Dec 19 2017

“Border control” as pretext for drug dragnet

The latest so-called “Privacy Impact Assessment ” (PIA) made public by the US Department of Homeland Security, “CBP License Plate Reader Technology“, provides unsurprising but disturbing details about how the US government’s phobias about foreigners and drugs are driving (pun intended) the convergence of border surveillance and dragnet surveillance of the movements of private vehicles within the USA.

The main reason for the publication of the CBP License Plate Reader Technology PIA is to provide the public with “notice that CBP is partnering with the Drug Enforcement Administration (DEA) to leverage each other’s .. LPR [License Plate Reader] systems.”

Since at least 2007, US Customs and Border Protection (CBP) has had a network of license plate readers continuously monitoring and recording the license plate numbers and locations of vehicles near US borders. “Near” and “border” in this context are euphemisms: Federal regulations define the “border” zone for purposes of CBP authority as including anywhere within 100 miles of any US border or seacoast,  which puts roughly two-thirds of the US population within “border” regions.

Meanwhile, the DEA has compiled an aggregated database of geotagged and timestamped license plate records purchased from commercial sources, including records of vehicle locations far from what even the DHS considers the “border zone”.

CBP and DEA are already able to query and retrieve data from each other’s LPR databases. A DEA agent can also set a “TECS alert” flag in the DHS database for a specific license plate number, the same way they  can for a specific passport number, so that they will be notified automatically whenever that plate is spotted by a DHS camera.

What’s changing is that instead of providing LPR information to each other only in response to specific targeting requests, CBP and DEA plan to “stream” all of the data from their LPR networks to each other in real time. “CBP intends to provide DEA access to CBP LPR information… through a real-time streaming service.”  Each agency will have a complete copy of the data collected by the other, so that they can merge and mine it and use it for “pre-crime” profiling.

As is the trend with all DHS surveillance systems, the goal is to convert a targeted system for investigating suspects into a dragnet system that treats everyone as a suspect subject to continuous surveillance and “continuous screening” or “continuous vetting”.

Read More

Dec 18 2017

Canada puts U.S. Customs and Border Protection officers above the law

A Canadian law which received final approval last week, Bill C-23, gives officers of U.S. Customs and Border Protection (CBP) staffing “preclearance” facilities within Canada police powers to detain, interrogate, and search travelers, while granting these agents of the U.S. government absolute and unconditional immunity from any civil lawsuit or liability under Canadian law, and immunity from criminal liability except in limited cases of death, injury, or property damage.

This immunity from civil lawsuits or liability in Canada extends to violations by US CBP officers at preclearance sites of fundamental rights, including the Canadian Charter of Rights and Freedoms, that are protected by law everywhere else in Canada,. Bill C-23 places CBP officers above Canadian law, as though they were diplomats enjoying immunity from local law inside extraterritorial enclaves, while giving them police-like powers to use force against ordinary people seeking to travel between the US and Canada.

Travelers passing through US preclearance facilities at Canadian airports, train stations, and ferry terminals are now required by Canadian law to: Read More

Dec 15 2017

“Continuous screening” means continuous surveillance and control

Today the Identity Project joins more than 20 other government-accountability and civil liberties organizations in a joint letter opposing S. 2192, the “SECURE Act of 2017”, which  was introduced in the Senate earlier this month and immediately placed on the Senate calendar for a floor vote at any time.

The name of this bill is Newspeak. It is not about security, but about surveillance and control of immigrants, borders, and international travelers, including  U.S. citizens.

The coalition letter to members of Congress that we signed today focuses on Sections 6002-6003 (pp. 488-499) of S. 2192,  which would authorize the Secretary of Homeland Security, Secretary of State, or Attorney General to exempt their respective Federal departments from the Administrative Procedure Act,  the Privacy Act, and the Paperwork Reduction Act with respect to a wide range of border control and surveillance activities.

The Administrative Procedure Act (APA) spells out the details of Constititionally-required “due process” as it applies to administrative decision-making by Federal agencies. Decisions adversely affecting individuals’ rights made without complying with the APA would be highly likely to violate Constitutional norms of due process.

Exemption from the Privacy Act  would allow the creation and maintenance, without notice, of secret Federal government databases about U.S. citizens, and the use of secret, unreliable, uncorrected, and/or irrelevant data as the basis for decisions to deny U.S. citizens their rights. These practices would also be likely to be unconstitutional.

Many of the provisons of S. 2192 are copied from S. 1757, an earlier omnibus “border control” bill we criticized when it was introduced in September.

Like its predecessor S. 1757, S. 2192 incorporates a patently unconstitutional “Passport Revocation Act” (Section 1632, pp. 446-448), which would purport to authorize revocation or refusal to issue or renew a U.S. passsport, and the prohibition of departure from or return to the U.S., on the guilt-by-association basis of (1) an extrajudicial  administrative designation of an organization as a “foreign terrorist organization”, and (2) an extrajudicial  administrative determination by the State Department that a U.S. citizen is “affiliated” with such an organization (without the law defining the meaning of “affiliated”).

The number of references to the “unreviewable discretion” of officials and agencies has increased from 14 in S. 1757 to 17 in S. 2192.

