law.duke.edu · With the emergence of new technologies, such as digitalized biometric...

FACULTY WORKSHOP NOTE

Dear Colleagues: Thank you for reviewing this draft. For the workshop on Wednesday, May 2, if you don’t have time the entire manuscript, I would suggest focusing on Part I.A. (pp. 2-13) and Part III (pp. 48-64). I am looking forward to receiving your comments and recommendations as I revise the article. Best, Margaret

Preliminary Draft (4/27/12): Please Do Not Cite or Circulate Forthcoming in Indiana Law Journal, Vol. 88 (April 2013)

2

BIOMETRIC ID CYBERSURVEILLANCE

Margaret Hu* Abstract With the emergence of new technologies, such as digitalized biometric identification cards, cybersurveillance may become an integral, yet invisible, component of ordinary citizens’ daily lives. Identification documents, such as driver’s licenses in some states and all U.S. passports, are now implanted with radio frequency identification technology (RFID). Experts note that RFID and GPS tracking technologies are merging. IDs embedded with RFID/GPS technology facilitate a convergence of cybersurveillance (i.e., body tracking and data surveillance) and dataveillance (i.e., biographical tracking). These developments raise significant Fourth Amendment challenges, some of which were addressed by the Supreme Court recently in U.S. v. Jones, which concerned a GPS device attached to a vehicle. The Jones decision underscores how existing Fourth Amendment jurisprudence relies heavily upon the physical intrusiveness of traditional surveillance rather than the virtual intrusiveness of cybersurveillance and dataveillance. It also reveals how the current “reasonable expectation of privacy” standard fails to address significant changes in technology’s arc. In this Article, I contend that Fourth Amendment jurisprudence must incorporate culturally ingrained privacy customs in assessing whether surveillance is objectively or subjectively reasonable.

Table of Contents Introduction ..................................................................................................................................... 3

I. Introduction to HSPD-12 ............................................................................................................ 7

A. Complex Web of Preexisting Identity Management Programs ............................................. 8

B. NASA v. Nelson & HSPD-12 .............................................................................................. 13

C. Biometric Dataveillance Policy & Contextual Information ................................................. 17

II. Introduction to Biometric IDs & Identity Management Technologies ................................... 20

A. Overview of Identity Management Programs ...................................................................... 23

1. E-Verify and Genesis of Database-Driven Identity Management Programs .................... 23

2. Post-9/11 Statutes Supporting Identity Management Programs ....................................... 31

3. Post-9/11 Identity Management Data Mining Programs .................................................. 34

4. Post-9/11 Military-Based Biometric ID Programs ........................................................... 40

B. Smart Card-Biometric ID & Dataveillance .......................................................................... 41

C. Biometric-RFID Cards & Cybersurveillance ....................................................................... 43

* Visiting Assistant Professor, Duke Law School. .


3

III. Contours of the 1984 Surveillance Problem ........................................................................... 48

A. Orwellian Surveillance Technologies & Devolution of the Fourth Amendment ................ 49

B. Culturally-Ingrained Privacy Customs & the Fourth Amendment ...................................... 53

C. U.S. v. Jones & the Future of Cybersurveillance Jurisprudence .......................................... 56

1. Nothing Has Changed Since U.S. v. Knotts ..................................................................... 56

2. Expectations of Privacy Adapting to Efficiencies of Technology .................................... 57

3. Preserving Reasonable Expectations in an Unreasonable Surveillance State .................. 58

Conclusion .................................................................................................................................... 62

Introduction In 2004, President George W. Bush signed Homeland Security Presidential Directive 12 (HSPD-12), which provides for the development of a biometric ID card for all federal employees and contractors. The Bush administration implemented several other presidential directives, including HSPD-6, HSPD-11, HSPD-24, and National Security Presidential Directive (NSPD) 59, to promote and coordinate biometric data collection and data surveillance, or dataveillance, as a matter of national security policy. HSPD-12 may well serve as a programmatic and technological prototype for a Biometric National ID Card, which may mandate the collection of digital photos, fingerprints, iris scans, DNA samples, etc. of everyone lawfully present in the U.S.1 Both opponents and proponents of the highly controversial Arizona Senate Bill 1070 (SB 1070), currently under consideration by the Court in Arizona v. U.S.,2 have called for the creation and use of a biometric ID card to “secure the border.”3 This Article explores the emerging jurisprudence on identity management technologies and biometric ID cybersurveillance, and the evolution of the “national surveillance state.”4 In U.S. v. Jones,5 the U.S. Supreme Court recently considered the constitutionality of warrantless 24/7 GPS satellite surveillance by the government. Jones thus marked one of the first collisions between the modern “national surveillance state” and the limits of traditional Fourth Amendment doctrine. The Supreme Court decided the case on narrow grounds and, for the moment, avoided larger and still lingering questions. Most notably, Jones does not resolve the important question of what expectations of privacy are reasonable within the realm of cybersurveillance.6 Nor does

1 The most recent comprehensive immigration reform plan includes a biometric identification system titled BELIEVE (Biometric Enrollment, Locally Stored Information and Electronic Verification of Employment). See http://thehill.com/images/stories/news/2010/PDFs/immigration2.pdf. 2 131 S. Ct. 1968 (2011). 3 See, e.g., A. Michael Froomkin and Jonathan Weinberg, Aarti Kohli, ed., Hard to BELIEVE: The High Cost of a Biometric ID Card, Warren Institute on Law and Social Policy, Berkeley School of Law (Feb. 2012) available at www.law.berkeley.edu/files/Believe_Report_Final.pdf. 4 Jack M. Balkin, The Constitution in the National Surveillance State, 93 MINN. L. REV. 1 (2008); Jack M. Balkin and Sanford Levinson, The Processes of Constitutional Change: From Partisan Entrenchment to the National Surveillance State, 75 FORDHAM L. REV. 489 (2007). 5 565 U.S. __ (2012). 6 The appropriate role of cybersurveillance in governance and promulgating security goals, as well as database privacy rights, are topics that have also formed the basis of rich academic discourse in recent years. See Benjamin

http://thehill.com/images/stories/news/2010/PDFs/immigration2.pdf

http://www.law.berkeley.edu/files/Believe_Report_Final.pdf


4

Jones articulate a limiting principle to restrain government intrusiveness with regard to comprehensive dataveillance.7 As Justice Samuel Alito commented in his concurrence in Jones, when confronted with a “21st-century surveillance technique,” the Court resorted to “18th-century tort law.”8 The GPS device considered in Jones, in fact, can already be understood as antiquated by 21st-century standards. To better understand the manner in which the post-Jones Fourth Amendment jurisprudence must now evolve to accommodate emerging 21st-century surveillance capacities, this Article offers a brief overview of modern surveillance techniques currently being developed under the rubric of biometric ID cards and identity management technologies9 that execute surveillance through database and data-driven methodologies. In recent years, surveillance technology has developed along two veins: (1) comprehensive cybersurveillance or 24/7 surveillance of the body and (2) comprehensive dataveillance or 360° surveillance of the biography through data mining and data surveillance. Digitalized biometric ID credentialing and identity verification systems, however, represent a new avatar of surveillance. Such systems embody cutting-edge surveillance technologies and techniques: the convergence of cybersurveillance body tracking and dataveillance biographical tracking through a single methodology (e.g., data accumulation, aggregation, and analysis) in a manner that may appear to be reasonable (e.g., ID cards), expected (e.g., identity verification) and consensual (e.g., voluntarily submitting to protocols which permit the harvesting of identity data) by the government or other third parties (e.g., employer identity management database screening of employees as directed by law as a precondition for hiring).10 The hallmark of this cutting-edge surveillance is that it can also be conducted remotely and invisibly (e.g., employers, or designated agents contracted by employers, remotely screening personally identifiable information through the U.S. Department of Homeland Security databases via the internet

Wittes, Databuse: Digital Privacy and the Mosaic, Governance Studies at Brookings Institution (April 1, 2011); Jeffrey Rosen, THE NAKED CROWD (Random House 2005); Daniel Solove, Reconstructing Electronic Surveillance Law, 72 G. WASH. L. REV. 1264 (2004); Daniel Solove, Data Mining and the Security-Liberty Debate, 74 UNIV. CHI. L. REV. 343 (2008); Fred H. Cate, Government Data Mining: The Need for a Legal Framework, 43 Harv. C.R.-C.L. L. REV. 435, 461 (2008); James Boyle, Foucault in Cyberspace: Surveillance, Sovereignty and Hard-Wired Censors (1997) available at http://www.law.duke.edu/boylesite/foucault.htm. For more information on the history of database privacy and post-9/11 developments in surveillance and dataveillance technology, respectively, see, generally, Simon Garfinkel, DATABASE NATION (O’Reilly Media Cambridge 2001); Robert O’Harrow, Jr., NO PLACE TO HIDE (Free Press New York 2006); Dana Priest and William M. Arkin, TOP SECRET AMERICA: THE RISE OF THE NEW AMERICAN SECURITY STATE (Little Brown and Co. 2011). 7 Multiple scholars have explored in depth the constitutional implications of technological advances in surveillance and the incorporation of such technologies in national security policy. Orin Kerr, An Equilibrium-Adjustment Theory of the Fourth Amendment, 125 HARV. L. REV. 476 (2011); David Cole and James X. Dempsey, TERRORISM AND THE CONSTITUTION: SACRIFICING CIVIL LIBERTIES IN THE NAME OF NATIONAL SECURITY, 3RD ED. (New York: The New Press 2006); David Cole and Jules Lobel, LESS SAFE LESS FREE: WHY AMERICA IS LOSING THE WAR ON TERROR (New York: The New Press 2007); Simon Chesterman, ONE NATION UNDER SURVEILLANCE: A NEW SOCIAL CONTRACT TO DEFEND FREEDOM WITHOUT SACRIFICING LIBERTY (Oxford Univ. Press 2011); PRIVACY: THE LOST RIGHT (Oxford Univ. Press 2011); Jeffrey Rosen and Benjamin Wittes, eds., CONSTITUTION 3.0: FREEDOM AND TECHNOLOGICAL CHANGE (The Brookings Institution 2011). 8 Jones at 1 (Alito, J., concurring). 9 For an overview of “identity management” as a policy concept, see Lucy L. Thomson, Critical Issues in Identity Management—Challenges for Homeland Security, 47 JURISMETRICS J. 335–356 (2007). 10 Chamber of Commerce v. Whiting, 131 S.Ct. 1968 (2011) (upholding Legal Arizona Workers Act of 2007 which makes E-Verify internet database screening mandatory for all Arizona employers). See infra Part II.A.1.


5

without an employee’s knowledge or consent which, in turn, allows the government to invisibly monitor and track the place of employment and employment activities of those screened).11

After the terrorist attacks of September 11, 2001, calls for the implementation of a Biometric National ID Card were pronounced. Recent comprehensive immigration reform proposals introduced in Congress recommend the adoption of a biometric ID as a method to promote immigration control and border security.12 In recent years, therefore, Congress has proposed the implementation of a “high-tech” Social Security card that would resemble a credit card.13 Justice Alito’s concurrence in Jones notes, however, that “there is now a [GPS] device in use that weighs two ounces and is the size of a credit card.”14 Thus, tracking conducted through everyday ID documents could be a surveillance game changer.15 Although Jones held warrantless placement of a GPS device on a vehicle constitutes a trespass and a search without the vehicle owner’s consent, no warrant would be required to track our movements through ID documents in our purses and wallets after we “voluntarily” consent to receiving the ID. Consequently, this Article explores how a digitalized Biometric National ID Card, especially once implanted with radio frequency identification (RFID)/GPS technology, could facilitate cost-effective and indiscriminate mass cybersurveillance and dataveillance on a national scale. Specifically, an automated national identification credentialing system would provide a “universal data backbone” for data mining and database screening protocols. In addition, such a system would likely provide a radio-based and/or satellite-based method to track either entry/exit points and/or continuous geospatial movement. A proliferation of “smart card” technology has increased the use of such digital ID technology to restrict not only physical access, but, “logical access” as well. “Logical access” restriction includes an inability to access computer and internet services, telecommunication devices, vehicles, ATM machines, and other products that can be keyed to a “smart card” as a matter of security. Thus, the potential long-term constitutional consequences of relying upon digitalized biometric ID cards and database-driven identity management systems to further immigration and national security policy, and the impact of such systems on privacy law and surveillance policy generally, warrants careful attention in legal discourse.16

11 Id. (discussion on E-Verify pre-screening and E-Verify program as facilitating dataveillance). 12 See Froomkin and Weinberg discussion of Senate proposal for comprehensive immigration reform, named “BELIEVE: Biometric Enrollment, Locally Stored Information and Electronic Verification of Employment” at supra n. 3. See also David A. Martin, Eight Myths About Immigration Enforcement, 10 N.Y.U. J. LEGIS. & PUB. POL’Y 525, 548 (2007) (“Reliable identity documents, bearing biometric identifers, must be an essential part of the [worksite employment verification] procedure.”). 13 Charles E. Schumer and Lindsey O. Graham, The Right Way to Mend Immigration, WASH. POST OP-ED (March 19, 2010) available at http://www.washingtonpost.com/wp-dyn/content/article/2010/03/17/AR2010031703115.html. See also Katy Steinmetz, Ready for Your Biometric Social Security Card? Is a Biometric Identity Card the Key to Immigration Reform? TIME (March 29, 2010) available at http://www.time.com/time/nation/article/0,8599,1974927,00.html. 14 Jones (Alito, J., concurring) at 1, n.1. 15 See, e.g., David Lyon, IDENTIFYING CITIZENS: ID CARDS AS SURVEILLANCE (Polity Press 2009); Jim Harper, IDENTITY CRISIS: HOW IDENTIFICATION IS OVERUSED AND MISUNDERSTOOD (The CATO Institute 2006); A. Michael Froomkin, Creating a Viral Federal Privacy Standard, 48 BOSTON COL. L. REV 55 (2006). 16 See, e.g., A. Michael Froomkin, Identity Cards and Identity Romanticism, available at http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1309222) in Ian Kerr, Carole Lucock, and Valerie Steeves, eds., LESSONS FROM THE IDENTITY TRAIL: ANONYMITY, PRIVACY, AND IDENTITY IN A NETWORKED SOCIETY (Oxford Univ. Press 2009); A. Michael Froomkin, The Uneasy Case for National ID Cards as a Means to Enhance Privacy in A. Chander, L. Gelman, M.J. Radin, eds, SECURING PRIVACY IN THE INTERNET AGE (Stanford Univ. Press 2008).

http://www.washingtonpost.com/wp-dyn/content/article/2010/03/17/AR2010031703115.html

http://www.washingtonpost.com/wp-dyn/content/article/2010/03/17/AR2010031703115.html

