David Kirkpatrick

September 8, 2010

Department of Homeland Security sued for illegal search and seizure

This is a long overdue lawsuit. Unbeknownst to many United States citizens, if you leave the country with an electronic device — like a smartphone, cell phone, camera, or more likely, a laptop — your electronics can be seized, searched and contents archived by the Department of Homeland Security with no due process other than a field officer deciding you might be a threat to the nation.

I’ve blogged about this very topic a couple of times — first back in June 2008 and again in September 2009 — and my sense of outrage at the privacy and civil liberties violation hasn’t abated. Sure we need to protect the nation and monitor who comes and goes into and out of the country, but with the due process that represents the best of America. In the post-9/11 world, policies like this are slowly turning the United States into a police state that would be unrecognizable to the Founding Fathers.

From the first link:

Civil liberties groups sued the Department of Homeland Security on Tuesday, alleging that the government should not be able to search, copy or keep the data on electronic devices carried by people crossing the border without a reasonable suspicion of wrongdoing.

The American Civil Liberties Union, the New York Civil Liberties Union and the National Association of Criminal Defense Layers (NACDL) announced on Tuesday that they filed a lawsuit against the policy, arguing that Americans “do not surrender their privacy and free speech rights when they travel abroad.”

DHS policy says that electronic devices such as laptops, cameras and cell phones can be searched as a matter of course, and that the border agents can copy the contents of the devices in order to continue searching them once the traveler has been allowed to enter the U.S. — even if the traveler is not suspected of any wrongdoing. Information obtained by the ACLU indicated that over 6,600 travelers — nearly half of whom are U.S. citizens — had their electronic devices searched at the border between Oct. 1, 2008 and June 2, 2010.

Update 9/10/10 — In the meantime, here’s a CIO.com article on getting your data across the border while avoiding the invasive scrutiny of the DHS.

September 10, 2009

Want to see what the NIST has to say about national ID cards?

Check out this release.

(For the record I am extremely against the concept of any type of ID card, national or otherwise, that incorporates this level of personal data.  Quite hackable and doesn’t make the public any safer. These tracking devices only give the government that much more information on U.S. citizens.)

The release:

New NIST publications describe standards for identity credentials and authentication systems

Two publications from the National Institute of Standards and Technology (NIST) describe new capabilities for authentication systems using smart cards or other personal security devices within and outside federal government applications. A report describes a NIST-led international standard, ISO/IEC 24727, which defines a general-purpose identity application programming interface (API). The other is a draft publication on refinements to the Personal Identity Verification (PIV) specification.

NIST is responsible for developing specifications for PIV cards required for the government under Homeland Security Presidential Directive 12. These smart cards have embedded chips that hold information and biometric data such as specific types of patterns in fingerprints called “minutiae” along with a unique identifying number. The goal is to develop methods that allow each worker to have a PIV card that works with PIV equipment at all government agencies and with all card-reader equipment regardless of the manufacturer.

Because there is growing interest in using secure identity credentials like PIV cards for multiple applications beyond the federal workplace, NIST provided its smart card research expertise in the development of an international standard—ISO/IEC 24727 – Identification cards – Integrated circuit card programming interfaces—that provides a set of authentication protocols and services common to identity management frameworks.

The new NIST report, Use of ISO/IEC 24727 is an introduction to that standard. It describes the standard’s general-purpose identity application programming interface, the “Service Access Layer Interface for Identity (SALII)”, which allows cards and readers to communicate and operate with applications seamlessly. The report also describes a proof-of-concept experiment demonstrating that existing PIV cards and readers can work interoperably with ISO/IEC 24727. The applications tested included logging on to Windows or Linux systems, signing and encrypting email, and performing Web authentications.

NIST Interagency Report 7611 Use of ISO/IEC 24727 may be downloaded at http://csrc.nist.gov/publications/nistir/ir7611/nistir7611_use-of-isoiec24727.pdf.

NIST researchers also are involved in improving PIV components and providing guidelines that the private sector and municipalities can use with a similar smart ID card. They have drafted an update to an earlier publication that contains the technical specifications for interfacing with the PIV card to retrieve and use identity credentials.