S. 2192 also includes provisions from S. 1757 mandating government monitoring of activities and ideas expressed on social media, and the use of this surveillance data for making visa decisions and for “continuous screening” (continuous surveillance and control) of immigrants, foreign residents (including permanent residents), and foreign-citizen visitors to the U.S.

As the letter we sent today concludes, “We oppose these provisions in S.2192 and any other border security bill.”
Nov 27 2017

New look for PapersPlease.org

If you’ve visited PapersPlease.org before, you probably can’t help noticing that it looks different today, and you might be wondering,  “What happened?”

This is still the same website, operated by the same organization (The Identity Project), with all of the same content accessible at the same URLs.

Over the weekend, thanks to the efforts of an extraordinarily generous and committed volunteer, we’ve deployed the first redesign of the look of our site in more than a decade.

We hope that the new look and formatting will be easier on the eyes and easier to read on a variety of devices, including those with small screens.

Thanks to all of our readers and supporters who’ve stayed with us. If you have friends who found our previous site hard to read, please invite them to give us a fresh look.

There are undoubtedly obsolete links from our old blog posts to other sites. But if you find any links to URLs within the PapersPlease.org domain that don’t resolve properly, or broken links from our FAQs or other pages outside our blog, please let us know.

Nov 16 2017

“Extreme Vetting” would be a #PreCrime #DigitalMuslimBan

Today The Identity Project joined 55 other civil rights, civil liberties, government accountability, human rights, immigrant rights, and privacy organizations in calling on the US Department of Homeland Security to abandon its Extreme Vetting Initiative.

The essential goal of the DHS Extreme Vetting Initiative is to extend the bogus “pre-crime” prediction algorithms and methods based on “big data” from suspicionless mass surveillance, already being used by the DHS and its partner agencies in the US and abroad to decide who is allowed to board airplanes, to a broader range of decisions about who is allowed to travel to, or reside or remain in, the US.

But the DHS doesn’t have any “pre-cogs”, human or robotic, to make these predictions. And prior restraint of our movements or other activities based on predictions of future criminality is not only impossible (and inherently subject to abuse by those who create the predictive and decision-making algorithms) but an affront to fundamental notions of justice, due process, and human rights.

According to a joint letter we sent today to the Acting Secretary of Homeland Security, Elaine Duke:

We write to express our opposition to Immigration & Customs Enforcement’s proposed new Extreme Vetting Initiative, which aims to use automated decision-making, machine learning, and social media monitoring to assist in vetting of visa applicants and to generate leads for deportation. As it is described in ICE documents, this program would be ineffective and discriminatory. It would also pose a signal threat to freedom of speech and assembly, civil liberties, and civil and human rights. We urge the Department of Homeland Security to abandon this effort….

The goal of the Extreme Vetting Initiative is to “develop processes that determine and evaluate an applicant’s probability of becoming a positively contributing member of society as well as their ability to contribute to national interests,” using analytic capabilities including machine learning.  ICE also seeks to “develop a mechanism/methodology that allows [the agency] to assess whether an applicant intends to commit criminal or terrorist acts after entering the United States.”

In reality, as a group of prominent technologists advised in a recent letter, “no computational methods can provide reliable or objective assessments of the traits that ICE seeks to measure.” There is no definition anywhere in American law of what it means to be a “positively contributing member of society” or to “contribute to national interests,” posing a risk that ICE will exercise maximal latitude to discriminate beneath the cover of an unproven algorithm….

Confirming that ICE’s focus is on quantity rather than quality, the agency has announced that the winning vendor for the Extreme Vetting Initiative contract must “generate a minimum of 10,000 investigative leads annually” – without regard to how many leads are actually appropriate….

The Extreme Vetting Initiative will also undoubtedly chill free expression, contravening the First Amendment and international human rights, such as those contained in the Universal Declaration of Human Rights, for which the United States has registered official support, and the International Covenant on Civil and Political Rights, to which the U.S. is a party… These risks are particularly acute in light of existing initiatives to ask travelers to identify all of their social media handles in order to obtain permission to travel to the United States….

Through the Extreme Vetting Initiative, ICE seeks to automate the process by which the U.S. government targets, finds, and forcibly removes people from our country…. But this system … risks hiding politicized, discriminatory decisions behind a veneer of objectivity – at great cost to freedom of speech, civil liberties, civil rights, and human rights.

Palantir Technologies has already become a target of criticism for its role in building tools for “extreme vetting”. (See our report from a protest outside the home of Palantir founder Peter Thiel earlier this year, and this recent 10-minute video, “Is Silicon Valley Building the Infrastructure for a Police State? New AI tools could empower the government to violate our civil liberties.“)  Now IBM, which attended a recent outreach day for Extreme Vetting Initiative contractors and has declined to distance itself from bidding to build the pre-crime program, is also being targeted by a petition asking IBM to “back up your verbal support of immigrants by publicly rejecting and denouncing the Extreme Vetting Initiative and pledge to not bid on any contract to build the tool.”

