Papers, Please!

The Identity Project

Category Archives: Surveillance State

Jan 13 2010

TSA lies again about what the strip-search machines see

Already this week the TSA was caught in a lie about what it likes to call whole body imaging (virtual strip search) machines, when the Electronic Privacy Information Center (EPIC) obtained documents showing that, despite TSA claims that “this state-of-the-art technology cannot store, print, transmit or save the image,” the TSA actually requires all of these capabilities — image storage, printing, and transmission — as part of the contract specifications for the body scanners.

But the TSA can’t seem to keep their nose from growing: the post in their official propaganda blog responding to EPIC’s analysis of TSA documents contains even more lies about what they see when they look under your clothes with these machines.

According to the TSA blog, “Below, you will see accurate examples of what our officers see while using advanced imaging technology. Anything else you see is inaccurate.”

Above, we’ve linked directly to the images on the TSA website, exactly as sized and posted by them.

In fact, it’s the images posted by the TSA that are inaccurate and misleading. The actual images seen by the people in the back room (they watch you through your clothes, but you can’t watch them) are: (1) full-screen, not thumbnail-sized like those the TSA posted in their blog, (2) higher-resolution than those on the TSA blog, and (3) capable of being zoomed even larger, on the actual TSA displays, using the magnifying-glass tool in the lower right corner of the TSA-provided thumbnails.

Accurate images are visible in the video below (although even if you click through to the full-screen version the video doesn’t have as high resolution as the displays used by the TSA, especially when they zoom in on areas of the body that attract their interest):

Note also that the video clearly demonstrates that the TSA policy for pat-down searches to be performed by a person of the same gender won’t be applied to the virtual strip-searchers.

The TSA website says that, “Multiple signs informing passengers about the technology, including sample images, are displayed in plain sight at the security checkpoints, in front of the advanced imaging units.” When the signs are displayed, however, the “sample images” — like the ones above from the TSA website — are only a small fraction of the size and resolution of those the scanner operator sees.

EPIC has now filed another FOIA lawsuit against the TSA for failing to disclose what the images look like. Notably, the EPIC complaint filed in court today confirms that our experience with the ongoing TSA FOIA black hole wasn’t an isolated incident. EPIC’s request for expedited FOIA processing was made on July 2, 2009 — more than six months ago — and referred to the TSA by the DHS on July 16, 2009. On July 31, 2009, EPIC filed an administrative appeal of the constructive denial of its request. An expedited request should have been acted on within 10 days, and an appeal within twenty days. But to date, according to the complaint, the TSA has made no response whatsoever to either the request or the appeal. In our experience, this is typical of the TSA’S complete contempt for the FOIA law.

We aren’t reassured by the TSA’s further claim in the same blog post that, “These machines are not networked, so they cannot be hacked.” Apparently they’ve never heard of an inside job, or anyone hacking a computer from the keyboard. (Security hint to the TSA: The keyboard is the easy way, compared to having to carry out an attack over a network.) That just reconfirms that the TSA’s threat model is grossly deficient and that they aren’t really even trying to rein in the temptations (can you say, “naked celebrity pix”?) that the virtual strip-searchers inevitably will face.

Finally, the TSA is still saying that “Use of advanced imaging technology is optional to all passengers.” What they don’t say is that your other “option” will be to submit to a full manual pat-down, regardless of whether you would have set off the metal detector. So if the alternative to a virtual strip-search is a non-virtual strip search, can someone explain to us how that’s a “choice” that should make us more willing to submit to either option?

If we have to be exposed to the TSA, maybe we should just expose ourselves when we get to the airport.

P.S. We forgot to mention the TSA’s claim that no 8-year-old is on the no-fly list, debunked today in the New York Times. Maybe 8-year-old Mikey Hicks isn’t on a watch list, but his name is, and the effect is the same: He can’t fly without getting the 3rd degree. What did that entail? We can’t show you. The TSA demands the right to look (and feel) under your clothes, but they wouldn’t let Mikey’s mother take pictures of how he was frisked.

