Papers, Please!

The Identity Project

Category Archives: Papers, Please

Jul 27 2010

US but not UK gives travel “permission” for Iroquois lacrosse team

The good news: In one of the first tests of US rules purporting to forbid US citizens from crossing US borders without first obtaining US passports (issued at the government’s apparently standardless discretion), the US Department of State issued “one-time waivers” authorizing the “Iroquois Nationals” lacrosse team to leave the US (and presumably to return, although that’s not entirely clear from news reports) without carrying US passports.

The dispute arose because some Iroquois, like other Native Americans, have for many years used passports issued by their own tribes or nations.  Whether those passports were “passports” within the meaning of US law was largely irrelevant as long as passports were merely a convenience, not a requirement, for international travel.  Lacrosse was an Iroquois invention (for an introduction to the sport, see John McPhee’s essay last year in the New Yorker, “Spin Right and Shoot Left”, included in his latest anthology, “Silk Parachute”), and travel on Iroquois passports was and is especially significant for the Iroquois Nationals team, who compete on behalf of their own nation in international lacrosse tournaments.

While it was framed as a dispute over the sovereignty of the iroquois Confederations and/or the validity of Iroquois-issued passports, the US appears to have seen it purely as a question of whether native Americans who are also US citizens may leave or return to the US without US passports.

At first, the US had threatened to prevent the team from boarding flights to the UK for the international lacrosse championships. But without admitting either the “validity” of Iroquois passports (i.e. not whether they are genuine but whether they satisfy US requirement for exit or entry permits), or the invalidity of the passport requirements for US citizens, the US effectively backed down by granting the team “waivers” and, more importantly, saying that they would not interfere with their departure from the US.

This continues the pattern we have sen to date: We have yet to hear of a case in which the US government has actually prevented a US citizen from leaving or returning to the country on the basis of their not having, or declining to carry or display, a US passport. In every incident that has been brought to our attention, the US government has eventually indicated its willingness to stand aside from interference with departure from or return to the country without passports — although travel has sometimes been frustrated in other ways, such as refusal to give airlines permission to transport them. Presumably, the US government realizes that preventing its own citizens form leaving or returning to the country would be such a flagrant violation of international human rights law as to lead to diplomatic complications, even if it would be difficult to challenge on those grounds in US courts.

The bad news: After finally obtaining “permission” to leave the US without US passports, the Iroquois Nationals lacrosse team was denied visas by the UK — not on the grounds that their passports were invalid, or weren’t issued by a sovereign entity, but on the grounds that their passports don’t contain ICAO-standard “security” features required by the UK for visitors from the US.  It is, again, unclear from news reports what absent “features” were at issue, but they might have included machine-readability (OCR or RFID) or other aspects of formatting or data content.

Jul 23 2010

“The government shouldn’t decide who can fly”

In one of the first statements in the mainstream media to (a) recognize that the essential feature of the TSA’s Secure Flight program is the requirement for domestic US air travelers to receive government permisison to fly and (b) oppose that requirement, The Chicago Tribune has published an op-ed column by Steve Chapman (also appearing in Reason) arguing that, “The government shouldn’t decide who can fly”:

Get rid of the no-fly list entirely. For that matter, get rid of the requirement that passengers provide government-approved identification just to go from one place to another.

Americans have a constitutionally protected right, recognized by the U.S. Supreme Court, to travel freely. They also have the right not to be subject to unreasonable searches and other government intrusions. But in the blind pursuit of safety, we have swallowed restrictions on travel and infringements on privacy we would never tolerate elsewhere….

If the federal government began requiring every citizen to provide identification for each trip in a car or ride on a bus, there would be a mass uprising. Somehow, though, Americans have come to see commercial air travel as a privilege to be dispensed by the government.

Jul 09 2010

Australian government expanding air travel surveillance

Closely following the bad example (controversial both in the US and Australia) of the USA, the government of Australia is moving toward increasing detailed and integrated ID-based surveillance and control of air travelers.

