Papers, Please!

The Identity Project

Category Archives: Secret Law

Sep 12 2011

U.K. detains Italian citizen on basis of U.S. no-fly list

U.K. authorities have apparently detained an Italian citizen disembarking from a trans-Atlantic cruise ship at Southampton on the basis of his inclusion on the U.S. “no-fly” list.

It’s the latest in a steady series of expansions of the extra-territorial reach of U.S. travel surveillance and control, and should raise a red flag as to the dangers of the proposed intra-EU system of PNR-based travel surveillance and control.

According to news reports and a press release from his U.S. lawyer with the Council on American-Islamic relations, Michael Migliore is a 23-year-old dual citizen of the USA and Italy. He’s been trying to return to Italy, to live with his mother there. But when he tried to board a flight in Portland, Oregon, he was refused passage and eventually told he was on the U.S. “no-fly” list.

Undaunted, he took a train to New York (as of now, the DHS only applies “no-ride” controls to international Amtrak trains to and from Canada, not domestic trains) and then a cruise ship to England.

The U.S. APIS rules require cruise lines, like airlines, to get permission from CBP before allowing each passenger to board. But for some reason, they let Migliore board a ship even though they wouldn’t let him on a plane. It’s hard to see a rational reason why, if they really thought he was a terrosirt threat, unless they had an unusually precise “pre-crime” vision of what they thought he intended to do. A cruise ship crossing the Atlantic is at sea for a week, and carries thousands of passengers. Unlike airline passengers, who are reported to the FBI for detention and questioning and their flight escorted by fighter jets if they spend an unusually long time in the toilet (trying to join the Mile High Club?), cruise passengers aren’t under constant scrutiny.  It would be much easier and do much more damage for a terrorist to sabotage a cruise ship than an airliner.

But whatever their reasons, U.S. authorities allowed Mr. Migliore to board the ship departing from the U.S., but apparently alerted U.K. authorities who detained him on arrival. (His U.S. lawyer presumes he’s been detained since he hasn’t been heard from since he disembarked, but nobody has yet gotten  any formal confirmation of who is holding him, where, or why.)

Presumably, mr. Migliore would have sought to enter the U.K. as an Italian citizen. We invite our European readers to speculate in the comments as to what EU laws and rights may have been violated by the U.K. in detaining an  EU citizen on the basis of secret derogatory information from the U.S., what due process Mr. Migliore is entitled to, and what basis the U.K. will need to continue to detain him or to prevent him from returning to Italy, the country of his citizenship.

Sep 12 2011

Illegal Israeli-style traveler interrogations come to Boston

If you’re going to be flying through Logan Airport in Boston, you might want to have a copy of the Paperwork Reduction Act handy when you go through the TSA checkpoint.

The TSA has celebrated the 10th anniversary of the September 11, 2001, hijackings — two of them of flights that originated at Logan — by rolling out a new program of Israeli-style interrogations of air travelers passing through TSA checkpoints at Logan.

Rafi Ron, a former director of security at Ben-Gurion Airport in Tel Aviv, relocated to the U.S. and hung out his shingle (“New Age Security Systems”) as an airport security consultant just before September 11, 2001. His first post-9/11 U.S. client was MASSPORT, which operates Logan. Ever since, as Ron’s client list has expanded to the Massachusetts State Police (the notorious racists who patrol Logan) and then the TSA, Logan has remained the cutting edge of U.S. testbed for Ron’s Israeli-style gospel of  human profiling, from the TSA’s SPOT “behavior detection” program to the new TSA “chat-downs“.

We’re pleased that Rep. Bennie Thompson (D-MS), the ranking minority member of the House Committee on Homeland Security, has publicly questioned the TSA about the Logan pilot program.

But whether or not it’s a good idea (it’s not), the immediate problem for the TSA is that it’s illegal.

Previous case law on airport checkpoints has authorized administrative searches, but never compelled responses to administrative interrogations.  Responses to police questioning in such circumstances have been presumed by courts to be voluntary.

