Papers, Please! – Page 58 – The Identity Project

Jan 24 2012

First rulings in our lawsuit over DHS travel records

U.S. District Court Judge Richard Seeborg has issued his first rulings in Hasbrouck v. CBP, our lawsuit seeking information from and about DHS records of the travels of individual US citizens.

Judge Seeborg granted some of the government’s motions for summary judgment and some of ours, ordered US Customs and Border Protection (CBP) to conduct further searches and disclose any non-exempt responsive records they find, and ordered the parties to confer on the remaining unresolved issues.

We’re still studying the order, which we received notice of late yesterday. But here are some key aspects of the ruling — including some issues of first impression for any Federal court — and some issues it raises:

What’s it like to be labeled an “armed and dangerous terrorist”?

We’ve writ ten before about the case of Julia Shearson, a US citizen who was detained in handcuffs at gunpoint, and separated from her four-year-old daughter, when she tried to re-enter the US by land after a weekend holiday in Canada.

The DHS has admitted that they had improperly flagged her as a “suspected terrorist” on the terrorist watch list and in the (illegal) travel records system that later came to be known as the Automated Targeting System, but to this day — despite her ongoing Privacy act and FOIA lawsuit — Ms. Shearson doesn’t know why.

We urge anyone who wants to know what it’s like to be caught up in the post-9/11 dragnet to listen to this talk given by Ms. Shearson at an event last month in San Francisco, and this video also shown at that event.

Jan 12 2012

US report on human rights ignores complaints

On December 30th, 2011, the US government filed its latest report (and appendices; also here in PDF format) to the United Nations Human Rights Committee (UNHRC) concerning US implementation of, and compliance with, the International Covenant on Civil and Political Rights (ICCPR).

The ICCPR is one of the most important human rights treaties to which the US is a party. By the terms of the ICCPR, each party to the treaty, including the US, is required to report to the UNHCR, every five years, on its implementation of, and compliance with, its obligations under the treaty. Following each such self-report by a national government, the UNHCR has the opportunity to pose questions both in writing and during a face-to-face hearing concerning the report and other issues of treaty compliance by that government. The UNHCR also meets with, and receives “shadow” reports (such as these regarding the previous US report) from, non-governmental organizations with concerns about the government’s self-reporting or other treaty compliance issues concerning that country.

Since the US doesn’t recognize the jurisdiction of most other international human rights tribunals, the UNHCR is one of the only independent bodies empowered to cross-examine the US government and demand answers to questions about its actions and its compliance with international law.

The fourth US report concerning the ICCPR filed in December 2011 was due a year earlier, in 2010. The UNHCR will schedule its review and response to the US report for one of its future sessions in Geneva or New York, perhaps in late 2012 or sometime in 2013.

What’s most notable about the latest US report is how much goes unmentioned, even with respect to topics raised in the previous US report. There’s no substantial discussion, for example, of the comprehensive system of control and surveillance of travelers that has been set up by the DHS, or of whether it complies with the standards established by the UNHCR for government actions which restrict the right to freedom of movement guaranteed by Article 12 of the ICCPR. We’ll be raising that issue in detail, of course, in our shadow report to the UNHCR, as we have in our previous complaints to the DHS and the Department of State. Read More →

Jan 03 2012

The EU-US PNR Agreement — A Legal Analysis of Its Failures

[The following complete article (27 pages) or a summary of the key points (3 pages) can be downloaded in PDF format. Additional analyses and critiques of the proposed EU-US PNR agreement have been published by, among others, the Identity Project, the Electronic Frontier Foundation, and a coalition of US and EU NGOs.]

FROM THE DESK OF BARRY STEINHARDT

Chair, Friends of Privacy USA
Bsteinhardt@friendsofprivacy.us
December 26, 2011

Introduction

The proposed agreement regarding Passenger Name Records (PNR) between the United States and the European Union is riddled with faulty assertions and assumptions about US law and the actual operations of the US Government.

These faulty assertions and assumptions go to the heart of the agreement and undercut the claims of protections for European travelers.

