Bill C-51 would match Canadian no-fly scheme to the US — and go further

April 17th, 2015

This week is Stop C-51 Week, marked by events throughout Canada and elsewhere in opposition to Bill C-51, currently under consideration by the Parliament of Canada, “An Act to enact the Security of Canada Information Sharing Act and the Secure Air Travel Act, to amend the Criminal Code, the Canadian Security Intelligence Service Act and the Immigration and Refugee Protection Act and to make related and consequential amendments to other Acts.”

We’ve joined a who’s who of civil liberties and human rights organizations, activists, and experts from Canada and around the world who have co-signed a letter to Prime Minister Stephen Harper opposing Bill C-51.

It’s only a slight oversimplification to say that Bill C-51 is Canada’s version of the USA Patriot Act, 13 years later but on steroids.  It appears to violate the Canadian Charter of Rights and Freedoms and Canadian obligations pursuant to several human rights treaties including the International Covenant on Civil and Political Rights (ICCPR).  But if enacted, and if not voided on constitutional grounds by Canadian courts, it would purport to authorize a wide range of government spying, “pre-crime” policing (profiling), and preemptive interference with the exercise of fundamental rights.

Bill C-51 is an omnibus bill which incorporates almost everything one might expect to find on a secret police wish list.

One component of Bill C-51 that particularly concerns us, but which seems to have received less attention than some other sections of the bill or than we and some other experts on freedom of movement think it deserves, is the portion of Bill C-51 comprising the so-called “Secure Air Travel Act“.

If Bill C-51 is enacted, it would be the fourth time since 9/11 that Canadian law has been amended to allow and/or require government surveillance and control of air travelers in ways that were previously unauthorized and/or contrary to prior Canadian law including the Personal Information and Electronic Documents Act (PIPEDA).

The previous legislative acts to override PIPEDA and authorize surveillance of air travelers to, from, and within Canada include Bill C-44 in 2001, Bill C-42 in 2011 (we testified against this bill when it was under consideration by Parliament in late 2010), and Bill C-45 in 2012 (nominally an omnibus budget bill, but see Sections 264 et seq. amending the Customs Act).

If enacted, the Secure Air Travel Act and related provisions of Bill C-51 would create, for the first time, a statutory basis for the existing (and apparently illegal, or at least lacking an explicit basis in statute) enforcement by the Canadian government of a “no-fly” list based on secret Canadian and US administrative decisions.

Our friend Prof. Colin Bennett of the University of Victoria (British Colombia), a leading academic expert on the comparative politics of no-fly lists in the US and Canada and one of the signatories of the petition opposing Bill C-51, has published a detailed analysis of how Bill C-51 would affect the Canadian no-fly list.

The “no-fly” procedures proposed in Bill C-51 are similar in many respects to the procedures being used in the US, as described in the most recent filings by the US government in lawsuits challenging US no-fly orders. We’ll leave it as an exercise for our readers to figure out, or speculate, just how much behind-the-scenes coordination there has been by US and Canadian authorities in developing the most recently revised and proposed procedures on both sides of the US-Canadian border.

Under the system contemplated by Bill C-51, a person who discovers they are on the Canadian no-fly list when they are not allowed to board a flight can apply to the Minister of Public Safety for “review” of the decision that was already secretly made, on the basis of secret evidence, to put the person on the Canadian no-fly list.  The Minister or his or her designee will secretly review the secret allegations against the person and the evidence (if any) in the government’s secret files about the person.

If the Minister decides to keep the person on the no-fly list, the person will be told that the minister has decided to keep them on the no-fly list, but won’t necessarily be told anything about the basis for that decision. The person can then, and only then, ask a Canadian federal court to review the Minister’s decision. But the court will be required to apply a deferential standard of review, under which the court can overturn the minister’s decision only if it is “unreasonable”.  And the entirety of the court hearing and all of the evidence considered by the judge can be kept secret from the person trying to challenge the no-fly order, making it impossible for them to know what allegations or evidence they need to rebut.

Like their counterparts in the US, Canadian authorities began issuing no-fly orders to airlines, and requiring airlines to enforce them, without any clear statutory authority or legal basis for these actions.

Some might argue that establishing a statutory framework for the administration of a no-fly regime, as would be done by Bill C-51, is an improvement over a scheme operated entirely outside of the law.

We disagree. The current extrajudicial administrative no-fly orders being issued both by the Canadian and by the US government lack any basis in law in either country, and exceed the authority of the agencies issuing these no-fly orders.  As long as this remains the case, they remain vulnerable to eventually being challenged and overturned on these grounds (in addition to the Constitutional objections, in both Canada and the US, that remain available regardless of what laws are enacted by Parliament or the US Congress).

By incorporating at least purported authority for secret administrative no-fly orders restricting the fundamental right to travel into Canadian statute law, Bill C-51 would move government controls on free movement in Canada beyond even those in the US, where no-fly orders continue to lack a basis in any act of Congress.

