Magazine Article	Articles Archive

Sex and travel are bedfellows. From birds and bees to people, sex seeks the exotic, wants to mix and mingle, isn't content just to make do with what's right at hand. For its part, travel keens sex's edge. As if recoiling from incest with the familiar, travel feeds desire's lust for novelty. The great collective migrations -- out of Africa, to the New World, across the steppes -- as well as countless unsung individual journeys -- have had more to do with sexual adventure than official histories let on. One sign is how sexually repressive regimes inevitably produce diasporas. For erotic outlaws, travel has always been a way to find yourself -- or escape with your life.

L

View our poll archive

ike a jealous lover, Western powers post-9/11 are wary of their subjects' potential to escape. Or even just to stray -- either sexually or by wandering the world at will.

The land-grab of state power that followed 9/11 -- including routine taps on phone calls and the internet and warrantless searches -- covers not just terrorism but victimless crimes of sex and drugs; indeed, any activity of which the state disapproves.

Travel can still set us free, but the bitter irony is that transport is becoming a foundation of global surveillance. Sometimes it's obvious, as when visitors to the U.S., or foreigners merely changing planes here for other countries, find themselves photographed and fingerprinted -- now all ten fingers. More often there's no visible sign, as when vast private and government databases are compiled, linked, and mined.

From the standpoint of Big Brother the logic is clear. A child shakes a box to find out what's inside, or a spectrograph tunes in to the jiggles of atoms in distant stars for the same reason: objects in motion reveal secrets. The principle extends to people. Where you go with whom and who you meet offers an x-ray of who you are and what you do.

"I'd rather someone have my credit card records than the records of all my travels," asserts Edward Hasbrouck, author of Practical Nomad and an expert on travel privacy issues (see his blog at Hasbrouck.org).

Travel's basic routines -- obtaining a passport, making reservations for flights or hotels, crossing borders -- increasingly serve as criminal checkpoints.

Outwardly, of course, these rituals of late keep changing. Getting on an plane now involves -- essentially as security catechism -- taking off shoes and putting shampoo in three-ounce bottles. Soon backscatter x-ray machines will treat bored airport security guards to an endless parade of ghostly passenger nudes.

But inwardly travel's routines have transformed even more. Checking in for a flight is now like going to confession, with Homeland Security in lieu of a priest. Every trip becomes an examination of the citizen's standing, an opportunity for the state to measure you against your dossier while adding to it news of your latest global positioning.

You and your dossier are joined at the head. Or other places. The index to your file is likely to be a biometric scan of your face -- required starting in 2004 for new European passports, and encoded on a radio chip in new U.S. ones. Or maybe your official essence boils down to the (perhaps) unique digital hash of your fingerprints (as of this year, required for European passports as well, and proposed for a forthcoming U.S. passport card). In the future, scans of irises and hands are likely to be common. By 20th-century standards, only suspected criminals got subjected to mug shots and fingerprinting. Today's surveillance state suspects all.

Fed by databases of commercial and government records, it's that personal dossier -- rather than any ideals of freedom or citizenship, or any presumption of innocence -- that increasingly determines a person's fate: whether and how you will be searched, how your communications will be tapped and archived, what laws will be invoked against you, or whether you will be deemed a nonperson utterly beyond law's reach.

"Anonymity is your friend," contends Jim Harrison, a Sacramento attorney who fought successfully before the U.S. Ninth Circuit for the right to fly without showing identification. "The creation of national ID cards has not in history generally been a good for socially outlying groups," he tells The Guide.

It's not that being gay per se makes it likelier that someone will end up on a no-fly list, get seized by the FBI, and "rendered" to Syria for torture. (Owing to bad intelligence memorialized on a terrorist watchlist, that's what happened in 2002 to Canadian citizen Maher Arar after he changed planes in New York on a trip from Zurich to Montreal.)

But being adventuresome in pursuit of pleasure and connection means gay people are likelier to have a public-sex rap on their record, or SM paraphenalia in their suitcase, or have sex stories set in high-school locker rooms in their browser history. As well, we are likelier to have drug experience, or far-flung friends and lovers of suspect nationalities, or be HIV positive -- all attributes that can interest border police very much.

Systems of surveillance are piling on and settling into each other almost imperceptibly -- snowfalls to glaciers. Punctuating that icy build-up are avalanches that in a instant transform a familiar landscape.

When it comes to freedom to travel, lately the ground's been rumbling and shifting. Here are some key developments.

Am I being detained?

