Papers, Please!

The Identity Project

Category Archives: Surveillance State

Jan 24 2014

Defendants in “no-fly” case ignore judge’s deadline to make their arguments public

Last week Judge William Alsup ordered the parties to Dr. Rahinah Ibrahim’s lawsuit challenging her placement on the US government’s no-fly list to file redacted public versions, by noon today, of the “sealed” briefs and replies they submitted following the trial in the case last month.  These briefs included each side’s proposals of what factual and legal findings they believed the judge should make.

Shortly before noon  today, Dr. Ibrahim’s lawyers filed redacted (but nonetheless interesting) versions of their sealed post-trial briefs:

More than an hour after the deadline, nothing had been filed by the defendants, and no explanation had been given. (See the comments below and follow-up articles for updates.) It remains to be seen if the defendants are merely late, if they are ignoring Judge Alsup’s order, or if they are on their way to the 9th Circuit Court of Appeals to seek an emergency writ or stay pending appeal.

Additional information about why Dr. Ibrahim’s daughter Ms. Raihan binti Mustafa Kamal, a US-born citizen, was prevented from flying to the US to testify at her mother’s trial, is due to be made public next Tuesaday, Jan. 28th. Judge Alsup has ordered the government defendants to file a redacted public version of the sworn declaration submitted by Ms. Maureen Dugan, the director of the CBP National Targeting Center and the sole witness at the post-trial hearing concerning what happened to Ms. Mustafa Kamal.

Read More

Jan 22 2014

Judge orders more disclosure about what happened to daughter of plaintiff in “no-fly” trial

One of the most disturbing aspects of the trial last month in Dr. Rahinah Ibrahim’s lawsuit challenging her placement on the US government’s “no-fly” list was what happened to Dr. Ibrahim’s daughter, Ms. Raihan binti Mustafa Kamal.

Ms. Mustafa Kamal, a lawyer and member of the Malaysian bar, was born in the US and is a US citizen.  She accompanied her mother to the airport in Kuala Lumpur in March 2005 when, after having been allowed to travel from the US to Malaysia (and after being assured that the “mistake” that led to her arrest when she tried to leave San Francisco had been corrected), Dr. Ibrahim was prevented from board a flight back to the US.

The government defendants had been notified that Ms. Mustafa Kamal might testify at her mother’s trial, as an eyewitness to these events.  But the day before the trial, when Ms. Mustafa Kamal tried to board a flight in K.L. that would connect her to San Francisco, she was denied boarding as a result of a message sent to the airline by US Customs and Border Protection (CBP), one of the defendants in the lawsuit. Ms. Mustafa Kamal never made it to the US for her mother’s trial.

The afternoon following the conclusion of the trial, Judge William Alsup held a hearing behind closed doors at which the government defendants presented a written declaration and in-person testimony about what happened to Ms. Mustafa Kamal from Maureen Dugan, Director of the CBP’s “National Targeting Center” in Reston, Virginia.  That declaration and that testimony are likely to have provided the most detailed explanation yet provided in any US legal proceeding as to the mechanisms by which an entry on a “watchlist” is translated into messages to, and action by, an airline that denies boarding to an individual.

After this hearing, Judge Alsup offered Dr. Ibrahim opportunities to request that he re-open the case the presentation of evidence to allow Ms. Mustafa Kamal time to make another attempt to travel to the US to testify. But Dr. Ibrahim’s lawyers declined that offer:

At the closed hearing on Friday, December 6, 2013, regarding the travel difficulties of plaintiff’s daughter, Raihan Mustafa Kamal, the Court allowed plaintiff the opportunity to consider whether to re-open evidence for Ms. Mustafa Kamal to testify. Because of concerns about the safety and liberty of Ms. Mustafa Kamal were she to attempt to travel to the United States, plaintiff elects to proceed on the evidence presented at the trial.

