Secure Flight – Page 6 – Papers, Please!

Mar 23 2010

Rules of engagement for the TSA

The U.S. Senate Committee on Commerce, Science, and Transportation held a desultory hearing this morning on the nomination of retired U.S. Army Major General Robert A. Harding to be Administrator of the Transportation Security Administration and an Assistant Secretary of the U.S. Department of Homeland Security.

Despite the nominee’s exclusively military background and total lack of experience with the rights of civilian U.S. citizens, domestic civil liberties, or law enforcement, neither any of our questions nor any others about the limits of TSA authority were asked. Despite some questions about how quickly General Harding has gone back and forth through the military-industrial-government revolving door since his retirement, founding and selling a military “intelligence” consulting contractor and then serving as advisor to a venture capital firm investing in similar companies, Committee members from both sides of the aisle generally praised the nominee’s background.

General Harding, in turn, praised Secure Flight and Israeli-style vetting of would-be travelers, which typically involves both intrusive searches and compulsory responses to open-ended questioning:

We should move even more to an Israeli model where there’s more engagement with passengers.

Harding didn’t define ‘engagement’, although he used the term repeatedly. In context, though, it was clear that it would include approaching and questioning travelers.

The problem with that, of course, is that that there are no rules of engagement for TSA agents at checkpoints. No statute or regulation spells out what the TSA is allowed to demand, or what questions a would-be traveler can be required to answer as a condition of the exercise of their right to travel. Without that, the greater “engagement” that Harding wants is an unconstitutionally open-ended all-purpose general administrative warrant for search and interrogation of people who are neither suspected nor accused of any crime, have received no Miranda warnings, and are not free to leave once they enter the TSA checkpoint. Once can see why a soldier might like that, but that’s not the way civilians are supposed to be dealt with by civilian law enforcement agencies in the USA.

And near the end of his testimony, Harding gave a clue as to the importance being placed by the DHS on international lobbying:

International [air] carriers will meet in Canada in September. If I’m confirmed, the Secretary [of Homeland secuirty] would send me to that.

It’s not clear whether he was referring to IATA or ICAO — both have their secretariats in Montreal and Geneva — but the rest of the world shouldn’t be talked into imposing a US-style permission-based travel control regime just because some old soldiers from the U.S. Army like Harding think that’s the way to run the civilian travel world.

Mar 17 2010

Long reach of “Secure Flight” angers Canadians

On September 11, 2001, Canada followed the US in closing its airspace and grounding all aircraft, stranding tens of thousands of passengers on flights to and from the US (mostly on inbound flights from Europe and Asia) at airports like Gander and St. John’s, Newfoundland. The Canadian welcome and hospitality for these travelers became the stuff of legend. But ever since, Canada has struggled to retain sovereignty over its airspace in the face of US “security” demands.

Canadian privacy law was amended, under US pressure, to allow “sharing” with the US government of information contained in reservations for flights between Canada and the US. But most Canadians assumed that the role of the US in determining who is permitted to fly is limited to flights to and from the US.

This month a four-part series by Kevin Dougherty in the Montreal Gazette, syndicated across Canada in the Canwest newspaper chain, has broken open that Canadian complacency about the long reach of US claims to passenger information and “fly/no-fly” decision-making authority:

U.S. will determine who can board some Canadian flights ((March 5, 2010)
Will Secure Flight make air travel more complicated for Canadians? (March 5, 2010)
Agencies refer questions about legality of program: from Air Canada to Transport Canada to Public Safety to transport minister… (March 5, 2010)
Watching our flights: U.S. security system can deny boarding passes to Canadians flying, even briefly, over its airspace (March 6, 2010)

The series raises serious questions as to the legal basis for denying boarding to passengers on Canadian-flag aircraft not landing in the US on the basis of secret blacklists or decisions by the black-box Secure Flight system in the US.

Since publication of the Canwest series about “Secure Flight”, letters to the editor, op-ed colums, and editorials across Canada have denounced the application of the Secure Flight scheme to Canadian airlines and travelers. Many have pointed out the hypocrisy: As was made evident when all those flights were grounded on September 11th, almost all trans-Atlantic and many trans-Pacific flights to and from the US pass over Canada, but Canada demands no information about who is on those planes and asserts no authority to control who is allowed to be.

