Jul 10 2019

Automated DHS searches of state drivers’ license photos

State agencies that issue drivers’ licenses are conducting warrantless searches of their databases of license photos, using automated face recognition software, at the request of  law enforcement agencies including the Immigration and Customs Enforcement (ICE) division of the Department of Homeland Security.

The use of automated facial recognition to search databases of drivers’ license mug shots was revealed in responses to requests made under the Freedom Of Information Act and  state public records laws by the Georgetown University Center on Privacy & Technology.  It was reported in recent days in the Washington Post, New York Times, and in two stories on NPR, and was discussed in a Congressional hearing today on the use of automated facial recognition by Federal agencies. (Earlier Congressional hearings on automated facial recognition were held on May 22nd and June 4th.)

Questions are being asked by members of Congress, state officials, and civil libertarians: What is the legal basis, if any, for these dragnet searches of drivers’ license photo databases? How have they have evaded judicial oversight?  Warrants or court orders were neither requested by DHS or other law enforcement agencies, nor demanded by the state agencies that carried out the searches in response to extrajudicial administrative requests.

A letter sent this week by a coalition of civil liberties organizations calls on Congress to suspend the use of facial recognition technology by the DHS. While that is appropriate, it doesn’t address how, from what sources, or on what legal basis databases of ID-linked mug shots of innocent individuals are being created and obtained by the DHS.

Additional questions ought to be asked about the implications of the latest revelations for the REAL-ID Act and the use of facial recognition by airlines, airport operators, and DHS officers and agents at airports and borders:

Read More

Apr 04 2019

TSA plans to put new lying signs in airports

This sign is a lie.

According to a press release  issued today by the Transportation Security Administration, the TSA plans to start posting signs as shown above in airports throughout the USA, claiming that “ID Requirements Are Changing” and that  “Beginning Beginning October 1, 2020, you will need a REAL ID compliant license or another acceptable form of ID, such
as a valid passport or U.S. military ID, to fly within the U.S.”

According to today’s TSA press release:

REAL ID-compliant licenses or other acceptable forms of ID, such as a valid passport, federal government PIV card or U.S. military ID, will be mandatory for air travel beginning on October 1, 2020. Critically important, on October 1, 2020, individuals who are unable to verify their identity will not be permitted to enter the TSA checkpoint and will not be allowed to fly.

These signs and this and similar press releases are lies.

This isn’t the first time, and probably won’t be the last, that the TSA and/or DHS have made lying statements, issued lying press releases, or posted lying signs about the REAL-ID Act and ID to fly.

Is ID required to fly? No.

One would expect “requirements” announced by a Federal agency to be contained in laws or regulations. But the TSA’s own lawyers, officials, and witnesses testifying under oath have told judges in every lawsuit ion which the issue has arisen that no law or regulation required domestic air travelers to have, carry, or show any ID cards or credentials.

The TSA’s responses to our Freedom Of Information Act (FOIA) requests for its records of people who show up at TSA and TSA-contractor checkpoints at airports without ID show that more than 98% of them — hundreds a day, and tens of thousands every year — are allowed to continue to board their flights without carrying or showing ID.

Is this scheduled to change? No.

Changes to Federal laws require action by Congress. No bill has been introduced in the current Congress (or ever, so far as we can tell) that would impose any ID requirement for air travel.

Changes to Federal regulations require a process governed by the Administrative Procedure Act that starts with a “Notice of Proposed Rulemaking” (NPRM) published in the Federal Register.  No notice of any proposed rules related to ID to fly has been published.

In 2016, the TSA published a notice that it planned to seek approval from the Office of Management and Budget (OMB) — but had not yet sought that approval — for a new version of a form some air travelers without ID have been asked to fill out. (Because the form has never been submitted to, or approved by, OMB, its use is illegal and no penalty can lawfully be imposed for declining to respond to the questions on the form.)

