EU follows USA on surveillance of travellers

In a "race to the bottom" on protection of the right to travel and of travellers' privacy, the European Union is following the lead of the USA in mandating the construction -- in part through the use and conversion of existing travel industry systems -- of a comprehensive infrastructure of surveillance of travellers.

The recent adoption of these measures compelling collection and provision to governments of Advanced Passenger Information (API) data, and inclusion of digitized fingerprints and other biometric data on passports and in passport databases, fulfill the stated Strategic Goal of the USA Department of State for fiscal year 2005:

• "Opinions by the public and political leadership in Europe and Eurasia soften on USG [U.S. Government] use of PNR."
  
  
• "Ensure access to PNR data for border and passenger screening on a global basis."

Statewatch has details on the background to the directive that went into effect 5 September 2004, requiring airlines operating international flights arriving in EU member countries to collect specified Advance Passenger Information (API) data -- a more narrowly and precisely defined data set than complete Passenger Name Records (PNR's), although API data typically included some data that would not otherwise be included in PNR's -- and provide it to the government of the destination country before the flight arrives.

And this week the EU Council of Ministers voted to a approve a proposal (which will now be re-submitted to the European Parliament for its "consultation" with the Council) to require a digitized fingerprint image on all new EU passports and in a central passport database. Statewatch has more details on the background to the current Council proposal.

The Council proposal would copy current USA law in requiring that the biometrics be encoded on the passport in a format consistent with ICAO Document 9303. If, as is expected, ICAO formalizes its blueprint for biometric/RFID passports as an amendment to Document 9303, this will mean that all EU passports will be required, like future USA passports , to include a secretly and remotely readable unencrypted RFID chip.

Pelosi begs my question on the draft

Tonight's live national call-in simulcast on Link-TV and Pacifica Radio, FAQs: The Politics of the Draft , seems to have been intended much more as a forum for Democratic Party electioneering than as a way to elicit actual answers to any of the Frequently-Asked Questions about the draft .

But it did give me a chance to ask the House Minority Leader, who is also the person who claims to represent my district in Congress, why she, Senator Kerry, and the other Democrats haven't actually done anything to put their purported oppostion to the draft into effect.

Here's the exchange, in full, beginning at 8:45 of the audio/video stream (MS-Windows Media):

Peter Laufer [moderator]: Now we can say hello to Edward. Edward is in San Francisco, which is appropriate for our first call. Welcome to the program, and say hello to Congresswoman Pelosi.

Edward Hasbrouck: Hello, Representative Pelosi.

Nancy Pelosi [U.S Representative from San Francisco, and House Minority Leader]: Good evening, Edward.

Edward Hasbrouck: Hi. I was one of the 20 nonregistrants who were picked out [for prosecution] as draft resistance organizers in the early 1980's. I spent 6 months in a Federal prison camp for refusing to agree to fight on the side of the people who would become the Taliban and Al Qaeda, who were the people we were then backing in Afghanistan. And it seems to me that the current debate about the draft has been oddly detached from the reality of ongoing draft registration , which President Bush could end with the stroke of a pen, which Senator Kerry could have introduced legislation to end, or could have pledged to issue a proclamation ending on [his] Inauguration Day. My question for you as my Representative from here in San Francisco, and more broadly to the Democratic leadership, is why you have not called the Republicans' bluff, and put the pressure on them to actually end draft registration and abolish the Selective -- ?

Peter Laufer: That's a terrific question. Let me stop you there just for a second there, Edward, so that we can get the response from the Congresswoman.

Nancy Pelosi: Well, I'm not unsympathetic to your point of view, Edward. It is necessary for us to have a force. And I think most young people don't realize that when they become 18 years old they are under law required to sign up for the draft -- uh, not for the draft but under the Selective Service. I think this is something that we should subject to some scrutiny to see why this is still necessary and why there's a penalty if you don't. I mean, it can be held against you in your college applications, your job applications and the rest. So I think it's a debate that we should have as a country. Long before the draft was over I was opposed to the draft, so you know, I'm not, again, unsympathetic to your point of view that, I guess, you want to eliminate the Selective Service System altogether, or at least the mandatory sign-up. But, I think it's worthy of attention.

Peter Laufer: Thank you, Edward, for bringing that up, and thank you for the call....

The only mention of draft registration or draft resistance was my question and Rep. Pelosi's response, as above. (There was no mention at all of the possibility of a draft of health care workers .) Luke Hiken from the National Lawyers Guild's Military Law Task Force, who was in the studio, gave an excellent presentation about the strength of the legal challenges to the "stop-loss orders", the illegality of the current war(s), and so forth.

Pelosi's "not unsympathetic" and "worthy of attention" response isn't exactly a statement of support, but it goes beyond anything I've heard from a national leader in either party since draft registration was reinstated in 1980, and indicates the window of opportunity we have right now to lobby against draft registration and Selective Slavery.

ATA Airlines is bankrupt

ATA Airlines (also known as "American Trans Air") has joined United Airlines, US Airways, and Hawaiian Airlines (and other airlines in countries other than the USA) in bankruptcy.

I've updated my FAQ about Airline Bankruptcies accordingly. I like the service on ATA Airlines -- genuinely unpretentious yet efficient -- and I've flown more often with them than on any other airline on trips within the USA in the last few years. But I won't be buying any more tickets for ATA flights as long as they are bankrupt.

Possible extension of the misleadingly reassuring but largely useless to consumers Federal law governing acceptance of tickets on bankrupt airlines remains bogged down in debates over other provisions the "intelligence" (surveillance) bill to which it has been attached.

[Addendum: More of my comments on airline bankruptcies from the travel section of the New York Times , Pracrtical Traveler: Navigating Turbulent Skies , 10 October 2004.]

"Registered Terrorists"

Even the business travellers on whom the USA Transportation Security Administration (TSA) had undoubtedly counted for support of the TSA's Registered Traveler scheme -- one prong, along with Secure Flight as the other, of the bifurcated reincarnation of the CAPPS-II airline passenger surveillance, profiling, and monitoring system -- are turning against traveller registration as they relaize, not just its unfairness, but how it would make them and all travellers less secure.

Here's the latest in this vein from David Meyer, editor-in-chief of Business Travel News:

Editorial: Bush Administration Lacks Airline Security Leadership
(Business Travel News, 25 October 2004)

... Lately, a good deal of energy and expense is being put into
creating a two-tier screening system that would expedite travel
for frequent travelers willing to submit to pre-screening. The
idea is to cut lines and hassle for those who register, but it
doesn't make good sense, when it comes to security, for
screeners to give less scrutiny to registered travelers who
could be registered terrorists.

It certainly doesn't make sense to compromise the security of
all for the convenience of a few, particularly when that
convenience amounts to little more than leaving the grandmother
and grandchildren in the longer line so the businessman can get
on the same plane a few minutes faster.

Creating E-ZPass lanes for frequent travelers is conceptually
appealing to the business traveler, but compromises security.

Travel advice from Neal Stephenson

In the course of a long interview on Slashdot (particularly worth reading for Stephenson's perceptive typology of writers), Neal Stephenson was asked by a fan of his "travel novels" whether he has any "Travel tips for modern primitives?" and "Do you carry any sort of self-defense means in some places?" I like his response:

The best "self-defense means" when you are surrounded by a hundred million people of some other culture is to avoid dangerous places and figure out some way to get along with the folks around you.

Robert Young Pelton on "The Practical Nomad"

Robert Young Pelton (author of The World's Most Dangerous Places ), devotes his column this month in National Geographic Adventure magazine to, "the top five secrets ... that guidebook publishers don't want you to know about their products." In no particular order, but starting with, "(1) They're outdated."

His advice? "Tired of clinging to that guidebook like it's a security blanket? Try reading something that tells you how to appreciate the art of travel rather than how to spend money." And he lists The Practical Nomad: How to Travel Around the World as one of "ten insightful travelogues that will inspire rather than dictate."

Pelton's right about the time it takes to produce a guidebook (yes, even with modern technology), and the other items on his list), but wrong that it's something guidebook publishers don't want you to know. I've said the same thing in public talks, with representatives of my publisher in the audience -- and they were pleased to hear me tell travellers that they should understand that most current editions of regularly-updated guidebooks are based on research done two to three years ago. That's not a reason not to buy a guidebook, but it's something good guidebook publishers want you to know, and to factor in when using a guidebook to plan your trip (allow for change) or your travel budget (allow for inflation).

Rick Steves on the value of travel

Travel can help mend a fractured world (USA Today, 17 October 2004)

For many Americans, the critical question in this election season is, "How can we make America safer in the world?"

Call me a girly man, but I think -- given the fact that Americans are outnumbered 20 to 1 on this planet -- we'd be safer by better understanding our world. A great first step is to travel -- thoughtfully.

If Americans traveled more, we'd better understand our place on this complex planet and fit in more comfortably. And eventually, perhaps, we wouldn't need to spend as much as the rest of the world combined on our military to feel safe....

Comments on "Secure Flight" testing and data dump

The public comment period on testing of the the proposed Secure Flight airline passenger surveillance and monitoring system intended as part of the replacement for CAPPS-II , and on a proposed order to airlines based in the USA to turn over all PNR's from June 2004 flights, closed today.

My own comments and comments to the TSA and to the OMB that I co-signed with several privacy and civil liberties organizations are, I presume, among a blizzard of last-minute filings with the USA Transportation Security Administration (TSA) and the Office of Management and Budget (OMB), which are supposed to review them before acting on the TSA proposals.

In practice, the proposed "Secure Flight" testing order would require the June 2004 reservation archives to be turned over to the TSA this Friday, 29 October 2004, leaving little time for any menaingful review of the public comments if a decision is to be made by then. And the TSA has asked the OMB to approve their proposed order on an "emergency" basis, to which I, and no doubt others, have objected.

Here are the abstract and conclusions of my comments :

Abstract: (1) The proposed system of records and the information collection request described in these Notices: are contrary to the recommendations in the final report of the 9/11 Commission; (2) would unconstitutionally burden and chill the exercise of the right to assemble guaranteed by the First Amendment; (3) are barred by multiple provisions of the Privacy Act of 1974 and the Airline Deregulation Act of 1978; and (4) are not authorized by any of the statutes claimed in the Notices as their authority. (5) The Notices are inaccurate, incomplete, and fail to provide several of the notices required by the Privacy Act. (6) Maintenance of the proposed system of records would constitute a criminal violation of the Privacy Act on the part of each officer or employee of any agency maintaining the system of records. (7) The TSA has failed to conduct the assessments required by the Airline Deregulation Act of 1978, the Aviation and Transportation Security Act of 2001, the Regulatory Flexibility Act of 1980, and the Unfunded Mandates Reform Act of 1995. (8) The TSA has failed to conduct the assessments, or satisfy the criteria for emergency clearance by the OMB, required by the Paperwork Reduction Act. (9) In order to comply with the proposed orders, airlines and the Computerized Reservation Systems (CRS's) that host their PNR databases would have to cease operating flights to or from, or accepting reservations from, the European Union, at a cost of billions of dollars a year.

Conclusions: For all of the reasons stated in the comments above, I request (1) that the proposed system of records not be created, and the system of records notice be formally withdrawn by the TSA or DHS, (2) that the proposed information collection order not be issued, and the notice of emergency clearance request be formally withdrawn by the TSA or DHS, (3) that the request for an emergency certification and clearance be denied by the OMB, and (4) that, unless the proposals are immediately and publicly withdrawn, immediate action be taken to prevent the proposed criminal violations of the Privacy Act.

Here are links to some of the detailed comments filed with the TSA, in addition to several hundred briefer comments, amost all form individuals oppsed to Secure Flight (comments filed with the OMB are not available online, except those copied to the TSA or placed online by the commenters):

• Edward Hasbrouck
• Air Transport Association (questions and requests for clarification)
• Air Transport Association (comments)
• American Library Association, Consumer Action, Edward Hasbrouck, Electronic Frontier Foundation, Fairfax County [VA]Privacy Council, Privacy Rights Clearinghouse, PrivacyActivism, and World Privacy Forum (comments to the TSA)
• Electronic Frontier Foundation, Fairfax County [VA] Privacy Council, Edward Hasbrouck, Privacy Rights Clearinghouse, PrivacyActivism, and World Privacy Forum (comments to the OMB)
• Electronic Privacy Information Center (comments to the TSA)
• Electronic Privacy Information Center (comments to the OMB)
• American Civil Liberties Union and Privacy International
• Business Travel Coalition
• National Business Travel Association
• American Conservative Union
• Adam Shostack
• John Gilmore
• Tom Ciccateri
• Matthew Belmonte

[Last updated 9 November 2004 to add links to additional comments.]

Approbation and Ignominy

BOSTON, Oct. 22 [The New York Times] -- In the wake of the death of a Red Sox fan hit by a police pepper-spray weapon after the team's playoff victory, Boston officials are imposing restrictions on the bars around Fenway Park.... A police officer fired the pepper-spray weapon, striking 21-year-old Victoria Snelgrove, a college student, in the eye, which caused her death several hours later....

At least one expert, Melvin L. Tucker, a criminal justice and security consultant from Morristown, Tenn., who is a former police chief, said that the pepper-spray guns are "less than lethal" weapons designed to be fired at the ground or at a person's chest or lower, so that the plastic balls will break open and send a cloud of pepper spray into a person's face, causing burning and stinging that should stop the person's actions but should not kill.

"...Either ... the equipment was used not in accordance to training or the manufacturer's recommendation or it was inaccurate in the way it was fired," said Mr. Tucker.... "The protocol is you don't shoot if you're going to hit the person in the head or neck area because that can be lethal, as it was in this case."

The death of Ms. Snelgrove, a journalism student at Emerson College, has cast a cloud on the euphoria over the Red Sox victory and prompted some people to accuse the police of overreacting in trying to control the crowds.

Danielle Kotzias, 22, a classmate of Ms. Snelgrove, said, "The people who were supposed to protect us in that crowd, the police, used quote-unquote nonlethal weapons -- those nonlethal weapons killed my friend.''

The weapons were bought by the police department for the Democratic National Convention this summer but were not used then.

Compounding the typical, and predictable, irony of weapons bought to "protect us against terrorism" being used, in the event, not to protect us but to kill --literally -- our celebration and joy, this all took place just after midnight on October 22nd -- a day which since, 1996, has been an annual National Day of Protest to Stop Police Brutality, Repression, and the Criminalization of a Generation .

Here's what my mother, Marguerite Helen, wrote today from Massachusetts:

On October 22, 2004, the Red Sox -- Boston's home baseball team, New England's home team -- won the American League pennant. They won amazingly, in the seventh game; in the fourth straight win after being down three; against the team regarded (at least, by Bostonians) as winning more than their share over the years. It caused not just celebration but an explosion of joy and exhilaration. It gave us both a respite and hope, in a time when the whole world is in the midst of despair and destruction and war. The pride and joy of the team and its fans are well deserved and cannot and should not ever be regarded as anything less.

Older folks, like us, waited, holding our breath, until after the last out, and then filled and clicked glasses in a small, celebratory toast. Younger folks spilled out into the streets, as young folks have always done, leaping and shouting and hugging and gloating. We saw them on our TV screen. And we saw a line of cops in ninja suits marching towards the happy crowd. We heard a shot. The camera instantly moved away.

A cop had fired "nonlethal, crowd-control ammunition" into the revelers. He had hit a 21-year-old woman, a local student and a local resident who had grown up in this Red Sox territory, and he had killed her.

Why were barriers not put around the spot on the street where she fell, so that mourners could come to pray; to leave flowers and notes? Why have the police commissioner, the officer in charge of that night's work, the policeperson who shot her, and anyone in between who might be held responsible not been fired? Why has the Massachusetts legislature not called for the resignation or impeachment of the mayor and the governor? (The commander-in-chief is ultimately responsible, just as George W. Bush is for Abu Ghraib.) Why did the police and the Red Sox not immediately offer an honor guard for the funeral of the victim? And why have not fans been asked by the Red Sox to wear black arm bands at the World Series games, as the players will?

None of these things have happened. Last night, we were shown a well dressed crowd of city and state officials, team owners and managers, and others considered to be at the top and the heart of the victory at what was described as an elegant party at the Kennedy Library. The Kennedy Library. Host to a celebration of an assassination.

The police commissioner announced that the police took "full responsibility". I don't think that is any comfort to Victoria Snelgrove's father, shown supported by others, tearfully holding up a picture of her and saying that among many other things she had always been such a Red Sox fan.

The mayor announced that there would be No Drinking during the World Series. Really? There were still liquor ads on the network between innings of the first Series game. People still have liquor in their houses if they want to drink. And had the cops been drinking before they went out, as they too often do, looking for a truly warlike riot?

Young people, especially, have always joined in sometimes raucous celebrations. It used to be called "sowing their wild oats". My father-in-law and his buddies liked to rock the trolley cars on which they rode to make them fall off the tracks. One night every spring, my husband and hordes of his fellow college students burst from their dorms and filled the streets. They held a "panty raid" at my school. (One year, one man actually got into a dorm and then didn't know what to do with himself). We threw underwear out the windows. I forgot that my piece had a laundry name tag on it, and I was told that it was tacked, with other such bounty, onto a bulletin board in a men's dorm. A few cops came and parked at the edges of the melee, just in case. Tales were told with glee, like that of one student casually leaning on a cop car, talking with a cop to distract him while others flattened the car's tires. Eventually, the students got it out of their systems and went back to their dorms and the cops left. No one was even attacked, much less shot at.

Bostonians cannot think and speak only of the warmth and excitement of their team's triumph. They must accept great shame. Not shame for the Red Sox or for their fans. Shame for the city. Shame for the cops, for all cops in this nation, and for those who order them to be trained for such acts of terrorism and to exercise them. Shame that we are not just an example of superlative playing and accomplishments but also of good, of support for each other and those who represent us. Shame for representing the real terrorists.

My son suggested that a win this year of the World Series by the Sox would be a special present for me, with my end-of-October birthday. It would be an unbeatable and unforgettable victory. A great gift. A sweet revenge for one who was at that fateful seventh game Series loss to the Cardinals too many years ago. I hope that it happens. If it does, I will relish it; if it does not, I will still rejoice in this year's pennant win.

But October 22nd? For victory and victim, a day always to remember.

[Addendum, 26 October 2004: Eyewitness account by Russ Stein (Boston Independent Media Center); Death of a Fan by Dave Zirin (Counterpunch)]

Red Sox Nation

It was actually happening. The nerd was kissing the homecoming queen. Paper was beating scissors; scissors were beating rock. Charlie Brown was kicking the football. The Red Sox were beating the Yankees for the American League pennant. [Tyler Kepner, The New York Times]

On my bookshelf -- along with foul balls from Candlestick Park and the Oakland Coliseum (where I saw the Sox go behind two games to none last year, then come back to win in three straight -- only to lose the pennant to the Yankees in seven games) -- is a fair ball off the bat of Rick Burleson that I caught for a ground-rule double one fine Sunday afternoon at Yankee Stadium, 17 September 1978. I can still see it kicking up the dust just inside the foul line, and spinning softly up into my hands on that one bounce, just before the charging Yankee right fielder could cut it off. And I still remember the beauty of Dennis Eckersley's starting and winning pitching that day. Ten days earlier, my brother and I had waited four hours in the bleacher ticket line to see the first game of the Boston Massacre in the teams' previous series at Fenway Park, and it was so sweet to see the Red Sox start to come back. I may be biased, but I think that was the last time before this week that the Red Sox won such a crucial game against the Yankees: the next time they met was in the one-game playoff the Red Sox lost at Fenway on 1 October 1978.

Today is the first anniversary of my launch of this blog. I was hoping to have something celebratory to say, but I think I have enough to celebrate already tonight. And if the World Series goes to seven games, the finale will be on my mother's birthday: Halloween night. With my father, she sat through the Red Sox' loss to the Cardinals in the seventh game of the 1967 World Series at Fenway. Here's hoping this birthday gives her something extra to celebrate.

[Updated Thursday, 21 October 2004, to add the quote from this morning's New York Times]

The Amazing Race 6 broadcasts to start Tuesday, 16 November 2004

I haven't been able to get confirmation yet from CBS-TV, and all television schedules are always subject to change... but TV Guide and several other publications are now reporting that The Amazing Race 6 will be broadcast on CBS in the USA on Tuesday nights beginnging 16 November 2004.

I've posted a tentative broadcast schedule based on this starting date.

Assuming that nothing else has changed, and that there are 13 legs of the race, with two of them broadcast in a single program the final week, and that none of the broadcasts are preempted by holiday or other programming, that would put the finale of The Amazing Race 6 on Tuesday, 1 February 2005.

[Update, 27 October 2004: The CBS-TV Web site for The Amazing Race 6 has been updated to show the 16 November 2004 broadcast start date as well as profiles of the cast members.]

"Expats make better citizens of the world"

You might have noticed a recent addition to the sidebar of my blog: a link to the LivingAbroadInCostaRica.com Web site of my friend and fellow travel writer Erin Van Rheenen.

Erin was the series editor for Moon Travel Handbooks and my editor for the second edition of "The Practical Nomad: How to Travel Around the World" at Avalon Travel Publishing (ATP) before leaving to move to Costa Rica and eventually write the new Living Abroad In Costa Rica guidebook published last month in ATP's Adapter Kit series. You might have seen her recently on CNN, talking about Costa Rica as well as general issues in relocating overseas.

I've had wonderful relationships with all my editors at ATP, and Erin has a great deal to do with the improved design and usability of the more recent editions of "The Practical Nomad: How to Travel Around the World" (although, I, of course, remain fully to blame for its failings).

Today Erin has a great op-ed column about expatriotism -- particularly directed to those in the USA who are thinking of moving abroad if "the War President" is re-elected -- in an English-language Costa Rican Newspaper, A.M. Costa Rica :

A personal view:
Expats make better citizens of the world

Come Nov. 3rd, how will you be feeling? Proud to be an American, or ready to dust off that dream of living abroad?

Some people are threatening to leave the country if the election doesn't go their way. We've heard it before, but this time more people seem to be saying it, and they appear to be in earnest....

Whether it's Costa Rica or another country, living abroad is an idea whose time has come. In the past three decades the number of Americans living abroad has more than quadrupled from about 70,000 in 1966 to around 4 million in 1996....

If more Americans lived abroad (and eventually returned, as most do), we'd have a country of people with a more global perspective, a country of people who have seen first hand how the rest of the world views the U.S. We'd have a critical mass of citizens who know that the U.S. can't be the big daddy bully of the world, how we need allies, not just people who tremble and curse when they see us coming. For what it's worth, a recent Zogby poll found that U.S. citizens with passports support Kerry over Bush, 58 percent to 35 percent.

Come to think of it, maybe anyone who wants to lead this country needs to have living abroad on his or her resume -- preferably for a year or more, and in one of the so-called developing countries. And no, being CEO of a multinational corporation that rebuilds the countries we tear town does not count.

(Erin Van Rheenen will be in Costa Rica in November but will cast her vote by absentee ballot. )

Military draft becomes a campaign issue

Military conscription has become an issue in the Presidential campaign -- even though neither Bush nor Kerry has done anything to put their claimed opposition to the draft into action.

Campaigning around the draft includes television ads being broadcast this week, Web-based appeals to student voters , an ad in the New York Times today raising questions about the draft from students, and a media campaign by Vietnam veterans and others.

But as New York Times columnist Paul Krugman points out today in Feeling the Draft , the issue isn't whether Bush or Kerry claims to oppose a draft, but what they are actually likely to do, after the election, if the military can't get enough of the soldiers they want, with the skills they want, without a draft.

Will they then support a draft? Or will they limit or reduce the size of the military, and adjust their military policy to respect the limits imposed on it, and on them, by the (un)willingness of the people to fight the Pentagon's and the White House's wars?

The reality, as is gradually becoming more widely recognized, is that today's young people (not to mention health care workers ) are even more opposed to the draft than the Vietnam generation. Results of a poll commissioned by Newsweek and released yesterday found that 29% of young voters would resist a draft . As the song says, "It's up to you not to heed the call-up.... You don't have to act the way you were brought up."

An editorial yesterday by the Philadelphia Daily News calls on Bush to end registration and Selective Service , and asks exactly the right question: "If we don't need a draft, why have registration?"

[Addendum, 23 October 2004: Another newspaper in swing-state Pennsylvania joins the editorial call: "The Bush administration could put the wild rumors to rest -- and save taxpayers nearly the $30 million a year it costs to administer the Selective Service?s draft registration program -- by asking Congress to terminate draft registration. If Democrats really are worried about a renewed draft, then they should agree to fast-tracking the necessary legislation."]

If he's really ruling out a draft, Bush could end draft registration today, with the stroke of a pen, by Presidential proclamation. But he hasn't done so. As a U.S. Senator, Kerry could have, and still could, introduce or endorse legislation to abolish the Selective Service System and eliminate Presidential authority to order registration. But he hasn't done so.

The Republicans who control the agenda in Congress, who have been complaining that questions about whether they might enact a draft after the election are unjustified, and who were able to bring a meaningless bill for reinstatement of the draft to a vote and defeat in a matter of days, could have, and still could, bring a bill to abolish the SS and eliminate authority for registration to a vote, and passage, just as quickly. But they haven't done so.

Any of these things could still happen before the election, if the public demands that the candiates suit their actions to their claimed positions on the draft. We'll see if that happens, or if the "debate" about the draft remains limited to partisan posturing.

The fact that health care workers would be the first to be drafted is also beginning to get some notice. The New York Times , quoting some of the sources they found through my FAQ on Health Care Workers and the Draft , has a long feature today, U.S. Has Contingency Plans for a Draft of Medical Workers .

Since they weren't available anywhere else online (they were published in 1989, and the Federal Register isn't available in electronic form that far back), I've scanned and posted the Selective Service System's Proposed regulations for the Health Care Personnel Delivery System (HCPDS), including the complete list (on the last page of the proposed regulations) of more than 60 job categories potentially subject to the draft under the HCPDS.

RFID passport data won't be encrypted

Contrary to what I wrote yesterday , the identification and biometric (digital photograph) data on RFID passports in the USA will not be encrypted. Jay Stanley of the ACLU's Technology and Liberty Program describes what they were told in a briefing by Frank Moss, USA Deputy Assistant Secretary of State for Passport Services and director of the State Department's Bureau of Consular Affairs:

Digital signature technology would be used to ensure that the information on the chip has not been altered. A State Department private key would be used to encrypt a hash of the information on the chip. The private keys would be retained in utmost secrecy in the basement of the State Department where they do all their encryption. The public keys would be shared with ICAO so that, e.g. a German control officer could look them up to verify authenticity of a passport.

No harm could be done with the public keys; they could even be posted on a Web site. The public key can be used to verify that e.g. this passport was signed using the Sate Department's private key for every passport issued in San Diego from January 2005 to August 2005. But you can't use the public key to then create a signature on a fraudulent document. And the public key is not used to access the data on the document -- that is wide open -- it is used only to verify the authenticity of the passport.

I think I didn't grasp this, even when I read the draft ICAO specifications, because it was, and is, so astonishingly, over-the-top, unsafe and vulnerable to criminal abuse that I couldn't believe it. But this is the way it is planned.

It also becomes clear on rereading the proposed ICAO standards and the USA government contract proposal (RFP), that the signature -- the one thing other than the photograph actually used to authenticate someone using a passport, particularly for financial purposes like cashing a check, sending or receiving money, or opening a bank account -- will be the one major element of the passport not digitally encoded at all (and thus not amenable to authentication through the hash or its digital signature).

So an identity thief, using only the data secretly and remotely obtainable from your passport, will be able -- without ever having actually seen you or your passport -- to create a perfectly valid-seeming passport, with a valid encrypted and properly signed digital hash, with your photograph but a signature in their handwriting.

Such a document is the holy grail of identity thieves, organized criminals, money launderers, and, or course, terrorists.

All they have to do is place an RFID reader somewhere a lot of travellers will pass nearby, record the data of each passport that comes within reading distance (up to 30 feet -- 9 meters -- with current readers although that will likely increase with future reader technology), and look through the captured images later, at their leisure, until they find one with a photo that comes close enough to their appearance for them to be able to impersonate. They can create the physical photo for the forged passport from the digital data secretly and remotely read from the RFID chip.

Then they can choose, depending on their document forging ability, to create either (1) an RFID passport with a bitwise copy of the chip (organized criminals already use similar techniques to clone mobile phone SIM cards), (2) a non-RFID passport (these will likely remain in use for up to a decade, the validity period of current standard USA passports), or (3) a non-RFID passport or identity document of another country. This last choice might be the preferred tactic, since a document with a different nationality would be less likely to produce "collisions" with the real identity that would bring the identity theft to the victim's notice.

(It's common for people born in the USA to be citizens of, and carry passports of, other countries, so this last type of passport would attract no suspicion at all. Irish passports would probably be forgers' first choice, since they permit visa-free movement within the European Union and are the European passport most commonly held by people born in the USA. Or they might pick some other passport that happens to be especially easy to forge.)

Or they could choose to use the data from the RFID chip (including date and state of birth, the starting point to getting a birth certificate and finding out your mother's maiden name) to obtain or produce some other type of identity document. But why bother, when they could conduct their money laundering, open terrorist bank accounts, buy and use airline tickets, etc. with a properly digitally-signed and authenticated fake passport with a signature in their handwriting -- but in your name or the name of some other innocent victim?

This makes it imperative, if you are forced to obtain or carry an RFID passport, always to keep it in a tin-foil sleeve or envelope, and never to take it out without first demanding conclusive proof that the person requesting to inspect it is making a binding lawful demand to do so. When you do display it, try to get as far as possible away from all other people or anywhere an RFID reader might be concealed, and try to keep the foil wrapped around the passport as much as possible, to reduce the range of directions and angles from which it is exposed to radio reading.

The crucial issue for technical self-defense will be whether a passport cover can be produced that is transparent to visible light, but opaque to the frequencies used by RFID transponders. Stay tuned -- I'll report anything I hear about such an identity theft protection device for travellers. Let's hope one is available by next spring, when the first USA citizens, other than gevernment employee guinea pigs, start being issued with RFID passports.

There's more on the risks of RFID chips in passports and other identity documents from Barry Steinhardt of the ACLU (the final interview, beginning at 32:48 of the broadcast) and others on National Public Radio's "Talk Of The Nation" earlier this week, recorded the day before the RFID passport contract announcement.

Time to get a new USA passport

Contracts were awarded today to Axalto and three other teams of vendors for the addition of secretly and remotely-readable radio-frequency identification (RFID) chips embedded in the photo and information page (inside front cover) of all new USA passports.

In accordance with the timeline in the Request For Proposals , the winning bidder was required to have built test kits on spec, in order to be prepared to deliver them to the State Department within one day of being awarded the contract, i.e. by tomorrow. Test sample passports must be delivered within 10 days, and testing will be conducted over the next three weeks.

The first RFID passports valid for actual use will be produced in a pilot program limited to the State Department passport office in Washington, DC, and limited to the special (maroon cover) passports issued to Federal government employees, with the first such RFID passports to be issued by mid-December 2004. The first regular (blue cover) RFID passports will be issued "at a single, domestic passport agency no later than Spring 2005," with the RFID passport issuance equipment deployed thereafter to all other USA passport agencies.

"It is expected that all newly issued, full-validity, United States passports will have embedded inlays (IC/antenna assembly in a protective plastic envelope) by the end of calendar 2005."

In testimony to Congress during a hearing on RFID chips on Flag Day, 14 July 2004 , Barry Steinhardt of the ACLU described government tracking as, "The most frightening use of RFID chips":

Most troubling of all are proposals to incorporate RFID tags into government identity documents.

RFIDs would allow for convenient, at-a-distance verification of ID. RFID-tagged IDs could be secretly read right through a wallet, pocket, backpack, or purse by anyone with the appropriate reader device, including marketers, identity thieves, pickpockets, oppressive governments, and others. Retailers might add RFID readers to find out exactly who is browsing their aisles, gawking at their window displays from the sidewalk -- or passing by without looking. Pocket ID readers could be used by government agents to sweep up the identities of everyone at a political meeting, protest march, or Islamic prayer service. A network of automated RFID listening posts on the sidewalks and roads could even reveal the location of all people in the U.S. at all times.

This may sound far-fetched, and I hope that it stays that way. But if we at the ACLU have learned anything over the past decade, it is that seemingly distant privacy invasions that sound right out of science fiction often become real far faster than anyone has anticipated. I give you this scenario as something that I think most Americans would agree is something that should be avoided, and yet is now entirely possible as far as the technology that is available to us. That means that our future is now going to be decided by policy.

Congress has, however, already mandated by law that USA passports contain whatever RFID, biometric, and other devices and data are recommended by the standards of the International Civil Aviation Organization (ICAO), and has pressured other countries to enact these standards into their laws as well.

ICAO spokesperson Denis Chagnon has not responded -- despite several conversations in which he has promised to do so -- to repeated requests over the last three months for comment on when ICAO would make its official decision on whether to adopt the requirement for an RFID chip (referred to in ICAO Document 9303 as a "contactless integrated circuit") as an ICAO standard, or whether ICAO had engaged in any discussions with any privacy or civil liberties organizations or any of the signers of the joint Open Letter to ICAO from Privacy International and other groups requesting such dialogue and opportunity for participation in ICAO decision-making.

As Bruce Schneier and other security experts have pointed out, RFID chips in passports serve no security purpose, only a surveillance purpose. In an op-ed article last month in the International Herald Tribune , Schneier wrote:

Unfortunately, RFID chips can be read by any reader, not just the ones at passport control.... [A]nyone with a reader can learn that information, without the passport holder's knowledge or consent. It means that pickpockets, kidnappers and terrorists can easily -- and surreptitiously -- pick Americans or nationals of other participating countries out of a crowd.

It is a clear threat to both privacy and personal safety, and quite simply, that is why it is bad idea. Proponents of the system claim that the chips can be read only from within a distance of a few centimeters, so there is no potential for abuse. This is a spectacularly naïve claim. All wireless protocols can work at much longer ranges than specified. In tests, RFID chips have been read by receivers 30 feet -- 9 meters -- away. Improvements in technology are inevitable.

Security is always a trade-off. If the benefits of RFID outweighed the risks, then maybe it would be worth it. Certainly, there isn't a significant benefit when people present their passport to a customs official. If that customs official is going to take the passport and bring it near a reader, why can't he go those extra few centimeters that a contact chip -- one the reader must actually touch -- would require?

The Bush administration is deliberately choosing a less secure technology without justification. If there were a good offsetting reason to choose that technology over a contact chip, then the choice might make sense.

Unfortunately, there is only one possible reason: The administration wants surreptitious access themselves. It wants to be able to identify people in crowds. It wants to surreptitiously pick out the Americans, and pick out the foreigners. It wants to do the very thing that it insists, despite demonstrations to the contrary, can't be done.

Normally I am very careful before I ascribe such sinister motives to a government agency. Incompetence is the norm, and malevolence is much rarer. But this seems like a clear case of the Bush administration putting its own interests above the security and privacy of its citizens, and then lying about it.

You could keep an RFID passport in a tin-foil envelope, but because the RFID chip will be embedded in the photo page, it will be exposed for reading whenever you have to display your passport for visual inspection: checking into a hotel, cashing a travellers check, exchanging foreign currency, checking in for an airline flight, etc.

The data on the RFID chip will not be encrypted. [I got this wrong in my initial version of this article. See my follow-up article for more on the lack of encryption, and what it means.] Only a digital "hash" of the data will encrypted and digitally signed by the issuing agency (the USA government), using keys supplied by ICAO under a a no-bid contract with the USA Government Printing Office (GPO).

Eevn if it were encrypted (which it won't be, under the current contract) the data readable from the chip will constitute a unique personal identification number, which will be entered into each such passport holder's Acxiom or Choicepoint file the first time they display their passport during a transaction with a company that shares data with Acxiom or Choicepoint. And if the passport isn't kept in an RF-protective envelope or sleeve, it will be vulnerable to being read, and the location and time and circumstances (such as which other passports are nearby) of the reading sent to and logged by these or other data aggregation companies, not just when it is displayed but each time you pass through a doorway equipped with a hidden reader.

The State Department's passport offices would be swamped if they required the replacement of all outstanding passports with RFID passports, so that isn't likely to be required. Current passports will probably remain valid, although holders of non-RFID passports will probably be given second-class treatment at immigration control, required to stand in longer lines like those who don't have Registered Traveler credentials.

Still, it's worth a little extra time at airports and border crossings to avoid carrying a tracking chip broadcasting your identity to anyone querying it by radio, enabling the creation of a lifetime data trail of your movements around the world.

New regular USA passports are valid for 10 years, and you can still get one without an RFID chip through at least the end of the year. I'll be getting a new passport before the end of this year, even though my current passport doesn't expire for several more years, in order to have a non-RFID passport valid as far into the future as possible. If you value your safety and privacy, and are a citizen of the USA, you should too.

[Correction, 15 October 2004: This article has been updated to correct my error in the intial version of the article on the (lack of) encryption of the data on the RFID chip. See my follow-up article for more on the lack of encryption, and its significance.]

USA airports and TSA adopt Israeli-style profiling

By the end of this month, USA Transportation Security Administration (TSA) agents at two or more airports in the northeastern USA (presumably Boston's Logan International Airport, IATA code BOS, and at least one other as yet unnamed airport) are preparing to start Israeli-style profiling, stops, and questioning of airline passengers on the basis of appearance and behavior, according to reports in Time magazine and elsewhere.

After two weeks, there's still been no official announcement or confirmation by the TSA or airports of the "SPOT" ("Screening of Passengers by Observation Techniques") program, but neither has there been any denial of the news stories. I can't confirm the SPOT stories, but I find them highly credible.

The Time report on the TSA tactic refers to the "racially-neutral profiling program in place at Boston's Logan Airport, on which it is based." But as I've discussed previously, Logan's program uses "appearance" or "behavioral" profiling as euphemisms for Israeli-style ethnic and racial stereotyping. The scheme is the product of Massport and Mass. State Police consultant and former Ben-Gurion Airport (TLV) security director Rafi Ron, who also apparently advised the MBTA in their warrantless searches of Massachusetts transit passengers, starting shortly before the Democratic Convention in Boston.

Ron retired from his job with the Israeli Airports Authority just before 11 September 2001, and started his new career as a freelance consultant just a few weeks later in Boston. Ron has been the leading advocate in the USA of collecting additional data on airline passengers as a tool to assist human, rather than robotic profiling, and has based his consulting career on his claimed skill at uncovering would-be terrorists through review of data collected about them in advance, combined with visible attributes (mainly visible race and ethnicity) and personal "interviews" (interrogations).

The one time I met Ron at an airline industry conference, he sneered -- quite literally -- at my question of whether concerns for civil liberties would justify any limitations on measures which might otherwise, to any degree, reduce the risk of terrorism. Anyone who would even ask such a question, he said dismissively, clearly doesn't understand the situation we are in -- we are at war, and can afford no limits on the tactics of war.

The TSA may want to claim that its employees can be given discretion to detain and question people on the basis of "suspicious appearance" without risk that their biases will lead them to find some racial and ethnic identifiers of appearance more "suspicious" than others. But other supporters of these schemes are more honest about their intentions: the primary reason to authorize "profiling" by appearance and behavior is to provide a legitimizing rubric for ethnic and racial stereotyping and discrimination.

Richard Pipes, for example, in an op-ed article in the Jerusalem Post , cites the TSA's SPOT program as putting into practice the views of Philadelphia talk-show host Michael Smerconish , who has declared himself an expert on aviation security and the need for racial and ethnic profiling and discrimination. According to Pipes:

Smerconish writes, "We're fighting a war against young Arab male extremists, and yet our government continues to enforce politically correct 'random screening' of airline passengers instead of targeting those who look like terrorists."

He calls for a change in policy: "Logic dictates that airport security take a longer, harder look at individuals who have ethnic, religious, nationality, and appearance factors in common with the Islamic extremist Middle Eastern men who have initiated war against us."

This is a step in the right direction.

The TSA will, I presume, respond to any challenges to this new (and clearly illegally and unconstitutional discriminatory) profiling scheme by claiming simultaneously (1) that it isn't based on race or ethnicity (possibly true on its face, but unlikely as applied), (2) that agents will be able to apply it without unconsciously falling into ethnic or racial profiling (not a credible likelihood for anyone familiar with the history of racism and bigotry of the Mass. State Police, the first to use these tactics), and (3) that they can't disclose the profiling criteria, to prove that they aren't explicitly racist or ethnically biases, because to do so would reveal sensitive security information (i.e would-be terrorists might figure out, "Oh, no: I fit the profile as a South Asian. I better change my skin color before I try to hijack an airplane."). It will be interesting to see how well that argument holds up in response to a Federal civil right lawsuit.

Bush, Kerry, Nader respond to questions on the draft

Three of the Presidential candidates -- Bush, Kerry, and Nader -- have responded in writing today to questions about the military draft posed by young voters in an online debate.

Unfortunately, the questions and answers failed to address the real issues of whether there will be a draft.

There was no statement from any of these three candidates along the lines of, "I will issue (I am issuing) a proclamation exercising my power as President immediately to end draft registration," or "I will propose to Congress (I am proposing to Congress) legislation to abolish the Selective Service System."

Nor did any of these three candiates mention a draft of health care workers -- the (false) assumption behind both the questions and the answers is that the only draft to consider is a general cannon-fodder draft of young people.

(Oddly, neither the Green Party nor Libertarian Party candidates were given the opportunity to participate, despite the facts that an online debate doesn't need to impose any time or space limitation, that the Libertarian party is on the ballot in almost every state -- many more states than Nader--, and that the Green Party got more votes than any other party except the Republicans and Democrats in the 2000 presidential election.)

Senate votes to reassure, but not protect, holders of tickets on bankrupt airlines

In addition to the provisions for identification, surveillance, and control of travellers which I discussed in an earlier article, the version of the the National Intelligence Reform Act of 2004 (S. 2845) adopted by the Senate last week includes an amendment introduced by Sen. Ron Wyden of Oregon that would extend for another year, though 18 November 2005, the present law requiring other USA-based airlines flying the exact same route (if there are any, which on many routes there aren't) to transport holders of tickets on airlines that cease service (if they can prove they had tickets, which most holders of electronic tickets won't be able to do, since e-mail confirmations are trivially easy to forge, and not proof of anything), if they have unsold seats available (which they might not have for many days or in mnay cases weeks if a major airline shuts down), for a fee.

As I've been explaining in my FAQ about Airline Bankruptcies (as quoted at some length last Sunday in the New York Times travel section) and elsewhere, this law was enacted in response to lobbying by the air travel industry after 11 September 2001, in order to restore confidence so that people would be willing to resume buying tickets in spite of (well-founded, as it has turned out) fears that airlines might go bankrupt. The purpose of the law was to reassure consumers, not to protect them, and especially not to require airlines to do anything that would have any significant cost or risk.

I think this law serves more to give travellers a false sense of security than to give them any meaningful protection. Rather than being extended, it should be allowed to expire -- and replaced with a requirement that airlines give ticket purchasers, who are in effect making interest-free loans to the airlines, the same security interest in their planes and other assets as is given to other lenders .

Coalition opposes restrictions on travel freedom and privacy

Congressional debate on bills purporting to "implement the recommendations of the 9/11 Commission" has bogged down in disputes between the different bills passed by the House and the Senate, and over their provisions to legalize in the USA what is being called, in Orwell-speak, extraordinary rendition , by which is meant deporting, extraditing, or simply kidnapping people to send them to countries where they are likely to be tortured .

As discussed in my analysis of an earlier Senate bill, S. 2774 , none of these bills can properly be described as measures to implement the 9/11 Commission report . In particular, they all are directly contrary to the Report's final overall "Recommendation: The burden of proof for retaining a particular governmental power should be on the executive, to explain (a) that the power actually materially enhances security and (b) that there is adequate supervision of the executive's use of the powers to ensure protection of civil liberties. If the power is granted, there must be adequate guidelines and oversight to properly confine its use."

The bills passed by the Senate on 6 October 2004, S.2845, the "National Intelligence Reform Act of 2004", and by the House of Representatives on 8 October 2004, H.R.10, the, "9/11 Recommendations Implementation Act", have much more in common than the minor differences between them that have now been referred to a House-Senate conference committee. Both bills go far beyond the earlier McLain-Lieberman bill, S. 2774, in their proposed encroachments on civil liberties, including the rights of travellers.

The bill passed by the House is perhaps the more explicit of the two bills in its provisions for identification and surveillance of travellers.

Subtitle A, Section 3001 of the House bill would make it "unlawful for any citizen of the United States to depart from or enter, or attempt to depart from or enter, the United States unless the citizen bears a valid United States passport". Among other effects, this would eliminate passport-free travel to and from Canada and Mexico by USA citizens. Perhaps more importantly, it directly violates Article 13, clause (2), of the United Nations' Universal Declaration of Human Rights , which recognizes that, "Everyone has the right to leave any country, including his own, and to return to his country," with no mention of passports. Passports were originally intended as a device to facilitate travel, and should not be turned into a requirement for, or a means to restrict, travel.

Subtitle B of the House bill, "Identity Management Security", would establish an integrated national birth, death, and identity registry and de facto national identity document system. To the extent these identity credentials would be required for domestic travel within the USA, that requirement would appear to violate Article 13, clause (1) of the Universal Declaration of Human Rights: "Everyone has the right to freedom of movement and residence within the borders of each state," again with no mention of required credentials.

Subtitle C, "Targeting Terrorist Travel", would actually target all travellers. In particular, Section 3081 would require a study of the possible "Creation of a database containing information on the lifetime travel history of each foreign national or United States citizen who might seek to enter the United States or another country at any time."

These proposals for identification, surveillance, and control of travellers have promoted an unprecedented response: a joint letter sent to Congress on 4 October 2004 by more than 40 USA and international organizations constituting "a broad and diverse coalition of state and national organizations who actively support privacy, civil liberties and immigration rights."

Perhaps more than any other document to date, this coalition letter indicates the extent to which, over the last 18 months, travel has come to be recognized as a core issue for privacy, civil liberties, data protection, and surveillance:

Identification Requirements and Limits on Travel -- ... [W]e oppose actions taken in response to the Commission Report that would create a national identification system in word or effect. The integration of secure identity cards with interconnected databases raises substantial privacy risks that will require new legislation and new forms of oversight. Privacy enhancing techniques that minimize the collection and use of personally identifiable information should also be considered. Significant errors have been found in both the no-fly watchlists and the automatic selectee system. This is a particularly serious problem for U.S. persons who travel within the United States. Recent reports that a U.S. Senator and Member of Congress were detained due to these passenger screening measure begs the question, "how are ordinary citizens faring?"

Federal law should expressly prohibit profiling of citizens or groups based on race, citizen's country of origin, ethnicity or religious beliefs. We support efforts to target individuals who may be carrying weapons or materials that threaten the safety of air travel. This is a more effective security technique than profiling or data mining. When considering the application of biometric features into identification documents, Congress should consider their privacy and civil liberty implications. There should be an independent evaluation of how best to operate these screening systems and still safeguard basic rights.

A properly designed identification systems or travel systems to ensure security of the borders should not provide the basis for routine identification within the United States. Therefore we caution against the establishment of travel checkpoints within the United States that would require individuals to prove their identity to gain access to public transportation. Such proposal would conflict with our basic rights to freedom of movement and civil liberties. Furthermore, citizens who do not possess these documents should not be barred from travel, access to federal benefits, or be denied any citizenship rights.

The recognition by such a broad coalition of the right to travel as a core element of a free people and a free society is a milestone to celebrate. Now it's time to build on this consensus by moving from the defense of our rights as travellers against attacks like the present Congressional initiatives, to the advancement of travellers' right through the introduction and enactment of an affirmative Federal travel privacy law applicable to airlines, CRS's , and other travel companies as well as the government.

TSA revives dormant air transport industry advisory panel

The largely-dormant Transportation Security Advisory Committee to the USA Transportation Security Administration (TSA), which was originally established by the TSA's predecessor, the Federal Aviation Administration (FAA) of the Department of Transportation (DOT), met on 30 September 2004 for the first time in 10 months.

The interval was pretty typical, although the all-day meeting was not: the ASAC usually has met for an hour or two, once or twice or year. You might expect that meetings of an advisory committee would consist mostly of discussions among the members, or their questioning of and reports to the agency they are supposed to advise. But it usually works the other way around: the agenda for the latest ASAC meeting consisted mainly of a series of prepared presentations to the "advisors" by TSA staff.

Topics of those presentations included TSA-industry collaboration in international initiatives for surveillance and tracking of travellers , the TSA's vision for building security and surveillance systems into the infrastructure of the Airport of the Future , and proposals by the TSA for two new ASAC working groups: one to assess the operational and economic impacts to the entire US Commercial Aviation System resulting from proposed security improvements , and a Secure Flight Privacy/IT Working Group (see slide 9) whose goals would be to:

• Provide secure forum for the exchange of ideas and discussion within the framework of existing rules and policies
• Provide TSA/DHS officials access to persons with key knowledge and expertise on a continuing basis
• Provide an objective and independent assessment of the technical and privacy oriented parameters that are the basis for Secure Flight design and present findings
• Build public understanding, trust, and confidence in the new system and its implementation.

Establishment of a joint TSA-industry impact assessment group is an important and positive, if long overdue, step by the TSA. In public testimony to Congress and in interviews with me, on and off the record, representatives from all three major segments of the industry -- airlines, CRS's , and travel agencies -- have described increasing frustration at the TSA's insistence, despite its ignorance of airline reservation procedures, in spurning the industry's standing offers to work with the TSA, rather than be forced to oppose proposals made in ignorance of their feasibility, cost, or other implications. Industry dialogue and consultation isn't a substitute for public dialogue and consultation, but in the case of an agency as clueless about its real-world area of authority as the TSA and especially the TSA Office of National Risk Assessment (ONRA), it would be a positive step.

The so-called "privacy" working group would be a different story. According to the presentation to the ASAC by TSA Privacy Officer Lisa Dean and ONRA Director Justin Oberman, the real purpose of the working group would be to "meet" several externally imposed (and, past TSA behavior makes clear, internally opposed and resisted or ignored) obligations:

TSA PROPOSAL TO ASAC

Establishment of ASAC Secure Flight Privacy/IT Working Group meets:

• Congressional statutory requirement for Privacy & IT Oversight
• TSA internal planning, and
• GAO report standards as defined in, "Aviation Security: Computer-Assisted Passenger Prescreening System Faces Significant Implementation Challenges" (GAO-04-385, February 2004).

In reality, such a working group of the ASAC would meet none of these goals.

First, the ASAC is not a privacy organization , and has no privacy expertise. All but two of the 27 ASAC members represent government or industry organizations, none of which have a focus on privacy or civil liberties. The only two passenger representatives on the ASAC are the "Victims of Pan Am Flight 103" (a legitimate but obviously special-interest organization, which has never mentioned privacy) and the International Airline Passengers Association (IAPA), which defines itself as an organization of "frequent business travelers" offering "privileges and benefits" such as negotiated discounts. It doesn't claim to represent ordinary air travelers, and its Web page on passenger advocacy mentions neither privacy nor civil liberties.

Second, the ASAC has no oversight authority. By definition, as a Federal advisory committee, the ASAC can only make recommendations to the TSA, and only on such topics, and to such an extent, as its input is solicited by the TSA. It cannot take any action -- not even to issue a report on a particular issue of concern -- on its own initiative, and it has no "enforcement" power.

The attempt in the presentation to the ASAC by Justin Oberman (ONRA) and Lisa Dean (TSA) to represent the TSAC, or a sub-group of its membership, as something that could "meet" any statutory or other requirement for oversight or input on privacy or civil liberties is clearly an attempt to defraud whomever is their intended audience for these claims.

The proposal for a working group of the ASAC to address privacy and civil liberties also suggests that the TSA and its parent the Department of Homeland Security (DHS) have backed away from, or at least postponed, their plans to create a new advisory committee specifically to address these issues.

When DHS Chief Privacy Office Nuala O'Connor Kelly announced the plan for a DHS Data Integrity, Privacy, and Interoperability Advisory Committee in her address to the Computers Freedom and Privacy conference in April 2004, the deadline for applications was to be 30 April 2004, with the committee to be appointed shortly thereafter. Applications closed 15 May 2004, after an extension of the deadline, but there's been no word about the creation of this committee since a 28 July 2004 letter I made public when I received it which informed applicants that, "We anticipate that recommendations for consideration will be submitted to the Office of the Secretary [of Homeland Security] in August 2004. Appointments are expected soon thereafter." To date, no appointments have been announced.

It appears that, instead of creating even a captive and toothless advisory committee of people with any expertise in privacy or civil liberties, or at any rate without waiting for the formation of that long-overdue body, the TSA and DHS have assigned that task to a group of industry representatives with no relevant expertise or record of concern. And they are claiming that this "meets" demands that they give serious consideration to privacy and civil liberties, and provide an independent mechanism for oversight of their performance and compliance on these issues.

Sorry, folks. A powerless advisory committee drawn from the air travel industry is neither the appropriate nor a competent guarantor of the consumer interests, privacy, or civil liberties of travellers, nor will travellers or genuine privacy and civil liberties advocates allow the TSA to claim that it is.

Given the TSA's (and especially the ONRA's) obsession with secrecy, it will be interesting to see whether the new working groups of the ASAC comply with the statutory requirement that the public be given notice of, and the opportunity to attend and observe, their meetings.

Minutes and (sometimes) transcripts of ASAC meetings have typically been made public only many months after the fact. Minutes of the October and November 2003 meetings weren't posted on the DHS or TSA Web site until just a few weeks ago, almost a full year later. Neither the TSA nor the DHS issued any public statement about the 30 September 2004 ASAC meeting, and I don't know if any journalists were in attendance. So I don't know if the "Secure Flight Privacy/IT Working Group" of the ASAC was appointed, or if so, who its members are or whether they include either or both of the ASAC's two members from passenger organizations (neither of which are consumer, privacy, or civil liberties advocates).

Privacy and civil liberties watchdogs -- such as those who might have been included on the DHS Privacy Advisory Committee, had it been created by now -- should keep a close watch on the ASAC , and on who else is told these lies about its (lack of) privacy and civil liberties representation and its (lack of) oversight authority.

"Secure Flight" comments due by Monday, 25 October 2004

Public comments are open through Monday, 25 October 2004, on the Secure Flight airline passenger identification, selection, and surveillance system proposed by the USA Transportation Security Administration (TSA) and its Office of National Risk Assessment (ONRA).

Together, the Secure Flight and Registered Traveler programs are intended to replace, and considerably expand, the infringements of travellers' freedoms which were to have been part of the supposedly-abandoned CAPPS-II passenger profiling scheme. (Traveller registration with the TSA is currently "voluntary", but will eventually be mandatory for anyone who wants to travel by air.)

The complete TSA docket of notices and comments on Secure Flight testing (TSA-2004-19160) includes those comments filed to date with the TSA (there is sometimes a delay of a couple of days in docketing and posting comments), as well as well as the three rulemaking notices and requests for comments:

1. The Office of Management and Budget (OMB) Information Collection Request notice under the Paperwork Reduction Act and request for comments on the proposed order (the full text of the order itself is included in the notice) requiring USA-based airlines to turn over all data in all PNR's , including cancelled PNR's, that ever included flights that were to have been taken in June 2004; docket TSA-2004-19160-2
   
   
2. The TSA Privacy Act notice or "System Of Records Notice" (SORN) for the Secure Flight testing database; docket TSA-2004-19160-3
   
   
3. The TSA Privacy Impact Assessment for Secure flight testing; docket TSA-2004-19160-4

The purported Privacy Act "notice" fails to give notice of most of the categories of people about whom personal data is contained in PNR's, and comes well more than a year after PNR's for June 2004 travel began to be created (in June 2003 or earlier), making a mockery of any concept of "notice". By this, and by including cancelled PNR's, it ensures that even those who wish to withhold consent, or tried to do so by cancelling their reservations and not travelling, will be unable to opt out.

The purported Privacy Impact Assessment is a real piece of work, failing entirely to acknowledge, much less to assess, most of the privacy impacts of the proposals.

The most significant portion of the rulemaking, however, may be that of the OMB. The TSA notices concern only what the TSA will do with the data, after it is commandeered from the airlines and, indirectly, from the people whose data is contained in PNR's: travellers, people in whose names reservations were made but who did not travel, people who made reservations for other people or paid for other people's tickets, and travel agents and airline staff, among others. Under the Paperwork Reduction Act, the OMB must also consider the actual demand for archived PNR data from the airlines (and, implicitly, from the CRS's that host airline data, and without whose active collaboration it would be impossible for airlines to comply with the demand).

TSA is soliciting comments [to the OMB, which must evaluate them] to --

1. Evaluate whether the proposed information requirement is necessary for the proper performance of the functions of the agency, including whether the information will have practical utility;
   
   
2. Evaluate the accuracy of the agency's estimate of the burden [imposed by the information collection requirement];
   
   
3. Enhance the quality, utility, and clarity of the information to be collected; and
   
   
4. Minimize the burden of the collection of information on those who are to respond, including through the use of appropriate automated, electronic, mechanical, or other technological collection techniques or other forms of information technology.

There's plenty of room for comment on these issues. Among other things, there is no evidence whatsoever that information about people whose reservations were cancelled, and who made no attempt to travel, would have any relevance to determining which of the people who did attempt to travel were terrorists. Nor is there any evidence that most of the data in PNR's, especially the information about people other than passengers (people making reservations for other people or paying for other people's tickets, travel agents and airline staff, etc.) has any potential utility in identifying terrorists -- its only utility would be for surveillance, not security.

The test data set is peculiarly ill-chosen to "have practical utility". Since no airline passengers in the USA in June of 2004 committed any acts of terrorism, any identifications of suspects in the proposed tests as people who would, if allowed to fly, attempt to commit acts of air terrorism would, by definition, be "false positives". Since there are no air terrorists in the proposed June 2004 test data set , the test would be useless to measure the rates of "true positive" identifications of the non-existent (in the test data set) terrorists, or of "false negative" failures to identify real terrorists.

Note that the OMB standard is whether the proposed information collection is "necessary for the proper performance of the functions of the agency", not the lesser standard of whether it is or might be merely useful.

The burden on those who are to respond -- the airlines and the CRS's who host their databases -- would be extreme, measured in billions or tens of billions or dollars rather than the hundreds of thousands disingenuously estimated by the TSA. Because the retroactive request for archived data precludes any advance notice or consent, it is unambiguously and directly counter to the unqualified requirement for notice and consent in the European Union Code of Conduct for CRS's .

Amadeus, the one major CRS based in the EU, could not legally comply with the proposed order, or provide its airline hosting customers with the data they would need to comply.

The other three major CRS's (Sabre, Worldspan, and Galileo) are based in the USA, and could be forced by the USA to give airlines data dumps even if the CRS's know that they will be turned over to the TSA without the data subjects' consent. But if they do so, those CRS's would have to stop doing business in the EU, including ceasing to provide hosting services to EU airlines or reservation connectivity to EU travel agencies.

The result would be billions of dollars in lost airline business and disruption to airlines' and travel agencies' business.

The proposed order would also impose mandates on airlines and travel agencies contrary to their obligations under the EU Data Protection Directive and EU national data protection laws. The USA negotiated an agreement with the European Commission (currently under challenge by the European Parliament in the European Court of Justice) to permit use of data about passengers for testing of CAPPS-II, but it doesn't extend to Secure Flight or to data subjects other than passengers.

Unless a new USA-EU agreement is concluded before the effective data of the proposed order, airlines in the USA that comply with the order will be unable legally to operate in, or accept reservations from, the EU. That consequence -- cessation of USA-EU flights by USA-based airlines -- would increase the cost burden of the proposed information collection requirement into the tens of billions of dollars.

As for minimizing the burden of collecting the information -- assuming that there is a Constitutional and statutory basis for its collection, which I doubt -- the way for the government to collect it which would least burden the airlines or the subjects of the data would be for TSA personnel to collect any required data directly from passengers at the TSA security checkpoints. That would eliminate any collection of data on people other than passengers, and any burden on airlines, CRS's, or travel agencies and agents. But the TSA doesn't want that because it would give the TSA less data to retain or pass on in "travel history" surveillance records for future use, and because it would force the government to bear more of the cost itself, instead of foisting the cost of data collection onto the travel industry.

Comments to the OMB (it's probably best to copy all comments to both the TSA and OMB) can be submitted to the Office of Information and Regulatory Affairs, Office of Management and Budget, Attn: DHS-TSA Desk Officer, only by fax to +1-202-395-5806. Be sure your fax is addressed "Attn: DHS-TSA Desk Officer" and refers to "Docket No. TSA-2004-19160".

Comments to the TSA can be submitted through the comment submission form on the TSA Web site. Be sure to enter "TSA-2004-19160" in the "Docket ID" field. You can type your comments into the form on the Web page, or attach them as a text, PDF, word processor, or other document file.

It's not necessary to be a citizen or resident of the USA to submit your comments or have them entered into the official record of the USA government rulemaking proceedings.

EFF and the ACLU built Web-bots for submitting comments on the second of the two CAPPS-II Privacy Act notices. If they do so again for Secure Flight, I'll link them here.

[Update: There's now a form to submit brief text comments to the TSA at UnSecureFlight.com . You'll still need to fax your comments separately to the OMB. If you want to submit lengthier comments, or to attach document files, go directly to the TSA (DOT) docket system -- again, be sure to enter "TSA-2004-19160" in the "Docket ID" field.]

The last CAPPS-II notice prompted the largest volume of public comments ever in response to a Privacy Act notice, almost universally critical of the scheme, and many of them still not posted on the DHS Privacy Officer's Web site . (For some reason the previous round of CAPPS-II comments weren't processed through the relatively accessible Web-based DOT docket management system. And the OMB comments won't be, either.) It's important that the alphabet soup of Federal agencies involved (DHS, TSA, ONRA, and OMB), as well as Congressional and European observers, not get the false impression that travellers think the latest version of The Program Formerly Known As CAPPS-II is an acceptable replacement, rather than another egregious affront to our Constitutional, civil, and human rights to travel.

[Addendum, 26 October 2004: Comments filed by myself and others.]

[Addendum, 31 March 2005: In the original version of this article, I mistakenly reported that Contintal Airlines PNR's are hosted in the EU by the Amadeus CRS . Neither Continental nor Amadeus would confirm, deny, or respond to my queries about this, but I have since learned that Continental uses Amadeus to host its fares database but not its database of reservations. "Continental's": http://www.eds.com/about/history/timeline.aspx PNR database is hosted in the SHARES system run by EDS .]

TSA requests bids for "Secure Flight" tests

As of this week, the USA Transportation Security Administration is officially soliciting bids from would-be prime contractors for testing the Secure Flight airline passenger identification and selection system propsoed as a replacement for the supposedly-abandoned CAPPS-II passenger profiling scheme (bid solicitation reference number "HSTS04-04-R-SECFLIGHT").

The introductory synopsis to the TSA Request For Proposals (RFP) for Secure Flight was published Wednesday, and additional sectionsl (almost all of which are standard Federal contract boilerplate, unrelated to the particulars of this project) were published today.

The actual "Statement of Work" has not been made public, and will be provided only to those who have executed a Non-Disclosure Agreement (NDA).

The contract will be a "cost plus" contract, so the contractor will be guaranteed a profit.

Proposals are due by 18 October 2004. "Award is contemplated no later than 29 October 2004. The successful Offeror will be required to deliver test results no later than 90 days after award."

