TSA Announces Plans To Subject Domestic Travelers To Biometric Screening

TechDirt Logo

As promised/threatened, the DHS is moving forward with expanded use of biometric scanning at airports, including facial recognition and fingerprint matches. What was touted as a way to combat international terrorism and illegal immigration will now include those on the home front, as the tech spreads to include US citizens on domestic flights. But the TSA doesn’t see this as an unwanted incursion into the lives of innocent citizens. Instead, it pitches it as a useful tool to speed up security screening at TSA checkpoints.

The TSA expects paying customers to foot the bill for the expansion — the same citizens it’s been selling civil liberties back to for years. From the TSA’s “roadmap” for expanded biometric screening:

Yes, the paying members of the TSA’s Pre✓ program will be the first to “enhance” their “travel experience” by feeding their faces into a database the TSA controls, using tech prone to erroneous conclusions. Other travelers won’t be able to opt out of biometric screening, however. They’ll just be subject to the non-enhanced travel experience where TSA and CBP officers ask a long series of invasive questions and infer suspicious behavior on the part of travelers who bypass the biometric kiosks.

It’s true that traveling in the US has always been a “papers, please” experience. But prior to the 9/11 attacks, this simply meant presenting a ticket before boarding. Now, it’s everything about everybody, no matter how useless this information is 99.9% of the time. Rather than move towards smarter screening methods, the TSA has decided to subject everyone to the same level of screening with the same arbitrary rules stemming from airborne attacks the TSA failed to prevent.

The TSA pitches this as a paperless airport, but it’s really just another way for the government to compile a massive database of identifying info and of citizens’ movements. The DHS likes to talk about its 96% accuracy target, but has released no information about actual accuracy in test runs, so concerns about false positives/negatives aren’t going away anytime soon.

The government has responded in the worst way to terrorist attacks in the US. It has made freedom of movement a hassle — one that diminishes Constitutional protections and turns every traveler into a potential suspect.

Source: TSA Announces Plans To Subject Domestic Travelers To Biometric Screening

TSA Launches “Invasive” Pat-Downs With “More Intimate Contact Than Before”

The TSA is introducing “more rigorous” and “comprehensive” physical inspections at airports around the country, according to Bloomberg. The security agency, which until now had the option of using five different types of physical pat-downs in the screening line, is eliminating the “options” and replacing them with a single, universal method which would involve heavier groping.

The Transportation Security Administration made the announcement to its agents this week, and in the case of Denver International Airport employees, advised employees and flight crews on Thursday that the “more rigorous” searches “will be more thorough and may involve an officer making more intimate contact than before.”

Continue reading: TSA Launches “Invasive” Pat-Downs With “More Intimate Contact Than Before”

U.S. Marshals Scan Retinas of Airline Passengers

“Two U.S. Marshals, heavily armed and dressed in dystopian-style black regalia, stood next to an upright machine with a glowing green eye. Every passenger, one by one, was told to step on a mat and look into the green scanner. It was scanning our eyes and matching that scan with the passport …

It’s one thing to control who comes into a country. But surveilling and permissioning American citizens as they leave their own country, even as they are about to board, is something else.”

Continue reading: Welcome Aboard, But First US Marshals Will Scan Your Retina – By FEE’s Jeffrey Tucker

I’ll never bring my phone on an international flight again. Neither should you.

A few months ago I wrote about how you can encrypt your entire life in less than an hour. Well, all the security in the world can’t save you if someone has physical possession of your phone or laptop, and can intimidate you into giving up your password.

And a few weeks ago, that’s precisely what happened to a US citizen returning home from abroad.

On January 30th, Sidd Bikkannavar, a US-born scientist at NASA’s Jet Propulsion Laboratory flew back to Houston, Texas from Santiago, Chile.

On his way through through the airport, Customs and Border Patrol agents pulled him aside. They searched him, then detained him in a room with a bunch of other people sleeping in cots. They eventually returned and said they’d release him if he told them the password to unlock his phone.

Bikkannavar explained that the phone belonged to NASA and had sensitive information on it, but his pleas fell on deaf ears. He eventually yielded and unlocked his phone. The agents left with his phone. Half an hour later, they returned, handed him his phone, and released him.

We’re going to discuss the legality of all of this, and what likely happened during that 30 minutes where Bikkannavar’s phone was unlocked and outside of his possession.

But before we do, take a moment to think about all the apps you have on your phone. Email? Facebook? Dropbox? Your browser? Signal? The history of everything you’ve ever done — everything you’ve ever searched, and everything you’ve ever said to anyone — is right there in those apps.

“We should treat personal electronic data with the same care and respect as weapons-grade plutonium — it is dangerous, long-lasting and once it has leaked there’s no getting it back.” — Cory Doctorow

How many potentially incriminating things do you have lying around your home? If you’re like most people, the answer is probably zero. And yet police would need to go before a judge and establish probable cause before they could get a warrant to search your home.

What we’re seeing now is that anyone can be grabbed on their way through customs and forced to hand over the full contents of their digital life.

Companies like Elcomsoft make “forensic software” that can suck down all your photos, contacts — even passwords for your email and social media accounts — in a matter of minutes. Their customers include the police forces of various countries, militaries, and private security forces. They can use these tools to permanently archive everything there is to know about you. All they need is your unlocked phone.

“If one would give me six lines written by the hand of the most honest man, I would find something in them to have him hanged.” — Cardinal Richelieu in 1641

What’s the worst thing that could happen if the Customs and Border Patrol succeed in getting ahold of your unlocked phone? Well…

  • Think of all of the people you’ve ever called or emailed, and all the people you’re connected with on Facebook and LinkedIn. What are the chances that one of them has committed a serious crime, or will do so in the future?
  • Have you ever taken a photo at a protest, bought a controversial book on Amazon, or vented about an encounter with a police officer to a loved one? That information is now part of your permanent record, and could be dragged out as evidence against you if you ever end up in court.
  • There’s a movement within government to make all data from all departments available to all staff at a local, state, and federal level. The more places your data ends up, the larger a hacker’s “attack surface” is — that is, the more vulnerable your data is. A security breach in a single police station in the middle of nowhere could result in your data ending up in the hands of hackers — and potentially used against you from the shadows — for the rest of your life.

Wait a second. What about my fourth and fifth amendment rights? Isn’t this illegal?

The fourth amendment protects you against unreasonable search and seizure. The fifth amendment protects you against self-incrimination.

If a police officer were to stop you on the street of America and ask you to unlock your phone and give it to them, these amendments would give you strong legal ground for refusing to do so.

But unfortunately, the US border isn’t technically the US, and you don’t have either of these rights at the border.

It’s totally legal for a US Customs and Border Patrol officer to ask you to unlock your phone and hand it over to them. And they can detain you indefinitely if you don’t. Even if you’re a American citizen.

The border is technically outside of US jurisdiction, in a sort of legal no-man’s-land. You have very few rights there. Barring the use of “excessive force,” agents can do whatever they want to you.

So my advice is to just do whatever they tell you, to and get through customs and on into the US as quickly as you can.

The US isn’t the only country that does this.

It’s only a matter of time before downloading the contents of people’s phones becomes a standard procedure for entering every country. This already happens in Canada. And you can bet that countries like China and Russia aren’t far behind.

“Never say anything in an electronic message that you wouldn’t want appearing, and attributed to you, in tomorrow morning’s front-page headline in the New York Times.” — Colonel David Russell, former head of DARPA’s Information Processing Techniques Office

Since it’s illegal in most countries to profile individual travelers, customs officers will soon require everyone to do this.

The companies who make the software that downloads data from your phones are about to get a huge infusion of money from governments. Their software will get much faster — maybe requiring only a few seconds to download all of your most pertinent data from your phone.

If we do nothing to resist, pretty soon everyone will have to unlock their phone and hand it over to a customs agent while they’re getting their passport swiped.

Over time, this unparalleled intrusion into your personal privacy may come to feel as routine as taking off your shoes and putting them on a conveyer belt.

And with this single new procedure, all the hard work that Apple and Google have invested in encrypting the data on your phone — and fighting for your privacy in court — will be a completely moot point.

Governments will have succeeded in utterly circumventing decades of innovation in security and privacy protection. All by demanding you hand them the skeleton key to your life — your unlocked phone.

You can’t hand over a device that you don’t have.

When you travel internationally, you should leave your mobile phone and laptop at home. You can rent phones at most international airports that include data plans.

If you have family overseas, you can buy a second phone and laptop and leave them there at their home.

If you’re an employer, you can create a policy that your employees are not to bring devices with them during international travel. You can then issue them “loaner” laptops and phones once they enter the country.

Since most of our private data is stored in the cloud — and not on individual devices — you could also reset your phone to its factory settings before boarding an international flight. This process will also delete the keys necessary to unencrypt any residual data on your phone (iOS and Android fully encrypt your data).

This way, you could bring your physical phone with you, then reinstall apps and re-authenticate with them once you’ve arrived. If you’re asked to hand over your unlocked phone at the border, there won’t be any personal data on it. All your data will be safe behind the world-class security that Facebook, Google, Apple, Signal, and all these other companies use.

Is all this inconvenient? Absolutely. But it’s the only sane course of action when you consider the gravity of your data falling into the wrong hands.

If you bother locking your doors at night, you should bother securing your phone’s data during international travel.

This may upset Customs and Border Patrol agents, who are probably smart enough to realize that 85% of Americans now have smart phones, and probably 100% of the Americans who travel internationally have smart phones. They may choose to detain you anyway, and force you to give them passwords to various accounts manually. But there’s no easy way for them to know which services you use and which services you don’t use, or whether you have multiple accounts.

We live in an era of mass surveillance, where governments around the world are passing terrifying new anti-privacy laws every year.

“Those who are willing to surrender their freedom for security have always demanded that if they give up their full freedom it should also be taken from those not prepared to do so.” — Friedrich Hayek

With a lot of hard work on our part, enlightenment will triumph. Privacy will be restored. And we will beat back the current climate of fear that’s confusing people into unnecessarily giving up their rights.

In the meantime, follow the Boy Scouts of America Motto: always be prepared. The next time you plan to cross a border, leave your phone at home.

Source: I’ll never bring my phone on an international flight again. Neither should you.

TSA Busted in Massive $100M, 40k lb Cocaine Smuggling Conspiracy

In a case highlighting the infiltration of the Transportation Security Administration (TSA) by transnational criminal organizations, twelve current and former TSA officers and airport staff were indicted for allegedly trafficking over 20 tons of cocaine — worth over $100 million — into the U.S. over a 28-year time frame.

Last Wednesday, a federal grand jury returned an indictment against the twelve defendants, who are charged with conspiracy to possess with intent to distribute cocaine.

From 1988 to 2016 the conspirators allegedly smuggled about 40,000 pounds, or twenty tons, of cocaine through Luis Muñoz Marín International Airport in San Juan, Puerto Rico, and into the United States, according to the DOJ.

The DOJ press release detailed how the massive trafficking operation allegedly worked.

“These individuals were involved in a conspiracy to traffic massive quantities of illegal narcotics to the continental United States,” said Rosa Emilia Rodríguez-Vélez, U.S. Attorney for the District of Puerto Rico. “These arrests demonstrate the success of the AirTAT initiative, which has successfully allocated a dedicated group of state and federal law enforcement officers, whose mission is to ensure that our airports are not used in the drug traffickers’ illicit businesses.”

Defendants Edwin Francisco Castro, Luis Vázquez-Acevedo and Ferdinand López are alleged to have operated as facilitators between drug trafficking organizations and the TSA employees who smuggled the cocaine into the airplanes. Defendant Miguel Ángel Pérez-Rodríguez, an airport security company employee, was a source of supply of cocaine to the drug trafficking organization, according to the superseding indictment.

Not surprisingly, this is the second such bust of TSA officials in only 2 years for transporting massive amounts of cocaine.

In November 2015, three former TSA agents were indicted on charges of defrauding the government and smuggling cocaine.

According to the indictment, 35-year old Joseph Scott, 32-year-old Michael Castaneda, and 27-year-old Jessica Scott, all former TSA agents at San Francisco International Airport, were involved in an ongoing operation to help transport drugs through airport security.

Still feel safe with the TSA protecting the nation’s airports?

Excerpted from: TSA Busted in Massive $100 Million, 40,000 lb Cocaine Smuggling Conspiracy

Another Travel Ban: IRS Moves To Revoke Passports For Unpaid Taxes

President Trump’s executive order on travel may be generating big protests, but an IRS missive on travel and passports may not go down too well either. More than a year ago, in H.R.22, Congress gave the IRS a new weapon to collect taxes. Tax code Section 7345 is labeled, “Revocation or Denial of Passport in Case of Certain Tax Delinquencies.” The law isn’t limited to criminal tax cases, or even cases where the IRS thinks you are trying to flee. The idea of the law is to use travel as a way to enforce tax collections. It was proposed and rejected in 2012. But by late 2015, Congress passed it and President Obama signed it.

Now, over a year later, the IRS has finally released new details on its website. If you have seriously delinquent tax debt, IRS can notify the State Department. The State Department generally will not issue or renew a passport after receiving certification from the IRS. The IRS has not yet started certifying tax debt to the State Department. The IRS says certifications will begin in early 2017, and the IRS website will be updated to indicate when this process has been implemented.

