"DHS lawyers claimed that international travel provides, in and of itself, sufficient Constitutional basis for detention and search of international travellers and the search, seizure and copying of the digital contents of their belongings."
Really? Fucking hell.. With every month that goes by, I am less and less inclined to travel to, or do business in, the US..
edit: I'm aware that later in the article they say the courts didn't really agree with this, but it doesn't seem to be preventing it from happening, especially when, after they got what they needed (I call bullshit on "destroy all copies"), they just back down and convince the victim to drop the case.
> Really? Fucking hell.. With every month that goes by, I am less and less inclined to travel to, or do business in, the US..
The insinuation being that the US is the only country doing this?
I hate this sort of thing as much as the next guy, but let's not pretend the US is the only country engaging in this behavior. We can certainly expect better, but don't blind yourself to the obvious. Based on recent events, maybe you shouldn't be traveling anywhere, period.
You should never cross any border, US or otherwise, with a mobile phone, laptop, or any sensitive documents. Neither should your employees, if their device are user for work.
This is not a new revelation. Industrial espionage by spy services has been ongoing for a very long time.
Show me a country that does not reserve to itself the right to carry out border inspections (and if you're going to mention the EU, that change is only recent and by treaty, effectively making Europe into a single country of multiple states). As long as there have been borders there have been smugglers, and as long as there have been smugglers there have been customs agents. This is especially true of the US, because before the 16th amendment and the creation of income tax, import duties were a primary source of government revenue.
"By agreeing to settle the case, the DHS avoided either any new appellate precedent limiting its borders search authority, or any judicial review of the specific basis for its actions with respect to Mr. House. As in other cases, the DHS treated the threat of judicial review of its actions as the ultimate danger to be avoided at all costs, even if that required destroying evidence it had previously claimed was vitally needed."
I heard this quote earlier this week during a discussion about the failure to stop the Naval Base shooter. He should have been picked up or at least been on someone's radar well before killing 13 people.
"When we're watching EVERYBODY, you'll never catch ANYBODY." which made a lot of sense to me. It seems like these agencies are trying to watch everybody in an effort to catch one lone person without considering any supporting data. Thus, you end up with scenario's like this where innocent people are being caught up in this wide net their casting.
"TECS was the first pre-DHS database of Federal government logs of international travel. Several other “systems of records” (a term of art used in the Privacy Act) about travelers, including the Automated Targeting System (ATS) and DHS copies of PNR data (airline reservations) were originally considered part of TECS. The TECS file for an individual traveler typically includes a log of their border crossings (with record locators that serve as pointers to their PNR data ) and free-text notes on anything that customs and immigration inspectors thought warranted inclusion in the traveler’s permanent file."
It's more surprising that DHS keeps copies of the PNR data. The passport/visa stuff is acceptable but you can tell a lot more about someone from PNR data. Who they travel with, payment information, itinerary, changes in travel, medical conditions, baggage, services, it goes on and on.
questioned him about his political activities and beliefs
confiscated his laptop computer, camera and a USB drive
If this happened to a computer scientist abroad, say Moscow airport, there would be a storm coming from the western media about oppressive regimes and human rights. Possibly even a condemnation from the US government.
The rough standard is basically that data must be provided by airlines to authorities at the point of landing at least 15 minutes before departure. In practice they probably provide it earlier.
My interpretation was that the picture the response painted was of five eyes nations all hitting up the EU for their passenger data. Right after the US got their claws in Australia was in there and the US utilized its grand experience with bureaucracy to ensure the EU Data Protection Supervisor didn't even have time to review the proposal before it was passed.
The lesson here is that you are wary of authorities for whatever reason (and we probably all should be), then you should seek to avoid pre-booking flights (or ships) ... just turn up and buy a ticket instead ... and preferably avoid long haul flights at all, certainly those terminating in countries with dodgy authorities, if you can afford to do so.
I don't mean to undermine the effort of put into the lawsuit and this careful analysis. But... Shocking. Government has access to passenger's itinerary. I mean, with all the recent revelations, we might have just assumed that.
You have missed the point. It is not that the government has access to your itinerary, it is that low-level government officials (apparently) have access to your itinerary with no administrative oversight whatsoever. The NSA at least puts on a show of getting FISA court approval. But DHS isn't even going through the motions.
The key passage from the article:
"The implication is that rather than search its own ATS database of copies of PNR data, the ICE investigator searched the airline’s own internal PNR database, using the DHS root access to the Sabre computerized reservation system (CRS) used by American Airlines. That was probably easier than searching ATS because the way DHS “ingests” PNR data from CRSs into ATS leaves the data less well indexed in TECS and ATS than it was (and still is — the airline sends DHS a copy, but of course retains the PNR data itself) in the CRS.
Notably, there’s nothing to indicate that the ICE investigator needed approval from a supervisor to go into Sabre, or tried some other source of PNR information (e.g. the internal ATS database of DHS copies of PNR data) first. Root access to Sabre was apparently at his fingertips, and his use of it warranted no special comment and no recording of compliance with any authorization protocols. It was a routine tool for him."
Uh, what exactly is shocking about this? The government has the right to know the precise identity of each and every person that's crossing its borders. It's also reasonably entitled to know the identify of each person flying into its sovereign airspace. How do you think they enforce visas and customs?
for the sake of simplifying my point i assume many if not most of you are us-based us-citizen:
whenever an issue like this comes up everybody starts to fight and nitpick. as if nobody can see through it. as if everybody is blinded. as if everybody doesn't care about the core of the matter. as if an entire generation or two is just too dumbed down to recognize the scheme.
you know, i love you. but i'm sick of you.
if you don't fix your bloody country, nobody will do it for you.
Any computer with sensitive files should have them encrypted, or preferably have your entire hard drive encrypted. They should also be backed-up in case the computer is lost, stolen, destroyed, or seized.
If a person or company keeps sensitive files on an insecure computer, then that company/person should be at fault.
If you send sensitive data over the internet then it should be encrypted. If not, then companies, governments, and other organizations could easily grab that data.
In reality though, there are millions of completely insecure computers and devices which carry data that could harm companies, individuals, or governments if compromised. Educating the operators of those machines and ensuring that they properly secure them is very difficult. The best method would be to have hard-drive level encryption on all devices, make sure people know how to properly backup data, and to educate people that they can easily say, "I don't know the password, I'm suppose to call my IT manager after I arrive at my destination and he will provide the password."
1. Light-gray on black color scheme invites eye strain.
2. Bright orange link text is even more horrible than usual because of light gray on black color scheme.
3. Extra tiny font size (1em) is almost unreadable against black background.
4. There are constant readability crimes in the text with overuse of scare quotes, unnecessary abuse of the 'and/or' abomination, incorrect use of double scare quotes outside literal quotations, and overuse of parenthetical statements.
5. Use of "beg the question" to mean "raise the question" is incorrect.
The content was fine, but you'd better be young, brave, and impervious to pain if you want to access it.
To future investigative writers: Diagrams and acronym glossaries please. If a subject is hard to understand, unclear presentation is another barrier. (People have limited attention and thoughtspace.)
[+] [-] sbarre|12 years ago|reply
Really? Fucking hell.. With every month that goes by, I am less and less inclined to travel to, or do business in, the US..
edit: I'm aware that later in the article they say the courts didn't really agree with this, but it doesn't seem to be preventing it from happening, especially when, after they got what they needed (I call bullshit on "destroy all copies"), they just back down and convince the victim to drop the case.
[+] [-] maratd|12 years ago|reply
The insinuation being that the US is the only country doing this?
I hate this sort of thing as much as the next guy, but let's not pretend the US is the only country engaging in this behavior. We can certainly expect better, but don't blind yourself to the obvious. Based on recent events, maybe you shouldn't be traveling anywhere, period.
[+] [-] AJ007|12 years ago|reply
This is not a new revelation. Industrial espionage by spy services has been ongoing for a very long time.
[+] [-] ISL|12 years ago|reply
How would they have chosen to balance privacy against security in our age?
[+] [-] anigbrowl|12 years ago|reply
[+] [-] straight_talk_2|12 years ago|reply
[+] [-] btbuildem|12 years ago|reply
What a cancerous growth this DHS is.
[+] [-] dwaltrip|12 years ago|reply
[+] [-] at-fates-hands|12 years ago|reply
"When we're watching EVERYBODY, you'll never catch ANYBODY." which made a lot of sense to me. It seems like these agencies are trying to watch everybody in an effort to catch one lone person without considering any supporting data. Thus, you end up with scenario's like this where innocent people are being caught up in this wide net their casting.
[+] [-] guylhem|12 years ago|reply
Example on http://hasbrouck.org/documents/secondary.pdf
Is there a way to consult this database? (FOIA?)
It could be interesting.
