Papers, Please!

The Identity Project

Category Archives: Secret Law

Feb 25 2010

DHS accomplices face legal liability

The most recently filed lawsuit to result from detention of a would-be traveler at a TSA checkpoint highlights an interesting pattern:

While Federal departments themselves, and their agents in their official capacities, have thus far largely escaped legal liability for interference with travelers’ rights, multiple lawsuits against individuals who have enforced secret DHS directives — including DHS officers in their individual capacities as well as city, state, and tribal police acting as their accomplices and/or at their behest — are moving forward.  Yet at the same time, the DHS continues to use local law enforcement officers to carry out its secret orders, and has in some cases revealed policies directing DHS agents to take a literal “hands-off” attitude themselves, even while calling in local police to enforce what are at root (illegal) Federal orders.

Here’s a round-up of some pending cases across the country, leading up to the latest, with apologies for the sometimes tortured procedural histories which tend to characterize such cases and obscure the real issues: Read More

Feb 23 2010

DHS using ICAO again for policy laundering

News reports about recent diplomatic initiatives by the US Department of Homeland Security suggest that the DHS may once again be using the International Civil Aviation Organization (ICAO) as a vehicle for policy laundering.

In the past, ICAO has been the focus of attention for its role in the imposition of RFID passports and the associated systems of automated monitoring and control of international travel.

Now, the DHS appears to be trying to use ICAO as the vehicle through which to impose its ideas of passenger searching (virtual strip-search machines) and passenger surveillance (pre-flight government access to PNR data and its use in conjunction with identity-linked travel histories and personal profiles for control of who is allowed to fly)  as global norms.

Secretary of Homeland Security Napolitano, accompanied by Asst. Secretary for Policy David Heyman (successor to former NSA and DHS attorney Stewart Baker), has been barnstorming the globe in pursuit of this agenda over the last month.  She met with ICAO officials and their airline industry partners at IATA in Geneva, attended a regional European ministerial meeting on aviation security in Spain which issued a joint statement agreeing to “Promote international co-ordination … through ICAO”, followed by a regional ICAO meeting in Mexico for the Americas and the Caribbean (attended by ICAO’s Secretary General) which declared participating goverments’ commitment to “systematically collaborate within ICAO… with a view to convene both international expert and intergovernmental meetings to agree upon actions in the following fields:”

  • Broaden existing cooperation mechanisms among our countries and with other parties to the Chicago Convention, and the civil aviation industry, for information exchange …
  • Share best practices in a range of areas related to civil aviation, such as … screening and inspection techniques, airport security, behavioral detection, passenger targeting analysis…
  • Utilize modern technologies to detect prohibited materials and to prevent the carriage of such materials on board aircraft.
  • Transmit in a timely manner passengers’ information prior to takeoff to effectively support screening … as well as develop and improve compatible systems for the collection and use of advance passenger information (API) and passenger name record (PNR) information.

In a detailed video news release, Napolitano herself described this as “an unprecedented international initiative” centered on “a series of regional meetings around the globe facilitated by ICAO”:

There were four broad areas for discussion: Information sharing, passenger vetting, technology, and international standards…. Look for announcement in each of these four areas in the weeks ahead.

The agenda and the forum could not be more clear: Unless defenders of civil liberties and human rights mobilize effective opposition, the goal of the US and the DHS is for ICAO to put forward “international standards”, effectuated by national laws on “compliance with standards”, which will mandate virtual strip-search machines (“modern technology”), worldwide government access to PNR data, and government “vetting” (identity-based and permission-based control) of international air travelers.  That is perfectly in line with the 10-year plan of ICAO’s working group on Machine-Readable Travel Documents (MRTD), “MRTD Vision 2020,” as laid out in the latest ICAO MRTD Report.

