deaprtment will publish a new notice in the Federal Register next week (probably in this docket folder), with more background on the  “Cost of Service Study”, and re-open public comments for an additional 15 days.

We take it as a sign that the State Department has gotten the message:  So many people oppose this scheme to charge us more for an improper prerequisite to the exercise of our right to travel that the agency responsible for the proposal realizes that any public hearing would provide a forum for the opposition.

The good news is that if you missed the original comment period, you’ll get a second chance.   Comments are currently closed, but get them ready to send as soon as the window re-opens next week.  You can use our comments (also available in OpenOffice .odt and MS-Office .doc formats) as a model if you need ideas for what to say.

[Update: An uninformative supplemental notice (PDF) was published in the Federal Register on  March 24, 2010, with a new docket number (DOS-2010-0037) so that people searching the original docket wouldn’t know that comments have been re-opened.  You can submit comments by e-mail to fees@state.gov with “RIN 1400-AC57 and 1400-AC58” in the subject line until 5 p.m. Washington time on Thursday, April 8, 2010.  The supplemental notice claims that comments can be submitted through the Regulations.gov Web site, but because the notice wasn’t linked to the original docket and was mis-categorized as “non-rulemaking”, that isn’t currently possible.  In the most important of the follow-up comments, which wasn’t posted to the online docket until a month after it was filed, United Airlines and the U.S. Travel Association jointly argue that the State Department still hasn’t provided sufficient information to allow the public to judge whether the fee increases are justified.]

Mar 17 2010

Long reach of “Secure Flight” angers Canadians

On September 11, 2001, Canada followed the US in closing its airspace and grounding all aircraft, stranding tens of thousands of passengers on flights to and from the US (mostly on inbound flights from Europe and Asia) at airports like Gander and St. John’s, Newfoundland.  The Canadian welcome and hospitality for these travelers became the stuff of legend.  But ever since, Canada has struggled to retain sovereignty over its airspace in the face of US “security” demands.

Canadian privacy law was amended, under US pressure, to allow “sharing” with the US government of information contained in reservations for flights between Canada and the US.  But most Canadians assumed that the role of the US in determining who is permitted to fly is limited to flights to and from the US.

This month a four-part series by Kevin Dougherty in the Montreal Gazette, syndicated across Canada in the Canwest newspaper chain, has broken open that Canadian complacency about the long reach of US claims to passenger information and “fly/no-fly” decision-making authority:

The series raises serious questions as to the legal basis for denying boarding to passengers on Canadian-flag aircraft not landing in the US on the basis of secret blacklists or decisions by the black-box Secure Flight system in the US.

Since publication of the Canwest series about “Secure Flight”, letters to the editor, op-ed colums, and editorials across Canada have denounced the application of the Secure Flight scheme to Canadian airlines and travelers.  Many have pointed out the hypocrisy: As was made evident when all those flights were grounded on September 11th, almost all trans-Atlantic and many trans-Pacific flights to and from the US pass over Canada, but Canada demands no information about who is on those planes and asserts no authority to control who is allowed to be.

On top of all this, there’s another shoe still to fall:  Canadians remain unaware that the vast majority of travel agencies, and tour operators in Canada subscribe to computerized reservation systems (CRSs) based in the US.  That means all their passenger name records (PNRs) and customer profiles are stored in the USA, even for flight that go nowhere near the US.  These travel agencies, tour operators, and other travel companies don’t tell their customers that they have outsourced their travel records to the USA, where the government could get them secretly from the CRS with a “National Security Letter”.

That’s a flagrant violation of the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA). Canadians should complain to their Privacy Commissioner and demand that she take action against companies — of which travel agencies are leading examples — that outsource their customer data to the US without their customers’ knowledge or consent, and without any way to know what’s done with that data once it is in the hands of CRSs in the US.