As we noted at the time, the most obvious potential concern for Ms. Mustafa Kamal is that she might be allowed to fly to the US, but then not allowed to return to Malaysia, where she lives and works.

The transcript of the December 6, 2013 hearing, along with the rest of the transcripts of closed portions of the trial, remains sealed, at least for now, pending the possibility of government appeals. In addition, despite Judge Alsup’s orders that any sealed written filings in the case musty be accompanied by versions redacted for publication or public summaries, no public summary or redacted version of Ms. Dugan’s declaration has been filed.

Judge Alsup has now ordered the government defendants to file a public version of Ms. Dugan’s declaration about what happened to Ms. Mustafa Kamal by January 28, 2013.  We expect that the government’s redactions will, as usual, be excessive and unjustified. But at a minimum, this will compel the government to further refine exactly what about this case it thinks need to be kept secret from the public, and why.

Jan 13 2014

TSA thinks Congress can override international treaties

Dismissing formal objections filed by the Identity Project and other organizations, the TSA has decided to go ahead with its “Pre-Check” (Pre-Crime) scheme to collect and use even more comprehensive secret dossiers about travelers as part of the inputs to the TSA “black box” that decides whether you are allowed to fly, and if so, how intrusively you and your luggage will be searched as a condition of exercising your right to travel.

In the TSA’s initial proposal and request for comments, it stated the outcome of its “public consultation” as a fait accompli. The “notice and comment” process was a sham, and  the TSA brushed off our objections.

Most of the analysis accompanying the “final rule” exempting the new data elements in TSA files about travelers from the Privacy Act was devoted to why the TSA isn’t even pretending to consult the public about its procedures for deciding who to search and how intrusively.  “No new substantive burden or impediment for any traveler has been created,” the TSA claims, by requiring submission to more intrusive search as a condition of travel. You don’t find having your genitals groped a burden or your body viewed as though naked a “burden”, do you? If so, you must have deserved the TSA’s suspicion in the first place.  And as long as most people find it a convenience, it’s OK if others’ rights are denied:

Contrary to some commenters’ assertion that the TSA PreCheckTM Application Program infringes upon an individual’s right to travel, this program will provide an added convenience to the majority of the traveling public.

Most disturbingly, the TSA had this to say in response to our objections to the Pre-Check pre-crime scheme based on the First Amendment to the Constitution and the International Covenant on Civil and Political Rights:

Several commenters objected that the TSA PreCheckTM Application Program violates the U.S. Constitution or international treaty. DHS disagrees with the commenters as to the Constitutionality of the program, and notes that the treaty cited by an advocacy group expressly contradicts the position taken by the commenter by excluding requirements provided by law or necessary for national security from the treaty’s proscription.

So the TSA claims that the ICCPR permits exceptions either allowed by national law OR necessary for national security.  The ICCPR says no such thing.  Any exceptions to Article 12 of the ICCPR must be provided by law  necessary for national security (i.e. actually effective and the least restriction such alternative, which the TSA hasn’t shown) AND must be consistent with the other provisions of the treaty (such as Article 17 on the right to privacy).

This is not a new (false) claim by the DHS about the relationship of international treaties to US law. The DHS made the same claims in response to some of our previous complaints of violations of the ICCPR, as we pointed out in an (as yet unanswered) letter requesting review of those responses.

In claiming to believe that Congress can override international treaty obligations, the TSA demonstrates its disregard for the Constitution, which makes treaties as much “the law of the land” as is the Constitution itself, above any power of derogation by statute. In its failure to understand the ICCPR and the basic heirarchy of Constitutional and treaty law, the TSA also evinces its failure to fulfill the orders of the President for it and all other agencies to, “maintain a current awareness of United States international human rights obligations that are relevant to their functions and … perform such functions so as to respect and implement those obligations fully.”

Read More

Jan 07 2014

Where is the Citizens’ Commission to Investigate the DHS?