ICAO is a UN-affiliated intergovernmental organizing most of whose decisions are made in invitation-only working groups. The interests of citizens are supposed to be represented in ICAO decision-making by their national governments, but national delegations to ICAO are invariably drawn from security, surveillance, law enforcement, and aviation regulatory agencies, and have never included representatives of data protection, civil liberties, or human rights authorities.

In effect, ICAO’s decisions reflect the desires of the world’s police.  By enacting national laws requiring “compliance” with ICAO “standards”, national governments can effectively outsource national law-making to those police, while justifying repressive measures (which their own representatives have proposed and championed at ICAO) as being the reult of an extenral, international mandate for which they aren’t responsible. Policy laundering.

ICAO’s importance to the DHS (and its counterparts in Europe and elsewhere) is heightened by the likelihood that, in the wake of the precedent set by its rejection of the SWIFT agreement on financial transaction data sharing with the US government, the European Parliament will reject the similar PNR agreement for travel transaction data sharing with the US government. The DHS had been pressuring the Europarl to fast-track approval of the PNR agreement. With the writing on the wall that the PNR agreement is headed for defeat in the Europarl, the DHS is already making it clear that ICAO standards are their back-door “Plan B” for how to impose a global PNR and identity-based travel sureveillance and control regime.  They are losing in Brussels, so they are trying to shift to more “Big Brother friendly” ICAO forums in Geneva and Montreal.

ICAO draws on invited technical experts from the aviation industry, but unfortunately their interests in surveillance for commercial purposes coincide with those of the police in the same surveillance for political purposes. Airlines and other travel companies are happy to help governments monitor travelers, as long as they get get paid for collecting the data and are allowed to use it themselves too. We’ve heard them tell ICAO so in so many words.

ICAO’s dual secretariats in Montreal and Geneva, and its process in which most decisions have effectively been made before they are presented to rubber-stamp plenaries, makes effective civil society participation difficult without long-term commitment and international cooperation.  A useful model is provided by environmental activists, who have formed a single-issue international NGO coalition for the sole purpose of obtaining accreditation and observer status with ICAO. Despite previous joint appeals to ICAO by an ad hoc international civil liberties coalition, human rights groups haven’t yet formalized their coalition or sought observer status with ICAO, and have had no presence at ICAO meetings or working groups.

If you are interested in working with the Identity Project to get our voices heard at ICAO, please get in touch — before its too late.

Feb 19 2010

TSA, DHS unresponsive to human rights complaints

After two months, we’ve gotten an initial round of non-responses from the DHS and TSA to our complaint that their procedures for subjecting holders of certain passports to more intrusive search and/or interrogation as a condition of domestic common-carrier air travel violate published TSA civil rights policies, Federal laws, Constitutional rights, and rights guaranteed by international human rights treaties.

The Director of the TSA’s Office of Civil Rights and Liberties refers vaguely and inaccurately to “our letter expressing concerns about recent press reports” (in fact, our letter said nothing about any press reports), but makes no mention of our complaint that specific TSA practices and procedures are illegal, or what if anything any TSA or DHS compliance, oversight, or enforcement office intends to do about it.

The closest they come to engaging with the basis of our complaint is a sentence only a lawyer could love: “Please note that a passport-issuing country is not coextensive with a person’s national origin.”  It remains to be seen what they think is better evidence of national origin than a passport.  Will they issue yet another new travel credential by which someone with a Pakistani passport can establish, for example, that their nation of “origin” is India, and thus that they are not “from” a “country of interest”?  Or vice versa? What are they thinking?

They also completely ignore our mention of international treaties, which are likely to become a growing issue not just for the DHS and TSA but for their counterparts imposing similar restrictions on freedom of movement in other countries, such as mandatory submission to virtual strip searches.

We’ve sent the TSA and DHS a follow-up letter reminding them that we still expect, and are entitled to, a response.

