Papers, Please!

The Identity Project

May 17 2007

What’s the risk of a national ID card?

Some people don’t understand why we oppose a national ID card. “It’s just a piece of paper,” they say. “What does it matter?”

Historian and law professor Eric Muller of the University of North Carolina has been trying to find out exactly what happened to his great-uncle Leopold Muller, who was deported from his home in Germany in 1942 and never heard from again by those of his family who survived. Most likely, he was eventually murdered at the death camp called Belzec.

Recently, in the course of his research, Eric found his Uncle Leopold’s German national ID card. He also found his Uncle Leopold’s medals for his service in the German army in World War I, during which he lost the use of one arm. But his Kemmkarte identified him boldly on the cover as Jew, not a decorated war veteran. Perhaps that’s why he arrived at the “evacuation” center without his ID card:

The Jew Leopold Israel Müller … will be evacuated to the East on April 25, 1942. He alleges that on April 24, 1942, he lost the kennkarte that he formerly had in his possession…. Müller is therefore without identification papers.

Was the ID card “just a piece of paper” to the Nazis? Was it sufficient that they had the person they wanted in their custody, and would soon send him to his death? No. They immedietely sent the police to search his empty house, find his kennkarte, and dutifully forward it after him (although by the time it arrived, he had been sent on, presumably to his death). The card itself mattered. To “lose” the card was, perhaps, to escape the fatal consequences of the definition it imposed.

Eric tells the story much more eloquently than we could. But what we think is noteworthy in contemporary context is the importance the national ID card played in defining the individual, and involuntarily binding the actual person to the designation (in his case, “Jew”) and categorization imposed on him by the government.

We are people, entitled to define (and redefine) ourselves. We are not, and we should not be, “identified” solely by which pigeon-hole(s) a government decides to put us in.

May 17 2007

GAO confirms IDP complaints that ATS was a crime

Auditors from the Government Accountability Office who reviewed the “Automated Targeting System” (who’s a target? anyone who travels) concluded that the DHS Customs and Burder Protection division “has not fully disclosed or assessed the privacy impacts of its use of personal information during international passenger prescreening as required by law.”

CBP has published public notices and reports that describe certain elements of its international prescreening process, but these documents do not fully or accurately describe CBP’s use of personal data throughout the passenger prescreening process. It is important for CBP’s documentation to describe all of the steps of the prescreening process because the interrelationship of various steps of the process allows data to be transferred and used in ways that have not been fully disclosed.

CBP’s international prescreening process involves a wide range of procedures and data sources that CBP utilizes to determine passenger risk levels. According to a CBP official, to help make these prescreening decisions, CBP collects personal data from multiple sources (including passengers and government databases), and uses the data for several purposes, including identity matching against the government watch list, risk targeting, and passenger document validation. According to CBP, its officers also use commercial data, to a limited degree, to assist them in confirming a passenger’s identity when needed. CBP’s public disclosures about APIS and ATS do not describe all of the data inputs or the extent to which the data are combined and used in making prescreening decisions.

That’s one of the specific complaint the Identity Project made in our original and supplementary comments to the DHS in response to its (late and legally inadequate) notices about the targeting system. The GAO report on airline passenger “screening” was submitted to Congress, and to the DHS, in November 2006, but a censored (“redacted”) version wasn’t made public until this week.

As we pointed out in our comments, it’s a crime under the Privacy Act for a Federal official to operate a system of records — to keep dossiers on U.S. citizens or residents — without legal authority and proper notice. Now the government’s own auditors have confirmed that those running this system to target travelers are, indeed, criminals.

Are the DHS’s “Privacy Officers” capable of policing their own colleagues’ criminal violations of the Privacy Act? If not, will anyone else step in to hold them accountable? Or will the public have to take matters into our own hands, by refusing to comply with unlawful, unconstitutional demands to surrender our human rights and freedom of movement?

