Papers, Please!

The Identity Project

Category Archives: Papers, Please

Nov 05 2024

What will the future bring for ID demands?

There are elections today in  the USA. But we don’t need to know their outcome to predict many of the issues that the Identity Project and our supporters and allies will continue to face in the coming years. For what it’s worth, everything that was on our agenda for the first Obama Administration, following the 2008 elections, remains on our agenda today.

At least since September, 11, 2001, throughout both Republican and Democratic administrations in the White House, demands for “Your papers, please!” have been supported by (1) a bipartisan consensus in Congress, (2) the lobbying power of an ever-growing homeland security-industrial complex, and (3) the malign convergence of interest between governments that want to identify us in order to track, profile, and control us for political purposes and corporations that want to identify us (or get the government to force us to identify ourselves) in order to track and profile us for commercial purposes.

Read More

Nov 04 2024

TSA launches smartphone-based digital ID scheme

Brushing off objections from the Identity Project and others, the US Transportation Security Administration (TSA) has issued regulations creating the framework for an all-purpose smartphone-based national digital ID and tracking system.

The TSA’s new rules are piggybacked on the REAL-ID Act of 2005, and are ostensibly standards for what states will have to do to issue digital versions of driver’s licenses or ID cards that the TSA and other Federal agencies will accept for Federal purposes, in circumstances where ID is required by other Federal laws. This doesn’t include airline travel, for which no ID is legally required, although the TSA keeps lying about this.

The TSA’s new rules provide that acceptable digital IDs can only be issued to individuals who already have physical driver’s licenses or state-issued ID cards. And individuals are still required by standard state laws to “have their Physical Credential on their person while operating a motor vehicle”, even if they also have a digital ID on their smartphone. So this regulatory scheme isn’t really about driver’s licenses at all. It’s about pressuring states to move from uploading information about all their residents to a national ID database to putting a digital tracking app with a state-issued identifier on each resident’s smartphone.

We’ll have more to say in our next article about some of the ways this might be used for surveillance and control of individuals’ activities in the physical and online realms.

The TSA dismissed out of hand our suggestion that an individual could be provided with a digitally-signed file (signed by a government agency) containing the same information as is contained on a physical license or ID card. Such a  file could be carried on any sort of device and presented over any sort of connection. Instead, the TSA’s new rules require that a digital ID must be “provisioned” through an app on a smartphone. The smartphone must be “bound” to an individual (how is this possible?) and must have bluetooth-low energy (BTE) radio connectivity enabled so that the app containing the digital ID can be remotely interrogated by the government (perhaps without the user’s knowledge).

How will this work? What else will these apps do? In what situations, and for what purposes, will these apps and digital IDs be required? We don’t really know.

Read More

Oct 14 2024

Comments on TSA proposal for decentralized nonstandard ID requirements

Today the Identity Project joined almost 8,000 individuals who have filed comments with the Transportation Security Administration opposing the TSA’s latest bizarre proposal for  decentralized, nonstandard, selective enforcement of the REAL-ID Act of 2005.

The introduction to our comments summarizes our objections as follows:

By this NPRM [Notice of Proposed Rulemaking], the Transportation Security Administration (TSA) proposes to grant to itself and to delegate to other agencies… authority to establish rules (“phased enforcement plans”) governing who is, and who is not, under what conditions, allowed to access Federal facilities or exercise Federally-recognized rights including the right to travel by air by common carrier. These rules could be adopted by the TSA and other agencies without notice, public comment, publication in the Federal Register, or codification in the Code of Federal Regulations (CFR). Instead of standards for the acceptance of IDs, the TSA is proposing to delegate authority to itself and other agencies for decentralized and nonstandard acceptance or rejection of noncompliant IDs. Congress has given the TSA no such authority.

This NPRM is premised on erroneous explicit and implicit legal and factual findings, including claims that some or all states and territories have complied with the requirements of the REAL-ID Act of 2005 and that airline passengers are required to have, carry, and/or show ID. These findings are arbitrary, capricious, contrary to law, and not entitled to deference.

Compliance with the REAL-ID Act requires a state to electronically share information concerning all driver’s licenses and state-issued IDs with all other states, but not all states do so.