Meanwhile, the DHS has announced similar procedures for more intrusive search and perhaps interrogation of travelers “coming from” a larger list of “countries of interest”.    It’s unclear — since of course the procedures aren’t enforceable rules and are being kept secret, whether “coming from” means having flown directly from, having visited earlier on the same trip, having visited within a specified time period (the life of the current passport?), having ever in one’s life visited, or carrying a passport issued by any of these countries.  These new procedures have prompted a more recent joint complaint similar to ours from a broad coalition of civil rights organizations, as well as separate complaints from some of these groups.

Feb 12 2010

Exporting anti-democracy

As the Winter Olympics open in Vancouver, a Canadian coalition led by the International Civil Liberties Monitoring Group has released a timely Report of the Information Clearinghouse on Border Controls and Infringements to Travellers’ Rights on the human rights issues faced by travellers to, from, and within Canada, based on two years of research and reports submitted to their ongoing monitoring project.

It’s an extremely valuable work of research and reporting, worth reading on its own right and for the comparisons with border controls and infringements to travelers’ rights in the USA.

One thing that stands out clearly in the report is the extent to which these infringements of Canadian travelers’ rights — even those traveling entirely within Canada, or between Canada and countries other than the USA — result from cross-border pressure by the US government, the enforcement by Canadian authorities and airlines of directives from the USA, and the adoption by the Canadian government and travel companies of systems modeled on those of the USA.

There’s an important lesson in the cases studies in the report and on the project website for Canadians and citizens of other countries: This is where your civil liberties end up when you allow the dicta of “homeland security” for the USA to override your own national principles and international commitments to human rights.

Let us all learn from this example not to make the new travel surveillance and control norms of the USA the new norms of the world.

Feb 08 2010

DHS exempts dossiers used for “targeting” from the Privacy Act

In a final rule published last week at 75 Federal Register 5487-5481, the Customs and Border Protection (CBP) division of the Department of Homeland Security has exempted most of the data used by the illegal “Automated Targeting System – Passenger” (ATS-P) from the various requirements of the Privacy Act that information used to make decisions about individuals must be accessible to them on request, accurate, relevant, collected directly from the data subjects whenever possible, and so forth.

The proposal to exempt ATS records from the Privacy Act has been pending for more than two years. In the final rule, the Obama administration adopts, with no changes whatsoever, all of the exemptions proposed by the DHS under the previous administration.  The analysis accompanying the final rule acknowledges, but dismisses more or less out of hand, our comments from two years ago objecting to the proposed exemptions as illegal.  (These followed two sets of comments we filed in 2006, when the ATS itself was first disclosed, objecting to the entire system as illegal.)

On the same day last week, the DHS published a separate final rule similarly exempting from the Privacy Act portions of the “Border Crossing Information” (BCI) system, a log of each person’s entries to and exits from the U.S. which was first disclosed as a part of ATS before being declared a separate system of records. The final BCI exemption rule similarly adopted all of the proposals the previous administration has proposed in 2008, and dismissed our objections to its illegality out of hand.

You can still request your own ATS and other travel records from the DHS.  Even if the newly-promulgated exemptions are upheld, they leave you entitled to substantial portions of your ATS dossier.  We are continuing to pursue our own pending Privacy Act requests and appeals, some of which are themselves more than two years old and all of which were made before the new exemptions were finalized and thus are not subject to the “exemptions”.

The Privacy Act gives agencies the authority to exempt certain types of information, by rulemaking, from certain of the requirements of the Privacy Act.  The rules published last week are, however, the first time that the DHS has attempted to  exercise this authority with request to ATS records.

In the meantime, the CBP has simply ignored the Privacy Act and its lack of exemptions entirely: Every response we have seen to a request pursuant to the Privacy Act for PNR or other ATS data has been processed by the CBP under the Freedom of Information Act (FOIA) instead of the Privacy Act.  Information exempt from disclosure under FOIA has been withheld or redacted, citing specific FOIA exemptions, even when that same information was required by the Privacy Act to be disclosed. This has been in flagrant violation of the Privacy Act, which has different disclosure requirements and exemptions which only partially overlap with those of FOIA. So far as we know, however, CBP and DHS have never responded to a Privacy Act appeal of these wihtholdings and redactions at all — some of our Privacy Act appeals are more than two years old — and while there have been several lawsuits under FOIA concerning ATS data, there have been none yet under the Privacy Act.