Special Publication 800-73-3, Interfaces for Personal Identity Verification, provides specifications for PIV-Interoperable and PIV-Compatible cards issued by non-federal issuers, which may be used with the federal PIV system. It also provides specifications designed to ease implementation, facilitate interoperability and ensure performance of PIV applications in the federal workplace. The new publication specifies a PIV data model, card edge interface and application programming interface. The report also provides editorial changes to clarify information in the earlier version. (For background, see “Updated Specification Issued for PIV Card Implementations,” NIST Tech Beat, Oct. 14, 2008 [http://www.nist.gov/public_affairs/techbeat/tb2008_1014.htm].)

###

The draft version of NIST SP 800-73-3 is open for public comment through Sept. 13, 2009. The document is available online athttp://csrc.nist.gov/publications/PubsDrafts.html#800-73-3. Comments should be addressed to PIV_comments@nist.gov with “Comments on Public Draft SP 800-73-3″ in the subject line

September 4, 2009

Homeland Security, borders and electronics

I’m no fan of the bureaucratic mess that is the Department of Homeland Security. I”ve always maintained we had a great security apparatus in place before 9/11, it was simply misused. The DHS? More politicized and certainly no better, and almost more certainly much worse, than the pre-9/11 FBI, CIA, NSA, et.al.

This particular outrage has bothered me for a long time. I don’t think I’ve blogged about it before and it is a massive privacy violation that every American should know about.

From the second link:

Earlier this week, the U.S. Department of Homeland Security made it clear that border crossing officials could continue to search any device that can store electronic media without any suspicion of wrongdoing.

Although the revised policy ensures searches will be completed in a “timely manner” (up to 30 days) and that travelers will stay informed about the search’s progress, travelers crossing the border might want to consider a few things.

Officials can still seize any device (including MP3 players or flash drives) and look at any file on it (including Internet browsing history) without giving any reason.

Click here to find out more!

The Association of Corporate Travel Executives (ACTE) believes agents take laptops, make an image of the hard drive and then return the laptop to its owner in the mail. Any copied files could be stored “indefinitely.” (Imagine what the Border Patrol’s iTunes Library will look like after “indefinitely” storing DRM-free music from several dozen searches.) The ACLU is also taking a dim view of the DHS policy, and is challenging it in court.

March 14, 2009

Dump E-Verify

Something the ACLU and the libertarian Cato Instutute can agree on.

(In reality the two groups are in agreement in more areas than not, but both sides tend to distrust the other. I’ve often joked I’m for the ACLU and the NRA. And for the right of any and all opposition groups to exist as well.)

From the link:

Over the weekend, there was a USA Today article giving prime coverage to those who advocated for an E-Verify requirement as part of the economic stimulus package signed into law a couple weeks ago. E-Verify, the Department of Homeland Security’s (DHS) employment verification program, would require all employers to verify the work eligibility of new hires through error-ridden government databases. The article was particularly troubling because it incorrectly cited the systemic problems associated with using the E-Verify. Very late in the article, it says:

The business groups and immigrant advocacy groups argue that the E-Verify database is riddled with errors that could result in millions of workers being wrongly identified as not authorized for work. They say requiring its use before hiring would impose a cost burden on employers and open them to lawsuits.

We found this really misleading, because the business and immigrant advocacy groups like the ACLU are not alone in arguing E-Verify will result in delays due to the errors in Americans’ files. You know who else agrees with us? The federal government.

If you’d like to see the Cato Institutes take on this bit of government overreach, hit this link.

December 5, 2008

ACLU, Heritage Foundation and the Department of Homeland Security

I’m sure some would be shocked to see the Heritage Foundation and the ACLU in agreement, but the two groups have a whole lot more overlap than you might think at first glance when looking at the big picture.

I like to remind people I support the actions of the ACLU and the NRA. And I think there’s something to like on both sides of the current US political spectrum. Plenty not to like on both sides, too.

That’s why I vote the candidate, not the party. Always have, expect to always will. I read somewhere today that there’s no such thing as an independent voter because of low information or something. Can’t remember where I read that, but I think they used the wrong word.

“Undecided” voters are low-information and to that end aren’t really a key part of the electorate in major races (totally different dynamic in low-key local races where the decision may well be made on a whim in the booth.)