Stop Bill C-51.

Feds change no-fly procedures to evade judicial review

April 16th, 2015

In updates filed with Federal courts in at least two pending challenges to US government “no-fly” orders, lawyers for the government have revealed plans for changes to the internal procedures administrative agencies use in deciding who they “allow” to fly — and who they don’t.

While these changes look like cosmetic but inadequate improvements, they actually include an obscure but much more significant change designed to make it harder for people on the no-fly list to get the factual basis (if any) for the decision to put them on the list reviewed by a judge.

By shifting official responsibility for administrative no-fly decisions from the FBI to the TSA, the government hopes to bring those decisions fully within the scope of a special Federal jurisdictional law, 49 U.S.C. § 46110, which is designed to preclude any effective judicial review of TSA decisions.

This law allows TSA administrative orders to be reviewed only by Courts of Appeal (which have no ability to conduct trials or fact-finding), on the basis of the “administrative record” supplied to the Court of Appeals by the TSA itself.  The Court of Appeals is forbidden to second-guess the TSA’s fact-finding, even if it was made through a secret and one-sided internal process: “Findings of fact by the Secretary, Under Secretary, or Administrator, if supported by substantial evidence, are conclusive.”  As long as there is substantial evidence in the record constructed by the TSA to justify its actions, the Court of Appeals is forbidden to consider the weight of contrary evidence, even if it is also in the record.  And the TSA is free to decide that evidence submitted by anyone on the no-fly list is, for that very reason, not credible.

No-fly cases have been considered by District Courts, and one of them has gone to trial, only because the FBI (as the agency nominally responsible for the inter-agency Terrorist Screening Center) has been declared by both TSA and FBI to be the agency officially responsible for no-fly decisions.  When FBI decisions are challenged by people who claim their rights have been violated, those decisions are reviewed in the normal manner by District Courts that can conduct trials, hear testimony, receive evidence, and make their own findings of fact — without being required to rely exclusively on self-serving submissions by the FBI itself.

Initial reports reports on the revised no-fly procedures, first by Steven Aftergood of  the Federation of American Scientists and then by The Intercept and Firedoglake, have focused on the obvious changes: People who challenge whether they should be barred from flying may be given vague descriptions of the allegations or evidence (if any) against them or the no-fly criteria by which it was evaluated, or unclassified summaries of classified allegations or evidence or criteria, “to the extent feasible in light of the national security and law enforcement interests at stake” as assessed internally by the administrative agencies making no-fly decisions.

This “No-Fly 2.0″ decision-making process is designed to look less obviously one-sided and opaque than the previous “decide everything in secret, and never confirm or deny anything” policy. But it has immediately (and rightly) been criticized for falling short of adequately addressing the scenarios of injustice that have been raised by Federal judges in these and other no-fly cases.

The more significant change in no-fly decision-making, however, is a less obviously significant change in agency responsibility for no-fly decisions from the FBI to the TSA.

Under the new procedures:

Upon DHS TRIP’s receipt of an individual’s submission … the matter will be reviewed by the Administrator of the Transportation Security Administration (TSA) or his/her designee in coordination with other relevant agencies, who will review the submission, as well as the unclassified and classified information that is being relied upon to support the No Fly listing, and will issue a final determination.  TSA will provide the individual with a final written determination… and will notify the individual of the ability to seek further judicial review under 49 U.S.C. § 46110.

The elimination of even a nominal role for the FBI, and the assignment of sole responsibility for no-fly orders to the TSA, means that even if the FBI is named as co-defendant, people trying to challenge these orders will have to go directly to the Court of Appeals. Do not pass through a District Court, through any judicial fact-finding, or before a jury. And do not collect damages for wrongful orders by the TSA, since the authority of the Court of Appeals with respect to TSA orders is limited by 49 U.S.C. § 46110 to directing the TSA to modify its orders, or remanding the matter to the TSA itself for a “do-over”.

(49 U.S.C. § 46110 applies only to “final orders” by the head of the TSA or his or her designee. Documents we’ve obtained recently in response to Freedom of Information Act requests show that the ability to make real-time “fly/no-fly” decisions doesn’t rest solely with the head of the TSA, but has been delegated to the TSA “Federal Security Director” for each airport or his or her designee on duty. Presumably, however, any challenge to such a lower-level no-fly order would prompt a “final order” in the name of the head of the TSA upholding the front-line decision and thus exempting it from District Court jurisdiction.)

The TSA will, no doubt, try to portray the latest changes to no-fly procedures as “reforms” that will improve the transparency and fairness of the process. But the reality is that the TSA has included in its “reform” package a crucial change designed to close what the TSA sees as the “loophole” that has allowed these cases to be heard by Federal judges despite the TSA’s efforts to get Congress to exempt the TSA’s decisions from judicial review.

The manner in which courts review TSA no-fly orders — if courts are allowed to do so at all — begs the question of  the TSA’s lack of any statutory authority to issue such orders in the first place. Congress should repeal 49 U.S.C. § 46110.  But even while this law remains on the books, Courts of Appeal reviewing such orders should strike them down as exceeding any authority Congress has granted to the TSA.

If the TSA comes to believe that someone poses such a threat to aviation as to justify restricting that person’s right to travel, the TSA should petition the appropriate court — presumably a federal District Court — for a judicial no-fly order in the form of an injunction or temporary restraining order.  That motion for a TRO or injunction can, and should, be considered by a trial court judge in the normal manner, under existing rules and procedures.

Why did the TSA prevent these people from flying?

April 9th, 2015

Documents newly released to us by the TSA strongly suggest that the TSA has been lying about whether people are “allowed” by the TSA to fly without showing ID, and that decisions about whether to allow travelers to fly without ID are being made arbitrarily, on the basis of irrelevant and unreliable commercial data and/or at the “discretion” of individual field-level TSA staff.  The TSA documents also show that, at least for the limited sample of data initially released, the “false-positive” rate of watch-list matches is 100%.

The TSA has for many years been contradicting itself, both in word and in deed, as to whether travelers are required show government-issued (or any other) ID credentials in order to fly, or whether it is possible to fly without ID.

TSA signs at airports say that passengers are “required” to show ID. But the TSA has repeatedly told courts at all levels — from in camera (secret) submissions to the 9th Circuit Court of Appeals in Gilmore v. Gonzales in 2006 to public testimony of the TSA’s witness in the (unsuccessful) state court frame-up of Phil Mocek in Albuquerque in 2011 — that these and other official TSA notices to passengers are false, that ID is not required to fly, and that the TSA does have (secret) “procedures” that allow people to fly without having or showing ID.

The TSA’s actions are equally bipolar.  People who say they have lost their ID cards or had them stolen are “allowed” to fly every day.  But people who the TSA deems (for secret or not-so-secret reasons, or completely arbitrarily) to  be”suspicious” or “uncooperative” are routinely subjected to retaliation and summary sanctions including denial of  their right to travel.  Mr. Mocek, for example, was both prevented from boarding the flight for which he had a valid ticket, and falsely arrested by local police at the behest of TSA staff, when he tried to fly without ID and to document the process that the TSA claimed would have allowed him to do so.

What’s the real story? From our close reading of the available evidence, it appears that:

  1. There are no publicly-disclosed “rules” (and probably not even any unambiguous secret rules) defining what is or is not permitted or required of travelers at TSA checkpoints, or what conditions the TSA imposes on the exercise of the right to travel by air.
  2. The TSA claims to have the legal authority, and in practice exercises actual power, to determine who to allow to fly, and who not to allow to fly, in an entirely secret, standardless, and arbitrary manner, at its sole discretion, which discretion is often delegated to front-line TSA staff.

How does this work in practice? We are just beginning to find out.

In 2009, in response to one of our requests under the Freedom of Information Act (FOIA), the TSA gave us a redacted (censored) version of the section on Travel Document and ID Checks from the TSA’s “Screening Management SOP” (Standard Operating Procedures) manual.  An unredacted version of this SOP, including this section, was later inadvertently posted by the TSA on a public Federal government website.

In response to our follow-up FOIA request, the TSA also eventually released the latest (as of 2013) version of TSA Form 415, “Certification of ID”, which some travelers without ID credentials are asked to complete. We also received documents indicating that the TSA has not received the regulatory approval from the Office of Management and Budget (OMB) that would be necessary if completion of this form were to be mandatory, or if any sanctions (such as denial of passage) were to be imposed for declining to fill it out.

So far as we can tell, the release to us of the Travel Document and ID Checks section was the only time any portion of any TSA SOP has been released in response to a FOIA request. In response to our subsequent requests, the TSA has claimed that all its SOPs — including updated versions of the section it released to us and the one it posted on a public website — are “Sensitive Security Information” (SSI) exempt from FOIA.

In 2013, however, the TSA included in its response to another of our FOIA requests an e-mail message discussing and quoting a portion of an “ID Verification Report” on how many people had tried to fly without ID and what had happened to them.  We immediately filed another FOIA request for all these reports, which we have now been told the TSA has been preparing daily since 2008.

After almost two years, the TSA has finally made its first interim 4-page release of one purportedly “representative” example of these daily reports.  The TSA estimates it will take another 6 months to “process” (i.e. censor) and release the rest of these reports and the related records about them that we requested.

On May 6, 2014, according to the sample report, there were 175 calls by TSA checkpoint staff (and, we presume, TSA checkpoint contractors at airports like SFO where checkpoint searches and interrogation are outsourced) to the  “Identity Verification Call Center” (IVCC).  The report is on TSA letterhead with the address of TSA headquarters, but there is no indication of whether the IVCC is operated by the TSA itself or a private contractor.

Of the 175 calls, 25 were for “process assistance”, perhaps from checkpoint staff who didn’t know what they were supposed to do if would-be travelers showed up without ID.   There were 21 “Watch List Calls”, but none of them resulted in “Watch List Check Matches”  — apparently, 100% were false positives.  The Secure Flight requirement for airline passengers to provide their date of birth when they make reservations was supposed to cut down on  false positives, so it’s not clear why the rate is still so high. Perhaps what are being reported as “Watch List Calls” include calls based on profiling, and not just on ID-specific blacklists?  We look forward to learning more when we receive the instructions for preparing and categorizing data on these reports.

The remaining 129 calls would appear to have involved would-be travelers without ID credentials or with ID deemed unacceptable by checkpoint staff.  Of these, 120 were apparently “verified” by the process that travelers have been describing since 2008: IVCC staff pose questions by phone based on the file about the traveler maintained  by a commercial data aggregator, and decide whether the answers match those on file.

Of the nine remaining would-be air travelers with “unverified identities” according to the IVCC, six were allowed to travel and three were denied access to their flights.  The IVCC report included summaries of each of these cases.

The passenger described above was denied passage from Las Vegas to Miami because he or she “was unwilling to provide identifying information” — i.e., for exercising their right to remain silent in response to warrantless, suspicionless, administrative interrogation by TSA staff and/or IVCC contractors.

This passenger was kept off a flight from Detroit to Houston because the IVCC check of commercial data found a record “lacking identifying information”.  Does this mean that if you don’t have a file with Acxiom or whatever other data broker the IVCC is relying on, or the data broker doesn’t have enough information about you to satisfy the TSA, you are an “un-person” not entitled to exercise your Constitutional and statutory right to travel by common carrier?

This passenger was deemed “unverified” by the IVCC because the commercial database check found a record “with inconsistent responses such as Other Residents… and Names of Neighbors”.  Do you know the names of your neighbors? Do you know who Acxiom thinks are your neighbors, or thinks live at the same address as you?  In the USA, we aren’t required to register with the police when we change our residence. And an identity thief who has obtained and memorized the data in Axciom’s file about us is more likely to be able to give answers that match that file than we are.

But this passenger was allowed to fly from Philadelphia to Chicago, despite the insufficiently detailed or inconsistent profile of their cohabitants and neighbors in commercial databases.   That decision was made by the “Federal Security Director” (FSD), the head TSA staffer for the Philadelphia airport.  In another cases, the decision to allow an “unverified” passenger to fly was made by the Deputy Assistant FSD as “FSD Designee”.

There’s no indication as to how a TSA duty officer at an airport is supposed to decide whether or not to allow such a person to fly.  It’s difficult to see any way they could make such a decision other than what they think of the person’s appearance — i.e., the crudest sort of profiling.  The basis (if any) for the decision by the FSD or their designee wasn’t considered worth including in the IVCC report, although whether the incident had attracted “media attention” was always required to be reported.

The key takeaway is that the TSA wrongly regards air travel as a privilege, not a right, permission for which is required from the TSA and can be granted or denied by individual TSA staff in their “discretion”.

There’s no mention in the IVCC report of the “Certification of ID” form. This suggests that completing TSA Form 415 may be an additional requirement or request made to those whose identity is “verified” by the IVCC based on commercially brokered data, but that mere self-identification is not sufficient for TSA permission to travel.

Where can you complain if your human rights are violated?

April 8th, 2015

As we’ve been pointing out for years, the right to travel is not just a right under the First Amendment to the US Constitution (”the right of the people… peaceably to assemble”) but a human right guaranteed by an international treaty ratified by the US (”the right to freedom of movement”).

But what good is a “human right” guaranteed by international treaty if there is no independent entity to which you can complain, and which has the authority to enforce your rights?

At a minimum, what’s needed is the ability of people whose human rights have been violated by the US government to seek redress through US courts, and the ability of those courts to order the government to comply with its treaty obligations.

Given the US government’s current interpretation of many human rights treaties as not being “self-effectuating”, that would require legislation by Congress to effectuate those treaties by creating a cause of action for treaty violations and give US courts jurisdiction to hear such complaints.

That’s exactly what the UN Human Rights Committee concluded a year ago, following its periodic review of US implementation of the International Covenant on Civil and Political Rights (ICCPR):

The State party [i.e. the US] should … Taking into account its declaration that provisions of the Covenant are non-self-executing, ensure that effective remedies are available for violations of the Covenant, including those that do not, at the same time, constitute violations of U.S. domestic law, and undertake a review of such areas with a view to proposing to the Congress implementing legislation to fill any legislative gaps.

In the year since this recommendation from the UNHRC, neither the Administration nor any member of Congress has proposed such effectuating legislation for the ICCPR or any other human rights treaty.

So in the menatime, where can you turn if your human rights are violated by the US government? In 1998, President Clinton issued Executive Order 13107, directing each Cabinet-level Federal executive Department to designate a “single point of contact” responsible for ensuring that all complaints of human rights treaty violations received by that Department are responded to, and that all “matters as to which there have been non-trivial complaints” of human rights treaty violations are included in an annual inter-departmental review.

EO 13017 had no expiration date, has never been rescinded, and remains in full force and effect. As an explicit direct written order from the President, it is just as binding on Cabinet members responsible for designating these points of contact for complaints as an order from the President, in his or her capacity as Commander in Chief, is to members of the military.

Most commentators had assumed that EO 13107 was a dead letter. We took it at face value, however, and tried to get Federal agencies to fulfill their duty to establish points of contact and respond to complaints.

When our complaints were ignored, or we couldn’t figure out to whom to submit them, we made formal requests under the Freedom of Information Act for records of who — if anyone — has been designated as the “single point of contact” in the respective Departments for these complaints.

We were thus the first to discover that the Department of Homeland Security had (secretly) made such a designation. We were also the first to discover that no other Department to which we have made inquiries has any record of making the required designation of a point of contact for complaints.  Not, for example, the Department of Transportation (responsible under Federal law for ensuring the “public right of transit” by air). And not the Department of Justice or its division responsible for prosecuting human rights violators.  After almost three years, the Department of State hasn’t responded to our complaints and is still searching for records responsive to our FOIA request,  but hasn’t released any responsive records yet. They’ve told us not to expect a final response for another year.

Responses to complaints by staff of the same agencies that are the subjects of the complaints — i.e. the human rights violators themselves, or people who answer to the same bosses –  are no substitute for judicial review of administrative actions.  But publicly designating points of contact for complaints would at least create the possibility of documenting the number and nature of human rights complaints against the US government.

To this end, we have recently joined a diverse coalition of human rights and civil liberties organizations as co-signers of joint letters sent to the heads of the Department of Justice, Department of Defense, FBI, NSA, and several other agencies, calling on them to fulfill their duty, pursuant to EO 13107, to designate points of contact for complaints of human rights violations by their Departments or agencies.

We continue to believe that, as the UNHRC has recommended, Congress needs to act to effectuate these human rights treaties. But in the interim, this is a small step toward getting Federal agencies to acknowledge their human rights treaty obligations and to document and respond to complaints.

DHS continues and expands use of commercial vehicle tracking databases

April 7th, 2015

Barely more than a year after publicly cancelling a request for bids on the construction of a national database of vehicle location data compiled from commercial and government-operated license-plate reader (LPR) cameras, the DHS has quietly revealed that it is once again seeking to buy access to commercially-aggregated LPR data, and that some DHS component field offices are already doing so.

Cameras combined with optical character recognition software allow for automated logging of the license-plate number (and of course the associated time, date, plate, and direction of travel) of every passing vehicle. “Some LPR systems also capture within the image the environment surrounding a vehicle, which may include drivers and passengers,” the DHS acknowledges in its latest Privacy Impact Assessment for DHS use of commercial LPR data.

The only apparent difference between the proposal supposedly nixed in February 2014 and the plans revealed in the March 2015 PIA is that the DHS’s own LPR vehicle, driver, and passenger tracking data won’t be completely merged with LPR data from commercial sources and aggregators — at least not by the DHS itself.  The PIA describes a scheme in which the DHS will pay for query-based access to commercially-aggrgated LPR data and the ability to set flags that will generate real-time alerts to the DHS whenever license-plate numbers of interest are observed.

Only the LPR alerts and the responses to LPR queries will be retained in the DHS’s own database, but those will be kept for many years, or in some cases indefinitely.”Retention of data in ICE criminal investigative files is governed by NARA-approved retention schedules, which provide for investigative case files to be retained for at least 20 years and sometimes longer depending on the nature of the case. Immigration enforcement case files are retained in the Enforcement Integrated Database for 75 years.” License-plate reader data is also retained by DHS in the CBP Automated Targeting System. “Information maintained in ATS that is linked to an active law enforcement matter will be retained for the duration of that law enforcement matter.”

The real story, however, is hidden behind a footnote in the PIA: “This PIA does not apply to ICE’s use of LPR cameras to collect information directly, or its use of LPR databases available when its law enforcement personnel are detailed to other agencies, fusion centers, or task forces.” [emphasis added]

“Fusion centers”, “joint task forces”, and other inter-agency law enforcement operations — often involving all levels of Federal, state,, and local entities — have been black holes of government transparency and accountability.  Documents released to the ACLU in response to FOIA requests, and made public earlier this year, show that the DHS is encouraging and funding the aggregation of government and commercial LPR data by interagency and Federal-state-local fusion centers and task forces, as part of a “National LPR Initiative”.

Outsourcing the construction of a distributed national ID database to a commercial “hub” indirectly funded by DHS grants channeled through state motor-vehicle departments allows the DHS to deny that it is operating a national ID-card system.

Similarly, outsourcing the aggregation of government and commercial LPR data to fusion centers, task forces, or their contractors (indirectly funded by DHS grants to state and local participants in these joint ventures) gives the DHS “plausible deniability” as to its role in the compilation and exploitation of this dragnet surveillance system.

But the latest DHS scheme for vehicle, driver, and passenger surveillance is no better than the one the DHS was pressured to publicly disavow last year, and deserves just as strong public condemnation.

You can’t tell the travelers without a scorecard

March 31st, 2015
The TSA uses appearance profiles to decide whether to search you and/or your luggage, interrogate you, call the police, or allow you to fly. (Diagram from GAO report.)

Point scores assigned by TSA "Behavior Detection Officers" are used to decide whether to search you or your luggage, interrogate you, call the police, or allow you to fly. (Diagram from 2013 GAO report. Click image for larger version.)

The Intercept has published the scorecard used by TSA “Behavior Detection” precogs to assign points to travelers, as part of the TSA’s “SPOT” pre-crime scheme for deciding which travelers to subject more intrusive search and/or interrogation or “refer” to local police:

Whether you call SPOT and the TSA’s other pre-crime profiling programs “junk science”, “culturally biased”, or simply “unconstitutional”, it’s clear that the TSA can’t tell the terrorist travelers with or without a scorecard.

The SPOT scorecard includes pairs of, “Damned if you do, damned if you don’t,” point categories. “Avoids eye contact with security personnel or LEO [Law Enforcement Officer]“? +1 point. On the other hand, “Cold penetrating stare” or “Widely open staring eyes”? +2 points.

Disturbingly, some of the largest point values are assigned for the exercise of First Amendment rights to express opinions, ask questions, and observe what is in plain sight: “Asks the BDO [Behavior Detection Officer] security-related questions”? +3 points. “Shows arrogance and verbally expresses contempt for the screening process”? +2 points. “Scans area, appearing to look for security personnel or LEO”? +2 points.

In what appears to be flagrant discrimination against people with disabilities, anyone attempting to communicate in sign language is severely penalized: “Exhibiting hand gestures to others”? +3 points.

Part of the scorecard is broken down into “Stress”, “Fear”, and “Deception” categories. Stress and fear would seem to be natural responses to being profiled, judged, interrogated, and groped by government agents in cop-like uniforms who claim discretionary and deliberately unpredictable power to stop us from exercising our rights.  What traveler anywhere in the world doesn’t tense up when they are stopped at a checkpoint, and breathe a sigh of relief when they have made it through?

Points are also assigned for attributes having nothing to do with these factors, and which cannot lawfully be construed as constituting a reasonable basis for suspicion sufficient to justify search or detention.

Are you one of a party of, “Males traveling together who are NOT part of a family”? +1 point. Take that, pairs of traveling salesmen, and pairs of Mormon Elders on a mission! Do you appear to be a “Member of a family”?  -2 points. What’s a “family”? And how can the TSA tell?

Possession of duct tape “which the passenger has no apparent reason to possess”? +1 point. Isn’t the reason to carry duct tape that you never know for what purpose you will need it?

Cash is considered presumptively and for outbound international travelers conclusively suspicious. Possession of, “Large sum of monies leaving U.S.”, or “Large sum of monies with no apparent reason to possess”? Automatically notify a law enforcement officer.

Some of the scoring categories appear to be purely cultural or fashion bigotry: “Face pale from recent shaving of beard”? +1 point.  Others show age and/or gender bias: “Facial flushing while undergoing screening”? +1 point. So much for any woman who happens to have a hot flash at a checkpoint. “Apparent married couple with both spouses over 55 years old”? -2 points.

The Intercept quotes two unnamed former TSA “Behavior Detection Officer” managers. One says the scorecard is, “designed in such a way that virtually every passenger will exhibit multiple ‘behaviors’ that can … justify BDO interaction with a passenger. A license to harass.” Another describes the SPOT porgram as, “Bullshit. Complete bullshit.”  We couldn’t have said it better.

Smile for the camera, citizen!

March 23rd, 2015

The Department of Homeland Security is extending its photography of travelers at US border crossings, ports, and international airports from foreign nationals to US citizens entering and leaving our own country.

On January 5, 2004, under an “interim final rule” for the “US-VISIT” program effective the same day it was published in the Federal Register, agents of US Customs and Border Protection (CBP) began fingerprinting and photographing foreign visitors on their arrival and again on their departure from the US.

At first, only those foreign citizens who required visas to enter the US were given this treatment.  A few countries. starting with Brazil, took this as a sign of their “least favored nation” status with the US government, and reciprocated by photographing and fingerprinting US citizens arriving in and departing from their countries. Many other countries didn’t take things quite so far, but partially reciprocated to the extent of increasing their visa or entry fees for US visitors, or imposing new fees where entry for US tourists had been free, to match the US$135 minimum fee for a tourist or transit visa to the US for citizens of most other countries.

On August 31, 2004, under yet another “interim” rule effective the same day it was published, fingerprinting and photography at US airports and borders was extended to citizens of countries in the US “visa waiver program”.

For the third phase of expansion of US-VISIT fingerprinting and photography of border crossers, the DHS published a notice of proposed rulemaking in 2006, giving organizations and individuals a chance to object before the rules were finalized. But the numerous objections, including ours, were ignored. In December 2008, the DHS promulgated a final rule extending the fingerprinting and photography of visitors to all non-US citizens, including permanent US residents (green-card holders).

Now, without bothering to propose or finalize any new regulations, DHS has announced through a non-binding “Privacy Impact Assessment” (PIA) posted on its website that CBP is already conducting a “Facial Recognition Air Entry Pilot” program under which some unspecified fraction of US citizens entering the US by air are being required to submit to facial photography by CBP agents:

U.S. citizens with U.S. e-passports arriving at air ports of entry testing the technology may be selected to participate in the pilot at port discretion. Individuals that are selected do not have the option to opt out of this process.

Facial recognition software is being used to compare the photos to the digital photos stored on the RFID chips in US citizens’ passports, and to assign a score indicating the robot’s “confidence” that the photo in the passport and the photo taken at the airport depict the same person. “The facial recognition system is a tool to assist CBPOs [CBP officers] in the inspection process.”

The selection is supposedly random, but there is no specified limit on how large the percentage of US citizens subjected to this requirement might be:

Supervisory CBPOs (SCBPO) will set the standard for the random selection criteria and have discretion to change the criteria as needed. For example, the SCBPO may choose to select every fifth traveler but may change to every third or every seventh traveler at his or her discretion.

DHS has a history of prolonging and expanding “tests” as cover for de facto full implementation of controversial requirements. There’s nothing in this PIA to rule out the extension of the “pilot” program to nine out of ten arriving US citizens, or 99 out of 100.

Disturbingly but characteristically, DHS suggests that US citizens returning to our own country can be required to do whatever is necessary to “satisfy” CBP officers:

A person claiming U.S. citizenship must establish that fact to the examining [CBP] officer’s satisfaction [emphasis added] and must present a U.S. passport or alternative documentation as required by 22 CFR part 53. If such applicant for admission fails to satisfy the examining immigration officer that he or she is a U.S. citizen, he or she shall thereafter be inspected as an alien.

Read the rest of this entry »

Amtrak lies about police use of passenger data

March 20th, 2015

Passenger Name Record (PNR) view from Amtrak "Police GUI". (Click image for larger version.)

The first “interim” release of documents responsive to our FOIA request for records of police and other government access to Amtrak reservation data show that Amtrak is not only giving police root access and a dedicated user interface to mine passenger data for general state and local law enforcement purposes, but also lying to passengers about this, misleading Amtrak’s own IT and planning staff about the legal basis for these actions, and violating Canadian if not necessarily US law.

Our FOIA request was prompted by Amtrak’s obviously incomplete response to an earlier FOIA request from the ACLU.  That response omitted any mention  of government access to Amtrak reservation data, even though we’ve seen records of Amtrak travel in DHS files about individual  citizens obtained in response to previous Privacy Act and FOIA requests. The documents we have just received were clearly responsive to the ACLU’s request, and should have been, but weren’t, included in Amtrak’s response to that request.

Amtrak is still working on our request, but has begun providing us with responsive records as it completes “processing” of them: search, retrieval, and redaction. (Amtrak is even further behind in responding to some other FOIA requests, such as this one for certain disciplinary records related to misconduct by Amtrak Police.)

The first “interim” release to us by Amtrak includes just a few documents: a 2004 letter from US Customs and Border Potection (CBP) to the Amtrak Police legal department, requesting “voluntary” provision by Amtrak to CBP of Advanced Passenger Information System (APIS) identification data about all passengers on international Amtrak trains, and a 2004-2005 project summary and scoping document for the work that would be required by Amtrak’s IT department to automate the collection, maintenance in Amtrak’s “ARROW” passenger reservation database, and delivery to CBP of this data.

Read the rest of this entry »

Appeals court hears argument on appeal by “Freedom Flyer” Phil Mocek

March 18th, 2015

A three-judge panel of the 10th Circuit US Court of Appeals heard oral arguments in Denver yesterday on the lawsuit brought by “Freedom Flyer” Phil Mocek against the TSA checkpoint staff and Albuquerque police responsible for falsely arresting him and trying to delete his audio and video recordings in retaliation for his trying to exercise his Constitutional rights to travel by air without carrying government-issued ID documents, and to film and record the TSA’s “ID verification” process for flyers without ID.

Mr. Mocek was able to recover his audio and video recording after the police returned his camera when they let him out of jail. On the basis of that recording, Mr. Mocek was acquitted by an Albuquerque jury of all of the trumped-up criminal charges.

After his acquittal, Mr. Mocek filed a Federal civil rights lawsuit against the TSA, the Albuquerque police department, and the individual TSA employees and ABQ airport police responsible for violating his rights.

Mr. Mocek’s lawsuit was dismissed, before it could go to trial, by US District Court Judge James Browning in Albuquerque, who ruled that Mr. Mocek had “failed to state a claim on which relief could be granted.”

The issue in rulings like this is not whether the plaintiff (Mr. Mocek) has proven his case, or what the judge believes actually happened. Those are issues for a jury to decide, after hearing the evidence presented in a trial. A motion to dismiss can be granted only if — even assuming that everything the plaintiff says in the complaint can be proven to be true — those facts would not be sufficient to constitute a basis for a finding that the plaintiff’s legal rights have been violated.

That’s what is now being considered by three judges of the 10th Circuit Court of Appeals (Presiding Judge Timothy Tymkovich and Judges  Neil Gorsuch and Jerome Holmes), and that was argued before them on Tuesday morning in Denver by lawyers representing Mr. Mocek, the TSA and its employees, and the city of Albuquerque (on behalf of the Albuquerque police department, its airport division, and its employees).

[Official audio recording by the court in downlaodable podcast and streaming formats.]

Clearly there are problems with the Albuquerque Police Department which might call for oversight or corrective action by the Federal courts. Five cases, all of them appeals from decisions of the US District Court for New Mexico, were argued on Tuesday before the 10th Circuit panel that heard argument in Mocek v. Albuquerque et al. Of those five cases, three were lawsuits against the Albuquerque police, under the same Federal civil rights statute as in Mr. Mocek’s case, for a variety of violations of individuals’ Constitutional rights by the police department and its officers.

In many respects, all of these appeals concerned the limits of legal liability, and the corresponding limits of impunity, for actions by government agencies and agents that violate individuals’ rights.

Read the rest of this entry »

“Naked American Hero” goes to court

March 16th, 2015

John Brennan, the “Naked American Hero” who took off all his clothes at a TSA checkpoint at the Portland, Oregon airport, will finally have his day in a Federal court more than three years later.

Mr. Brennan was (falsely) arrested by Portland city police, acting at the behest of the TSA checkpoint staff, on April 17, 2012.  He was acquitted of criminal charges by a local judge, since nudity as a form of political expression has been held to be protected by Oregon’s state constitution.

But the TSA assessed a $500 administrative fine against Mr. Brennan for “interfering with screening”, notwithstanding both the Oregon court’s finding that his action was form of protected political expression and the fact that he never interfered with anyone at the TSA checkpoint. It was the TSA staff who chose not to search Mr. Brennan’s clothes after he took them off, not to complete his “screening” once they could see that he wasn’t carrying any weapons or explosives, and to shut down the entire checkpoint.

The TSA’s administrative decision to fine Mr. Brennane followed a kangaroo-court administrative hearing (held in a courtroom rented for the day from the US Bankruptcy Court), a decision by a so-called Administrative Law Judge (not actually a judge, but a DHS staff person rented from the US Coast Guard), and an administrative appeal to a TSA decision-maker designated by the head of the agency.

Throughout these administrative proceedings, the TSA and other DHS staff were forbidden to consider the Constitutionality or validity of the TSA’s regulations or actions.  Only after jumping through three years of these hoops is Mr. Brennan entitled to have a real judge of a real court assess whether the TSA acted lawfully or had any authority to impose a fine for actions such as Mr. Brennan’s.

In an effort to frustrate even this belated judicial review, Congress requires that it be conducted by a Federal Circuit Court of Appeals, based on “deference” to the TSA and the TSA-supplied “administrative record” rather than an actual trial or any fact-finding by the Court of Appeals. (Our Freedom of Information Act request for the administrative record of the TSA’s proceedings with respect to Mr. Brennan is still pending and unanswered after almost two years.) But the Court of Appeals can now finally, at this stage, consider Constitutional and other objections to the legality of the TSA’s actions.

On November 14, 2014, Mr. Brennan filed a petition with the 9th Circuit Court of Appeals for that court to review the TSA’s order assessing a $500 fine against Mr. Brennan. The case in the 9th Circuit is John Brennan v. US DHS and TSA, docket number 14-73502.  Mr. Brennan is represented in the 9th Circuit by Michael Rose of Portland, the same attorney who successfully defended Mr. Brennan against the state and local criminal charges.

On March 2, 2015, Mr. Brennan’s attorney filed his brief asking the Court of Appeals to void the TSA fine, making the arguments he wasn’t allowed to make in the TSA administrative proceedings regarding the unconstitutional vagueness and other defects in the TSA’s regulations and actions.  Mr. Brennan’s brief was accompanied by excerpts from the TSA administrative record, although most of that record continues to be improperly withheld from disclosure by the TSA despite our FOIA request.

Following a written response from the DHS and TSA (the government has already asked for, and been granted, an extension of time), and a written reply from Mr. Brennan, the 9th Circuit will decide whether to schedule oral argument or make a decision solely on the basis of the written arguments.

Mr. Brennan is continuing to pay for his own legal representation. There’s more information here about how you can contribute to his legal defense and help spread the word about his case.