Oct 03 2018

3rd Circuit to reconsider impunity of TSA checkpoint staff

Good news: The 3rd Circuit Court of Appeals has decided to reconsider whether, as a panel of that court decided earlier this year, TSA checkpoint staff should have legal impunity to assault or otherwise violate the rights of travelers without consequences.

When it was issued in July 2018, we said that “The details of the opinion dismissing Ms. Pellegrino’s complaint might be described charitably as arcane, and uncharitably as twisted.” There was a well-argued dissent by one of the three members of the panel.

The majority of the panel recognized that the job of TSA checkpoint staff is to search travelers, but then somehow managed to conclude that they aren’t “officer[s] of the United States who [are] empowered by law to execute searches.” The majority of the panel also went outside the factual record to base their decision on false speculation that TSA checkpoint staff don’t conduct searches for general law enforcement purposes.

Based on these arguments and “facts”, the panel majority found that TSA staff are immune from lawsuits for travelers, even if they admit to assaulting travelers.

The decision by a majority of the judges of the 3rd Circuit to grant rehearing en banc in the case of Pellegrino v. TSA voids the original opinion by a three-judge panel. The appeal will now be re-argued de novo, after new briefing, before all of the judges of the 3rd Circuit.

Let’s hope that the full court gets it right this time, and recognizes that TSA checkpoint staff are not above the law.

Oct 01 2018

Yes, the DHS wants mug shots of all air travelers

A new report by the DHS Office of Inspector General (OIG) gives perhaps the most detailed official picture to date of the US government’s plans for ed biometric identification, tracking, and control of international air travelers through automated facial recognition.

Contrary to specious claims in DHS propaganda that the current rollout of mug-shot machines at departure gates at airports across the country is “only a test,” the DHS OIG reports that US Customs and Border Protection (CBP) plans to expand the mug shot and automated facial image recognition program from 6 million air travelers in 2018 to 60 million in 2019, 120 million in 2020, and 129 million — 100% of international airline departures from the US — by 2021.

But that’s not all. “Over time, the program plans to … incrementally deploy biometric capabilities across all modes of travel — air, sea, and land — by fiscal year 2025,” according to the OIG report.

The scope of these plans should make clear that the only thing being “tested” is whether travelers will submit to this program, not whether it is justified or what interests it serves.

The OIG report mentions that US citizens have been “allowed” to opt out of the airport mug shot “pilot program “, but doesn’t say whether they were told they had a right to do so:

CBP allowed U.S. citizens to decline participation in the pilot. In such cases, CBP officers would permit the travelers to bypass the camera and would instead check the individuals’ passports to verify U.S. citizenship. When a U.S. citizen opted to participate in the pilot but did not successfully match with a gallery photo, the CBP officer would examine the individual’s passport but did not collect fingerprints. We observed biometric screening at four airports — a total of 12 flights — during our audit and witnessed only 16 passengers who declined to participate.

[Note the absence of any apparent notice that US citizens can “opt-out”.]

In preparing their report, OIG staff “met with a number of external stakeholders, including the Airlines for America trade association, Delta Airlines, JetBlue Airlines, and British Airways.” Notably, however, OIG made no attempt to consult consumer, civil liberties, or human rights organizations or to consider their objections to mandatory mug shots.

The only objections noted in the OIG report came from airlines and airport operators. But it would be a mistake to interpret this as “resistance” from the airline industry to biometric surveillance of airline passengers through automated facial recognition.

The OIG report makes clear that the only thing being disputed by airlines and airports is who will pay for equipment and staff, not whether these systems will be deployed: Read More

Sep 24 2018

Will the government get mug shots of all air travelers?

The dispute over government-mandated biometric identification of travelers through automated facial recognition continues to sharpen.

ID document requirements for air travel have been imposed on a de facto basis by DHS administrative fiat without ever having been approved by Congress or authorized by law.

In a similar way, requirements for US citizens to submit to mug shots — either by components of the Department of Homeland Security or by airlines, airport operators, or contractors who share photos with DHS — are being imposed on a growing scale without any Congressional debate or statutory  basis.

Last week the World Privacy Forum submitted a petition for rulemaking asking the DHS to “provide formal notice and solicit public comments pursuant to the Administrative Procedure Act” before proceeding with further “trials” of biometric identification of travelers: Read More

Sep 18 2018

Globalization and policy laundering of travel control

An interview with the head of US Customs and Border Protection (CBP) published this month by the U.S. Military Academy as part of a “View From The Foxhole” series provides an unusually revealing, and disturbing, picture of the expansion and globalization of surveillance and control of travelers. It also highlights the ways that policy is being “laundered” through the rationale of “compliance with international standards” to avoid any domestic political debate in the US or other collaborating countries.

