Papers, Please!

The Identity Project

Category Archives: Surveillance State

Nov 13 2012

How Australia profiles travelers: A look inside the “black box”

At a “Big Data” conference in Sydney earlier this month, the head of Australia’s traveler tracking and profiling office (his actual title — we are not making this up — is “Director Intent Management & Analytics“) gave an  unusually revealing presentation (PDF) [also here] about the nature of the government’s travel data warehouse and how it is used to predict the “intent” of travelers to and from Australia.

Klaus Felsche of the Australian Department of Immigration and Citizenship (DIAC) didn’t mince words, referring explicitly to “data mining”, “risk scoring”, and “profiling” systems and algorithms, although lamenting that DIAC doesn’t (yet) have access to social media profiles or some data from other Australian  government agencies.

The US government has rarely used the words “scoring, “profiling”, or “data mining” with respect to its warehousing and use of Passenger Name Records (PNRs) and other travel data.  Most of the architecture, as well as all of the rules and algorithms, have been withheld from public disclosure, even when we have requested this information under the Privacy Act, FOIA, and/or through foreign governments and airlines that have allowed PNR data subject to their jurisdiction to be fed into these data warehouses and data-mining systems.

The “threat analysis” component of US travel control systems like Secure Flight has remained an unexplained “black box” whose operations are part of the magical secret sauce that justifies the government in enforcing  whatever its oracle decrees.  In this diagram — the most detailed yet provided by the TSA — it’s the red box at right center.

So we are grateful to Mr. Felsche of the Australian DIAC for providing a clearer picture of what data governments are archiving about us and our travels, and how they are using it.  Just remember, as you study his presentation, that:

  1. “Targeting” — the one euphemism that still permeates Mr. Felshe’s presentation — means search, seizure, interrogation, and prohibition of travel. In other words, deprivation of fundamental rights, to a greater or lesser degree depending on whether it means mere delay and intrusion or whether it means being confined by a no-fly order to the island of Australia for the remainder of one’s natural life.
  2. Australia is a relatively small country in population and (as his presentation makes clear) computing resources available to this component of the government.  Presumably, what’s being done with travel data by DIAC is only a subset of what is being done by the DHS, and perhaps in the European Union.
Nov 01 2012

TSA wants airlines to “share” frequent flyer records

The DHS already has root access to airlines’ computerized reservation systems to “pull” passenger name records (PNRs), even for flights that don’t touch the US.

Airlines serving or even merely overflying the US are required to “push” Advance Passenger Information to CBP before each international flight, and Secure Flight Passenger Data to the TSA before each domestic flight, and receive individualized permission from DHS before issuing each boarding pass.

But that’s not enough for the TSA.  In a Bloomberg news story that appears to have been planted by the TSA as a trial balloon, the TSA suggests aggregating frequent flyer and identity data, across airlines, for storage by a private contractor and use by the TSA:

PreCheck’s structure makes it difficult to clear passengers on more than one airline, said Douglas Hofsass, the TSA’s assistant administrator for the office of risk-based security….

Some airlines are reluctant to share customer information with competitors, Hofsass said. They’ve indicated they’re willing to work with TSA, he said….

“Technically, we don’t have the ability right now, based on the way the eligibility requirements are transmitted to the individual carrier, the way those individuals opt in and the way those records come into us, to validate those individuals,” Hofsass said.

“We don’t have the ability to cascade that to other carriers when those individuals make reservations,” he said. “It doesn’t mean we don’t have an idea as to how we might solve that.”

The agency needs to turn to a private-industry partner who can … create a database of PreCheck fliers, said U.S. Representative Mike Rogers, who oversees the agency through his Transportation Security subcommittee.

“PreCheck” is the latest incarnation of the TSA’s “registered traveler” (“more surveilled and maybe less-mistrusted traveler”) program, currently open only to those members of airline frequent flyer programs invited to apply based on some secret scoring, according to TSA algorithms, of their frequent flyer profiles.

Frequent flyer data is already included in PNR data pushed to CBP for all international flights, but isn’t included in Secure Flight Passenger Data provided by airlines to TSA for domestic flights.  So if you aren’t known to have traveled abroad, or if you use a passport for international travel and some other ID (or no ID) for domestic flights so your domestic and international travel histories are harder to match, the TSA might not yet have a comprehensive dossier of everything you’ve done that’s linked to your frequent flyer account(s).

To the TSA, any incompleteness in the coverage of its travel panopticon is obviously a security (read: surveillance) loophole that needs to be closed.

