Archive for the ‘Papers, Please’ Category

Congress votes to stigmatize and surveil the travel of second-class US citizens

Tuesday, February 2nd, 2016

Can second-class US citizens be required to carry second-class US passports with a conspicuous stigmatizing “scarlet letter” label? Congress has now said yes.

Do DHS pre-cogs have the omniscience and infallibility of angels at predicting and protecting the US and the world against future crimes? Congress has now said yes.

Yesterday Congress completed its approval of a bill which, assuming it is signed into law by the President, will stigmatize and surveil the international movements of certain US citizens by (1) requiring the State Department to mark their passports with a modern equivalent of an “A for Adulterer” or “J for Jew” (a “visual designation affixed to a conspicuous location on the passport indicating” their status), (2) requiring these individuals to notify the government, in advance, of any intended travel outside the US, including their complete itinerary and any details of their planned movements demanded by the Attorney General, and (3) creating a new pre-crime travel surveillance and policing agency within the DHS to track, log, and alert foreign governments to the intended movements of these travelers.

The bill, H.R. 515, obtained final approval yesterday in the House of Representatives by voice vote, with no real debate and only a handful of members present, under procedures allowing for suspension of normal Congressional rules. [The bill had already been approved by the Senate in December.] But in previous statements about the bill and its predecessors, which Congress has been considering for years, members of Congress have made clear their hope that the combined effect of stigmatized passports, deliberately burdensome reporting requirements, and advance notice to foreign governments from the US government (carrying with it an implicit message that the US wants those foreign governments to deny entry to these US citizens) will effectively prevent these US citizens from traveling abroad at all, and confine them within the borders of the USA.

In an astonishing Orwellianism — but one that perfectly describes the fallacy of the vision embodied in the law — Congress has named the new pre-crime travel policing unit within the DHS the “Angel Watch Center”, claiming for the DHS the omniscient and infallible divine predictive ability of angels to watch over us and protect us from the people they think, or “know” by means that mortals cannot question, are going to commit future crimes.


The REAL-ID Act and entry to Federal facilities

Friday, January 15th, 2016

Now that the DHS has postponed its self-imposed (and legally baseless) “deadline” for domestic air travelers to have ID that complies with the REAL-ID Act until at least 2020, the only threat left in the Federal arsenal to intimidate state governments into “compliance” with the REAL-ID Act any sooner than 2020 is the threat to bar residents of noncompliant states from access to some (but not most) Federal facilities, for some (but not most) purposes, in some (but not most) circumstances.

That was the subject of considerable discussion, and considerable confusion, at yesterday’s second meeting of the Minnesota Legislative Working Group on REAL-ID Compliance, which is trying to figure out how seriously to take this threat (short answer: not very) and whether it calls for immediate action (short answer: no).

What is the DHS really threatening to do? And how much effect will that have, or has it already had?

Like a typical extortionist, the DHS keeps its threats vague and changeable. In a response made public today to a disability-rights complaint that is already the subject of litigation, DHS officials declared that it is “not objectively reasonable” to take statements on at face value. That’s par for the course: The TSA has previosuly claimed that its own press statements are exempt from release in response to FOIA requests becuase it would “create public confusion” for the public to know the basis, if any, for those statements.

But what else can we do? In the absence of any laws or regulations requiring ID to fly or enter public buildings, and with the DHS having withheld most of its internal guidelines for building access from disclosure in response to our FOIA requests, all we have to go on are DHS rulemaking-by-press-release and reverse engineering of the secret DHS directives from anecdotal and observational evidence.  If the DHS doesn’t want us to reverse-engineeer its secret rules from what we see happening on the ground, it can get Congress to enact those rules into public law, or publish them in the Federal Register as regulations.

The DHS claims on its official website that its REAL-ID Act “rules” (i.e. secret internal directives) for entry to Federal facilities went into effect on October 15, 2015. So if the sky were going to fall, we’d know about it already.  It hasn’t. Reports of anyone being denied entry to a Federal facility have been rare.