“Democracy needs whistleblowers. That’s why I broke into the FBI in 1971,” begins an op-ed by Bonnie Raines, one of the members of the previously-anonymous “Citizens’ Commission to Investigate the FBI” who took the spotlight today through public appearances and interviews and the publication of a new book about their 1971 action, The Burglary, by former Washington Post reporter Betty Medsger.

The Citizens’ Commission — Bonnie Raines, her husband John Raines, Keith Forsyth, Bob Williamson, the late William Davidon, the pseudonymous “Ron Durst” and “Sarah Smith”, and their eighth still-unnamed collaborator, referred to in the book as “Janet Fessenden” — broke into a relatively minor but also relatively poorly secured FBI office near Philadelphia, stole “probably about six big suitcases” full of documents, and sent copies of those documents revealing FBI political surveillance and “dirty tricks” to various reporters and publications.

The Complete Collection of Political Documents Ripped-Off from the F.B.I. Office in Media, Pa., March 8, 1971” was eventually published in full a year later by the War Resisters League as a special double issue of WIN Magazine. These documents included the first public appearance of the FBI code-word “COINTELPRO“.  The documents, damning the FBI and J. Edgar Hoover in their own words, and the exposure of COINTELPRO, unseated Hoover and the FBI from their “untouchable” pedestals of public respect and secret power, prompted the Church Commission hearings, and led to executive orders and legislation at least purporting to reign in FBI political surveillance and meddling in non-criminal political activities.

Daniel Ellsberg (who praises the new book, The Burglary, as “a masterpiece”) has spoken repeatedly over the years of his desire to learn the identities of the members of the Citizens’ Commission, so that he could thank them personally for their whistleblowing. Today we are finally able to give the members of the Citizens’ Commission, named and unnamed, the credit they have long deserved for their courage and commitment in service to the causes of truth and justice.

But members of the Citizens’ Commission identified themselves publicly today not to claim their rightful place in the pantheon of muckraking heroes who have taken personal risks to expose government misconduct (entitled though they are to do so) but in order to call attention to the continuing need for more actions like theirs, and to the righteousness of whistleblowers like Edward Snowden who have taken such actions more recently.

The Citizens’ Commission weren’t “leakers”.  They were outsiders tapping into the sewage pipe of government secrets from the outside, not insiders “leaking” secrets from within the apparatus of government surveillance and subversion.  It’s important to distinguish them from insiders like Edward Snowden, Chelsea Manning, Dan Ellsberg, and Tony Russo.

As the name of the “Citizens’ Commission to Investigate the FBI” itself quite accurately reflects, its members acted as independent investigators and investigative journalists, not “leakers”.  They were the “hackers” of their time, carrying out their hacks with disguises, crowbars, and photocopiers rather than with code.

That makes the courage and commitment of the Citizens’ Commission all the more noteworthy. Ellsberg, Snowden, and Manning were all in positions of privileged access to closely-held information. The knowledge of that unusual privilege could, for people of conscience, translate itself into a greater sense of obligation to act on one’s knowledge. The members of the Citizens’ Commission, on the other hand, started out with no special knowledge and no special access. They did something that any member of the public could have done.

“But there was absolutely no one in Washington — senators, congressmen, even the president — who dared hold J. Edgar Hoover to accountability,“ John Raines told the New York Times. “It became pretty obvious to us that if we don’t do it, nobody will.”

In their press conference today, members of the Citizens’ Commission reminded reporters that the government made the same claims about the documents they stole from the FBI and gave to journalists as it has made recently about the documents taken from the NSA and passed on to journalists by Edward Snowden. In both cases, the government tried to persuade newspapers not to publish the documents, and justified criminal investigations of the thefts or leaks, on the basis of claims that the documents contained critical information that could jeopardize national security if revealed to the public.

“Within days of our action, the government was spreading stories that the documents included things like locations of missile silos and so forth,” Keith Forsyth of the Citizens’ Commission points out.