Our primary objection is to the very existence of a system under which the government requires common carriers to identify each would-be traveler and get the government’s permission (“clearance”) before they can travel.  Such a scheme is made far worse, however, when those “fly/no-fly” or “cleared/inhibited/not cleared” decisions are made not only in secret by unknown bureaucrats, not judges, and on the basis of secret files about each citizen.

The new exemptions, applicable to future requests for ATS records, are sweeping.  But we are particularly disturbed that the exemption rules purport to authorize the DHS to collect and use an entirely undefined and open-ended category of commercial data obtained from airlines as part of their Passenger Name Records (PNR), and withhold that commercial data, on grounds of “business confidentiality”, from the would-be travelers against whom it is used.

That exemption for commercial data in PNRs creates a limitless loophole through which the DHS could secretly make use, in passenger profiling and “targeting” decisions, of commercial data of any sort.  As long as it is channeled to the DHS through inclusion in PNRs (which as commercial records are themselves subject to no U.S. privacy or disclosure requirements at all), the DHS could base passenger “targeting” decisions on derogatory free-text remarks by customer service representatives, commercial blacklists, credit scores, or records or ratings by data aggregators.  But those are not legal grounds to prevent travel by common carrier.

Jan 08 2010

Lessons from the case of the man who set his underpants on fire

We’ve been having a hard time keeping up with events over the last few weeks. Every time we think the keystone cops from the Department of Homeland Security can’t come up with anything dumber to do, they prove us wrong. At this point we’re not sure who is most deserving of derision: (1) the would-be terrorist who tried but failed to explode his underpants, and succeeded only in burning his balls, (2) the goons the TSA sent to intimidate bloggers who tried to tell travelers what to expect when they got to the airport, and find out who had “leaked” the TSA’s secrets, but who left their own notebook of “secret” notes about their investigation of this and other cases behind in a public place, or (3) the TSA agents who felt so ill at the smell of honey they found in checked luggage that they checked themselves into a hospital and shut down the airport. It’s a tough call. Leave your votes, or other nominations, in the comments.

What’s most striking about the government’s response to this unsuccessful bombing attempt is the complete lack of any rational relationship between the actions that have been taken and are being proposed, any analysis of which of these and similar tactics did or did not contribute to the success or failure of the Christmas Day attack on Northwest Airlines flight 253, and any likelihood that they would make future attempts at terrorism less likely to succeed.

Now that the dust has settled a bit, perhaps it’s time to survey the security, security theater, surveillance, and travel control techniques at issue: Read More

Dec 16 2009

He’s got a little list (and we’re on it)

TSA Acting Administrator Gail Rossides testified today before the Subcommittee on Transportation and Infrastructure of the House Homeland Security Committee.  You can watch the archived video from the public portion of the hearing yourself; a closed subcommittee “executive session” with Acting Administrator Rossides followed. In addition to the anticipated spat over the TSA’s refusal to show the SOP to the members of the Congressional Committee, as the law requires, here are some things we thought were noteworthy:

  • Rossides claimed that the unredacted version of the TSA’s Screening Management Standard Operating Procedures was “removed within hours” after the TSA learned last Sunday, December 6th, that it had been posted on a federal website at fbo.gov. That’s not true: it was available on the same site, although at a slightly more obscure URL, for several more days.
  • Rossides mentioned that the TSA has “12 other SOPs”.  We’ve already filed a FOIA request for the two other SOPs whose names we now know (the “Checkpoint Screening SOP” and the “Checked Baggage Screening SOP”).  We’re following up with a FOIA request for all TSA SOPs regardless of what they are called. We’ll ask for the other ten by name as soon as we learn their names.  If you know, and you’d like to play, “Name that SOP”, leave a comment or send us a message.
  • Rossides claimed that there had been “6 updates that had very significant changes” to the Screening Management SOP since the version that was posted.  But she wasn’t asked about, and didn’t repeat under oath, the TSA’s earlier claims that the version they posted (which matched the version number, date, and text of the redacted excerpts they sent us in response to our earlier FOIA request) “was neither implemented nor issued to the workforce”, or if that was true, why it posted or provided to us. We’re currently waiting for the TSA to act on our appeal of their stonewalling of our FOIA request for the most recent version of the Screening Management SOP, so that we can compare it.
  • Rossides said she had “asked that we not release any other SOPs until we’ve completed a review.”  It wasn’t clear who she was referring to, but the only current effort to have any SOPs released are our and others’ similar FOIA requests.  In that context, Rossides appears to have been describing a directive, from the top, to stonewall those requests — which is exactly what seems to have been happening.  Rossides’ testimony could come back to haunt her, and the TSA, if the “good faith” and/or “diligence” of the TSA’s processing of FOIA requests for the SOPs becomes an issue in FOIA litigation.  If Rossides’ legal advisors know what’s good for the agency, they’ll have her issue a prompt, public disavowal of this statement, and a public overriding directive to the TSA FOIA office to process requests for the SOPs, like all other requests, in accordance with the law.
  • The blatant discrimination in the SOP wasn’t mentioned by anyone.
  • In response to a specific question about whether any effort was being made to identify who had downloaded the documents posted by the TSA, Rossides said that, “I believe that is part of what the [DHS] Inspector General is looking at…. The Inspector General has a list of those who have downloaded it and have it on their websites. We do know that.”  Rossides wasn’t asked, and didn’t say, what, if anything, the TSA or IG might do with that list.  But since we’re on that list — in good company with many others, of course — we’d love to know.

There’s more about the hearing on Flyertalk, where the unredacted SOP first came to light, and from a Flyertalk regular and blogger who spread the news further afield, and attended today’s hearing.

Dec 16 2009

TSA won’t tell Congress what its procedures are

Today the Acting Director of the TSA is scheduled to appear before a Congressional subcommittee to testify about the posting of an unredacted version of the TSA’s “Screning Management Standard Operating Procedures (SOP)” on a government website.   (Confirmation of President Obama’s nominee for TSA Director has been held up by questions about whether he would allow TSA screeners to unionize.)

Members of the Committee have already asked questions about whether the TSA will ignore the First Amendment and prosecute people who legally reposted the information released by the government. On the other hand, we doubt that they will ask about the blatantly discriminatory and illegal provisions in the SOP, even though we’ve discussed our complaint with the subcommittee’s staff and made sure they had a copy.

We had to fight to get even censored excerpts from the Screening Management SOP in response to our earlier FOIA requests and appeals, and we’re not surprised that the TSA is stonewalling our current appeal for the complete current version. This morning, the Washington Times reports that the TSA is resisting showing the current SOP even to Congress:

[W]hen Gale Rossides, acting administrator of the Transportation Security Administration (TSA), testifies before a House panel Wednesday, key members say they will press for a copy of what the government says is a newer, more secretive manual to examine for themselves.

Rep. Charlie Dent, Pennsylvania Republican and ranking member of the House of Homeland Security subcommittee on transportation security and infrastructure protection, along with Rep. Gus Bilirakis, Florida Republican and ranking member of the investigations and oversight subcommittee, asked for a copy of the current version in a letter to Ms. Rossides on Friday.

But the agency is stonewalling and allowed only select committee staffers to review the new manual and its half-dozen revisions for one hour on Monday.

Mr. Dent questions whether the revisions are as substantial as the TSA claims, why mitigation efforts are being put in place if there are no new risks exposed by the leak, and why Congress can’t have a copy.

Today’s hearing will be webcast, and we’ll be watching with interest.

Dec 13 2009

Congress members: “Kill the messenger!”