May 17 2007

Alaska REAL ID Enabling Legislation Left to Rot on the Vine

Good news from the Last Frontier: The REAL ID Enabling Act of 2007 (HB3) failed to even get a floor vote in in the House before the Alaska state legislature adjourned for the year. There’s a chance the bill will be taken-up again next year, but Alaskans are an independent lot who don’t like being told they have to carry ‘papers’.

The Identity Project is proud to have testified at every hearing held on HB3; and was instrumental in drawing attention to the real problems with REAL ID.

State Rep Bob Lynn (R), a nice guy who should know better than to push totalitarian nonsense down the throats of his constituents, has been pimping REAL ID snake oil for several years. Fortunately, he hasn’t been terribly successful.

Alaskans need to remain vigilant. They’ll have their chance over the next couple of months as an IDP assisted lawsuit against the Alaska DMV for changing their drivers license rules goes forward in state court.

May 17 2007

The Identity Project’s Comments Against Real ID

Real ID requires states to act as Federal agents in the unwise policy of turning our transportation systems into a dragnet for law enforcement. Americans must increasingly prove they are not on secret government lists in order to travel or generally function in their own country. This is wrong. Contrary to DHS’ mantra that “we must do everything to prevent terrorism,” we must not surrender our hard won liberty and then falsely believe ourselves safer or patriotic in doing so.

Other have addressed the financial cost and inconvenience this program imposes upon the states and their citizens, the violation of state sovereignty and the commandeering of their resources by the federal government, and the privacy and security concerns surrounding the gathering, maintaining, and sharing this huge amount of data. Briefly addressed here is whether the intended use of Real ID achieves its goals, and a warning that the path we are on is a dangerous one.

Click here to read our comments in full.

May 03 2007

Submit comments against Real ID (National ID) this week!

On May 1, 43 organizations encouraged citizens to submit public comments to stop the nation’s first national ID system: REAL ID. The groups represent privacy, consumer, labor, civil liberty, civil rights, and immigrant organizations, such as the American Library Association, AFL-CIO, Common Cause, National Council of La Raza, and Gun Owners of America. Read More

Apr 27 2007

Comments on European regulations for reservation systems

The European Commission is considering whether to revise or repeal its regulations governing Computerized Reservation Systems (CRS’s), including the provisions of those regulations protecting the privacy of personal information in airline reservations.

The Identity Project has filed comments with the Commission, urging that these privacy provisions be retained, strengthened, and enforced — not weakened or repealed.

Feb 12 2007

Identity Project unwelcome in Washington

Travel expert, author, and Identity Project consultant Edward Hasbrouck was expelled from the World Research Group, Inc. “Aviation Security Summit” conference — to which he had been specifically invited, as an author, and for which he had registered, paid in full, and been confirmed and signed in as an author — this morning in Alexandria, Virginia. A Wired News reporter, who has been promised a press pass, was also turned away when they arrived. [More from Wired’s 27B Stroke 6 blog, including an audio file of the voicemaail message promising their correspondent admission, here and here] According to conference organizer Pamela Masselli, one of the speakers was unwilling to give their prepared presentation with an author in the audience.

There are many objectionable aspects to this story. But let’s just think about what it says about airport security and the people managing it, assuming the claims about the reasons for Mr. Hasbrouck’s expulsion are true:

An airport security director was on the verge of giving a talk, containing sensitive information that it would be dangerous to make public, in a publicly advertised open forum to which the press had been invited and encouraged to attend. This would seem to be prima facie evidence of gross negligence in their handling of such sensitive information, and in failing to verify, before preparing a “sensitive” presentation, that the venue would be a secure one and the audience properly “cleared” to receive such information. Don’t hold your breath, though, for them to lose their security clearance, or their high-level security management job, for this negligence.

Then they proposed as a “solution” Mr. Hasbrouck’s eviction — thereby indicating, presumably, that they intended to proceed with the same “sensitive” presentation in a venue and before an audience that has still been neither secured nor “cleared” to receive it.

