EU follows USA on surveillance of travellers

In a "race to the bottom" on protection of the right to travel and of travellers' privacy, the European Union is following the lead of the USA in mandating the construction -- in part through the use and conversion of existing travel industry systems -- of a comprehensive infrastructure of surveillance of travellers.

The recent adoption of these measures compelling collection and provision to governments of Advanced Passenger Information (API) data, and inclusion of digitized fingerprints and other biometric data on passports and in passport databases, fulfill the stated Strategic Goal of the USA Department of State for fiscal year 2005:

• "Opinions by the public and political leadership in Europe and Eurasia soften on USG [U.S. Government] use of PNR."
  
  
• "Ensure access to PNR data for border and passenger screening on a global basis."

Statewatch has details on the background to the directive that went into effect 5 September 2004, requiring airlines operating international flights arriving in EU member countries to collect specified Advance Passenger Information (API) data -- a more narrowly and precisely defined data set than complete Passenger Name Records (PNR's), although API data typically included some data that would not otherwise be included in PNR's -- and provide it to the government of the destination country before the flight arrives.

And this week the EU Council of Ministers voted to a approve a proposal (which will now be re-submitted to the European Parliament for its "consultation" with the Council) to require a digitized fingerprint image on all new EU passports and in a central passport database. Statewatch has more details on the background to the current Council proposal.

The Council proposal would copy current USA law in requiring that the biometrics be encoded on the passport in a format consistent with ICAO Document 9303 . If, as is expected, ICAO formalizes its blueprint for biometric/RFID passports as an amendment to Document 9303, this will mean that all EU passports will be required, like future USA passports , to include a secretly and remotely readable unencrypted RFID chip.

Pelosi begs my question on the draft

Tonight's live national call-in simulcast on Link-TV and Pacifica Radio, FAQs: The Politics of the Draft , seems to have been intended much more as a forum for Democratic Party electioneering than as a way to elicit actual answers to any of the Frequently-Asked Questions about the draft .

But it did give me a chance to ask the House Minority Leader, who is also the person who claims to represent my district in Congress, why she, Senator Kerry, and the other Democrats haven't actually done anything to put their purported oppostion to the draft into effect.

Here's the exchange, in full, beginning at 8:45 of the audio/video stream (MS-Windows Media):

Peter Laufer [moderator]: Now we can say hello to Edward. Edward is in San Francisco, which is appropriate for our first call. Welcome to the program, and say hello to Congresswoman Pelosi.

Edward Hasbrouck: Hello, Representative Pelosi.

Nancy Pelosi [U.S Representative from San Francisco, and House Minority Leader]: Good evening, Edward.

Edward Hasbrouck: Hi. I was one of the 20 nonregistrants who were picked out [for prosecution] as draft resistance organizers in the early 1980's. I spent 6 months in a Federal prison camp for refusing to agree to fight on the side of the people who would become the Taliban and Al Qaeda, who were the people we were then backing in Afghanistan. And it seems to me that the current debate about the draft has been oddly detached from the reality of ongoing draft registration , which President Bush could end with the stroke of a pen, which Senator Kerry could have introduced legislation to end, or could have pledged to issue a proclamation ending on [his] Inauguration Day. My question for you as my Representative from here in San Francisco, and more broadly to the Democratic leadership, is why you have not called the Republicans' bluff, and put the pressure on them to actually end draft registration and abolish the Selective -- ?

Peter Laufer: That's a terrific question. Let me stop you there just for a second there, Edward, so that we can get the response from the Congresswoman.

Nancy Pelosi: Well, I'm not unsympathetic to your point of view, Edward. It is necessary for us to have a force. And I think most young people don't realize that when they become 18 years old they are under law required to sign up for the draft -- uh, not for the draft but under the Selective Service. I think this is something that we should subject to some scrutiny to see why this is still necessary and why there's a penalty if you don't. I mean, it can be held against you in your college applications, your job applications and the rest. So I think it's a debate that we should have as a country. Long before the draft was over I was opposed to the draft, so you know, I'm not, again, unsympathetic to your point of view that, I guess, you want to eliminate the Selective Service System altogether, or at least the mandatory sign-up. But, I think it's worthy of attention.

Peter Laufer: Thank you, Edward, for bringing that up, and thank you for the call....

The only mention of draft registration or draft resistance was my question and Rep. Pelosi's response, as above. (There was no mention at all of the possibility of a draft of health care workers .) Luke Hiken from the National Lawyers Guild's Military Law Task Force, who was in the studio, gave an excellent presentation about the strength of the legal challenges to the "stop-loss orders", the illegality of the current war(s), and so forth.

Pelosi's "not unsympathetic" and "worthy of attention" response isn't exactly a statement of support, but it goes beyond anything I've heard from a national leader in either party since draft registration was reinstated in 1980, and indicates the window of opportunity we have right now to lobby against draft registration and Selective Slavery.

ATA Airlines is bankrupt

ATA Airlines (also known as "American Trans Air") has joined United Airlines, US Airways, and Hawaiian Airlines (and other airlines in countries other than the USA) in bankruptcy.

I've updated my FAQ about Airline Bankruptcies accordingly. I like the service on ATA Airlines -- genuinely unpretentious yet efficient -- and I've flown more often with them than on any other airline on trips within the USA in the last few years. But I won't be buying any more tickets for ATA flights as long as they are bankrupt.

Possible extension of the misleadingly reassuring but largely useless to consumers Federal law governing acceptance of tickets on bankrupt airlines remains bogged down in debates over other provisions the "intelligence" (surveillance) bill to which it has been attached.

[Addendum: More of my comments on airline bankruptcies from the travel section of the New York Times , Pracrtical Traveler: Navigating Turbulent Skies , 10 October 2004.]

"Registered Terrorists"

Even the business travellers on whom the USA Transportation Security Administration (TSA) had undoubtedly counted for support of the TSA's Registered Traveler scheme -- one prong, along with Secure Flight as the other, of the bifurcated reincarnation of the CAPPS-II airline passenger surveillance, profiling, and monitoring system -- are turning against traveller registration as they relaize, not just its unfairness, but how it would make them and all travellers less secure.

Here's the latest in this vein from David Meyer, editor-in-chief of Business Travel News:

Editorial: Bush Administration Lacks Airline Security Leadership
(Business Travel News, 25 October 2004)

... Lately, a good deal of energy and expense is being put into
creating a two-tier screening system that would expedite travel
for frequent travelers willing to submit to pre-screening. The
idea is to cut lines and hassle for those who register, but it
doesn't make good sense, when it comes to security, for
screeners to give less scrutiny to registered travelers who
could be registered terrorists.

It certainly doesn't make sense to compromise the security of
all for the convenience of a few, particularly when that
convenience amounts to little more than leaving the grandmother
and grandchildren in the longer line so the businessman can get
on the same plane a few minutes faster.

Creating E-ZPass lanes for frequent travelers is conceptually
appealing to the business traveler, but compromises security.