Jan 12 2010

“Fleshmob” against virtual strip-search machines at Berlin airport

Don’t like being stripped naked by “whole body imaging” machines or “body scanners”, and then groped to determine whether what they see under your underwear is a padded bra, a mastectomy prosthesis, a menstrual pad, an adult diaper, … or plastic explosives?  You could sign this petition …  and/or you could organize your own “fleshmob” like this one (video) at Tegel Airport in Berlin. (More links including videos of similar fleshmobs at other airports here.)

We invite you to compare what’s exposed by the Pirate Party fleshmob video with what’s exposed to the TSA agents in the little room hidden behind the strip-search machines in the video below:

Jan 08 2010

Lessons from the case of the man who set his underpants on fire

We’ve been having a hard time keeping up with events over the last few weeks. Every time we think the keystone cops from the Department of Homeland Security can’t come up with anything dumber to do, they prove us wrong. At this point we’re not sure who is most deserving of derision: (1) the would-be terrorist who tried but failed to explode his underpants, and succeeded only in burning his balls, (2) the goons the TSA sent to intimidate bloggers who tried to tell travelers what to expect when they got to the airport, and find out who had “leaked” the TSA’s secrets, but who left their own notebook of “secret” notes about their investigation of this and other cases behind in a public place, or (3) the TSA agents who felt so ill at the smell of honey they found in checked luggage that they checked themselves into a hospital and shut down the airport. It’s a tough call. Leave your votes, or other nominations, in the comments.

What’s most striking about the government’s response to this unsuccessful bombing attempt is the complete lack of any rational relationship between the actions that have been taken and are being proposed, any analysis of which of these and similar tactics did or did not contribute to the success or failure of the Christmas Day attack on Northwest Airlines flight 253, and any likelihood that they would make future attempts at terrorism less likely to succeed.

Now that the dust has settled a bit, perhaps it’s time to survey the security, security theater, surveillance, and travel control techniques at issue: Read More

Dec 16 2009

He’s got a little list (and we’re on it)

TSA Acting Administrator Gail Rossides testified today before the Subcommittee on Transportation and Infrastructure of the House Homeland Security Committee.  You can watch the archived video from the public portion of the hearing yourself; a closed subcommittee “executive session” with Acting Administrator Rossides followed. In addition to the anticipated spat over the TSA’s refusal to show the SOP to the members of the Congressional Committee, as the law requires, here are some things we thought were noteworthy:

  • Rossides claimed that the unredacted version of the TSA’s Screening Management Standard Operating Procedures was “removed within hours” after the TSA learned last Sunday, December 6th, that it had been posted on a federal website at fbo.gov. That’s not true: it was available on the same site, although at a slightly more obscure URL, for several more days.
  • Rossides mentioned that the TSA has “12 other SOPs”.  We’ve already filed a FOIA request for the two other SOPs whose names we now know (the “Checkpoint Screening SOP” and the “Checked Baggage Screening SOP”).  We’re following up with a FOIA request for all TSA SOPs regardless of what they are called. We’ll ask for the other ten by name as soon as we learn their names.  If you know, and you’d like to play, “Name that SOP”, leave a comment or send us a message.
  • Rossides claimed that there had been “6 updates that had very significant changes” to the Screening Management SOP since the version that was posted.  But she wasn’t asked about, and didn’t repeat under oath, the TSA’s earlier claims that the version they posted (which matched the version number, date, and text of the redacted excerpts they sent us in response to our earlier FOIA request) “was neither implemented nor issued to the workforce”, or if that was true, why it posted or provided to us. We’re currently waiting for the TSA to act on our appeal of their stonewalling of our FOIA request for the most recent version of the Screening Management SOP, so that we can compare it.
  • Rossides said she had “asked that we not release any other SOPs until we’ve completed a review.”  It wasn’t clear who she was referring to, but the only current effort to have any SOPs released are our and others’ similar FOIA requests.  In that context, Rossides appears to have been describing a directive, from the top, to stonewall those requests — which is exactly what seems to have been happening.  Rossides’ testimony could come back to haunt her, and the TSA, if the “good faith” and/or “diligence” of the TSA’s processing of FOIA requests for the SOPs becomes an issue in FOIA litigation.  If Rossides’ legal advisors know what’s good for the agency, they’ll have her issue a prompt, public disavowal of this statement, and a public overriding directive to the TSA FOIA office to process requests for the SOPs, like all other requests, in accordance with the law.
  • The blatant discrimination in the SOP wasn’t mentioned by anyone.
  • In response to a specific question about whether any effort was being made to identify who had downloaded the documents posted by the TSA, Rossides said that, “I believe that is part of what the [DHS] Inspector General is looking at…. The Inspector General has a list of those who have downloaded it and have it on their websites. We do know that.”  Rossides wasn’t asked, and didn’t say, what, if anything, the TSA or IG might do with that list.  But since we’re on that list — in good company with many others, of course — we’d love to know.