Mar 12 2010

Airlines, travel agencies, Congress join public outcry against passport fees

We don’t think it’s fair or legal for the government to charge you a fee to exercise your rights under the First Amendment and international human rights treaties to enter or leave the USA.  Those rights are all but absolute, and rules that restrict or burden them, such as by imposing fees, are subject to strict scrutiny.

Judging from the response to the government’s latest proposal to increase passport fees (in order to cover the increased costs of including a uniquely-numbered remotely-readable RFID chip in each passport), we aren’t alone in our views.

More than a thousand people filed comments with the Department of State by yesterday’s deadline to oppose the proposed passport fee increases.  In addition to the comments filed by individual citizens and travelers and by the Identity Project, Consumer Travel Alliance, and Center for Financial Privacy and Human Rights, comments objecting to the proposed fee increases were filed by United Airlines, the American Society of Travel Agents, and the Interactive Travel Services Association.  United Airlines told the State Department, as we did, that the proposed rules would violate the Administrative Procedure Act, and demanded that the Department reveal the cost analysis that they claim supports the fee increases and extend the comment period for responses to it before finalizing any fee increase. ASTA (which represents brick-and-mortar travel agencies) and ITSA (which represents online travel agencies), have generally been at each other’s throats; we’re not sure we’ve ever seen them file joint comments in a Federal rulemaking.  The overall picture painted by the industry comments is of the extent to which the proposed fee increases would, in fact, impose a meaningful burden on international travel.

Members of Congress, particularly from border districts, have also objected, with Rep. Chris Lee of New York writing to Secretary of State Clinton that the fee increase would “further burden American travelers,” and fellow Rep. Brian Higgins, also from upstate New York (along the busiest sector of the Canadian border), issuing a statement that, “Creating financial barriers to the international traffic flow will cost our national economy and this community greatly in the long run.”

According to its filing, “Given its questions, and the importance of access to fairly priced travel documents to support international travel, United has sought a copy of or further details on the CoSS [Cost of Service Study] on March 9, 2010. United was advised that the CoSS is not a study or a report, but rather a model which the Department plans to demonstrate during a public meeting sometime in April or May of 2010.”

We’ll keep you posted of any announcement we hear of an extension of the comment period or a public hearing on the proposal to raise passport fees to pay for RFID chips in passports.

Mar 08 2010

Military spymaster to be nominated for head of the TSA

Testing the waters yesterday, White House sources leaked to Reuters and the Associated Press that President Obama plans to nominate retired Army Major General Robert A. Harding to be the Administrator of the TSA.

Harding’s 30-year career as an army officer was spent moving up through the military “intelligence” ranks, culminating as “DoD’s senior HUMINT [human intelligence] officer.”  In other words, he was the U.S. military’s most senior spymaster. Following his retirement out the military-industrial revolving door (through which he would return if confirmed to head the TSA), he double-dipped by founding a military consulting and contracting company which he sold last year to private equity investors. “Harding Security Associates provides identity intelligence and other security services to the federal government, including doing work for the Department of Defense’s biometric-identification analysis and forensics.”

Many of the TSA’s practical problems and abuses of civil liberties have involved schemes like CAPPS-II (later Secure Flight) that were dreamed up by the NSA and other military intelligence agencies and “experts” unaccustomed to operating within the civilian, domestic U.S. legal regime and ignorant of transportation industry technical infrastructure and business practices. Harding’s autobiography gives no indication that he has any experience whatsoever with civilian or domestic civil liberties, with legal constraints on “intelligence gathering” (spying and surveillance) on civilians or U.S. persons or within the U.S., or with the transportation industry.

If Harding is nominated to head the TSA, his military background and lack of any track record on civilian civil liberties makes it especially critical for Senators to question him closely (we have some suggestions to start that questioning) about his views on the fundamental civil liberties and human rights issues facing the TSA, before any confirmation vote, and to resist any calls for an abbreviated or rushed review of his suitability for the position.

Feb 27 2010

U.S. raising fees for travel credentials and permissions

Under a series of new laws and regulatory proposals, almost everyone traveling internationally to or from the USA — US passport holders, visa-free foreign visitors, and foreigners with visas — would have to pay more in government fees for the required credentials and/or permissions.