Travel advice from Neal Stephenson

In the course of a long interview on Slashdot (particularly worth reading for Stephenson's perceptive typology of writers), Neal Stephenson was asked by a fan of his "travel novels" whether he has any "Travel tips for modern primitives?" and "Do you carry any sort of self-defense means in some places?" I like his response:

The best "self-defense means" when you are surrounded by a hundred million people of some other culture is to avoid dangerous places and figure out some way to get along with the folks around you.

Robert Young Pelton on "The Practical Nomad"

Robert Young Pelton (author of The World's Most Dangerous Places ), devotes his column this month in National Geographic Adventure magazine to, "the top five secrets ... that guidebook publishers don't want you to know about their products." In no particular order, but starting with, "(1) They're outdated."

His advice? "Tired of clinging to that guidebook like it's a security blanket? Try reading something that tells you how to appreciate the art of travel rather than how to spend money." And he lists The Practical Nomad: How to Travel Around the World as one of "ten insightful travelogues that will inspire rather than dictate."

Pelton's right about the time it takes to produce a guidebook (yes, even with modern technology), and the other items on his list), but wrong that it's something guidebook publishers don't want you to know. I've said the same thing in public talks, with representatives of my publisher in the audience -- and they were pleased to hear me tell travellers that they should understand that most current editions of regularly-updated guidebooks are based on research done two to three years ago. That's not a reason not to buy a guidebook, but it's something good guidebook publishers want you to know, and to factor in when using a guidebook to plan your trip (allow for change) or your travel budget (allow for inflation).

Rick Steves on the value of travel

Travel can help mend a fractured world (USA Today, 17 October 2004)

For many Americans, the critical question in this election season is, "How can we make America safer in the world?"

Call me a girly man, but I think -- given the fact that Americans are outnumbered 20 to 1 on this planet -- we'd be safer by better understanding our world. A great first step is to travel -- thoughtfully.

If Americans traveled more, we'd better understand our place on this complex planet and fit in more comfortably. And eventually, perhaps, we wouldn't need to spend as much as the rest of the world combined on our military to feel safe....

Comments on "Secure Flight" testing and data dump

The public comment period on testing of the the proposed Secure Flight airline passenger surveillance and monitoring system intended as part of the replacement for CAPPS-II , and on a proposed order to airlines based in the USA to turn over all PNR's from June 2004 flights, closed today.

My own comments and comments to the TSA and to the OMB that I co-signed with several privacy and civil liberties organizations are, I presume, among a blizzard of last-minute filings with the USA Transportation Security Administration (TSA) and the Office of Management and Budget (OMB), which are supposed to review them before acting on the TSA proposals.

In practice, the proposed "Secure Flight" testing order would require the June 2004 reservation archives to be turned over to the TSA this Friday, 29 October 2004, leaving little time for any menaingful review of the public comments if a decision is to be made by then. And the TSA has asked the OMB to approve their proposed order on an "emergency" basis, to which I, and no doubt others, have objected.

Here are the abstract and conclusions of my comments :

Abstract: (1) The proposed system of records and the information collection request described in these Notices: are contrary to the recommendations in the final report of the 9/11 Commission; (2) would unconstitutionally burden and chill the exercise of the right to assemble guaranteed by the First Amendment; (3) are barred by multiple provisions of the Privacy Act of 1974 and the Airline Deregulation Act of 1978; and (4) are not authorized by any of the statutes claimed in the Notices as their authority. (5) The Notices are inaccurate, incomplete, and fail to provide several of the notices required by the Privacy Act. (6) Maintenance of the proposed system of records would constitute a criminal violation of the Privacy Act on the part of each officer or employee of any agency maintaining the system of records. (7) The TSA has failed to conduct the assessments required by the Airline Deregulation Act of 1978, the Aviation and Transportation Security Act of 2001, the Regulatory Flexibility Act of 1980, and the Unfunded Mandates Reform Act of 1995. (8) The TSA has failed to conduct the assessments, or satisfy the criteria for emergency clearance by the OMB, required by the Paperwork Reduction Act. (9) In order to comply with the proposed orders, airlines and the Computerized Reservation Systems (CRS's) that host their PNR databases would have to cease operating flights to or from, or accepting reservations from, the European Union, at a cost of billions of dollars a year.

Conclusions: For all of the reasons stated in the comments above, I request (1) that the proposed system of records not be created, and the system of records notice be formally withdrawn by the TSA or DHS, (2) that the proposed information collection order not be issued, and the notice of emergency clearance request be formally withdrawn by the TSA or DHS, (3) that the request for an emergency certification and clearance be denied by the OMB, and (4) that, unless the proposals are immediately and publicly withdrawn, immediate action be taken to prevent the proposed criminal violations of the Privacy Act.

Here are links to some of the detailed comments filed with the TSA, in addition to several hundred briefer comments, amost all form individuals oppsed to Secure Flight (comments filed with the OMB are not available online, except those copied to the TSA or placed online by the commenters):

• Edward Hasbrouck
• Air Transport Association (questions and requests for clarification)
• Air Transport Association (comments)
• American Library Association, Consumer Action, Edward Hasbrouck, Electronic Frontier Foundation, Fairfax County [VA]Privacy Council, Privacy Rights Clearinghouse, PrivacyActivism, and World Privacy Forum (comments to the TSA)
• Electronic Frontier Foundation, Fairfax County [VA] Privacy Council, Edward Hasbrouck, Privacy Rights Clearinghouse, PrivacyActivism, and World Privacy Forum (comments to the OMB)
• Electronic Privacy Information Center (comments to the TSA)
• Electronic Privacy Information Center (comments to the OMB)
• American Civil Liberties Union and Privacy International
• Business Travel Coalition
• National Business Travel Association
• American Conservative Union
• Adam Shostack
• John Gilmore
• Tom Ciccateri
• Matthew Belmonte

[Last updated 9 November 2004 to add links to additional comments.]

Approbation and Ignominy

BOSTON, Oct. 22 [The New York Times] -- In the wake of the death of a Red Sox fan hit by a police pepper-spray weapon after the team's playoff victory, Boston officials are imposing restrictions on the bars around Fenway Park.... A police officer fired the pepper-spray weapon, striking 21-year-old Victoria Snelgrove, a college student, in the eye, which caused her death several hours later....

At least one expert, Melvin L. Tucker, a criminal justice and security consultant from Morristown, Tenn., who is a former police chief, said that the pepper-spray guns are "less than lethal" weapons designed to be fired at the ground or at a person's chest or lower, so that the plastic balls will break open and send a cloud of pepper spray into a person's face, causing burning and stinging that should stop the person's actions but should not kill.

"...Either ... the equipment was used not in accordance to training or the manufacturer's recommendation or it was inaccurate in the way it was fired," said Mr. Tucker.... "The protocol is you don't shoot if you're going to hit the person in the head or neck area because that can be lethal, as it was in this case."

The death of Ms. Snelgrove, a journalism student at Emerson College, has cast a cloud on the euphoria over the Red Sox victory and prompted some people to accuse the police of overreacting in trying to control the crowds.

Danielle Kotzias, 22, a classmate of Ms. Snelgrove, said, "The people who were supposed to protect us in that crowd, the police, used quote-unquote nonlethal weapons -- those nonlethal weapons killed my friend.''