There’s more about the hearing on Flyertalk, where the unredacted SOP first came to light, and from a Flyertalk regular and blogger who spread the news further afield, and attended today’s hearing.

Dec 13 2009

FBI reveals claimed No-Fly criteria

In the course of testimony before the Senate Homeland Security Committee, the Director of the FBI’s “Terrorist Screening Center” (TSC) has, for the first time, stated publicly what the government claims to be the “substantive derogatory criteria” used in the (secret, non-adversarial, extra-judicial) process of determining whether to place a name on the “No-Fly” list, i.e to deny a person their Constitutional and human rights to travel, as well as some tidbits about how that decision-making process works.

We wonder about the cadre of people Director Healy of the TSC is describing: Federal employees (your tax dollars at work!) who spend their working hours, day after day, in some secret room in a secret FBI facility, reviewing one dossier of one-sided “derogatory” information after another, never meeting or communicating with any of the people they judge, and deciding based solely on the dossier (including the records about the subject and their travel history from the “Automated Targeting System”) whether or not to “permit” that person to continue to exercise their rights.

Until someone from this team comes forward to talk about their work, the closest we can come to understanding what it might be like may be the Federal bureaucrats of an earlier era of infamy whose job it was to evaluate interned Japanese-Americans to decide which to allow out of the camps, which to allow to live where in the country, and which to allow to hold which jobs.  Their story is told by Prof. Eric Muller (isthatlegal.org) of the University of North Carolina Law School in American Inquisition: The Hunt for Japanese American Disloyalty in World War II. But unlike today’s TSC staff, they were able to interview and/or see responses to questionnaires completed by internees, rather than judging completely in the dark, from the file of “derog” alone.

If anyone at the TSC wants to talk about their job, we’re all ears. In the meantime, here’s what the head of the TSC had to say about their work:  Read More

Dec 10 2009

TSA discloses discriminatory and improperly withheld procedures

There are no legally binding rules (other than those provided by the federal Privacy Act, the U.S. Constitution, and international human rights treaties, all of which the TSA routinely ignores) specifying the limits of TSA authority at checkpoints, what you do and don’t have to do, and which questions you have to answer or orders you have to obey.

So the traveling public, and public interest organizations like the Identity Project, have been reduced to trying deduce the de facto “rules” from the TSA’s internal procedures manuals and directives to its staff, using the Freedom of Information Act — to the extent that we’ve been able to find out what documents to ask for by name, and that the TSA has been willing to release them, usually in incomplete and censored (“redacted”) form.

Now the TSA has done us a favor by posting an unredacted version of the document of which we’ve received only portions of an earlier version, and the complete current version of which is the subject of one of our current FOIA requests: the TSA’s “Screening Management Standard Operating Procedures (SOP)”.

