Papers, Please – Page 18 – Papers, Please!

Sep 18 2014

LA police lie about whether you have to show them ID

Last week a Los Angeles police officer detained the movie actress Danielle Watts and told her, “I have every right to ask for you ID…. You do not have a right to say ‘No’…. Somebody called, which gives me the right to be here, so it gives me the right to identify you by law.”

In the aftermath, the Los Angeles Police Protective League (LAPPL) has posted a false and misleading so-called “public service announcement” on the subject of Providing ID To Police Officers.

What happened to Ms. Watts, and what is our reading of the case law on these issues?

Aug 27 2014

“I don’t want a unitary, unfakeable identity.”

Dan Geer’s keynote speech at the Blackhat security conference earlier this month (video, transcript) included an important discussion of the often-misunderstood “right to be forgotten” and the larger context of why it matters: the threat posed by compelled identification, and how we can defend ourselves against that threat:

Privacy used to be proportional to that which it is impossible to observe or that which can be observed but not identified. No more — what is today observable and identifiable kills both privacy as impossible-to-observe and privacy as impossible-to-identify, so what might be an alternative? If you are an optimist or an apparatchik, then your answer will tend toward rules of data procedure administered by a government you trust or control. If you are a pessimist or a hacker/maker, then your answer will tend towards the operational, and your definition of a state of privacy will be my definition: the effective capacity to misrepresent yourself…

The Obama administration’s issuance of a National Strategy for Trusted Identities in Cyberspace [NSTIC] is a case in point; it “calls for the development of interoperable technology standards and policies — an ‘Identity Ecosystem’ — where individuals, organizations, and underlying infrastructure — such as routers and servers — can be authoritatively authenticated.” If you can trust a digital identity, that is because it can’t be faked…. Is having a non-fake-able digital identity for government services worth the registration of your remaining secrets with that government? Is there any real difference between a system that permits easy, secure, identity-based services and a surveillance system? Do you trust those who hold surveillance data on you over the long haul, by which I mean the indefinite retention of transactional data between government services and you, the individual required to proffer a non-fake-able identity to engage in those transactions? Assuming this spreads well beyond the public sector, which is its designers’ intent, do you want this everywhere?…

I conclude that a unitary, unfakeable digital identity is no bargain and that I don’t want one. I want to choose whether to misrepresent myself. I may rarely use that, but it is my right to do so. If that right vanishes into the panopticon, I have lost something and, in my view, gained next to nothing. In that regard, and acknowledging that it is a baby step, I conclude that the EU’s “Right to be Forgotten” is both appropriate and advantageous though it does not go far enough. Being forgotten is consistent with moving to a new town to start over, to changing your name, to a definition of privacy that turns on whether you do or do not retain the effective capacity to misrepresent yourself…. A right to be forgotten is the only check on the tidal wave of observability that a ubiquitous sensor fabric is birthing now, observability that changes the very quality of what “in public” means….

There’s more: video, transcript.

Mr. Geer’s comments help answer one of the questions we are most frequently asked: What’s Wrong With Showing ID?

Aug 19 2014

Sai v. TSA: A case study in TSA secrecy

Time and time again, the TSA has acted as though its middle name was “secrecy” rather than “security”.

Case in point: Sai v. TSA.

There’s a lot at issue in this case, but here are some of the problems with the TSA that it has exposed:

Sai poses no threat to aviation security. He has an unusual but recognized medical condition, attested to by documentation from his doctor that he carries when he travels, for which he needs ready access to liquids. The TSA is required by law to accommodate such medical disabilities, as it easily could. TSA press releases claim that travelers are allowed to bring medically necessary liquids through TSA checkponts in any quantity.

But TSA employees at airport checkpoints at Logan Airport in Boston and the TSA contractors who staff the checkpoints at San Francisco International Airport have, among other improper actions, seized Sai’s medical liquids, denied him access to his medical liquids while detaining him, and refused to allow him to pass through checkpoints or travel by air unless he abandoned his medical liquids.

While detaining Sai, TSA employees and contractors have conducted searches unrelated to weapons or explosives (but directly related to activities protected by the First Amendment), including reading through and copying documents Sai was carrying.