On top of all this, there’s another shoe still to fall: Canadians remain unaware that the vast majority of travel agencies, and tour operators in Canada subscribe to computerized reservation systems (CRSs) based in the US. That means all their passenger name records (PNRs) and customer profiles are stored in the USA, even for flight that go nowhere near the US. These travel agencies, tour operators, and other travel companies don’t tell their customers that they have outsourced their travel records to the USA, where the government could get them secretly from the CRS with a “National Security Letter”.

That’s a flagrant violation of the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA). Canadians should complain to their Privacy Commissioner and demand that she take action against companies — of which travel agencies are leading examples — that outsource their customer data to the US without their customers’ knowledge or consent, and without any way to know what’s done with that data once it is in the hands of CRSs in the US.

Mar 08 2010

Military spymaster to be nominated for head of the TSA

Testing the waters yesterday, White House sources leaked to Reuters and the Associated Press that President Obama plans to nominate retired Army Major General Robert A. Harding to be the Administrator of the TSA.

Harding’s 30-year career as an army officer was spent moving up through the military “intelligence” ranks, culminating as “DoD’s senior HUMINT [human intelligence] officer.” In other words, he was the U.S. military’s most senior spymaster. Following his retirement out the military-industrial revolving door (through which he would return if confirmed to head the TSA), he double-dipped by founding a military consulting and contracting company which he sold last year to private equity investors. “Harding Security Associates provides identity intelligence and other security services to the federal government, including doing work for the Department of Defense’s biometric-identification analysis and forensics.”

Many of the TSA’s practical problems and abuses of civil liberties have involved schemes like CAPPS-II (later Secure Flight) that were dreamed up by the NSA and other military intelligence agencies and “experts” unaccustomed to operating within the civilian, domestic U.S. legal regime and ignorant of transportation industry technical infrastructure and business practices. Harding’s autobiography gives no indication that he has any experience whatsoever with civilian or domestic civil liberties, with legal constraints on “intelligence gathering” (spying and surveillance) on civilians or U.S. persons or within the U.S., or with the transportation industry.

If Harding is nominated to head the TSA, his military background and lack of any track record on civilian civil liberties makes it especially critical for Senators to question him closely (we have some suggestions to start that questioning) about his views on the fundamental civil liberties and human rights issues facing the TSA, before any confirmation vote, and to resist any calls for an abbreviated or rushed review of his suitability for the position.

Feb 19 2010

Travelport becomes first CRS to claim it complies with EU privacy law

This week Travelport — the holding company that owns two of the big four Computerized Reservation Systems (CRSs) or Global Distribution Systems (GDSs) — announced that it has “certified” that it complies with “Safe Harbor” privacy and data protection principles for companies that want to be eligible to receive transfers to the US of personal data collected in the EU or Switzerland.

As travel industry technology news site Tnooz reports, quoting Identity Project consultant Edward Hasbrouck:

Travelport’s headline on its press release about the issue, “Travelport is First GDS Provider to be Safe Harbor Certified,’ may be true, but can easily be misconstrued because Safe Harbor is a self-certification process.

Privacy expert Edward Hasbrouck, who has written extensively about the issue, notes that what Travelport’s Safe Harbor designation “means is that Travelport has made a formal claim … that Travelport complies with certain Safe Harbor principles. That claim has not been vetted, audited or verified by anyone.”…

“None of the GDS companies comply with EU data protection law, or have made any effort even to pay lip service to it until now,” Hasbrouck says. … Read More →

Jan 08 2010

Lessons from the case of the man who set his underpants on fire

We’ve been having a hard time keeping up with events over the last few weeks. Every time we think the keystone cops from the Department of Homeland Security can’t come up with anything dumber to do, they prove us wrong. At this point we’re not sure who is most deserving of derision: (1) the would-be terrorist who tried but failed to explode his underpants, and succeeded only in burning his balls, (2) the goons the TSA sent to intimidate bloggers who tried to tell travelers what to expect when they got to the airport, and find out who had “leaked” the TSA’s secrets, but who left their own notebook of “secret” notes about their investigation of this and other cases behind in a public place, or (3) the TSA agents who felt so ill at the smell of honey they found in checked luggage that they checked themselves into a hospital and shut down the airport. It’s a tough call. Leave your votes, or other nominations, in the comments.

What’s most striking about the government’s response to this unsuccessful bombing attempt is the complete lack of any rational relationship between the actions that have been taken and are being proposed, any analysis of which of these and similar tactics did or did not contribute to the success or failure of the Christmas Day attack on Northwest Airlines flight 253, and any likelihood that they would make future attempts at terrorism less likely to succeed.