As an American lawyer with substantial experience on the PNR and related issues, I want to set the record straight for the European officials who must act on the proposed agreement.

This memo highlights the most serious of those faulty claims and assumptions.

In summary:

The Agreement does not apply to the agency – the Terrorist Screening Center – which actually decides which travelers will be subject to the No Fly rules.
The US Laws cited in the agreement as offering protections to European travelers actually provide very little benefit or are completely irrelevant to the international transfer of PNR data;
Europeans cannot, as the agreement suggests, obtain independent and adequate relief from unlawful actions by the US Executive Branch (USG) by appealing those decisions under the Administrative Procedure Act (the APA).There are virtually insurmountable substantive and procedural hurdles to the use of the APA in “appealing” decisions of the Department of Homeland Security (DHS).Of greatest importance, most of the relevant actions taken pursuant to the agreement will not qualify as a “Final Order” that can be appealed under the APA;
Beyond that the APA is of little use to travelers who want to challenge the centrally important actions taken by the Terrorist Screening Center (TSC) of the Department of Justice (DOJ).The Agreement is focused on the TSA’s screening of air passengers. It gives short shrift to and offers very little protection from the Automated Targeting System (ATS) operated by Customs and Border Protection (CBP) which is a wholly separate branch of DHS.It is CBP – not the TSA – that use the ATS to decide how Europeans will be treated when they enter exit the US;
There are substantial uncertainties about which, if any, court would be empowered to hear an “appeal” and which agencies would need to be sued. Complex jurisdictional rules regarding APA appeals and transportation security issues throw air passengers into a procedural thicket from which they may never escape;
The DHS Chief Privacy Officer has neither the independence nor the authority claimed in the Agreement. Nor does the CPO of the Justice Department whose jurisdiction includes the TSC, and;
The Agreement does not cover the USG’s uses of private commercial data e.g. data obtained from the Computer Reservation Services (CRS) and the USG has wide power under the Patriot Act and related law to obtain data them.

Civil liberties principles for border policy

In anticipation of the announcement today of new, secretly-negotiated plans for a “North American Security Perimeter” agreement between the US and Canada, Privacy International, the American Civil Liberties Union, the Canadian Civil Liberties Association, and a coalition of other Canadian organizations have released a joint statement of the core civil liberties and human rights principles that ought to apply to any such agreement.

We strongly endorse this statement, and commend it to the attention not just of Canadian and US politicians, activists, and public citizens but also to people in Europe and elsewhere concerned with US efforts to internationalize and globalize the Homeland Security state and “War on Terror”. (It’s clear, for example, that the proposed European Union-US agreement on DHS access to PNR data, and current procedures for “no-fly” decisions related to flights to and from the EU, would not meet these criteria.)

In contrast to previous commentary on the surveillance and control of cross-border travel as solely a “privacy” issue, the core legal principles in the PI/ACLU/CCLA statement include both the substantive right to freedom of movement as protected by the International Covenant on Civil and Political Rights (ICCPR, Article 12) and the U.S. Constitution, and the procedural right to due process not just in how travel data is handled (“data protection”) but with respect to any decision impinging on the right to travel or imposing other ill effects.

Those interested in civil liberties and privacy protection in the particular context of USA-Canada cross-border travel should also see the Canadian Privacy Commissioner’s audit report on Privacy and Aviation Security: An Examination of the Canadian Air Transport Security Authority (November 7, 2011) and statement regarding Fundamental Privacy Rights within a Shared Vision for Perimeter Security and Economic Competitiveness (July 7, 2011).

Dec 05 2011

Open letter to Members of the European Parliament on EU-US PNR agreement

The Identity Project joins 20 other nonprofit, nongovernmental organizations from Europe and the USA in a joint letter being sent today to Members of the European Parliament (MEPs) to inform them about the real facts of the proposed EU-US agreement on U.S. DHS access to PNR (travel reservation) data from the EU, and to ask that MEPs reject the proposed and highly controversial agreement.

Press release: Concerned NGOs send letter to inform Members of the European Parliament about the EU-USA Agreement on Passenger Name Records.