Under US law, frequent flyer records are the property of airlines, not travelers, and the airlines are free to “share” them with each other, governments, or other third parties without customer notice or consent.

So there’s no legal barrier to the creation of such a master database of frequent traveler records.

However, if the government maintained a copy of the database, it would be subject to the requirements of the Privacy Act.  So outsourcing hosting of the database to a private aggregator (most likely one of the existing computerized reservation systems or other travel data aggregators and intermediaries) would be the architecture that maximizes the government’s easy access to the data while minimizing legal accountability.

Oct 03 2012

Government Surveillance of Travelers

For those attending today’s discussion of Government Survelliance of Travellers and the DHS “Automated Targeting System” (ATS) at the Brennan Center for Justice at NYU School of Law, or those who can’t make it but are interested in the topic, here are the slides from the presentation by Edward Hasbrouck of the Identity Project (PapersPlease.org), and links to additional references:

Today’s event is open to the public, so please join us if you are in New York and free at mid-day.

Sep 22 2012

“Automated Targeting System” briefing 10/3 at the Brennan Center

Identity Project consultant and policy analyst Edward Hasbrouck will give a brown-bag lunch presentation on the DHS “Automated Targeting System” and government surveillance and control of travelers on Wednesday, October 3, 2012, 12:30 – 2 p.m., at the Brennan Center for Justice, New York University School of Law, 161 Avenue of the Americas (6th Ave.), 12th Floor, New York (in SoHo, 1/2 block from the Spring St. station on the C and E subway lines).

Hasbrouck will give an introduction to the DHS “Automated Targeting System” (including examples of data from ATS records obtained through Privacy Act and FOIA litigation), its role in US government surveillance and control of travelers, and the civil liberties and human rights issues it raises.

The “Automated Targeting System” (ATS) is one of the largest of post-9/11 warrantless dragnet surveillance programs.  Built at a cost of more than $2 billion in government-mandated changes to commercial travel IT systems, to which DHS now has root access, ATS “ingests,”  archives, and mines complete mirror copies of all international airline reservations (“passenger name record“) data for travel to, from, or via the US. ATS records include where, when, and with whom you traveled; your IP address; what credit card was used; whether you asked for a kosher or halal meal; and whether you and your traveling companion asked for one bed or two in your shared hotel room.

While little known or debated in the US, ATS has been at the center of intense disputes with the European Union and Canada over US demands for access to travel reservation data from other countries.

Edward Hasbrouck works with the Identity Project on travel-related civil liberties and human rights issues. An award-winning travel journalist, blogger, and author, he also has 15 years of travel industry experience in airline reservations technology and travel agency  operations. Hasbrouck has testified before the TSA as well as the European and Canadian Parliaments on issues related to government access to airline reservations, and was the plaintiff in a recently-concluded Privacy Act and FOIA lawsuit seeking ATS records about himself as well as information about ATS data-mining capabilities.

The event is free and open to the press and the public.

Aug 21 2012

San Antonio public schools plan to make students wear radio tracking beacons

Unless the school board changes its mind, public school students at Jay High School and Jones Middle School in San Antonio, Texas, will be required to wear ID badges containing RFID chips (radio tracking beacons broadcasting unique ID numbers) when they come back to school next week.

Each of these schools has installed an array of “100 or more” RFID readers so that students’ movements can be tracked whenever and wherever they are on school premises. [Update: Interviewed on the Katherine Albrecht radio show, the president of the company supplying the equipment says that the chips have a read range of 70 feet, and that there are readers at least every 100 feet in the schools as well as in school buses.] To make sure students actually carry their RFID badges, they’ll have to use them for all purchases of school lunches as well as for mandatory attendance checks.

This will be one of the first times that anyone in the U.S. who isn’t a prisoner or a government employee or contractor has been compelled by any government agency to carry an RFID chip.

Tonight the elected Board of Trustees of San Antonio’s Northside Independent School District is hearing from students, parents, and other community members opposed to the RFID tracking scheme.

At the same time, a coalition of privacy and civil liberties organizations and experts including the Identity Project has issued a Position Paper on the Use of RFID in Schools calling for a moratorium on the use of the RFID chips for tracking of people. The position paper thus reiterates a point made by many of the same signatories in a 2003 Position Statement on the Use of RFID on Consumer Products. “RFID must not be used to track individuals absent informed and written consent of the data subject,” according to the 2003 statement.

Compulsory tracking by a government agency (a public school district) of the movements of individuals who cannot opt out or withdraw consent, and who are required to be in the school building where RFID readers have been deployed, is a worst-case scenario of how RFID technology shouldn’t be used.

Read More

Aug 04 2012

Will the TSA ever follow any rules?

The TSA is a lawless agency, and its checkpoints are a domestic counterpart of Guantanamo:

A formal rulemaking wouldn’t prevent the TSA from adopting unconstitutional rules. But it would provide an opportunity for public review of proposed checkpoint rules or procedures, public submission of comments on them (such as, “These are unconstitutional and violate our human rights”), public knowledge of what rules have been adopted, and a (relatively) straightforward procedural pathway for judicial review of those rules. This last, presumably, is why the TSA has avoided the formal rulemaking process, instead either issuing secret administrative “directives” to airlines and checkpoint staff, or standardless ad hoc administrative orders for which no basis at all is disclosed.

Three years ago, we were among the signers of a petition to the TSA requesting that it conduct a formal rulemaking concerning its deployment of “virtual strip-search” machines as a primary “screening” mechanism, and its requirement that travelers submit either to these “whole-body” scanners or to even more intrusive whole-body groping by checkpoint staff.

Two years ago, after that petition was ignored, EPIC filed suit to compel the TSA to conduct such a formal rulemaking concerning the “naked scanners”. (That’s separate, of course, from the logical protest response of getting naked ourselves to show the checkpoint  staff that we pose no threat.)

A year ago, the Court of Appeals for the D.C. Circuit upheld EPIC’s complaint, ruling that the TSA must “act promptly” to conduct such a formal rulemaking:

[T]he TSA has advanced no justification for having failed to conduct a notice-and-comment rulemaking. We therefore remand this matter to the agency for further proceedings. Because vacating the present rule would severely disrupt an essential security operation, however, … we shall not vacate the rule, but we do nonetheless expect the agency to act promptly on remand to cure the defect in its promulgation.

For more than a year since then, the TSA has done nothing to even begin the rulemaking process.

Our friend Jim Harper at the Cato Institute has started a petition asking President Obama to order his executive-branch underlings at the TSA to obey the court’s order and start the rulemaking. If it gets 25,000 signatures by August 8th (it currently has 18,000 and counting), White House policy is to provide a public “reply” to the petitioners.

We’re not too optimistic as to what that reply will be, judging from the response from the TSA on behalf of the White House to last year’s petition by more than 30,000 people calling for the TSA to be entirely abolished, not just subjected, at least in part, to the rule of law.

EPIC has supported the petition campaign, but has also continued to litigate: Last month EPIC asked the Court of Appeals to set a date certain by which the TSA’s “whole-body imaging” program would be “vacated” by the Court if the TSA hasn’t begun a formal rulemaking for it. On Wednesday of this week, the Court ordered the TSA to respond to EPIC’s latest motion by the end of August.

Slowly, slowly, with the government resisting at every step, we crawl toward subjecting the homeland-security state and its attacks on our rights to the rule of law.

Aug 02 2012

Police pay $200K to settle lawsuit for illegal roadblock

On December 20, 2002, Terry Bressi was arrested at a roadblock in Arizona being operated by a joint task force including tribal police and agents of the US Department of Homeland Security.

After all of the trumped-up charges brought against Mr. Bressi were dismissed , he sued the tribal police department, the DHS, and the individuals who were responsible for establishing and operating the illegal roadblock for violating his civil rights.

Almost ten years of litigation later, the tribal police defendants have now paid Mr. Bressi $210,000 to reimburse his legal expenses (including some of those related to the work of attorneys associated with the Identity Project and our parent organization, the First Amendment Project) and settle his claims against the police.

The police tried to justify the roadblock as having been solely a sobriety checkpoint, but the police on the scene admitted to Mr. Bressi that they had no reason to doubt his sobriety or suspect him of any other violation of law. He wasn’t an Indian subject to tribal law, and the roadblock was on a state highway and public right-of-way through the reservation.

In reality, as evidence revealed in the course of Mr. Bressi’s lawsuit made clear, the “sobriety check” by tribal police was merely the pretext being used to try to justify the suspicionless search and seizure of innocent travelers, for general Federal law enforcement purposes.

This settlement is far from sufficient to fully compensate Mr. Bressi for the damages he suffered and the years of work he invested in the pursuit of justice for himself and others similarly denied their right to move freely within the U.S., including on public rights-of-way.

The settlement is, however, an important reminder that even police and others acting with and at the behest of the DHS can be held personally liable for their role in violations of travelers’ rights.

We hope that other police officers and civilian DHS collaborators (such as airport checkpoint staff and contractors) will get the message, and start to question illegal orders from the DHS and other Federal agents.

We congratulate Mr. Bressi on obtaining this settlement, and commend him for his diligence in pursuing his case for the last decade.

Jul 18 2012

John Brennan, “Naked American Hero”, found not guily

John Brennan, who took off all his clothes while being detained by the TSA at the Portland [OR] International Airport (PDX) in protest of his continued detention and the TSA’s excessively intrusive “screening”, was found not guilty today of indecent exposure at the conclusion of a bench trial (during which Mr. Brennan testified, clothed, in his own defense) in Multnomah County Court. According to an Associated Press report on the trial:

A Multnomah County prosecutor said if Brennan’s actions are considered protected by the First Amendment, then anyone who is arrested while nude can also claim that their actions are a protest.

That leaves Mr. Brennan out of pocket for the legal expenses of defending his innocence. The “not guilty” verdict in the criminal case brought against Mr. Brennan leaves open the possibility, as already threatened by the TSA, of a civil action to fine Mr. Brennan for “interfering” with TSA screeners in the performance of their duties. On the other hand, the “not guilty” verdict also leaves open the possibility of a civil suit by Mr. Brennan against the checkpoint staff and police who violated his rights.

Jul 16 2012

Hasbrouck v. CBP dismissed. What have we learned?

We have stipulated to the dismissal of the remaining claims in Hasbrouck v. U.S. Customs and Border Protection, the Federal lawsuit in which the Identity Project had sought records of U.S. government surveillance and “targeting” of international travelers through the CBP “Automated Targeting System” (ATS).

The dismissal follows a ruling by U.S. District Court Judge Richard Seeborg in January of this year, dismissing some of our claims but ordering CBP to provide additional information about ATS records and to conduct additional searches to find more of the records we had requested or determine if they exist. (See our earlier analysis of the substance and significance of Judge Seeborg’s decision.)

Since January, as directed by Judge Seeborg, we have engaged in extensive negotiations with the government’s lawyers from CBP and the office of the local U.S. Attorney in San Francisco.

As a result of Judge Seeborg’s order:

  1. CBP provided us, in redacted form as shown on this supplemental Vaughn index, with several additional redacted documents which it had previously claimed didn’t exist or couldn’t be found, or which they had failed to search for despite our request for and entitlement to those records. These newly disclosed records include additional records related to Mr. Hasbrouck’s travels, in which his name was misspelled. The most recently-released of these are from 1997, and others released to Mr. Hasbrouck earlier in the case go back to 1992, long before any public disclosure of the existence of ATS. CBP had claimed that it was unlikely that a name in a Passenger Name Record (PNR) could be misspelled, but these new disclosures show that it can happen, that CBP is capable of “wildcard” searches for variant spellings, and that such a search is necessary for it to be reasonably likely to identify all records responsive to a request for PNR or other ATS data pertaining to an individual. All of these new records also cast doubt on CBP’s claims as to the completeness of its past responses. Prior CBP responses to requests for such records were likely incomplete, and should be renewed with a specific request to include possible misspellings in the search.
  2. After previously claiming that there were no records of the processing of Mr. Hasbrouck’s original Privacy Act requests and appeals, CBP provided us with “correspondence tracking sheets” showing that these Privacy Act requests (1) were logged and tracked solely as FOIA requests, not Privacy Act requests, (2) were logged as “closed” even while appeals were pending, and (3) do not mention some of the appeals, even when those appeals were received and signed for by CBP. Assuming that CBP is telling the truth, and these are the only records of Mr. Hasbrouck’s requests and appeals, they show that no record is kept of Privacy Act requests and that records of FOIA requests and appeals are incomplete and inaccurate. As a result, CBP’s records and reports cannot be relied on as accurate statements of how many such requests have been received; whether they have been granted, denied, or ignored; how long it has taken to process them; how many of them remain pending and unanswered; whether they have been appealed; or what, if any, action has been taken on those appeals.
  3. CBP provided two additional declarations purporting to explain why no other records responsive to our requests exist or could be found.  In part, these declarations are simply not credible, and would appear to be false and probably perjured. For example, CBP’s Shari Suzuki claims that it is impossible for CBP to search for PNR or other ATS data associated with a particular phone number without also supplying a name as part of the query. Although the software specifications and user guides were withheld from us pursuant to Judge Seeborg’s ruling that they are exempt  from disclosure, it’s unlikely that CBP would be using software that doesn’t permit that sort of query. And Assistant Secretary of Homeland Security testified to Congress on October 5, 2011, about exactly this sort of search: “Early in this investigation, the Federal Bureau of Investigation (FBI) learned of Shahzad’s cell phone number, but had little additional information…. [T]he FBI asked DHS if it had encountered any individual who reported this phone number during border crossings. DHS searched its PNR database for the phone number, identified Shahzad, and learned other information he had provided to DHS.”  We are confident that, if CBP were searching for records as part of an investigation rather than in response to a FOIA request, it could have, and would have, searched for all records containing phone numbers associated with Mr. Hasbrouck, regardless of whether his name appeared in those PNRs. Unfortunately, the extreme “deference” given by the Federal courts to the credibility of agency declarations in FOIA cases, and our lack of access to the software specifications, makes it almost impossible to challenge even such obviously incredible claims about why the records we have requested can’t be found. But let’s be clear: CBP lied about its data mining capabilities rather than actually search for records linking Mr. Hasbrouck to other individuals through phone numbers or other identifiers. What were they trying to hide? Presumably, they were trying to avoid calling attention to the primary function of ATS as a suspicion-generating and guilt-by-association system, designed and used primarily for “social network analysis”..
  4. After first claiming that it processed Mr. Hasbrouck’s requests and appeals only under FOIA and not the Privacy Act, CBP now claims that these requests were made only under the Privacy Act and not FOIA, on the basis of false declarations about what Mr. Hasbrouck said in telephone calls inquiring about the status of his requests and appeals. In light of the “deference” given to the agency declarations in which these false claims are made, it will be easier to make new requests under FOIA for this information than to try to disprove the false claims in the declarations that Mr. Hasbrouck had agreed to abandon or withdraw his FOIA requests. But here again, CBP officials were willing to lie in sworn  declarations made to Federal courts, in order to avoid or delay judicial review of their withholding of information.
  5. During our negotiations, CBP promulgated a new System Of Records Notice (SORN) for ATS, a Notice of Proposed Rulemaking (NPRM) to exempt even more ATS records from the Privacy Act, and an updated and expanded Privacy Impact Assessment for ATS. CBP would no doubt say that some of these documents provide “additional transparency” about ATS. But any transparency is offset, of course, by the broadening of exemptions. And under the interpretation of the Privacy Act adopted by Judge Seeborg’s ruling in our case, additional Privacy Act exemptions could be promulgated at any time in the future, and applied even to requests that had already been made. Nobody can rely on any “rights” under the Privacy Act that could be retroactively revoked at any time. In addition, the new notices fail to give any additional detail about the data-mining or search-and-retrieval capabilities of the software (which Judge Seeborg ruled that CBP does not have to disclose, notwithstanding the specific requirement of the Privacy Act law that a SORN include the “practices of the agency regarding … retrievability” of records) or the algorithms used for processing data and making “targeting” decisions. (In its comments on the new SORN, EPIC correctly points out that the use of secret algorithms makes it impossible for airlines or other travel companies subject to European Union jurisdiction, but which provide PNR or other data to CBP for ATS, to fulfill their duty under EU law to inform data subjects how their data is processed — a point we’ve made in complaints against airlines to European data protection authorities.) Perhaps most importantly, what these new filings provide is more transparency about the unprecedented scale, scope, and secrecy of ATS as a system of suspicionless surveillance and control of all international travelers and their associates.

Individuals and governments abroad should also take due note of the U.S. government’s claims in this case, and judge their collaboration with ATS accordingly. Individuals — even U.S. citizens — have no right under U.S law to see what ATS records are being kept about them, and no right to know how or according to what algorithms data about themselves is mined, processed, or otherwise used.  No records are kept of requests for access to records, and no logs are kept of who retrieves records.

Clearly, the Automated Targeting System is exactly what the Privacy Act was intended to prohibit: a system of persistent secret government dossiers about the legal activities of people who are not suspected of any crime. The reason for the enactment of the Privacy Act was the recognition that such surveillance systems, regardless of their purposes or the benign intentions of their creators, are inherently likely to be be misused.

At the end of the day, the (unsurprising) lesson of Hasbrouck v. CBP is that U.S. courts continue to place the “airport exception to the First Amendment” above our right to travel and our right as citizens, presumed innocent until guilty, to be free from dragnet surveillance.