The TSA has never tried to claim that any of these actions were justified by “security” concerns. Instead, the TSA has responded to Sai’s requests for information, administrative complaints, and eventual federal lawsuit solely on the basis of secrecy, when it has responded at all, arguing that it isn’t required to divulge anything about what it has done, why, or whether it is justified.

The TSA claims to practice “layered security,” but Sai’s saga shows how the TSA actually practices “layered secrecy” to shield its activities from public and judicial accountability.

Aug 13 2014

Another brick in the (falling) REAL-ID wall

July 21, 2014 marked “Phase 2” of implementation of the REAL-ID Act.

What does this mean, and does it matter?

As of July 21, drivers’ licenses and other state ID credentials issued by US states or territories that haven’t been certified by the DHS to comply with the REAL-ID Act cannot be accepted by Federal agencies for access to ID-controlled “restricted” areas of Federal facilities (“i.e., areas accessible by agency personnel, contractors, and their guests”).

Because Federal agencies typically issue their own ID credentials to their own employees and regular contractors, this will mostly affect occasional visitors to Federal facilities. NASA, for example, which has facilities in states that have not been certified by DHS as sufficiently compliant, has issued this advice to would-be visitors:

Effective July 21, 2014, the implementation of Phase II of the Real-ID Act (2005) restricts the use of state ID from non-compliant states (including New York) as an acceptable form of identification for federal facilities (including NASA GISS). If you are intending to visit GISS and only have a standard drivers license from a non-compliant state, please ensure that you have a second form of ID (passport, military ID, etc.) to avoid unnecessary complications.

It isn’t clear from this notice, or others we’ve seen, what these “unnecessary complications” will amount to. Visitors with ID credentials from non-compliant states will, presumably, be treated as visitors without “valid” state ID credentials, but that begs the questions of whether or on what basis they will be allowed entry after additional scrutiny or some form of alternate ID verification, allowed entry but only if escorted by staff and not allowed unescorted, or denied entry entirely.

In its eseence, the REAL-ID Act was intended to mandate the creation of a distributed national identity card system. The key “compliance” requirement for states and territories is participation in a linked, distributed database of ID-card and biometric information about all ID cardholders nationwide.

The intent of the Federal law is to force states to particpate in (and absorb the cost of) this scheme, sparing the Feds the costs and hassle of issuing national ID cards and providing (implausible) deniability as to whether it’s a “national ID” at all: “See, it’s not a ‘national’ ID card. It’s still issued by your state.”

But since the Feds probably don’t have jurisdiction over state issuance of drivers’ licenses or state ID cards, the REAL-ID Act relies on threats, rather than direct orders, to extort compliance by states resistant to registering their citizens and residents in a national ID database.

Jul 28 2014

US government’s witchhunting manual made public

The Intercept has published the March 2013 edition of the US government’s Watchlisting Guidance. This 166-page document, previously kept secret as Sensitive Security Information (SSI), provides standardized but not legally binding “guidance” to Federal executive agencies as to how, on what basis, and by whom entries are to be added to or removed from terrorism-related government “watchlists”, and what those agencies are supposed to do when they “encounter” (virtually or in the flesh) people who appear to match entries on those lists.

The Intercept didn’t say how it obtained the document.

The “Watchlisting Guidance” is the playbook for the American Stasi, the internal operations manual for a secret political police force. As such, it warrants careful and critical scrutiny.

Most of the initial reporting and commentary about the “Watchlisting Guidance” has focused on the substantive criteria for adding individuals and groups to terrorism watchlists. Entire categories of people can be added to watchlists without any basis for individualized suspicion, as discussed in Section 1.59 on page 26 of the PDF.

These criticisms of the watchlisting criteria are well-founded. But we think that there are at least as fundamental problems with what this document shows about the watchlisting procedures and the watchlist system as a whole.

