Papers, Please! – Page 32 – The Identity Project

Jun 30 2016

National REAL-ID database replicates problems with FBI rap sheets

Previously unpublished information we’ve recently obtained from the contractor that developed the SPEXS database at the center of state “compliance” with the REAL-ID Act — the national database of drivers license and state ID details that the DHS and supporters of the REAL-ID Act keep claiming doesn’t exist — shed new light on how the system will work.

Unfortunately, these new documents and statements show that SPEXS will replicate many of the worst problems of poor data quality and lack of accountability of the NCIC database used by the FBI to store criminal history “rap sheets” of warrants, arrests, and dispositions of criminal cases: convictions, diversions, withdrawals, dismissals, acquittals, appellate decisions, etc.

Like SPEXS, NCIC aggregates data sourced from agencies in every state, the District of Columbia, and the US territories of Puerto Rico, the U.S. Virgin Islands, American Samoa, Guam, and the Northern Mariana Islands. The FBI operates the aggregated database, but disclaims any responsibility for the accuracy of the data it stores, indexes, and distributes.

As we noted in our previous post, the FBI has exempted NCIC records from the requirements of the Privacy Act for accuracy, relevance to a lawful purpose, access by data subjects, and correction of errors. That should mean that NCIC records can’t be relied on, but the Supreme Court has ruled that an entry in NCIC provides sufficient legal basis for an arrest.

NCIC is the poster child for the evil consequences of reliance on “garbage in, garbage out” aggregated and unverified data as a basis for government decision-making. Inevitably, NCIC records are riddled with errors. Law enforcement agencies are quick to report arrests and newly-issued warrants to NCIC, but have nothing to gain by ever reporting when charges are dismissed or a warrant is quashed. Who knows when some other police agency might find it convenient to rely on an NCIC record of a long-since-quashed warrant as a basis for authority to arrest and search someone who they would otherwise have to let walk away?

We know from long and bad experience with NCIC just where this leads. Innocent people are arrested every day in every state on the basis of erroneous NCIC records. SPEXS replicates the “garbage in, garbage out” unverified multi-source data aggregation model of NCIC, and will replicate its data quality and accountability problems along with its architecture.

Like NCIC, SPEXS is intended to be relied on as the basis for government decisions, specifically, enforcement of the requirement of the REAL-ID Act that a person may not have more than one valid REAL-ID Act compliant drivers license or ID at a time. We fail to see any valid purpose to this provision of the law. Given that states have different and independent licensing requirements, what harm is done by a person having independently satisfied the requirements to operate motor vehicles in more than one state, and having independently been issued credentials by these several states attesting to this fact? But regardless of the rationale for this law, the justification for the existence of SPEXS is to enable states to refuse to issue a drivers license or state ID to a person if SPEXS shows a record of an outstanding license or ID in any other state or territory for a person believed (according to a secret SPEXS matching algorithm) to be the same person as the applicant.

The inevitable outcome is that some people’s applications for new or renewal drivers licenses or state IDs will be denied by state authorities on the basis of erroneous data in SPEXS records. Perhaps they have been mis-matched with a person in another state with the same or a similar name and date of birth. Perhaps an identity thief has used their name, DOB, and Social Security number to get a license or ID in another state. Perhaps they cancelled their license or ID in another state, but that fact wasn’t reported by that state to SPEXS, or the cancellation message wasn’t received by the SPEXS operator or wasn’t properly processed into the SPEXS database. Perhaps the expiration date of their old license or ID was mis-reported or improperly recorded. Perhaps a record was mis-coded, such as by mis-attributing a record to the wrong state. Perhaps a record of a license or ID that has since been cancelled was left in SPEXS by a state or territory that has withdrawn from SPEXS participation.

What recourse will any of these people have? Not much, not easily, and in some cases none at all.

Jun 28 2016

Supreme Court gives us more reasons not to show ID

Some people ask us, “What’s wrong with showing ID to police? If you are innocent and have nothing to hide, just show your ID, and you can be on your way.”