Three members of Congress have sent a joint letter to Secretary of Homeland Security Janet Napolitano about the posting of a version of the TSA’s Screening Management Standard Operating Procedures on a Federal government website.  (We’re still pursuing our FOIA appeal for the current version and related documents, which the TSA has been stonewalling, as well as our complaint against the blatantly discriminatory portions of the procedures.)

The signers of the letter to the DHS Secretary include Rep. Pete King, ranking Republican members of the House Homeland Security Committee, which has scheduled a hearing on the release of the TSA procedures this Wednesday, December 16, 2009.  (The Committee’s Chairman has already sent the TSA some questions of his own in advance of the hearing.)

Among the questions the three Representatives ask are the following:

6. How has the Department of Homeland Security and the Transportation Security Administration addressed the repeated reposting of this security manual to other websites and what legal action, if any, can be taken to compel its removal?

7. Is the Department considering issuing new regulations pursuant to its authority in section 114 of title 49, United States Code, and are criminal penalties necessary or desirable to ensure such information is not reposted in the future?

Perhaps these members of Congress haven’t bothered to read the current law that protects the right to “use” (such as by removing the black blocks that were coded to appear over portions of the document) and “redissemination” of documents (such as by reposting on other websites), once they are made available to the public as this one was on a public government website:

44 U.S.C. 3506(d)

With respect to information dissemination, each agency shall—

(1) ensure that the public has timely and equitable access to the agency’s public information, including ensuring such access through—
(A) encouraging a diversity of public and private sources for information based on government public information;
(B) in cases in which the agency provides public information maintained in electronic format, providing timely and equitable access to the underlying data (in whole or in part); and
(C) agency dissemination of public information in an efficient, effective, and economical manner;

(2) regularly solicit and consider public input on the agency’s information dissemination activities;

(3) provide adequate notice when initiating, substantially modifying, or terminating significant information dissemination products; and

(4) not, except where specifically authorized by statute—
(A) establish an exclusive, restricted, or other distribution arrangement that interferes with timely and equitable availability of public information to the public;
(B) restrict or regulate the use, resale, or redissemination of public information by the public;
(C) charge fees or royalties for resale or redissemination of public information; or
(D) establish user fees for public information that exceed the cost of dissemination.

Dec 13 2009

FBI reveals claimed No-Fly criteria

In the course of testimony before the Senate Homeland Security Committee, the Director of the FBI’s “Terrorist Screening Center” (TSC) has, for the first time, stated publicly what the government claims to be the “substantive derogatory criteria” used in the (secret, non-adversarial, extra-judicial) process of determining whether to place a name on the “No-Fly” list, i.e to deny a person their Constitutional and human rights to travel, as well as some tidbits about how that decision-making process works.

We wonder about the cadre of people Director Healy of the TSC is describing: Federal employees (your tax dollars at work!) who spend their working hours, day after day, in some secret room in a secret FBI facility, reviewing one dossier of one-sided “derogatory” information after another, never meeting or communicating with any of the people they judge, and deciding based solely on the dossier (including the records about the subject and their travel history from the “Automated Targeting System”) whether or not to “permit” that person to continue to exercise their rights.

Until someone from this team comes forward to talk about their work, the closest we can come to understanding what it might be like may be the Federal bureaucrats of an earlier era of infamy whose job it was to evaluate interned Japanese-Americans to decide which to allow out of the camps, which to allow to live where in the country, and which to allow to hold which jobs.  Their story is told by Prof. Eric Muller (isthatlegal.org) of the University of North Carolina Law School in American Inquisition: The Hunt for Japanese American Disloyalty in World War II. But unlike today’s TSC staff, they were able to interview and/or see responses to questionnaires completed by internees, rather than judging completely in the dark, from the file of “derog” alone.

If anyone at the TSC wants to talk about their job, we’re all ears. In the meantime, here’s what the head of the TSC had to say about their work:  Read More