If the TSA’s Constitutional case for such interrogation is untested, their lack of statutory authority is clear. The Paperwork Reduction Act, — a Reagan-era Republican anti-bureaucracy law — requires that any Federal “information collection” be justified in advance to, and approved in advance by, the Office of Management and Budget. An “information collection” is defined as any solicitation — even verbally — of answers to identical questions from ten or more people by a Federal agency, which clearly covers what the TSA “Assessors” (interrogators) are doing in Boston.

OMB approval is evidence by an OMB control number provided on the form or to those being questioned. in the absence of an OMB control number, (a) the collection of information is illegal, (b)  nobody can be required to answer the questions or provide the requested information, and (c) no sanctions can be imposed for failure to respond or provide information.

The TSA has never gone through the process of seeking OMB approval, or obtained an OMB control number, for its ID verification form or any of its other information collections from travelers.

So if the TSA’s goons at logan (or anywhere else) ask you, “Who are you?”, “Where are you going?”, “What’s the purpose of your trip?”, or any of their other standard questions, ask them what the OMB control number is for their collection of that information.

If they can’t or won’t provide you with a valid OMB control number (you can look up and verify any valid OMB control number here), politely but firmly decline to answer. If necessary, remind them — it might help to show them a copy of the law — of the provisions of  44 U.S.C. § 3512:

§ 3512. Public protection

(a) Notwithstanding any other provision of law, no person shall be subject to any penalty for failing to comply with a collection of information that is subject to this subchapter if–

(1) the collection of information does not display a valid control number assigned by the Director in accordance with this subchapter; or

(2) the agency fails to inform the person who is to respond to the collection of information that such person is not required to respond to the collection of information unless it displays a valid control number.

(b) The protection provided by this section may be raised in the form of a complete defense, bar, or otherwise at any time during the agency administrative process or judicial action applicable thereto.

Document what happens, so that you can, if necessary, prove that any sanctions such as a more intrusive search, denial of passage through the checkpoint, or denial of access to common-carrier transportation were based on your refusal to provide illegally-request information without having been provided with a valid OMB control number and notice that without it you don’t have to answer.

Sep 07 2011

“Why should I care about PNR?”

Our guest post for European travelers at NoPNR.org:

Why should I care about PNR?

More for our European readers about PNR data and how it is used by governments:

What can Europeans do?

Jul 30 2011

Our reply to DHS claims that travel dossiers are exempt from the Privacy Act

Our reply brief and a supporting declaration were filed yesterday in Hasbrouck v. CBP, our Privacy Act and Freedom of Information Act (FOIA) lawsuit seeking records from and about the DHS “Automated Targeting System” of individualized government dossiers about each of the the millions of international travelers to and from the USA, including US citizens.

ATS includes complete copies of airline reservations (“Passenger Name Records” or PNRs), as well as a “risk assessment” for each would-be traveler that is used to decide whether or not to give the airline permission to transport them into, out of, or through the airspace of the USA. As Mr. Hasbrouck’s supplementary declaration supporting our latest reply brief explains:

Tens of thousands of travel agencies, airline offices, and offices of other travel companies around the world, and a million or more individual employees and contractors of these companies, have access through CRSs [Computerized Reservation Systems] or otherwise to PNR databases and the ability to enter data in PNRs. PNRs thus can, and do, contain an unlimited quantity and variety of data originating with numerous third parties around the world, some of it in the form of unstructured free text. CBP requires that, in all cases where a PNR contains a flight between a point in the U.S. and a foreign point, or overflying U.S. airspace, the entirety of the PNR — including the free-text general remarks and whatever other data has been entered by anyone with access to the PNR — must be made available to CBP for import into ATS.

PNRs can contain information about aspects of a journey other than air transportation, such as hotel reservations and other travel services, even in what are considered in travel industry jargon to be “air-only” PNRs. Information about these other travel services can be included in the “OSI” (Other System Information), and “SSR” (Special Service Request) elements of the PNR. For example, in reviewing records from ATS released to another requester by CBP, I have seen a PNR for two people, for whom the airline had reserved a hotel for an involuntary overnight layover, which included an SSR entry with a code showing whether a room with one bed or two had been requested for those two travelers. This is a normal and expected example of standard travel industry practices.

