Archive for the ‘REAL ID’ Category

“Stand up to the corrupt Real ID Act”

Friday, April 21st, 2017

[Guest commentary by Rep. Chris Tuck, Majority Leader in the Alaska House of Representatives, published in the Fairbanks News-Miner, the Juneau Empire, and the Alaska Journal of Commerce.]

I am disappointed that the Administration of [Alaska Governor] Walker has given in to the fear tactics and misinformation of the Department of Homeland Security and the Transportation Security Administration by putting forth legislation to make Alaska implement the Federal REAL ID Act and pay for it ourselves. It is my duty to set the record straight and make sure people have the facts they need to defend their rights.

The Department of Administration has been reporting that if we do not agree to comply with REAL ID we will not be allowed to use our state IDs to get through TSA checkpoints or to get on base. In reality there is no existing or proposed federal law or regulation requiring ID to travel at all.

A recent reply to a four-year-old Freedom of Information Act request to the DHS has shown that 77,000 people per year fly without ID, and only 2 percent who try are ever turned away. Not only that, it is the Pentagon and individual base commanders who decide what ID is required to get on base.

The Department of Homeland Security does not have authority over the Pentagon. That is why the DHS instead uses fear tactics and misinformation to try and force REAL ID on the states.

(more…)

Yes, you can fly without ID

Thursday, April 13th, 2017

On average, 77,000 people each year — more than 200 a day — pass through TSA checkpoints to board airline flights in the USA without showing ID.

Ninety-eight percent of the would-be travelers who show up at TSA checkpoints without ID are allowed to board their flights. Only two percent are turned back.

The average time spent by the TSA “Identify Verification Call Center” in questioning each traveler without ID has been between seven and nine minutes.

Show up at the airport with no ID (or with ID that isn’t considered “acceptable” by the TSA), and there’s a 98% chance that you will be allowed to fly without ID, after 7-9 minutes of additional questioning and a pat-down (which you would have gotten anyway if you didn’t consent to “virtual strip search” imaging) and search of your carry-on bags.

All this is according to internal TSA logs and summary reports on each person who tried to fly from 2008 (when the TSA started using its current procedures and form for people who fly without ID) through 2011. These reports were finally released to us, after four years of TSA foot-dragging, in response to a Freedom Of Information Act request we made in 2013.

So much for the false claims the TSA, the DHS, and their collaborators at state licensing agencies are making that people who live in states that don’t comply with the REAL-ID Act won’t be allowed to fly without “acceptable” ID.

It doesn’t matter whether your ID is “compliant” or “acceptable”. You can fly with no ID at all, and hundreds of people do so every day after what is typically only a brief delay.

Over the years, we have received a trickle of incident narratives, which have been helpful in understanding how the TSA deals with people who show up without ID and what data the TSA uses to make judgments about travelers. But these narratives are for exceptional incidents in which travelers were not quickly “verified” and allowed to proceed. The annual summaries (2008, 2009, 2010, 2011) were only released as the 14th and last batch of responses to our request. (The TSA illegally substituted PDF files of page images for the original spreadsheet or table files, making them much larger files and harder to tabulate. We will be appealing the TSA’s substitution of less-useful newly-created files for the originals, and failure to produce the files in their original format as we requested.)

We remain concerned, of course, about the 2% of would-be fliers without ID who are wrongly prevented from exercising their right to travel by air. The percentage is small (again, just 2% of the people who show up at TSA checkpoints with no ID or without “acceptable” ID), but it still comes to more than 1500 people a year, throughout the USA, whose rights are violated. States should not only say “no” to compliance with the REAL-ID Act, but start preparing now to defend their residents’ freedom of travel and to ask Federal courts to enjoin the DHS and TSA from any interference with that right.

Alaska and the REAL-ID Act

Tuesday, March 21st, 2017

We’ll be testifying (by teleconference) at hearings today in the Senate State Affairs Committee (3:30 p.m. ADT) and House State Affairs Committee (5:30 p.m. ADT) of the Alaska State Legislature on three state bills related to Alaska’s response to the Federal REAL-ID Act of 2005:

  1. SB34: Implementation of the federal REAL ID Act of 2005
  2. HB74: Implementation of the federal REAL ID Act of 2005
  3. HJR15: Encouraging repeal of the REAL ID Act of 2005

In 2008, shortly before the REAL-ID Act was scheduled to take effect (the DHS has repeatedly postponed that discretionary “deadline” as politically and practically unfeasible, most recently until 2020) the Alaska State Legislature enacted a state law prohibiting any state spending to implement the REAL-ID Act.

