Papers, Please! – Page 17 – The Identity Project

Jul 10 2019

Automated DHS searches of state drivers’ license photos

State agencies that issue drivers’ licenses are conducting warrantless searches of their databases of license photos, using automated face recognition software, at the request of law enforcement agencies including the Immigration and Customs Enforcement (ICE) division of the Department of Homeland Security.

The use of automated facial recognition to search databases of drivers’ license mug shots was revealed in responses to requests made under the Freedom Of Information Act and state public records laws by the Georgetown University Center on Privacy & Technology. It was reported in recent days in the Washington Post, New York Times, and in two stories on NPR, and was discussed in a Congressional hearing today on the use of automated facial recognition by Federal agencies. (Earlier Congressional hearings on automated facial recognition were held on May 22nd and June 4th.)

Questions are being asked by members of Congress, state officials, and civil libertarians: What is the legal basis, if any, for these dragnet searches of drivers’ license photo databases? How have they have evaded judicial oversight? Warrants or court orders were neither requested by DHS or other law enforcement agencies, nor demanded by the state agencies that carried out the searches in response to extrajudicial administrative requests.

A letter sent this week by a coalition of civil liberties organizations calls on Congress to suspend the use of facial recognition technology by the DHS. While that is appropriate, it doesn’t address how, from what sources, or on what legal basis databases of ID-linked mug shots of innocent individuals are being created and obtained by the DHS.

Additional questions ought to be asked about the implications of the latest revelations for the REAL-ID Act and the use of facial recognition by airlines, airport operators, and DHS officers and agents at airports and borders:

Jul 01 2019

PCLOB to review use of PNR (airline reservation) data

Following its most recent meeting on May 31, 2019, the Privacy and Civil Liberties Oversight Board (PCLOB) announced last week that “The Board has voted to conduct an oversight project related to the use of airline Passenger Name Records.”

We welcome this announcement by the PCLOB, and look forward to whatever opportunities may be presented to assist the PCLOB and its staff in this project.

Mass surveillance and permission-based predictive control of movement and travel, which in practice has relied on compelled identification of travelers and government access to PNR data (commercial airline reservations), was one of three issues we recommended as priorities for investigation by the PCLOB once enough members were appointed and confirmed for the Board to again have a quorum able to make decisions after a hiatus of several years.

PNR data is used to target searches and seizures and to make predictive decisions about who is, and who is not, “allowed” to exercise their right to travel by common carrier.

Government access to and use of PNR data needs to be recognized, and denounced, both as suspicionless, warrantless, and unconstitutional mass surveillance (through dragnet collection of personally identified travel metadata about the exercise of rights of freedom of movement and travel by common carrier) and as the most pervasive current program of unconstitutional predictive “pre-crime” control of the exercise of rights protected by the First Amendment (“the right of the people… peaceably to assemble”) and international human rights treaties.

The PCLOB is one of the most important advisory bodies within the Federal government. Although it lacks any enforcement power, the PCLOB has more autonomy and more ability to investigate and publicly criticize the practices of Federal agencies than agency “Privacy Officers” who serve at the pleasure of, take orders from, and whose public statements are subject to control by the heads of Federal agencies and by the President.

Members of the PCLOB are appointed by the President and confirmed by the Senate. Unlike most Federal advisory bodies, the PCLOB can set its own agenda and choose which issues to investigate. The PCLOB is considered an independent Federal agency. The PCLOB has the authority to review records of all Federal agencies, and to request that the Attorney General subpoena records held by third parties. But despite its name, the PCLOB has no “oversight” authority other than the authority to issue reports that the President, Congress, Federal prosecutors, and Federal agencies are free to ignore.

Jun 25 2019

DHS continues to target traveling journalists for illegal searches

A new report by Seth Harp in The Intercept confirms that, despite by ongoing litigation challenging warrantless, suspicionless searches of travelers’ electronic devices, the US Customs and Border Protection (CBP) division of the DHS is continuing to target journalists for these illegal searches and for interrogation about their journalistic travel and other activities.

