Ongoing litigation on behalf of journalist Thomas Brewster and Forbes Media has revealed a few more details about how computerized reservation systems (CRSs) collaborate with the US government to surveil travelers. It has also prompted new denials by some of those CRS companies that range from misdirection to out-and-out lies.
The highest court of the European Union ruled today that an EU mandate for dragnet surveillance of travelers through government access to airline reservations might be permissible under EU law — but only under conditions that governments of EU member countries, and the US government, may be unable or unwilling to meet.
In 2016, the EU enacted a directive requiring each EU member state to enact a law requiring airlines to hand over copies of passenger name records (PNRs) to the government, and establish a new surveillance agency to profile travelers based on this PNR data. This EU PNR Directive was modeled on US law and on the extrajudicial practices — never tested against the provisions of international human rights treaties, which generally can’t be invoked in US courts — of the US Department of Homeland Security.
The Belgian “Ligue des droits humains” (LDH) filed a lawsuit in the Belgian Constitutional Court challenging the law enacted in Belgium to implement the EU PNR Directive as contrary to multiple provisions of Belgian and EU law.
Before deciding the questions of Belgian law, the Belgian court requested a preliminary ruling from the Court of Justice of the European Union (CJEU), the highest EU court, as to whether the EU PNR Directive is consistent with fundamental EU human rights law.
In today’s ruling (press release and summary in English, full text of judgment in French, provisional translation of judgment in English), the CJEU finds that the EU PNR Directive is not, on its face, invalid — but only if it is implemented and applied in accordance with a long list of conditions specified by the CJEU in its decision.
Governments of EU member states may be unable or unwilling to comply with all of those conditions.
The decision by the CJEU addresses the implications and validity of the EU PNR Directive both as a mandate for suspicionless dragnet surveillance and as a mandate for control of travel, in which PNR data is used as the basis for profiling and other actions.
Of the many conditions set by the CJEU, we find this one on secret law, secret evidence, and judicial review among the most significant. According to the court’s press release:
[T]he Court also stresses that the competent authorities must ensure that the person concerned can understand the operation of the pre–determined assessment criteria and programs applying those criteria, so that it is possible for that person to decide with full knowledge of the relevant facts whether or not to exercise his or her right to judicial redress. Similarly, in the context of such an action, the court responsible for reviewing the legality of the decision adopted by the competent authorities as well as, except in the case of threats to State security, the persons concerned themselves must have had an opportunity to examine both all the grounds and the evidence on the basis of which the decision was taken, including the pre–determined assessment criteria and the operation of the programs applying those criteria.
In cases where EU governments act on “recommendations” from the US government to restrict travel to, from, or within the EU, the EU authorities nominally responsible for these actions may not know what evidence (if any) or algorithms for the basis for US recommendations. And the US may not be willing to share that information with EU governments, especially if EU law might require EU governments to disclose that information to European judges, much less to individuals who are “targeted” on the basis of US recommendations.
The court case now returns to the Belgian courts, but it seems likely that changes to the laws implementing the EU PNR Directive in Belgium and most if not all other EU member states will be required to conform these laws to the conditions laid down today by the CJEU. Another round of litigation in EU member states and perhaps again in the CJEU is likely to be needed to determine whether amended laws have met those tests. Stay tuned!
For more than a decade (see our articles from 2012 and 2018), we’ve been monitoring the saga of Yonas Fikre, a US citizen who was placed on the US government’s “No-Fly List” and blacklisted by his government as a “suspected terrorist” while he was overseas on business.
Last week, after nine years and counting in the courts, Mr. Fikre “won” a second successive favorable decision on pre-trial appeals to the 9th Circuit US Court of Appeals, but his quest for justice remains unfulfilled. The history of this case to date is a case study in the lack of accountability or judicial review for no-fly decisions and decision-makers.
Two new reports from university think-tanks call attention to surveillance and profiling — including surveillance of, and action against, domestic and international travelers — by the Department of Homeland Security and its components.