Now, in respond to Federal threats to interfere with Alaskan residents’ freedom of movement if the state government doesn’t upload information about all state license and ID-card holders to a national ID database, the state legislature is considering bills to authorize that spending and implementation.

It makes no sense for Alaska to call for repeal of a disliked Federal law of dubious Constitutionality, and simultaneously to authorize state spending to comply with that law, without first getting the courts to rule on whether the (unfunded) mandate for state action or the threatened sanctions against state residents are Constitutional.

As we say today in our written testimony to members of the House and Senate State Affairs Committees:

Alaska HJR15 is an important statement of support by the Alaska State Legislature for efforts in Congress to repeal the REAL-ID Act. But Alaskans and the State of Alaska cannot, and should not, merely sit back and wait for Congress to act.

No Federal law or regulations requires air travelers to show any ID. People fly without ID every day. But the TSA has indicated that it intends to propose regulations, revise TSA Standard Operating Procedures, and/or issue Security Directives to air carriers to require air travelers to show ID acceptable to the DHS in order to fly.

This threat poses a special danger to Alaskan residents, especially those in communities and locations not connected to the North American road network, and/or who rely on air transportation for access to essential and emergency services.

Unless and until this threat is withdrawn, Alaskan state authorities including the office of the Attorney General of Alaska should be preparing to defend any Alaska residents whose rights are interfered with by Federal agents.

And rather than waiting to intervene until after Federal agents start denying Alaska residents access to essential air transportation, the state should, as soon as it is ripe for adjudication, initiate litigation to prevent interference with residents’ rights.

It makes no sense for your state to capitulate, as these bills would have it do, in response to threats of Federal action action whose Constitutionality has yet to be tested.

It would be premature for Alaska to abandon its long-standing and well-founded opposition to the REAL-ID Act in response to DHS threats to interfere with the rights of state residents as a sanction for state noncompliance with the REAL-ID Act, while:

  1. A Federal ID credential, a passport card, is available to any U.S. citizen who qualifies for a REAL-ID compliant state ID, and can be used for any purpose for which a compliant state ID can be used as well as for surface travel to Canada;
  2. Legislation to repeal the REAL-ID Act or significantly mitigate the dangers of creating an uncontrolled national ID database is pending in Congress;
  3. No Federal statute or regulation requires air travelers to show any ID to fly, and residents of Alaska and other states continue to fly every day without ID;
  4. No regulations have been proposed that would require anyone to show ID to fly;
  5. No court has considered whether it would be Constitutional to require air travelers or passengers of other common carriers to show ID;
  6. Compliance with the REAL-ID Act would create special problems for Alaskan residents, especially residents of communities not accessible by road;
  7. The lack of alternatives to air transport gives Alaska a uniquely strong legal basis to challenge any Federal attempt to impose an ID requirement for air travel;
  8. More populous states that are manifestly not in compliance with the statutory criteria for REAL-ID Act database access have not been similarly threatened; and
  9. No court has ruled on the legality of the DHS arbitrarily exercising “discretion” to restrict the rights of residents of some noncompliant states but not others.

We urge the Alaska State Legislature to reject SB34 and HB74, stand firm in your opposition to the REAL-ID Act, and prepare to defend the Constitutional rights of Alaskans and all Americans to freedom of travel and movement, including by air.

Executive Orders, lawsuits, and the right to travel

Thursday, February 16th, 2017

[D]ue process requires… notice and a hearing prior to restricting an individual’s ability to travel.

(9th Circuit Court of Appeals, Order on Motion for Stay, February 9, 2017, State of Washington and State of Minnesota v. Trump)

President Trump’s Executive Orders prohibiting entry to the US by citizens of specified blacklisted countries and cutting off all Federal grants to designated “sanctuary jurisdictions” that decline to spend their local funds and direct their employees to enforce certain Federal immigration laws have prompted a wave of litigation by individuals and, significantly, by states and cities across the US.