“That was a complete fabrication,” Forsyth says, based on his knowledge of documents the Citizens’ Commission eventually burned — pertaining to ordinary criminal matters rather than specifically political activities — as well as the political documents they released to the news media.  Forsyth says he’ll believe Snowden has released information genuinely damaging to national security if the government produces an actual example of such a disclosure in the material Snowden has given to the press.

We should be equally skeptical of contemporary DHS claims about the “sensitivity” and need for secrecy of information about its operations.  One of the lessons we draw from the FBI response to the actions of the Citizens’ Commission is that such claims are typically made primarily to protect government officials against public accountability, not to protect the public against private crime or threats from abroad.

Read More

Dec 17 2013

Briefs on issues remaining after “no-fly” trial

Now that the “no-fly” trial in Ibrahim v. DHS et al. is over, what’s the verdict?

Because this was a “bench trial” without a jury, Judge Alsup will decide both factual and legal issues.  His decision is not expected for weeks or months. There is no requirement for a speedy verdict in a case like this.

Before issuing his decision, Judge Alsup has asked both sides to submit briefs on a variety of legal issues, including which of the various categories of “secret” evidence he should consider and which he should make public.  Naturally, the government submitted its own brief on this issue in secret.

The current round of briefing is scheduled to conclude this Friday, December 20, 2013. Unless Judge Alsup asks for additional submissions on some question he thinks requires clarification, the next public activity in the docket will be the issuance of Judge Alsup’s next ruling. That could be either a verdict on the case, or a ruling on some or all of the preliminary matters such as which evidence to consider or make public.

Here are the briefs and orders relating to the issues remaining for Judge Alsup to decide:

Dec 10 2013

DHS stonewalls New York Times’ requests for travel records

A lawsuit filed last week by the New York Times shows that even reporters for the  Gray Lady have been targeted by U.S. Customs and Border Protection (CBP) for the same special scrutiny as less-mainstream journalists, and that the Department of Homeland Security (DHS) FOIA and Privacy Office continues to use the same tactics in responding to requests for its files about travelers, even when dealing with the Times, as it has used in response to requests and lawsuits by disfavored requesters such as ourselves:

  • Losing requests and appeals, or claiming to have no record of them;
  • Delaying responses or simply ignoring requests;
  • Failing to refer requests to the DHS components they knew were most likely to have responsive records; and
  • Claiming not to have sufficient information to locate records, or not to have identified responsive records, even when official notices published by the DHS or its components such as CBP have stated that records of this sport are part of a “system of records” retrievable by name or other personal identifier.

According to their complaint, two reporters for the Times, C.J. Chivers and Mac William Bishop, were “subject to segregated questioning by DHS employees at JFK on May 24, 2013, as they prepared to board an international flight for a work assignment as journalists.”

Both reporters subsequently filed requests with the DHS headquarters for “records used or created by DHS employees in respect to the questioning of Plaintiffs at JFK airport” and for “all information and records in the possession of DHS concerning” them.

It appears that the Times’ reporters were unfamiliar with the Privacy Act “System Of Records Notices” that the DHS has published, which are required to describe which agencies keep which types of records about individuals. A SORN must be published, and must disclose the type of information contained in such a systems and how it is used,  even when the records themselves have been exempted from disclosure.

In any event, the Times’ reporters didn’t send their requests to CBP or specifically mention that CBP records should be included in the search for responsive records. And they didn’t specifically refer to the systems of records (including the Automated Targeting System and TECS) that should be searched.

This shouldn’t be necessary, of course, but in our experience, DHS FOIA officers pretend to be even more incompetent than they really are. Unless you spell out which systems of records of which DHS components you want them to search, they will search (if at all) only in places other than those where the responsive records are likely to be found.

The records that enabled the DHS to intercept Messrs. Chivers and Bishop at JFK airport, as well as the records of their questioning (which was probably conducted by CBP officers) are almost certainly part of the CBP “TECS” and/or “Automated Targeting System” (ATS) databases.

