U.S. Effort More Extensive Than Previously Known
By Ellen Nakashima
Washington Post Staff Writer
Saturday, September 22, 2007; A01
The U.S. government is collecting electronic records on the travel habits of millions of Americans who fly, drive or take cruises abroad, retaining data on the persons with whom they travel or plan to stay, the personal items they carry during their journeys, and even the books that travelers have carried, according to documents obtained by a group of civil liberties advocates and statements by government officials.
The personal travel records are meant to be stored for as long as 15 years, as part of the Department of Homeland Security's effort to assess the security threat posed by all travelers entering the country. Officials say the records, which are analyzed by the department's Automated Targeting System, help border officials distinguish potential terrorists from innocent people entering the country.
But new details about the information being retained suggest that the government is monitoring the personal habits of travelers more closely than it has previously acknowledged. The details were learned when a group of activists requested copies of official records on their own travel. Those records included a description of a book on marijuana that one of them carried and small flashlights bearing the symbol of a marijuana leaf.
The Automated Targeting System has been used to screen passengers since the mid-1990s, but the collection of data for it has been greatly expanded and automated since 2002, according to former DHS officials.
Officials yesterday defended the retention of highly personal data on travelers not involved in or linked to any violations of the law. But civil liberties advocates have alleged that the type of information preserved by the department raises alarms about the government's ability to intrude into the lives of ordinary people. The millions of travelers whose records are kept by the government are generally unaware of what their records say, and the government has not created an effective mechanism for reviewing the data and correcting any errors, activists said.
The activists alleged that the data collection effort, as carried out now, violates the Privacy Act, which bars the gathering of data related to Americans' exercise of their First Amendment rights, such as their choice of reading material or persons with whom to associate. They also expressed concern that such personal data could one day be used to impede their right to travel.
"The federal government is trying to build a surveillance society," said John Gilmore, a civil liberties activist in San Francisco whose records were requested by the Identity Project, an ad-hoc group of privacy advocates in California and Alaska. The government, he said, "may be doing it with the best or worst of intentions. . . . But the job of building a surveillance database and populating it with information about us is happening largely without our awareness and without our consent."
Gilmore's file, which he provided to The Washington Post, included a note from a Customs and Border Patrol officer that he carried the marijuana-related book "Drugs and Your Rights." "My first reaction was I kind of expected it," Gilmore said. "My second reaction was, that's illegal."
DHS officials said this week that the government is not interested in passengers' reading habits, that the program is transparent, and that it affords redress for travelers who are inappropriately stymied. "I flatly reject the premise that the department is interested in what travelers are reading," DHS spokesman Russ Knocke said. "We are completely uninterested in the latest Tom Clancy novel that the traveler may be reading."
But, Knocke said, "if there is some indication based upon the behavior or an item in the traveler's possession that leads the inspection officer to conclude there could be a possible violation of the law, it is the front-line officer's duty to further scrutinize the traveler." Once that happens, Knocke said, "it is not uncommon for the officer to document interactions with a traveler that merited additional scrutiny."
He said that he is not familiar with the file that mentions Gilmore's book about drug rights, but that generally "front-line officers have a duty to enforce all laws within our authority, for example, the counter-narcotics mission." Officers making a decision to admit someone at a port of entry have a duty to apply extra scrutiny if there is some indication of a violation of the law, he said.
The retention of information about Gilmore's book was first disclosed this week in Wired News. Details of how the ATS works were disclosed in a Federal Register notice last November. Although the screening has been in effect for more than a decade, data for the system in recent years have been collected by the government from more border points, and also provided by airlines -- under U.S. government mandates -- through direct electronic links that did not previously exist.
The DHS database generally includes "passenger name record" (PNR) information, as well as notes taken during secondary screenings of travelers. PNR data -- often provided to airlines and other companies when reservations are made -- routinely include names, addresses and credit-card information, as well as telephone and e-mail contact details, itineraries, hotel and rental car reservations, and even the type of bed requested in a hotel.
The records the Identity Project obtained confirmed that the government is receiving data directly from commercial reservation systems, such as Galileo and Sabre, but also showed that the data, in some cases, are more detailed than the information to which the airlines have access.
Ann Harrison, the communications director for a technology firm in Silicon Valley who was among those who obtained their personal files and provided them to The Post, said she was taken aback to see that her dossier contained data on her race and on a European flight that did not begin or end in the United States or connect to a U.S.-bound flight.
"It was surprising that they were gathering so much information without my knowledge on my travel activities, and it was distressing to me that this information was being gathered in violation of the law," she said.
James P. Harrison, director of the Identity Project and Ann Harrison's brother, obtained government records that contained another sister's phone number in Tokyo as an emergency contact. "So my sister's phone number ends up being in a government database," he said. "This is a lot more than just saying who you are, your date of birth."
Edward Hasbrouck, a civil liberties activist who was a travel agent for more than 15 years, said that his file contained coding that reflected his plan to fly with another individual. In fact, Hasbrouck wound up not flying with that person, but the record, which can be linked to the other passenger's name, remained in the system. "The Automated Targeting System," Hasbrouck alleged, "is the largest system of government dossiers of individual Americans' personal activities that the government has ever created."
He said that travel records are among the most potentially invasive of records because they can suggest links: They show who a traveler sat next to, where they stayed, when they left. "It's that lifetime log of everywhere you go that can be correlated with other people's movements that's most dangerous," he said. "If you sat next to someone once, that's a coincidence. If you sat next to them twice, that's a relationship."
Stewart Verdery, former first assistant secretary for policy and planning at DHS, said the data collected for ATS should be considered "an investigative tool, just the way we do with law enforcement, who take records of things for future purposes when they need to figure out where people came from, what they were carrying and who they are associated with. That type of information is extremely valuable when you're trying to thread together a plot or you're trying to clean up after an attack."
Homeland Security Secretary Michael Chertoff in August 2006 said that "if we learned anything from Sept. 11, 2001, it is that we need to be better at connecting the dots of terrorist-related information. After Sept. 11, we used credit-card and telephone records to identify those linked with the hijackers. But wouldn't it be better to identify such connections before a hijacker boards a plane?" Chertoff said that comparing PNR data with intelligence on terrorists lets the government "identify unknown threats for additional screening" and helps avoid "inconvenient screening of low-risk travelers."
Knocke, the DHS spokesman, added that the program is not used to determine "guilt by association." He said the DHS has created a program called DHS Trip to provide redress for travelers who faced screening problems at ports of entry.
But DHS Trip does not allow a traveler to challenge an agency decision in court, said David Sobel, senior counsel with the Electronic Frontier Foundation, which has sued the DHS over information concerning the policy underlying the ATS. Because the system is exempted from certain Privacy Act requirements, including the right to "contest the content of the record," a traveler has no ability to correct erroneous information, Sobel said.
Zakariya Reed, a Toledo firefighter, said in an interview that he has been detained at least seven times at the Michigan border since fall 2006. Twice, he said, he was questioned by border officials about "politically charged" opinion pieces he had published in his local newspaper. The essays were critical of U.S. policy in the Middle East, he said. Once, during a secondary interview, he said, "they had them printed out on the table in front of me."
Defense and Homeland Security: $730 billion