Mr. Hasbrouck registered in his own name, and truthfully volunteered his actual profession. But no attempt was made to check ID or verify who registrants actually were, Anyone remaining in the room after Mr. Hasbrouck was shown the door could have been — well, anyone. Presumably, if there were would-be terrorists in attendance, they wouldn’t have registered as journalists (or as terrorists), but in either fictitious or stolen identities.

Whoever saw throwing out the one known author as a way to “secure” the roomful of other entirely unknown people thereby proved themselves enthralled by a security fallacy, and grossly incompetent as a security professional. Sadly, that same fallacy is at the root of most of the demands for credentials and information about travellers. These measures, described at the start of the conference in words attributed to Secretary of Homeland Security Chertoff as “keeping bad people out of the country and off airplanes”, are premised on the false assumptions (1) that there exists a complete and accurate list of all the “bad people” in the world, and (2) that such people, when they want to “do bad things”, will use their own identities rather than fictitious or stolen identities.

Perhaps, in expelling Mr. Hasbrouck, the airport security authorities revealed more about themselves and their (in)competence than they would have if they had let him stay.

Jan 23 2007

New passport rules frustrate last-minute travelers

Effective today, the Western Hemisphere Travel Initiative (WHTI) requires passports for all air travel between the U.S., Canada, Mexico, the Caribbean, and Latin America.

Today the New York Times reports on the problems the new rule has caused for would-be last-minute travellers from the U.S., especially business travellers, who find out they need to travel too late to obtain a passport by mail, and thus have to apply in person at a U.S. State Department Passport Office or through a commercial passport and visa expediting service. The numbers of last-minute applicants have exceeded the capacity of the Passport service, frsutrating travellers and causing some of them to lose potential business.

This is exactly what the Identity Project predicted in comments filed with the DHS and the State Department when these new WHTI rules were proposed last year.

In its assessment of the cost burden of the proposed rules, the DHS and the State Department considered only regular passport applications (supposedly six to eight weeks processing time, although we recently heard from someone who received their passport more than five months after they applied) and expedited two-week service by mail. They made no mention of what happens when a psasport is needed in less than two weeks.

In our comments, we pointed out this omission, and gave a detailed breakdown of the escalating costs of obtaining a passport more quickly, as well as of the consequential costs of trips that would be impossible becaase a passport couldn’t be obtained quickly enough.

The DHS dismissed our comments out of hand, in a response to comments published in the _Federal Register_ in November along with the final rule that goes into effect today:

Comment

One commenter argued that the cost to obtain a passport is significantly underestimated because the time estimated to obtain a passport is too low.

Response

We appreciate this comment and the detail that accompanied the estimate provided in the comment. However, the commenter presented an estimate that was overly pessimistic and represented an absolute ‘‘worst-case’’ scenario that would rarely, if ever, be realized.

The final WHTI cost assessment continued to ignore any of the implications of passports applied for in person or needed in less than two weeks.

As today’s story in the Times shows, the “worst-case scenario” we predicted has already been realized, even before the new rules have taken effect.

It’s time to end the DHS’s extra-judicial and unconstitutional interference with internationally recognized human rights to freedom of travel.

Dec 29 2006

More illegalities in the “Automated Targeting System”

Even while trying to defend the Automated Targeting System that is being used to deny travelers their rights on the basis of secret “risk assessments” that give each of us a terror score from secret databases of third-party and government information about us, the Department of Homeland Security has admitted to more and more violations of Federal laws, the U.S. Constitution, and international human rights treaties.

Today the Identity Project filed supplemental comments with the DHS, pointing out the additional legal problems — including criminal violations of the Privacy Act by DHS officials — revealed by DHS statements since we filed our initial comments on the ATS scheme and how it violates an explicit Congressional prohibition on assigning risk to airline passengers whose names aren’t on government watch lists.

We don’t expect the DHS, especially its Privacy (invasion) Ofiice, to police itself. Keep asking questions and demand answers and action from Congress and European Union officials. If you are in the EU, request your travel records so that we can find out what has really been happening, and how they have really been used.