A Course Correction for Homeland Security, a report by the Brennan Center for Justice at New York University, cites to some of our work and some examples of cases we have been involved with in its analysis of DHS data collection (surveillance), and “risk assessments” (algorithmic profiling and control), especially as they relate to travelers.
American Dragnet: Data-Driven Deportation in the 21st Century, a report by the Center on Privacy and Technology at Georgetown University Law School, focuses on DHS’s Immigration and Customs Enforcement (ICE) division, especially ICE access to facial images and other information obtained from drivers licenses and commercial data brokers.
A common theme of both reports is that DHS surveillance is more pervasive, more intrusive, and less visible than is generally recognized.
Airline reservations and demands for ID from travelers are used not merely to check for currently blacklisted would-be travelers, but are retained and used to build travel histories and social networks maps that are then used by suspicion-generating guilt-by-association algorithms to expand the web of surveillance, profiling, and extrajudicial blacklisting.
ICE represents itself as an agency with jurisdiction only over non-US citizens, but in fact runs photos and drivers license and location data about a large fraction of the entire population of US citizens through its profiling and enforcement algorithms. DHS lurks (usually invisibly) in the background, “ingesting” or obtaining access to personal information, when individuals pose for drivers license photos, make airline reservations, or interact with businesses that “share” data directly or indirectly with DHS.
What is to be done about this sorry state of affairs?
Both of these reports suggest that some reforms could be made by policy, at the direction of the President, the Secretary of Homeland Security, or the heads of DHS components.
However, given the thoroughly bipartisan continuity of support by both Democratic and Republican administrations for the continual expansion of DHS surveillance, especially of travelers and foreigners and most especially of border crossers, since its creation 20 years ago, we have little hope for reform from within DHS or at the behest of the White House.
Exposure of abuses is good, but more is needed than a change of administration policy.
While we welcome any additional attention paid to the problems with the DHS, we think they call for court action to uphold the Constitutional and treaty rights of travelers and other individuals, and Congressional action to effectuate those rights and to facilitate judicial review and redress for government actions that violate those rights.
The DHS, as these reports reveal, is an ever-growing dragnet surveillance agency, operating outside the rule of law. What are we going to do to alter or to abolish it?
Inquiring minds at the American Civil Liberties Union (ACLU) want to know if officers or agents of US Customs and Border Protection (CBP) or other components of the Department of Homeland Security (DHS) have tried to stop you from taking photographs, filming, or recording publicly-visible scenes and events at US land border crossing points.
As we’ve noted many times in this blog, and as as has been established in court cases in which we have participated, you have the right to photograph and record Transportation Security Administration staff and contractors at TSA checkpoints at airports.
We haven’t talked about land “ports of entry” as much as airports, but you also have the right to photograph and record at land border crossings, at least if you do so from places accessible to members of the public who aren’t crossing the border. (We don’t mean to suggest that you don’t also have the right to record or livestream what happens to you as you cross the border. We think you do, but that hasn’t yet been litigated as extensively.)
Read on for more about the state of the law, what you can do to reduce the chances that your right to photograph and record near borders will be violated, and what to do if it is.
For several years the Identity Project has been engaging with the Port of Seattle over its expansion of automated facial recognition to track travelers at Sea-Tac Airport.
Today we made yet another (virtual) visit to the Port of Seattle Commission to give the following comments (PDF) on the latest test of the new International Arrivals facility at Sea-Tac, scheduled to open next week:
Members of the Port of Seattle Commission:
The Identity Project (PapersPlease.org) is a nonprofit civil liberties and human rights organization with expertise in identity-based surveillance and control of travelers.
We are submitting these comments to call to your attention the failure of both the Port of Seattle and US Customs and Border Protection (CBP) to provide notice to travelers of CBP’s collection of facial images (“biometrics”) at the new International Arrivals Facility (IAF) at Sea-Tac International Airport, as required both by Federal law and by the policies on use of biometrics adopted by the Port Commission.
[“Secure Flight” process flow used by the TSA for airline passengers and being tested on Amtrak passengers. The red box at right center is the “black box” for algorithmic profiling, blacklist/blocklist enforcement, and fly/no-fly decision making.]
Amtrak has reportedly given the Transportation Security Administration several months of archives of Amtrak passenger reservations and frequent rider profiles. At Amtrak’s request, the TSA has used these records to test the TSA’s ability to extend to Amtrak passengers the ID-based profiling and blacklisting algorithms the TSA already applies to air travelers.
If you aren’t allowed to travel by air, the right to travel by train is critical. And while all common carriers have an obligation to transport all would-be passengers, Amtrak as a government agency should be most strictly held to that obligation.
The plans to run a batch of historical Amtrak reservations through the TSA’s “threat assessment” black box were disclosed in a Privacy Impact Assessment (PIA) quietly posted on the Department of Homeland Security website last December, and first noted in a news report by Mark Albert of Hearst Television earlier this week.
The PIA posted by the TSA in December 2021 said that Amtrak would give notice of the batch transfer of reservation archives to the TSA through an update to Amtrak’s privacy policy. That policy was last updated in November 2021, and doesn’t mention data sharing with the TSA. But a follow-up report today by Hearst Television quotes the TSA as saying that, “The collection of data and analysis has already occurred,” without the promised notice in Amtrak’s privacy policy.
What will this TSA’s test of Amtrak passenger profiling reveal? Of course some of the people who aren’t allowed to travel by air travel by train or bus instead. Amtrak and Greyhound are the long-distance carriers of last resort for undocumented and blacklisted travelers. So it’s to be expected that the TSA will find a disproportionate percentage of the people it has blacklisted from air travel on Amtrak passenger manifests.
Even more people will be forced to take Amtrak or Greyhound instead of flying if the TSA — as it has threatened — starts preventing people from flying if they don’t have, or don’t show, any ID, or ID the TSA deems to be compliant ID with the REAL-ID Act.
Does this mean that would-be terrorists are riding Amtrak trains? No. It means only that people blacklisted from air travel are riding trains. So far as we know, there have been no terrorist attacks on Amtrak trains. The false positives generated by the TSA’s “threat assessment” algorithms and precogs are evidence of what’s wrong with predictive profiling and why the right to travel by common carrier is so important.
The TSA and DHS have long wanted to extend their prior restraint of travel from airline passengers to all modes of travel including trains and buses, but have lacked any legal basis to do so. Amtrak’s sharing of reservation data with the DHS, even for passengers on international trains, has been represented as a “voluntary” action by Amtrak.
In the absence of any notice from Amtrak, it’s unclear what Amtrak claims as the legal basis for the recent “test” of TSA profiling of passengers on domestic Amtrak trains. Read More
The US Department of Homeland Security (DHS) and the Department of Justice (DOJ) issued new interim rules today for the adjudication of asylum and other claims by a new class of “asylum officers” at US ports of entry, borders crossings, and airports.
These new rules won’t help most asylum seekers.
Did you ever wonder why desperate asylum seekers often travel on overcrowded and leaky boats or try to trek across waterless deserts, and regularly lose their lives?
It’s not because migrants can’t afford plane tickets. It’s because the government at their destination won’t let them buy a plane ticket or board a flight to a place of safety!
International treaties and US law only allow migrants to make asylum claims after they reach a destination country. You can’t apply for asylum in advance, the way you apply for a visa. You have to show up at the border or arrive at a destination airport before you can beg for asylum. And the US and the European Union work hard to prevent migrants from ever reaching a US or EU border or airport where they might make such a plea.
That’s why most migrants’ asylum claims are never “adjudicated”. Instead, they are denied before they get on a plane, by airline staff who have no training or competence to act as asylum judges. Most migrants never even try to travel by airline to a place where they could present their asylum claim, because they know that they will be turned away at the ticket counter or boarding gate. That’s why they end up trying to reach places of sanctuary by “irregular” means of transport, and drowning or dying of thirst in the desert.
Airlines should be helping migrants. Airlines have a legal obligation as common carriers to transport all would-be passengers. They have a financial interest in selling tickets to those passengers. But the US undermines international human rights and aviation treaties by imposing draconian “carrier sanctions” (currently $3,000 per passenger) on any airline that transports any person to the US who is denied asylum on arrival, or denied entry for any other reason. Many European countries do the same.
Airlines claim that they are denying passage to migrants because they “lack the required documents” for their desired destination in the US or elsewhere. But under international and US law, asylum seekers are not required to have or produce any specific documents in order to have valid asylum claims. There’s no such thing as an “asylum visa”. The migrant who arrives with just the clothes on their back and no documents often has a stronger claim to asylum than the one who brings passports, visas and other paperwork.
In 1939, officials in the US and Canada denied the passengers on the S.S. St. Louis “permission” to disembark, fating them to be returned to Europe where many were murdered by the Nazis. In recent years, US administrations have pursued policies designed to keep refugees from reaching US shores. These polices are designed to undermine the right to asylum. What the large print of international humanitarian law offers, the small print of “carrier sanctions” takes away.
It is, by definition, impossible for an asylum seeker to submit their claim or have it adjudicated before they reach the US. It is equally impossible for an airline, a “preclearance officer”, or anyone else to anticipate, before an asylum claim has been made, whether it will be granted. So to save the airline a possible “administrative fine” of $3,000 per passenger, airlines simply deny passage to all such people.
America didn’t use to be like this. People fleeing persecution in the Ukraine under Tsarist Russian rule could get to the US and apply, as long as they could reach a European port with enough money to pay for passage across the Atlantic. No passports or visas were required to buy a boat ticket and board a ship, nor were any required at Ellis Island.
It shouldn’t be harder today to reach asylum than it was a century ago. If the US and European governments were serious about allowing Ukranian refugees to claim asylum, they would repeal these “carrier sanctions”, rather than rearranging the deck chairs on the Titanic by adding a new class of administrative law judges to process the few asylum claimants who do somehow arrive at the border.
The rights of refugees and asylum seekers recognized in high-sounding treaties will become meaningful only when migrants have an actual right to travel to the border or arrival airport to make their claim. Passing the Freedom To Travel Act, now pending in Congress, or including its provisions in any asylum or immigration reform legislation, would be one way to restore that right. But a smaller change in the law to repeal the “carrier sanctions” against airlines that transport migrants would be a great start.
A bill introduced in the current session of the Alaska state legislature, HB 389, would end the issuance by the state of Alaska of driver’s licenses that comply with the Federal REAL-ID Act of 2005.
In addition, HB 389 would give Alaska residents “the option of having the applicant’s driver’s license photograph captured with a camera that produces a photograph in a format or with a resolution that renders the image quality insufficient for facial recognition.” The bill would require that the state Department of Administration and its Division of Motor Vehicles “shall destroy or render unusable for facial recognition purposes any photograph captured as a result of an application for a driver’s license ,” and prohibit “bulk sharing of facial images captured a result of an application for a driver’s license.”
HB 389 was introduced by Rep. David Eastman (R-Mat-Su) and is co-sponsored by Rep. Ronald Gilham (R-Kenai/Soldotna). We look forward to its consideration in the state legislature in Juneau, and to the opportunity to testify on this issue, as we did when the Alaska Legislature first debated whether to comply with the REAL-ID Act in 2006, 2007, and 2008, and again in 2017 when it reconsidered its initial choice not to comply.
HB 389 reflects longstanding sentiment in Alaska against compliance with Federal mandates for ID credentials and sharing of personal information with “outside” entities.