We welcome the increased public interest in Federal government attempts to control the free movement of free people, the new activism on the issues of freedom to travel, and the new willingness of states and municipalities to challenge restrictions on their residents’ right to travel.

There’s been much discussion and analysis of the implications of these lawsuits for these specific Executive Orders. Relatively little attention has been paid, however, to the implications for litigation over other ongoing and emerging issues of freedom to travel of what is being said, and by whom, in the litigation over the recent Executive Orders.

Here are some of our thoughts, from the trenches of more than 15 years of legal and political struggle for the right to travel, on what these cases may portend:

(more…)

IDP comments on TSA proposal to require ID to fly

Monday, January 9th, 2017

Today the Identity Project and the Cyber Privacy Project filed comments with the Transportation Security Administration opposing a stealthy TSA proposal to start requiring ID to fly.

The TSA has long harassed people who try to fly without being required to show their “Papers, Please!” at TSA checkpoints.

But the TSA’s official position in court has always been that ID is not required to fly: “You don’t have to show ID to fly. You can fly without ID. We have a procedure for that.”

You can fly without ID, if you (1) fill out and sign the obscure TSA Form 415, (2) satisfy the TSA with your answers to a bunch of questions about what’s the file about you obtained by the TSA from the commercial data broker Accurint, and (3) submit to more intrusive than standard search (“secondary screening”) as a “selectee”.

That’s the way it is, and that’s the way it’s been for years.

Now, as we reported in November of last year, the TSA is contemplating a new pattern and practice of preventing anyone from passing through a TSA checkpoint or getting on an airline flight unless either  they have ID the TSA deems acceptable, or they reside in a state that the TSA deems sufficiently compliant with the REAL-ID Act.

(more…)

The rhetoric and reality of counterterrorism

Thursday, December 8th, 2016

Remarks by President Barack Obama on the Administration’s Approach to Counterterrorism, MacDill Air Force Base, Tampa, Florida, December 6, 2016:

Let my final words to you as your Commander-in-Chief be a reminder of what it is that you’re fighting for, what it is that we are fighting for…

The United States of America is not a place where some citizens have to withstand greater scrutiny, or carry a special ID card, or prove that they’re not an enemy from within. We’re a country that has bled and struggled and sacrificed against that kind of discrimination and arbitrary rule, here in our own country and around the world.

We’re a nation that believes freedom can never be taken for granted and that each of us has a responsibility to sustain it…. We are a nation that stands for the rule of law.

That sounds great in theory. But in practice?

  • Some citizens do have to withstand greater scrutiny.  That’s the whole point of the pre-crime profiling that the Obama Administration has called “risk-based security” and that President-Elect Trump has called “extreme vetting”.
  • Under the REAL-ID Act and the TSA’s latest proposal, some citizens — those who want to exercise our right to freedom of movement and to air travel by common carrier — will have to carry a special “REAL-ID Act compliant” ID card and have our personal information added to a national ID database maintained by a private contractor that isn’t subject to government rules for transparency or accountability.
  • The DHS has held itself above the law, arguing that its actions should not be subject to judicial review and that it needs to be allowed to act secretly and unpredictably (i.e arbitrarily) in order not to reveal “rules” that would help terrorists “game” the system — as if asserting one’s legal rights was tantamount to terrorism.

We’ll be watching closely to see whether the gap between the rhetoric and reality of profiling, discrimination, rights, and rule of law widens or narrows under President-Elect Trump and his nominee for Secretary of Homeland Security, retired Marine Gen. John F. Kelly.

In the meantime, we’ll keep doing our part, as we encourage our readers to do theirs, to act on the President’s statement that “freedom can never be taken for granted and that each of us has a responsibility to sustain it.”

TSA proposes to require ID to fly

Monday, November 21st, 2016

Reversing its longstanding official position that no law or regulation requires air travelers to possess or show any ID credentials, the TSA has given notice of a new administrative requirement for all airline passengers:

In order to be allowed to pass through checkpoints operated by the TSA or TSA contractors, air travelers will be required to have been issued a REAL-ID Act compliant government-issued ID credential, or reside in a state which has been given an “extension” by the DHS of its administrative deadline for a sufficient show of compliance with the REAL-ID Act of 2005.