Jun 01 2014

The rights of migrants, refugees, and asylum seekers

At the invitation of the U.N. Office of the High Commissioner for Human Rights (OHCHR), we’ve submitted the following recommendations concerning the right to freedom of movement as it relates to migrants, refugees, and asylum seekers at ports, airports, borders, and checkpoints:

As an NGO primarily concerned with the right to freedom of movement, the Identity Project (PapersPlease.org) welcomes the invitation and opportunity to provide this information to the Office of the High Commissioner for Human Rights, for your use in preparing your report to the General Assembly concerning the human rights of migrants while in transit, including in ports and airports and at borders and checkpoints.

We are pleased that Resolution A/RES/68/179, as adopted by the General Assembly on 18 December 2013, “Reaffirm[s] that everyone has the right to freedom of movement and residence within the borders of each State and the right to leave any country, including his or her own, and to return to his or her country,” in accordance with Article 12 of the International Covenant on Civil and Political Rights (ICCPR).

Unfortunately, that right, and in particular the right to leave any country, is routinely and systematically violated. These violations have especially grave consequences for asylum seekers who are prevented from fleeing countries where they are experiencing, are at risk of, and/or have a well-founded fear of persecution.

Airlines routinely prevent refugees and asylum seekers from boarding flights on which they seek to depart from countries where they are being persecuted. In many of these cases, these refugees and asylum seekers would be eligible for admission and asylum on arrival in other countries, if they were allowed to travel to places of refuge.

Read More →

May 23 2014

TSA includes all air travelers in pre-crime profiling

Since late last year, we’ve gotten several inquires from readers wondering why they got a boarding pass marked “TSA Pre-Check” or were sent through the “Pre-Check” lane at a TSA checkpoint even though they hadn’t participated in the “TSA Pre-Check Application Program”.

The confusion stems from the TSA’s own misleading publicity about the program, which tries to persuade travelers “voluntarily” to provide additional information to be used by the TSA, in exchange for the hope of being subjected to slightly less intrusive searches at TSA checkpoints.

The logical (but wrong) inferences are that TSA Pre-Check is a members-only program, and that the Pre-Check lane at a TSA checkpoint is only for those travelers who have “applied” and been “accepted” into the program.

There are actually three distinct components to “TSA Pre-Check” as a pre-crime scheme:

“Voluntary” submission and collection of additional personal information about those travelers who chose to participate in the TSA Pre-Check Application Program.
Pre-crime profiling of all travelers and determination of a “risk assessment” score for each traveler, based on all information available to the TSA including the information, if any, submitted through the TSA Pre-Check Application Program.
Graduated treatment of travelers at TSA checkpoints, including searches of varied intrusiveness and potential total denial of passage, on the basis of these risk assessments and other secret algorithms.

Only the application component of the program — the submission of additional personal information by travelers to the TSA — is voluntary. The TSA obtains information from various sources about all travelers. All travelers are profiled. All travelers are assigned risk assessment (pre-crime) scores based on whatever information is available to the TSA. All travelers are subjected to a more or less intrusive search, and may or may not be allowed to pass through the checkpoint, on the basis of these scores and other secret factors.

Some travelers who are assigned sufficiently low risk assessment scores and meet other secret criteria are directed to the “Pre-Check” lane and subjected to slightly less intrusive searches, regardless of whether they participated in the TSA Pre-Check Application Program. The TSA calls this process “managed inclusion” in TSA Pre-Check.

A traveler whose risk assessment score is low enough, and who meets the other secret criteria (again, regardless of whether they participated in the TSA Pre-Check Application Program) can be selected for less intrusive search when she applies for a boarding pass. The TSA’s assignment of such a traveler to the Pre-Check lane is sent to the airline with, or as part of, the permission message or Boarding Pass Printing Result (BPPR) for that traveler sent to the airline by the TSA.

The TSA’s Pre-Check designation is printed on the boarding pass and included in a 2D bar code in IATA-standard format. “For flights originating in the USA, the digital signing of barcodes and the management of security certificates and key pairs is required by the TSA.”

The TSA also assigns some travelers to Pre-Check lanes on the spot at its checkpoints, using secret criteria and techniques including a randomizer app (like the magical Sorting Hat at Hogwarts) to determine how intrusively to search each person.