The weapons were bought by the police department for the Democratic National Convention this summer but were not used then.

Compounding the typical, and predictable, irony of weapons bought to "protect us against terrorism" being used, in the event, not to protect us but to kill --literally -- our celebration and joy, this all took place just after midnight on October 22nd -- a day which since, 1996, has been an annual National Day of Protest to Stop Police Brutality, Repression, and the Criminalization of a Generation .

Here's what my mother, Marguerite Helen, wrote today from Massachusetts:

On October 22, 2004, the Red Sox -- Boston's home baseball team, New England's home team -- won the American League pennant. They won amazingly, in the seventh game; in the fourth straight win after being down three; against the team regarded (at least, by Bostonians) as winning more than their share over the years. It caused not just celebration but an explosion of joy and exhilaration. It gave us both a respite and hope, in a time when the whole world is in the midst of despair and destruction and war. The pride and joy of the team and its fans are well deserved and cannot and should not ever be regarded as anything less.

Older folks, like us, waited, holding our breath, until after the last out, and then filled and clicked glasses in a small, celebratory toast. Younger folks spilled out into the streets, as young folks have always done, leaping and shouting and hugging and gloating. We saw them on our TV screen. And we saw a line of cops in ninja suits marching towards the happy crowd. We heard a shot. The camera instantly moved away.

A cop had fired "nonlethal, crowd-control ammunition" into the revelers. He had hit a 21-year-old woman, a local student and a local resident who had grown up in this Red Sox territory, and he had killed her.

Why were barriers not put around the spot on the street where she fell, so that mourners could come to pray; to leave flowers and notes? Why have the police commissioner, the officer in charge of that night's work, the policeperson who shot her, and anyone in between who might be held responsible not been fired? Why has the Massachusetts legislature not called for the resignation or impeachment of the mayor and the governor? (The commander-in-chief is ultimately responsible, just as George W. Bush is for Abu Ghraib.) Why did the police and the Red Sox not immediately offer an honor guard for the funeral of the victim? And why have not fans been asked by the Red Sox to wear black arm bands at the World Series games, as the players will?

None of these things have happened. Last night, we were shown a well dressed crowd of city and state officials, team owners and managers, and others considered to be at the top and the heart of the victory at what was described as an elegant party at the Kennedy Library. The Kennedy Library. Host to a celebration of an assassination.

The police commissioner announced that the police took "full responsibility". I don't think that is any comfort to Victoria Snelgrove's father, shown supported by others, tearfully holding up a picture of her and saying that among many other things she had always been such a Red Sox fan.

The mayor announced that there would be No Drinking during the World Series. Really? There were still liquor ads on the network between innings of the first Series game. People still have liquor in their houses if they want to drink. And had the cops been drinking before they went out, as they too often do, looking for a truly warlike riot?

Young people, especially, have always joined in sometimes raucous celebrations. It used to be called "sowing their wild oats". My father-in-law and his buddies liked to rock the trolley cars on which they rode to make them fall off the tracks. One night every spring, my husband and hordes of his fellow college students burst from their dorms and filled the streets. They held a "panty raid" at my school. (One year, one man actually got into a dorm and then didn't know what to do with himself). We threw underwear out the windows. I forgot that my piece had a laundry name tag on it, and I was told that it was tacked, with other such bounty, onto a bulletin board in a men's dorm. A few cops came and parked at the edges of the melee, just in case. Tales were told with glee, like that of one student casually leaning on a cop car, talking with a cop to distract him while others flattened the car's tires. Eventually, the students got it out of their systems and went back to their dorms and the cops left. No one was even attacked, much less shot at.

Bostonians cannot think and speak only of the warmth and excitement of their team's triumph. They must accept great shame. Not shame for the Red Sox or for their fans. Shame for the city. Shame for the cops, for all cops in this nation, and for those who order them to be trained for such acts of terrorism and to exercise them. Shame that we are not just an example of superlative playing and accomplishments but also of good, of support for each other and those who represent us. Shame for representing the real terrorists.

My son suggested that a win this year of the World Series by the Sox would be a special present for me, with my end-of-October birthday. It would be an unbeatable and unforgettable victory. A great gift. A sweet revenge for one who was at that fateful seventh game Series loss to the Cardinals too many years ago. I hope that it happens. If it does, I will relish it; if it does not, I will still rejoice in this year's pennant win.

But October 22nd? For victory and victim, a day always to remember.

[Addendum, 26 October 2004: Eyewitness account by Russ Stein (Boston Independent Media Center); Death of a Fan by Dave Zirin (Counterpunch)]

Red Sox Nation

It was actually happening. The nerd was kissing the homecoming queen. Paper was beating scissors; scissors were beating rock. Charlie Brown was kicking the football. The Red Sox were beating the Yankees for the American League pennant. [Tyler Kepner, The New York Times]

[Updated Thursday, 21 October 2004, to add the quote from this morning's New York Times]

The Amazing Race 6 broadcasts to start Tuesday, 16 November 2004

I haven't been able to get confirmation yet from CBS-TV, and all television schedules are always subject to change... but TV Guide and several other publications are now reporting that The Amazing Race 6 will be broadcast on CBS in the USA on Tuesday nights beginnging 16 November 2004.

I've posted a tentative broadcast schedule based on this starting date.

Assuming that nothing else has changed, and that there are 13 legs of the race, with two of them broadcast in a single program the final week, and that none of the broadcasts are preempted by holiday or other programming, that would put the finale of The Amazing Race 6 on Tuesday, 1 February 2005.

[Update, 27 October 2004: The CBS-TV Web site for The Amazing Race 6 has been updated to show the 16 November 2004 broadcast start date as well as profiles of the cast members.]

"Expats make better citizens of the world"

You might have noticed a recent addition to the sidebar of my blog: a link to the LivingAbroadInCostaRica.com Web site of my friend and fellow travel writer Erin Van Rheenen.

Erin was the series editor for Moon Travel Handbooks and my editor for the second edition of "The Practical Nomad: How to Travel Around the World" at Avalon Travel Publishing (ATP) before leaving to move to Costa Rica and eventually write the new Living Abroad In Costa Rica guidebook published last month in ATP's Adapter Kit series. You might have seen her recently on CNN, talking about Costa Rica as well as general issues in relocating overseas.

I've had wonderful relationships with all my editors at ATP, and Erin has a great deal to do with the improved design and usability of the more recent editions of "The Practical Nomad: How to Travel Around the World" (although, I, of course, remain fully to blame for its failings).

Today Erin has a great op-ed column about expatriotism -- particularly directed to those in the USA who are thinking of moving abroad if "the War President" is re-elected -- in an English-language Costa Rican Newspaper, A.M. Costa Rica :

A personal view:
Expats make better citizens of the world

Come Nov. 3rd, how will you be feeling? Proud to be an American, or ready to dust off that dream of living abroad?

Some people are threatening to leave the country if the election doesn't go their way. We've heard it before, but this time more people seem to be saying it, and they appear to be in earnest....

Whether it's Costa Rica or another country, living abroad is an idea whose time has come. In the past three decades the number of Americans living abroad has more than quadrupled from about 70,000 in 1966 to around 4 million in 1996....

If more Americans lived abroad (and eventually returned, as most do), we'd have a country of people with a more global perspective, a country of people who have seen first hand how the rest of the world views the U.S. We'd have a critical mass of citizens who know that the U.S. can't be the big daddy bully of the world, how we need allies, not just people who tremble and curse when they see us coming. For what it's worth, a recent Zogby poll found that U.S. citizens with passports support Kerry over Bush, 58 percent to 35 percent.

Come to think of it, maybe anyone who wants to lead this country needs to have living abroad on his or her resume -- preferably for a year or more, and in one of the so-called developing countries. And no, being CEO of a multinational corporation that rebuilds the countries we tear town does not count.

(Erin Van Rheenen will be in Costa Rica in November but will cast her vote by absentee ballot. )

Military draft becomes a campaign issue

Military conscription has become an issue in the Presidential campaign -- even though neither Bush nor Kerry has done anything to put their claimed opposition to the draft into action.

Campaigning around the draft includes television ads being broadcast this week, Web-based appeals to student voters , an ad in the New York Times today raising questions about the draft from students, and a media campaign by Vietnam veterans and others.

But as New York Times columnist Paul Krugman points out today in Feeling the Draft , the issue isn't whether Bush or Kerry claims to oppose a draft, but what they are actually likely to do, after the election, if the military can't get enough of the soldiers they want, with the skills they want, without a draft.

Will they then support a draft? Or will they limit or reduce the size of the military, and adjust their military policy to respect the limits imposed on it, and on them, by the (un)willingness of the people to fight the Pentagon's and the White House's wars?

The reality, as is gradually becoming more widely recognized, is that today's young people (not to mention health care workers ) are even more opposed to the draft than the Vietnam generation. Results of a poll commissioned by Newsweek and released yesterday found that 29% of young voters would resist a draft . As the song says, "It's up to you not to heed the call-up.... You don't have to act the way you were brought up."

An editorial yesterday by the Philadelphia Daily News calls on Bush to end registration and Selective Service , and asks exactly the right question: "If we don't need a draft, why have registration?"

[Addendum, 23 October 2004: Another newspaper in swing-state Pennsylvania joins the editorial call: "The Bush administration could put the wild rumors to rest -- and save taxpayers nearly the $30 million a year it costs to administer the Selective Service?s draft registration program -- by asking Congress to terminate draft registration. If Democrats really are worried about a renewed draft, then they should agree to fast-tracking the necessary legislation."]

If he's really ruling out a draft, Bush could end draft registration today, with the stroke of a pen, by Presidential proclamation. But he hasn't done so. As a U.S. Senator, Kerry could have, and still could, introduce or endorse legislation to abolish the Selective Service System and eliminate Presidential authority to order registration. But he hasn't done so.

The Republicans who control the agenda in Congress, who have been complaining that questions about whether they might enact a draft after the election are unjustified, and who were able to bring a meaningless bill for reinstatement of the draft to a vote and defeat in a matter of days, could have, and still could, bring a bill to abolish the SS and eliminate authority for registration to a vote, and passage, just as quickly. But they haven't done so.

Any of these things could still happen before the election, if the public demands that the candiates suit their actions to their claimed positions on the draft. We'll see if that happens, or if the "debate" about the draft remains limited to partisan posturing.

The fact that health care workers would be the first to be drafted is also beginning to get some notice. The New York Times , quoting some of the sources they found through my FAQ on Health Care Workers and the Draft , has a long feature today, U.S. Has Contingency Plans for a Draft of Medical Workers .

Since they weren't available anywhere else online (they were published in 1989, and the Federal Register isn't available in electronic form that far back), I've scanned and posted the Selective Service System's Proposed regulations for the Health Care Personnel Delivery System (HCPDS), including the complete list (on the last page of the proposed regulations) of more than 60 job categories potentially subject to the draft under the HCPDS.

RFID passport data won't be encrypted

Contrary to what I wrote yesterday , the identification and biometric (digital photograph) data on RFID passports in the USA will not be encrypted. Jay Stanley of the ACLU's Technology and Liberty Program describes what they were told in a briefing by Frank Moss, USA Deputy Assistant Secretary of State for Passport Services and director of the State Department's Bureau of Consular Affairs:

Digital signature technology would be used to ensure that the information on the chip has not been altered. A State Department private key would be used to encrypt a hash of the information on the chip. The private keys would be retained in utmost secrecy in the basement of the State Department where they do all their encryption. The public keys would be shared with ICAO so that, e.g. a German control officer could look them up to verify authenticity of a passport.

No harm could be done with the public keys; they could even be posted on a Web site. The public key can be used to verify that e.g. this passport was signed using the Sate Department's private key for every passport issued in San Diego from January 2005 to August 2005. But you can't use the public key to then create a signature on a fraudulent document. And the public key is not used to access the data on the document -- that is wide open -- it is used only to verify the authenticity of the passport.

I think I didn't grasp this, even when I read the draft ICAO specifications, because it was, and is, so astonishingly, over-the-top, unsafe and vulnerable to criminal abuse that I couldn't believe it. But this is the way it is planned.

It also becomes clear on rereading the proposed ICAO standards and the USA government contract proposal (RFP), that the signature -- the one thing other than the photograph actually used to authenticate someone using a passport, particularly for financial purposes like cashing a check, sending or receiving money, or opening a bank account -- will be the one major element of the passport not digitally encoded at all (and thus not amenable to authentication through the hash or its digital signature).

So an identity thief, using only the data secretly and remotely obtainable from your passport, will be able -- without ever having actually seen you or your passport -- to create a perfectly valid-seeming passport, with a valid encrypted and properly signed digital hash, with your photograph but a signature in their handwriting.

Such a document is the holy grail of identity thieves, organized criminals, money launderers, and, or course, terrorists.

All they have to do is place an RFID reader somewhere a lot of travellers will pass nearby, record the data of each passport that comes within reading distance (up to 30 feet -- 9 meters -- with current readers although that will likely increase with future reader technology), and look through the captured images later, at their leisure, until they find one with a photo that comes close enough to their appearance for them to be able to impersonate. They can create the physical photo for the forged passport from the digital data secretly and remotely read from the RFID chip.

Then they can choose, depending on their document forging ability, to create either (1) an RFID passport with a bitwise copy of the chip (organized criminals already use similar techniques to clone mobile phone SIM cards), (2) a non-RFID passport (these will likely remain in use for up to a decade, the validity period of current standard USA passports), or (3) a non-RFID passport or identity document of another country. This last choice might be the preferred tactic, since a document with a different nationality would be less likely to produce "collisions" with the real identity that would bring the identity theft to the victim's notice.

(It's common for people born in the USA to be citizens of, and carry passports of, other countries, so this last type of passport would attract no suspicion at all. Irish passports would probably be forgers' first choice, since they permit visa-free movement within the European Union and are the European passport most commonly held by people born in the USA. Or they might pick some other passport that happens to be especially easy to forge.)

