PATRIOT Powers: Roving Wiretaps
Last week, I wrote a piece for Reason in which I took a close look at the USA PATRIOT Act’s “lone wolf” provision—set to expire at the end of the year, though almost certain to be renewed—and argued that it should be allowed to lapse. Originally, I’d planned to survey the whole array of authorities that are either sunsetting or candidates for reform, but ultimately decided it made more sense to give a thorough treatment to one than trying to squeeze an inevitably shallow gloss on four or five complex areas of law into the same space. But the Internets are infinite, so I’ve decided I’d turn the Reason piece into Part I of a continuing series on PATRIOT powers. In this edition: Section 206, roving wiretap authority.
The idea behind a roving wiretap should be familiar if you’ve ever watched The Wire, where dealers used disposable “burner” cell phones to evade police eavesdropping. A roving wiretap is used when a target is thought to be employing such measures to frustrate investigators, and allows the eavesdropper to quickly begin listening on whatever new phone line or Internet account his quarry may be using, without having to go back to a judge for a new warrant every time. Such authority has long existed for criminal investigations—that’s “Title III” wiretaps if you want to sound clever at cocktail parties—and pretty much everyone, including the staunchest civil liberties advocates, seems to agree that it also ought to be available for terror investigations under the Foreign Intelligence Surveillance Act. So what’s the problem here?
Filed under: Foreign Policy and National Security; Law and Civil Liberties
Fun With DHS Press Releases!
Let’s fisk a DHS press release! It’s the “Statement by DHS Press Secretary Sara Kuban on Markup of the Pass ID Bill by the Senate Homeland Security and Government Affairs Committee.” Here goes:
On the same day that Secretary Napolitano highlighted the Department’s efforts to combat terrorism and keep our country safe during a speech in New York City,
This part is true: Secretary Napolitano was in New York speaking about terrorism.
Congress took a major step forward on the PASS ID secure identification legislation.
There was a markup of PASS ID in the Homeland Security and Governmental Affairs Committee. It’s a step — not sure how major.
PASS ID is critical national security legislation
People who have studied identity-based security know that knowing people’s identities doesn’t secure against serious threats, so this is exaggeration.
that will break a long-standing stalemate with state governments
Thirteen states have barred themselves by law from implementing REAL ID, the national ID law. DHS hopes that changing the name and offering them money will change their minds.
that has prevented the implementation of a critical 9/11 recommendation to establish national standards for driver’s licenses.
The 9/11 Commission devoted three-quarters of a page to identity security — out of 400+ substantive pages. That’s more of a throwaway recommendation or afterthought. False identification wasn’t a modus operandi in the 9/11 attacks, and the 9/11 Commission didn’t explain how identity would defeat future attacks. (Also, using “critical” twice in the same sentence is a stylistic no-no.)
As the 9/11 Commission report noted, fraudulent identification documents are dangerous weapons for terrorists,
No, it said “travel documents are as important as weapons.” It was talking about passports and visas, not drivers’ licenses. Oh — and it was exaggerating.
but progress has stalled towards securing identification documents under the top-down, proscriptive approach of the REAL ID Act
True, rather than following top-down prescription, states have set their own policies to increase driver’s license security. It’s not necessarily needed, but if they want to they can, and they don’t need federal conscription of their DMVs to do it.
– an approach that has led thirteen states to enact legislation prohibiting compliance with the Act.
“. . . which is why we’re trying to get it passed again with a different name!”
Rather than a continuing stalemate with the states,
Non-compliant states stared Secretary Chertoff down when he threatened to disrupt their residents’ air travel, and they can do the same to Secretary Napolitano.
PASS ID provides crucial security gains now by establishing common security standards for driver’s licenses
Weak security gains, possibly in five years. In computer science — to which identification and credentialing is akin — monoculture is regarded as a source of vulnerability.
and a path forward for ensuring that states can electronically verify source documents, including birth certificates.
We’re on the way to that cradle-to-grave biometric tracking system that will give government so much power over every single citizen and resident.
See? That was fun!
Filed under: Law and Civil Liberties; Telecom, Internet & Information Policy
Assessing the Claim that CDT Opposes a National ID
It was good of Ari Schwartz to respond last week to my recent post querying whether the Center for Democracy and Technology outright opposes a national ID or simply “does not support” one.
Ari says CDT does oppose a national ID, and I believe that he honestly believes that. But it’s worth taking a look at whether the group’s actions are consistent with opposition to a national ID. I believe CDT’s actions — most recently its support of the PASS ID Act — support the creation of a national ID.