As of the first of this month, under the so-called Enhanced Passenger Assessment and Clearance (EPAC) systems, Australian authorities have real-time access to all passenger name record (PNR) data for all passengers on all international flights to Australia.  And an additional A$24.9 million is being spent by the government over the next two years, in addition to uncounted amounts that airlines and other travel companies will have to spend, to expand the amounts of data collected by airlines and passed on to government agencies as well as the automated profiling (“risk assessment”) conducted on the basis of this data.

The changes and the heightened surveillance and control of travelers to Australia come at the same time that the European Union is simultaneously renegotiating agreements with Australia and the USA for government access to PNR data related to flights to and from the EU.

The Sydney Morning Herald quotes  the president of the Australian Council for Civil Liberties, Terry O’Gorman, as saying that the scheme “increases the risk of a person wrongly being put on a no-fly list.”

Jul 09 2010

Social networks, identity services, and national ID

Most of the reporting on last month’s conference on Computers, Freedom and Privacy (where we joined a panel on current hot topics in privacy) has focused on the issuance of a Social Network User’s Bill of Rights. That’s testimony to the importance of Facebook, but the implications extend even to those who aren’t currently users of Facebook or similar services.

As Brad Templeton has described it, “Facebook [is] mak[ing] a play to be the main provider of what is sometimes called ‘identity’ services on the internet,” with greater domination (monopolization?) of that niche than any previous provider of “single sign-on” services — even Microsoft.  If a third party wants to offer an online service that depends on a unique identifier, and doesn’t want to put the speed bump of needing to remember a separate user name and password or other identifier in front of customers, the default today has become to offer that service as a Facebook app, on the assumption that most potential users are already signed in to Facebook.  You can opt out of Facebook, but that option is a cop-out, not least because then you can’t use any of the other services that, as Facebook apps, rely on Facebook for their user ID and authentication.

Inherent in using Facebook for authentication is that Facebook itself, as the ID services provider, is aware of each ID-verification or authentication event involving any Facebook app, just as a credit bureau has a record of each time a third party has verified your ID or credit using their service. Facebook has a duty to its shareholders to monetize this information, if it can figure out a way to do so, and a legal duty to hand it over to the government in response to a court order.

Worse — and the deeper reason for this blog post — government agencies are increasingly turning to commercial ID services, if not yet to Facebook, as outsourced ID verification services for the provision of government services and the exercise of citizens’ legal rights.

Already the TSA is using an (illegal, but still in operation after more than two full years) ID verification scheme under which would-be airline passengers who decline to display acceptable government-issued credentials are required to “verify” their identity by asking them questions about the information contained in the records about them maintained by Choicepoint or Acxiom.  And the latest issue of Privacy Journal reports that the Social Security Administration is considering a similar system using questions and answers based on the records of commercial data aggregators as a way to “authenticate” individuals for online management of their Social Security accounts.

In such a world, your “identity” is what these companies say it is. Where do these private companies think you lived, and with whom, in a certain year, for example? An identity thief who has gotten your files may be more likely than you are to to know the “correct” answer.  And each time such a commercial service is used to verify your ID for government purposes, the service provider has a record of the transaction to add to its dossier about you, and use for whatever purposes it chooses.

At present, our use of one set of credentials or identifiers to pass through TSA checkpoints (if we choose to provide them), our checking our record of Social Security contributions, and many other dealings with government agencies are tracked separately, using (at least sometimes) separate identifiers. But as we discussed with representatives of the NO2ID, drawing on the UK example, and others at CFP, the more dangerous part of a national ID scheme isn’t necessarily the single national ID card (if any) but the reliance on a single identifier for multiple purposes, and the resulting ease of compilation of a database of transactions and events which are all linked to that ID even when they are carried out by different government agencies or third parties.  That’s just as much of a danger whether the monopolistic ID services provider is a government Ministry of Identity or if it’s Facebook, Acxiom, or Choicepoint.

Jul 01 2010

Should the identities of petition signers be public?