Comments on the "Secure Flight" proposals have in theory been requested through 25 October 2004. But since bidding will be completed before the comment period ends, and the contract will be awarded the same week comments close, it's obvious that there will be no meaningful opportunity to make any changes in the specifications for the project in response to the comments. The contract award schedule makes clear that the solicitation of public input is just for show, not in good faith, making it all the more important for the public to record their objections as early as possible in the "Secure Flight" comment period.

Google joins Amazon in e-book plagiarism?

A year ago this month, I noted reports that Google.com was planning to emulate Amazon.com's copyright-infringing scheme for online distribution of unauthorized bootleg images of the pages of books to which it doesn't own the copyright or electronic rights.

In the intervening year, bootleg e-books assembled from page images obtained from Amazon.com have already started showing up on Kazaa and Internet Relay Chat (IRC). (For more on all of this, see the Writing and Publishing section of this blog.)

Today, Google.com launched a beta version of its e-book (page image) Web site.

It looks like Google's page image distribution system will be virtually identical to that of Amazon.com. Google claims broadly, that, "To further protect your book content, printing and image copying functions are disabled on all Google Print content pages." But the fine print reveals that they will only try to disable "right-click" cut, copy and paste, and printing (presumably through the same sort of buggy, platform-specific javascript that fails to protect page images on Amazon.com). In practice, it is technically impossible for any Web server function to prevent the saving or printing by a Web client of any image that client can display.

The question that remains unanswered is whether in practice Google.com will -- as Amazon.com has done -- allow publishers to "authorize" inclusion of books in this e-book giveaway program without the authors' consent, or when the publisher does not own the unencumbered rights to e-book distribution.

Google.com's scheme isn't necessarily illegal, if they actually obtain permisison from the holders of the rights to electronic distribution. But in practice, it appears likely that Google will rely on publishers' self-reprersentations as to their ownership of electronic rights, rather than -- as they could and should -- requiring anyone not identified in the work itself as the copyright holder, and who wants the work included in Google.com's e-book distribution program, to present evidence of a grant of electronic distribution rights by the copyright holder.

Google.com will also pay publishers a share of the revenue for ads displayed along with book page images. In the absence of an explicit grant of electronic rights in the print book publication contract, those revenues belong to authors (although they are likely to be small compared to the potential e-book revenue that authors will lose through the giveaway of page images). It will be interesting to see how publishers account for these ad revenues, and whether they pay authors the full share (in many cases, 100%) to which they are entitled.

USA House votes down military draft. So what?

This evening in Washington -- after the Red Sox beat the Angels in the first game of the baseball playoffs, and before the Vice-Presidential debate between Cheney and Edwards -- the full USA House of Representatives voted, for the first time in my lifetime, on a bill to reinstate military conscription.

The military draft was in effect continuously from before my birth in 1960 until after the USA lost its war with Vietnam in 1975. Draft registration was reinstated in 1980, supposedly as part of the preparations for intervention by the USA in Afghanistan on the side of the Islamic fundamentalist warlords and mujahideen who were then fighting against the Soviet Union. As one of 20 people prosecuted for organizing resistance to draft registration, I spent six months in a Federal prison camp in 1983-1984 for refusing to agree to fight on the side of the people who would later become the Taliban and Al Qaeda.

Given this track record, it's no wonder that people of my generation have no faith in the ability of the government of the USA to decide for us which wars we should fight. Massive resistance made registration unenforceable, and no bill to reinstate the draft has even made it to a floor vote in Congress. Until today.

Does this mean (A) that because it was brought to a vote for the first time since the Vietnam War, the draft is close to being reinstated? Or (B) that because reinstatement of the draft was overwhelmingingly defeated, the threat of a draft is a myth?

The correct answer is, "( C ) None of the above."

Here's what happened, and what it means:

Some people (some other people suspect that this was/is a "stealth" Kerry campaign tactic, which it might be in part, but only in part) have been spreading rumors that the Republicans have a secret plan to reinstate the draft (a general draft, not a draft of health care workers ) after next month's Presidential elections.

I don't believe this, because (1) the more likely type of draft is a health care workers' draft , not a general draft, and (2) the evidence cited in the rumors is routine stuff like filling vacancies on draft boards, which have been in place for more than 20 years (even if many people are suprprised to learn about them).

There is a truth behind the rumors, but it's more subtle: Most Republicans and many Democrats are pursuing war policies that will likely make a draft -- at least a health care workers' draft -- be perceived (quite possibly by both major parties) as "necessary", regardless of whether Republicans (or Democrats) in Congress or the White House now "want" a draft.

Fear of the draft is scaring people away from Bush to Kerry, polls apparently show, and prompting draft-age voters to register (in order, presumably, vote for Kerry). To counter this, Republicans want to prove that (A) they don't really intend to bring back the draft, and (B) any push for the draft comes from Democrats.

Many months ago, for stupid (in my opinion) reasons -- before this all became an issue in the Presidential campaign -- some otherwise progressive and otherwise mostly well-meaning Democrats introduced a bill to reinstate the draft. I think their intention was to embarrass the Republicans, and to call attention to the "poverty draft". Introducing the bill was a political stunt, and they never expected it to come to a vote.

So now the Republicans have suddenly forced a vote on the Democratic bill. Their idea is to (A) embarrass the Democrats and tar them with being pro-draft and hypocritical on the draft, and (B) vote down the bill, so that they can say that it is now "proven" that Republicans really aren't planning a draft.

The fallacy is in that last claim: just because Republicans aren't voting for a draft now doesn't mean they (and many Democrats) won't vote for it (or at least for a draft of health care workers) if and when their war policies lead them to a situation where they can't figure out any other way to get enough soldiers with specific skills.

Tellingly, neither Republicans nor Democrats tried to couple today's vote against immediate reinstatement of the draft with any move to abolish the Selective Service System or end draft registration -- which is what they would do if they really were ruling out any future draft.

The silver lining to all this, of course, is that it has reinforced the impression of politicians of both parties that overtly supporting the draft is political suicide. Perhaps the Vietnam Syndrome that Reagan tried so hard to "put behind us" has finally been resurrected after all. What remains to be seen is whether that lesson will be translated into recognition that the draft isn't a policy option -- no matter what Bush or Kerry, Republicans or Democrats, the Pentagon or the Selective Service Slavery System may want.

[More background, news, information, and printable leaflets about the draft.]

Ferry passenger searches challenged

A Vermont commuter who has been required to submit to warrantless, suspicionless searches of his car and belongings as a condition of travel on ferries across Lake Champlain between Vermont and New York has filed a Federal lawsuit , with the assistance of the Vermont chapter of the ACLU, against the Lake Champlain Transportation Co. and the USA Department of Homeland Security.

I've been on the Lake Champlain ferries. They are all operated by the same company, so there is no alternative with a different search policy. And, as the lawsuit notes, the alternative to a 10-20 minute ferry ride is a 2-3 hour drive -- not feasible for a daily commute, or for a pedestrian or bicyclist. In addition to serving commuters, the ferries connect downtown Burlington, VT to the Amtrak line between New York City and Montréal that stops just across the lake a short walk up the bluff from the ferry terminal at Port Kent, NY.

Meanwhile, the Washington State Ferries are reportedly planning random searches to begin as early as this weekend. While the Lake Champlian ferries are privately operated, the Washington ferries -- overwhelmingly the largest passenger ferry system in the USA -- are run by the state Department of Transportation, making the Constitutional violation in the warrantless, suspicionless searches even more direct.

As all possible modes of transport come to be subject to these sorts of restrictions, the argument that those who don't want to surrender their other freedoms, in order to exercise their freedom to assemble as guaranteed in the First Amendment, can simply "choose another mode of travel", becomes more and more untenable.

ICANN publishes non-strategy for new domain names

As noted at ICANNWatch , ICANN has published for comment a purported strategy for the introduction of new generic top-level Internet domain names.

I've posted comments in response, pointing out that the ICANN document fails to actually define a strategy, and that it misrepresents as comprehensive the consultant's report ICANN had commissioned, which acknowledged my outstanding questions but said they were outside its scope.

According to e-mail messages I received today from Kent Krispin at ICANN, comments to the public forum are being added to the Web archive manually, after those considered by ICANN staff to be spam or viruses are deleted. The comment forum supposedly opened last Friday, but no comments were actually posted to the ICANN Web site until today, after I queried ICANN about why my comments, twice submitted, still hadn't shown up on the Web after more than 24 hours.

For more background on what's happeneing and why it matters, see the section of my Web site on ICANN, domain-name politics, and top-level Internet domain names for travel including ".aero" (already in operation under the sponsorship of SITA, although little uses) and ".travel" (for which an apliocation remains pending).

Take your own "21st Century Grand Tour"

This month's issue of National Geographic Traveler magazine is a 20th anniversary special issue on "The New Grand Tour -- A Travel Adventure for the 21st Century":

A recent poll done with Yahoo! Travel found that American's top travel dream is an "around-the-world trip." Most people feel that this experience is unattainable -- too expensive, too time-consuming and just too decadent overall. But as readers will discover in this special issue, "The New Grand Tour -- A Travel Adventure for the 21st Century," such a trip is actually within reach -- and it's not nearly as expensive as one might think. National Geographic Traveler has dedicated its entire October issue to a trip around the world... From buying the right round-the-world ticket, to expert tips and useful Web sites , to advice on the best sights to see, this issue provides readers with the resources to help them plan the ultimate travel trip.

The editor's note from Keith Bellows introducing the issue mirrors exactly what I've been saying since the first edition of "The Practical Nomad: How to Travel Around the World":

Travel, once a rarity for so many, has become an intrinsic fact of life -- a right and an expectation. In a real sense, the Grand Tourists were the early precursors of the tribes of backpacking students who roam the globe on a lark and a shoestring. And those old Grand Tourists gave us all a philosophical road map to the world. Now we are no longer satisfied to simply visit a place -- we want to experience it, steep ourselves in its cultural otherness, and dig beneath the surface in an effort to understand its inner workings. And with that has come a hunger for the next best place, for experiences beyond the ordinary, and for places that have escaped mass attention.

So to celebrate Traveler magazine's 20th anniversary, and to reflect how dramatically travel has changed since this magazine was born in 1984, we offer a Grand Tour for the 21st century -- a trip around the world in 80 destinations....

Around-the-world tourism has been with us for a long time, though something of a curiosity, a venture often undertaken by thrill-seekers. But we think around-the-worlding will soon become more commonplace as people decide to take off longer chunks of time, as college grads delay their entry into the workforce, as retiring boomers embark on trips they once only talked about. True, most of us still dismiss the thought of such an adventure. We say we don't have the time. We say we don't have the money. But such a trip is actually within reach of most readers of Traveler . And it's not nearly as expensive as you might think. There are terrific resources to help you plan it. Amazing places to see. And great role models to inspire you. All in this issue. We hope our 20th birthday special convinces you that seeing more of the world need not be a dream. You can make it happen.