We’ve written previously about How airline reservations are used to target illegal searches using TECS records, using examples of DHS records related to searches and questioning of other journalists.  We’ve posted templates to request your own records as well as examples of responses.  Contact us if you’d like help interpreting responses to your requests.

Rather than referring the Times’ reporters requests to CBP or searching for their TECS and ATS files, the DHS headquarters FOIA office:

  1. Lost (or pretended to lose) their requests;
  2. Delayed responses, or failed to respond at all;
  3. Referred the requests to two other DHS components (TSA and ICE) that they knew or reasonably should have known would be unlikely to have the requested records, but not to CBP; and
  4. Claimed not to have enough information to conduct a search, even though TECS and ATS are specifically designed to allow travel records to be searched for by as many criteria as possible: name, passport number, credit card number used to pay for the ticket, telephone number provided to the airline when reconfirming reservations, IP address from which the reservation was made, etc.

All this is depressingly familiar to us from our years of experience in trying to obtain such records.

In light of the involvement and intimate familiarity of the DHS headquarters FOIA and Privacy Office with the ongoing, high-level controversy over usage of, and access to, PNR data included in the TECS and ATS systems operate by CBP, the failure to refer the request to CBP is unambiguous evidence of either bad faith or gross incompetence in processing the requests from the Times’ reporters.

We wish the Times and its reporters all success in their lawsuit.

Dec 07 2013

“No-fly” trial, day 5, part 2: What happened to the plaintiff’s daughter?

“Your Honor, we’ve confirmed that the defendants did nothing to deny plaintiff’s daughter boarding. It’s our understanding that she just simply missed her flight.”

Neither the public, nor Dr. Rahinah Ibrahim, nor her daughter, Seattle-born U.S. citizen Raihan binti Mustafa Kamal, yet know why a U.S. Customs and Border Protection Officer sent the email message excerpted above  to the airline on which Ms. Mustafa Kamal was scheduled to fly to San Francisco last Sunday to testify at the trial in Dr. Ibrahim’s lawsuit challenging her placement on the U.S. no-fly list. (Click the image for a larger version or here for the complete e-mail forwarding thread.)

We do know, however, that whatever happened when Ms. Mustafa Kamal showed up at Kuala Lumpur International Airport (KUL)  two hours and 45 minutes before the scheduled departure of her flight and tried to check in, it certainly wasn’t (and CBP’s lawyers in San Francisco certainly couldn’t later have “confirmed”, as they claimed to the court on Monday), that Ms. Mustafa Kamal “just simply missed her flight”.

Friday afternoon, after what was to have been the conclusion of the trial in Ibrahim v. DHS, Judge William Alsup held an evidentiary hearing and heard argument from lawyers for Dr. Ibrahim and the government regarding what happened to Ms. Mustafa Kamal and what (if anything) he should do about it.

(See our separate article about the morning session, including the possibility of bar complaints against some of the government’s lawyers and a history lecture from Judge Alsup to the government about the blacklisting of Robert Oppenheimer on the basis of secret, false, allegations that he was a Communist: “No-fly” trial, day 5, part 1: Closing arguments.)

At the insistence of the government and on the basis of a declaration submitted in advance by the one witness, and over objections by Dr. Ibrahim’s lawyers, the courtroom was cleared for almost the entirety of both the hearing and the argument.  The only in-person witness, Ms. Maureen Dugan, Director of the “National Targeting Center” operated by the Customs and Border Protection (CBP) division of DHS in Reston, Virginia, was questioned only behind closed doors, and her additional written declaration was filed with the court under seal.