We pointed out to the TSA and OMB that it was improper to ask OMB to approve this form without first enacting a law or promulgating regulations providing a legal basis for the form. Other organizations and individuals also objected to the proposed form. The TSA has neither responded to any of the objections nor submitted the form for OMB approval.

Will the REAL-ID Act of 2005 change this? No.

The REAL-ID Act and implementing regulations are concerned only with which ID cards are considered “acceptable”, in circumstances in which some (other) valid Federal law regulations requires ID for some Federal purpose. The REAL-ID Act itself did not purport to impose any new ID requirements, either when it was enacted, in 2010, or ever.

Will I still be allowed to fly without ID in the future? Maybe, maybe not. That’s up to the TSA.  But if the TSA or its contractors prevent you from traveling, without a lawful basis, they will be violating your rights and breaking the law.

Since the TSA is wielding power by secret internal orders and security directives to staff, contractors, and airlines, announced (if at all) through press releases rather than through proper formal notices in the Federal Register, it’s impossible to say with certainty what it will try to do. What it will do is likely to depend, in significant part, on its assessment of how widely and strongly particular assertions of illegitimate authority will be resisted.

The TSA has been making threats to start harassing residents of states and territories that it hasn’t chosen — in what it has claimed is its standardless discretion — to certify as being sufficiently “compliant” with the REAL-ID Act, or to give extensions of time to comply. These certifications and extensions of time have had little apparent relationship with actual compliance, so they too are impossible to predict.

The next of these threats is an extension of time to California to comply with the REAL-ID Act which is scheduled to expire at the end of the day on April 10, 2019.

We suspect, especially after today’s press release — which focuses on an arbitrary date of October 1, 2020, rather than any of the “extension” expiration dates — that the DHS will either certify California and all of the other states and territories as “compliant” (even if they aren’t) or extend their time to comply until October 1, 2020.

Apr 01 2019

DHS continues to extort participation in REAL-ID database

If there is one truth hiding in the forest of DHS lies about the REAL-ID Act of 2005, it’s that the DHS doesn’t want to cause riots at airports by subjecting residents of disfavored states to  more intrusive searches and “ID verificationinterrogation when they travel by air.

The goal of the REAL-ID Act is to intimidate states into adding their residents drivers’ license and state ID data to the SPEXS national ID database, through threats to harass residents of states and territories that aren’t sufficiently compliant.

Like any extortionist, the DHS wants its victims to submit, and doesn’t really want (and may not even be prepared) to carry out its threats.

But what will the DHS do when its bluff is called by states or territories that are either unwilling or unable to comply?

Today, April Fools Day, we’re seeing the latest test of the answer to this question, with the US Virgin Islands as the target of DHS threats.

Read More

Jan 09 2019

How many times will the DHS cry wolf on REAL-ID?

The last time we checked in on the status of the seemingly endless game of “chicken” being played by the US Department of Homeland Security with its threats to start harassing air travelers who reside in states the DHS deems insufficiently “compliant”, every state and territory had been given another “extension” of time to demonstrate commitment to compliance until at least January 10,  2019.

Since then, the DHS, in its standardless administrative discretion, has announced further extensions until at least April Fools Day, 2019 (for the US Virgin Islands), for every state and territory except California and Guam.

But as of today, the DHS website says that, “California has an extension for REAL ID enforcement, allowing Federal agencies to accept driver’s licenses and identification cards from California at Federal facilities, nuclear power plants and federally regulated commercial aircraft until January 10, 2019.”

As of this morning, with the “deadline” less than 48 hours away, we got the following response to our questions about this from a spokesperson for the California DMV:

The State of California has been working for the better part of a year to be deemed compliant with the REAL ID act, unfortunately due to a lack of response on the part of the Federal Government with the ongoing shutdown there has been no final confirmation.

So was that a real deadline for REAL-ID in California?

Is the DHS really prepared to have TSA checkpoint staff — working for indefinitely deferred pay — start trying to carry out time-consuming “ID verification procedures” for everyone who shows up at an airport checkpoint with a California drivers’ license or ID, starting the day after tomorrow?