In the real world, however, showing ID can be a bad idea even if you are innocent. And the decision of the Supreme Court last week in Utah v. Strieff provides a case study in why you should never voluntarily identify yourself to police, and should avoid having any identification on your person if you don’t need it.

As we discussed when Utah v. Strieff was argued in February, the sequence of events that led to this case was as follows: Police looking for drugs illegally stopped and detained a pedestrian without any articulable basis for suspecting him of any crime. While illegally detaining Mr. Strieff, the police asked (or demanded) that he identify himself, and he told the police his name. The police ran a check on his name and found a record of a warrant for his arrest for a minor traffic violation.

Based on this warrant, the police re-classified the man already in their custody from “detainee” to “arrestee”, searched him “incident to his arrest”, and found — surprise — illegal drugs, which they had been hoping all along to find, but had lacked any legal basis to search for.

Strieff argued that he wouldn’t have been searched, but for the original stop and detention, which the police conceded was illegal, and therefore that the police shouldn’t be allowed to use the drugs they found as evidence against him. The Supreme Court upheld the legality of the arrest and search, despite the illegal stop and detention, and allowed the evidence to be used against Mr. Strieff.

Most of the commentary on the Supreme Court’s decision has focused on Justice Sotomayor’s dissent:

The Court today holds that the discovery of a warrant for an unpaid parking ticket will forgive a police officer’s violation of your Fourth Amendment rights. Do not be soothed by the opinion’s technical language: This case allows the police to stop you on the street, demand your identification, and check it for outstanding traffic warrants — even if you are doing nothing wrong. If the officer discovers a warrant for a fine you forgot to pay, courts will now excuse his illegal stop and will admit into evidence anything he happens to find by searching you after arresting you on the warrant….

We share Justice Sotomayor’s outrage. But what are the lessons we should take away from the majority opinion?

First, we can’t count on the police to tell us our rights. It’s not clear whether the police represented their “request” that Mr. Strieff identify himself as mandatory, or whether, while under police detention and not free to leave (and without having been read his Miranda rights), he knew that he had the right to remain silent and not give his name. But whatever happened, the Supreme Court majority doesn’t seem to have been much interested in these issues. Know your rights, and exercise them. By the time the police read you your rights, if they do so at all, it’s often too late.

Second, you should always exercise your right to remain silent when questioned by police — even if all they ask you is, “What’s your name?” Mr. Strieff’s detention would have remained illegal, and any evidence obtained by (illegally) searching him would have remained inadmissible, if he hadn’t told the police his name so that they could run a check for warrants. This case shows that when police say, “Anything you say may be used against you,” that includes your name and any other identifying information you might disclose. Don’t tell police your name, and don’t voluntarily show them anything that might identity you. If you don’t need to have it with you, you are better off not having any ID on your person that might be found if you are searched on some other pretext.

Third, if you are tempted to think that you don’t need to worry because there isn’t a warrant out for arrest, think again. There are warrants out for millions of people in the US. Until they are busted, many people don’t know that there is a warrant for their arrest. Are you sure that every time you have ever gotten a traffic ticket, your check was received by the court and properly processed? If a bench warrant had already been issued by the time your payment was received and processed, was the warrant quashed? Was that fact reported to the FBI, and was the original record of the bench warrant removed from the NCIC database? Have you gotten your NCIC file recently to confirm this? If not, there’s a non-trivial chance that there’s a warrant for your arrest, or that NCIC shows that there’s a warrant for your arrest. NCIC is riddled with errors, and the FBI has exempted it from the accuracy requirement of the Privacy Act. But the Supreme Court has said that an NCIC record of a warrant is enough to make an arrest legal, even if the data in NCIC is incorrect. You should always assume that NCIC might show a warrant for your arrest that any cop who runs a check on your name or ID will find. If you know this and still choose to identify yourself to police, you are practically asking to be arrested. If police stop or question you, they are looking for an excuse to arrest and/or search you. The only way — and the easy way, fortunately — to avoid giving police the basis to arrest and search you that they are looking for is not to tell them who you are and not to show them any ID.

