The US government maintains a “No Fly List” and airlines are required to check passengers against it before allowing them to fly. They maintain other lists that trigger increased security screening and potentially harassment.
The lists are pre-crime profiling. Not even based on science. And it’s also done very very poorly. People get on the list by mistake, because they’re related to someone who is on it (or just have a similar name), or because they visited the wrong country in the wrong year. .
These are secret lists that people haven’t been entitled to know they are on, how they got on, or to confront the evidence relied upon to put them on it. Legally there is very little recourse, and when challenged the government claims ‘state secrets.’
What we actually need are robust due process protections for inclusion on government lists of US citizens. People wind up on the list arbitrarily, by mistake, and without real evidence.
The ‘No Fly List’ works like this:
- Formal responsibility for the list rests with the TSA and under 49 U.S.C. § 46110 inclusion is only reviewable by circuit courts in which judges are required to defer to the TSA’s judgment about all alleged facts and are permitted only to review the administrative record created by and provided to them by the TSA itself.
- Until 2015 the TSA wouldn’t even tell people whether they were on the list (making it difficult to sue to get off the list when you can’t prove you’re on it). The TSA does not tell people why they are on the list.
- Decisions to put someone on the no fly list are based on predictive pre-crime profiling rather than actual evidence about the individual’s actions or intentions. This is a huge leap in our justice system.
- Unlike in Minority Report there’s not even a clear scientific basis upon which people’s intentions and actions are being predicted.
- You can get on the list just by being related to someone (guilt by association) suspected of terrorist involvement. Or just traveling to the wrong country at the wrong time. An army veteran and civilian military contractor was placed on the list for having visited Yemen in 2009. Or because someone at the FBI checked the wrong box on a form by mistake, or failed to check a box by mistake or in retaliation for refusing to become an FBI informant. We don’t even know much more about what goes into these determinations because the government has claimed their secret sauce is a ‘state secret’.
This list isn’t only used by the government, and it isn’t secure. In fact the U.S. distributes the list to over 1400 private organizations and shares it with other governments. It’s used for purposes beyond national security.
It appears that federal government lawyers have perjured themselves claiming that the list was not shared. It’s even given to “police forces at private universities, hospital security staff” and it’s not clear what, if any, restrictions there are on how the information is used. Meanwhile the government “adds hundreds of thousands of names to the list every year.”
There are now nearly two million names on terrorism watch lists and the entire list was leaked online via a Bahrain server. Not sure how I missed this a few weeks ago, but thanks to commenter jamesb2147 for flagging. With Europeans included on the list, surely the E.U. should fine the U.S. government under GDPR?
“The exposed Elasticsearch cluster contained 1.9 million records,” Diachenko said. “I do not know how much of the full TSC Watchlist it stored, but it seems plausible that the entire list was exposed.”
Information exposed in the leak included data points such as:
TSC watchlist ID
Date of birth
Country of issuance
More passport numbers were leaked online by the government than by Marriott, even.