The answer turns out to be, “No.”

The DHS and TSA have blinked yet again in the face of insufficient state “compliance”.

We’ve just received the following updated statement from the DMV:

The California DMV has confirmed with the Department of Homeland Security (DHS) that they will be granting California an extension to April 1, 2019. Due to the furlough, the letter might not arrive until tomorrow and DHS will likely not be updating their website until the furlough ends. All driver licenses will remain valid and can continue to be used for federal purposes.

And this from a spokesperson for the TSA:

I recently learned from DHS that California’s extension has been extended through April 1, 2019…. Updates to their website are underway.

California doesn’t actually comply with the REAL-ID Act. That would require uploading data about all California drivers’ licenses and ID cards to the SPEXS national ID database, which California hasn’t done and which would probably violate multiple provisions of California’s state constitution. But DHS certifications and extensions are discretionary, and need not be based on any specific criteria or on actual compliance.

There’s still no public word about Guam, the extension for which is also scheduled to expire tomorrow.

Phase 4b” of REAL-ID Act enforcement at airports supposedly started on January 22, 2018. Since then, the only state or territory where the DHS has let a REAL-ID  extension lapse, even temporarily, has been American Samoa, for which another extension has now been granted until October 10, 2019. We’re still waiting for any response to our FOIA request for records of what happened to American Samoans who tried to fly during the period last year when the extension had lapsed.

 

Jan 04 2019

Issues for the revitalized Privacy and Civil Liberties Oversight Board

With its recent revival, the Federal government’s Privacy and Civil Liberties Oversight Board (PCLOB) has a chance to take a fresh look at how far the USA has gone since 9/11 in implementing a combination of “pre-crime” policing (à la Minority Report) and “social credit scoring” integrated with commercial service providers (à la China) as a means of control of what people can and cannot do, and where they can and cannot go.

The PCLOB didn’t have a quorum since early 2017, and was down to only one member. But three new members were confirmed in October 2018. An Executive Director – who may end up with longer-term influence than the members of the Board, especially given that the new members weren’t appointed and confirmed until just three months before one of their terms is scheduled to end – is currently being hired. Civil libertarians able to obtain a security clearance and willing to relocate to DC are encouraged to apply.

What should the PCLOB focus on, with its limited time and resources? The PCLOB is an advisory committee with neither legislative nor prosecutorial authority. The best use it can make of its limited mandate is to ask hard questions and raise issues that Federal agencies won’t otherwise acknowledge or address.

The TSA and DHS were created in haste after 9/11 without consideration of the privacy and civil liberties implications of their new activities, many of which have never been explicitly approved by Congress. The reactivation of the PCLOB after the latest hiatus is a chance to take a fresh look at the big picture of what these agencies are doing, and what this means for privacy and civil liberties. It might be tempting to focus on “emerging” threats, but the first priority should be to assess the DHS surveillance and control systems that are already in place:

  1. Conversion of state licensing of motor vehicle operators into a national ID system. More than a decade after Congress enacted the REAL-ID Act of 2005, we are entering the endgame of DHS efforts to pressure states into participating in an outsourced, privately-operated, national ID database created to enable compliance with the REAL-ID Act. SPEXS already includes records sourced from states about more than 50 million Americans, but is not subject to any direct government control and has never been the subject of any publicly-disclosed review of its implications for privacy and civil liberties.

  2. Mass surveillance and permission-based predictive control of movement and travel. Congress has never debated whether air travelers should be required to identify themselves, whether the government should keep histories of innocent citizens’ movements (compiled from commercial airline reservations for common carrier travel, license plate readers for travel by private vehicle, and facial recognition for pedestrian movement), or whether existing judicial mechanisms for restricting the right to travel and movement through injunctions or restraining orders should be replaced with secret, extrajudicial administrative prior restraint through “no-fly” and similar orders. How has travel been transformed from a right to a privilege exercised only by government permission? How does this implicate the 1st Amendment right to assemble and the right of freedom of movement recognized by international human rights treaties? How widely, and with what implications for privacy and civil liberties, has the precedent set by real-time “pre-crime” predictive control of travel expanded to other activities and transactions?