Mr. Harp’s experience shows yet again why the lawsuit brought in Federal District Court in Boston by the ACLU, ACLU of Massachusetts, and EFF is so important. CBP officials have admitted in deposition testimony and documents produced in response to the lawsuit that they use — and claim the authority to use — warrantless searches at borders and international airports to search travelers’ electronic devices (smartphone, laptops, memory sticks, etc.) for “general law enforcement purposes” unrelated to customs or immigration laws, for pre-crime predictions (“risk assessments”), and on behalf of other government agencies including state and local police, the IRS, etc.

Several of the plaintiffs in the lawsuit are journalists who have been subjected to warrantless searches of their electronic devices when they traveled internationally.

As of now, the court is considering the plaintiffs’ motion for a finding that searches of electronic devices at international borders or airports require a warrant approved by a judge and based on probable cause for suspicion of a crime. But CBP has made clear that will continue its suspicionless searches unless and until it is ordered to stop.

May 14 2019

Government access to airline PNR data challenged in German courts

Complaints filed today in German courts and administrative complaints to data protection authorities in Austria challenge government access to and use and retention of Passenger Name Record data (commercial airline reservation records) as a violation of fundamental rights guaranteed by European Union, German, and Austrian law:

English translation of complaint, De Capitani v. Federal Republic of Germany
Original complaint in German, De Capitani v. Bundesrepublik Deutschland
Background information about the legal campaign (in German): NoPNR.eu
We’re going to overturn the PNR directive (epicenter.works)
Video of press conference by epicenter.works announcing campaign (in German)
Press coverage in German:
- Massenüberwachung: Bürgerrechtler klagen gegen Fluggastdatenspeicherung (Stefan Krempl, Heise.de)
- Überwachung: Bürgerrechtsorganisationen klagen gegen Vorratsdatenspeicherung der Lüfte (Lorenz Mrohs, Netzpolitik.org)
- Überwachung von Passagieren: Bürgerrechtler klagen gegen Fluggastdaten-Speicherung (Patrick Beuth, Spiegel Online)
- Fluggast-Massenüberwachung: “Die Rasterfahndung am Himmel muss beendet werden” (Jannis Brühl, Süddeutsche Zeitung)
- Datenschützer wollen Fluggastdatenspeicherung kippen (Georg Pichler, DerStandard.at)
- PNR-System: Klage soll europäische Fluggastdatenspeicherung stoppen (Friedhelm Greis, Golem.de)
- NGOs wollen Sammlung von Flugpassagier-Daten kippen (Christoph „Burstup“ Weiss (ORF.at)
- Fluggastdaten: Darf die Polizei wissen, in welchen Flieger Sie steigen? ( Kai Bierman, Zeit Online)
- Streit um Fluggastdaten: Gegen Rasterfahndung am Himmel (Christian Roth, taz.de)
- Aktivisten klagen gegen „Rasterfahndung am Himmel“ (Krone.at)

We’ve made (unsuccessful) administrative complaints regarding PNR data to data protection authorities in EU member states incluidng the Netherlands, France, and Germany, and challenged some aspects of the US governmet’s PNR-based travel surveillaace system in US court under the Privacy Act. But so far as we know, the lawsuits filed today se are the first court cases outside the US to challenge the legality of government demands for access to PNR data or other travel records.

The European legal campaign against PNR-based mass surveillance of travelers is a project of the Gesellschaft für Freiheitsrechte (GFF) in Germany and epicenter.works – Plattform Grundrechtspolitik in Austria, funded in part by one of the first grants from Digital Freedom Fund (DFF) for impact litigation.

The lead plaintiff in the case filed in German administrative court in Wiesbaden, Emilio De Capitani, is a retired former director of the staff of the LIBE (civil liberties) committee of the European Parliament. Mr. De Capitani and the plaintiffs in additional cases filed in other German local courts are represented by Prof. Dr. Remo Klinger and his colleagues at the law firm of Geulen and Klinger in Berlin. The plaintiffs in the Austrian cases are represented by attorney Ronald Frühwirth in Graz.