Jun 16 2016

How the DHS practices “transparency”

[A “complete” response from DHS to a FOIA request, with “no deletions”. Click image for larger version.]

A Freedom of Information Act request we made to the Department of Homeland Security hasn’t told us much about what we asked about, but has given us an object lesson in how the DHS practices “transparency”.

An August 2015 document posted on the DHS.gov website revealed that the DHS is systematically collecting data on how many people have been denied access to Federal facilities because they were unable or unwilling to show ID credentials deemed to “comply” with the REAL-ID Act:

Your agency should also have a process for recording the number of encounters of individuals presenting driver’s licenses from noncompliant states for purpose of accessing Federal facilities. This data should be sent monthly to DHS (OSIIS@hq.dhs.gov) for collection no later than the tenth day of each month. DHS will use this data to evaluate the impact of REAL ID enforcement on the public. See Appendix E for a sample report template.

In January of 2016, we submitted a FOIA request to the DHS to the DHS for these reports. Five months later, after repeated follow-up inquiries, we finally received this mockery of a “response”. It was dated in May, but we didn’t receive it until June, because it was sent to a mis-typed email address and our repeated email and voicemail messages requesting information on the status of the request were ignored. Our request was submitted by email, so it’s not clear why the address on the response was retyped rather than being sent as a “reply” to our message. But that’s the least of the problems with the DHS response to our request.

Jun 09 2016

How does the TSA decide if you are who you say you are?

An ongoing trickle of still-incomplete responses by the TSA to a Freedom Of Information Act (FOIA) request we made in June 2013 continues to shed more light on the TSA’s procedures for air travelers who don’t have ID credentials the TSA deems satisfactory.

It’s difficult to compile statistics from files in the image format in which the TSA has released them, but we can make some anecdotal observations about what happens to people who try to fly without “acceptable” ID. Read More →

Jun 07 2016

How hard was it for Amtrak to require names in reservations?

Since the start of the post-9/11 shift from case-by-case government access to travel reservations to dragnet surveillance of all reservations and pre-crime profiling of all travelers, the government has claimed repeatedly that the information to which it has demanded access was already “routinely” provided by travelers to airlines and other travel companies.

We’ve recently received some details of just how untrue those claims are, through the latest installment of a continuing trickle of responses by Amtrak to a Freedom Of Information Act request we made in 2014. (See our previous reports on government surveillance of Amtrak passengers.)

Anyone familiar with travel industry practices and reservation data has known all along that the government’s demands for data about airline, train, bus, and cruise ship passengers have exceeded what was needed by common carrier for commercial purposes. Until after September 11, 2001, walk-up customers could buy tickets for cash, for themselves or anyone else, at airline or Amtrak or Greyhound ticket counters, without providing any information at all except an (unverified) name. No address, phone number, or other identifying or contact information was required.

The government has demanded not just access to existing travel industry databases, but the logging of additional details about travelers that were never previously required. The travel industry worldwide has had to spend billions of dollars modifying every layer and component of their IT systems, and of all the systems that interact with them, to collect and store this additional information and deliver it to the government in standardized government-dictated formats.

Even names of travelers weren’t required for reservations, tickets, or travel. Space could be reserved for a group of travelers with only a group identifier or lead contact. Sometimes dummy or placeholder names would be entered for group members, but they could be and often were omitted.

The latest file we’ve received from Amtrak is a PDF of images of printouts or views of email messages (we haven’t received the raw “message source” files we requested, and will eventually be appealing Amtrak’s failure to release them) within Amtrak and between Amtrak, the big four CRS/GDS companies (Sabre, Amadeus, Worldspan, and Galileo/Apollo — then owned by Cendant) and possibly their contractors or other “partners” (names redacted).