Now that the dust has settled a bit, perhaps it’s time to survey the security, security theater, surveillance, and travel control techniques at issue: Read More →

Nov 26 2009

“Keeping Track of Travelers’ Personal Information”

WSAV-TV has a Thanksgiving travel-season report on what they found when they used our forms and instructions to request their travel records from the DHS “Automated Targeting System”, including examples of what sorts of information are included in these records and extensive supplmentary material on their website including a 20-minute interview with Identity Project consultant Edward Hasbrouck.

Nov 02 2009

TSA nominee up for Senate questioning November 10th

The Senate Committee on Homeland Security has scheduled a hearing on Tuesday, November 10th, at 10 a.m. in Washington to consider the nomination of Erroll G. Southers to be Assistant Secretary of Homeland Security for the Transportation Security Administration.

None of the questions we think are important got asked during an earlier confirmation hearing before the Senate Commerce and Transportation Committee. If you want the nominee for TSA to have to tell us, before he is confirmed, whether or not he thinks we have a right to travel, whether TSA decisions should be subject to judicial review, and whether he thinks the government should be keeping logs of the movements of innocent people, let your Senators and the members of the Homeland Security Committee know about your concerns, before November 10th.

We’ve asked for expedited processing of our FOIA request for the TSA’s “Standard Operating Procedures” at checkpoints, in order to make it possible to ask the nominee about those procedures and which of them he would change.

Oct 27 2009

DHS Inspector General rips “TRIP” kangaroo courts

The DHS Office of the Inspector General (OIG) has released a redacted version of a report (OIG-09-103) that was provided to Congress in August, evaluating the TSA’s “Traveler Redress Inquiry Program” (TRIP). The TRIP name may be corny, but it’s also oddly accurate: it’s a system for inquiries, not answers, and as the OIG concludes it advertises more than it delivers and and often doesn’t result in real redress.

We commend Rep. Bennie Thompson, Chair of the House Homeland Security Committee, for requesting this report. It’s worth reading for giving one of the most detailed public descriptions to date as to the actual process by which a constellation of Federal agencies decide what entries to put on (and off) their “watch lists”, and who to allow to fly.

The OIG doesn’t consider the statutory, Constitutional, and international treaty-law right to travel, referring at one point to “the privilege of boarding an aircraft” (p. 68). But even within this perspective of travel as a privilege, not a right, the OIG concludes that the current redress and review procedure “is not fair” (p. 59):

This approach provides no guarantee that an impartial review of the redress complaint will occur. Instead, it ensures that the offices that initially acted on the TECS lookout and were the source of the redress-seeker’s travel difficulties will also be the final arbiters of whether the basis for the traveler’s secondary inspection is overridden…

DHS is required to offer aggrieved travelers a “fair” redress process. Impartial and objective review and adjudication of redress petitions is an essential part of any fair redress process. A process that relies exclusively on the review and consideration of redress claims by the office that was the source of the traveler’s grievance is not fair. CBP should modify its redress process in this area to provide for independent review.

Who’s watching the watchers at the DHS “Privacy” Office?

The Identity Project has joined with more than two dozen other organizations and individual experts from the Privacy Coalition in a joint letter to the House Committee on Homland Security, criticizing the DHS Privacy Office and its annual report and calling for better Congressional oversight of privacy-invasive DHS practices and the DHS Privacy Office itself.

There’s more about the letter, and the DHS response, today in the Washington Post.

We’re pleased to be part of this joint effort, and we hope Congress does more to rein in the DHS — although of course we are disappointed that DHS noncompliance with the law, the Constitution, and international treaties has made such a campaign necessary. The DHS consistently tries to exempt itself from major requirements of the Privacy Act, such as:

Obtaining personal information from the person affected, rather than from third parties.
Making personal information accessible to the person affected.
Giving people a serious opportunity to correct records about them at DHS (or collected and held by “private” entities at DHS behest and used by the DHS).
Only collecting information that is relevant to lawful purposes.
Only collecting information that is timely.
Only collecting information that is accurate.
Only collecting information about categories of individuals disclosed in formal “System of Records Notices” in the Federal Register.
Not collecting information about the First Amendment protected activities of US persons — such as who they are associating with, the books they are carrying or reading, the art or slogans or expressive insignia on their clothing or possessions, or where, why, how, and with whom they are assembling.