We note with interest the recent decision in Doe v. Reed (No. 09-599), which marks the first time in a few years that the Supreme Court has directly (albeit somewhat uncertainly) addressed whether the government can permissibly require individuals to be publicly identified.  Leaving aside what the legal implications of the ruling may be, we think the case carries an important lesson about technology and identity policy.

The case concerned whether individual registered voters can sign petitions to place an initiative or referendum on the ballot without having their identities as signatories made public.

Since the right to vote without having it be made public for whom you have voted is considered fundamental to democracy, it might seem natural that you would be able to sign a petition to put Initiative I or Referendum R on the ballot without having it be a public record which such measure(s) you have endorsed.  But traditionally, the list of signatories for each individual ballot proposition has been considered a public record.

Why? The answer, we suspect, lies in the technological history.

Paper-based technologies have long made it possible to verify that each ballot is cast by a registered voter, and that only one ballot is cast by each voter, while making it impossible to identify, after the fact, which voter has cast any given ballot.  This isn’t rocket science. Even when you submit an absentee ballot by mail in a signed (outer) envelope, for purposes of verification of your entitlement to cast that ballot, the ballot itself is enclosed in a second, inner (anonymous) envelope.  Paper technology —  the envelopes — makes it easy to separate verification of eligibility to vote from identifiability of the individual ballots or votes with specific voters.

On paper, it’s harder to separate the validation of signatures and elimination of duplicates from the counting of signatures.  It could be done, through essentially the same techniques as are used for paper absentee ballots, but that would require a different system than the traditional petition with multiple signatures on each sheet.  There’s really no policy reason behind the public identification of signatories that we have come to take for granted as “natural”. Rather, the lack of any possibility for anonymous endorsement of petitions is a corollary of the technique and format in which signed endorsements for a petition are collected.

There’s a lesson here of wide applicability. Providing for anonymity requires effort.  It requires that the systems be designed to provide for the possibility of anonymity, and that authorization (Is this the signature of a unique registered voter?) be separated from identification (Which voters signed this particular petition?).  If that isn’t a design criterion from the start, it’s likely to be simpler to munge those functions together in ways that preclude anonymity.

Jun 30 2010

New lawsuit challenges no-fly orders

In a lawsuit filed today by the ACLU in Federal court in Oregon, Latif, et al. v. Holder, et al., ten U.S. citizens who have been refused permission to board flights to, from, or within the US, or have boarded flights to the U.S. only to have them turn back en route, are suing the Attorney General, the Director of the FBI, and the Director of the Terrorist Screening Center for denying their rights by ordering airlines not to transport them.

At least one of the plaintiffs even flew to Mexico, to avoid overflying the US, with the hope of returning to the US by land.  Instead, he was arrested by Mexican police (presumably at the behest of the U.S. government, and deported not to the country of his citizenship, the USA, but to Colombia, where he has only a temporary visa and can’t remain.  That should have prompted diplomatic protest by the US to Mexico for the improper deportation of a US citizen to a third country.  But presumably Mexico acted at the behest of the US, and there has been no sign of US objection.

So far as we know, this is only the second lawsuit to directly challenge the legality of no-fly orders, and the first on behalf of US citizens.  The previous case was brought by Rahinah Ibrahim, a Malaysian graduate student at Stanford University, after she was detained by San Francisco Airport police and prevented from flying home to her country in 2005. While her complaint remains pending against the individual police in U.S. District court for the Northern District of California, the cases against all of the Federal agencies and officials have been dismissed.

The latest case will test whether the Obama Administration still agrees with former Secretary of Homeland Security Chertoff that no-fly decisions should not be subject to judicial review.  [Update: From the latest statement by the Director of the National Counterterrorism Center, it appears that they may.] And it will be closely watched in Europe as well, where the Obama Administration has assured the European Union that adequate means of redress do exist in U.S. courts for individuals — including some of the plaintiffs in the latest case — denied permission to travel from the EU to the U.S. on the basis of passenger data transmitted to the DHS.

Jun 29 2010

State Dept. brushes off critics, raises passport fees

Yesterday the Department of State published an interim final rule putting its previously proposed increases in passport and visa fees into effect as of July 13, 2010.

