Tag: department of homeland security

Beware the Depends Bomber?

My Washington Examiner column this week is on TSA, the federal agency that’s its own reductio ad absurdum.

In the latest TSA atrocity, the agency forced a wheelchair-bound, 95-year-old leukemia patient to remove her adult diaper, for fear she might be wired to explode. “It’s something I couldn’t imagine happening on American soil,” her distraught daughter told the press: “Here is my mother, 95 years old, 105 pounds, barely able to stand, and then this.”

My God, what is she on about? Proper procedure was followed!

As I point out in the column:

in a classic case of “mission creep,” TSA is taking its show on the road and the rails.

Remember when, pushing his bullet-train boondoggle in the 2011 State of the Union, President Obama cracked that it would let you travel “without the pat-down”? Not funny—also, not true.

Earlier this year, Amtrak passengers in Savannah, Ga., stepped off into a TSA checkpoint. Though the travelers had already disembarked the train, agents made women lift their shirts to check for bra explosives. Two weeks ago, armed TSA and Homeland Security agents hit a bus depot in Des Moines, Iowa, to question passengers and demand their papers.

These raids are the work of TSA’s “Visible Intermodal Prevention and Response” (VIPR or “Viper”) teams—an acronym at once senseless and menacing, much like the agency itself.

All this is happening at a time when al Qaeda looks more harried, pathetic, and weaker than ever. But hey, you can never be too careful, right?

Feel Safer?

Does Rep. Aderholt Support or Oppose Having a National ID?

Rep. Robert Aderholt (R-AL) is the chairman of the House Appropriations Subcommittee on Homeland Security. That’s the subcommittee that makes spending decisions for the Department of Homeland Security and the programs within it, including the REAL ID Act.

Earlier this month, a constituent of his from Fyffe, Alabama posted a question on Mr. Aderholt’s Facebook page:

Rep. Aderholt, I’ve seen reports that the “REAL ID ACT” will be implemented in May of this year, giving the govt the ability to track every person who has a drivers license via encoded GPS. Is this actually the case and if so, what is the House going to do to stop this Orwellian infringement of our Liberty. Also, HOW could this have happened in the first place!

Mr. Aderholt has not replied.

But Right Side News recently reported on a hearing in which DHS Secretary Janet Napolitano presented her agency’s budget request. The DHS has not requested funds for implementing REAL ID. But according to the report, Chairman Aderholt “pointedly reminded” the committee of the need for funding of REAL ID.

It is good of Representative Aderholt to give his constituents a means to contact him and to invite public discussion of the issues. It’s an open question whether he will listen more closely to the voice of his constituents or to influences in Washington, D.C. who would like to see law-abiding American citizens herded into a national ID system.

Is the REAL ID Rebellion Coming to Florida?

Until now, Florida has not been one of the states to buck the federal government’s national ID mandate, established in the REAL ID Act of 2005. A pair of grand jury reports in 2002 had moved the state to tighten its driver licensing processes prior to any federal action, so it was already doing many of the things that the Department of Homeland Security is now seeking to require of states in the name of REAL ID.

Full compliance with REAL ID remains a distant hope, so DHS has set out a list of 18 “milestones,” progress toward which it is treating as REAL ID compliance. Full compliance with REAL ID includes putting driver information into a network for nationwide information sharing—including scanned copies of basic identity documents. It includes giving all licensees and ID holders a nationally uniform driver’s license or ID card so their identity can be checked at airports, federal facilities, and wherever the Secretary of Homeland Security determines to have federal checkpoints.

Again, the state of Florida meets DHS’ milestones. Starting from an already strict driver licensing regime, the state’s bureaucrats have been doing (and asking the legislature to do) things that match up with the requirements of the national ID law. But now, thanks to the work of Florida’s Tenth Amendment Center, Floridians Against REAL ID, and others, the legislature is beginning to pay attention.

Why is it so hard for law-abiding citizens and residents of Florida to get or renew their licenses? What kinds of barriers to progress are being thrown in front of lawful immigrants from Haiti, who haven’t the documentation required to get a license and thus a job?

Rep. Geraldine Thompson (D-Orlando) has lived in Florida since 1955 and was elected to the Florida legislature in 2006. She was born in New Orleans and is not able to get a copy of her birth certificate. The Florida Department of Motor Vehicles would not accept her Florida House ID card as proof of her identity!

Several members of the Florida legislature are concerned that the state is scanning and databasing the basic identity documents of Floridians, exposing those documents and the people of Florida to unknown cybersecurity risks. If these databases were hacked, Floridians’ data would be treasure trove for identity fraud. A breach of an entire state’s identity data could collapse the system we now rely on to know who people are. This is not an improvement in security for Floridians.

Florida’s Cuban ex-pat population has some idea of what could result if they were herded into a national identity system. They are too familiar with central government control of access to goods, services, employment, and other essentials of life. Advocates of national ID systems here in the United States have already argued for using REAL ID to control access to employment, to financial services and credit, to medicines, to housing, and more.