If the courts won’t upheld the intent of the Privacy Act by ruling against the maintenance of systems such as ATS, it’s up to the public to say, “No”, and to demand that Congress enact legislation explicitly mandating that ATS be shut down and all ATS records about innocent individuals be destroyed.

We are not surprised by the outcome of this lawsuit, which revealed more than we had expected about the contents of ATS records and the the nature and functioning of the ATS system. We are pleased and proud of whatever role this lawsuit may have played in exposing the lack of respect by the executive and judicial branches of the U.S. government for our fundamental rights.

We are grateful to attorneys David Greene, Lowell Chow, Jim Wheaton, and Geoff King; to the staff and interns of the First Amendment Project (our parent organization) and Bryan Cave; and to John Gilmore and the other supporters who made possible this challenge to the secrecy of DHS surveillance of international travelers.

May 08 2012

US retaliates against tortured “no-fly” exile with trumped-up criminal charges

For two years, FBI agents tried to recruit Yonas Fikre — a US citizen who came to the US with his family as refugees when he was 12 years old — to infiltrate and inform on members of the congregation of a mosque he attended in Portland, Oregon, as part of an FBI entrapment “sting”.

When Fikre declined to become an FBI snitch or “agent provacateur”, the FBI had him put on the US “no-fly” list while he was overseas, and told him he would only be taken off the list so he could return to the US if he “cooperated” with their investigation of his fellow worshipers. Fikre again said, “No.”

Then the US government tightened the screws on Fikre, more or less literally, by having its “friends” in the dictatorial monarchist government of the United Arab Emirates arrest Fikre, who was in the UAE on business, torture him, and again tell him that the only escape from his predicament was to cooperate with the FBI.  Eeven under torture, Fikre stkill said, “No.”

Eventually Fikre’s torturers in the UAE gave up, released him from prison, and kicked him out of their country.  We can only assume that they decided he was innocent, or at least knew nothing incriminating about anyone to reveal, and wasn’t going to talk to the FBI no matter what they did.

Unable to return to the US because he was still on the “no-fly” list, Fikre then went to Sweden, where he has relatives (refugees who went to Sweden when his immediate family went to the US).

Throughout all this, Fikre was never charged with any crime in any country, as we presume would have happened if the FBI had evidence of any crime to use as leverage in their recruiting of Fikre as an informer.

Now Fikre has been indicted in the US, less than three weeks after he went public with his story of exile by, and torture at the behest of, the government of his own country, and announced that he has sought asylum in Sweden in order to remain there, since he can’t come back to the US.

“Frankly, I think it’s retaliation and retribution,”  one of Fikre’s US attorneys is quoted as saying. Another of his lawyers calls the charges retaliation and “specious”. From everything we’ve seen about the case, we agree.

Fikre is charged with the pettiest of purely procedural violations of Federal law. Allegedly, when he transferred money from the US to Dubai to fund a business he was starting there, he had the money sent in smaller increments rather than all at once, in order to keep each of the amounts below the $10,000 threshold above which he would had to report them to the US government.

For having “structured” his legal personal business so as to avoid having to inform on himself to the Feds who he knew already wanted him to inform on his associates, Fikre has now been indicted for the Federal crime of “structuring”.

Fikre’s brother and another alleged associate, but not Fikre, were also indicted for alleged violations of tax laws.

Fikre’s business was legal. Fikre paid his taxes. The money transfers were themselves legal, and each of them was small enough that Fikre wasn’t required to report them individually. If Fikre had filed an aggregate report on the total of the transfers, everything he did would have been legal.

Fikre had good reasons to fear additional interrogation or worse retaliation if he told the Feds any more about his affairs. If he was “structuring” his finances to avoid self-surveillance requirements, he was also structuring them to try (unsuccessfully, it turns out) to avoid exposing himself to further persecution by the US government. Should this be a crime?

It’s hard to avoid the conclusion that Fikre’s real “crime” is exposing US torture and exile of its own citizens, and embarrassing the US by seeking asylum abroad. Not that he had much choice about seeking asylum somewhere, since he couldn’t come back to the US, or live and work anywhere else indefinitely as a tourist or temporary visitor.

It remains to be seen whether the US will seek to have Fikre arrested and extradited from Sweden, or will merely hold the threat of criminal prosecution over him for life (the clock stops on the statute of limitations while you are out of the country) if he ever manages to return to the US or visits another country sufficiently “friendly” to the US government to arrest him.

Shame on  the US, and best wishes to Mr. Fikre for success in his application for asylum in Sweden.