Because no state complies with this provision of the REAL-ID Act, or could do so unless and until all states do so, no state-issued driver’s licenses or ID cards comply with the REAL-ID Act. No state is currently able to issue licenses or IDs that comply with the REAL-ID Act….

The proposed rules exceed the authority of the TSA. They would violate the Administrative Procedure Act (APA) and rights including the “public right of transit” by air.

Pursuant to the APA, neither the TSA nor any other agency has the authority to issue rules through the procedures contemplated by the proposed rules. And the REAL-ID Act does not authorize the TSA to delegate the promulgation of implementing regulations to other agencies or departments. Neither the TSA nor any other agency has the authority to issue regulations rescinding the statutory and Constitutional right to travel by air…

The proposed rules must be withdrawn in their entirety.

Read More

Sep 16 2024

TSA again backs down from its REAL-ID threats

The Transportation Security Administration (TSA) has again backed down from its decades-old threats to start requiring all airline passengers to show ID that the TSA deems to be compliant with the REAL-ID Act of 2005. But the new rules proposed by the TSA would create new problems that won’t go away until Congress repeals the REAL-ID Act.

In a notice published in the Federal Register on September 12th , the TSA has proposed another two-year postponement of the most recent  of the “deadlines” the agency has imposed on itself for REAL-ID enforcement.  But that postponement would be combined  with interim rules for the next two years that ignore the law and invite arbitrariness in how travelers are treated.

The TSA notes that “frustrated travelers at the checkpoint may also increase security risks” if the TSA stopped allowing travelers to fly without REAL-ID. But the TSA doesn’t mention its current procedures for flying without any ID or its position in litigation that no law or regulation requires airline passengers to show any ID. Instead, The TSA claims without explanation that without this postponment, “individuals without  REAL ID-compliant DL/ID or acceptable alternative would be unable to board federally regulated aircraft.”

Comments from the public on the proposed rule are due by October 15, 2024. Dozens of comments have already been submitted, almost all of them opposing requiring REAL-ID to fly.

We’ll be submitting comments opposing the proposed rules and reminding the TSA that (1) no state is yet in compliance with the REAL-ID Act, which would require sharing of driver and ID databases with all other states, and (2) neither the REAL-ID Act nor any other Federal law requires air travelers to have, to carry, or to show any ID.

Unless the law is changed to try to impose an unconstitutional ID requirement as a condition on the right to travel by common carrier, the TSA must continue to recognize the right to fly without ID. Any distinction by the TSA or other Federal agencies between state-issued ID, when no state complies with the REAL-ID Act or could do so until all states participate in the national REAL-ID database (SPEXS), would be arbitrary and unlawful.

Read More

Aug 27 2024

100,000 passport applicants have gotten the long form

More than 100,000 US citizens — almost ten times as many as the State Department had projected — have been required to complete one or both of two impossible “long form” supplements to their applications for US passports, according to records we received this month in response to a Freedom Of Information Act (FOIA) request we filed in 2011.

[Numbers of passport applicants sent each of the two version of the long form passport application each year since 2014, as reported to us this month by the State Department in response to our 2011 FOIA request.]

Back in 2011, the State Department proposed an outrageous long form to be sent to some subset of applicants for US passports. The form includes a bizarre list of questions which most applicants would be unable to answer.

Do you know, or do you have any way to find out, the dates, addresses, and names of doctors for each of your mother’s pre-natal medical appointments, or the names, addresses, and phone numbers of everyone who was in the room when you were born?

Sending someone the supplemental long form is a pretext for denying their application for a passport. As we said in our comments to the State Department:

The proposed form reminds us unpleasantly of the invidious historic “Jim Crow” use of a literacy or civics test of arbitrary difficulty, required as a condition of registering to vote and administered in a standardless manner. By making the test impossible to pass, voter registrars could use it as an arbitrary and discriminatory – but facially neutral – excuse to prevent any applicant to whom they chose to give a sufficiently difficult test from registering to vote, on the ostensible basis of their having “failed” the test.

In a similar way, choosing to require an applicant for a passport to complete the proposed Form DS-5513, which few if any applicants could complete, would amount to a de facto decision to deny that applicant a passport. And that decision would be standardless, arbitrary, and illegal.