As recently as November 22, 2015 — more than a month after the penultimate phase of REAL-ID Act enforcement had supposedly begun — the DHS public FAQ about the REAL-ID Act said that requirements for ID from compliant states would depend on the “Facility Security Level” (FSL) assigned to each facility:


All mention of these enforcement phases and this scheme of “Facility Security Levels” disappeared completely from this Web page sometime between November 22, 2015, and today. The DHS has since blocked the Internet Archive from its website, to avoid being questioned about unexplained changes like this.

Presumably, the DHS rescinded and tried to efface the memory of this security level sham because so few Federal facilities had actually been assigned an FSL that would have triggered REAL-ID Act compliance demands. When we filed FOIA requests for Federal facilities in the San Francisco Bay Area, we found that none of the the most conspicuous potential Federal terrorist targets and critical infrastructure facilities in our region had been assigned any FSL at all.

FSL assigmments were supposed to be the “security assessments” justifying ID demands. The ability of the DHS to wipe out this whole scheme by fiat, overnight, merely by revising a website and without any rulemaking or public explanation, exemplifies the fact that all of the supposed “deadlines” for REAL-ID Act compliance are equally arbitrary, discretionary, and changeable at the whim of the DHS or its master or mistress in the White House.

(The latest postponement of the “deadline” for compliant ID to fly to October 1, 2020 is particularly incredible. Whatever administration is in power on that date is not going to start barring residents of any state from flying, a month before the 2020 Presidential and Congressional elections. To do so would be electoral suicide. If the REAL-ID Act hasn’t been repealed or overtuened by the courts by then, you can count on the DHS postponing that “deadline” again.)


Bills to repeal the REAL-ID Act introduced in Congress

Wednesday, January 13th, 2016

Bills to repeal the REAL-ID Act of 2005 were introduced yesterday in both houses of Congress by the members of Montana’s Congressional and Senate delegation:

Sen. Daines: “Montanans have spoken loud and clear: we don’t want REAL ID and we don’t want the federal government infringing on our personal privacy. The Repeal ID Act ensures Montanans’ voices are heard and will help strike the right balance that protects our security while also safeguarding Montanans’ civil liberties.”

Sen. Tester: “REAL ID violates the constitutional freedoms of law-abiding Americans and has no place in Montana. I will continue my fight to protect Montanans from this costly overreach that invades privacy and forces local taxpayers to foot the bill.”

Rep. Zinke: “Rolling back these Washington mandates is important to ensure Montana’s state sovereignty. While maintaining security standards is important, we cannot allow the federal government to infringe on our right to privacy and strip Montana of our state sovereignty.”


DHS doubles down on its big lie about ID to fly

Friday, January 8th, 2016

Just days after posting an out-and-out lie on about whether states that want to comply with the REAL-ID Act have to give other states unconditional access to their drivers’ license and ID database (they do, contrary to what the DHS claims), the DHS has posted an equally blatant lie about whether domestic air travelers do or will have to show ID (they don’t and they won’t, contrary to what the DHS claims).

Today’s whopper is part of a press release attributed to Secretary of Homeland Security Jeh Johnson, announcing arbitrary dates for “enforcement” of alleged REAL-ID Act requirements. One might expect those dates and requirements to be spelled out in the U.S. Code or in regulations published in the Federal Register. But rulemaking by press release, Web posting, or Tweet has become the norm for the DHS as part of its enforcement of standardless, discretionary, and secret adminstrative “law”.

Today’s announcement by the DHS comes in the midst of a new round of vigorous debate by state officials as to whether to agree to comply with requirements of the REAL-ID Act that they continue to find objectionable — especially with respect to its mandate for a distributed but integated and nationally accessible ID database. It also comes almost simultaneously with the introduction in both houses of Congress of bills to repeal the REAL-ID Act.

The REAL-ID Act does not purport to create any legal obligation on states to comply. It can’t: The Federal government has no authority to compel the enactment of state legislation. If financial carrots in the form of Federal grants to fund REAL-ID Act implementation aren’t sufficient to win over states that stand up for their residents’ rights, the only stick the Federal government has available to induce those states to comply with the REAL-ID Act is the threat to harass, delay, or prevent residents of those states from traveling by air.

Today’s DHS press release and Tweet make that threat explicit.


The REAL-ID Act is about the database

Friday, January 8th, 2016

At yesterday’s first meeting of a new Minnesota “Legislative Working Group on REAL-ID Compliance“, state lawmakers’ concerns centered on (1) whether residents showing state-issued IDs will be prevented from boarding domestic flights, or harassed and delayed by the TSA, if the state doesn’t agree to “comply” with the REAL-Act Act to the satisfaction of the DHS, and (2) what compliance with the REAL-ID Act would mean for the state’s database of information about people with Minnesota drivers’ licenses or state ID cards.

The DHS has been trying to mislead state officials and the public about both these issues. Understanding both, and separating fact from DHS fiction and innuendo, is key to understanding the REAL-ID Act.

A report from a legislative analyst with the legislature’s research department distributed at yesterday’s meeting asserts that, “At some unspecified point in time (which could be in 2016), a REAL ID-compliant form of documentation will become required to fly in scheduled airline service.” But — oddly for a purported legislative analysis or research report — no authority is cited for this alleged legal “requirement”.

In fact, as we testified yesterday and as we have confirmed through more than a decade of litigation, research, and FOIA requests, this key claim — the threat being used by the DHS to induce reluctant states to accede to DHS requests for “compliance” — has no basis in any publicly-disclosed law or regulation.

People fly without ID every day, and the TSA has procedures for that, as we’ve heard them testify in court. People without ID may be (unlawfully) harassed and delayed at TSA checkpoints and airline check-in counters, but the TSA’s responses to our FOIA requests for its daily reports on how many people try to fly without ID show that almost all of these people are allowed to fly. And those few people who are prevented by the TSA from traveling by air, like the larger numbers who are harassed or delayed by the TSA merely because they don’t show ID or answer other questions, likely have cause for legal action against the TSA. They deserve the support of the states where they reside.

If you lose your wallet and find out the next day that your mother is dying 2,000 miles away, as happened to a friend of ours in St. Paul just before Christmas, you don’t have time to get your driver’s license replaced or take a bus across the country. You need to get on a plane right away, without ID. That’s what our friend did, and fortunately she got there in time. The TSA isn’t going to try to stop you from seeing your mother before she dies. That’s not a case the TSA wants to take to court, or would be likely to win.

But what’s this other question about the database?

To meet the requirements of the REAL-ID-Act, a state must “Provide electronic access to all other States to information contained in the motor vehicle database of the State,” including, “all data fields printed on drivers’ licenses and identification cards issued by the State.” In effect, this would allow state databases to function as part of a distributed but national ID database system.

The DHS has picked out only a subset of the statutory requirements in the REAL-ID Act to consider in deciding whether to exercise its statutorily standardless discretion to certify whether states are making progress toward compliance or to grant them discretionary waivers of “deadlines” which have been set by the DHS in its discretion, and can be and have been repeatedly postponed in the exercise of that same discretion.

The initial DHS-selected criteria don’t include the requirement in the law for nationwide access by state agencies to other states’ drivers’ license and ID databases. DHS undoubtedly knows that this is one of the most objectionable, and potentially one of the most difficult and costly to implement, of the elements of state “compliance” with the REAL-ID Act, and has tried to downplay or deny the plain language in the law requiring unrestricted interstate access to drivers’ license databases. Including full interstate database access in its “compliance” criteria also would probably compel DHS, if it was to be honest, to concede that no state has yet fully complied with the REAL-ID Act.

But state officials shouldn’t be fooled: A state that agrees to “comply” with the REAL-ID Act is agreeing to comply with all of its provisions, including the database access mandate, not just the less objectionable portions that the DHS has decided to focus on first.

Once a state agrees to comply, it no longer has any leverage to move Congress to change those requirements. The only power a state has to exert pressure for change in the REAL-ID Act requirements, or their repeal, is to withhold state agreement to comply until those requirements are amended to its satisfaction, repealed, or overturned by the courts as unconstitutional.


Minnesota Legislative Working Group on REAL-ID Act Compliance

Thursday, January 7th, 2016

We attended and testified at the first meeting of Minnesota’s “Legislative Working Group on REAL-ID Act Compliance” today in St. Paul. Like other states, Minnesota has been told (falsely) that it’s the only state that isn’t planning to “comply” with the Federal requests in the REAL-ID Act, and (also falsely) that Minnesota residents will be prevented from boarding domestic airline flights if the state doesn’t agree to “comply”.

You can watch the full meeting here (our testimony is at 1:37-1:40 of the video).

Here’s what we told Minnesota legislators (Download as PDF):


DHS posts new lies about the REAL-ID Act

Monday, January 4th, 2016

In response to a flurry of publicity kicked off by a story last week in the New York Times in which we were quoted, the DHS has posted several new or updated pages about the REAL-ID Act on its website, including a new page headed, “REAL ID and You: Rumor Control“.

Not surprisingly, the DHS is still lying about what the REAL-ID Act requires. According to the new “Rumor Control” page on

Rumor: The Department of Homeland Security is trying to build a national database with all of our information

Fact: REAL ID does not build a national database nor does it grant the Federal Government or another state access to a state’s driver’s license data. States and territories will continue to … maintain its own records, and determine who may access those records

This is a lie. The text of the REAL-ID Act, Title II, Section 202(d)(12), is clear and unambiguous:

(d) To meet the requirements of this section, a State shall adopt the following practices in the issuance of drivers’ licenses and identification cards:…

(12) Provide electronic access to all other States to information contained in the motor vehicle database of the State.

(13) Maintain a State motor vehicle database that contains, at a minimum —

(A) all data fields printed on drivers’ licenses and identification cards issued by the State; and
(B) motor vehicle drivers’ histories, including motor vehicle violations, suspensions, and points on licenses.

The REAL-ID Act won’t require you to show ID to fly. But unless the REAL-ID Act is repealed by Congress, it will require states to grant all other states access to drivers license and state ID data or risk having the DHS try to harass residents of those states that don’t participate.

As we’ve discussed previously, the main point of the REAL-ID Act is to intimidate or otherwise induce state governments into creating a distributed national ID databases, through which a single query roted through a national “hub” (operated by a private contractor, the AAMVA) will be able to retrieve data, including standardized digital photographs, from the drivers’ license and ID databases of all 50 states, the District of Columbia, and US territories (Puerto Rico, Guam, U.S. Virgin Islands, American Samoa, Northern Mariana Islands, etc.).

The DHS is lying about what the REAL-ID Act requires because it knows that the real point of the law is the distributed national database and its contents, and because most of the opposition to the law by individuals, civil liberties advocates, and state legislators and governors is based on opposition to this distributed but functionally integrated and national database.

Since the DHS has no authority to compel state governments to “comply” with the REAL-ID Act, the DHS is relying on threats — most of them empty. The latest official statements posted on send a clear message to state officials trying to decide what to do about the REAL-ID Act. That message is that the DHS lies about the REAL-ID Act.

If you want to know whether the REAL-ID Act (or any provision of Federal law or regulations) even purports to require anyone to show any ID to fly, read the law: It doesn’t.

If you want to know whether the REAL-ID Act would require states that want to “comply” to connect their state drivers’ license and ID databases to the national “hub” that gives all other states root access to that database, read the law: It does.

Don’t believe the DHS lies, and don’t take DHS threats at face value.

You don’t have to show any ID to fly

Monday, December 28th, 2015

We’re quoted in an article today in the New York Times about the Federal government’s efforts to use the threat of denial of air travel to scare state legislators into connecting their state drivers license and ID databases to the distributed national “REAL-ID” database through the REAL-ID “hub” operated by the American Association of Motor Vehicle Administrators (AAMVA).

We welcome the Times’ coverage of this issue. But some readers might be misled by the Times’ headline, “T.S.A. Moves Closer to Rejecting Some State Driver’s Licenses for Travel“.

As Edward Hasbrouck of the Identity Project, who was quoted in the New York Times story, discussed in detail in this presentation earlier this year at the Cato Institute in Washington, the most important thing you need to know about this issue is that you do not — and you will not, regardless of how or when the TSA “implements” the REAL-ID Act — need to show any ID to fly. People fly, legally, every day, without showing any ID, and that will continue to be the case. You have a legal right to fly, and the REAL-ID Act does not and cannot deprive you of that right.