Nov 14 2017

Silicon Valley Is Building the Infrastructure for a Police State

The Identity Project is  featured along with our friends at the Electronic Frontier Foundation in the latest report from Reason.TV, Is Silicon Valley Building the Infrastructure for a Police State? New AI tools could empower the government to violate our civil liberties.

If you have ten minutes to watch the video, it’s a good introduction to Palantir, pre-crime policing, automated decision-making and control (“extreme vetting”), and the homeland-security industrial complex.

Oct 24 2017

DHS blinks (again) on REAL-ID

The Department of Homeland Security and the Transportation Security Administration have threatened to prevent citizens of many US states from being able to travel by air within the US, starting in January 2018, because their state governments won’t dump all their driver’s license and ID card information into a nationwide database. But these threats didn’t actually cause states to follow the TSA’s illegal orders. So rather than follow through on the threat, which would risk a legal challenge that would make it clear the threat is hollow, the DHS has again blinked. It just quietly deferred its deadline about when it claims it will enforce the REAL-ID Act against airline passengers.

Just over a week ago, when we testified before the California Department of Motor Vehicles about why the largest state in the union should not comply with the REAL-ID Act, and could not do so without violating its state constitution and its residents’ rights, the DHS website included California among 21 states “under review” by the DHS for possible Federal interference with their residents’ right to travel by air beginning as early as January 18, 2018.

Just days later, the DHS in its standardless discretion granted 15 of these 21 states, including California, another round of “extensions of time” to comply with the REAL-ID Act until October 20, 2018.

The states granted another round of arbitrary extensions until October 2018 included eight of the nine states singled out by signs in airports across the country as targeted for TSA harassment of their residents who travel by air beginning in January 2018:

The dates picked by the DHS are as arbitrary as the DHS choices of which states to threaten. The DHS has repeatedly amended its REAL-ID Act regulations to postpone its threatened “deadlines”, but neither January 18, 2018, nor October 20, 2018, are dates that appear anywhere in the law or the most recently revised regulations.

Read More

Oct 23 2017

CBP Intelligence Records System (CIRS)

Today The Identity Project and eight other civil liberties and human rights organizations filed comments with the US Department of Homeland Security objecting to both the creation and the exemption from the Privacy Act of the latest DHS system of social media and travel surveillance records, the US Customs and Border Protection (CBP) Intelligence Records System (CIRS).

Our comments were co-signed and submitted jointly on behalf of:

Members of the public (regardless of whether they are U.S. citizens or residents) can submit their own comments on these DHS proposals, including anonymous comments, until midnight tonight, Washington DC time, by using the official Web forms here and here at Regulations.gov.

In part, the proposed creation and exemption from the Privacy Act of CIRS is merely the latest episode in a DHS shell game in which some of the same DHS travel logs and surveillance records have been successively redefined as being part of the TECS records system, then the Automated Targeting System (the system used as the basis for algorithmic pre-crime scoring and blacklisting of international travelers), then the Analytical Framework for Analysis (the system used by Palantir’s data mining and profiling tools), and now CIRS.

DHS Privacy Act notices for these systems have often lagged years behind DHS operational practices, even though it’s a crime for a Federal agency to maintain a database of information about individuals without a specific sort of notice before it’s created.

What’s new about CIRS, aside from the new name, is that the categories of records in CIRS would be expanded to include “Articles, public-source data (including information from social media), and other published information on individuals and events of interest to CBP.” Additional sources of information for CIRS records would include “private sector entities and organizations, individuals, commercial data providers, and public sources such as social media, news media outlets, and the Internet.”

According to the comments we filed today along with other civil liberties and human rights organizations: Read More

Oct 18 2017

Civil liberties and human rights groups denounce illegal DHS social media monitoring

The Identity Project and ten other civil liberties and human rights organizations filed comments today with the US Department of Homeland Security objecting to the DHS keeping records of what we say and publish and who we associate with on social media.

(See our FAQ: U.S. government monitoring of social media. The DHS isn’t the only Federal agency spying on us on social media. We submitted comments earlier this month on parallel proposals by the Department of State to expand social media monitoring that it began last year over our objections and those of many other organizations and individuals.)

The comments from civil liberties and human rights groups were submitted in response to a notice from the DHS last month that “Social media handles and aliases, associated identifiable information, and search results” would be added to DHS “Alien Files”.

Our comments were co-signed and submitted jointly on behalf of:

Members of the public (regardless of whether they are U.S. citizens or residents) can submit their own comments, including anonymous comments, until midnight tonight, Washington DC time, by using the official Web form at Regulations.gov.

The DHS only published its formal Privacy Act notice for social media records in September 2017, although the DHS says it has been monitoring and keeping records of social media activities since at least 2012. The Federal Privacy Act of 1974 requires that a notice be published in the Federal Register before any new system of records about individuals is created by a Federal agency, or a new category of data or individuals is added to an existing system. Operation of a system of records without prior publication of a notice including all categories of information and individuals included in the system is a Federal crime on the part of the responsible Federal officials: “Any officer or employee of any agency who willfully maintains a system of records without meeting the notice requirements of subsection (e)(4) of this section shall be guilty of a misdemeanor and fined not more than $5,000.”

According to comments we filed today along with other civil liberties and human rights organizations: Read More