This week the U.S. Senate passed the “Travel Promotion Act”, a bill designed to encourage foreigners to visit the USA … by making it more expensive for them to do so.

The money would go for advertising, presumably to try to persuade foreigners that the USA is worth the price and the hassle. This ignores the fact that people around the world already want to visit the USA, and don’t need to be told that. What’s standing in the way of more foreigners spending their money in the USA are the xenophobic rules and procedures that make it so difficult and expensive to get permission to travel to the USA — not lack of desire to take the family on a vacation to Disney World or Las Vegas, or a shopping junket to New York or Miami.

The Travel Promotion Act, previously passed by the House and thus now headed to the White House to be signed into law, will add a US$10 fee (good for an unlimited number of visits in a 2-year period from the date it is paid) to the price of obtaining “pre-approval” to travel to the USA through the “Electronic System for Travel Authorization” (ESTA) .

ESTA pre-approval doesn’t guarantee that you will be admitted to the USA, but is required as a de facto exit visa before the USA considers you authorized to depart from your home country for the USA. No, the USA has no authority to impose an exit permit requirement on departure from other countries, as the Identity Project argued in comments to the DHS when the scheme was proposed, but the legality of the ESTA was never brought up in Congressional debate on the Travel Promotion Act.

ESTA pre-approval is required for all those “intending” to enter the USA without a visa under the “Visa Waiver Program” (VWP). Outside of the VWP, which is limited to a short list of mostly-wealthy most-favored nations, most of them populated mostly by white-skinned people, everyone else except US and Canadian citizens and US permanent residents (green-card holders) needs a visa even to change planes in the USA, which costs a minimum of about US$200 depending on the type of visa.

Those fees for US visas would increase substantially under a pending regulatory proposal from the State Department, which would also increase the fees for issuance or renewal of US passports.

The proposed rule published in the Federal Register earlier this month would increase the total price of a new or renewal US passport from US$100 to US$135. Part of that is an increase in the “Security Surcharge” for each passport to US$40, which presumably reflects the additional cost of including a remotely-readable uniquely-numbered RFID chip in each passport.

The State Department is accepting public comments through 10 March 2010 through the Regulations.gov Web site or by e-mail to fees@state.gov. (You must include the docket number, “RIN 1400-AC58” in the subject line of your e-mail message.) This would be a good chance to tell the Obama Administration that they wouldn’t need the proposed passport fee increase if they reconsidered and rescinded the requirement for RFID chips in passports.

Frequent international travelers with US passports will also get socked. Adding pages to a passport that has filled up with visa and entry and exit stamps, previously free, will now cost US$82. Ouch! That’s particularly unfair to those who requested a passport with extra pages, but didn’t get one, since the passport application form still doesn’t include any place to indicate that you want a thicker passport book (48 or 96 pages instead of the standard 24). If you are submitting comments to the State Department, please include a request that they put check-boxes on the application form to indicate a request for a 48 or 96-page passport.

Interestingly, despite the other ostensibly cost-based fee increases the State Department admits that they are deliberately keeping the cost of a passport card, which has a much longer-range RFID chip than a standard passport book, dramatically below cost, in effect giving travelers a large financial incentive to carry a credential with a longer-range tracking beacon.

And lest Canadians feel left out (they are essentially the only nationality that doesn’t need either a US passport, a US visa, or ESTA pre-approval to travel to the USA, and thus escapes these US fee increases), this week Canada’s Transport Minister announced increases in security fees that will be added to all air tickets for departures from Canadian airports, both domestic and international. Why the higher fees? To pay for more virtual strip-search machines (“body scanners”).

Enjoy your trip, and come back and visit us again soon!

[Comments filed by the Identity Project, Consumer Travel Alliance, Center for Financial Privacy and Human Rights, and John Gilmore, which you can use as a template for your own comments; also available in Open Office .odt and MS-Office .doc formats.]