The TSA will still have a procedure and a form (TSA Form 415) for travelers who don’t have their ID with them at the checkpoint, typically because it has been lost or stolen or is in the process of being replaced or renewed. But that procedure will no longer be available to people who have ID from states the DHS hasn’t certified as sufficiently compliant with the REAL-ID Act, or who haven’t been issued any ID at all and who reside in noncompliant states (or outside the U.S).

To fly without showing ID, travelers will have to sign an affirmation that they have been issued a “compliant” ID (even if they don’t have that ID with them), or that they reside in a state that has been given an extension of time by the DHS for REAL-ID Act compliance.

The new TSA administrative policy requiring air travelers to certify that they have been issued with government ID credentials is not embodied in, or based on, any statute or regulation. Instead, it was buried in a “Paperwork Reduction Act” notice  issued on November 3rd and published in the Federal Register on Election Day. It was adopted neither by act of Congress nor through formal agency rulemaking, but by TSA decree. The notice cites no purported statutory authority for the new requirement. It is unlawful, violates fundamental rights, and should be rescinded.

If it is not reversed, it should be resisted: Resisted by travelers who refuse to carry or show ID at TSA checkpoints, resisted by plaintiffs in the Federal litigation against the TSA and its agents and contractors which will inevitably ensue, and resisted and challenged in litigation by states whose residents’ rights are violated because they have not been sufficiently submissive or compliant with Federal desires for their states to participate in a national ID database.

(more…)

What does Donald Trump’s election mean for our work?

Friday, November 18th, 2016

We endorsed neither Hillary Clinton, Donald Trump, nor any other candidate for elected office. So what does the presumptive election of Donald Trump as President of the U.S. — when the electors cast their ballots on December 19, 2016, and the votes are counted on January 6, 2017 — mean for the work of the Identity Project?

First and foremost, it means that our work, and the need for it, will continue — as it has under previous administrations, both Democratic and Republican.

Human and Constitutional rights are, by definition, no more dependent on the party affiliation of the President, if any, than on our own. Freedom is universal. Our defense of the right of the people to move freely in and out of the U.S. and within the country, and to go about our business, without having our movements tracked and our activities logged or having to show our papers or explain ourselves to government agents, has been and will remain entirely nonpartisan.

We will continue to criticize those who restrict our freedoms and infringe our rights, regardless of their party, just as we have criticized the actions of both the Obama and Bush administrations and of members of Congress and other officials of both parties, many of whom remain in power despite the changes at the top.

Attacks on our liberty have been, and remain, just as bipartisan as our resistance to them. This is especially true of the imperial power which the Presidency has been allowed to accrue, and which is exercised through Presidential proclamations, executive orders, and the secret law (or, to be more accurate, lawlessness) of Federal agency “discretion”. Those who acquiesced in the expansion of Presidential power and executive privilege because they thought that it would be used to their benefit by a President of their own party have only themselves to blame if that power is later used against them by a new President of a different party, or without allegiance to a traditional party hierarchy.

Many of the most imminent ID-related threats are those that arise from existing laws or extrajudicial administrative practices, the limits of which — in the absence of legislative or judicial oversight and checks and balances — are set solely by executive order. Where President Trump can make changes to ratchet up repression, to register and track both U.S. and foreign citizens, and to monitor and control our movements within the country and across borders, with the stroke of a pen, we don’t expect that he will hesitate to wield the power he has inherited to govern by issuing public decrees or by giving secret orders to his minions.

In some of these cases, Federal officials and the homeland-security industrial complex of contractors, confident that the incoming occupant of the White House will bless their efforts to anticipate has desires, may take action even before they are ordered to do so. This seems especially likely, in our area of concern, with respect to (1) the DHS implementation schedule and requirements for the REAL-ID Act,  (2) the TSA’s longstanding desire to enforce and eliminate exceptions to a de facto ID requirement for air travel that lacks any basis in statute and contravenes the U.S. Constitution and international law, and (3) expanded use of ID and surveillance-based pre-crime profiling (President-to-be Trump calls it “extreme vetting”) as the basis for control of movement, especially across borders.

We will be watching closely and reporting on signs of activity on all these fronts, some of which are already visible.