In my testimony to the Florida legislature, I noted that the federal government is impotent to enforce REAL ID. The political costs of a DHS attack on air travel (if it refused to recognize drivers’ licenses from non-compliant states at airport checkpoints) would be too high. Indeed, word is spreading that DHS will soon extend the REAL ID deadline once again.

What’s clear from my visit to Florida is that legislators there respond to what they hear from their constituents. It’s unclear what the Florida legislature will do to reassert control of its driver licensing policy from the concerted action of the federal government and its motor vehicle bureaucrats.

One of the questions they might ask is, “Who committed Florida to comply with REAL ID?” That’s item number seventeen in the DHS’ eighteen-point material compliance checklist.

Terror Arrest Does Not Justify REAL ID Revival

The zeitgeist on Capitol Hill in Washington, D.C. may be for limited, constitutional government, but that doesn’t mean that big-government conservatives aren’t going to use the reprieve voters gave Republicans in the fall to once again advance big-government goals. On Monday, House Judiciary Committee Chairman Lamar Smith (R-Texas), Homeland Security Committee Chairman Peter King (R-N.Y.) and Crime, Terrorism, and Homeland Security Subcommittee Chairman James Sensenbrenner (R-Wisc.) sent a letter to Department of Homeland Security Secretary Janet Napolitano encouraging her to fully implement our national ID law, the REAL ID Act of 2005.

The deadline for state implementation of the national ID law lapsed nearly three years ago. Half the states in the country have affirmatively barred themselves from implementing REAL ID or they have passed resolutions objecting to the national ID law. But the Department of Homeland Security has repeatedly extended the deadline and reduced the compliance bar to suggest progress on the flagging national ID effort. With another faux implementation deadline looming in May, the DHS is almost certain to issue a blanket extension of the compliance deadline again soon.

Smith, King, and Sensenbrenner don’t want that to happen. They cite the arrest of Khalid Aldawsari in Texas as a reason for “immediate implementation of REAL ID.” 

According to the government’s affidavit, Aldawsari planned to acquire a false birth certificate and multiple false drivers licenses, assumedly to assist in his getaway after executing his formative bombing plans. But if you read the affidavit, you can see just how remote and speculative his use of any false identification is compared to the real acts that go into his plans. You can also see the web of identifiers that law enforcement use to effectively track and surveil their targets, including phone numbers, license plates, physical addresses, immigration records, email addresses, and Internet Protocol addresses. Aldawsari was nowhere near slipping through the net, and having a false driver’s license would have made no difference after a North Carolina chemical supply company reported to the FBI his suspicious attempt to purchase the chemical phenol. Nor would false identification have made a difference had he succeeded in an attack of any significance.

Having a national ID is the fantastical way of addressing the fantastical part of Aldawsari’s alleged plot. Thankfully, the real plot was disrupted using real law enforcement techniques, which include the reporting of suspicious behavior and narrowly targeted, lawful surveillance.

TSA’s Pistole Says ‘Risk-Based,’ Means ‘Privacy Invasive’

There is one thing you can take to the bank from TSA administrator John Pistole’s statement that he wants to shift to “risk-based” screening at airports: it hasn’t been risk-based up to now. That’s a welcome concession because, as I’ve said before, the DHS and its officials routinely mouth risk terminology, but rarely subject themselves to the rigor of actual risk analysis.

What Administrator Pistole envisions is nothing new. It’s the idea of checking the backgrounds of air travelers more deeply, attempting to determine which of them present less of a threat and which prevent more. That opens security holes that the risk-averse TSA is unlikely to actually tolerate, and it has significant privacy and Due Process consequences, including migration toward a national ID system. 

I wrote about one plan for a “trusted traveler”-type system recently. As the details of what Pistole envisions emerge, I’ll look forward to reviewing it.

The DHS Privacy Committee published a document several years ago that can help Pistole with developing an actual risk-based system and with managing its privacy consequences. The Privacy Committee itself exists to review programs like these, but has not been used for this purpose recently despite claims that it has.

If Pistole wants to shift to risk-based screening, he should require a full risk-based study of airport screening and publish it so that the public, commentators, and courts can compare the actual security benefits of the TSA’s policies with their costs in dollars, risk transfer, privacy, and constitutional values.

Shades of Warning: What It Means to Inform

Ben Friedman helpfully supplies more information to go with my positive reaction to the Department of Homeland Security’s decision to scrap color-coded threat warnings.

Our colloquy leaves somewhat open what should replace color-coding. Because most threat warnings are false alarms, and because exhortations to vigilance will tend toward the vagueness of the color-coding system, Ben hopes “DHS winds up being tighter-lipped.”

His points are good ones, but they don’t dissuade me from my belief that DHS should “begin informing the public fully about threats and risks known to the U.S. government.”