German version of press release: VIBE!AT und NoPNR.org senden offenen Brief an EU Parlamentarier um sie über das Fluggastdatenabkommen mit den USA zu informieren.

Text of letter (letter in PDF format):

Information on the upcoming vote on the EU-USA PNR Agreement

Dear MEP,

Soon you will be deciding on the EU-US agreement on passenger name records (PNR).

Since there is confusing information on this agreement, there are a few things we would like to clarify.

Please consider the following issues for your decision on the EU-US PNR Agreement:

Read More →

Dec 03 2011

Fallout from our publication of the EU-US PNR agreement

While it’s gotten almost no notice (yet) in the USA, our publication of the previously-secret text of the proposal for an agreement between the US and the European Union on DHS access to European PNR (passenger name record) data has prompted extensive discussion this week by journalists, activists, politicians, and bloggers throughout Europe. Here’s a partial wrap-up; please post additional links in the comments:

DHS “Automated Targeting System” records

The “Automated Targeting System” (ATS) has been a topic of discussion this week at the Securing Our Rights in the Information-Sharing Era conference on national security, surveillance, and immigration enforcement.

ATS is operated by the Customs and Border Protection (CBP) component of DHS, although ATS apparently contains links to records held by other agencies and other commercial databases. ATS records include passenger name records (travel reservations), border crossing logs, secondary inspection notes, “risk assessments” of all travelers (even if you aren’t on any watch list), risk assessment algorithms, and pointers to other databases.

Public notice of the existence of ATS was first provided in 2006, but ATS records provided in response to individual requests show that it had already been in operation, illegally, for years before that. If you’ve been on an international airline flight to or from the U.S. in the last ten years, or crossed the U.S. land border in the last few years, CBP has an ATS file of information about you and your travels. There might be ATS records of earlier trips, although older ATS records are spottier. Some ATS files include border crossings and international flights from as far back as the early 1990s.

We’ve posted forms you can use to request your own ATS file from CBP, as well as examples of some of the types of data included in responses to requests for ATS records. (There’s more about what we’ve found in ATS records in this front-page story from 2007 in the Washington Post.) Contact us if you want help with requests or administrative appeals, or in interpreting responses.

If you think there’s any chance you might be on a watch list, you should also send a separate request to the DHS Chief Privacy and FOIA Officer for records from the DHS /ALL-030 Use of the Terrorist Screening Database (TSDB) System of Records. Be sure to state that your request is made under both the Privacy Act and FOIA, and include a request for an accounting of all disclosures of records about you.

The first panelist at the conference was Julia Shearson, a native-born U.S. citizen who was arrested when she tried to drive back into the U.S. after an innocent weekend trip to Canada, on the basis of an entry in ATS falsely flagging her as an “armed and dangerous terrorist”. She’s suing DHS under the Privacy Act to find out why they labeled her a terrorist. Her lawsuit is still pending on remand after a favorable Circuit Court ruling reinstating her complaint. We last reported on her case here; there’s more about her story in this video which was shown yesterday at the conference, and this article from the Cleveland Plain Dealer. Whether the Privacy act provides for recovery of emotional damages was the subject of oral argument before the Supreme Court earlier this week in FAA v. Cooper.

Also still pending is our Privacy Act and FOIA lawsuit against CBP on behalf of Identity Project consultant Edward Hasbrouck, who is seeking ATS records about himself (including his “risk assessments” and the rules used for determining those risk assessments), an accounting of disclosures of those records to other agencies or third parties, information about how ATS records are indexed and retrieved, and records of the processing of his initial requests for ATS records. (He received only incomplete and redacted responses, and not until three years after his initial request and three weeks after he filed suit against CBP for its failure to respond or provide the requested records). A hearing on motions for summary judgment was held in September, and a decision is pending.

Other previous lawsuits related to ATS are discussed here. We’ve also filed comments on CBP rulemakings, objecting to ATS as in violation of the Privacy Act and international human rights treaties.

[On a separate note, the ongoing prosecution of Dr. Ghulam Nabi Fai under the Foreign Agents Registration Act, which was also mentioned at the conference, is discussed here.]