Now more than ever, we need your support — not just helping us to defend your rights, but asserting your rights and taking direct action to defend them yourselves. “The limits of tyrants are prescribed by the endurance of those whom they oppress.”

We invite you to join us in our continued resistance to all lawless attacks from any and all sides on our Constitution, our freedom, and our human rights.

DHS continues to threaten states that resist the REAL-ID Act

Thursday, October 20th, 2016

Status of REAL-ID compliance as of October 17, 2016 (Source: AAMVA.org)

Last week the Department of Homeland Security denied requests by five states for “extensions” of time to comply with the REAL-ID Act of 2005. The DHS denials of requests for extensions were accompanied by renewed threats of  restrictions on residents of those states: “Starting January 30, 2017, federal agencies and nuclear power plants may not accept for official purposes driver’s licenses and state IDs from a noncompliant state/territory without an extension,” said DHS spokesman Aaron Rodriguez in a statement.

Does this mean that a deadline is approaching? That every state except these five has “complied” with the REAL-ID Act? That these “holdouts” have no choice but to comply? That the sky will fall on these states, or their residents, if they don’t?

No, no, no, and no.

As we told the Washington Times:

Not everyone thinks states will, or should, be swayed by the federal government’s determination.

“These are not states that stand out because they are less compliant,” said Edward Hasbrouck, a spokesman for the privacy advocacy group The Identity Project.

He says Homeland Security is arbitrarily enforcing aspects of the Real ID Act by deeming states compliant even when they have not met every requirement, noting specifically few “compliant” states have met the requirement that they provide access to information contained in their motor vehicle database via electronic access to all other states.

“It’s a game of chicken, it’s a game of intimidation, and very little of it has to do with actual requirements or actual deadlines,” Mr. Hasbrouck said.

If Homeland Security, which repeatedly has pushed back compliance deadlines for Real ID, does go through with the commercial airline restrictions in 2018, Mr. Hasbrouck said he expects grounded passengers would eventually bring litigation challenging the law.

Let’s look at some of the questions skeptical citizens and state legislators ought to be asking about these DHS scare tactics:

  • How many states have complied with the REAL-ID Act? Noncompliant states are neither alone nor isolated. According to the Washington Times, “Homeland Security reports that 23 states and Washington, D.C., have met enough of the Real ID standards to be deemed in compliance with the law.” In fact, as we’ve reported previously and as we noted in the comments above, the most significant component of compliance with the REAL-ID Act is participation in the national ID database (the one the DHS keeps claiming doesn’t exist). That database, called SPEXS, is operated by a subcontractor to the American Association of Motor Vehicle Administrators (AAMVA) as a component of its S2S system. When last we checked, in February of this year, only 4 of 55 US jurisdictions (states, the District of Columbia, and US territories) had connected their state drivers license and ID databases to S2S. With the addition of the latest two states this month, the total of states participating in S2S is up to nine, as shown on the AAMVA map at the top of this article. We don’t know whether all nine of those states have implemented all the other requirements of the REAL-ID Act. But we do know that no state not participating in S2S is in compliance. So at most nine states are in compliance with the REAL-ID Act. The vast majority of jurisdictions are noncompliant. And at this rate, it will take many years, if it ever happens at all, for the DHS to whip the rest of them into line.
  • When is the deadline for states to comply with the REAL-ID Act? There is no deadline for compliance in the law itself. The DHS could set deadlines by promulgating regulations, but it could also change them in the same way, at any time, for any reason. In practice, the current DHS threats aren’t event based on DHS regulations, but on dates specified solely in DHS press releases and changeable at DHS whim.
  • What is required for DHS certification of material compliance or progress toward compliance by individual states? There are no criteria in the law. The law leaves this up to the “discretion” of the DHS, which in practice means that it can be standardless, secret, and arbitrary. DHS choices of which states to threaten are political and tactical choices about which states the DHS thinks it can intimidate, and in which order. They aren’t based, or required to be based,  on any actual measurement, checklist, or relative degree of compliance.
  • What will happen, and when will it happen, to residents of states that don’t comply sufficiently or quickly enough? Probably nothing. What the DHS will try to do, and when, is once again totally up to its discretion. There are no deadlines in the law. But as our analysis and the responses to our FOIA requests have shown, the threat to deny access to Federal facilities is a red herring.  Most workers at these facilities, for example, already have Federally-issued employee IDs, and don’t rely on state-issued IDs for entry. Members of the public generally enter these facilities to exercise various of their rights, which the DHS recognizes they have a right to do without any ID. If the DHS changes its tune, and tries to interfere with those rights, what the DHS can get away with will be determined by Federal judges in the inevitable lawsuits brought by residents of disfavored states (hopefully with the support of state governments) whose rights are interfered with on the basis of the REAL-ID Act.