Mr. De Capitani plans to fly from Brussels to Berlin for a meeting of GFF in November 2019. He has purchased tickets and informed the airline that he does not want PNR data pertaining to his travel to be made available to government agencies

In response, the airline has told Mr. De Capitani that regardless of his preferences, the airline will provide government agencies in Germany (and possibly also Belgium, although it is not clear if Belgium already has or will have established a “Passenger Information Unit” to receive and process PNR data) with complete copies of the PNRs pertaining to his travel.

This action by the airline is required by German law. Germany and each other member state of the European Union is required to establish a Passenger Information [surveillance] Unit within the government and to have such a law mandating airlines to provide PNR data to the government to comply with the EU PNR Directive adopted in 2016.

The legal analysis in the complaint is conducted primarily under the legal standard of “proportionality” of intrusions on rights to legitimate government purposes. It focuses on the suspicionless, dragnet character of the surveillance and retention of data concerning travelers carried out through government access to PNR data, and the use of PNR data not merely for carrying out judicial orders against identified individuals, but also for pre-crime predictive profiling of innocent individuals based on algorithms and “patterns”.

Mr. De Capitani has asked the German court to find that the German PNR law violates fundamental rights recognized by German law, a decision that would ultimately be made by the German Constitutional Court. Because national courts of EU member states do not have jurisdiction to invalidate EU legislation, Mr. De Capitani has asked the German court to refer the question of whether the EU PNR Directive violates fundamental rights recognized by EU law to the European Court of Justice for a binding determination. And Mr. De Capitani has asked for a temporary preventive injunction prohibiting the government from accessing or requiring the airline to give the government access to PNR data pertaining to him and his travel to government agencies while the case is pending.

Mr. De Capitani’s legal complaint is directed against the German government. Others of the lawsuits filed today name airlines including Lufthansa as defendants.

[This article has been updated with additional information and links.]

May 07 2019

Air travelers question use of facial recognition

A Tweet that went viral from an airline passenger questioning JetBlue Airlines about its use of automated facial recognition at departure gates has called new attention to the growing use of automated facial recognition to identify and track travelers.

Our friends at the Electronic Frontier Foundation have an excellent analysis in their Deeplinks blog of some of the unanswered questions raised by this practice. We’ve talked about these before, in our blog and in meetings with DHS officials:

What is the relationship between the government and its airline and airport “partners” for the use of mug shots of travelers and related identifying information?
Can travelers really opt out of airport mug shots, and if so how, especially if — as with ceiling-mounted cameras or other new airport designs for “touchless” passenger processing — facial images are automatically captured before travelers reach the point where they could ask to opt out
What, if any, restrictions apply to use or “sharing” of the images and tracking data by airlines, airport operators (which are often local government agencies or other parastatal entities), or DHS components or other government agencies?

We agree completely with EFF that travelers should “Skip the surveillance by opting out of face recognition at airports” and that both members of the public and members of Congress should question what is happening , why, and whether it is legally justified.

But we also want to call attention to two additional aspects of this problem that have been overlooked or misinterpreted in much of the recent discussion: retention of facial images and accuracy of automated facial recognition.

Apr 04 2019

TSA plans to put new lying signs in airports

[This sign is a lie.]

According to a press release issued today by the Transportation Security Administration, the TSA plans to start posting signs as shown above in airports throughout the USA, claiming that “ID Requirements Are Changing” and that “Beginning Beginning October 1, 2020, you will need a REAL ID compliant license or another acceptable form of ID, such as a valid passport or U.S. military ID, to fly within the U.S.”

According to today’s TSA press release:

REAL ID-compliant licenses or other acceptable forms of ID, such as a valid passport, federal government PIV card or U.S. military ID, will be mandatory for air travel beginning on October 1, 2020. Critically important, on October 1, 2020, individuals who are unable to verify their identity will not be permitted to enter the TSA checkpoint and will not be allowed to fly.

These signs and this and similar press releases are lies.

This isn’t the first time, and probably won’t be the last, that the TSA and/or DHS have made lying statements, issued lying press releases, or posted lying signs about the REAL-ID Act and ID to fly.

Is ID required to fly? No.

One would expect “requirements” announced by a Federal agency to be contained in laws or regulations. But the TSA’s own lawyers, officials, and witnesses testifying under oath have told judges in every lawsuit in which the issue has arisen that no law or regulation required domestic air travelers to have, carry, or show any ID cards or credentials.