“Independent” voters are very likely to be very high information and making decisions as I do — voting the person and issues of the race at hand, not pulling a straight party ticket because of something dumb like, “I like old so-and-so, but can’t vote for him because he’s a dirty Republican and I’m a Democrat.”

Straight party voters are pretty much no-information voters because any information makes no difference in the selection.

At any rate this is from the link way up there in the first sentence:

This morning, NPR did a segment with Tim Sparapani of our Washington Legislative Office and our frenemies at the Heritage Foundation. They discussed ways that the Department of Homeland Security under the Obama administration could endeavor to do better by the country. First, Tim suggested making the watchlists, you know, work:

Any terrorist worth his or her salt can go out and get a fake ID in about 20 minutes, or they can show up under their own name if they’re not a name of somebody that we’ve been monitoring abroad[…] And there are lots of people, unfortunately, who have been willing to be recruited whom we would never know about until the moment they actually commit an attack.

So while the TSA is busy stopping all the Robert Johnsons of the world, potential terrorists might be slipping by.

 

Now, Heritage’s take:

…[The Heritage Foundation] says the government’s multi-billion dollar investment in what’s often referred to as “guns, guards and gates” is the wrong way to go — that it’s futile to try to protect everything in a country that has a seemingly endless number of potential targets.

We couldn’t agree more, Heritage!

July 26, 2008

The TSA is a joke

The boondoggle of a national agency that is the Transportation Security Agency, a part of that larger waste of government funds, the Department of Homeland Security, is proving to be quite inept at doing anything but waste the time of, and harass, US travelers.

Now don’t get me wrong, changes needed to be made after 9/11, but there was no reason not to work within the existing framework and effect a solution.

The concept of “homeland security” all sitting under one roof, so to speak, and working hand-in-hand sounded great, but like most bureaucracies, in practice it’s incompetent and a colossal waste of taxpayers money. If this agency had been created under a Democratic administration the GOP would be howling. Since it appeared under the pen and auspices of the Bush 43 regime, GOPers are silent and this is one more reason honest conservatives are ready to bust the party up for its own good.

I’ve blogged about problems with the TSA and Homeland Security (notably here and here) thanks to the careful attention the good people at the Cato Institute pay to this issue.

And then I find this story:

Last spring, shortly after airing a news report that embarrassed the TSAand the Federal Air Marshal Service, CNN’s investigative reporter Drew Griffin was suddenly placed on the TSA’s terrorist watch list. Last week, CNN ran a follow-up piece. Anderson Cooper interviewed Griffin — a reporter who had suddenly moved from telling an important story to being part of it.

The day after the Cooper-Griffin exchange, Congresswoman Shelia Jackson Lee (D-Texas) formally called for a probe into the TSA’s seemingly vengeful act. Jackson Lee asked DHS Secretary Michael Chertoff the following:

“My question is why would Drew Griffin’s name come on the watch list, post-his investigation of TSA?” Jackson Lee said.

“What is the basis of this sudden recognition that Drew Griffin is a terrorist? Are we targeting people because of their critique or criticism?”

Chertoff hedged, saying it was not his “understanding the reporter was put on [the list]” but that Griffin may share a name with someone put on the list.

Which is almost impossible to believe. Unless you are willing to accept that someone else coincidentally named Drew Griffin was discovered to be a terrorist almost seven years after 9/11 but within a week or two of CNN’s March 2008 air date.

To anyone who isn’t trying to finger-plug the sieve in the aviation security wall called TSA, the answer to Congresswoman Shelia Jackson Lee’s question is quite clearly “yes.” The TSA does target people who critique or criticize the TSA.

And this is what Griffin worked on to cause his “problem” with the TSA. A story covering Jeffrey Denning, a former Dallas SWAT team member and former Federal Air Marshal who detained a man legitimately on the terrorist list and after trying to get higher-ups in the Homeland Security chain to come and process the potential terrorist found the end result very discouraging:

Surely, now that alarm bells have been sounded inside the uppermost echelons of six U.S. federal agencies — DHS, TSA, FAMS, ICE, JTTF, FBI — and with a match hit on a terrorist watch list, Anwar Al-XXXXX would be under intense scrutiny and taken in for further questioning. At least in theory he would be.

Unfortunately, that proved to be only theory.