National REAL-ID database replicates problems with FBI rap sheets

Thursday, June 30th, 2016

Previously unpublished information we’ve recently obtained from the contractor that developed the SPEXS database at the center of state “compliance” with the REAL-ID Act — the national database of drivers license and state ID details that the DHS and supporters of the REAL-ID Act keep claiming doesn’t exist — shed new light on how the system will work.

Unfortunately, these new documents and statements show that SPEXS will replicate many of the worst problems of poor data quality and lack of accountability of the NCIC database used by the FBI to store criminal history “rap sheets” of warrants, arrests, and dispositions of criminal cases: convictions, diversions, withdrawals, dismissals, acquittals, appellate decisions, etc.

Like SPEXS, NCIC aggregates data sourced from agencies in every state, the District of Columbia, and the US territories of Puerto Rico, the U.S. Virgin Islands, American Samoa, Guam, and the Northern Mariana Islands.  The FBI operates the aggregated database, but disclaims any responsibility for the accuracy of the data it stores, indexes, and distributes.

As we noted in our previous post, the FBI has exempted NCIC records from the requirements of the Privacy Act for accuracy, relevance to a lawful purpose, access by data subjects, and correction of errors.  That should mean that NCIC records can’t be relied on, but the Supreme Court has ruled that an entry in NCIC provides sufficient legal basis for an arrest.

NCIC is the poster child for the evil consequences of reliance on “garbage in, garbage out” aggregated and unverified data as a basis for government decision-making. Inevitably, NCIC records are riddled with errors. Law enforcement agencies are quick to report arrests and newly-issued warrants to NCIC, but have nothing to gain by ever reporting when charges are dismissed or a warrant is quashed. Who knows when some other police agency might find it convenient to rely on an NCIC record of a long-since-quashed warrant as a basis for authority to arrest and search someone who they would otherwise have to let walk away?

We know from long and bad experience with NCIC just where this leads. Innocent people are arrested every day in every state on the basis of erroneous NCIC records. SPEXS replicates the “garbage in, garbage out” unverified multi-source data aggregation model of NCIC, and will replicate its data quality and accountability problems along with its architecture.

Like NCIC, SPEXS is intended to be relied on as the basis for government decisions, specifically, enforcement of the requirement of the REAL-ID Act that a person may not have more than one valid REAL-ID Act compliant drivers license or ID at a time. We fail to see any valid purpose to this provision of the law. Given that states have different and independent licensing requirements, what harm is done by a person having independently satisfied the requirements to operate motor vehicles in more than one state, and having independently been issued credentials by these several states attesting to this fact?  But regardless of the rationale for this law, the justification for the existence of SPEXS is to enable states to refuse to issue a drivers license or state ID to a person if SPEXS shows a record of an outstanding license or ID in any other state or territory for a person believed (according to a secret SPEXS matching algorithm) to be the same person as the applicant.

The inevitable outcome is that some people’s applications for new or renewal drivers licenses or state IDs will be denied by state authorities on the basis of erroneous data in SPEXS records. Perhaps they have been mis-matched with a person in another state with the same or a similar name and date of birth. Perhaps an identity thief has used their name, DOB, and Social Security number to get a license or ID in another state. Perhaps they cancelled their license or ID in another state, but that fact wasn’t reported by that state to SPEXS, or the cancellation message wasn’t received by the SPEXS operator or wasn’t properly processed into the SPEXS database. Perhaps the expiration date of their old license or ID was mis-reported or improperly recorded. Perhaps a record was mis-coded, such as by mis-attributing a record to the wrong state. Perhaps a record of a license or ID that has since been cancelled was left in SPEXS by a state or territory that has withdrawn from SPEXS participation.

What recourse will any of these people have? Not much, not easily, and in some cases none at all.

(more…)