DHS claims for itself the ability to “exempt” itself from these statutory requirements. They do not cite any statute or court case that allows them to do so.

The DHS Privacy Office has been intimately involved in producing Federal Register filings that claim these exemptions from fundamental statutory Federal record-keeping requirements, and fail to properly disclose the extent of DHS systems of travel records. DHS travel records include information about numerous categories of people not mentioned in the SORNs, from people who pay for other people’s tickets to people whose phone numbers where entered in reservations of houseguests reconfirming flights, as well other information prohibited form collection by the Privacy Act. In this way, the Privacy Office has actively undermined the Privacy Act that they are sworn to uphold, and has been a party to criminal violations of the Privacy Act in the continued operation of these systems of records. We’ve gotten no response whatsoever to our repeated formal complaints of these crimes filed with the DHS Privacy Office.

Oct 21 2009

Why shouldn’t we have to show ID when we fly?

From time to time, people ask us, “But why don’t you want to show ID when you travel? What’s wrong with that?” There are probably as many answers to that question as there are people who resist government demands to show ID when they travel, even when it’s scary and involves some personal risk to say “No” to the TSA agents and their rent-a-cops. But for one answer among many to the question, “Why?”, we asked one of those people, Joe Williams. He responded with the following guest blog post:

Why shouldn’t we have to show ID when flying?

Because it doesn’t make us safer, it’s unconstitutional, and truly free countries don’t require it.

Long after the ID-demand policy was implemented in the summer of 1996, 9/11 proved that ID requirements don’t work. Even if you are on a no- fly list all one needs to do is: Buy a ticket in some innocent person’s name. Check in online and print that person’s boarding pass. Save that web page as a PDF and use Adobe Acrobat to change the name on the boarding pass to your own. Print it again. At the airport, use the fake boarding pass and your valid ID to get through security. At the gate use the real boarding pass to board your flight.

Being required to show ID only proves the success of al-Qaeda with fear established and freedoms violated.

Most people are not aware that freedoms in the Constitution are “inalienable & natural” meaning we were born with them. They are not government granted. Just as the U.S. Constitution represents our inalienable right to life, liberty, & freedom, so too does the TSA represent a significant threat to those God-given rights. TSA protocol is to assume all innocent people to be a threat until being cleared from a secret list. Put another way, “The innocent shall suffer the sins of the guilty.”

Previous court decisions are referenced in justifying the legalization of ID requirements which translates into; it’s OK to violate a little of the people’s freedom, just not a lot. Most people are not willing to be inconvenienced to challenge these requirements, let alone initiate a real legal battle or protest. It’s easier to show ID than to fight for one’s rights and freedom.

And when legal challenges have been made against these secret “security directives”, courts have ruled they are secret laws and barred from public scrutiny or debate. Checkpoints & ID requirements are more commonly associated with governments who suppress freedom yet we implement them in the name of safety and security. In the name of national security, government can violate peoples’ freedom. Being forced to announce one’s self is a loss of privacy and “taking away a person’s privacy renders to the government the ability to control absolutely that person.” (Ayn Rand)

“In the end, the photo ID requirement is based on the myth that we can somehow correlate identity with intent. We can’t.” (Bruce Schneier, Chief Security Technology officer of BT Global Services) Surveillance is not freedom. Having to ask for permission is not freedom. Most elected officials believe the more legislation passed exerting more government control over people, the better off society is. The Constitution was written to restrict government yet most elected officials look for ways to circumvent instead of defending the Constitution as stated in their oath of office. It is not an elected official’s job to give freedom. It’s their job to defend it.

I would rather live in a higher risk society wrapped in freedom than live as a slave in complete safety & security.

Joe Williams
concerned citizen
Atlanta, GA

“Domestic travel restrictions are the hallmark of authoritarian states, not free nations.” (Congressman Ron Paul)

“Safety from external danger is the most powerful director of national conduct. Even the ardent love of liberty will, after a time, give way to its dictates. The violent destruction of life and property incident to war — the continual effort and alarm attendant on a state of continual danger, will compel nations the most attached to liberty, to resort for repose and security, to institutions, which have a tendency to destroy their civil and political rights. To be more safe they, at length, become willing to run the risk of being less free. The institutions alluded to are STANDING ARMIES, and the correspondent appendages of military establishments.” (Alexander Hamilton, Federalist No. 8, November 20, 1787)

“We uphold Freedom by exercising it – not by restricting it.” (The Identity Project)