Or they could choose to use the data from the RFID chip (including date and state of birth, the starting point to getting a birth certificate and finding out your mother's maiden name) to obtain or produce some other type of identity document. But why bother, when they could conduct their money laundering, open terrorist bank accounts, buy and use airline tickets, etc. with a properly digitally-signed and authenticated fake passport with a signature in their handwriting -- but in your name or the name of some other innocent victim?

This makes it imperative, if you are forced to obtain or carry an RFID passport, always to keep it in a tin-foil sleeve or envelope, and never to take it out without first demanding conclusive proof that the person requesting to inspect it is making a binding lawful demand to do so. When you do display it, try to get as far as possible away from all other people or anywhere an RFID reader might be concealed, and try to keep the foil wrapped around the passport as much as possible, to reduce the range of directions and angles from which it is exposed to radio reading.

The crucial issue for technical self-defense will be whether a passport cover can be produced that is transparent to visible light, but opaque to the frequencies used by RFID transponders. Stay tuned -- I'll report anything I hear about such an identity theft protection device for travellers. Let's hope one is available by next spring, when the first USA citizens, other than gevernment employee guinea pigs, start being issued with RFID passports.

There's more on the risks of RFID chips in passports and other identity documents from Barry Steinhardt of the ACLU (the final interview, beginning at 32:48 of the broadcast) and others on National Public Radio's "Talk Of The Nation" earlier this week, recorded the day before the RFID passport contract announcement.

Time to get a new USA passport

Contracts were awarded today to Axalto and three other teams of vendors for the addition of secretly and remotely-readable radio-frequency identification (RFID) chips embedded in the photo and information page (inside front cover) of all new USA passports.

In accordance with the timeline in the Request For Proposals , the winning bidder was required to have built test kits on spec, in order to be prepared to deliver them to the State Department within one day of being awarded the contract, i.e. by tomorrow. Test sample passports must be delivered within 10 days, and testing will be conducted over the next three weeks.

The first RFID passports valid for actual use will be produced in a pilot program limited to the State Department passport office in Washington, DC, and limited to the special (maroon cover) passports issued to Federal government employees, with the first such RFID passports to be issued by mid-December 2004. The first regular (blue cover) RFID passports will be issued "at a single, domestic passport agency no later than Spring 2005," with the RFID passport issuance equipment deployed thereafter to all other USA passport agencies.

"It is expected that all newly issued, full-validity, United States passports will have embedded inlays (IC/antenna assembly in a protective plastic envelope) by the end of calendar 2005."

In testimony to Congress during a hearing on RFID chips on Flag Day, 14 July 2004 , Barry Steinhardt of the ACLU described government tracking as, "The most frightening use of RFID chips":

Most troubling of all are proposals to incorporate RFID tags into government identity documents.

RFIDs would allow for convenient, at-a-distance verification of ID. RFID-tagged IDs could be secretly read right through a wallet, pocket, backpack, or purse by anyone with the appropriate reader device, including marketers, identity thieves, pickpockets, oppressive governments, and others. Retailers might add RFID readers to find out exactly who is browsing their aisles, gawking at their window displays from the sidewalk -- or passing by without looking. Pocket ID readers could be used by government agents to sweep up the identities of everyone at a political meeting, protest march, or Islamic prayer service. A network of automated RFID listening posts on the sidewalks and roads could even reveal the location of all people in the U.S. at all times.

This may sound far-fetched, and I hope that it stays that way. But if we at the ACLU have learned anything over the past decade, it is that seemingly distant privacy invasions that sound right out of science fiction often become real far faster than anyone has anticipated. I give you this scenario as something that I think most Americans would agree is something that should be avoided, and yet is now entirely possible as far as the technology that is available to us. That means that our future is now going to be decided by policy.

Congress has, however, already mandated by law that USA passports contain whatever RFID, biometric, and other devices and data are recommended by the standards of the International Civil Aviation Organization (ICAO), and has pressured other countries to enact these standards into their laws as well.

ICAO spokesperson Denis Chagnon has not responded -- despite several conversations in which he has promised to do so -- to repeated requests over the last three months for comment on when ICAO would make its official decision on whether to adopt the requirement for an RFID chip (referred to in ICAO document 9303 as a "contactless integrated circuit") as an ICAO standard, or whether ICAO had engaged in any discussions with any privacy or civil liberties organizations or any of the signers of the joint Open Letter to ICAO from Privacy International and other groups requesting such dialogue and opportunity for participation in ICAO decision-making.

As Bruce Schneier and other security experts have pointed out, RFID chips in passports serve no security purpose, only a surveillance purpose. In an op-ed article last month in the International Herald Tribune , Schneier wrote:

Unfortunately, RFID chips can be read by any reader, not just the ones at passport control.... [A]nyone with a reader can learn that information, without the passport holder's knowledge or consent. It means that pickpockets, kidnappers and terrorists can easily -- and surreptitiously -- pick Americans or nationals of other participating countries out of a crowd.

It is a clear threat to both privacy and personal safety, and quite simply, that is why it is bad idea. Proponents of the system claim that the chips can be read only from within a distance of a few centimeters, so there is no potential for abuse. This is a spectacularly naïve claim. All wireless protocols can work at much longer ranges than specified. In tests, RFID chips have been read by receivers 30 feet -- 9 meters -- away. Improvements in technology are inevitable.

Security is always a trade-off. If the benefits of RFID outweighed the risks, then maybe it would be worth it. Certainly, there isn't a significant benefit when people present their passport to a customs official. If that customs official is going to take the passport and bring it near a reader, why can't he go those extra few centimeters that a contact chip -- one the reader must actually touch -- would require?

The Bush administration is deliberately choosing a less secure technology without justification. If there were a good offsetting reason to choose that technology over a contact chip, then the choice might make sense.

Unfortunately, there is only one possible reason: The administration wants surreptitious access themselves. It wants to be able to identify people in crowds. It wants to surreptitiously pick out the Americans, and pick out the foreigners. It wants to do the very thing that it insists, despite demonstrations to the contrary, can't be done.

Normally I am very careful before I ascribe such sinister motives to a government agency. Incompetence is the norm, and malevolence is much rarer. But this seems like a clear case of the Bush administration putting its own interests above the security and privacy of its citizens, and then lying about it.

You could keep an RFID passport in a tin-foil envelope, but because the RFID chip will be embedded in the photo page, it will be exposed for reading whenever you have to display your passport for visual inspection: checking into a hotel, cashing a travellers check, exchanging foreign currency, checking in for an airline flight, etc.

The data on the RFID chip will not be encrypted. [I got this wrong in my initial version of this article. See my follow-up article for more on the lack of encryption, and what it means.] Only a digital "hash" of the data will encrypted and digitally signed by the issuing agency (the USA government), using keys supplied by ICAO under a a no-bid contract with the USA Government Printing Office (GPO).

Eevn if it were encrypted (which it won't be, under the current contract) the data readable from the chip will constitute a unique personal identification number, which will be entered into each such passport holder's Acxiom or Choicepoint file the first time they display their passport during a transaction with a company that shares data with Acxiom or Choicepoint. And if the passport isn't kept in an RF-protective envelope or sleeve, it will be vulnerable to being read, and the location and time and circumstances (such as which other passports are nearby) of the reading sent to and logged by these or other data aggregation companies, not just when it is displayed but each time you pass through a doorway equipped with a hidden reader.

The State Department's passport offices would be swamped if they required the replacement of all outstanding passports with RFID passports, so that isn't likely to be required. Current passports will probably remain valid, although holders of non-RFID passports will probably be given second-class treatment at immigration control, required to stand in longer lines like those who don't have Registered Traveler credentials.

Still, it's worth a little extra time at airports and border crossings to avoid carrying a tracking chip broadcasting your identity to anyone querying it by radio, enabling the creation of a lifetime data trail of your movements around the world.

New regular USA passports are valid for 10 years, and you can still get one without an RFID chip through at least the end of the year. I'll be getting a new passport before the end of this year, even though my current passport doesn't expire for several more years, in order to have a non-RFID passport valid as far into the future as possible. If you value your safety and privacy, and are a citizen of the USA, you should too.

[Correction, 15 October 2004: This article has been updated to correct my error in the intial version of the article on the (lack of) encryption of the data on the RFID chip. See my follow-up article for more on the lack of encryption, and its significance.]

USA airports and TSA adopt Israeli-style profiling

By the end of this month, USA Transportation Security Administration (TSA) agents at two or more airports in the northeastern USA (presumably Boston's Logan International Airport, IATA code BOS, and at least one other as yet unnamed airport) are preparing to start Israeli-style profiling, stops, and questioning of airline passengers on the basis of appearance and behavior, according to reports in Time magazine and elsewhere.

After two weeks, there's still been no official announcement or confirmation by the TSA or airports of the "SPOT" ("Screening of Passengers by Observation Techniques") program, but neither has there been any denial of the news stories. I can't confirm the SPOT stories, but I find them highly credible.

The Time report on the TSA tactic refers to the "racially-neutral profiling program in place at Boston's Logan Airport, on which it is based." But as I've discussed previously, Logan's program uses "appearance" or "behavioral" profiling as euphemisms for Israeli-style ethnic and racial stereotyping. The scheme is the product of Massport and Mass. State Police consultant and former Ben-Gurion Airport (TLV) security director Rafi Ron, who also apparently advised the MBTA in their warrantless searches of Massachusetts transit passengers, starting shortly before the Democratic Convention in Boston.

Ron retired from his job with the Israeli Airports Authority just before 11 September 2001, and started his new career as a freelance consultant just a few weeks later in Boston. Ron has been the leading advocate in the USA of collecting additional data on airline passengers as a tool to assist human, rather than robotic profiling, and has based his consulting career on his claimed skill at uncovering would-be terrorists through review of data collected about them in advance, combined with visible attributes (mainly visible race and ethnicity) and personal "interviews" (interrogations).

The one time I met Ron at an airline industry conference, he sneered -- quite literally -- at my question of whether concerns for civil liberties would justify any limitations on measures which might otherwise, to any degree, reduce the risk of terrorism. Anyone who would even ask such a question, he said dismissively, clearly doesn't understand the situation we are in -- we are at war, and can afford no limits on the tactics of war.

The TSA may want to claim that its employees can be given discretion to detain and question people on the basis of "suspicious appearance" without risk that their biases will lead them to find some racial and ethnic identifiers of appearance more "suspicious" than others. But other supporters of these schemes are more honest about their intentions: the primary reason to authorize "profiling" by appearance and behavior is to provide a legitimizing rubric for ethnic and racial stereotyping and discrimination.

Richard Pipes, for example, in an op-ed article in the Jerusalem Post , cites the TSA's SPOT program as putting into practice the views of Philadelphia talk-show host Michael Smerconish , who has declared himself an expert on aviation security and the need for racial and ethnic profiling and discrimination. According to Pipes:

Smerconish writes, "We're fighting a war against young Arab male extremists, and yet our government continues to enforce politically correct 'random screening' of airline passengers instead of targeting those who look like terrorists."

He calls for a change in policy: "Logic dictates that airport security take a longer, harder look at individuals who have ethnic, religious, nationality, and appearance factors in common with the Islamic extremist Middle Eastern men who have initiated war against us."

This is a step in the right direction.

The TSA will, I presume, respond to any challenges to this new (and clearly illegally and unconstitutional discriminatory) profiling scheme by claiming simultaneously (1) that it isn't based on race or ethnicity (possibly true on its face, but unlikely as applied), (2) that agents will be able to apply it without unconsciously falling into ethnic or racial profiling (not a credible likelihood for anyone familiar with the history of racism and bigotry of the Mass. State Police, the first to use these tactics), and (3) that they can't disclose the profiling criteria, to prove that they aren't explicitly racist or ethnically biases, because to do so would reveal sensitive security information (i.e would-be terrorists might figure out, "Oh, no: I fit the profile as a South Asian. I better change my skin color before I try to hijack an airplane."). It will be interesting to see how well that argument holds up in response to a Federal civil right lawsuit.

Bush, Kerry, Nader respond to questions on the draft

Three of the Presidential candidates -- Bush, Kerry, and Nader -- have responded in writing today to questions about the military draft posed by young voters in an online debate.

Unfortunately, the questions and answers failed to address the real issues of whether there will be a draft.

There was no statement from any of these three candidates along the lines of, "I will issue (I am issuing) a proclamation exercising my power as President immediately to end draft registration," or "I will propose to Congress (I am proposing to Congress) legislation to abolish the Selective Service System."

Nor did any of these three candiates mention a draft of health care workers -- the (false) assumption behind both the questions and the answers is that the only draft to consider is a general cannon-fodder draft of young people.

(Oddly, neither the Green Party nor Libertarian Party candidates were given the opportunity to participate, despite the facts that an online debate doesn't need to impose any time or space limitation, that the Libertarian party is on the ballot in almost every state -- many more states than Nader--, and that the Green Party got more votes than any other party except the Republicans and Democrats in the 2000 presidential election.)

Senate votes to reassure, but not protect, holders of tickets on bankrupt airlines

In addition to the provisions for identification, surveillance, and control of travellers which I discussed in an earlier article, the version of the the National Intelligence Reform Act of 2004 (S. 2845) adopted by the Senate last week includes an amendment introduced by Sen. Ron Wyden of Oregon that would extend for another year, though 18 November 2005, the present law requiring other USA-based airlines flying the exact same route (if there are any, which on many routes there aren't) to transport holders of tickets on airlines that cease service (if they can prove they had tickets, which most holders of electronic tickets won't be able to do, since e-mail confirmations are trivially easy to forge, and not proof of anything), if they have unsold seats available (which they might not have for many days or in mnay cases weeks if a major airline shuts down), for a fee.

As I've been explaining in my FAQ about Airline Bankruptcies (as quoted at some length last Sunday in the New York Times travel section) and elsewhere, this law was enacted in response to lobbying by the air travel industry after 11 September 2001, in order to restore confidence so that people would be willing to resume buying tickets in spite of (well-founded, as it has turned out) fears that airlines might go bankrupt. The purpose of the law was to reassure consumers, not to protect them, and especially not to require airlines to do anything that would have any significant cost or risk.

I think this law serves more to give travellers a false sense of security than to give them any meaningful protection. Rather than being extended, it should be allowed to expire -- and replaced with a requirement that airlines give ticket purchasers, who are in effect making interest-free loans to the airlines, the same security interest in their planes and other assets as is given to other lenders .

Coalition opposes restrictions on travel freedom and privacy

Congressional debate on bills purporting to "implement the recommendations of the 9/11 Commission" has bogged down in disputes between the different bills passed by the House and the Senate, and over their provisions to legalize in the USA what is being called, in Orwell-speak, extraordinary rendition , by which is meant deporting, extraditing, or simply kidnapping people to send them to countries where they are likely to be tortured .

As discussed in my analysis of an earlier Senate bill, S. 2774 , none of these bills can properly be described as measures to implement the 9/11 Commission report . In particular, they all are directly contrary to the Report's final overall "Recommendation: The burden of proof for retaining a particular governmental power should be on the executive, to explain (a) that the power actually materially enhances security and (b) that there is adequate supervision of the executive's use of the powers to ensure protection of civil liberties. If the power is granted, there must be adequate guidelines and oversight to properly confine its use."

The bills passed by the Senate on 6 October 2004, S.2845, the "National Intelligence Reform Act of 2004", and by the House of Representatives on 8 October 2004, H.R.10, the, "9/11 Recommendations Implementation Act", have much more in common than the minor differences between them that have now been referred to a House-Senate conference committee. Both bills go far beyond the earlier McLain-Lieberman bill, S. 2774, in their proposed encroachments on civil liberties, including the rights of travellers.

The bill passed by the House is perhaps the more explicit of the two bills in its provisions for identification and surveillance of travellers.

Subtitle A, Section 3001 of the House bill would make it "unlawful for any citizen of the United States to depart from or enter, or attempt to depart from or enter, the United States unless the citizen bears a valid United States passport". Among other effects, this would eliminate passport-free travel to and from Canada and Mexico by USA citizens. Perhaps more importantly, it directly violates Article 13, clause (2), of the United Nations' Universal Declaration of Human Rights , which recognizes that, "Everyone has the right to leave any country, including his own, and to return to his country," with no mention of passports. Passports were originally intended as a device to facilitate travel, and should not be turned into a requirement for, or a means to restrict, travel.

Subtitle B of the House bill, "Identity Management Security", would establish an integrated national birth, death, and identity registry and de facto national identity document system. To the extent these identity credentials would be required for domestic travel within the USA, that requirement would appear to violate Article 13, clause (1) of the Universal Declaration of Human Rights: "Everyone has the right to freedom of movement and residence within the borders of each state," again with no mention of required credentials.

Subtitle C, "Targeting Terrorist Travel", would actually target all travellers. In particular, Section 3081 would require a study of the possible "Creation of a database containing information on the lifetime travel history of each foreign national or United States citizen who might seek to enter the United States or another country at any time."

These proposals for identification, surveillance, and control of travellers have promoted an unprecedented response: a joint letter sent to Congress on 4 October 2004 by more than 40 USA and international organizations constituting "a broad and diverse coalition of state and national organizations who actively support privacy, civil liberties and immigration rights."

Perhaps more than any other document to date, this coalition letter indicates the extent to which, over the last 18 months, travel has come to be recognized as a core issue for privacy, civil liberties, data protection, and surveillance:

Identification Requirements and Limits on Travel -- ... [W]e oppose actions taken in response to the Commission Report that would create a national identification system in word or effect. The integration of secure identity cards with interconnected databases raises substantial privacy risks that will require new legislation and new forms of oversight. Privacy enhancing techniques that minimize the collection and use of personally identifiable information should also be considered. Significant errors have been found in both the no-fly watchlists and the automatic selectee system. This is a particularly serious problem for U.S. persons who travel within the United States. Recent reports that a U.S. Senator and Member of Congress were detained due to these passenger screening measure begs the question, "how are ordinary citizens faring?"

Federal law should expressly prohibit profiling of citizens or groups based on race, citizen's country of origin, ethnicity or religious beliefs. We support efforts to target individuals who may be carrying weapons or materials that threaten the safety of air travel. This is a more effective security technique than profiling or data mining. When considering the application of biometric features into identification documents, Congress should consider their privacy and civil liberty implications. There should be an independent evaluation of how best to operate these screening systems and still safeguard basic rights.

A properly designed identification systems or travel systems to ensure security of the borders should not provide the basis for routine identification within the United States. Therefore we caution against the establishment of travel checkpoints within the United States that would require individuals to prove their identity to gain access to public transportation. Such proposal would conflict with our basic rights to freedom of movement and civil liberties. Furthermore, citizens who do not possess these documents should not be barred from travel, access to federal benefits, or be denied any citizenship rights.

The recognition by such a broad coalition of the right to travel as a core element of a free people and a free society is a milestone to celebrate. Now it's time to build on this consensus by moving from the defense of our rights as travellers against attacks like the present Congressional initiatives, to the advancement of travellers' right through the introduction and enactment of an affirmative Federal travel privacy law applicable to airlines, CRS's , and other travel companies as well as the government.

TSA revives dormant air transport industry advisory panel

The largely-dormant Transportation Security Advisory Committee to the USA Transportation Security Administration (TSA), which was originally established by the TSA's predecessor, the Federal Aviation Administration (FAA) of the Department of Transportation (DOT), met on 30 September 2004 for the first time in 10 months.

The interval was pretty typical, although the all-day meeting was not: the ASAC usually has met for an hour or two, once or twice or year. You might expect that meetings of an advisory committee would consist mostly of discussions among the members, or their questioning of and reports to the agency they are supposed to advise. But it usually works the other way around: the agenda for the latest ASAC meeting consisted mainly of a series of prepared presentations to the "advisors" by TSA staff.

Topics of those presentations included TSA-industry collaboration in international initiatives for surveillance and tracking of travellers , the TSA's vision for building security and surveillance systems into the infrastructure of the Airport of the Future , and proposals by the TSA for two new ASAC working groups: one to assess the operational and economic impacts to the entire US Commercial Aviation System resulting from proposed security improvements , and a Secure Flight Privacy/IT Working Group (see slide 9) whose goals would be to:

• Provide secure forum for the exchange of ideas and discussion within the framework of existing rules and policies
• Provide TSA/DHS officials access to persons with key knowledge and expertise on a continuing basis
• Provide an objective and independent assessment of the technical and privacy oriented parameters that are the basis for Secure Flight design and present findings
• Build public understanding, trust, and confidence in the new system and its implementation.

Establishment of a joint TSA-industry impact assessment group is an important and positive, if long overdue, step by the TSA. In public testimony to Congress and in interviews with me, on and off the record, representatives from all three major segments of the industry -- airlines, CRS's , and travel agencies -- have described increasing frustration at the TSA's insistence, despite its ignorance of airline reservation procedures, in spurning the industry's standing offers to work with the TSA, rather than be forced to oppose proposals made in ignorance of their feasibility, cost, or other implications. Industry dialogue and consultation isn't a substitute for public dialogue and consultation, but in the case of an agency as clueless about its real-world area of authority as the TSA and especially the TSA Office of National Risk Assessment (ONRA), it would be a positive step.