Dec 01 2011

DHS responds to our complaints of human rights treaty violations

More than five years after we filed our first formal complaint with the Department of Homeland Security that its travel surveillance and control programs violate U.S. international human rights obligations under freedom of movement) of the International Covenant on Civil and Political Rights, we’ve finally received a response from the DHS Officer for Civil Rights and Civil Liberties. [Update: Our follow-up letter to DHS OCRCL requesting review of our complaints by the Interagency Working Group on Human Rights Treaties.]

The response dismisses all of our complaints, and indicates a disturbing failure to understand the fundamentals of international human rights law. For example, it repeatedly states that the policies we complained about were “authorized” by federal law, when under the Constitution no statute can authorize actions contrary to U.S. obligations under international treaties.

Nonetheless, this is the first time, so far as we can tell, that any Federal agency has formally acknowledged a complaint from the public as being a complaint of violation of U.S. human rights treaty obligations by that agency, or has provided any formal response to such a complaint.

While such complaints are unlikely to have much direct effect, the process created in response to our complaint and our follow-up FOIA and Privacy Act requests provides, for the first time, a mechanism for documenting the fact that such complaints have been made.

Executive Order 13107 requires each cabinet-level federal department to designate a single point of contact for complaints of human rights violations, and to respond to such complaints.

Having gotten the DHS to implement these provisions of Executive Order 13107, we’re still trying to get the issues we’ve raised considered by the Interagency Working Group on Human Rights Treaties.

We’re also continuing to pursue our human rights complaint and follow-up FOIA request to the Department of State. When last we heard from the Department of State, they estimated that they would have a response to our FOIA request in April 2012.

If you want to make such a complaint yourself about the DHS or any DHS component, send it to:

Ms. Margo Schlanger
Officer for Civil Rights and Civil Liberties
Building 410, Mail Stop #0190
U.S. Department of Homeland Security
Washington, D.C. 20528
CRCL@dhs.gov

If you can’t figure out who has been designated as the “single point of contact” for some other department, send it to the respective cabinet secretary. The magic words to use are:

This is a complaint of a violation of U.S. obligations under international human rights treaties, specifically [specify clause and treaty]. We request that you refer this complaint to the officer you have designated as the single contact officer for your department responsible for overall coordination of the implementation of Executive Order 13107 on implementation of human rights treaties, and that we be provided with a response to this complaint. We also request that the subject matter of this complaint be reported to the Interagency Working Group on Human Rights Treaties, and included in the annual review by the Interagency Working Group of matters as to which there have been non-trivial complaints or allegations of inconsistency with or breach of international human rights obligations.

If you don’t receive any answer, make a FOIA request like this one for what has happened to your complaint and who (if anyone) has been designated as responsible for such complaints to that department.

If you try this , please let us know how it goes, and what (if any) response you receive.

We’ve reported on this process in a series of articles in this blog over the years. For those who are interested, here’s a chronological set of links to our correspondence with the DHS and Dept. of State:

Revised EU-US agreement on PNR data still protects only travel companies, not travelers

On November 17, 2011, US and European Union officials initialed a renegotiated proposed agreement (original English version; official German translation; official French translation) to authorize airlines to forward PNR data (travel reservations) to the U.S. Department of Homeland Security (DHS). As an executive agreement, not a treaty, it doesn’t require any further US approval, but it does require ratification by both by Council of the EU (national governments of EU members) and the European Parliament.

The US is mounting an exceptionally intense high-level lobbying and public propaganda campaign on this issue in Brussels. But despite the importance of the issue, members of the European Parliament (MEPs) have only been allowed to read the proposed agreement in a sealed room, and have been forbidden to take written notes or speak publicly about what the revised proposal says.

To facilitate informed public debate, we are publishing the full text of the proposed agreement in English, German, and French. This is the final version as initialed, on which the Council and Parliament will be voting, possibly as soon as the end of this year.

The latest version of the EU-US agreement on PNR transfers to the DHS fixes none of the fundamental problems we and the European Parliament have identified in previous drafts, as discussed in our previous articles, our FAQ about the previous version of the proposal, and our recent presentations to MEPs: