Papers, Please!

The Identity Project

Category Archives: Papers, Please

Aug 16 2009

Secure Flight: Frequently Asked Questions

There’s been a lot of confusing (and often confused) reporting recently about the TSA’s so-called “Secure Flight” scheme for surveillance and control of passengers on domestic U.S. airline flights, based on data mining of airline reservations and lifetime travel histories.

If you’re looking for answers, you might start with our FAQ about “Secure Flight”.

Much of the confusion comes from the fact that the TSA’s orders to the airlines to implement “Secure Flight”, setting out which airlines are required to do what, and when, are all contained in secret “Security Directives”.  So we have only the TSA’s press releases — which they have previously told us would “creat[e] public confusion” were the public actually to rely on them, and which have often proven to be lies anyway — as clues to what is really being required.

We do know, however, the essence of what the “Secure Flight” regulations actually require: the shift to a permssion-based system of control of domestic air travelers (similar to the shift already being made for international air travelers under the APIS regulations, and for land border crossings under the WHTI rules), with a default of, “No”.

In addition to the questions in our original our FAQ, recent news reports raise some additional questions worth answering:

  • Was the “Secure Flight” scheme “[b]orn out of recommendations from the 9/11 Commission” (NPR)? No. “Secure Flight” is the latest name for a program originally called “CAPPS-II”, which was conceived almost immediately after 9/11 and well before the 9/11 Commission was even appointed.  More importantly, “Secure Flight” is directly contrary to the recommendation of the 9/11 Commission that, “The burden of proof for retaining a particular governmental power should be on the executive, to explain (a) that the power actually materially enhances security and (b) that there is adequate supervision of the executive’s use of the powers to ensure protection of civil liberties. If the power is granted, there must be adequate guidelines and oversight to properly confine its use…. [There should be a board within the executive branch to oversee adherence to the guidelines we recommend and the commitment the government makes to defend our civil liberties.”
  • Is “Secure Flight” a legal “requirement” (TSA press release)? No. Not only is “Secure Flight” (a) in violation of international treaties to which the U.S. is a party (Article 12 of the ICCPR provides in part that, “Everyone lawfully within the territory of a State shall, within that territory, have the right to liberty of movement”) and (b) the First Amendment to the U.S. Constitution (“Congress shall make no law … abridging … the right of the people peaceably to assemble”), but (c) the TSA has been expressly forbidden by Federal law from implementing “Secure Flight” “on other than a test basis” unless and until the GAO has certified that 10 specific criteria have been met.  The GAO has moved the goalposts set by Congress to certify that most of those criteria have, under clearly distorted interpretations, been met — but not yet all of them.  The assignment to each would-be passenger of a score of “cleared”, “inhibited”, or “not cleared” appears to violate the provision of the same law that, “None of the funds provided in this or any previous appropriations Act may be utilized to develop or test algorithms assigning risk to passengers whose names are not on government watch lists.”  And “Secure Flight” also potentially violates restrictions on data mining. [Update: It appears that the TSA is interpreting the GAO’s statements as constituting the necessary certification, even though the GAO said that “Additional Actions Are Needed”.  According to Business Travel News, “‘There’s nothing more to be tested, and no more approvals we need,’ said program director Paul Leyh…. ‘All it is now is to start the implementation process.'”]
  • Can the TSA or the airline prevent you flying or impose other sanctions as a penalty for non-compliance with “Secure Flight” requirements such as providing my date of birth, gender, etc? No. [Not unless they can successfully claim that the GAO has made the necessary certification, and that “cleared”, “inhibited”, or “not cleared” is not a “risk score”.] The same law that prohibits the TSA from “deployment or implementation, on other than a test basis” of “Secure Flight” also provides that, “During the testing phase … no information gathered from passengers, foreign or domestic air carriers, or reservation systems may be used to screen aviation passengers, or delay or deny boarding to such passengers, except in instances where passenger names are matched to a government watch list.”
Aug 12 2009

Rumors of a new administrator for the TSA

One reason there’s been no change in TSA “policy” under the Obama administration — if you can call it “policy” when there are no rules and the people in charge think their decisions aren’t subject to judicial review —  is that President Obama hasn’t yet appointed an Assistant Secretary of Homeland Security for Transportation Security (a/k/a “TSA Administrator”).  So the TSA is still being run by temprary caretaker holdovers, who are forging ahead with the deployment of several schemes promulgated last year by the previous administration, such as Secure Flight, which would transform domestic air travel into a permission-based surveillance and control system with a default of “No”, and the international APIS and WHTI rules for international travel.