After we publicized this proposal, thousands of people submitted comments to the State Department calling for the proposed form to be withdrawn.

Although the State Department had falsely claimed in its application for approval that this was a “new” form, commenters reported that they had already (illegally) been required to fill out a version of this form, even though it had not been approved.

As soon as we learned this, we filed a Freedom of Information Act (FOIA) request in April 2011 to find out how long the long form had been in use illegally without approval, how many people had been told to fill out the long form, and what if any criteria had been established for when to require a passport applicant to fill out the long form.

Read More

Jun 07 2024

“Who Lacks ID in America Today?”

As we discussed in our previous article, the issue in the current stage of the lawsuit challenging a Texas law requiring ID to visit some websites is what standard — “strict scrutiny” or “rational basis” review —  courts should use to evaluate the Constitutionality of government-imposed restrictions on the exercise of First Amendment rights.

But legal briefs in the case also address the adverse and discriminatory impact of ID requirements on people without ID, and spotlight some important recent research on how many people in the US don’t have government-issued ID or don’t have ID that would satisfy ID-verification procedures and criteria, including those that include address verification.

A friend-of-the-court brief submitted to the U.S. Supreme Court by the Electronic Frontier Foundation and the Woodhull Freedom Foundation cites an analysis by the Center for Democracy and Civic Engagement at the University of Maryland of the results of a survey of a scientifically-selected national panel conducted in September and October of 2023.

Respondents were asked whether or not they have a driver’s license, whether their ID (if any) has their current name and address, and whether their ID, birth or naturalization certificate, or other evidence of identity and citizenship is kept in a quickly accessible place (rather than a safe deposit box or other off-site location).

The responses to the survey show just how many people can be excluded by ID demands:

Nearly 21 million voting-age U.S. citizens do not have a current (non-expired) driver’s license. Just under 9%, or 20.76 million people, who are U.S. citizens aged 18 or older do not have a non-expired driver’s license. Another 12% (28.6 million) have a non-expired license, but it does not have both their current address and current name….

If driver’s license records are incorporated into address-validation algorithms, someone who gives their current address may be more likely to be turned away by ID-based gatekeepers than an identity thief who can has obtained, and can regurgitate, the out-of-date or incorrect address associated with that ID in government records.

The survey also asked about other forms of government-issued ID including:

  • US passport or US passport card
  • US Naturalization Certificate
  • US Certificate of Citizenship
  • Military ID
  • Veterans ID
  • Student ID
  • Tribal ID
  • Hunting License
  • Gun/firearm permit

Millions of US adults have none of these government-issued credentials:

Just over 1% of adult U.S. citizens do not have any form of government-issued photo identification, which amounts to nearly 2.6 million people.

Unsurprisingly, Black, Hispanic and young adult Americans are less likely to have ID, or to have current addresses on file with government agencies, and are therefore more likely to be discriminated against by ID and address verification requirements:

Black Americans and Hispanic Americans are disproportionately less likely to have a current driver’s license. Over a quarter of Black adult citizens and Hispanic adult citizens do not have a driver’s license with their current name and/or address (28% and 27% respectively)… Eighteen percent of Black adult citizens, 15% of Hispanic adult citizens, and 13% of Asian/Pacific Islander adult citizens do not have a license at all, compared to just 5% of White adult citizens.

Young Americans are least likely to have a driver’s license with their current name and/or address. Younger Americans overall are far less likely to have a driver’s license with their current name and/or address, with 41% of those between the ages of 18-24 and 38% between the ages of 25-29 indicating this…..

Almost half of Black Americans ages 18-29 do not have a driver’s license with their current name and/or address (47%), and 30% do not have a license at all.

The questionnaire and the initial analysis of the responses appear to have been designed primarily to assess the impact of requirement to have and show ID to vote, but they have obvious implications for demands for ID in other contexts, including ID to fly or to travel by other modes of common carrier.

There’s been a lot of attention paid to what percentage of current driver’s licenses are compliant with the REAL-ID Act,  for example, but much less attention paid to how many people don’t have any driver’s license or other government-issued ID credentials, or which IDs will satisfy current or proposed ID-verification criteria and procedures.