Denning explained what happened next: “They [i.e., DHS/JTTF and the airport police] couldn’t get an ICE agent to the scene so I was asked to examine [Al-XXXXX’s] travel documents. This struck me as odd because I have no training in examining travel documents. None of the Federal Air Marshals have received training that I’m aware of. Finally word came back from the MOC [Mission Operations Control]. They said, ‘we’ve been waiting on the FBI. We can’t get them to verify. Let him go.’”

Denning followed orders.

Watching Anwar Al-XXXXX pick up his bag and disappear into the throngs of travelers at Reagan National Airport, Denning told me that he thought to himself, “I seriously hope this guy doesn’t show up on the evening news.”

Anwar Al-XXXXX did not show up on the evening news. But Jeffrey Denning did. Last week, CNN aired a three-part piece in print, on TV, and on its blog that focuses on Denning’s witch-hunt-like plight.

July 11, 2008

Once again, our aviation policies keeping the US safe …

Filed under: Politics — Tags: , , , — David Kirkpatrick @ 12:45 pm

… from freed Columbian hostages.

Jim Harper at Cato@Liberty points out the problems getting back into to the US for Keith Stansell, a hostage who was recently rescued from Columbia.

From the link:

And to Governor Crist of the great state of Florida, sir, I don’t have a driver’s license. How am I going to get home?

Without a government-issued ID to show at the airport, it appears that Stansell will have to undergo a deep background check, which may include his political party. (Having been “off the grid” the last three years, he may not have much background to check.) The Department of Homeland Security welcomes you home, Mr. Stansell.

June 26, 2008

Police state in action — Fed style

Filed under: Politics — Tags: , , , , , — David Kirkpatrick @ 2:39 am

This is unbelievable. Unless there’s a lot more to this story than the article suggests it seems if you are a US citizen consider your civil liberties threatened, if not nonexistent, until a sane group of individuals (either party will do just fine) can get into the halls of power next January.

If this activity is common and has become standard operating procedure, the terrorists truly have “won” the last six-plus years. I wonder how a group of dark age fools could wreak such ongoing havoc on the very fabric of the world’s largest, and really only, superpower.

The Bush 43 regime has been an abject failure on so many levels it’s truly astounding. In 2000 I honestly thought he would be an adequate president, and that might have come to pass had 9/11 not occurred. Of course it seems Cheney and a small group of the ex-Nixon administration neocons had some objectives going into their second tour of the White House that might have been executed with, or without, 9/11. We’ll never know, but man we’re dealing with an awful aftermath of failed policy, government overreach and the absolute gutting of the civil liberties on which our founding fathers placed the utmost importance. 

From the link:

Returning from a brief vacation to Germany in February, Bill Hogan was selected for additional screening by customs officials at Dulles International Airport outside Washington, D.C. Agents searched Hogan’s luggage and then popped an unexpected question: Was he carrying any digital media cards or drives in his pockets? “Then they told me that they were impounding my laptop,” says Hogan, a freelance investigative reporter whose recent stories have ranged from the origins of the Iraq war to the impact of money in presidential politics.

Shaken by the encounter, Hogan says he left the airport and examined his bags, finding that the agents had also removed and inspected the memory card from his digital camera. “It was fortunate that I didn’t use that machine for work or I would have had to call up all my sources and tell them that the government had just seized their information,” he said. When customs offered to return the machine nearly two weeks later, Hogan told them to ship it to his lawyer.

 

The extent of the program to confiscate electronics at customs points is unclear. A hearing Wednesday before the Senate Committee on the Judiciary’s Subcommittee on the Constitution hopes to learn more about the extent of the program and safeguards to traveler’s privacy. Lawsuits have also been filed, challenging how the program selects travelers for inspection. Citing those lawsuits, Customs and Border Protection, a division of the Department of Homeland Security, refuses to say exactly how common the practice is, how many computers, portable storage drives, and BlackBerries have been inspected and confiscated, or what happens to the devices once they are seized. Congressional investigators and plaintiffs involved in lawsuits believe that digital copies?so-called “mirror images” of drives?are sometimes made of materials after they are seized by customs.

The Silver is the New Black Theme. Blog at WordPress.com.

Follow

Get every new post delivered to your Inbox.

Join 26 other followers