  3. Suspicionless dragnet administrative searches. Today, the most common hands-on interaction between a Federal agent and a person not suspected of any crime is a TSA pat-down. But there’s never been any comprehensive review of the legality or the implications for privacy and security of the proliferation of suspicionless administrative searches since the creation of the DHS and TSA: security theater in airports, warrantless searches at internal checkpoints (domestic airports, CBP roadblocks on roads that don’t cross the US border, etc.), and attempts to claim the right to impose searches on the public in other forms of transportation.

There’s much more that we and others could say about each of these issues, if the PCLOB choses to consider them. But the first challenge for the PCLOB is whether it will tackle these big-picture issues.

Jan 02 2019

Who’s paying for the national ID database?

As part of a flurry of overdue year-end responses to our Freedom Of Information Act (FOIA)  requests, we’ve gotten some curious messages about Federal government funding for SPEXS, the national database of drivers’ license and state ID-card data being created — with no apparent consideration of its impact on privacy and civil liberties — to enable states to comply with the Federal REAL-ID Act of 2005.

The DHS continues to claim that SPEXS isn’t a Federal database: “REAL ID does not create a federal database of driver license information.” But we know that much of the funding for the SPEXS database and the “State-To-State” (S2S) system of which it is a component has come from Federal grants laundered through grants to states and then reassembled by the American Association of Motor Vehicle Administrators (AAMVA) to pay the contractors building and operating the database and network.

Read More

Nov 21 2018

REAL-ID database still lacks basic protections

[As of August 2017, this was one of the two highest priorities for the SPEXS/S2S governance committee —  but still unresolved.]

There is still no way to find out whether there’s a record about yourself in the national REAL-ID database, or what information that record contains, or to correct it. This has been recognized as a priority by the state officials who indirectly “govern” the contractors who operate the database. But years have passed, and nothing has been done to address the problem, even as the database has grown to include information about more than 50 million US residents.

How has this been allowed to happen?

The most significant requirement for US states and territories that choose to comply with the Federal REAL-ID Act of 2005 is participation in the national ID database, SPEXS.

But while SPEXS has been developed to enable state submission to Federal requests, development and operation of the SPEXS has been outsourced to the American Association of Motor Vehicle Administrators, a nominally-private nonprofit corporation, and a for-profit AAMVA contractor, Clerus Solutions. Neither AAMVA nor Clerus Solutions are directly subject to any Federal or state government transparency laws.

Federal funding for SPEXS from the DHS has been laundered through grants to states, keeping the Feds at arms length from AAMVA, Clerus Solutions, or any direct oversight of, or accountability for, SPEXS. We have requested DHS records of these grants, but the DHS has yet to produce them. Just today — well after the deadline for the DHS to respond to our request  — we got a message  claiming that the FOIA office to which our request has been referred isn’t sure what we want, and asking us to “clarify” our request.

In the meantime, the main sources of information about the build-out of SPEXS into a comprehensive national database of drivers licenses and state-issued ID cards have been responses to requests to state driver licensing agencies (DLAs in AAMVA-speak) under state public records laws.  If you want to request these records from your state DLA, here’s a 2017 list of state points of contact for participants in SPEXS and the AAMVA subcommittee for privatized “governance” of SPEXS.

This list is part of the latest batch of records released by the Wisconsin Department of Motor Vehicles (the first participant in SPEXS) in response to a  request under that state’s open records law.

Among other details, these records confirm that as recently as August 2017, AAMVA still had not  agreed on any procedure by which an individual could find out whether there is a record about them in the SPEXS database, or what information it contains. No system for handling access or correction requests had been established, even though by that time the SPEXS database contained information about 50 million people.