The TSA’s responses to our Freedom Of Information Act (FOIA) requests for its records of people who show up at TSA and TSA-contractor checkpoints at airports without ID show that more than 98% of them — hundreds a day, and tens of thousands every year — are allowed to continue to board their flights without carrying or showing ID.

Is this scheduled to change? No.

Changes to Federal laws require action by Congress. No bill has been introduced in the current Congress (or ever, so far as we can tell) that would impose any ID requirement for air travel.

Changes to Federal regulations require a process governed by the Administrative Procedure Act that starts with a “Notice of Proposed Rulemaking” (NPRM) published in the Federal Register. No notice of any proposed rules related to ID to fly has been published.

In 2016, the TSA published a notice that it planned to seek approval from the Office of Management and Budget (OMB) — but had not yet sought that approval — for a new version of a form some air travelers without ID have been asked to fill out. (Because the form has never been submitted to, or approved by, OMB, its use is illegal and no penalty can lawfully be imposed for declining to respond to the questions on the form.)

We pointed out to the TSA and OMB that it was improper to ask OMB to approve this form without first enacting a law or promulgating regulations providing a legal basis for the form. Other organizations and individuals also objected to the proposed form. The TSA has neither responded to any of the objections nor submitted the form for OMB approval.

Will the REAL-ID Act of 2005 change this? No.

The REAL-ID Act and implementing regulations are concerned only with which ID cards are considered “acceptable”, in circumstances in which some (other) valid Federal law regulations requires ID for some Federal purpose. The REAL-ID Act itself did not purport to impose any new ID requirements, either when it was enacted, in 2010, or ever.

Will I still be allowed to fly without ID in the future? Maybe, maybe not. That’s up to the TSA. But if the TSA or its contractors prevent you from traveling, without a lawful basis, they will be violating your rights and breaking the law.

Since the TSA is wielding power by secret internal orders and security directives to staff, contractors, and airlines, announced (if at all) through press releases rather than through proper formal notices in the Federal Register, it’s impossible to say with certainty what it will try to do. What it will do is likely to depend, in significant part, on its assessment of how widely and strongly particular assertions of illegitimate authority will be resisted.

The TSA has been making threats to start harassing residents of states and territories that it hasn’t chosen — in what it has claimed is its standardless discretion — to certify as being sufficiently “compliant” with the REAL-ID Act, or to give extensions of time to comply. These certifications and extensions of time have had little apparent relationship with actual compliance, so they too are impossible to predict.

The next of these threats is an extension of time to California to comply with the REAL-ID Act which is scheduled to expire at the end of the day on April 10, 2019.

We suspect, especially after today’s press release — which focuses on an arbitrary date of October 1, 2020, rather than any of the “extension” expiration dates — that the DHS will either certify California and all of the other states and territories as “compliant” (even if they aren’t) or extend their time to comply until October 1, 2020.

Apr 03 2019

Search, interrogation, and threats at SFO

Dr. Andreas Gal is the former CTO of the Mozilla Foundation, and the founder of a software company that was acquired by Apple Computer last year. He’s a naturalized US citizen and a frequent international business traveler.

Here’s part of Dr. Gal’s account (in another part of which he links to some of our previous reporting on related issues) of what happened when he arrived at San Francisco International Airport after a trip to Europe last November:

I quickly found myself surrounded by three armed agents wearing bullet proof vests. They started to question me aggressively regarding my trip, my current employment, and my past work for Mozilla, a non-profit organization dedicated to open technology and online privacy.

The agents proceeded to search my belongings and demanded that I unlock my smartphone and laptop. This was rather concerning for me. My phone and laptop are property of my employer and contain unreleased software and proprietary information. I’ve signed a non-disclosure agreement promising not to give anyone access.

Because I was uncertain about my legal responsibilities to my employer, I asked the agents if I could speak to my employer or an attorney before unlocking my devices. This request seemed to aggravate the customs officers. They informed me that I had no right to speak to an attorney at the border despite being a U.S. citizen, and threatened me that failure to immediately comply with their demand is a violation of federal criminal code 18 USC 111.