The right answer here centers on who is better at digesting threat information—experts in the national security bureaucracy or the public?

There is a great deal of expertise in the U.S. government focused on turning up threat information and digesting it for policymakers. However, that expertise has limits, often manifested as threat inflation, as Ben notes, and as myopia. Daniel Patrick Moynihan’s Secrecy: The American Experience illustrates the latter well (especially the edition with Richard Gid Powers’ fine introduction).

The public consists of hundreds of millions of subject matter experts in every walk of life. They include owners and operators of all our infrastructure, reporters and commentators in the professional and amateur press, academics, state and local law enforcement personnel, information networks, and social networks of all kinds. We have security-interested folk in the hundreds of millions spread out across the land, all in regular communication with each other. We’re a tremendously powerful information processing machine. I believe this public can do a better job of digesting threat information than “experts,” particularly when it comes to terrorism threats, which can—theoretically, at least—manifest themselves pretty much anywhere.

The public constantly digests risk and threat information from other walks of life. We digest information about ordinary crime, health and disease, finance and investment, driving and walking, etc., etc. There is nothing about terrorism that disables the public from making judgments about threat information and incorporating it into daily life. People can figure out what matters and what does not, and they can apply information in the spheres they know.

When I say “fully inform,” I don’t argue for broadcasting every speck of information the U.S. government collects. There are limited domains in which information sharing will reveal sources and methods, undercutting access to future information. Appropriate caveats are part of ”fully” informing, of course. Natural pressure will cause too speculative threats to be winnowed from public release. But even opening a firehose will get people the water they need to drink.

Tight lips sink ships. The presumption should fall in favor of sharing information with the public. After a period of adjustment lasting from months to a year or more, the American information system would incorporate open threat information into daily life, and the country would be more secure. People made confident by the ability to consume and respond to threat information will feel more secure, which is the other half of what security is all about.

Warning Without Color

Jim Harper noted yesterday that the Department of Homeland Security (after lengthy review) has decided to scrap its color-coded alert system. The change is long overdue–the alerts implied, absurdly, that danger was equally distributed across the nation. The fact that the Department never used the blue and green threat levels (general and low risk), which most accurately describe the true danger most Americans face from terrorism, showed the systems’ inherent threat inflation. Eventually, everyone started ignoring the threat level, officials stopped changing it, and system became a charade.

Jim argues that, in place of the colors, the Department should inform “the public fully about threats and risks known to the U.S. government,” treating us like adults with a shared responsibility for protecting ourselves. According to a report from the National Journal’s Chris Storm, DHS agrees, sort of.  Storm links to a DHS document on the new warning policy, which states:

  • DHS will implement a new system that is built on a clear and simple premise: When a threat develops that could impact the public, we will tell you.  We will provide whatever information we can so you know how to protect yourselves, your families, and your communities.
  • The new system reflects the reality that we must always be on alert and be ready.  When we have information about a specific, credible threat, we will issue a formal alert providing as much information as we can.
  • Depending on the nature of the threat, the alert may be limited to a particular audience, like law enforcement, or a segment of the private sector, like shopping malls or hotels.
  • Or, the alert may be issued more broadly to the American people, distributed — through a statement from DHS — by the news media and social media channels.
  • The alerts will be specific to the threat.  They may ask you to take certain actions, or to look for specific suspicious behavior.  And they will have an end date.
  • This new system is built on the common-sense belief that we are all in this together — that we all have a role to play — and it was developed in that same collaborative spirit.

The first bullet point embraces maximum information sharing, but things get hazier after that. In the end, it’s not clear when DHS will warn all of us, warn some of us, or just warn police. Nor do we get much indication about what information warnings will include. Unlike Jim, though, I think that’s fine. Actually, there are a couple reasons why I hope DHS winds up being tighter-lipped.

First, most threat warnings are false alarms. A government that publicized every warning received by intelligence agencies would swamp the public with confusing and frightening information that people would have to learn to ignore. Better to reveal only intelligence that has been vetted.

Second, the theory of providing the public maximum information about danger (often a cover for the CYA imperative to have warned the public if an attack does occur) in practice easily degenerates into vague exhortations to be vigilant, which are almost as bad as the color-coded threat warnings. The difficulty is that the threat information is vague and that authorities worry that revealing too much detail will give away sources. The warning issued to Americans going to Europe last October, is an example, as I discussed here.

Given that such general warnings create false leads, cancelled travel, anxiety, and harassment, they may do more harm than good.  In response to this argument, people point to the vigilant airline passengers who subdued the shoe and underwear bombers or the Times Square vendors who called the cops after Faisal’s Shazhad’s car failed to explode. But, at least since 2001, we hardly need the government to tell us to respond to people lighting their underwear on fire on international flights or cars burnings in Times Square. The theory that increased public vigilance is always a good thing needs testing.