We asked AAMVA’s Chief Privacy Officer about this in early 2016. Nothing was done. Members of the S2S/SPEXS governance committee were polled in 2017, and identified this as one of their two highest priorities. Still, another year later, nothing has been done. Read More

Oct 10 2018

What AAMVA doesn’t want you to know about the national REAL-ID database

Another “deadline” for enforcement of the REAL-ID Act of 2005 passed uneventfully today.

The US Department of Homeland Security had advertised that DHS extensions of time for voluntary compliance with the REAL-ID Act by many states would expire today.

The DHS threatened that starting today it would “enforce” the REAL-ID Act through harassment or denial of the right to travel of airline passengers without ID or with ID issued by states or territories that the DHS, in its standardless administrative discretion, deemed insufficiently compliant with Federal wishes.

Today’s supposed “deadline” was fixed neither by law nor by regulation. Not surprisingly, the DHS blinked in the final days before its self-imposed ultimatum, as it has done again and again.

Every US state and territory subject to the REAL-ID Act was either certified by the DHS as sufficiently compliant to satisfy the DHS (at least for now), or was given a further extension of time to comply without penalty until at least January 10, 2019.

Yesterday, the day before the “deadline”, the DHS quietly posted notices on its website that it had granted further extensions until January 2019 to the last two states, California and New Jersey.

Perhaps the DHS is still unwilling to provoke riots at airports by stopping people without ID, or with ID from disfavored states and territories, from flying. Perhaps it isn’t yet prepared to face, and likely lose, the inevitable lawsuits from would-be flyers.

Even American Samoa, which — because the second-class status of American Samoans as US subjects but not US citizens would make it harder for them to challenge DHS restrictions of their rights — had been the first trial by the DHS of enforcement of the REAL-ID Act, was given an extension until October 10, 2019.

So far as we can tell, REAL-ID Act “enforcement” meant only modestly enhanced harassment of American Samoans at airports. Our FOIA request for records of how many people tried to fly with American Samoa IDs, and what happened to them, remains pending with no response after more than five months.

American Samao isn’t the limit of REAL-ID Act expansion beyond US borders and overseas. H.R. 3398, a bill to extend eligibility for REAL-ID Act compliant drivers licenses and IDs to citizens of several nominally independent de facto US dependencies, has passed the House and is pending in the Senate.

Meanwhile, the real movement toward state compliance with the REAL-ID Act is behind the scenes  — as the DHS, its collaborators among state driver licensing agencies, and AAMVA, the operator of the outsourced and pseudo-privatized national ID database, want it to be.

Since we last reported on the status of REAL-ID Act compliance six months ago, agencies in three more states — Pennsylvania, New Mexico, and most recently Washington in September 2018 — have uploaded information about all licensed drivers and holders of state-issued IDs to the SPEXS national database. That brings to 19 the number of states whose residents’ personal information is included in the aggregated database.

But even as the database grows to include information about more and more US residents, the DHS persists in denying its existence. According to the DHS public FAQ about the REAL-ID Act:

A: Is DHS trying to build a national database with all of our information?

No…. REAL ID does not create a federal database of driver license information.

To the extent that there is any truth at all in this statement, it’s that the SPEXS national database isn’t under direct Federal or state control, but has been handed over to AAMVA and AAMVA’s contractors. (The database is apparently actually hosted by Microsoft.)

For obvious reasons, nobody is more eager than AAMVA to have you pay no attention to the national ID database behind the REAL-ID Act curtain.

In June 2018, we were honored to receive an urgent letter by Fedex from the President  & CEO of AAMVA, demanding that we immediately remove from our website the specifications for the SPEXS database, which we had obtained in 2016 from AAMVA’s own public website. After AAMVA made that whole section of its site “members-only”, we posted a copy of the SPEXS specification to help readers understand the details of the system, and as one of the key sources for our analysis of SPEXS.

SPEXS already includes personal information obtained from government records of drivers licenses and state IDs, including dates of birth and the last five digits of Social Security Numbers, for more than 50 million US residents. We think the people whose data is included in this system are entitled to know what information is being kept about them, who has access to it, and how it is used.