Dr. Ibrahim’s lawyers were unable to present her side of the story through in-person testimony, of course, since the U.S. government agencies which are the defendants in the case have prevented both Dr. Ibrahim and Ms. Mustafa Kamal from coming to the U.S. for the trial. But a sworn written declaration by Ms. Mustafa Kamal, including the email message from CBP  that led to her being denied boarding when she tried to fly to San Francisco last Sunday for the trial, was filed in the public court docket.

Following the hearing, Dr. Ibrahim’s lead counsel, Elizabeth Pipkin, said that at the conclusion of the closed court session Judge Alsup ruled:

  1. That the parties could refer to the events, exhibits, and testimony related to Ms. Mustafa Kamal in their proposed findings of fact and conclusions of law in Dr. Ibrahim’s case, and
  2. That Dr. Ibrahim and her lawyers would be allowed until noon Monday, December 9th, to decide whether to move to re-open the case.

If the case is re-opened, the parties would be able to present new evidence, call new witnesses, and/or re-call witnesses including government witnesses whose original testimony might be contradicted and whose credibility might be impeached by what happened to Ms. Mustafa Kamal and what statements they made about it.  Ms. Mustafa Kamal could even be called as a witness, if she could find the money for another airline ticket and make it to the U.S. (In her declaration, she says that her original ticket cost MYR5751, equivalent to US$1782, and she can’t afford another ticket at that price.  It’s already peak season for trans-Pacific travel to and from SFO, and on many airlines seats are unavailable at any price until after New Years.)

Aside from seeing Ms. Dugan enter and leave the closed courtroom, and what Ms. Pipkin said afterward about Judge Alsup’s rulings, we don’t know what the government may have claimed to Judge Alsup.

But when read closely, the public filings from Ms. Mustafa Kamal raise extraordinary questions of whether CBP and DHS have:

  1. Misrepresented their operations in official statements including their most recent formal report to the European Union on how they use airline reservation data,
  2. Tried to secretly strip a person born in the U.S. of her citizenship through some secret administrative action or deem her “inadmissible” to the U.S. despite her U.S. citizenship, and/or
  3. Misled the airline about the basis for their no-board request, and manipulated the airline through those false pretenses into wrongly denying boarding to Ms. Mustafa Kamal despite the fact that she is a native-born U.S. citizen with an absolute, unconditional, and irrevocable entitlement to admission to the U.S.

Read More

Dec 04 2013

Dr. Ibrahim’s legal brief’s theories about what DHS did wrong

Rahinah Ibrahim’s trial brief goes over the basic legal theories of the case, and details what Dr. Ibrahim is asking the court to do.  This is not legal advice; you can read what we think about some of its high points, or just follow the link and read it yourself.  This focuses more on the factual allegations than the details of the legal rules that Dr. Ibrahim claims DHS has violated.

The first thing you’ll notice about this 53-page document is that looks like something that went through government censorship, like a FOIA result full of blacked-out passages.  That is because it did go through government censorship.  Dr. Ibrahim’s lawyers have no security clearances, but at the insistence of the judge, they have been checked-out by the government and authorized to see documents that are DHS “Sensitive Security Information”, a sui-generis class of stuff-you-can’t-see that doesn’t even have most of the protections for the public that classified information has.  Carefully tweaked language in Congressional bills that used to exempt federal aviation research from public view have turned into a Kafkaesque power by the head of DHS to say anything is “SSI” for just about any vague reason.  Dr. Ibrahim’s lawyers can see things that they cannot reveal to Ms. Ibrahim or to the public.  They can write things in their legal brief that neither the public nor Dr.. Ibrahim are permitted to know (that’s the stuff that is blacked out).  Dr. Ibrahim is still not permitted to know if she is or ever was on the No-Fly list!!!

Pages 10 through about 19 detail the facts about what happened to Dr. Ibrahim and her family over the last decade.  Much of this will have to be proven in court with evidence, but it’s mostly uncontested.