The TSA often lies in its public statements, including on its website and on signs at airports, and claims that airline passengers “must” or are “required” to have and to show government-issued photo ID. Currently, the page on headed “Identification” begins with the knowingly false and deliberately misleading statement, “Adult passengers 18 and over must show valid identification at the airport checkpoint in order to travel.” But the consistent official position of the TSA in court has been that no law, no TSA regulation, and no policy or practice of the TSA — not even the secret TSA “Standard Operating Procedures” (SOPs) and other secret TSA orders to its checkpoint staff and contractors — requires anyone to show any ID to pass through TSA checkpoints and travel by air.


No Social Security number? No passport. Why?

Tuesday, December 15th, 2015

When we reported last week on the passport provisions in the new “Fixing America’s Surface Transportation Act”, we focused on the details of the rules for denial or revocation of US passports of citizens alleged to owe more than $50,000 in Federal taxes.

We should, perhaps, have put more emphasis on the other new basis we mentioned for the denial of a passport application: failure to provide a valid Social Security account number on the passport application form. This could affect more people than the linkage of passports to taxes.

While the shorthand title on our blog post referred to people who “don’t have” a Social Security number, the same fate could befall anyone who chooses not to disclose their Social Security number. The new law would authorize but not require the Secretary of State — at her standardless “discretion” — to deny any passport application that doesn’t contain a valid Social Security number.

There are probably more US citizens who don’t have a Social Security number than who owe more than $50,000 in taxes. And there are good reasons for even those citizens who do have a Social Security number not to want to disclose it to the State Department and to all the other government agencies (including the DHS) with which it shares passport data.

Federal law and IRS regulations already imposed a $500 civil penalty for applying for a passport without providing a Social Security number. This was a high price to pay for freedom from travel dataveillance based on Social Security number. But it wasn’t always enforced (more “discretion”), and it was not a basis for denial of a passport. Now it is.

Why would someone who has a Social security number not want to give it to the State Department? The answer is obvious once you reverse the question: Why does the State Department want to record the Social Security number of each passport holder? And how do the State Department, and the other agencies with which it shares this data, plan to use it?

There’s a separate legal requirement and required form, which includes the passport number, for reporting any international transportation of $10,000 or more in cash or “monetary instruments”, either as accompanied baggage or in an unaccompanied shipment. So the State Department doesn’t need Social Security numbers in passport files to know whether large sums of money are being taken in or out of the country by the holder of a particular passport.

The new law doesn’t just require that you show that you have a valid Social Security number before you can receive or renew your passport. You must provide your Social Security number to the State Department, so that it can be entered into the passport records database.

Nor is your Social Security number used only to check with the IRS whether you are suspected of owing back taxes. The principal routine users of this data outside the State Department are the DHS, “for border patrol, screening, and security purposes.” Screening is, of course, a euphemism for algorithmic profiling and profile-based search and control.

In other words, the real point of requiring each US passport applicant to supply their Social Security number is to enable all the financial records linked to that Social Security number to be combined with the travel records linked to the passport number in the DHS “Automated Targeting System” and included in the inputs to the pre-crime “black box” that decides whether to give airlines and other common carriers permission to transport each US citizen, and how intrusively to search and/or interrogate each US citizen who is allowed to travel.

DHS Automated Targeting System records include many identifiers and pointers that can be used to link them to other databases: timestamped IP addresses, cellphone numbers, passport numbers, credit card numbers, names of emergency contacts and traveling companions, etc. But they haven’t yet contained Social Security numbers, so far as we know. Now they will, or will be linked to a related database that does.

Government records indexed by Social Security number aren’t just tax records, but records of your worldwide assets and financial affairs. Records identified by Social Security Number (but not passport number, so they would otherwise be at least somewhat more difficult for DHS to use for this profiling), include not only US bank accounts but also foreign bank accounts (reported by Social Security number on the required annual FBAR form) and other foreign “financial assets” (a partially overlapping category) required to be reported each year on IRS Form 8938.