The SORNs [System Of Records Notices, required by the Privacy Act] for ATS specifically mention OSI, SSR, and “General Remarks” 10 among the “Categories of Information in the [ATS] System” and among the types of data derived from PNRs and included in ATS. “OSI” entries can be used by travel agency or airline staff with access to PNRs to enter, and to send to airlines, arbitrary free-text messages. “Remarks” in PNRs are intended to be used for an unlimited range of free-text data entry. This information can — and in some cases does — include remarks about the personal foibles of the traveler (to assist other travel agency or airline staff in dealing with the traveler), and/or derogatory descriptions of interactions with customer service staff. Travelers do not normally see the PNRs that contain information pertaining to them, and do not know or control what information has been entered about them.

Our reply brief also notes that:

Acknowledging the sensitivity of the data in PNRs, Canadian and European Union laws require that private entities that control or host PNRs allow individuals to inspect their own PNRs and obtain information about how they are used. However, U.S. law contains no such requirement.

The focus of our latest arguments is on the government’s claim that — after receiving Mr. Hasbrouck’s Privacy Act request and his appeal of the government’s failure to respond — CBP had the right to issue new regulations retroactively exempting itself from any obligation to respond to the pending request or appeal, to provide Mr. Hasbrouck any of the ATS or other records about him and his travels, to provide him with any accounting of the disclosures of those records to third parties, or to correct inaccurate records or expunge irrelevant ones. As our brief notes:

The retroactive application of the ATS and BCIS exemptions is especially egregious in this case where the processing of Hasbrouck’s Privacy Act requests was completed by CBP’s Office of Intelligence and Operation Coordination on April 2, 2009, but was then sat on for 17 months until after the exemption rules were finalized.

We also contest CBP’s failure to search for Mr. Hasbrouck’s records, in response to his request, in the same way they would if they were searching for records about him as a suspected terrorist. And we contest their refusal to disclose even the records about Mr. Hasbrouck that they admit to having found.

The next step in the case will be oral arguments on the cross-motions for summary judgment on Thursday, August 25, September 15, 2011, 1:30 p.m., before Judge Richard Seeborg (Courtroom 3, 17th Floor), U.S. District Court for the Northern District of California, Phillip Burton Federal Building and U.S. Courthouse, 450 Golden Gate Ave. (between Polk and Larkin, near Civic Center), San Francisco, CA. [Note revised hearing date of September 15th.]

It’s unlikely that any decision will be announced on the spot at the oral argument. Judge Seeborg will most likely take the written submissions and oral arguments under advisement, and issue an initial decision on the motions for summary judgment some weeks or months later. (There is no mandatory deadline for most Federal judicial decisions.)

The public is welcome to attend the oral argument, although the guards at the entrance to the courthouse require visitors to show government-issued ID. See the specific rules for electronic devices in the courthouse and additional rules and information for journalists.

Jul 25 2011

Mexico-Barcelona flight barred from overflying the U.S.

The U.S. government has yet again ordered a foreign airline, transporting foreign citizens between foreign countries, not to transport a specific foreign  passenger through U.S. airspace between foreign points.

Yet again, U.S.  authorities did this not through legal process and a judicial order such as an injunction, but through an extrajudicial administrative order to the airline.

Yet again, as with previous Air France flights between Paris and Mexico City, the “no-overfly” order was given to Aeromexico (this time for a Mexico City-Barcelona nonstop) only after the plane was in the air — this time forcing it to return to Mexico for lack of enough fuel to detour south around Florida and U.S. airspace.

And yet again, as with journalist Hernando Calvo Ospina and European Parliament legislative aide and policy analyst Paul Emile Dupret, the latest incident involved someone who appears to have been barred from U.S. airspace on the basis of their ideas rather than their actions: Mexican citizen and academic Raquel Gutiérrez Aguilar.

Gutiérrez is an author, independent journalist, activist, and professor of social sciences and humanities at BUAP (Benemérita Universidad Autónoma de Puebla) in Puebla, Mexico.