I declined to answer any further questions, and continued to ask to speak to an attorney instead. The interrogation and threats continued for some time, which I endured silently. Despite initial threats that they would keep my devices if I didn’t unlock them, I was eventually permitted to leave the customs area with my devices.

The ACLU of Northern California has complained to the Department of Homeland Security and its Customs and Border Protection component about the detention, search, and interrogation of Dr. Gal and the baseless threats of criminal prosecution made by CBP.

We share the concerns raised by the ACLU in their complaint on behalf of Dr. Gal.

But there are some additional aspects of this case worth noting:

The CBP agents were lying and making threats which they did not follow through on. When Dr. Gal persisted in not merely asserting but exercising his rights, the CBP agents allowed him to leave without being charged with any crime. The takeaway is that law enforcement officers can and will lie, that their goal is always to get you to “consent” to whatever they want to do or want you to do, and that you will never find out the actual limits of their legal authority unless you say no to any requests for consent. In this case, Dr. Gal was allowed to leave with his electronic devices. His devices might have been kept longer by CBP, but if they had been, Dr. Dal would only have been able to contest their continued detention or any demand for him to unlock them or provide the passwords if he withheld his consent. If police ask you, “May I…?”, that means they know they need your permission. Just say, “No”.
There’s an additional law which Dr. Gal could have invoked, but of which he was probably unaware: the Privacy Protection Act, Title 42 US Code, Section 2000aa. As a blogger and Twitterer, Dr. Gal is almost certainly protected by the Privacy Protection Act — as is anyone who posts publicly to social media. The Privacy Protection Act provides an important potential means of redress for searches and seizures of documents or electronic data at airports — but only if you know your rights and assert them when government agents threaten to violate them.
Dr. Gal’s account of what happened to him at SFO and the ACLU complaint letter address the likely basis for his detention and interrogation (as inferred from the questions he was asked about activities protected by the First Amendment). But they don’t address either the means by which he was targeted, or who was responsible. Given that Dr. Gal was surrounded by a special squad of armed goons before anyone had asked him any questions, he could only been targeted based on the data about him held by CBP, including records of his past and most recent travels (including mirror copies of airline reservations) and any TECS alerts set by law enforcement agencies. Records released by CBP in response to Privacy Act and FOIA requests by other travelers have shown how TECS alerts are used to target journalists and activists and trigger messages (based on ingestion of airline reservations) so that a “welcoming party” such as Dr. Gal can be waiting for them to search and question them and, in some cases, seize and image their electronic devices. We’ve assisted other travelers who have been able to use Privacy Act and FOIA requests for records of their travel to identify or get clues about when a TECS alert was set for them as a “person of interest”, by whom or by what agency, why, and with what handling instructions. Much information is always withheld, but clues sometimes get through.

Apr 01 2019

DHS continues to extort participation in REAL-ID database

If there is one truth hiding in the forest of DHS lies about the REAL-ID Act of 2005, it’s that the DHS doesn’t want to cause riots at airports by subjecting residents of disfavored states to more intrusive searches and “ID verification” interrogation when they travel by air.

The goal of the REAL-ID Act is to intimidate states into adding their residents drivers’ license and state ID data to the SPEXS national ID database, through threats to harass residents of states and territories that aren’t sufficiently compliant.

Like any extortionist, the DHS wants its victims to submit, and doesn’t really want (and may not even be prepared) to carry out its threats.

But what will the DHS do when its bluff is called by states or territories that are either unwilling or unable to comply?

Today, April Fools Day, we’re seeing the latest test of the answer to this question, with the US Virgin Islands as the target of DHS threats.

Mar 13 2019

US government blacklisting system is unconstitutional, victims say

The Terrorist Screening Database (TSDB) “fails to provide constitutionally sufficient procedural due process,” according to a motion for summary judgment filed this week in a lawsuit brought by people who have been placed on the TSDB blacklist.

We’ve been following this case, Elhady v. Kable, since it was filed in 2016. Discovery and depositions taken in the case, as well as leaks by whistleblowers while the case has been pending, have revealed an unprecedented level of detail about the operation of the blacklisting system, the inter-agency “Watchlisting Advisory Council” which overseas the blacklist, and the dissemination of blacklist information.