In posting the document on a federal government website (fbo.gov, for “Federal Business Opportunities”) as part of the public specifications for bidders on a TSA contract, the TSA added red outlines highlighting certain portions of the PDF document, and coded black rectangles to overlay them as a separate layer of the PDF file.  But they left the complete text and images unredacted, so that they could be selected, cut, and pasted into a text editor from any PDF reading software.  For your convenience, we’ve posted a copy with the black blocks removed, but the red highlights and everything else retained, so you can see what portions the TSA might have been trying (ineptly) to hide.  Despite false TSA claims that it “was immediately taken down from the Web site”, as of today the original version is still available on the same government site, although at a slightly more obscure URL.

If, like us, you were hoping to learn the non-rules for TSA checkpoints and “screening” (search and interrogation), the Screening Management SOP is disappointing.  It’s mostly about bureaucratic procedures for checkpoint supervisors.  There’s been a lot of excessive commotion about whether its posting was a security breach or provides a “road map for terrorists” (it doesn’t), but little attention is being paid to some more significant things it reveals.

Here’s what we think is really significant about this document, and its release, and what we’re doing next: Read More

Nov 26 2009

“Keeping Track of Travelers’ Personal Information”

WSAV-TV has a Thanksgiving travel-season report on what they found when they used our forms and instructions to request their travel records from the DHS “Automated Targeting System”, including examples of what sorts of information are included in these records and extensive supplmentary material on their website including a 20-minute interview with Identity Project consultant Edward Hasbrouck.

Nov 02 2009

TSA nominee up for Senate questioning November 10th

The Senate Committee on Homeland Security has scheduled a hearing on Tuesday, November 10th, at 10 a.m. in Washington to consider the nomination of Erroll G. Southers to be Assistant Secretary of Homeland Security for the Transportation Security Administration.

None of the questions we think are important got asked during an earlier confirmation hearing before the Senate Commerce and Transportation Committee.  If you want the nominee for TSA to have to tell us, before he is confirmed, whether or not he thinks we have a right to travel, whether TSA decisions should be subject to judicial review, and whether he thinks the government should be keeping logs of the movements of innocent people, let your Senators and the members of the Homeland Security Committee know about your concerns, before November 10th.

We’ve asked for expedited processing of our FOIA request for the TSA’s “Standard Operating Procedures” at checkpoints, in order to make it possible to ask the nominee about those procedures and which of them he would change.

Oct 27 2009

Who’s watching the watchers at the DHS “Privacy” Office?

The Identity Project has joined with more than two dozen other organizations and individual experts from the Privacy Coalition in a joint letter to the House Committee on Homland Security, criticizing the DHS Privacy Office and its annual report and calling for better Congressional oversight of privacy-invasive DHS practices and the DHS Privacy Office itself.

There’s more about the letter, and the DHS response, today in the Washington Post.

We’re pleased to be part of this joint effort, and we hope Congress does more to rein in the DHS — although of course we are disappointed that DHS noncompliance with the law, the Constitution, and international treaties has made such a campaign necessary.  The DHS consistently tries to exempt itself from major requirements of the Privacy Act, such as:

  • Obtaining personal information from the person affected, rather than from third parties.
  • Making personal information accessible to the person affected.
  • Giving people a serious opportunity to correct records about them at DHS (or collected and held by “private” entities at DHS behest and used by the DHS).
  • Only collecting information that is relevant to lawful purposes.
  • Only collecting information that is timely.
  • Only collecting information that is accurate.
  • Only collecting information about categories of individuals disclosed in formal “System of Records Notices” in the Federal Register.
  • Not collecting information about the First Amendment protected activities of US persons — such as who they are associating with, the books they are carrying or reading, the art or slogans or expressive insignia on their clothing or possessions, or where, why, how, and with whom they are assembling.

DHS claims for itself the ability to “exempt” itself from these statutory requirements. They do not cite any statute or court case that allows them to do so.