On August 9, Department of Homeland Security (DHS) chief Michael Chertoff announced a reform of the no-fly list, currently administered by airlines, with a scheme in which DHS would individually approve or reject -- for all passengers on every flight -- each person seeking to travel. Both U.S. citizens and foreign nationals would be subject to the vetting, and the same rules would cover both domestic flights and international ones originating or ending in the U.S.

"In essence, we're all on the no-fly list," Hasbrouck tells The Guide, "unless they choose -- according to secret procedures and secret information -- that we're allowed to fly."

The new rules fall under programs monikered "Secure Flight" for domestic travel and, for international flights, APIS (Advanced Passenger Information System). These are bastard offspring of government surveillance programs so vast and intrusive that they sparked enough popular opposition to get killed in Congress. Or at least to get digested, recycled, and renamed. "Total Information Awareness," "MATRIX," and "CAPPS 2" were characterized by their promiscuous intermingling of government and private databases in ways that would lead to everyone in, or in contact with, the U.S. getting profiled. This became such a political sore point that Congress's 2007 Homeland Security appropriations bill barred the agency from using its funding, past or present, "to develop or test algorithms assigning risk to passengers whose names are not on government watchlists."

But the no-fly list -- of persons by definition targeted -- continues, despite ongoing and very public problems.

"Imagine a list of suspected terrorists so dangerous that we can't ever let them fly, yet so innocent that we can't arrest them -- even under the draconian provisions of the Patriot Act." That's how security critic Bruce Schneier has described the no-fly list, a secret roster issued by DHS to airlines, which are obligated to block passengers at airport check-in when names match. The list ran to 44,000 names and 540 pages, CBS news reported last October, before it got scrubbed and reduced perhaps by half. Massachusetts Senator Ted Kennedy, a Marine named Daniel Brown returning from duty in Iraq, and dozens of people named "Robert Johnson" were among those famously blocked from flying. But missing from the blacklist were the names of the 11 British subjects involved in last summer's reported plot to blow up transatlantic airplanes with liquid bombs, despite being under suspicion for more than a year. Schneier notes that any would-be terrorist on the list could evade exposure through measures as simple as printing a phony boarding pass from a computer.

The new system promises to make the whole process even more obscure -- except to Homeland Security. By examining every flight of every passenger, DHS puts travel on a permission-slip-only basis. With its new powers, the DHS is poised to build a permanent database of every person's air travels to, from, or within the U.S.

Shoot before thinking

If "Secure Flight" seems like it's hanging an iron curtain around Homeland airspace, at least Americans can freely leave by land or sea, right? That's changing, too.

Last November, the DHS revealed the existence of the thuggishly-named "Automated Targeting System," a vast data-mining program that aggregates information from U.S. crime and Treasury databases, adds information derived from private sources, and then correlates findings with automobile and identity records, all in the seconds after an individual shows up at the border. The result is the conjured-on-the-fly risk scores explicitly banned by Congress. Customs agents use the computer-generated don't-call-them-risk-scores to help decide -- coming and going -- who to stop, search, and detain.

Originally designed for assessing cargo for contraband, ATS was quietly extended by Homeland Security -- nervous about Congress's injunction over algorithmizing the unwatchlisted -- to cover people.

Under the 1974 Privacy Act, it is generally possible to petition the government to find out what information they have on file about you. Hasbrouck says that the latest proposed rules for ATS have "a really bizarre twist" in that area: they limit government disclosure to information contained in your travel reservation, but keep completely hidden from you any derogatory information about you that comes from private third parties. "It provides a centralized mechanism for private corporate blacklists," Hasbrouck says, and exemplifies how the U.S. frees its hand in matters of surveillance (as well as war-making and incarceration) by outsourcing dirty jobs to the private sector.

The "targeting system" isn't just for customs officers. "While personal information contained in the ATS will not be accessible to the affected individuals," notes the Electronic Frontier Foundation, "it will be made readily available to an untold numbers of federal, state, local and foreign agencies, as well as a wide variety of 'third parties,' including 'contractors, grantees, experts, consultants, students, and others.' The 'risk assessments' created by the system and assigned to tens of millions of law-abiding individuals will be retained by the government for 40 years."

Welcome to U.S. Crimmigration

Spreading sensitive personal data far and wide also characterizes "U.S.-VISIT," whose leaden full name runs "U.S. Visitor and Immigrant Status Indicator Technology."

Since January 2004, DHS has been rolling out the welcome mat for foreign visitors (although so far, most Canadians are exempt) by taking mug shots and scanning index fingers, with the prints run instantly against various criminal watchlists. Now the biometric bear-hug has grown even snugger: increasingly, all ten fingers are captured (though visitors under 14 and over 79 remain exempt). DHS says the $228 million upgrade of the print scanners will be completed by the end of next year, by which time the entire program will have burned through some $2 billion. Ten-finger prints are also now required simply for applying for a visa to come to the U.S.