Now there are beginning to be rumors of who Obama may appoint.  We haven’t yet seen any discussion of what (if any) policies the rumored nominee might favor, but perhaps it’s time to remind Senators of the questions for such nominees that we put forward last year, after the elections, as part of our Proposed Agenda on the Right to Travel (PDF) for the Obama Administration and Congress:

Questions for nominees for the DHS and TSA:

“As the nominee for Secretary of Homeland Security or Administrator of the Transportation Security Administration, …

  1. Do you believe that individuals should have a right to travel in the USA? Why or why not?
  2. What substantive (e.g probable cause) and procedural (e.g. due process and judicial review) standards do you believe should apply to actions by or directed by your agency, or other government agencies, that would restrict that right?
  3. Should individuals in the USA be required to have or display government ID in order to travel by common carrier or on public rights-of-way by plane? By train? By bus? By ship or ferry? By private car? On foot? Why or why not?
  4. Should individuals in the USA be required to obtain government permission in order to travel by common carrier or on public rights-of-way by plane? By train? By bus? By ship or ferry? By private car? On foot? Why or why not?
  5. Should US citizens be required to have a passport and/or obtain government permission in order to leave the USA? Why or why not?
  6. Should US citizens be required to have a passport and/or obtain government permission in order to return to the USA from abroad? Why or why not?
  7. Should the government maintain records of the travel or movement of people who are not suspected of a crime or subject to a court order authorizing surveillance and logging of their movements? Why or why not?
  8. Should the government mandate the collection or maintenance by travel companies of records of the travel or movement of people who are not suspected of a crime or subject to a court order authorizing surveillance and logging of their movements? Why or why not?
  9. Should travel companies or other third parties to whom individuals are required by the government to provide personal information be free to use, sell, or “share” that information, or should it be protected by laws? Why or why not?
  10. What do you think should be done with existing government files of travel records about innocent people?

The Senate should also ask whether a TSA nominee is willing to commit the agency to the rule of law, by promising to enforce only those sanctions against travelers prescribed by publicly-promulgated rules, and by ensuring that all TSA snactions against travelers (including , of ocurse, “no-fly” orders), are subject to judicial review.

If you agree that these are the key issues for the TSA, let your Senators and the members of the Committee on Homeland Security know that you want these questions asked and answered before any new head of the TSA is confirmed.

Jul 17 2009

PASS ID or REAL-ID? Tweedle-dum or Tweedle-dee?

The Senate Homeland Secuirty Committee hearing this Wednesday on “Reevaluating the REAL ID Act” was a sham, in which the only”opponents” or “critics” of the current REAL-ID law allowed to testify were those who prefer the PASS-ID bill to substitute an alternate national ID card mandate.  Critics of any national ID need not apply to be heard as part of this debate between Tweedle-dee and Tweedle-dum.

Eevn the few positive features of  the PASS-ID bill came under attack.  Senator Collins of Maine wanted to know whether the bill would allow the sort of airport “security” measures that are used in Israel (notorious for ethnic profiling), and specifically whether the PASS-ID provision that, ““no person shall be denied boarding a commercial aircraft solely on the basis of failure to present a driver’s license or identification card issued pursuant to this subtitle,” would still allow denail of boarding, regardless of ID, solely on the basis of “behavioural profiling”.  And the National Retail Association wants to make sure that the PASS-ID prohibition on non-governmental scanning or use of machine-readable (bar-code, mag stripe, or RFID) data on government-issued ID cards would still allow stores to skim this data in order to profile patterns of “suspicious” merchandise returns.  Would anyone object, they want to know, to an exception to this provision that would allow scanning and tracking of machine-readable ID data to detect or prevent “fraud or other illegal activity”?

Yes, we would object to such an open-ended exception.  More importantly, we object to any mandatory national ID.  So do tens of millions of Americans, regardless of whether Congress does’t want our views to be part of the debate.

Jul 14 2009

D.C. Circuit court enjoins checkpoints on public streets

Striking down both a permission-based system of controls of movement (under which motorists on public streets in the District of Columbia were required to explain the purposes of their intended movements to the satisfaction of police before being permitted to pass police checkpoints, with the burden of justification placed on the would-be travellers), and the use of “security”, generalized crime prevention or deterrence, and general law enforcement as justifications for the use of checkpoints as de facto general warrants to stop, detain, interrogate, and compel responses to questions by travellers on public rights of way, the Court of Appeals for the D.C. Circuit has overturned the denial by the D.C. District Court of a permanent injunction against the Metropolitan Police scheme of so-called Neighborhood Safety Zones.

In Mills v. District of Columbia (No. 08-7127, decided July 10, 2009), the D.C. Circuit Court explicitly addressed, and reaffirmed, both the right to movement on public ways (“It cannot be gainsaid that citizens have a right to drive upon the public streets of the District of Columbia or any other city absent a constitutionally sound reason for limiting their access”) and the unconstitutionality of checkpoint stops, searches, or seizures “whose primary purpose was to detect evidence of ordinary criminal wrongdoing…. Because the primary purpose of the … checkpoint program is ultimately indistinguishable from the general interest in crime control, the checkpoints violate the Fourth Amendment” (quoting City of Indianapolis v. Edmond, 531 U.S. 32).

It’s also notable that the Court ruled as it did despite explicitly noting that the checkpoints at issue applied only to travellers by motor vehicle, and not to pedestrians.  (It’s unclear from the appellate opinion how bicyclists and other travellers by non-motoirized vehicle were treated.)  The undisputed fact that there existed an alternative, unrestricted mode of travel — by foot — was not a factor in the decision.

We’ll leave it as an exercise for the reader, and the TSA, to consider how the logic of this decision — and the Supreme Court precedent in Indianapolis v. Edmond on which it relies — would apply to TSA checkpoints at airports.

Our friends at Checkpoint USA have more details in their Roadblock Revelations blog.

Jun 25 2009

Courts and Congress finally start to rein in the TSA

Until recently, the TSA has been a domestic legal Guantanamo, and the TSA has treated their domain of “checkpoints” and travel control and surveillance as a law-free zone where their powers of search, seizure, detention, and denial of passage were unconstrained by the Constitution, human rights treaties, judicial review, or stautory or regulatory standards.  As indeed it has been: Congress has enacted no law specifically defining any limits on the authority of TSA agents at checkpoints (or elsewhere), and the TSA itself has never conducted any rulemaking or issued any publicly-disclosed regulations defining its authority, the limits of that authority, what orders travellers do or don’t have to comply with, and which forms of “noncooperation” are considered grounds for which sanctions (more intrusive search, denial of transportation, admninistrative fine, detention, etc.). While the TSA has never been explicitly exempted from the Constitution or treaties such as the International Covenant on Civil and Political Rights, the DHS has sought to avoid ever allowing judicial review of fly/no-fly decisions, and the courts themselves have gone out of their way to avoid ruling on the legality of TSA actions — such as when the 9th Circuit invented a counter-factual claim (without ever allowing an evidentiary hearing on the facts) that John Gilmore hadn’t actually been required to show ID credentials in order to fly, as a way to avoid ruling on whether an ID-to-fly requirement would be Constitutional. As for the Executive, President Obama has yet to nominate an Administrator of the TSA, leaving this one of the highest-ranking vacancies in the Administration and leaving the TSA operating on autopilot under lame-duck holdovers.

In the absence of any explicit rules or any judicial, legislative, or executive oversight, the TSA has felt no need to seek authority for its ever-expanding assertions of authority through legislation or rulemaking.  Nor has the TSA recognized any duty of self-restraint or self-policing to ensure its actions conform to the law. Instead, the TSA has simply wielded its power to do whatever it wished, on the disgraceful assumption that, “If we’re doing something wrong, the courts will tell us — if and when someone can afford to sue us, and they win a court judgment against us.”  In the meantime, the TSA will do, and claim the right to do, anything that hasn’t already specifically been ruled illegal. Kind of like the thief who assumes that they can steal whatever they want, and that if something turns out not be theirs, they’ll give it back if and when someone sues and wins a court judgment ordering its return.

Time and again we’ve pointed out this failure to subject the TSA to the rule of law. See, for example, our most recent prior post on this topic, our agenda on the right to travel submitted to the Obama Administration and Congress after the 2008 elections, and our comments earlier this month at the Computers, Freedom, and Privacy conference session with Obama Administration representatives and others at 1:45:53 of this video.  Until recently, however, neither the Courts, the Congress, nor the Executive branch have wanted to confront the question of what rules govern the TSA.

We’re please to report that this is finally beginiing to change, in small ways but on numerous fronts:

Read More

Jun 23 2009

“Clear” registered traveler company fails after wasting $116M

260,000 members down the tubes. No refunds.

Congratulations, suckers! Not only did you sign up for and pay money to a totalitarian program, but as usual, the police state was run by incompetents. Your little attempt to suck up to the TSA gestapo now won’t be doing you any good.

Their competitor “Flo Corp” is working hard to “analyze the implications of this announcement”. We can give them some help. A tiny minority of Americans signed up for the National Security State you offered them. You lost the election, the people voted with their wallets and their feet. Your fly-by-night stock is hovering right near 1cent per share. So get a clue and get out of the business while you still can pay your debts. What the public deserves is reform of the whole TSA system, so it provides real rights and real service and real accountability to EVERY traveler — not just to rich guys happy to have their iris and fingerprints on file. TSA’s culture of impunity needs to end, then we’ll all get along a lot better.