These messages date from 2006, when Amtrak “voluntarily” decided to start sending data about all passengers on cross-border Amtrak trains and buses between the USA and Canada to the DHS Advance Passenger Information System (APIS). In order to populate the API data fields, Amtrak decided to make “Passenger ID” (PID) a required field in all Amtrak reservations. That took some work in itself, but it also caused a cascade of new problems for reservations without names, especially those for as-yet-unknown members of groups:

Apr 20 2016

EU mandates US-style pre-crime profiling of air travelers

The European Parliament has approved (press release, breakdown of votes, text as adopted) a directive requiring each “member state” (country) in the European Union to:

Establish or designate a new travel surveillance and control agency (“Passenger Information Unit”),
Require all airlines operating flights to or from places outside the EU to transmit complete copies of Passenger Name Records (PNRs) for all passengers to the government, and
Pass on any of this PNR data to any other EU member state on request.

The directive essentially commits the EU to join the US in “pre-crime” predictive mass surveillance and profiling of all air travelers. Not surprisingly, the vote by the European Parliament was welcomed by leading US advocates for the globalization of pre-crime travel policing, including former DHS Assistant Secretary for Policy Stewart Baker (previously general counsel of the NSA) and Deputy Assistant Secretary for Policy Paul Rosenzweig. Baker and Rozenzweig were responsible for DHS negotiating strategy with the EU on the PNR issue during the time when their boss, DHS Secretary Michael Chertoff, was lying repeatedly to the European Parliament about the state of both US and international law relating to PNR data.

Meanwhile, as reported elsewhere, the commercial data architecture for handling PNR data remains fundamentally insecure.

What will happen next?

The proposed directive must still be approved by the European Council (the national governments of the member states), but that approval seems assured.

The EU directive is not “self-effectuating”. Each EU member state is required to “transpose” the directive into national law within two years.

The directive can be, and probably will be, challenged in the European Court of Justice as violating human rights recognized by EU and international law. Implementing legislation can be, and probably will be in at least some countries, challenged in national courts as violating national Constitutional rights.

Now that the US has gotten the EU on board, the US is likely to increase its pressure on other countries and international organizations — primarily ICAO — to globalize the shift from targeted investigation and arrest of suspects to mass surveillance and predictive pre-crime profiling of travelers.

Airlines are likely to find it inconvenient and expensive to deal with 28 different EU Passenger Information Units with potentially different data content and format demands, in addition to the travel dataveillance regimes already in effect in the USA, Canada, Australia, and other countries. Airlines and the travel industry are thus likely to support US efforts to get ICAO to approve a global “security standard” requiring airlines to share PNR data in a standard format with all governments of countries served by their flights.

Apr 12 2016

What’s at stake in the EU PNR debate?

This week the European Parliament is scheduled to debate (Wednesday) and vote (Thursday) on a resolution (PDF) to approve, with amendments, a proposed compromise on a directive “on the use of Passenger Name Record [PNR] data for the prevention, detection, investigation and prosecution of terrorist offences and serious crime.”

What does this mean, why does it matter, and why should this proposal be rejected?

To answer this question requires understanding (1) what PNRs are, (2) how PNRs and other travel data are already being used by European governments, (3) how this would change if the proposed EU PNR directive is approved, and (4) why and how the provisions in the proposed directive that are supposed to protect individuals’ rights would be ineffective. Read More →

Apr 06 2016

UN human rights office cites our concerns about migrants’ rights

The United Nations Office of the High Commissioner for Human Rights has released a new report prepared at the request of the UN Human Rights Council on the situation of migrants in transit and their human rights. The report cites with approval our submission to the OHCHR on the ways that the right to freedom of movement is violated by governments and by airlines and other common carriers:

Physical barriers to the movement of migrants in transit have been accompanied by a wide range of restrictive measures to restrict or deny access to territory, asylum procedures and other screening and identification procedures by migrants in transit, as well as accelerated or even summary returns. OHCHR has provided guidance to States to ensure the accountability of private transport companies and other private actors that are implementing entry restriction measures. OHCHR, Recommended Principles and Guidelines on Human Rights at International Borders, guideline 4.6. [“Ensuring the accountability of private transport companies and other private actors that are involved in implementing entry restriction measures such as pre-departure screening and decisions on access to transportation, and providing effective remedies for those unlawfully denied transport. Developing and encouraging the adoption of human rights-based codes of conduct for private actors in this regard that set out expected standards of behaviour and the consequences of failure to adhere to those standards.”] See also the contribution to the present study from the Identity Project (http://papersplease.org).