None of this has anything to do with citizenship, which should be the sole criterion of entitlement (not merely “eligibility” at the government’s “discretion”) to a US passport.

More pre-crime profiling of visitors to the US?

Friday, December 11th, 2015

President Obama’s televised speech last Sunday included a smorgasbord of proposals (and endorsements for proposals already made by members of Congress) for more control and surveillance of travel.

We’ll look first at the proposals for restrictions on travel by foreign visitors to the US, followed in our next post by some of those that would affect US citizens.

According to the President:

We should put in place stronger screening for those who come to America without a visa so that we can take a hard look at whether they’ve traveled to warzones. And we’re working with members of both parties in Congress to do exactly that.

What does “stronger screening” mean? And what’s a “warzone” [sic] when on the one hand there has been no declaration of war against anyone, anywhere, and on the other hand the government apparently believes that it has the authority to treat the entire planet as a battlefield on which to wage its “War on Terror”?

To understand what the President really means, let’s look at the proposed legislation. The President appears to have been referring to H.R.158, the so-called “Visa Waiver Program Improvement Act of 2015”, which passed the House this week and is pending in the Senate.

The “Visa Waiver Program” (VWP) is a scheme under which citizens of certain preferred countries are given US government permission through the “Electronic System for Travel Authorization” (ESTA) to board flights to the US — provided that they agree in advance that they when they arrive in the US, they can be denied admission for any or no reason, that they will not contest any denial of admission, and that they will bear their own costs of deportation if they aren’t admitted.

This isn’t based on reciprocity. Citizens of all other second-class countries must obtain paper visas, which require a much higher fee and an in-person interview at a US Embassy or Consulate, even for short visits as tourists or to change planes in the US in transit between e.g. Europe or Asia and Latin America.

Most of the countries that the US “allows” to participate in the VWP allow US citizens to enter as tourists, and sometimes for other purposes, without obtaining any permission or submitting any information to the destination government prior to their arrival.

An ESTA walks like a visa and quacks like a visa, except that it is issued electronically rather than stamped in a passport. To obtain an ESTA, a would-be foreign visitor must apply through a cumbersome CBP Web site, providing a variety of personal information to enable the application to be matched with the applicant’s “travel history” and other secret data in the CBP’s Automated Targeting System (the information required on the ESTA application was just increased last month) and pay a fee with a credit card so that the application can also be matched with any US government records about the applicant’s finances.

The travel industry reportedly wants the current euphemistic name of this program changed to the more Orwellian, “Secure Travel Partnership”, which gives a pretty accurate indication of the industry’s willingness to partner with governments in surveillance and control of travelers, as long as doing so doesn’t cost the industry money.

Any foreign citizen who “intends” to enter the US under the VWP is required to obtain an ESTA before CBP will give an airline permission to issue a boarding pass for a flight to the U S.

After operating the VWP/ESTA scheme for seven years under an “interim” rule, the DHS finalized the VWP/ESTA regulations and made them permanent earlier this year, dismissing our objections that the rules are unconstitutional, violate US obligations under international human rights treaties, and exceed the authority of CBP or the DHS.

How would any of this change if the bill endorsed by the President, H.R.158, becomes law?

Aside from reporting requirements, the only substantive change that would be made by the House bill would be to require that the secret pre-crime prediction algorithm incorporated into the ESTA approval/denial decision-making black box must consider “terrorism risk” in addition to, as is already required, “security risk”. We have no idea what this means. What sort of “terrorism risk” wouldn’t also constitute a “security risk”? But we can only assume that the proponents of this bill, including the President, want more secret rules added to the algorithm, to keep away even more visitors.

The White House has also talked about denying ESTA approvals and entry under the VWP on the basis of which other countries travelers have previously visited. A European citizen who has visited friends or family in Syria, for example, might find themselves barred from the US for the next five years unless they go through the drawn-out and expensive process of applying for a full US visa. A provision to this effect is part of both the Democratic (S. 2337) and Republican (S. 2362) versions of Visa Waiver Program bills pending in the Senate, but wasn’t included in the version approved by the House.