Through this process, the TSA chooses one of four basic levels of search and seizure for each traveler:

“TSA Pre-Check” (slightly less intrusive search)
“Standard screening” (including virtual strip-search or manual groping)
“Secondary screening” (more intrusive search including more thorough groping)
“No-fly” (denial of the right to travel by common carrier, possibly accompanied by other adverse actions)

There are refinements within these basic categories. In a document filed with the court following the trial of Dr. Rahinah Ibrahim’s lawsuit challenging her placement on the no-fly list, the government disclosed that that each entry in the Terrorist Screening Database (which includes the no-fly list and the list of “selectees” for secondary screening) includes a “handling code” indicating what airline and checkpoint personnel should do if that person attempts to check in for a flight or pass though a TSA checkpoint.

We don’t know how many handling codes there are. But according to the government’s court filing:

[FBI Agent] Kelley designated Dr. Ibrahim as “handling code 3.” … [T]he majority of individuals in the TSDB were assigned handling codes 3 or 4…. Defendants state that the advantages of Handling Code 3 include allowing law enforcement officers to ask the individual probing but non-alerting questions, and searching the individual’s passport [REDACTED].”

Presumably, other handling codes include those that tell airline or checkpoint personnel to attempt to detain the traveler and contact local law enforcement agencies, the FBI, or the Terrorist Screening Center.

You can’t “opt out” of pre-crime profiling by choosing not to participate in the TSA Pre-Check Application Program. You will be profiled, on a per-flight basis, every time you try to fly.

“Anything you say may be used against you,” although the TSA doesn’t say this on the TSA Pre-Check application forms. If you participate in the Pre-Check Application Program, the additional information you provide will be added to the other inputs to the TSA’s black box. It might result in the TSA assigning you a lower risk score, and subjecting you to a less intrusive search. Or it might result in the TSA assigning you a higher score, and searching you more intrusively or preventing you from traveling by air.

May 22 2014

Albuquerque Journal investigates DHS “Mission Creep”

For many years after 9/11, the Department of Homeland Security got a “free pass” from most mainstream media. This has been especially true of the largely unreported negative impact of the DHS and the homeland security industrial complex at the state and local level.

We’re pleased to call the attention of our readers to one of the most notable exceptions to date: a recent series of articles by Michael Coleman, Washington correspondent for the Albuquerque Journal, on what the DHS and its contractors and state and local accomplices are actually doing “on the ground” in New Mexico:

Homeland Security a ‘runaway train’ (April 27, 2014)
NM footprint grows: ‘We’ve up-armored’ (April 28, 2014)
Feds help militarize police agencies (April 29, 2014)
Editorial: Homeland’s ‘mission creep’ works on 3 levels (May 4, 2014)
Follow-up: New DHS head says agency needs change (May 4, 2014)

We’ve been paying particular attention to events in Albuquerque, of course, as part of our work with Phil Mocek, whose lawsuit against DHS and Albuquerque police personnel is currently on appeal from the US District Court for the District of New Mexico to the Court of Appeals for the 10th Circuit.

But we suspect that what the Albuquerque Journal uncovered in New Mexico is a typical case study that could usefully be repeated in any other state or metropolitan area. We hope that national and other local journalists are inspired by this example to look into DHS activities throughout the country.

Apr 19 2014

Lawyers for Dr. Ibrahim say government acted in bad faith in “no-fly” case

Did government lawyers lie to the judge and the plaintiff in the first “no-fly” case to go to trial?

As first noted yesterday by the Courthouse News Service, lawyers for Dr. Rahinah Ibrahim have renewed their allegation that the government acted in “bad faith” before, during, and after the trial.

Since the government chose not to appeal the decision by District Judge William Alsup, the only remaining issues are:

Whether the government defendants should be required to pay Dr. Ibrahim’s legal fees and costs.
Whether the government has complied with Judge Alsup’s judgment and order, which requires the government to (a) inform Dr. Ibrahim of her status on the no-fly list and (b) expunge, correct, and prevent andy future adverse consequences for Dr. Ibrahim form the FBI agent’s mistake in checking the wrong box on a form to put her on the “no-fly” list despite the fact that she posed and poses no threat.