[+] [-] useful|12 years ago|reply
[+] [-] Mikeb85|12 years ago|reply
[+] [-] atlanticus|12 years ago|reply
[+] [-] znowi|12 years ago|reply
confiscated his laptop computer, camera and a USB drive
If this happened to a computer scientist abroad, say Moscow airport, there would be a storm coming from the western media about oppressive regimes and human rights. Possibly even a condemnation from the US government.
[+] [-] contingencies|12 years ago|reply
I did some FOIAs in to this stuff with the EU recently @ http://www.asktheeu.org/en/request/information_on_pnr_agreem...
My interpretation was that the picture the response painted was of five eyes nations all hitting up the EU for their passenger data. Right after the US got their claws in Australia was in there and the US utilized its grand experience with bureaucracy to ensure the EU Data Protection Supervisor didn't even have time to review the proposal before it was passed.
After that query, I updated Wikipedia's info over here: https://en.wikipedia.org/wiki/Passenger_name_record#Internat...
The lesson here is that you are wary of authorities for whatever reason (and we probably all should be), then you should seek to avoid pre-booking flights (or ships) ... just turn up and buy a ticket instead ... and preferably avoid long haul flights at all, certainly those terminating in countries with dodgy authorities, if you can afford to do so.
[+] [-] jevinskie|12 years ago|reply
[+] [-] netcan|12 years ago|reply
[+] [-] jjjeffrey|12 years ago|reply
[+] [-] unimpressive|12 years ago|reply
I can understand foreigners, but why homosexuals?
[+] [-] snitko|12 years ago|reply
[+] [-] lisper|12 years ago|reply
The key passage from the article:
"The implication is that rather than search its own ATS database of copies of PNR data, the ICE investigator searched the airline’s own internal PNR database, using the DHS root access to the Sabre computerized reservation system (CRS) used by American Airlines. That was probably easier than searching ATS because the way DHS “ingests” PNR data from CRSs into ATS leaves the data less well indexed in TECS and ATS than it was (and still is — the airline sends DHS a copy, but of course retains the PNR data itself) in the CRS.
Notably, there’s nothing to indicate that the ICE investigator needed approval from a supervisor to go into Sabre, or tried some other source of PNR information (e.g. the internal ATS database of DHS copies of PNR data) first. Root access to Sabre was apparently at his fingertips, and his use of it warranted no special comment and no recording of compliance with any authorization protocols. It was a routine tool for him."
[+] [-] rayiner|12 years ago|reply
[+] [-] 001sky|12 years ago|reply
Assuming things versus verifying things are two different ways to live your life.
[+] [-] glasz|12 years ago|reply
whenever an issue like this comes up everybody starts to fight and nitpick. as if nobody can see through it. as if everybody is blinded. as if everybody doesn't care about the core of the matter. as if an entire generation or two is just too dumbed down to recognize the scheme.
you know, i love you. but i'm sick of you. if you don't fix your bloody country, nobody will do it for you.
[+] [-] dm2|12 years ago|reply
If a person or company keeps sensitive files on an insecure computer, then that company/person should be at fault.
If you send sensitive data over the internet then it should be encrypted. If not, then companies, governments, and other organizations could easily grab that data.
In reality though, there are millions of completely insecure computers and devices which carry data that could harm companies, individuals, or governments if compromised. Educating the operators of those machines and ensuring that they properly secure them is very difficult. The best method would be to have hard-drive level encryption on all devices, make sure people know how to properly backup data, and to educate people that they can easily say, "I don't know the password, I'm suppose to call my IT manager after I arrive at my destination and he will provide the password."
[+] [-] WildUtah|12 years ago|reply
2. Bright orange link text is even more horrible than usual because of light gray on black color scheme.
3. Extra tiny font size (1em) is almost unreadable against black background.
4. There are constant readability crimes in the text with overuse of scare quotes, unnecessary abuse of the 'and/or' abomination, incorrect use of double scare quotes outside literal quotations, and overuse of parenthetical statements.
5. Use of "beg the question" to mean "raise the question" is incorrect.
The content was fine, but you'd better be young, brave, and impervious to pain if you want to access it.
[+] [-] gcb0|12 years ago|reply
Of course I want law officials to have real time information about travel and be able to catch a criminal before he flees.
The issue should not be that, but that they use that to initiate illegal searches.
The focus should be on illegal searches, period.
[+] [-] glasz|12 years ago|reply
[+] [-] ballard|12 years ago|reply
[+] [-] retrogradeorbit|12 years ago|reply