The indignity of U.S.-VISIT prompted Brazil to return the favor, and start fingerprinting and photographing arriving Americans. But in Congress, U.S.-VISIT has taken heat for not being extensive enough: in particular, for failing to take prints and photos of visitors again when they leave. Homeland Security has started doing just that, and expects to include all air- and seaports by the end of 2008. Biometric scans of people exiting the U.S. at land crossings is planned next.

Homeland Security has not been stinting in spreading the petabytes of data it's accumulated on nearly 100 million visitors and some 20 million foreign visa applicants. Police all over the U.S. have access to the databases, which are being interlinked to provide, the DHS says, "a complete view of a person's criminal and immigration history."

At a June press briefing in Brussels, U.S.-VISIT deputy director P.T. Wright described to journalists (many of whom would be subject to them) the rationale behind the expanded fingerprinting.

"One of the reasons why we're moving to ten-print," said Wright, "is to have a universal standard so there can be greater sharing between the nations of the world with fingerprints."

DHS is facilitating this warm generosity in part by means of leaky computers. In report issued in July, the GAO (Congress's auditing arm) said U.S.-VISIT's poorly patched networks "make it possible for intruders, as well as government and contractor employees, to bypass or disable computer access controls and undertake a wide variety of inappropriate or malicious acts" -- such as data thefts and manipulation of passport, visa, Social Security, face scan, and fingerprint records.

One sign of the problems came last August 18, 2006, when U.S.-VISIT's biometric scanning network crashed -- causing delays at airports around the U.S. It appears that the system's underlying Windows 2000 servers caught indigestion from the Zotob internet worm, then spreading worldwide: "an ominous migration," Kevin Poulsen wrote in Wired, "that demonstrates that computers used in protecting U.S. borders are accessible, via some path, from the public internet."

Papers before people

As people treat others, they often come to treat their own kind. It's not just "aliens" who face scanning at the border. The imposition of de facto Soviet-style "exit visas" on Americans is an element in the new requirements that those leaving the U.S. for trips to immediately surrounding nations have passports. Under Homeland Security's "Western Hemisphere Travel Initiative," U.S. citizens have been required as of January 23, 2007, to show a passport for travel by air to or from the U.S. and Canada, Mexico, or the Caribbean. As of that date, air travelers from Canada, as well, have needed passports to enter the U.S.

These requirements are soon to extend to land and sea journeys. As early as January 31, 2008 -- though now the DHS says probably not until next summer -- passports will be demanded of all travelers over land or by boat to or from Canada, Mexico, and the Caribbean. (Citizens of Canada and the U.S. may, in lieu of passports, obtain a "trusted traveler card" to visit each other's countries.)

As North Americans increasingly realize they effectively can't leave home without a passport, they've been applying in droves to get one. In June, there were three million pending applications, and the average wait was 10 to 12 weeks, up to three times the usual. The date for requiring the documents for land and water journeys has been put off, said the DHS in June, owing "record-breaking demand." Acknowledging the problems, the DHS is allowing, through September 30, proof of a pending passport application to be used by U.S. citizens traveling by air to Canada, Mexico, and the Caribbean.

Citizens, chip'tizens

The delay isn't just over the numbers applying. It reflects the transition from a paper document to passports with embedded electronics, the better for tracking people's identity and movements worldwide.

Under rules issued by the Montreal-based International Civil Aviation Organization (ICAO), a U.N. agency, member states by 2010 must stop issuing passports that machines can't read. But that dictum simply requires passports with machine-scanable text, like that appearing on the bottom of bank checks. The U.S. and the EU have plumped for something grander: passports with radio-emitting RFID chips -- never mind huge technical and privacy concerns that risk citizens' basic security.

Since last fall, the back covers of U.S. passports have been embedded with 64k antenna-bearing RFID radio chips that contain "five-and-a-half times the amount of data the Apollo 11 computer needed to put a man on the moon," as Bill Scannell notes on the site Rfidkills.com. (You can tell a chipped passport by the above logo on the front.)

It's not the chip's data -- which duplicates that printed in the passport -- that's so worrisome, but the way the radio tag reveals what it knows when pinged by a reader.

"Think of an RFID chip as an electronic version of the children's game Marco Polo," Scannell writes. "When the RFID reader broadcasts 'Marco,' the RFID chip replies 'Polo'" -- with "Polo" being all your personal information, a JPEG of your face shot, and, in a subsequent version, perhaps your fingerprints, iris scans, and travel history, too.