Much of the discussion of migrants in transit, and many of the concerns of other contributors to the OHCHR study, relate to treatment in intermediate countries (such as while passing through Mexico en route from other countries to the US, or though Greece or Malta en route from Africa or Asia to other countries in Europe) and/or the extreme hazards of “irregular” modes of transportation used by those who are unable to travel by common carrier.

But refugees and asylum seekers would not need to pass through intermediate countries or rely on human smugglers and irregular and unsafe means of transport (overcrowded and unseaworthy small boats, treks on foot through the desert, etc.) if they were allowed to travel directly from their countries of origin to countries of potential refuge and asylum by air or on other licensed, inspected, and regulated common carriers (ferries, railroads, etc.). As we noted:

Many eligible asylum seekers could afford to purchase airline tickets or tickets on other common carriers (ferries, trains, buses, etc.) to travel to countries where, on arrival, they would be eligible for asylum. They risk their lives as “boat people”, and some of them die, not for financial reasons, but because airlines or other government-licensed common carriers improperly refuse to sell them tickets or deny them boarding.

Most of the problems of migrants in transit are directly attributable to their illegal (but government-induced) exclusion from airlines and other common carriers, and could easily be avoided by eliminating government sanctions against common carriers that fulfill their duty to transport all would-be passengers (including refugees and asylum seekers), and respecting the human right to leave any country, including one’s own — by whatever route and means one chooses to leave, and irrespective of one’s identity (by definition, human rights are universal and independent of identity) or what, if any, documents issued by any government one may happen to possess (often none, in the case of legitimate asylum seekers who are often denied ID credentials by the governments they are seeking to flee).

“Carrier sanctions” are not a side issue to the migration crisis. They are the root cause of much of the suffering of migrants in transit, and a fundamental violation of the human rights to due process (carrier sanctions turn airline staff into unqualified de facto asylum judges of first and last resort) and freedom of movement.

In our submission to the OHCHR, we also noted that “screening” of passengers is a euphemism for “control” (passengers are “screened” to decide who will be allowed to travel, and who will not), and that algorithmic “screening” and permission-based travel control regimes are likely to result in systematic discrimination against refugees and asylum seekers:

Their nationality or place of origin in a conflict zone may cause them to be deemed “risky” according to the profiling and “risk scoring” algorithms. There may be limited, inconsistent, or nonexistent records pertaining to migrants in irregular situations in the databases used for profiling and risk scoring, and screening algorithms may equate uncertainty with risk. In order not to violate the right to freedom of movement, denial of transportation as part of “screening” or otherwise must be based on valid substantive grounds, and must be made by qualified officials through procedures that ensure due process and are subject to effective judicial review, taking into consideration the special difficulties that asylum seekers in countries where they are subject to persecution are likely to face in obtaining access to the courts of destination countries in which they want to seek asylum.

We are pleased to see the interest of UN human rights bodies in these issues. We urge national and international authorities considering carrier sanctions or traveler “screening” proposals to consider the impact of these schemes on human rights.

Apr 05 2016

Class action challenges Federal blacklists (“watchlists”)

The broadest and most fundamental legal challenge to the waging of the US “War on Terror” through standardless, secret, extra-judicial government blacklists was filed today in the Federal court for the district in Virginia where the National Counterterrorism Center (NCTC), Terrorist Screening Center (TSC), and Transportation Security Administration (TSA) are headquartered. (Video backgrounder and interviews with plaintiffs and attorneys; more video interviews; PACER links)

Both an individual complaint (Elhady et al. v. Piehota at al.) and a class action complaint (Baby Doe et al. v. Piehota et al.) were filed. Presumably, that is so that that the individual complaint for injunctive and declaratory relief could go forward even if class action certification is denied, while the class action lawsuit could go forward even if the named plaintiffs are delisted. (An earlier, similar lawsuit was dismissed as moot after the plaintiffs were told they were no longer on blacklists.) Almost all of the individual complaint is repeated in the class action complaint, so if you are going to read just one, read the class action complaint which includes additional plaintiffs and their stories.