(The title of his post and some of his commentary suggest I have engaged in rhetorical excess and mischaracterized his views. Please do judge for yourself whether I’m being shrill or unfair, which is not my intention.)
First I want to address an unusual claim of Ari’s — that we already have a national ID system. If that is true, his support for PASS ID is more sensible because it is an opportunity to inject federal privacy protections into the existing system (putting aside whether it is a federal responsibility to manage a state system or systems).
Filed under: Law and Civil Liberties; Telecom, Internet & Information Policy
Review of the Big REAL ID Hearing
The Senate Homeland Security and Governmental Affairs Committee held a hearing yesterday on the REAL ID Act and the REAL ID revival bill, known as PASS ID. I attended and want to share with you some highlights.
Good News!
Little good came from the hearing, as it was primarily focused on how to get the states and people to accept a national ID. But there is some good news.
First, Department of Homeland Security Secretary Janet Napolitano declared REAL ID dead (much as I did in my testimony two-plus years ago). “DOA” is how she referred to it.
She also said that no state will be in compliance with REAL ID by the current December 31, 2009 deadline. This is important because a lot of people think that states doing anything about the security of drivers’ licenses and ID cards are complying with REAL ID.
Another highlight was the commentary of Senator Roland Burris (D-IL). He is a beleaguered outsider to the Senate and evidently wasn’t coached on the talking points around REAL ID and PASS ID. So he flat out asked why we shouldn’t just have “a national ID.”
Senator Susan Collins’ (R-ME) nervous smile was particularly noticeable when Burris asked why the emperor had no clothes. No one was supposed to talk about national IDs at this hearing! But that’s what PASS ID is.
REAL ID and PASS ID are two versions of the same national ID system, and nobody is denying it. That’s good news because the effort to rebrand REAL ID through PASS ID has failed.
Does the PASS ID Act Protect Privacy?
I’ve written about PASS ID here a couple of times before – first on whether or not it’s a national ID and, second, on the politics of this REAL ID revival bill. Now I’ll take a look at whether it fixes the privacy issues with REAL ID. Privacy is complicated. Buckle up.
The day the bill was introduced, the Center for Democracy and Technology issued a press release giving it a privacy stamp of approval.
“The PASS ID Act addresses most of the major privacy and security concerns with REAL ID,” said Ari Schwartz, Vice-President of CDT. The release cited four ways that PASS ID was an improvement over the bill it’s modeled on, REAL ID.
Interstate Data Sharing?
First, CDT said, PASS ID “[r]emoves the requirement that states ‘provide electronic access’ allowing every other state to search their motor vehicles records.” It’s technically true: The language from REAL ID directly requiring states to share information among themselves came out of PASS ID. But the requirements of the law will cause that information sharing to happen all the same.
Like REAL ID did, PASS ID would require states to confirm that “a person submitting an application for a driver’s license or identification card is terminating or has terminated any driver’s license or identification card” issued by another state.
How do you do that? You check the driver license databases of every other state. Maybe you do this by directly accessing other states’ databases; maybe you do this indirectly, through a “pointer system” or “hub.” But to confirm that you’re talking about the right person, you don’t just compare names. You compare names, addresses, pictures, and other biometrics.
Questions for Heritage: REAL ID
The Heritage Foundation’s “The Foundry” blog has a post up called “Questions for Secretary Napolitano: Real ID.”
Honest advocates on two sides of an issue can come to almost perfectly opposite views, and this provides an example, because I find the post confused, wrong, or misleading in nearly every respect.
Let’s give it a brief fisking. Below, the language from the post is in italics, and my comments are in roman text:
Filed under: Telecom, Internet & Information Policy; Trade and Immigration
Evo Morales’ Biometric Identity System
It was with interest and concern that I read about the new election law recently signed by Bolivian President Evo Morales. The AP reports that it “sets stricter standards for voter authentication, introducing a $30 million system of biometric identification, based on voters’ fingerprints.”
It is important to secure voting systems against fraud, but be careful how you do it. Identity systems are powerful administrative tools which historically haven’t mixed well with authoritarian governments.
A biometric voter identification system was apparently a demand of Morales’ right-wing opposition. Don’t be surprised if he uses it to consolidate power or do far worse than that to his political rivals.
Some advocates have dabbled in supporting a national ID in the United States for election administration, but that would be error. I wrote about the many risks of uniform identity systems in my book Identity Crisis: How Identification is Overused and Misunderstood.
Cato on Facebook
Cato on Twitter
Cato on YouTube
Cato Tweets