Want to do it yourself? In addition to being quoted in the magazine, I was part of a special panel discussion on around-the-world travel at the National Geographic Society in washington last month. And I'll be giving more presentations on around-the-world travel in the San Francisco Bay area this month and next:

• Saturday, 9 October 2004: Adventures in Travel Expo, San Mateo County Expo Center, 2495 South Delaware St. (next to Bay Meadows Race Track; approx. 3/4 mile walk from the Hillsdale Caltrain station), San Mateo, CA. Talk on "How to Travel Around the World" and booksigning, 3:30-4:30 p.m. Info and discount admission coupon ; directions
  
  
• Thursday, 11 November 2004: "Around-The-World Travel Night" at Airtreks.com , 301 Howard St., 4th floor, San Francisco, CA (entrance at the corner of Beale and Howard, 2 blocks south of the Embarcadero BART/Muni Metro station; note that the building management requires all visitors to show ID for admission to the building). 6:30 - 8:30 p.m. Free copy of "The Practical Nomad: How to Travel Around the World", with a deposit towards an air trek! Info and RSVP's (requested but not required): Airtreks.com , +1-415-977-7100, ext. 183.

Complete details on these and other public appearances are on my events page.

Disparate treatment for airline lenders

In the wake of recent coverage of the lack of consumer protection for ticket holders if airline go bankrupt, the Business Travel Coalition (BTC) and the Association of Retail Travel Agents (ARTA) yesterday issued a joint appeal to USA-based airlines voluntarily to agree to honor tickets of bankrupt airlines -- for a fee, if they have empty seats on the same route -- even after the law requiring that expires next month.

A close reading of the BTC/ARTA statement suggests that, at least for ARTA, its purpose is as much to reassure travellers, so as to boost demand for air travel and travel agency business, as actually to protect consumers, which it wouldn't really do since there wouldn't be enough seats available for days or weeks to acocmmodate ticket holders were a major airline in the USA to be liquidated.

Former Consumer Reports Travel Letter editor Ed Perkins points out other problems with the current law in his syndicated column last week.

My comments on this yesterday on Marketplace on public radio were edited down to a couple of sound bites (Real Audio), but my point was this: under laws enacted by Congress, the government (i.e the taxpayers) have guaranteed billions of dollars in (profitable, interest-bearing) bank loans to airlines. But when travllers make (interest-free, unsecured) loads to airlines by buying tickets now for future travel -- a significant component of airlines' financing, on which they depend -- there is no similar guarantee.

Why are banks more deserving of Federal protection than consumers? And why should commerical banking corporations receive more security for their loans, at taxpayer expense, than individual travellers?

German privacy czar recommends minimizing data in PNR's

Interviewed for a feature on US-VISIT ( Kontrolle, Kontrolle, Kontrolle ), German data protection commissioner Peter Schaar recommends that travellers to the USA put only the minimum of essential and required information in their reservations ( PNR's ), to minimize the potential for misuse of personal data by authorities in the USA, or others to whom the USA might pass on reservation data.

Ironically, this excellent advice from Schaar appears on the MSN.de Web site alongside an ad for Internet travel agency Expedia.de , one of the most flagrant violators of the EU data protection rules that Schaar is supposed to enforce.

You can't even get to Expedia.de's home page or privacy policy, to find out if you want to accept their cookies, unless you have already accepted their cookies -- a problem I've pointed out repeatedly to the chief privacy officer of Expedia.de's parent company in the USA.

More importantly in the context of Schaar's advice, Expedia makes it impossible even to determine when a PNR is created, in which CRS it is created, or what information is stored in the PNR and what is stored in a separate database.

Now that Schaar has recognized the critical importance of decisions about what information is placed in PNR's, it will be interesting to see what action Schaar, and his fellow members of the "Article 29 Working Group" of EU data protection commissioners that he chairs, will take to require companies like Expedia.de, and other travel agencies and airlines, to disclose their CRS usage practices and give travellers control over which of their personal data is placed in PNR's.

How to apply for "The Amazing Race"

Applications have supposedly closed for The Amazing Race 7 , to be filmed starting in late 2004. Keep your eyes peeled for race flags, and watch for pairs of people running through airports along with camera crews if you are travelling during October-December 2004. (If you get pictures of the racers or the race, please send them to me. I can publish them with or without identifying you, as you choose.)

If you missed the official application deadline for the next season, but want to participate (and if you are a citizen of the USA -- the producers still haven't changed their rule that, "No Canadians or other 'foreigners' need apply", and I don't make the rules), I'd send in an application anyway: many of the cast members in previous seasons of the race have been selected outside the publicly-announced applications and auditions, and some applications have been held over from one season to another.

Yes, the only application now available says it is for "The Amazing Race 7", but I would send it in anyway. I assume that if the producers and casting directors like your application, they will consider it for future seasons, as they have done in the past, regardless of what the application says.

The application form and instructions are on the CBS Web site for The Amazing Race .

If you want to know what to include in your audition videotape, check out the audition tapes from the teams that were selected for The Amazing Race 3 on the CBS Web site -- click on the "Teams" tab, then click on each team for a page including a link to their audition video. That was the only season of The Amazing Race for which the audition tapes were made public.

And don't forget that you don't have to get picked to be in the cast of a reality television show to take a trip around the world -- you can always do it yourself .

Good luck, and "Bon Voyage"!

[Addendum, 9 December 2004: There has still been no official announcement of an application or schedule for "The Amazing Race 8" or any later season. But judging from some of the comments, it looks like some readers haven't understood my advice. Here's what I recommend you do now, if you want to apply: (1) Download the application form for "The Amazing Race 7" or whatever season is available. (2) Fill it out, following the instructions on the CBS Web site (except for ignoring the deadlines). (3) Send it in to the producers. Don't wait. Ignore the fact that the application says it is for "The Amazing Race 7" or any other season. Ignore the deadline for "The Amazing Race 7", which is long past, or any other "deadlines". Send your application in, now, anyway. I can't guarantee that this will work, but based on what has happened in the casting for previous seasons, I believe that these applications will be considered. If you wait, you might miss the window of opportunity when CBS orders another season and a new "deadline" is announced.]

[Further addendum, 8 February 2005: CBS-TV and the producers of "The Amazing Race" have announced that "The Amazing Race 8" will be for teams of 4 people (with a prior relationship to each other), instead of 2. They seem particularly interested in getting family teams, but I suspect that more of the applications will be from groups of friends. The application has been revised to call for teams of 4, but (1) the application and eligibility forms say explicitly that applications may be held over from one season to another, and teams of 2 that applied earlier may still be considered (and, presumably, invited to find 2 more teammates), (2) "The Amazing Race 9" is likely to revert to teams of 2, and (3) the producers can do anything they think will attract more viewers -- there are government rules for the fair conduct of "game shows" that apply to competitive reality-TV programs, but these rules don't apply to the selection of cast members/contestants. So if you are interested, I would still go ahead and apply, using whatever form is available, as early as possible, regardless of whether you have a team of 2 or 4.]

[Further addendum, 10 May 2009: The CBS Web site has been changed again. Here are links to the latest forms and instructions currently available for "The Amazing Race". There are also ocaasional and unpredictable casting calls where local TV stations will film your audition video on site, but you will still need to complete the application form. My advice remains the same as always: fill out the application and send it in with your audition video whenever you are ready, regardless of any "deadlines" or which series number is on the application. The producers can, and do, keep applications on file for later seasons if they like them, and invite people to appear on the show outside the public open application process. They aren't bound by any of their self-imposed "deadlines" or most of their "rules". If you have trouble downloading the application forms from the CBS Web site, the new mailing address for applications is: The Amazing Race Casting, 200 North Continental Blvd., 2nd floor, El Segundo, CA 90245, USA. If you have any comments on the eligibility criteria (such as the rule permitting only citizens of the USA), you can address them to the production companies (World Race Productions, Inc. and Amazing Race Productions Inc.) at the same address. Please remember that I don't produce the show and or make the "rules".]

More airlines on the brink of bankruptcy or liquidation

With more airlines on the brink of bankruptcy, and some of those already in bankruptcy moving closer to possible liquidation, there's been steadily rising concern for what travellers need to know about tickets, travel, and frequent flyer mileage credits with bankrupt or liquidated airlines.

In addition to my FAQ About Airline Bankruptcies , I'm interviewed on this in a Q and A in Business Week online, and in the San Jose Mercury News . Jane Engle does some interesting further digging into the (lack of) legal guarantees for holders of tickets if an airline ceases to fly, with me and other sources, in her column this week in the Los Angeles Times (free registration and cookie acceptance required), reprinted in the Minneapolis Star-Tribune and in a shorter version in Long Island and New York City in Newsday .

UK announces "Semaphore" traveller surveillance scheme

UK Prime Minister Tony Blair this week announced the UK counterpart of the US-VISIT, CAPPS-II, and Registered Traveler programs in the USA: the co-called "Semaphore" program.

It its official statement on the "Semaphore" program, the UK Home Office is much more forthright about its intentions than the USA Department of Homeland Secuirty has been about its traveller tracking schemes. In particular, it's very clear that the purpose of the mandatory biometric (and perhaps RFID -- the technbology isn't spelled out) traveller ID credentials, and the government acceess to reservation data, is the compilation of a lifetime dossier recording the movements of each traveller:

A high-tech programme to modernise and strengthen the United Kingdom's borders, including electronic embarkation controls, will be underway by the end of this year, the Prime Minister announced today.

The £15 million pilot scheme - known as Project Semaphore - is the first stage in ... effectively recording people as they travel into and out of the UK....

Project Semaphore will initially target six million passengers a year travelling on a number of international air routes to and from the UK. It will use on-line technology and advance passenger information provided by airlines before arrival to screen and record individuals as they enter and leave the UK, providing a comprehensive passenger movement audit trail.

It will be the first phase of the full implementation of e-Borders from 2008 which will rapidly expand to encompass all movements in and out of the country.... It will ... ensure we can have clearer records of those entering and leaving the UK.

The Home Secretary, David Blunkett, said:

"... the Government intends to bring in its ambitious e-borders programme ... which will work alongside biometric ID cards from 2008 onwards.... by efficiently recording people travelling into and out of the UK, using airline reservation information and capturing passengers' biometric data....

"Project Semaphore, which will be underway by the end of the year, is a key first step in putting in place comprehensive electronic analysis of passenger travel data, which will be crucial to being able to register entry and exit...."

As usual, John Lettice has an ascerbic dissection of the implications of the "Semaphore" program in The Register .

Meanwhile, USA Attorney General John Ashcroft has been in Europe for meetings this week with European Union leaders and negotiation of agreements on the " exchange of information" between the EU and the USA. The full texts of the agreements have not been released, but I have a hunch they may include language intented to authorize use of data in airline reservations originally collected in the EU for testing of the USA Secure Flight scheme, in which airlines and CRS's that operate in the EU would otherwise be forbidden to participate.