The so-called "privacy" working group would be a different story. According to the presentation to the ASAC by TSA Privacy Officer Lisa Dean and ONRA Director Justin Oberman, the real purpose of the working group would be to "meet" several externally imposed (and, past TSA behavior makes clear, internally opposed and resisted or ignored) obligations:

TSA PROPOSAL TO ASAC

Establishment of ASAC Secure Flight Privacy/IT Working Group meets:

• Congressional statutory requirement for Privacy & IT Oversight
• TSA internal planning, and
• GAO report standards as defined in, "Aviation Security: Computer-Assisted Passenger Prescreening System Faces Significant Implementation Challenges" (GAO-04-385, February 2004).

In reality, such a working group of the ASAC would meet none of these goals.

First, the ASAC is not a privacy organization , and has no privacy expertise. All but two of the 27 ASAC members represent government or industry organizations, none of which have a focus on privacy or civil liberties. The only two passenger representatives on the ASAC are the "Victims of Pan Am Flight 103" (a legitimate but obviously special-interest organization, which has never mentioned privacy) and the International Airline Passengers Association (IAPA), which defines itself as an organization of "frequent business travelers" offering "privileges and benefits" such as negotiated discounts. It doesn't claim to represent ordinary air travelers, and its Web page on passenger advocacy mentions neither privacy nor civil liberties.

Second, the ASAC has no oversight authority. By definition, as a Federal advisory committee, the ASAC can only make recommendations to the TSA, and only on such topics, and to such an extent, as its input is solicited by the TSA. It cannot take any action -- not even to issue a report on a particular issue of concern -- on its own initiative, and it has no "enforcement" power.

The attempt in the presentation to the ASAC by Justin Oberman (ONRA) and Lisa Dean (TSA) to represent the TSAC, or a sub-group of its membership, as something that could "meet" any statutory or other requirement for oversight or input on privacy or civil liberties is clearly an attempt to defraud whomever is their intended audience for these claims.

The proposal for a working group of the ASAC to address privacy and civil liberties also suggests that the TSA and its parent the Department of Homeland Security (DHS) have backed away from, or at least postponed, their plans to create a new advisory committee specifically to address these issues.

When DHS Chief Privacy Office Nuala O'Connor Kelly announced the plan for a DHS Data Integrity, Privacy, and Interoperability Advisory Committee in her address to the Computers Freedom and Privacy conference in April 2004, the deadline for applications was to be 30 April 2004, with the committee to be appointed shortly thereafter. Applications closed 15 May 2004, after an extension of the deadline, but there's been no word about the creation of this committee since a 28 July 2004 letter I made public when I received it which informed applicants that, "We anticipate that recommendations for consideration will be submitted to the Office of the Secretary [of Homeland Security] in August 2004. Appointments are expected soon thereafter." To date, no appointments have been announced.

It appears that, instead of creating even a captive and toothless advisory committee of people with any expertise in privacy or civil liberties, or at any rate without waiting for the formation of that long-overdue body, the TSA and DHS have assigned that task to a group of industry representatives with no relevant expertise or record of concern. And they are claiming that this "meets" demands that they give serious consideration to privacy and civil liberties, and provide an independent mechanism for oversight of their performance and compliance on these issues.

Sorry, folks. A powerless advisory committee drawn from the air travel industry is neither the appropriate nor a competent guarantor of the consumer interests, privacy, or civil liberties of travellers, nor will travellers or genuine privacy and civil liberties advocates allow the TSA to claim that it is.

Given the TSA's (and especially the ONRA's) obsession with secrecy, it will be interesting to see whether the new working groups of the ASAC comply with the statutory requirement that the public be given notice of, and the opportunity to attend and observe, their meetings.

Minutes and (sometimes) transcripts of ASAC meetings have typically been made public only many months after the fact. Minutes of the October and November 2003 meetings weren't posted on the DHS or TSA Web site until just a few weeks ago, almost a full year later. Neither the TSA nor the DHS issued any public statement about the 30 September 2004 ASAC meeting, and I don't know if any journalists were in attendance. So I don't know if the "Secure Flight Privacy/IT Working Group" of the ASAC was appointed, or if so, who its members are or whether they include either or both of the ASAC's two members from passenger organizations (neither of which are consumer, privacy, or civil liberties advocates).

Privacy and civil liberties watchdogs -- such as those who might have been included on the DHS Privacy Advisory Committee, had it been created by now -- should keep a close watch on the ASAC , and on who else is told these lies about its (lack of) privacy and civil liberties representation and its (lack of) oversight authority.

"Secure Flight" comments due by Monday, 25 October 2004

Public comments are open through Monday, 25 October 2004, on the Secure Flight airline passenger identification, selection, and surveillance system proposed by the USA Transportation Security Administration (TSA) and its Office of National Risk Assessment (ONRA).

Together, the Secure Flight and Registered Traveler programs are intended to replace, and considerably expand, the infringements of travellers' freedoms which were to have been part of the supposedly-abandoned CAPPS-II passenger profiling scheme. (Traveller registration with the TSA is currently "voluntary", but will eventually be mandatory for anyone who wants to travel by air.)

The complete TSA docket of notices and comments on Secure Flight testing (TSA-2004-19160) includes those comments filed to date with the TSA (there is sometimes a delay of a couple of days in docketing and posting comments), as well as well as the three rulemaking notices and requests for comments:

1. The Office of Management and Budget (OMB) Information Collection Request notice under the Paperwork Reduction Act and request for comments on the proposed order (the full text of the order itself is included in the notice) requiring USA-based airlines to turn over all data in all PNR's , including cancelled PNR's, that ever included flights that were to have been taken in June 2004; docket TSA-2004-19160-2
   
   
2. The TSA Privacy Act notice or "System Of Records Notice" (SORN) for the Secure Flight testing database; docket TSA-2004-19160-3
   
   
3. The TSA Privacy Impact Assessment for Secure flight testing; docket TSA-2004-19160-4

The purported Privacy Act "notice" fails to give notice of most of the categories of people about whom personal data is contained in PNR's, and comes well more than a year after PNR's for June 2004 travel began to be created (in June 2003 or earlier), making a mockery of any concept of "notice". By this, and by including cancelled PNR's, it ensures that even those who wish to withhold consent, or tried to do so by cancelling their reservations and not travelling, will be unable to opt out.

The purported Privacy Impact Assessment is a real piece of work, failing entirely to acknowledge, much less to assess, most of the privacy impacts of the proposals.

The most significant portion of the rulemaking, however, may be that of the OMB. The TSA notices concern only what the TSA will do with the data, after it is commandeered from the airlines and, indirectly, from the people whose data is contained in PNR's: travellers, people in whose names reservations were made but who did not travel, people who made reservations for other people or paid for other people's tickets, and travel agents and airline staff, among others. Under the Paperwork Reduction Act, the OMB must also consider the actual demand for archived PNR data from the airlines (and, implicitly, from the CRS's that host airline data, and without whose active collaboration it would be impossible for airlines to comply with the demand).