This week, as we noted earlier, Judge Alsup ruled that, because many of the government’s legal arguments and tactics were “unreasonable”, the government must pay some but not all of Dr. Ibrahim’s legal fees and costs. But Judge Alsup also found that the government has not acted in “bad faith”, and therefore that Dr. Ibrahim’s lawyers were entitled only to government-standard rates that are a fraction of their usual rates.

The next day, the government submitted a set of declarations purporting to show that the defendants have complied with Judge Alsup’s orders.

The day after that, Dr. Ibrahim’s lawyers filed a motion for reconsideration of Judge Alsup’s decision with respect to legal fees and costs, on the basis of the government’s new declarations as new evidence of government “bad faith” justifying assessment of legal fees at full market rates.

The new declarations show that Dr. Ibrahim was on many watchlists, blacklists, and databases that the government previously failed to disclose, even in response to Judge Alsup’s previous orders granting motions to compel responses to an interrogatory to “identify any other lists or government databases into which plaintiff’s name has been placed.”

The new declarations show that, despite a letter sent to Dr. Ibrahim that “Where it has been determined that a correction to records is warranted, these records have been modified,” this had not in fact been done.

And the new declarations reveal that the government denied Dr. Ibrahim’s latest visa application, purportedly on the basis of a threat of terrorism, despite having admitted in court that it does not in fact believe that she poses any such threat, and despite Judge Alsup having found it uncontested that she poses no such threat.

There’s also more in the motion for reconsideration about the injustice and bad faith implicit in the newly-revealed but still classified and “state secret” (“state secret” like the fact that the FBI agent had checked the wrong box on the form was a “state secret”) exception to the non-binding “standards” for no-fly decisions that the government claims allows it to put people on the no-fly list and deny their right to travel even if it admits there is no reasonable basis to suspect them of anything illegal.

Apr 16 2014

Decision in first “no-fly” trial finally unsealed

The complete unredacted decision in favor of Dr.. Rahinah Ibrahim issued by U.S. District Judge William Alsup in January, following the first trial in any case challenging a US government “no-fly” order, was finally made public today by order of the court. (Unredacted version as unsealed; version with previously redacted portions highlighted.) The deadline for any appeal has passed, and this order is now final.

Despite the government’s claims that the redactions were of vital “state secrets”, the formerly-redacted portions of the decision, and the declarations filed yesterday by the government, shed relatively little new light on what happened to Dr. Ibrahim and her family. They do, however, contain a previously-redacted chronicle of her having been placed on and off various “watchlists” (de facto blacklists) while her lawsuit was pending, and of a previously unmentioned exception to the nonbinding “standards” for watchlisting:

45. To repeat, government counsel have conceded at trial and this order finds that Dr. Ibrahim is not a threat to the national security of the United States. She does not pose (and has not posed) a threat of committing an act of international or domestic terrorism with respect to an aircraft, a threat to airline passenger or civil aviation security, or a threat of domestic terrorism.

46. In March 2005, Dr. Ibrahim filed a Passenger Identity Verification Form (PIVF) (TX 76). [This was a predecessor to the DHS-TRIP form.]

47. In December 2005, Dr. Ibrahim was removed from the selectee list. Around this time, however, she was added to TACTICS (used by Australia) and TUSCAN (used by Canada). No reason was provided for this at trial.

48. On January 27, 2006, this action was filed.

49. In a form dated February 10, 2006, an unidentified government agent requested that Dr. Ibrahim be “Remove[d] From ALL Watchlisting Supported Systems (For terrorist subjects: due to closure of case AND no nexus to terrorism)” (TX 10). For the question “Is the individual qualified for placement on the no fly list,” the “No” box was checked. For the question, “If no, is the individual qualified for placement on the selectee list,” the “No” box was checked.

50. In 2006, the government determined that Dr. Ibrahim did not meet the reasonable suspicion standard. On September 18, 2006, Dr. Ibrahim was removed from the TSDB. The trial record, however, does not show whether she was removed from all of the customer watchlists subscribing to the TSDB.

51. In a letter dated March 1, 2006, the TSA responded to Dr. Ibrahim’s PIVF submission… The response did not indicate Dr. Ibrahim’s status with respect to the TSDB and no-fly and selectee lists.