Even the highest official of the Transportation Security Administration in Alaska, the Federal Security Director for the state, has pointed out to his superiors in Washington that many Alaskans live off the road system and don’t need or have drivers licenses. They may be more likely to fly, and to need to fly, than to need to drive. They don’t want to have to show government-issued papers, which they might not have, in order to do so.
In 2008, Alaska enacted a law that prohibited spending any state funds on implementation of the REAL-ID Act.
Nine years later, though, the Alaska DMV defied the law by uploading information about every Alaskan with a driver’s license or state ID to the SPEXS national ID database that was created as a way for states to comply with the REAL-ID Act.
That action by the DMV to move Alaska toward REAL-ID compliance was taken “without permission from the legislature,” as Rep. Chris Tuck, Majority Leader in the Alaska House of Representatives, noted in an op-ed published in newspapers throughout the state after the batch upload of Alaskan driver’s license data to SPECS became public. The batch upload took place just as the legislature was scheduled to again consider REAL-ID compliance, and appears to have been an executive and administrative effort to preempt legislative debate.
Officials from the Alaska DMV and the U.S Department of Homeland Security claimed that REAL-ID “compliant” ID would soon be required in order to travel by air, but were unable to provide any basis for this false claim. At one of the legislative committee meeting in 2008, Rep. Tuck himself testified to his colleagues about how he had flown between Juneau and Anchorage with no ID at all when he accidentally left his wallet in his office.
The Identity Project provided extensive testimony and FAQ’s fact-checking the claims being made by the DHS and the Alaska DMV in support of REAL-ID Act compliance.
A week after we provided Alaska legislators with written testimony about the right to fly without ID, Rep. Jonathan Kreiss-Tomkins, Chair of the State Affairs Committee, passed on a very similar set of questions to TSA officials in Alaska and in Washington, DC. More than a decade after the fact, when the TSA finally responded to one of our FOIA requests, we received copies of TSA internal e-mail messages discussing how to respond to Rep. Kreiss-Tomkins’ questions — but no indication of what, if any, answer was ever provided.
At the end of the 2017 legislative session, however, Alaska legislators reversed their 2008 decision, and authorized the DMV to begin issuing driver’s licenses and ID cards that “comply” with the REAL-ID Act.
From discussion at the public committee meetings we attended, it seemed clear that legislators didn’t like the REAL-ID Act or want Alaska to comply. They didn’t like it that the Alaska DMV had taken matters into its own hands by sending information about all Alaskan drivers and ID card-holders to a private database that’s stored outside Alaska and outside the jurisdiction of any government transparency or oversight laws. But legislators felt powerless to stand up to threats — even illegal threats — from Federal officials.
We welcome the opportunity provided by HB 389 for the Alaska legislature to reconsider its 2017 capitulation to Federal extortion, and reassert Alaskans’ freedom to travel without ID.
[Slide from internal TSA presentation, Identity Verification Staffing Support Overview, March 2017, released in response to FOIA request by the Identity Project.]
As of 2016, almost 2,000 people a day were allowed through TSA checkpoints at US airports either without showing any ID at all, or with other forms of ID that the TSA or its contractors initially considered “unacceptable”.
According to an internal TSA presentation, there were 149,068 calls (an average of 407 per day) for “ID Verification” to the TSA’s ID Verification Call Center (IVCC) in 2016.
The previous year, 2015, there were 112,016 such calls (an average of 306 per day).
Each of these calls presumably corresponds to a person seeking to fly without ID, or with ID that was initially deemed unacceptable by checkpoint staff.
These are just the people who were required to go through the TSA’s “ID verification” questioning for people with no ID. The TSA estimates — based on a smaller sample of incident reports for a 13-day period in February 2016 — that an additional 1575 people per day are allowed to fly with “other forms of” ID that are initially deemed unacceptable, for a total of just under 2,000 people per day who fly with no ID or unacceptable ID.
These numbers are from records recently released by the Transportation Security Administration in response to one of our Freedom Of Information Act requests.
This is a substantial increase from the most recent figures previously released by the TSA.