Papers, Please!

The Identity Project

Category Archives: Papers, Please

Oct 01 2009

Do you need government ID to observe Federal government meetings?

With the public paying more attention ot Federal financial policy, more people might be interested in watching government meetings like those of the Federal Reserve Board.

But what if you don’t have  government-issued identity credentials, or don’t chose to show them? Are you still entitles to observe your tax dollars at work?

We recently came across this 2002 opinion from Office of Legal Counsel of the Department of Justice, advising the the Federal Reserve Board that notwithstanding the open meeting requirements of the Government in the Sunshine Act, the Fed can prevent people from watching its meetings if they don’t give advance notice of their intent to attend, don’t have or won’t reveal their Social Security Number or various other information, or if they don’t have or won’t show a photo ID.

Footnote 4 of the 2002 opinion points out a 1977 DoJ letter that states, “[o]f course, any person may attend a meeting without indicating his identity and/or the person, if any, whom he represents and no requirement of prior notification of intent to observe a meeting may be required.” However, the OLC “disagrees with” that letter.

This took place, ,of course, at a time when the OLC was also advising Federal agencies on the legality of torture, “extraordinary rendition”, and so forth.  But we can find no record of any action by the Obama Administration to rescind or update this advice.

All of which begs the Catch-22 question of what happens to people who want to enter government buildings where ID is required for entry — such as passport offices located in Federal office buildings — in order to apply for the ID credentials they don’t yet have.

Sep 09 2009

More travel records, more exemptions from the Privacy Act

An anonymous traveler has posted the records of their international travel that were provided by the Customs and Border Protection (CBP) division of the Department of Homeland Security, in response to a request under the Privacy act using these forms updated from those used by the Identity Project in our original investigation of the CBP “Automated Targeting System” (ATS).  As noted by philosecurity.org, which published the latest example of the government’s travel data vacuum cleaner, as provided by one of the site’s readers,

The document reveals that the DHS is storing the reader’s:

  • Credit card number and expiration (really)
  • IP address used to make web travel reservations
  • Hotel information and itinerary
  • Full Name, birth date and passport number
  • Full airline itinerary, including flight numbers and seat numbers
  • Cruise ship itinerary
  • Phone numbers, incl. business, home & cell
  • Every frequent flyer and hotel number associated with the subject, even ones not used for the specific reservation

There are also the details of a reservation at a hotel the person didn’t end up staying at, but which they had a reservation for when the CBP pulled a snapshot of their PNR from the airline or CRS. Sadly, all this is typical of what’s in a PNR and what we found in our continuing investigation of CBP/DHS travel records.

Meanwhile, even as more travelers are finally getting portions of their travel records, the DHS published a new final rule on August 31, 2009 (74 Federal Register 45070-45072) exempting portions of those records from the Privacy Act. Read More

Aug 27 2009

Of course it’s not a national ID card

Whenever questions are raised about national ID schemes like REAL-ID or PASS-ID, their more public-relations savvy proponents are always quick to say, “But of course this isn’t a national ID card”.  The same goes for L-1 Identity Solutions, the prime drivers license, ID card, and ID and biometric database contractor, aggregator, and data miner for California and the majority of other states (and keynote presenter at ICAO’s upcoming Symposium on Machine Readable Travel Documents next month in Montreal).

So we were interested to see how L-1 describes its products to its customers in this full-page ad on the back cover of the latest issue of ICAO’s Machine Readable Travel Document Report:

But of course, this isn’t a national ID card.

Aug 24 2009

Travelers more worried about TSA than airline safety

Travelers are more concerned about TSA screening than airline safety, according to the results of the first poll conducted by the Consumer Travel Alliance.

“TSA screening” ranked sixth in the survey, with 44.1 percent of respondents saying it was of the highest priority among all possible travel issues (not limited to airlines). “Airline safety” was seventh, with 41.1 percent rating it among the “most important” consumer travel issues.

Congress, are you listening?

Aug 16 2009

Secure Flight: Frequently Asked Questions

There’s been a lot of confusing (and often confused) reporting recently about the TSA’s so-called “Secure Flight” scheme for surveillance and control of passengers on domestic U.S. airline flights, based on data mining of airline reservations and lifetime travel histories.

If you’re looking for answers, you might start with our FAQ about “Secure Flight”.

Much of the confusion comes from the fact that the TSA’s orders to the airlines to implement “Secure Flight”, setting out which airlines are required to do what, and when, are all contained in secret “Security Directives”.  So we have only the TSA’s press releases — which they have previously told us would “creat[e] public confusion” were the public actually to rely on them, and which have often proven to be lies anyway — as clues to what is really being required.

We do know, however, the essence of what the “Secure Flight” regulations actually require: the shift to a permssion-based system of control of domestic air travelers (similar to the shift already being made for international air travelers under the APIS regulations, and for land border crossings under the WHTI rules), with a default of, “No”.

In addition to the questions in our original our FAQ, recent news reports raise some additional questions worth answering:

  • Was the “Secure Flight” scheme “[b]orn out of recommendations from the 9/11 Commission” (NPR)? No. “Secure Flight” is the latest name for a program originally called “CAPPS-II”, which was conceived almost immediately after 9/11 and well before the 9/11 Commission was even appointed.  More importantly, “Secure Flight” is directly contrary to the recommendation of the 9/11 Commission that, “The burden of proof for retaining a particular governmental power should be on the executive, to explain (a) that the power actually materially enhances security and (b) that there is adequate supervision of the executive’s use of the powers to ensure protection of civil liberties. If the power is granted, there must be adequate guidelines and oversight to properly confine its use…. [There should be a board within the executive branch to oversee adherence to the guidelines we recommend and the commitment the government makes to defend our civil liberties.”
  • Is “Secure Flight” a legal “requirement” (TSA press release)? No. Not only is “Secure Flight” (a) in violation of international treaties to which the U.S. is a party (Article 12 of the ICCPR provides in part that, “Everyone lawfully within the territory of a State shall, within that territory, have the right to liberty of movement”) and (b) the First Amendment to the U.S. Constitution (“Congress shall make no law … abridging … the right of the people peaceably to assemble”), but (c) the TSA has been expressly forbidden by Federal law from implementing “Secure Flight” “on other than a test basis” unless and until the GAO has certified that 10 specific criteria have been met.  The GAO has moved the goalposts set by Congress to certify that most of those criteria have, under clearly distorted interpretations, been met — but not yet all of them.  The assignment to each would-be passenger of a score of “cleared”, “inhibited”, or “not cleared” appears to violate the provision of the same law that, “None of the funds provided in this or any previous appropriations Act may be utilized to develop or test algorithms assigning risk to passengers whose names are not on government watch lists.”  And “Secure Flight” also potentially violates restrictions on data mining. [Update: It appears that the TSA is interpreting the GAO’s statements as constituting the necessary certification, even though the GAO said that “Additional Actions Are Needed”.  According to Business Travel News, “‘There’s nothing more to be tested, and no more approvals we need,’ said program director Paul Leyh…. ‘All it is now is to start the implementation process.'”]
  • Can the TSA or the airline prevent you flying or impose other sanctions as a penalty for non-compliance with “Secure Flight” requirements such as providing my date of birth, gender, etc? No. [Not unless they can successfully claim that the GAO has made the necessary certification, and that “cleared”, “inhibited”, or “not cleared” is not a “risk score”.] The same law that prohibits the TSA from “deployment or implementation, on other than a test basis” of “Secure Flight” also provides that, “During the testing phase … no information gathered from passengers, foreign or domestic air carriers, or reservation systems may be used to screen aviation passengers, or delay or deny boarding to such passengers, except in instances where passenger names are matched to a government watch list.”
Aug 12 2009

Rumors of a new administrator for the TSA

One reason there’s been no change in TSA “policy” under the Obama administration — if you can call it “policy” when there are no rules and the people in charge think their decisions aren’t subject to judicial review —  is that President Obama hasn’t yet appointed an Assistant Secretary of Homeland Security for Transportation Security (a/k/a “TSA Administrator”).  So the TSA is still being run by temprary caretaker holdovers, who are forging ahead with the deployment of several schemes promulgated last year by the previous administration, such as Secure Flight, which would transform domestic air travel into a permission-based surveillance and control system with a default of “No”, and the international APIS and WHTI rules for international travel.

Now there are beginning to be rumors of who Obama may appoint.  We haven’t yet seen any discussion of what (if any) policies the rumored nominee might favor, but perhaps it’s time to remind Senators of the questions for such nominees that we put forward last year, after the elections, as part of our Proposed Agenda on the Right to Travel (PDF) for the Obama Administration and Congress:

Questions for nominees for the DHS and TSA:

“As the nominee for Secretary of Homeland Security or Administrator of the Transportation Security Administration, …

  1. Do you believe that individuals should have a right to travel in the USA? Why or why not?
  2. What substantive (e.g probable cause) and procedural (e.g. due process and judicial review) standards do you believe should apply to actions by or directed by your agency, or other government agencies, that would restrict that right?
  3. Should individuals in the USA be required to have or display government ID in order to travel by common carrier or on public rights-of-way by plane? By train? By bus? By ship or ferry? By private car? On foot? Why or why not?
  4. Should individuals in the USA be required to obtain government permission in order to travel by common carrier or on public rights-of-way by plane? By train? By bus? By ship or ferry? By private car? On foot? Why or why not?
  5. Should US citizens be required to have a passport and/or obtain government permission in order to leave the USA? Why or why not?
  6. Should US citizens be required to have a passport and/or obtain government permission in order to return to the USA from abroad? Why or why not?
  7. Should the government maintain records of the travel or movement of people who are not suspected of a crime or subject to a court order authorizing surveillance and logging of their movements? Why or why not?
  8. Should the government mandate the collection or maintenance by travel companies of records of the travel or movement of people who are not suspected of a crime or subject to a court order authorizing surveillance and logging of their movements? Why or why not?
  9. Should travel companies or other third parties to whom individuals are required by the government to provide personal information be free to use, sell, or “share” that information, or should it be protected by laws? Why or why not?
  10. What do you think should be done with existing government files of travel records about innocent people?

The Senate should also ask whether a TSA nominee is willing to commit the agency to the rule of law, by promising to enforce only those sanctions against travelers prescribed by publicly-promulgated rules, and by ensuring that all TSA snactions against travelers (including , of ocurse, “no-fly” orders), are subject to judicial review.

If you agree that these are the key issues for the TSA, let your Senators and the members of the Committee on Homeland Security know that you want these questions asked and answered before any new head of the TSA is confirmed.

Jul 17 2009

PASS ID or REAL-ID? Tweedle-dum or Tweedle-dee?

The Senate Homeland Secuirty Committee hearing this Wednesday on “Reevaluating the REAL ID Act” was a sham, in which the only”opponents” or “critics” of the current REAL-ID law allowed to testify were those who prefer the PASS-ID bill to substitute an alternate national ID card mandate.  Critics of any national ID need not apply to be heard as part of this debate between Tweedle-dee and Tweedle-dum.

Eevn the few positive features of  the PASS-ID bill came under attack.  Senator Collins of Maine wanted to know whether the bill would allow the sort of airport “security” measures that are used in Israel (notorious for ethnic profiling), and specifically whether the PASS-ID provision that, ““no person shall be denied boarding a commercial aircraft solely on the basis of failure to present a driver’s license or identification card issued pursuant to this subtitle,” would still allow denail of boarding, regardless of ID, solely on the basis of “behavioural profiling”.  And the National Retail Association wants to make sure that the PASS-ID prohibition on non-governmental scanning or use of machine-readable (bar-code, mag stripe, or RFID) data on government-issued ID cards would still allow stores to skim this data in order to profile patterns of “suspicious” merchandise returns.  Would anyone object, they want to know, to an exception to this provision that would allow scanning and tracking of machine-readable ID data to detect or prevent “fraud or other illegal activity”?

Yes, we would object to such an open-ended exception.  More importantly, we object to any mandatory national ID.  So do tens of millions of Americans, regardless of whether Congress does’t want our views to be part of the debate.

Jul 14 2009

D.C. Circuit court enjoins checkpoints on public streets

Striking down both a permission-based system of controls of movement (under which motorists on public streets in the District of Columbia were required to explain the purposes of their intended movements to the satisfaction of police before being permitted to pass police checkpoints, with the burden of justification placed on the would-be travellers), and the use of “security”, generalized crime prevention or deterrence, and general law enforcement as justifications for the use of checkpoints as de facto general warrants to stop, detain, interrogate, and compel responses to questions by travellers on public rights of way, the Court of Appeals for the D.C. Circuit has overturned the denial by the D.C. District Court of a permanent injunction against the Metropolitan Police scheme of so-called Neighborhood Safety Zones.

In Mills v. District of Columbia (No. 08-7127, decided July 10, 2009), the D.C. Circuit Court explicitly addressed, and reaffirmed, both the right to movement on public ways (“It cannot be gainsaid that citizens have a right to drive upon the public streets of the District of Columbia or any other city absent a constitutionally sound reason for limiting their access”) and the unconstitutionality of checkpoint stops, searches, or seizures “whose primary purpose was to detect evidence of ordinary criminal wrongdoing…. Because the primary purpose of the … checkpoint program is ultimately indistinguishable from the general interest in crime control, the checkpoints violate the Fourth Amendment” (quoting City of Indianapolis v. Edmond, 531 U.S. 32).

It’s also notable that the Court ruled as it did despite explicitly noting that the checkpoints at issue applied only to travellers by motor vehicle, and not to pedestrians.  (It’s unclear from the appellate opinion how bicyclists and other travellers by non-motoirized vehicle were treated.)  The undisputed fact that there existed an alternative, unrestricted mode of travel — by foot — was not a factor in the decision.

We’ll leave it as an exercise for the reader, and the TSA, to consider how the logic of this decision — and the Supreme Court precedent in Indianapolis v. Edmond on which it relies — would apply to TSA checkpoints at airports.

Our friends at Checkpoint USA have more details in their Roadblock Revelations blog.

Jun 25 2009

Courts and Congress finally start to rein in the TSA

Until recently, the TSA has been a domestic legal Guantanamo, and the TSA has treated their domain of “checkpoints” and travel control and surveillance as a law-free zone where their powers of search, seizure, detention, and denial of passage were unconstrained by the Constitution, human rights treaties, judicial review, or stautory or regulatory standards.  As indeed it has been: Congress has enacted no law specifically defining any limits on the authority of TSA agents at checkpoints (or elsewhere), and the TSA itself has never conducted any rulemaking or issued any publicly-disclosed regulations defining its authority, the limits of that authority, what orders travellers do or don’t have to comply with, and which forms of “noncooperation” are considered grounds for which sanctions (more intrusive search, denial of transportation, admninistrative fine, detention, etc.). While the TSA has never been explicitly exempted from the Constitution or treaties such as the International Covenant on Civil and Political Rights, the DHS has sought to avoid ever allowing judicial review of fly/no-fly decisions, and the courts themselves have gone out of their way to avoid ruling on the legality of TSA actions — such as when the 9th Circuit invented a counter-factual claim (without ever allowing an evidentiary hearing on the facts) that John Gilmore hadn’t actually been required to show ID credentials in order to fly, as a way to avoid ruling on whether an ID-to-fly requirement would be Constitutional. As for the Executive, President Obama has yet to nominate an Administrator of the TSA, leaving this one of the highest-ranking vacancies in the Administration and leaving the TSA operating on autopilot under lame-duck holdovers.

In the absence of any explicit rules or any judicial, legislative, or executive oversight, the TSA has felt no need to seek authority for its ever-expanding assertions of authority through legislation or rulemaking.  Nor has the TSA recognized any duty of self-restraint or self-policing to ensure its actions conform to the law. Instead, the TSA has simply wielded its power to do whatever it wished, on the disgraceful assumption that, “If we’re doing something wrong, the courts will tell us — if and when someone can afford to sue us, and they win a court judgment against us.”  In the meantime, the TSA will do, and claim the right to do, anything that hasn’t already specifically been ruled illegal. Kind of like the thief who assumes that they can steal whatever they want, and that if something turns out not be theirs, they’ll give it back if and when someone sues and wins a court judgment ordering its return.

Time and again we’ve pointed out this failure to subject the TSA to the rule of law. See, for example, our most recent prior post on this topic, our agenda on the right to travel submitted to the Obama Administration and Congress after the 2008 elections, and our comments earlier this month at the Computers, Freedom, and Privacy conference session with Obama Administration representatives and others at 1:45:53 of this video.  Until recently, however, neither the Courts, the Congress, nor the Executive branch have wanted to confront the question of what rules govern the TSA.

We’re please to report that this is finally beginiing to change, in small ways but on numerous fronts:

Read More

Jun 23 2009

“Clear” registered traveler company fails after wasting $116M

260,000 members down the tubes. No refunds.

Congratulations, suckers! Not only did you sign up for and pay money to a totalitarian program, but as usual, the police state was run by incompetents. Your little attempt to suck up to the TSA gestapo now won’t be doing you any good.

Their competitor “Flo Corp” is working hard to “analyze the implications of this announcement”. We can give them some help. A tiny minority of Americans signed up for the National Security State you offered them. You lost the election, the people voted with their wallets and their feet. Your fly-by-night stock is hovering right near 1cent per share. So get a clue and get out of the business while you still can pay your debts. What the public deserves is reform of the whole TSA system, so it provides real rights and real service and real accountability to EVERY traveler — not just to rich guys happy to have their iris and fingerprints on file. TSA’s culture of impunity needs to end, then we’ll all get along a lot better.

Oh, and to investors in Clear? It’s charming how you hoped to profit from funding the totalitarian tracking of the movements of all the citizens. (You couldn’t hope to make money at it unless pretty much every traveler signed up for it.) We’re so glad that every dollar you gave Clear is now a dollar that you can’t waste on your next socially destructive idea.