CBP Commissioner Kevin K. McAleenan begins his overview of the role of the CBP by referring to “people who are… seeking that permission to travel to the United States”.

But US citizens don’t need “permission” from CBP or any other government agency to travel to the US. McAleenan’s comment makes clear the extent to which the US government has arrogated to itself, and now takes for granted, the illegitimate authority to condition the exercise of the right to freedom of movement on government permission.

CBP Commissioner McAleenan doubles down by asserting that “we have the responsibility to interview and inspect all travelers and make decisions on whether they present a risk.”

But that’s not true either. CBP’s authority to inspect travelers is limited to determining whether there is probable cause to charge them with violations of the law. We have a system of criminal law, not a pre-crime system of “risk-based” predictive denial of rights.

Read More

Aug 28 2018

CBP expands partnership with airlines on facial recognition

This month US Customs and Border Protection (CBP) posted the latest in a series of Privacy Impact Assessments (PIAs) for its Traveler Verification Service (TVS) program.

The  latest PIA gives notice (although not in the form required by Federal law) that CBP and its airline and airport  partners are carrying out a second expanded phase of “demonstrations” of TVS, an identity-as-a-service scheme designed to use automated recognition of images from a shared CBP/airline/airport database of facial photos for purposes including surveillance and control (for CBP) and business process automation and price personalization (for airlines and airports).

CBP (1) describes TVS as a “biometric exit” program, (2) describes the current use of TVS as merely a “demonstration”, (3) continues to claim that airlines and airports “have no interest in keeping or retaining” facial images any longer , or using them for any other purposes, than is required by CBP for “security”, and (4) says that U.S citizens aren’t required to submit to mug shots.

These claims are intended to lull the public into not protesting: “This is only a test, using photos for limited purposes. The photos will be deleted once you get on the plane, and not used for nay commercial or other purpose.” And so forth.

All that might be somewhat reassuring, if any of it were true. But  none of it is:

Read More

Jul 29 2018

Federal Air Marshals blow the whistle on TSA “Quiet Skies” traveler surveillance program

Jana Winter has a detailed investigative report on the front page of today’s Boston Globe about a previously secret TSA program of illegal surveillance of innocent air travelers, “Quiet Skies”.

According to the story in the Globe, based in part on descriptions and documents  apparently leaked by dissident Federal Air Marshals, the “Quiet Skies” program selects certain airline passengers, who aren’t on any blacklist (“watchlist”) or under investigation for any crime, on the basis of algorithmic profiling, countries previously visited (merely traveling to Turkey has been enough to get some people selected), phone numbers or email addresses, and/or other factors in DHS files about them.

A FAM or team of FAMs is assigned to follow each targeted traveler from the time they arrive at their airport of origin (which the TSA knows from its access to airline reservations through the Secure Flight program), onto and on the plane, through any connecting airports, and until the unwitting target of their surveillance leaves the airport at their final destination.

The FAM gumshoes are required to file detailed reports on each traveler they are assigned to stalk, including a checklist of details such as whether the person being tailed used the toilet in the airport or on the plane, whether they slept for most of the flight or only briefly, and whether they had “strong body odor” or engaged in “excessive fidgeting.”

Is this the reincarnation of J. Edgar Hoover’s FBI, the (re)emergence of an American Stasi, or standard operating procedure for a government that regards travel as inherently suspicious, rather than as the exercise of human and Constitutional rights?

All of the above, unfortunately.

The story in the Globe speaks for itself, and is worth reading in full.

But lest it be misunderstood, here are some key points about what today’s news reveals, what’s new and what isn’t, and why it’s significant:

Read More

Jul 23 2018

Airlines, airports, and cruise lines “partner” with DHS

This month some cruise lines are joining airlines and airports in taking mug shots of travelers and passing them on to US Customs and Border Protection (CB P). CBP uses these facial images (“biometrics”) for border and travel control and general law enforcement (policing and surveillance) purposes, and shares them with other Department of Homeland Security components and other domestic and foreign entities.

Read More

Jul 17 2018

3rd Circuit gives impunity to TSA checkpoint staff

TSA checkpoint staff often act as though they were above the law. But are they really?

Sadly, they often are, at least in the opinion of some Federal judges.

The 3rd Circuit Court of Appeals recent decision in Pellegrino v. TSA , in combination with its decision last year in Vanderklok v. TSA, mean that — at least for now, and at least in the 3rd Circuit — no civil recourse or remedy is available through the Federal courts against checkpoint staff who deliberately assault travelers, lie about their own actions and those of travellers, and make knowingly and deliberately false complaints to police in order to get travelers wrongly arrested.