The DHS Privacy Office has been intimately involved in producing Federal Register filings that claim these exemptions from fundamental statutory Federal record-keeping requirements, and fail to properly disclose the extent of DHS systems of travel records. DHS travel records include information about numerous categories of people not mentioned in the SORNs, from people who pay for other people’s tickets to people whose phone numbers where entered in reservations of houseguests reconfirming flights, as well other information prohibited form collection by the Privacy Act.  In this way, the Privacy Office has actively undermined the Privacy Act that they are sworn to uphold, and has been a party to criminal violations of the Privacy Act in the continued operation of these systems of records.  We’ve gotten no response whatsoever to our repeated formal complaints of these crimes filed with the DHS Privacy Office.

Oct 21 2009

Why shouldn’t we have to show ID when we fly?

From time to time, people ask us, “But why don’t you want to show ID when you travel?  What’s wrong with that?” There are probably as many answers to that question as there are people who resist government demands to show ID when they travel, even when it’s scary and involves some personal risk to say “No” to the TSA agents and their rent-a-cops.  But for one answer among many to the question, “Why?”, we asked one of those people, Joe Williams.  He responded with the following guest blog post:

Why shouldn’t we have to show ID when flying?

Because it doesn’t make us safer, it’s unconstitutional, and truly free countries don’t require it.

Long after the ID-demand policy was implemented in the summer of 1996, 9/11 proved that ID requirements don’t work. Even if you are on a no- fly list all one needs to do is: Buy a ticket in some innocent person’s name. Check in online and print that person’s boarding pass. Save that web page as a PDF and use Adobe Acrobat to change the name on the boarding pass to your own. Print it again. At the airport, use the fake boarding pass and your valid ID to get through security. At the gate use the real boarding pass to board your flight.

Being required to show ID only proves the success of al-Qaeda with fear established and freedoms violated.

Most people are not aware that freedoms in the Constitution are “inalienable & natural” meaning we were born with them. They are not government granted. Just as the U.S. Constitution represents our inalienable right to life, liberty, & freedom, so too does the TSA represent a significant threat to those God-given rights. TSA protocol is to assume all innocent people to be a threat until being cleared from a secret list. Put another way, “The innocent shall suffer the sins of the guilty.”

Previous court decisions are referenced in justifying the legalization of ID requirements which translates into; it’s OK to violate a little of the people’s freedom, just not a lot. Most people are not willing to be inconvenienced to challenge these requirements, let alone initiate a real legal battle or protest. It’s easier to show ID than to fight for one’s rights and freedom.

And when legal challenges have been made against these secret “security directives”, courts have ruled they are secret laws and barred from public scrutiny or debate. Checkpoints & ID requirements are more commonly associated with governments who suppress freedom yet we implement them in the name of safety and security. In the name of national security, government can violate peoples’ freedom. Being forced to announce one’s self is a loss of privacy and “taking away a person’s privacy renders to the government the ability to control absolutely that person.” (Ayn Rand)

“In the end, the photo ID requirement is based on the myth that we can somehow correlate identity with intent. We can’t.” (Bruce Schneier, Chief Security Technology officer of BT Global Services) Surveillance is not freedom. Having to ask for permission is not freedom. Most elected officials believe the more legislation passed exerting more government control over people, the better off society is. The Constitution was written to restrict government yet most elected officials look for ways to circumvent instead of defending the Constitution as stated in their oath of office. It is not an elected official’s job to give freedom. It’s their job to defend it.

I would rather live in a higher risk society wrapped in freedom than live as a slave in complete safety & security.

Joe Williams
concerned citizen
Atlanta, GA

“Domestic travel restrictions are the hallmark of authoritarian states, not free nations.” (Congressman Ron Paul)

“Safety from external danger is the most powerful director of national conduct. Even the ardent love of liberty will, after a time, give way to its dictates. The violent destruction of life and property incident to war — the continual effort and alarm attendant on a state of continual danger, will compel nations the most attached to liberty, to resort for repose and security, to institutions, which have a tendency to destroy their civil and political rights. To be more safe they, at length, become willing to run the risk of being less free. The institutions alluded to are STANDING ARMIES, and the correspondent appendages of military establishments.” (Alexander Hamilton, Federalist No. 8, November 20, 1787)

“We uphold Freedom by exercising it – not by restricting it.” (The Identity Project)