Gutiérrez tells the story in her own words in an open letter (original in Spanish; English translation) posted on a new blog she has started for discussion of her own and similar cases, “Los Non Gratos“. There’s also an analysis of the incident and its significance by law professor and expert in international human rights Craig Scott on OpenDemocracy.org.

Secret U.S. no-fly orders against passengers have also provided the basis for Air Canada to deny passage on flights whose flight plans included alternate airports in the U.S. at which they might have landed if diverted in an emergency, even if they planned neither to land in nor overfly the U.S. The legality of those decisions by Air Canada, under applicable Canadian law and international treaties to which Canada is a party, remains in doubt.  In one case, they prevented a U.K. citizen (and Muslim) from returning home from Canada to the U.K., even though his permission to remain in Canada was expiring. In a second case, they caused the reverse problem, preventing a Canadian citizen (and Muslim) from returning home from Germany to Canada, even though his permission to remain in Germany was expiring.  And in yet a third case, they prevented a U.K. citizen (and Muslim, and former prisoner released from Guantanamo and never charged with any crime in the U.S., U.K., or Canada) from coming to Canada for a speaking tour, even though no objection to his visa-free entry to Canada as a U.K. citizen had been raised by Canadian immigration officials.

Does the U.S. government think that journalists, scholars, and government staff are likely to conduct telepathic terrorist psy-ops against the U.S. from 30,000 feet if they are allowed to pass through our airspace?  Or that if the bureaucrats at the DHS are genuinely afraid of this, the proper procedure for judging this risk shouldn’t be to present the evidence, if any, to a judge, in an adversary proceeding in which the person being adjudged can hear the charges and evidence against them, be heard in their own defense, and be entitled to due process including a presumption of innocence.?

As U.S. citizens, we extend our apologies for the actions of a U.S. government that doesn’t represent us in taking such actions, our commitment to continue our work to end such U.S. government lawlessness, and our offer of any assistance we can provide (limited though that is likely to be) to Ms. Gutiérrez and any others similarly situated and seeking explanations and redress.

Jul 15 2011

Appeals Court rules TSA rules require prior notice and public comment

Today a three-judge panel of the U.S. Court of Appeals for the D.C. Circuit unanimously ruled that the TSA deployment of virtual strip-search machines is subject to the requirements of the Administrative Procedure Act for formal notice and an opportunity for public comment before it is put into effect.

[T]he TSA has advanced no justification for having failed to conduct a notice-and-comment rulemaking. We therefore remand this matter to the agency for further proceedings. Because vacating the present rule would severely disrupt an essential security operation, however, … we shall not vacate the rule, but we do nonetheless expect the agency to act promptly on remand to cure the defect in its promulgation.

The ruling came in a lawsuit by EPIC based on a petition for rulemaking in which the Identity Project had joined.

The logic of the decision would appear to apply equally to other requirements imposed on travelers at TSA checkpoints, including any mandate for travelers to identify themselves:

Read More

Jun 30 2011

TSA calls for more “ID-based screening” — but won’t say if ID will be required

At a panel at the 2011 Computers, Freedom, and Privacy conference earlier this month, TSA Special Counselor and FOIA Appeals Officer Kimberly Walton (the same person who has been stonewalling our pending FOIA appeals), made explicit that the TSA plans more “identity-based screening” (i.e. profiling).

But any “screening” based on identity requires, of course, that travelers be identified. And the TSA — knowing it has no legal authority to compel travelers to identify themselves, produce evidence of their identity, or answer questions —  has consistently claimed in court cases such as Gilmore v. Gonzales and New Mexico v. Mocek that travelers are not required to produce any evidence of their identity.

So is the TSA planning to seek new statutory authority (or start claiming it already has it) to require travelers to identify themselves, or to deny passage to those who decline to do so?

We asked Walton directly, starting at 5:45 of the video here.  Walton said she “wasn’t the person to answer that”, but didn’t say who (if anyone) was.

If the TSA is reading this (and we know they are), we’d welcome an answer. We won’t hold our breath, though.

Once again, the TSA is launching a major expansion of its claimed authority over the traveling public, seemingly without either knowing or carrying whether it has any legal basis for the power it seeks to exercise over us.

The video of the panel on the TSA (most of which focused on groping and virtual strip-searches at TSA checkpoints) starts here; complete CFP 2011 video coverage is here.

Jun 30 2011

Our arguments for disclosure of DHS travel surveillance records

Our main briefs were filed last Friday in the Privacy Act and Freedom of Information Act (FOIA) case of Hasbrouck v. CBP.

In this case, we are seeking to compel U.S. Customs and Border Protection (one of the components of the DHS) to disclose:

  1. The CBP/DHS “travel history” dossier  about Mr. Hasbrouck, compiled from airline reservations (PNRs) and other commercial and government data and contained in the (illegal) CBP “Automated Targeting System” (ATS), including “risk assessments” of Mr. Hasbrouck and the rules used to determine those risk assessments;
  2. An “accounting of disclosures”, as required by the Privacy Act, showing which other government agencies or other third parties have been given access to which of this data, and when; and
  3. General information about how ATS data is indexed and retrieved.

Our main argument for summary judgment in our favor (and in opposition to CBP’s cross-motion) is contained in our proposed order, supporting brief, and Mr. Hasbrouck’s supporting declaration. Additional supporting declarations and exhibits are linked here.  Following reply briefs to be filed next month by each side, oral argument is scheduled for August 25th in Federal District Court in San Francisco.

Jun 07 2011

DHS moves to dismiss our Privacy Act lawsuit

Late last Friday, June 3rd, the U.S. government filed a motion for summary judgment against us in our Privacy Act and FOIA lawsuit for records from the government’s files of records of our international travels.  The government’s motion and supporting affidavits and exhibits are posted here.

We won’t try to give a detailed response right now. Our answer to the government’s motion, and our own motion for summary judgment, are due to be filed with the court by June 24th. Reply briefs for each side will follow, and then oral argument is scheduled for August 25, 2011 [note change from originally scheduled date], in San Francisco.

We’ve posted the government’s pleadings for informational purposes, but they should not be accepted as accurately representing either the facts or the law. As we expected, the government’s argument is a mix of lies about the facts and claims that nobody — not even a U.S. citizen — has any rights under the Privacy Act to see what’s in the DHS dossier about their travels, or how it is used.

We look forward to seeing the DHS in court on August 25th.

Jun 03 2011

U.S. Embassy confiscates citizen’s passport so he can’t come home

In a new twist on the control of movement through control of issuance of ID credentials, the Associated Press reports that a U.S. citizen has been trapped in Kuwait after the local U.S. Embassy summarily confiscated his passport:

Aziz Nouhaili, a naturalized U.S. citizen from Morocco, has been trying for nearly four months to get home from Kuwait, where he worked for several years as a military contractor…. Kuwaiti officials have made clear they will allow Nouhaili to leave only if he has a valid U.S. passport.

Kuwait is a party to the International Covenant on Civil and Political Rights (ICCPR), which provides in its Article 12 that, “Everyone shall be free to leave any country, including his own,” and “No one shall be arbitrarily deprived of the right to enter his own country.”

Regardless of his citizenship or whether he has any passport, Mr. Nouhali is entitled by black-letter international treaty law, expressly acceded to by the Kuwaiti monarchy, to leave Kuwait.

As long as Mr. Nouhali is a U.S. citizen (which appears to be undisputed, at least as of now), the proper course of action for the U.S. State Department, if Kuwait refuses to allow Mr. Nouhali to leave, is a formal diplomatic protest by the U.S. to the Kuwaiti government, followed by a formal complaint to the U.N. Human Right Committee if Kuwait persists in denying Mr. Nouhali’s right to leave.

Mr. Nouhali’s treatment also highlights the significance of State Department or DHS passport issuance procedures and decisions to deny, withhold, or confiscate a passport as tantamount to decisions on whether to permit individual citizens to exercise their right to travel.

Instead of helping Mr. Nouhali to exercise his rights as a U.S. citizen, however, the U.S. government is helping to deny him his rights. A  press release from the Council on American-Islamic Relations (CAIR) says that: Read More