The two judges in the majority on the three-judge panel that upheld the dismissal of Nadine Pellegrino’s complaint  explicitly acknowledged the implications of their decision:

We recognize that our holding here, combined with our decision in Vanderklok, means that individuals harmed by the intentional torts of TSOs will have very limited legal redress. And we are sympathetic to the concerns this may raise as a matter of policy, particularly given the nature and frequency of TSOs’ contact with the flying public. For most people, TSA screenings are an unavoidable feature of flying, 49 U.S.C. §44901(a), and they may involve thorough searches of not only the belongings of passengers but also their physical persons…. For these reasons, Congress may well see fit to …  legislate recourse for passengers who seek to assert intentional tort claims against TSOs. But such policy judgments, particularly as they relate to sovereign immunity and the public fisc, fall squarely in the realm of the legislative branch.

The dissenting member of the panel (the dissent starts at p. 54 of the slip opinion) characterized the decision more bluntly:

My colleagues[‘]…  decision insulates TSOs from all intentional tort claims, leaving plaintiffs without a civil remedy. Absent congressional action, they cannot recover if a TSO [Transportation Security “Officer”] assaults them, unlawfully detains them, or unlawfully lodges a criminal complaint against them.

The details of the opinion dismissing Ms. Pellegrino’s complaint might be described charitably as arcane, and uncharitably as twisted.
Read More

Jun 22 2018

Arguments for and against TSA Form 415

We’ve finally begun receiving records from the TSA of how the public responded to the TSA’s proposal in 2016 to start requiring travelers to show ID in order to fly.

Since 2008, TSA and contractor staff at airport checkpoints have been demanding that some travelers who do not have ID, do not show ID to checkpoint staff, or show ID that is initially deemed “unacceptable” fill out and sign TSA Form 415, “Certification of Identity”, and answer questions about the information in the (secret) file about them maintained and made available to the TSA by the commercial data broker Accurint.

Before any Federal agency such as the TSA starts collecting information from the public, whether verbally or through a written form, the agency is required to obtain approval for the “information collection” from the Office of Management and Budget (OMB).

The TSA has never requested or obtained approval for any version of Form 415. But in 2016, the TSA gave notice that it intended to seek OMB approval for Form  415, and accepted comments on that proposal from the public by email. After submitting our own objections to the TSA’s proposal, the Identity Project made a Freedom Of Information Act (FOIA) request for the complete administrative record related to the TSA’s contemplated request.

The TSA has not yet actually submitted a request to OMB for approval of Form 415, but has continued to use it illegally without OMB approval.

In May 2018, we received a heavily redacted version of the TSA’s procedures for “ID verification” including use of Form 415.

Now we’ve received a first partial set of excerpts from the “administrative record” related to the TSA’s proposal, consisting mainly of comments submitted by the public.

Most of the comments were from civil liberties and human rights organizations opposed to the TSA’s proposal, including the Identity Project, the Cyber Privacy Project,  the Constitution Alliance, and the Electronic Privacy Information Center.

But the TSA also received comments questioning the TSA proposal from at least one state government, and a single frighteningly revealing comment urging the TSA to use even more intrusive measures to track people who try to fly without “acceptable” ID.

Read More

Jun 19 2018

Coding Amtrak’s collaboration with US Customs and Border Protection

We’ve received and posted the latest installment in a continuing trickle of responses to a Freedom of Information Act request  we made in 2014 for records related to Amtrak’s collaboration with US and foreign law enforcement and “border control” agencies.

The most recent batch of records released by Amtrak consists mainly of email correspondence between Amtrak IT staff responsible for supporting ticket sales through travel agencies  (most of which occur through computerized reservation systems), programmers with Amtrak’s in-house ARROW  reservation system, and Amtrak’s technical contacts at  the four major CRSs used by travel agencies: Sabre, Apollo, Worldspan, and Amadeus.

Most of these exchanges relate to Amtrak’s decision in 2005 to start feeding information about all passengers on cross-border (USA-Canada and Canada-USA) Amtrak trains to US Customs and Border Protection, and to require all passengers on these trains to provide Amtrak with passport or travel document info to pass on to CBP.

This was not required by any US law or regulations,  but was a voluntary decision by Amtrak. Some travel agents complained about this, but we’ve still seen no indication that they were given any answer about why Amtrak was doing this or what travelers or travel agents who didn’t want to provide this information could do. Amtrak’s own programmers were falsely told that this was required by order of CBP.

The messages we have received show that requiring travel agents to enter names and details of ID documents in PNRs for Amtrak travel created in the CRSs, and getting this information to flow through in standardized form to ARROW records and transmissions to CBP, proved more difficult than had been expected.

Read More