The TSDB is described euphemistically by the US government as a “watchlist”, but in reality it’s a blacklist. Individuals — including infants and children as well as adults, and US citizens and residents as well as non-residents — are subjected to adverse government and private action by having the government place them on the TSDB blacklist and disseminate this stigmatizing designation — with the intent that the designation will be used against listed individuals — to Federal, state, and local government agencies and private entities.

The government has refused to disclose the criteria for TSDB listings, but has conceded that being listed does not require suspicion of having committed or intending to commit any crime. Listings are determined through a secret, extrajudicial administrative process, without those being blacklisted being notified or having any opportunity, before or after the fact, to know whether or why they are being blacklisted, what the basis is for their blacklisting, or what the evidence against them is.

The case has survived multiple attempts by the government to have it dismissed on jurisdictional and procedural grounds and to avoid discovery and depositions. Now the plaintiffs’ motion for summary judgment that the TSDB is unconstitutional is scheduled for oral argument on April 4, 2019, before US District Court Judge Anthony Trenga in Alexandria, VA.

Mar 12 2019

Newly released DHS documents prompt new questions from Senators on facial recognition at airports

Newly released government records confirming plans by the Department of Homeland Security to take automated mug shots of all airline passengers have prompted an immediate bipartisan statement by Senators Edward Markey (D-MA) and Mike Lee (R-UT) renewing their repeated previous calls for DHS to give public notice, take public comment, and adopt published rules — including “how [travelers] can opt out of the program altogether” — before deploying automated facial recognition at airports.

A petition for rulemaking on facial recognition at airports submitted to the DHS last year by the World Privacy Forum remains pending, but has not yet been acted on.

The report by Davey Alba published Monday by Buzzfeed News, in which we were quoted extensively, was based on documents released in response to a Freedom Of Information Act (FOIA) request and lawsuit by the Electronic Privacy Information Center (EPIC).

The documents confirm that, as we’ve noted previously, the DHS intends and is already working systematically toward a vision of worldwide biometric surveillance and control of air travel through automated facial recognition systems integrated and shared with airlines and airports. The most recently released DHS records show no provision for travelers to avoid being photographed, and no restrictions on commercial use, retention, or sale by airlines and airports of images captured under government duress.

As Edward Hasbrouck of the Identity Project told Buzzfeed News:

The big takeaway is that the broad surveillance of people in airports amounts to a kind of “individualized control of citizenry” — not unlike what’s already happening with the social credit scoring system in China. “There are already people who aren’t allowed on, say, a high-speed train because their social credit scores are too low,” he said, pointing out that China’s program is significantly based in “identifying individual people and tracking their movements in public spaces though automated facial recognition.”

“This is opening the door to an extraordinarily more intrusive and granular level of government control, starting with where we can go and our ability to move freely about the country,” Hasbrouck said. “And then potentially, once the system is proved out in that way, it can extend to a vast number of controls in other parts of our lives.”

Meanwhile, EPIC filed a follow-up FOIA lawsuit today for information about whether air travelers are, in fact, being allowed to “opt out” of being photographed. The DHS has claimed that US citizens can opt out of ongoing and expanding “pilot programs” and “tests” of automated facial recognition at airports.

But our own experiences and numerous reports from other travelers are that the DHS claim that US citizens can “opt out” often isn’t true: Travelers are often told that mug shots are required even for US citizens, and are prevented by “line minders” (contractors working for airlines and/or airports) from approaching Customs and Border Protection staff until after they submitted to being photographed. When we and other civil liberties advocates pointed this out to senior CBP officials in a meeting a year ago, they flatly denied that this ever happened. But no details of any “opt-out” notices, policies, or clauses in agreements between DHS, airlines, or airports have yet been disclosed.

As we noted in our comments to Buzzfeed News about these so-called tests, “CBP is ‘testing’ how to structure the program to make it technically work, and what tweaks the agency might need to make to appease, or suppress, or frustrate protests and legal challenges. But the biggest thing they’re testing is how much legal resistance there will be — whether that’s people saying ‘no’ [to their faces being captured at the airport], or challenging it in court.”