Our takeaway is that ID requirements are, and will remain, inherently unreliable, discriminatory, and illegitimate. Not everyone has ID, and not everyone’s ID will satisfy verification schemes that rely on inevitably inaccurate databases.

Jun 05 2024

Texas requires ID to visit some websites

The U.S. Supreme Court has been asked to reviewdecision by the 5th Circuit Court of Appeals upholding  a Texas law that requires all visitors to some websites to provide the site operator with evidence of their identity and age.

The Texas law applies to all visitors to any website “more than one-third of which is sexual material harmful to minors.” It doesn’t matter if you are an adult, none of the material on the site is obscene or illegal (“harmful to minors” doesn’t mean obscene or illegal for adults) , or you want to access portions of the site — perhaps the majority — that aren’t considered harmful to minors. You still have to identify yourself to the site operator by “digital identification,” “government-issued identification,” or “a commercially reasonable method that relies on public or private transactional data.”

The issue raised in the petition for certiorari (request for review by the Supreme Court) is the “standard of review” applicable to this law. That may seem like a technical issue, but it is likely to determine the outcome of this and many other cases.

In a long line of precedents from the Supreme Court, restrictions on the exercise of rights protected by the First Amendment have been subjected to what is called “strict scrutiny”. That means that, for such a law, regulation, or government practice to be upheld, the government must show that it is “narrowly tailored” to a legitimate government purpose, and that no less restrictive available alternative law or policy could fulfill that purpose.

In the case of the Texas ID-to-visit-websites law, two of the three judges of the 5th Circuit panel adopted a lower standard by finding that the state need only show that there is some “rational relationship” between the law and any legitimate government purpose, regardless of its collateral impact on adults, non-obscene content, or First Amendment rights. That creates a conflict with Supreme Court precedent and decisions in other Federal circuits.

Any precedent in this case could be applied to demands to provide ID as a prerequisite to the exercise of other rights protected by the First Amendment, not just freedom of speech and of the press.

To the extent that the freedom to travel is recognized — as we think it should be — as an aspect of the freedom to assemble, this precedent could be applied directly to ID requirements for travel, including travel by airline or other common carrier.

We hope the Supreme Court reviews and reverses this decision by the 5th Circuit.

May 06 2024

Facial recognition and “identity verification”

A new effort is being made by some Senators to restrict the use of facial recognition by the Transportation Security Administration (TSA), airlines, and airports in the US.

But the proposed cure may be worse than the disease. The latest version of the proposed legislation, while undoubtedly well intentioned, includes a provision that would, for the first time, provide a basis in Federal law for “identity verification” of airline passengers.

The problem with facial recognition is that it’s a tool for identifying people. Legalizing (unjustified and previously unlawful) demands for travelers to identify ourselves in other ways is not a solution to the problems of either facial recognition or ID demands.

S. 3361, the “Travel Privacy Protection Act of 2023”, was introduced in the Senate in November 2023, and remains pending. But standalone bills like this have very little chance of being considered, especially in the current Congress.

With Congress acting on only a few bills that are considered essential to keep the  government operating, other legislation is likely to be acted on only if it can be attached to one of these “must-pass” bills. So some of the sponsors of S. 3361 have incorporated provisions to restrict the use of facial recognition, plus new provisions for alternative means of “identity verification” of travelers, into an amendment to the pending  bill to authorize continued operations of the Federal Aviation Administration (FAA).

We assume that the new “identity verification” provisions in the proposed amendment to the FAA reauthorization bill were added to the previous version of the legislation to address objections from the TSA, the airline industry, and airport operators, all of whom have invested heavily in shared infrastructure for facial recognition at airports on the assumption that it has already been agreed to as a government and industry standard.

The proposed amendment to the FAA reauthorization bill would explicitly authorize the use of facial recognition at US airports, provided that the TSA “provides each protected individual, at the request of the protected individual, with the option to choose between identity verification with or without facial recognition or facial matching software.”

This would be a major change, since no provision of current law authorizes the TSA to operate, or to require travelers to submit to, any sort of ID verification.

Congress should not be intimidated by the threat of facial recognition into authorizing the TSA, airlines, or airport operators to  require travelers to identify ourselves.