The case takes its name from the first of the listed representatives of the class of people on US government blacklists (“watchlists”):

Plaintiff Baby Doe is a four year old toddler.

He was seven months old when his boarding pass was first stamped with the “SSSS” designation, indicating that he had been designated at a “known or suspected terrorist.”

While passing through airport security, he was subjected to extensive searches, pat downs and chemical testing.

Every item in his mother’s baby bag was searched, including every one of his diapers.

Let’s get one thing straight from the start: as we’ve noted before, calling the “Terrorist Screening Database” (TSDB) and similar lists “watchlists” is at best misleading euphemism, and at worst Orwellian doublespeak.

The government uses the term “watchlist” to avoid the stigma deservedly associated with the label “blacklist”, with its connotations of McCarthyism and J. Edgar Hooverism. A “watchlist” suggests a list of people who are being watched, a component of a system of surveillance or investigation. “Watchlisting” might, one presumes, lead to eventual intervention such as the criminal prosecution or an application to a court for a restraining order or injunction. But inclusion on the TSDB occurs after, not before, a decision to intervene is (secretly) made, and the consequences of listing in the TSDB are not limited to mere passive surveillance or watching. Each listing on the TSDB includes a “handling code” which determines what happens to the people who are deemed (typically by automated pattern-matching algorithms) to match the listing.

As the litany of horror stories in the complaint in Baby Doe v. Piehota makes clear, and as we’ve seen in previous incidents, being “watchlisted” can trigger consequences ranging from denial of transportation by common carriers to freezing of bank accounts, inability to rent an apartment, or inability to get or keep a job, even with a private non-governmental employer. As when a jury must decide which of a progression of more and less serious offenses to convict a defendant of, without knowing what sentences are mandated for any of those offenses, it’s not clear whether the Federal administrative staff in the secret rooms reviewing the secret dossiers of derogatory information and deciding which secret lists to put people on, or which secret “action codes” to assign them, even know what the full panoply of collateral consequences of their decisions will be.

The US government doesn’t have to issue binding orders to convert “watchlisting” into de facto blacklisting. As the complaint filed today points out, “Defendants disseminated the the records pertaining to Plaintiffs from its terrorist watch list to foreign governments with the purpose and hope that those foreign governments will constrain the movement of the Plaintiffs in some manner.” We saw one of the ways that can work during the trial of Dr. Rahinah Ibrahim’s challenge to her placement on the no-fly list. The US government successfully used a “POSSIBLE NO BOARD REQUEST” message to induce a foreign airline to refuse to transport Dr. Ibrahim’s daughter, a US citizen, even though the US claimed that she was merely on a “watchlist” and not on the no-fly list.

It’s time to to reject the government’s “watchlist” doublespeak, and start calling the TSDB what it is: a government blacklist.

The first of the named defendants, Christopher Piehota, is the Director of the Terrorist Screening Center (TSC), an inter-agency entity responsible for the TSDB and nominally under the control of the FBI.

Most of the previous attempts to challenge actions taken against individuals as a result of their being listed in the TSDB have foundered on an elaborate shell game of buck-passing between businesses and government agencies. Airlines that refuse to transport blacklisted people (or those with similar names) say that they are only following (secret) orders from the government. Normal judicial review of actions by the TSA and CBP, the components of the DHS that issue no-fly orders (or refuse to issue permission for boarding pass issuance — the default is now “No,” not “Yes”) is precluded by a special law, 49 U.S.C. § 46110. No trials are allowed, and appellate courts are allowed to review these decisions only on the basis of the “administrative record” created by the DHS itself, which will show only that the DHS action was based on “watchlist” status as determined by the TSC, and not the basis (if any) for the FBI’s “watchlisting” decision.