The State Department admitted that more than 98% of the comments received from individual members of the public were opposed to the fees, as were comments from the travel industry and from the Identity Project and other consumer and civil liberties organizations.  But the State Department brushed off those objections (failing even to acknowledge our complaint that the rulemaking violated US international treaty obligations on freedom of movement, or our complaint and those of travel companies that it violated the Administrative Procedure Act) and finalized the proposed fee increases unchanged.  No consideration was given to their economic impact on self-employed or freelance business travelers, despite the requirement for such an assessment under the Regulatory Flexibility Act.

Unless the interim final rule is challenged in court (perhaps by travel companies, on APA grounds), fees for new or renewal passports and “passport cards” will all increase for applications received by the Passport Office on or after July 13, 2010.  The most extreme increase will be for adding blank visa pages to a current passport, currently a free service for which a new fee of $82 will be imposed.  If your passport might fill up before it expires, apply for new pages now.

Jun 29 2010

TSA has a new top cop

Following hasty hearings by the Senate Commerce, Science & Transportation and Homeland Security Committees, the Senate gave unamimous consent on Friday, without a recorded vote, to the nomination of John S. Pistole, the pistol-packing deputy director of the FBI and right-hand man to Robert Mueller in the FBI’s often extra-judicial “war” on terror, to be an Assistant Secretary of Homeland Security and the Administrator of the TSA.

The hearings (see the links above for archived webcasts) were a mix of praise for Pistole’s police “toughness” and criticism of the possibility that he might allow TSA employees to form a labor union.  “Should law enforcement officers be unionized?”, several Senators asked, apparently duped by their badges, uniforms, titles, and attitudes of presumed authority into thinking that at Transportation Security “Officers” and contractors are law enforcement officers, when in fact they are civilians without police powers (except for a handful of investigators like the ones the TSA sent to serve subpoenas on journalists who published leaked descriptions of some of their procedures).

Civil liberties were scarcely mentioned during the confirmation hearings and none of our suggested questions were asked. Nor was there any mention of Mr. Pistole’s lack of civilian experience.

The last thing the TSA needs, in our opinion, is more cop-think and an even more paramilitary attitude.  We’re hoping for the best, but we suspect that this appointment will make it even more important for US citizens’ and visitors to exercise our rights rather than relying on the TSA or Congress to recognize on their own initiative.

Jun 22 2010

TSA reaches out to the Identity Project

After years of having our complaints ignored, we were pleased to be invited by the TSA to participate in the ongoing “Multi-Cultural Coalition” organized by the Office of Traveler Specialized Screening and Outreach of the TSA Office of Civil Rights and Liberties, under the direction of the TSA Office of the Special Counselor.

In response to an invitation to submit questions and concerns for the agenda of today’s TSA outreach briefing with this coalition — our first such — we submitted the following questions.  We only got notice of the conference call and submitted our questions at the last minute, and didn’t expect these issues to be addressed on such short notice, but we were pleased to be able to put them on the table for TSA consideration, should the agency chose to respond:

  1. Now that the TSA is carrying out all fly/no-fly decision-making for domestic flights through Secure Flight, what is the procedure for obtaining judicial review of no-fly decisions? Or is it the TSA’s belief that no-fly decisions are not subject to judicial review? (We are particularly concerned, of course, about the situation and the means for judicial review of these decisions against US citizens trapped overseas and unable to return to the USA, or unable to leave the USA, because the DHS will not permit them to fly. The upcoming transition to Secure Flight for international flights means, we presume, that these decisions will shortly be transferred to the TSA. We would like to work this out with the TSA before this transition, so that after the transition travelers denied passage have clear information as to the procedures for judicial review.)
  2. Does the TSA have any plans to promulgate regulations defining what orders travelers are required to comply with from TSA employees or contractors, and/or what questions travelers are required to answer, as a condition of being given TSA permission to proceed through checkpoints or board flights? (The Identity Project has received no response, after more than 6 months, to our FOIA requests for the TSA’s standard operating procedures, and of course those procedures are not binding regulations.)
  3. In particular, does the TSA assert the authority to deny passage to travelers who remain silent in response to TSA or TSA-contractor interrogatories? What language would the TSA prefer travelers use (or would you prefer that they simply remain mute?) in order to most clearly and concisely invoke their right to remain silent in response to interrogatories by TSA employees or contractors?
  4. There have recently been problems with TSA employees and contractors calling local law enforcement officers and making complaints against travelers for exercising their rights to photograph and record their own interactions with TSA employees and contractors, and/or for exercising their right to remain silent in response to TSA or contractor interrogatories. Has the TSA conducted any training or issued any guidance to screeners regarding travelers’ rights to remain silent and/or to record and photograph their interactions with TSA employees and contractors (just as the TSA, airport operators, and/or law enforcement agencies and officers record and/or photograph those interactions)? If so, will the TSA make that guidance public, so that travelers who wish to exercise these rights would be able to carry copies of this TSA guidance to show to TSA employees, contractors, and/or local law enforcement officers?
  5. Has the TSA and/or DHS designated a point of contact and procedures for complaints of violations of human rights treaties, including the International Covenant on Civil and Political Rights, in accordance with Executive Order 13107 on implementation of human rights treaties? If not, when does the TSA and/or DHS expect to do so? Will pending complaints need to be re-submitted once this designation is made? (The complaints of the Identity Project that TSA regulations and procedures violate the ICCPR have been pending without response since 2007 in the case of Secure Fight, and since 2009 in the case of the TSA’s practices of secondary screening on the basis of nationality, in addition to our similar unanswered complaints against other DHS components on closely-related issues.)
  6. The TSA changed its office locations without promulgating new Privacy Act SORN’s or FOIA notices, so that none of the addresses of record in the most recent Federal Register notices or the CFR are valid. As a consequence, none of the TSA’s current SORN’s or FOIA notices are valid, and the knowing operation of each TSA system of records, without a valid SORN with a valid current address having been published in the Federal Register, is a criminal violation of the Privacy Act. What action, if any, is the TSA taking to promulgate valid SORN’s and a valid FOIA notice, to discipline those responsible for the current violations of FOIA and the Privacy Act, and/or to alert those who have sent FOIA or Privacy Act requests into the black hole of the current addresses of record that their requests have not been received, and will need to be re-submitted? What is the proper point of contact for complaints of these violations?
  7. In general, what is the proper point of contact in the TSA and/or DHS for complaints of criminal violations of the Privacy Act, e.g. knowing operation of systems of records by TSA without having promulgated a valid SORN? (The Identity Project has never received any response to any of our complaints, filed in TSA and other DHS component regulatory dockets, of criminal violations of the Privacy Act by TSA or other DHS components.)
  8. 42 USC 2000aa prohibits search or seizure of media, journalism, or other public communications work product materials in the absence of specified conditions (probable cause, etc.). We have received several reports of, and have ourselves experienced, search and seizure of such materials by TSA and its contractors. Has the TSA given any training or produced any guidance to TSA employees and contractors regarding 42 USC 2000aa? If so, will that guidance be made public, so that it can be carried and shown at checkpoints by journalists and others carrying work product materials protected from search and seizure? What procedure would the TSA recommend to people carrying such materials, as a way to alert TSA employees and contractors that certain material is exempt from search or seizure under this statute, and to invoke its protections?

In the course of today’s conference call, the TSA asked for suggestions to improve the signs at TSA checkpoints where virtual strip-search machines (Advanced Imaging Technology (AIT), previously “Whole-Body Imaging” (WBI) in the latest TSA-speak) are being used.  We suggested that the signs should include whole-body images at the same size, scale, and resolution as the displays used by the operators of the machines, when the display is zoomed in on a portion of the body to its maximum magnification.  “That’s new information to me” that the current signs don’t do that, said TSA Special Counselor Kimberly Walton. “We’ll have to look into that. I will take that under advisement.”