Shutterstock

Here is the new information from the IRS. Seriously delinquent tax debt is an individual’s unpaid, legally enforceable federal tax debt totaling more than $50,000 (including interest and penalties, but subject to an inflation adjustment) for which:

  • A notice of federal tax lien has been filed and all administrative remedies under IRC § 6320 have lapsed or been exhausted or
  • A levy has been issued

Some tax debt is not included in determining seriously delinquent tax debt even if it meets the above criteria. It includes tax debt:

  • Being paid in a timely manner under  an installment agreement entered into with the IRS
  • Being paid in a timely manner under an offer in compromise accepted by the IRS or a settlement agreement entered into with the Justice Department
  • For which a collection due process hearing is timely requested in connection with a levy to collect the debt
  • For which collection has been suspended because a request for innocent spouse relief under IRC Section 6015 has been made

Before denying a passport, the State Department will hold your application for 90 days to allow you to:

  • Resolve any erroneous certification issues
  • Make full payment of the tax debt
  • Enter into a satisfactory payment alternative with the IRS

There is no grace period for resolving the debt before the State Department revokes a passport.

Taxpayer Notification. The IRS is required to notify you in writing at the time the IRS certifies seriously delinquent tax debt to the State Department. The IRS is also required to notify you in writing at the time it reverses certification. The IRS will send written notice by regular mail to your last known address.

Reversal Of Certification. The IRS will notify the State Department of the reversal of the certification when:

  • The tax debt is fully satisfied or becomes legally unenforceable.
  • The tax debt is no longer seriously delinquent.
  • The certification is erroneous.

The IRS will provide notice as soon as practicable if the certification is erroneous. The IRS will provide notice within 30 days of the date the debt is fully satisfied, becomes legally unenforceable or ceases to be seriously delinquent tax debt. A previously certified debt is no longer seriously delinquent when:

  • You and the IRS enter into an installment agreement allowing you to pay the debt over time.
  • The IRS accepts an offer in compromise to satisfy the debt.
  • The Justice Department enters into a settlement agreement to satisfy the debt.
  • Collection is suspended because you request innocent spouse relief under IRC Section 6015.
  • You make a timely request for a collection due process hearing in connection with a levy to collect the debt.

The IRS will not reverse certification where a taxpayer requests a collection due process hearing or innocent spouse relief on a debt that is not the basis of the certification. Also, the IRS will not reverse the certification because the taxpayer pays the debt below $50,000.

Judicial Review. If the IRS certified your debt to the State Department, you can file suit in the U.S. Tax Court or a U.S. District Court to have the court determine whether the certification is erroneous, or the IRS failed to reverse the certification when it was required to do so. If the court determines the certification is erroneous or should be reversed, it can order reversal of the certification.

IRC Section 7345 does not provide the court authority to release a lien or levy or award money damages in a suit to determine whether a certification is erroneous. You are not required to file an administrative claim or otherwise contact the IRS to resolve the erroneous certification issue before filing suit in the U.S. Tax Court or a U.S. District Court.

Payment of Taxes. If you can’t pay the full amount you owe, you can make alternative payment arrangements such as an installment agreement or an offer in compromise and still keep your U.S. passport. If you disagree with the tax amount or the certification was made in error, you should contact the phone number listed on Notice CP 508C. If you’ve already paid the tax debt, please send proof of that payment to the address on the Notice CP 508C. If you recently filed your tax return for the current year and expect a refund , the IRS will apply the refund to the debt and if the refund is sufficient to satisfy your seriously delinquent tax debt, the account is considered fully paid.

Passport Status. If you need to verify whether your U.S. passport has been cancelled or revoked, you should contact the State Department by calling the National Passport Information Center at 877-487-2778. If you need your U.S. passport to keep your job, once your seriously delinquent tax debt is certified, you must fully pay the balance, or make an alternative payment arrangement to keep your passport. Once you’ve resolved your tax problem with the IRS, the IRS will reverse the certification within 30 days of resolution of the issue.

Travel. If you’re leaving in a few days for international travel and need to resolve passport issues, you should call the phone number listed on Notice CP 508C. If you already have a U.S. passport, you can use your passport until you’re notified by the State Department that it’s taking action to revoke or limit your passport. If the Secretary of State decides to revoke a passport, the Secretary of State, before making the revocation, may—

  • Limit a previously issued passport only for return travel to the United States; or
  • Issue a limited passport that only permits return travel to the United States.

If your passport is cancelled or revoked, after you’re certified, you must resolve the tax debt by paying the debt in full, making alternative payment arrangements or showing that the certification is erroneous. The IRS will notify the State Department of the reversal of your certification within 30 days of the date the tax debt is resolved.

Source: Another Travel Ban: IRS Moves To Revoke Passports For Unpaid Taxes

Documents Reveal TSA Research Proposal To Body-Scan Pedestrians, Train Passengers

“As early as 2006, the Department of Homeland Security has been planning pilot programs to deploy mobile scanning units that can be set up at public events and in train stations, along with mobile x-ray vans capable of scanning pedestrians on city streets.”

Source: Documents Reveal TSA Research Proposal To Body-Scan Pedestrians, Train Passengers