The only previous cases in which District Courts have been able to consider no-fly decisions, and the only trial in a no-fly lawsuit, have been when the FBI, and not just the DHS or DHS components, has been named as a defendant. Today’s cases follow in that line, challenging the blacklisting decisions by the FBI.

To head off lawsuits of exactly this sort, the government has recently shifted nominal final authority over no-fly decisions from the FBI to the TSA. In theory, the government claims, the TSA could now decline to issue a no-fly order, even after the FBI has put someone on the no-fly list. It’s unclear, however, whether this has ever happened, or in what circumstances or on what basis it might happen. The possibility seems remote: Even the FBI, in practice, acts as a rubber-stamp for the decisions of FBI and DHS agents who make effectively final blacklisting decisions when they “nominate” people for listing in the TSDB. According to today’s complaint, 98.96% of the 468,749 people “nominated” for Federal “watchlists” in 2013 were added to those lists by the TSC.

The plaintiffs in the lawsuits filed today are represented by Gadeir Abbas, Lena Masri, and co-counsel from the Council on American-Islamic Relations, who have been leading the legal campaign against US government blacklisting, harassment, and interference with the rights and freedoms of Muslim and other Americans.

Mar 30 2016

How does your bank know your dog’s not a terrorist?

The curious incident of the dog named “Dash” has spotlighted a type of outsourced surveillance and control of our everyday activities that typically operates invisibly but that is much more pervasive than most people in the USA imagine.

We were contacted last week by KTVU News to help explain what happened to Bruce Francis, a disabled San Francisco man whose online request to send a check to pay the person who walks his service dog was refused by Chase Bank. The memo line on the check read, “for Dash”, Dash being the name of Mr. Francis’ dog.

Chase initially accepted the check request. Later, however, the bank told Mr. Francis that it had declined to issue the check, and refused to do so unless and until Mr. Francisco provided a satisfactory explanation and/or evidence (satisfactory to Chase, that is) that the check wasn’t intended for an illegal purpose or entity.

Why would a bank refuse to honor a check request? Are bank customers required to justify to our bankers why, or to whom, we want to send our money?

Under U.S. law, the surprising answer is that banks and other financial institutions are required to act as police informers, profiling transactions and reporting customers to a little-known but financially powerful Federal law enforcement agency on mere suspicion of even unwitting violation of an array of Federal laws imposing sanctions on various entities including alleged “drug kingpins”, contributors of “material support” to terrorism (including such seemingly non-material forms of support as legal services, Web sites, and propaganda), and entities associated (in different ways depending on the country) with governments or entire countries disfavored by the U.S., including Cuba and Iran.

Banks (or contractors to which they outsource this work) scan all manner of financial transactions, from debit and credit card payments, electronic funds transfers, and paper checks to automobile and home loan and new-account applications. As with airline reservations, these transactions are scored according to secret profiling algorithms that take into consideration government-supplied and commercial blacklists and watchlists, identity-based transaction histories and other databases, phonetic and other “fuzzy matching” rules, and other rules embodying security, fraud, “pre-crime“, and risk management criteria.

In the case of Mr. Francis’ check request, these robots flagged the name of his dog on the memo line (“for Dash”) as vaguely similar to “Daesh”, one of several English transliterations of a crude phonetic rendering of an Arabic acronym for a name sometimes applied to — although rejected and denounced by — one grouping of the Islamic State in Iraq and Syria (ISIS).

As Mr. Francis told KTVU, stopping payment of any check identified on the memo line as being “for ISIS” would amount to, “Stopping the world’s stupidest terrorist.”

Is this the way Congress intended Federal sanctions laws to work? Maybe, maybe not. But Chase Bank’s refusal to pay Mr. Francis’ dog-walker because the bank’s robotic profiling algorithm flagged his dog’s name as “suspicious” is typical of how these laws do (or don’t) work in practice.