The data is not encrypted, but the tag contains a cryptographic key that must be synced with that of an authorized reader before it will sing. As well, the chip is encased in an "anti-skimming" wire mesh that in theory prevents its getting pinged unless the passport is open.

Theory met hackers at "Panopticon," the 2005 conference on Computers, Freedom, and Privacy in Seattle. U.S. State Department official Frank Moss was there and contended the chipped passports could be read only from a distance of four inches or less. But Barry Steinhardt, director or the ACLU's Technology and Liberty project, demonstrated on-stage a gerry-rigged reader that could ping the chip from up to 18 inches, and under more optimized conditions, twice that. High-powered RFID readers work from up to 160 feet, and in ten years' time -- the life of a new U.S. passport -- the range is likely to improve. In any case, the chip's shielding fails if the passport is cracked open while, say, carried in a bag or if the cover is bent -- or whenever the passport is opened for inspection, as it must be at airports, immigration, banks, and hotels around the world.

Lukas Grunwald, a security expert who has consulted for the German government, showed last year that he could clone the U.S. passport's RFID chips, thereby impersonating its radio signature. The hack would fail if a human inspected the paper document. But some countries, such as Australia, are exploring automating immigration screenings; anyway, the whole point of RFID is doing ID checks by machine. If a chipless U.S. passport is already impossible to forge, as the U.S. contends, then why's the radio tag needed? Especially given tagging's pitfalls: Grunwald and colleagues shot a video demonstrating how someone walking by with a particular-flavor RFID tag in their pocket could set off a bomb placed in a nearby trash can.

"If you wish to put your passport in the microwave, you will still have a valid travel document that we will recognize," the State Department's Moss declared to critics at Panopticon. Indeed, the State Department website assures holders of the radio passports that "If the chip fails, the passport remains a valid travel document until its expiration date." But any deliberate attempt at fostering a failure could count as "mutilation," which violates federal law and risks 10 years in prison. A blogger on Wired.com suggested instead careful hammer blows to the back cover of the passport, lest microwaving cause visible scorching were the chip to flame.

Fortunately, RFID radio signals can be blocked an easier way. "Americans in the know," says the ACLU's Steinhardt, "will be wrapping their passports in aluminum foil."

That's maybe good enough for now, but already the ICAO has plans for expanding the use of radio tags to track travelers' movements -- a "feature" already built into Malaysian passports, whose RFID chips record the last ten ports of entry and exit. A bad idea, Hasbrouck contends: "Many people have occasion to travel to countries whose governments they wouldn't trust with their entire life history."

KGB, STASI, SAVAK...

Compiling life histories is an effect -- and a purpose -- of the agreement on "Passenger Name Records" (PNR) announced on June 28 between U.S. Homeland Security and the European Union. The agreement covers the -- surprisingly revealing -- data that end up in airline reservations, and lays out the terms for giving DHS rights to information on the sexuality -- as well as health, politics, religion, and union membership -- of anyone flying from the EU to the U.S.

"PNRs show where you went who went, when, with whom, for how long, and at whose expense," notes Hasbrouck. "Behind the closed doors of your hotel room, with a particular other person, they show whether you asked for one bed or two." An airline's customer profile, which feeds into the PNR, might include the credit card you regularly use, alternative addresses and phone numbers, and emergency contacts. An airline discount code could show that you attended a circuit party or a convention of gay doctors, and -- in aggregate -- can reveal an organization's membership and structure. Service codes indicating medical status could suggest you have HIV -- which in most cases still means an automatic ban from visiting the U.S.

DHS has received such information from U.S.-bound travelers since an agreement signed with the EU executive in May 2004. That agreement -- like this new one -- ran roughshod over the nice-on-paper privacy protections enshrined in European law. Under EU privacy regulations, airline records should be effectively deleted within 72 hours, and kept on back file three years only for billing purposes. As well, the law bans transfer of "sensitive" data, such as on sex-life and religion. For its part, the U.S. demanded to keep travel records for 50 years, but settled on three-and-a-half, with no restrictions on sharing.

The blatant illegality under EU law of 2004 pact caught the notice the European Parliament, which appealed to the European Court of Justice. In May 2006, the court struck down the agreement, and set a deadline of the end of this past July to draft a new one. In the meantime, the private passenger data kept flowing. The U.S. threatened to prevent airplanes from landing were it not forked over, even while carriers apparently violated European law when they did.

The new deal fixes some fig leaves over privacy concerns. Homeland Security, when it receives "sensitive" data on a passenger (for instance on sexuality, health, or religion) promises to employ automatic systems to filter it out, even while nothing's ever thrown away. The agreement stipulates such sensitive information can only be used when someone's life is "imperiled" or "seriously impaired."