52. One year later, on March 2, 2007, Dr. Ibrahim was placed back in the TSDB. The trial record does not show why or which customer watchlists were to be notified.

53. Two months later, however, on May 30, 2007, Dr. Ibrahim was again removed from the TSDB. The trial record does not show the extent to which Dr. Ibrahim’s name was then removed from the customer watchlists, nor the reason for the removal.

54. Dr. Ibrahim did not apply for a new visa from 2005 to 2009. In 2009, however, she applied for a visa to attend proceedings in this action. On September 29, 2009, Dr. Ibrahim was interviewed at the American Embassy in Kuala Lumpur for her visa application.

55. On October 20, 2009, Dr. Ibrahim was nominated to the TSDB pursuant to a secret exception to the reasonable suspicion standard. The nature of the exception and the reasons for the nomination are claimed to be state secrets. In Dr. Ibrahim’s circumstance, the effect of the nomination was that Dr. Ibrahim’s information was exported solely to the Department of State’s CLASS database and the United States Customs and Border Patrol’s TECS database.

56. From October 2009 to present, Dr. Ibrahim has been included in the TSDB, CLASS, and TECS. She has been off the no-fly and selectee lists….

60. On December 14, 2009, Dr. Ibrahim’s visa application was denied….

64. The TSC has determined that Dr. Ibrahim does not currently meet the reasonable suspicion standard for inclusion in the TSDB. She, however, remains in the TSDB pursuant to a classified and secret exception to the reasonable suspicion standard. Again, both the reasonable suspicion standard and the secret exception are self-imposed processes and procedures within the Executive Branch.

65. In September 2013, Dr. Ibrahim submitted a visa application so that she could attend the trial on this matter…. Trial in this action began on December 2 and ended on December 6. As of December 6, Dr. Ibrahim had not received a response to her visa application. At trial, however, government counsel stated verbally that the visa had been denied. Plaintiff’s counsel said that they had not been so aware and that Dr. Ibrahim had not been so notified….

70. Since 2005, Dr. Ibrahim has never been permitted to enter the United States.

The other most significant remaining questions concern Dr. Ibrahim’s daughter, Ms. Raihan Mustafa Kamal, who was born in the US and is a US citizen, but was prevented from flying to the US to observe and testify at her mother’s trial. (Previous reporting about Ms. Mustafa Kamal here, here, and here.)

According to a section of Judge Alsup’s decision (pp. 24-25) about Ms. Mustafa Kamal that was previously redacted in its entirety:

On December 1 [2013], the National Targeting Center (“NTC”) within the Department of Homeland Security began vetting passengers for the Philippine Airlines flight. NTC officers determined that Ms. Kamal was matched to a record that was listed in the TSDB in a category which notifies the Department of State and Department of Homeland Security that other government agencies may be in possession of substantive “derogatory” information about the individual that may be relevant to an admissibility determination under the Immigration and Nationality Act. United States citizens, of course, are not subject to the admissibility provisions of the Immigration and Nationality Act….

On December 2, Ms. Kamal’s records were updated in the TSDB to reflect that she was a United States citizen. The request for additional screening was rescinded and it was requested that Ms. Kamal be allowed to board without delay.

Since Ms, Mustafa Kamal was not a party to her mother’s case (although the government had been notified that she was a potential witness), the issues related to her were not pursued or resolved in that case.

So we still don’t know what “derogatory” information would be relevant to the “admissibility” to the US of a US citizen, or why DHS is keeping records of such information or “watchlisting” such individuals.

Also today, Judge Alsup ruled that the government must pay some, but not all, of Dr. Ibrahim’s legal fees and costs. The exact amount remains to be determined by a special master. Judge Alsup found that the government had been “unreasonable” in many of its actions and arguments, but had not been shown to have acted in bad faith.

As we’ve previously reported, other no-fly cases are moving forward, with that of Gulet Mohamed (currently in the early stages of discovery in Disctrict Court on remand following denial by the 4th Circuit Court of Appeals of the government’s motions to dismiss) likely next in line for trial.

Papers, Please!

The Identity Project