A choice between submitting to facial recognition so that we can be identified, and showing documents so that we can be identified, is not a choice we should have to make.

Regardless of how we are identified, we know how our identity will be used by the TSA and its commercial and governmental partners in the US and around the world.

The TSA will check our identity against the million and a half mostly Muslim names on the TSA’s no-fly blacklist, use our identity as one of the inputs to the algorithmic black box they use to decide whether to send the airline a Boarding Press Printing Result (BPPR) that “permits” the airline to issue a boarding pass for each of our flights, and use it to link its record of our flight to the permanent file it keeps about each of us. None of this is lawful or serves any legitimate purpose. Congress should put a stop to all of this.

The TSA offers the misleading reassurance that unless we are determined to pose a threat, it won’t retain facial images and other information about our travel. But since the threat-assessment algorithms and outcomes are secret, there’s no way to know whether information about us and any particular flight we take has been retained.

Compelled warrantless, suspicionless ID requirements violate the Fourth and Fifth Amendments to the US Constitution and international treaties protecting the right to freedom of movement both internationally and within the US.

If Congress wants to rein in the TSA and its use of facial recognition, Congress can and should explicitly prohibit the TSA from requiring travelers to identify ourselves, regardless of whether that identity verification is conducted by inspection of ID documents, facial recognition, or other means. Unless our right to travel has been restricted by court order, who we are is irrelevant to our right to travel by common carrier.

Apr 23 2024

10th Circuit: Demand for ID requires suspicion of a crime

Narrowing the damage done by its 2015 ruling in the Identity Project case of Mocek v. Albuquerque, the 10th Circuit Court of Appeals has ruled that it is clearly established law that, even in a state such as New Mexico that requires individuals suspected of crimes to identify themselves to police on demand, a valid demand for ID must be predicated on “reasonable suspicion” that an individual has committed some other predicate crime.

The plaintiff in the latest 10th Circuit case, Albert Jerome Bustillos, is an independent journalist and YouTuber. He was wrongly arrested for video and audio recording from a public street outside an oil refinery in Artesia, NM, on September 11, 2018.

Like Mr. Mocek, who was falsely arrested for recording TSA checkpoint staff at the Albuquerque airport, Mr. Bustillos was wrongly charged under a New Mexico law that makes it a crime to “conceal” your identity if you are lawfully stopped by police.

The Supreme Court has — wrongly, we believe — upheld state laws that require individuals to identify themselves verbally by name to police, but only if police already have an objectively reasonable, articulable basis to suspect them of some specific crime.

We think these laws are facially unconstitutional because they violate the Fifth Amendment right to remain silent. If you aren’t lawfully detained by police on reasonable suspicion of having committed a crime, you can (and generally should) entirely ignore any questions from police. If you are suspected of a crime, that is all the more reason why you can (and generally should) assert your Fifth Amendment right to remain silent.

Not all states have “stop and identify” laws. California, among others, does not. Even in states that have such laws, they require only verbal self-identification. They do not require anyone to possess, carry, or show ID credentials or any other evidence of their identity.

All of this is, we think, clearly established Constitutional law. But courts more eager to protect police against accountability than to protect the rights of their victims have sometimes strained, after the fact, to come up with reasons that police might reasonably have suspected those they stop of crimes — even if in fact the police had no such suspicion.

Like Mr. Mocek, Mr. Bustillos was eventually found not guilty of all of the charges against him, and like Mr. Mocek he then sued the police for violating his civil rights.

Read More

Mar 25 2024

City ID and the right to travel

In recent overviews, we’ve discussed the barriers to getting a passport or state-issued driver’s license or ID card (especially in states that have chosen to participate in the national REAL-ID system and database) and the difficulties faced by travelers without ID.

Some cities, notably including New York and San Francisco, have attempted to mitigate the discrimination against their residents who are unable to get Federal or state ID by issuing municipal ID cards.

How useful are these city IDs for travelers without other ID? Do they solve the problem of demands by common carriers for ID to travel by bus, train, or plane?

The short answer is that these city ID cards succeed in mitigating the damage that results from demands for ID to travel, but they aren’t a real solution to the problem.

Here’s what happens if you want to travel with a city ID: Read More