But maybe more telling is a section from the cover letter signed by DHS secretary Chertoff and German interior minister Wolfgang Schauble: "The EU will not interfere with relationships between the U.S. and third countries for the exchange of passenger information on data-protection grounds."

EU privacy advocates plan to fight the new agreement. But with most international airline reservation systems located in the U.S., Homeland Security can simply tap the network, or by means of a "national security letter," secretly demand any information on any passenger in the system -- even people on flights wholly outside the U.S. Such data can then be used for any purposes DHS desires, and kept for any duration.

Mission creep is the key problem to flight data surveillance, contends Jim Dempsey of the Center for Democracy and Technology in Washington.

"After the plane lands safely and passenger are cleared into the U.S., the purpose has been served and the data should be purged," Dempsey tells The Guide. "But the government has insisted on holding data for other purposes, including the investigation of non-terrorist crimes. It's another example of the way the government is compiling data on citizens engaged in lawful conduct."

Leaving people alone

Freedom to wander is fundamental. "Everyone has the right to leave any country, including his own, and to return to his country," declares the Universal Declaration of Human Rights. But increasingly, people's movements are seen as a sort of operating system upon which run the imaging software, the databanks, the mining operations, and all the other programs of the surveillance state.

Perhaps it would all be different if Al-Qaeda had instead attacked the Super Bowl with packs of bomb-bearing dogs. But as a result of 9/11, surveillance of flying has become a gaping drain down which rights and privacy disappear.

"The government is trying to make a claim that somehow air travel transcends any consideration inside of law," Hasbrouck contends. The speed and mass scale of air travel has been allowed to translate into an imperative for the continuous, real-time IDing of dangerous people. "But anyone who's lived in a society where the government maintains dossiers on all the citizens know that, whatever reasons the files were collected, that's not how they end up being used," he notes.

Speaking in Montreal last fall, Jean-Michel Louboutin -- Interpol's second-in-command -- told of his dream: a world where any front-line policeman anywhere on the planet could retrieve the lifetime travel history of a person he stopped as readily as police in the West today can call up an individual's criminal record on the computer in their squad car.

Louboutin's vision is bound to get even more high-res as time goes on. For it's not just "travel" in the macro-sense that's tracked more and more, but movements on the scale of seconds and meters -- where you drive with your E-Z Pass toll transpon_der, where you walk with your Blackberry.

To love someone is to know them and to want to know them more -- at an ever finer scale. The state minds us ever more intimately, gazes ever more accurately into our eyes, and so "loves" us all the time more, counting the ways on not just two fingers but all ten. An imperative to protect us -- and "protection" is now the major political imperative in the West -- naturally flows from that love. A love which, in turn, feeds nicely back into the state's hunger to get to know all of us, for safety's sake, always a little better.

At the same International Civil Aviation Organization meeting where Interpol's Louboutin told of his dream, speaker after speaker, Hasbrouck writes, "referred to a need to 'balance' security and the facilitation of travel, as though there were something incompatible about fascism and making the planes run on time."

The reigning metaphor of this "security" mind-set is the watchlist of suspected persons. Separating the suspected from the innocent demands ever more scrutiny to the hidden aspects of identity. The pay-off is in the surprise correlations that are revealed by data-mining every aspect of everyone's transactions with the world.

But besides being a truly sick form of love, the obsessive attention to identity is a security dead-end. The fundamental goal is not getting rid of bad people -- since anyone can be bad sometimes -- but in having good systems. That means, perhaps, lots of well-armed police observing people at airports, really good explosive sniffers, cockpits with doors that simply don't open to the cabin, and universal reduction in nuclear stockpiles. Measures such as these build real security.

By contrast, monitoring everyone all the time is like building the Tower of Babel, especially if the effort is seen as conferring the ability to risk-score people's souls.

A regime focused on ID actually gives would-be malefactors a vital leg up -- documents and dossiers can be tested on dry runs through a system reliant on ID checks for particular bad guys.

An obsession with ID satisfies the need of repressive states for enemies, but it does nothing to make us safer in the air. A society that's focused on the practicalities of reducing risk of calamity, that's not distracted by a fetish for identifying and eliminating "bad people," would gain respect and have fewer enemies. We'd all be freer to come and go.

______

See also:

Flying Air Anonymous
Can travelers leave the burden of identity on the ground?

Border Security at the Peace Bridge
Are your papers in order?

Stamp your Own Passport
Securing your right to travel in an age of snooping

Author Profile:  Bill Andriette
Bill Andriette is features editor of The Guide
Email:	theguide@guidemag.com