Federal financial blacklists and requirements for banks to block blacklisted entities and activities are enforced by the Office of Foreign Assets Control (OFAC), a division of the Department of the Treasury that has long been notorious for its heavy-handed practices and lack of transparency or accountability.

Banks are themselves under heavy financial pressure from OFAC to err on the side of refusing to execute “suspicious” transactions, to reverse the presumption of innocence, and to put the burden of proof on the customer — as Chase did with Mr. Francis — to explain who we want to pay, and to justify what we want to do with our money. In 2006, for example, J.P. Morgan Chase — the parent company of Chase Bank — agreed to pay $88 million in civil penalties in a settlement with OFAC for processing electronic funds transfers “directly or indirectly for the benefit”, in whole or in part, of entities on various OFAC blacklists, and for failing to provide “complete information relative to any transaction” about which OFAC requested details. That’s real money, even for a bank as big as Chase.

It’s scarcely surprising, given the potential cost of offending OFAC, that no bank has challenged OFAC’s demands for policing of customers and our activities.

By inducing banks to take these actions, OFAC achieves a more intrusive level of financial surveillance and control than the government would have legal authority to carry out directly, while avoiding transparency (banks’ actions aren’t subject to the Freedom of Information Act or the Privacy Act) or direct accountability, and maintaining a degree of plausible deniability.

If banks’ and other financial institutions’ profiling and payment-blocking practices or demands for customers to explain and justify ourselves are challenged, OFAC can claim that it isn’t responsible for how banks decide which customers, payees, or transactions to block. OFAC just imposes crushing fines on any bank that allows transactions that OFAC determines, after the fact, to have violated any of the complicated, often ambiguous, and sometimes contradictory sanctions laws. The only rational business decision for a for-profit corporation is that the risk of running afoul of OFAC is many times the potential liability for an improperly blocked transaction.

The default becomes, “No”. Once Mr. Francis’ check was “flagged” by automated processing, payment was stopped until a human looked at the check request and manually overrode the “hold” to authorize payment. Automated processing operated not as an “alert” system, but as an interlock with de facto authority delegated to robots to freeze the entire bank account without notice, at any time, on the basis of secret algorithms and datasets.

Like the “no-fly” list and other DHS “watchlists” (blacklists), OFAC’s list of “Specially Designated Nationals” subject to financial sanctions contains common names, ambiguous and imprecise translations and transliterations, and incomplete identifying information about many listed entities.The inevitable result is that innocent people find their everyday financial activities blocked, and constantly face the impossible challenge of proving their innocence and/or proving that they or those with whom they are trying to do business aren’t other unrelated people or entities about which they may know nothing.

While there are statutory criteria for the designation of entities subject to financial sanctions (unlike the no-fly list and related watchlists/blacklists, for which the standards, if any, are officially secret), the laws and regulations imposing these sanctions are complex and confusing. It can be impossible for anyone to determine, in advance, which transactions will provoke OFAC to impose sanctions on the parties making, receiving, and/or processing a payment. You can request an opinion in advance from OFAC as to the legality of a specified action, but it can take a year or more to get an answer, by which time the answer may be moot. Even communicating about possible transactions can be deemed by OFAC to constitute proscribed “facilitation” of sanctions violations.

What happened to Mr. Francis and his unpaid dog-walker is relatively minor. The check was eventually issued after the check request and Mr. Francis’ explanation of his dog’s name was reviewed by a human. But it’s the tip of an iceberg of the larger problem of OFAC overreach and injustice, as described in these 2007 and 2014 reports from the Lawyers’ Committee for Civil Rights of the San Francisco Bay Area. And the problem of OFAC is in turn just part of an even larger pattern of outsourced surveillance, algorithmic profiling, and control by what the ACLU has aptly labeled the “Surveillance-Industrial Complex” of private and commercial actors conscripted by government carrots and sticks.

S	M	T	W	T	F	S
					1	2
3	4	5	6	7	8	9
10	11	12	13	14	15	16
17	18	19	20	21	22	23
24	25	26	27	28	29	30