Oh, and to investors in Clear? It’s charming how you hoped to profit from funding the totalitarian tracking of the movements of all the citizens. (You couldn’t hope to make money at it unless pretty much every traveler signed up for it.) We’re so glad that every dollar you gave Clear is now a dollar that you can’t waste on your next socially destructive idea.

Jun 01 2009

Today we’re all prisoners in the USA

As of today, June 1, 2009, even U.S. citizens are officially prisoners in the USA, or exiles barred from entering our own country without the government’s permission.

We are now forbidden by Federal regulations from leaving or entering the USA, anywhere, by any means — by air, by sea, or by land, to or from any other country or international waters or airspace — unless the government chooses to issue us a passport, passport card, or “enhanced” drivers license (any of which “travel documents” are now issued only with secretly and remotely-readable uniquely-numbered radio tracking beacons in the form of RFID transponder chips), or unless the Department of Homeland Security chooses to to exercise its standardless “discretion” to decide — in secret, with no way for us to know who is making the decision or on what basis — to issue a (one-time case-by-case) “waiver” of the new travel document requirements.

If you’re in the USA without such documents — even if you were born here, or are a foreigner who entered the USA legally without such documents (a Canadian, for example, who entered the USA by land yesterday when no such documents were yet required), or your document(s) have expired or have been lost or stolen — you are forbidden to leave the country unless and until you procure such a document, or unless and until the DHS gives you an exit permit in the form of a discretionary one-time waiver to leave the country — but not necessarily to come home, unless they again exercise their discretion to “grant” you another waiver.

If you are a U.S. citizen abroad without such a document (for example, if you entered Canada legally without it yesterday by land, when it wasn’t required, or again if your document(s) are expired, lost, or stolen) you are forbidden to come home unless and until you can procure a new document acceptable to the DHS, or unless and until the DHS gives you permission to come home in the form of a discretionary one-time waiver. Read More

May 26 2009

TSA releases (censored) ID checking procedures

In response to a request by the Identity Project under the Freedom of Information Act, the TSA has for the first time given us a (redacted) version of the section on Travel Document and ID Checks from the TSA’s “Screening Management SOP” (Standard Operating Procedures) manual.  Our request was made June 21, 2008, the day the TSA announced what they claimed were changes to ID “requirements” for air travelers. It took the TSA almost seven months to respond.

The version of the SOP manual which the TSA has now made public is dated June 30, 2008, so it ought to reflect the changes announced in the TSA’s June 21, 2008 press release. But there is nothing at all in the sections of the manual the TSA has released about the new procedures and new ID verification form which the TSA had, in fact, started using.  Rather than requiring people who don’t have or don’t choose to show government-issued ID credentials to execute affidavits stating who they are under penalty of perjury, the TSA procedures manual requires that such people be allowed to proceed through secondary screening as “selectees”, and specifically directs screeners and other TSA staff not to make any attempt to detain or delay them.

Read More

May 14 2009

California DMV plans crackdown on “look-alikes”

Has anyone ever looked at your face and mistaken you for someone else?

If so, and if you live in California, you could be a victim of a proposal by the California Department of Motor Vehicles which is now under consideration in the state legislature.

At a hearing yesterday (May 13, 2009) before the Assembly Budget Subcommittee No. 5 on Information Technology/Transportation, the Director and Chief Information Officer of the DMV pleaded for more money (in spite of the desperate state budget crisis) to hire a contractor to digitize and store the photographs taken for every California drivers license or state ID, and then use “biometric” facial recognition and matching software to compare each new photo of an applicant for a license or ID with every photo in the database. (The DMV proposal next goes before the Senate Budget Subcommittee No. 2 on Resources, Environmental Protection, Energy and Transportation on Wednesday, March 20th.)

If the computer thinks your picture looks like any other picture in the database, both you and the other person whose photo the robot thinks looks like yours would be placed under suspicion of fraud, identity theft, or worse. Read More

May 14 2009

“Warden’s skills a plus for TSA chief”

Has it ever seemed like the TSA treats passengers the way prison guards treat convicts?  Here’s what the TSA thinks it takes to run their operations at the world’s busiest airport:

Warden’s skills a plus for TSA chief

Newly appointed Byrd has a background in corrections.

By Kelly Yamanouchi, The Atlanta Journal-Constitution (Thursday, May 14, 2009)

Mary Leftridge Byrd sees some similarities between her career in corrections and her new job as head of the Transportation Security Administration at the Atlanta airport….

Byrd, 60, joined the TSA last month from a position as assistant and deputy secretary at the Washington State Department of Corrections, and she is a former prison warden and superintendent in Pennsylvania and Maryland.

… The TSA has about 900 security officers in Atlanta.