According to the SPEXS specifications,  development of SPEXS was funded by grants from componetns of the DHS and the Department of Transportation. (We’re waiting for responses to our FOIA requests for those agencies’ records about SPEXS.) If SPEXS were being operated directly by a Federal agency, the Privacy Act would require it to provide notice of the types of records in the system, how they are used, and with whom they are shared, as well as procedures for individuals to see the records about themselves and to obtain an “accounting of disclosures” to third parties of information about themselves.

But because the SPEXS database has been outsourced to a nominally private contractor, AAMVA, both Federal and state agencies can disclaim any responsibility for it. That leaves the SPEXS specifications as the best available evidence of what the system is and does.

In a later message to our Web hosting provider, a lawyer for AAMVA claimed that, “The information contained in this work is sensitive and its unauthorized publication could jeopardize the security of the governmental program to which this document relates.” This is nonsense. AAMVA waived any claim of sensitivity by making the specifications public.

When it was still struggling to sell the first states on buying into SPEXS, AAMVA posted the SPEXS specification on its website for anyone to download. More than two years after we called attention to what this document reveals, AAMVA is trying to suppress it. Not because it contains any secrets — it’s been publicly available for years — but because it conclusively disproves the DHS big lie that there is no national REAL-ID database, and shows the essential role that AAMVA itself is playing in this surveillance system.

We encourage you to pay close attention to the AAMVA man behind the REAL-ID Act curtain. And if you have questions about SPEXS or the SPEXS specifications, feel free to contact us.

Jul 18 2018

California DMV lies about the REAL-ID Act

We’ve heard that the California Department of Motor Vehicles has posted scary new signs in DMV offices around the state misinforming motorists and holders of DMV-issued non-driver state ID cards about the Federal REAL-ID Act of 2005.

We assume that these public disinformation messages are similar in content to the false answers to frequently asked questions and other propaganda about REAL-ID on the DMV website.

We’ve been through all this before with similar false claims about the REAL-ID Act by the California DMV and the Federal Department of Homeland Security. But lest anyone be misled by seemingly authoritative statements from government agencies, here are some of the real facts about REAL-ID that are contradicted, denied, or ignored in DMV press releases. Read More

Jun 08 2018

“Governance” of the REAL-ID database

Attendance at the most recent face-to-face (F2F) meeting of the AAMVA S2S Governance Committee, Milwaukee, WI, March 22, 2018

We’ve been trying for years to find out who is really in charge of the national ID database being created to enable states that choose to do so to comply with the  Federal REAL-ID Act of 2005.

The national ID records system includes the SPEXS database and the S2S data network and system of central-site applications. S2S, including SPEXS, is operated by AAMVA (a non-governmental non-profit organization whose members are the directors of state driver licensing agencies) and Clerus Solutions (a for-profit  private contractor most of whose executives are revolving-door former staff of AAMVA).

But who is setting policy? Who decides what information from state drivers’ license and ID records is included in the central “pointer” database? Who decides what other entities are able to retrieve, mine, or otherwise obtain or use these records?

Are state governments really in control of their residents’ data once it is uploaded to the central site (outsourced to Microsoft as a cloud hosting provider)? Or is Is the US Department of Homeland Security, AAMVA, or Clerus Solutions in the driver’s seat?

Documents we’ve recently received in response to a request to the state of Alaska under that state’s public records law don’t answer many of our questions, but shed more light on on this little-known, aggregated, privately-held database of personally identifying information obtained from state records that already contains data about roughly 50 million US citizens and residents.

We also received explicit confirmation from the minutes of a June 2017 meeting (p. 64 of this PDF file) that AAMVA staff and state driver licensing officials expect that participation in S2S and SPEXS will be added to the criteria used by the DHS to determine whether to certify or re-certify states as “compliant” with the REAL-ID Act: The latest batch of records we received (see related records released to us earlier here) is a disordered jumble bundled into a single PDF file. Below are some of the other noteworthy details, with references to page numbers in this PDF file:

Read More