Then come the legal arguments.  These may be tough slogging on first read, but here’s what seem to be  the meat of the allegations about what Dr. Ibrahim thinks DHS is doing wrong. Read More

Dec 03 2013

Ibrahim case tweets: @ehasbrouck, and PACER cache link

Edward Hasbrouck of the Identity Project is attending the “no-fly” trial in Ibrahim v. DHS, which is going on this week and may continue into next week. Cellphone and Internet access in the courthouse is unreliable, but he’ll be tweeting updates when possible in addition to posting articles in this blog.

You can use the federal courts’ PACER system to view public filings in the case, for a fee.  Or, for those of us mortals who aren’t registered with the federal courts to pay through the nose for access to public domain judicial records, you can use the Internet Archive’s RECAP archive of the case docket, which includes links to some of the case documents which friendly PACER users have donated to public access.

Nov 30 2013

DHS collects foreign visitors’ medical histories

This week Ellen Richardson, a Canadian citizen trying to fly from Toronto to New York to board a cruise ship bound for international destinations in the Caribbean, was denied permission to transit the U.S. by the DHS, on the basis of her history of clinical depression and her previous suicide attempts in Canada — none of which had involved the police or any criminal charges.

Canadian citizens normally don’t need visas for short-duration visits to the U.S. as tourists. But U.S. law, Title 8 USC Section 1182(A)(iii)(II), forbids entry to any non-U.S. citizen who is determined “to have had a physical or mental disorder and a history of behavior associated with the disorder, which behavior has posed a threat to the property, safety, or welfare of the alien or others and which behavior is likely to recur or to lead to other harmful behavior,” unless they obtain a waiver from one of the doctors specially appointed by the DHS to examine applicants for admission to the U.S.

DHS files about people who aren’t U.S. citizens or residents aren’t subject to the Privacy Act, and the DHS and the NSA claim the authority to collect and retain pretty much any information they can obtain about foreigners, including (at least implicitly) health information and medical records.

The questions being asked in Canada are how the DHS learned of Ms. Richardson’s medical history, whether any Canadian entities disclosed private information to U.S. government agencies, and whether any Canadian laws such as PIPEDA or the Canadian Privacy Act were violated.

There appear to have been at least four ways that the DHS could have learned of Ms. Richardson’s medical history:

  1. Some Canadian entity might have knowingly disclosed information about Ms. Richardson to the DHS. This probably wouldn’t violate any U.S. law (foreigners have essentially no statutory privacy protection under U.S. law), but would almost certainly constitute a grave violation of PIPEDA and/or the Canadian Privacy Act by the responsible Canadian entity.
  2. Some Canadian entity might have outsourced or disclosed information about Ms. Richardson to an entity in the U.S., which in turn disclosed it to the DHS. Once personal data is in the U.S., no U.S. law restricts its onward transfer to third parties including the DHS or other government agencies.  Many Canadian companies (including, as we’ve previously documented, Air Canada) outsource storage and processing of personal information to companies in the U.S., or share information with U.S. business partners, affiliates, or the like.  When the details are scrutinized, almost all such cross-border data transfers violate PIPEDA and/or the Canadian Privacy Act.
  3. The NSA might have hacked some Canadian entity or intercepted intra-Canadian data transfers, and shared its findings with the DHS. Health and medical information hasn’t been specifically mentioned as a target of the NSA’s dragnet or its hacking of foreign databases, but can’t yet be ruled out.
  4. The DHS might have searched for “publicly available” information about Ms. Richardson, and happened upon her history of suicide attempts. This seems the most likely explanation, but raises the further question of how often, how systematically, and how deeply DHS components conduct these sorts of Internet or other searches.  Unfortunately, the investigations now being undertaken by Canadian privacy officials are unlikely to shed any light on this question.

We’d love to hear from any whistleblowers or leakers who can shed light on what happened to Ms. Richardson or, more generally, what sorts of Internet or “public-source” data about Canadian and other visitors to the U.S. the DHS is trolling and entering into its permanent files about individuals.