http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1309222


6

To ground the consequences of a Biometric National ID discussion within a real rather than hypothesized context, Part I specifically examines the biometric identification credentialing program mandated by HSPD-12. Part I explores some future implications of identity management technologies, including the manner in which HSPD-12 may now pave the way for the implementation of a biometric credentialing program and uniform biometric-based dataveillance and cybersurveillance program on a national scale. Part II introduces how biometric data harvesting programs and credentialing technology are now interfacing with the post-9/11 proliferation of identity management database screening programs and post-9/11 dataveillance policy. This part discusses various database screening technologies, and the increasing utilization of biometric credentialing programs and other database screening protocols for population tracking and social sorting purposes. Further, this part examines how a Biometric National ID Card emblemizes a convergence of technologies that allows 24/7 monitoring of movement, or the 24/7 surveillance of the body, while also simultaneously offering a method to conduct 360° dataveillance of personal data, or the 360° surveillance of the biography. Yet, the advent of this type of digitalized biometric ID tracking technology, conducted through a radio-operated microchip and/or radio-nanotechnology,17 also referred to as nanoradio, embedded within an ID document in a wallet or purse, rather than through a battery-operated GPS device attached to a vehicle, promises to radically reorient the Fourth Amendment considerations recently considered by the Jones Court. In fact, during the Jones oral argument, the Court made clear that the Fourth Amendment jurisprudence has not yet developed an articulable limiting principle to curtail the impact of rapidly advancing technology in the realm of cybersurveillance and dataveillance, such as the techniques and methods exemplified by data-driven identity management systems. Still, through multiple references to George Orwell’s novel 1984 during the Jones argument, the Court acknowledged there are preexisting culturally-ingrained limits to what can be considered tolerable government intrusiveness under a doctrine that contemplates whether “reasonable expectations of privacy” have been violated. Part III therefore provides an overview of the problem of dataveillance as it was posed in Jones. The Court largely avoided addressing overarching cybersurveillance concerns through its narrow holding. But those issues were prominently in play in the litigation of the case and especially at oral argument. The Justices’ repeated resort to Orwellian characterizations of the implications of the government’s position marks the culturally tolerable limits of surveillance.

17 The National Academy of Sciences defines nanotechnology as a field of applied science and technology that studies and develops the control of matter on the atomic and molecular scale, normally 1 to 100 nanometers, and the fabrication of devices with dimensions within that molecular range. In 2008, scientists from the University of Illinois and Northrop Grumman Corp Electronics Systems announced the successful development of radio nanotechnology that was smaller than the diameter of human hair. Lester Haines, US Boffins Tune Into Carbon Nanotube Radio: Really Small Challenge to Silicon Semiconductors, The Register (Jan. 29, 2008), available at http://radio2020.wordpress.com/2008/01/29/nanotech-radio-its-the-small-things-that-matter/ (“Imagine radios that are integrated into the frames of your glasses.”). Press reports indicate that the first nanoradio technology was pioneered by physicist Alex Zettl in 2007 at U.C. Berkeley's Center of Integrated Nanomechanical Systems (COINS) and in the Materials Sciences Division at Lawrence Berkeley National Laboratory (LBNL). Bernadette Tansey, SF Gate, Cal Physicists Make a Radio 10,000 Times Thinner than Human Hair (Nov. 1, 2007) available at http://articles.sfgate.com/2007-11-01/business/17269122_1_nanotube-radio-beach-boys. Wireless nanoradio chips are currently under research and development. Alun Williams, Swedish Chip Startup Raises 10m for Wireless Chip Development, Electronics Weekly (July 5, 2010) available at http://www.electronicsweekly.com/blogs/uk-technology-startups/2010/07/swedish-chip-startup-raises-10.html. There are no public reports that nanoradio techonology embedded within government-issued documents is currently being used for cyber-surveillance. However, RFID microchips are now implanted in U.S. Passports. See infra note __.

http://radio2020.wordpress.com/2008/01/29/nanotech-radio-its-the-small-things-that-matter/

http://www.electronicsweekly.com/blogs/uk-technology-startups/2010/07/swedish-chip-startup-raises-10.html

http://www.electronicsweekly.com/blogs/uk-technology-startups/2010/07/swedish-chip-startup-raises-10.html


7

Even if the Court’s current Fourth Amendment jurisprudence provides no dispositive legal basis for enforcing these cultural limits, invocations to 1984 during argument make clear that the Court’s jurisprudence will likely evolve to give these cultural limits legal effect. Thus, this Article concludes that Fourth Amendment jurisprudence must now evolve to accommodate limitations on government intrusiveness, limitations that are culturally ingrained and bounded by privacy customs, as part of an assessment of whether the surveillance is considered objectively or subjectively reasonable.

I. Introduction to HSPD-12 Shortly after the attacks of September 11, 2001, there were growing calls for the adoption of a Biometric National ID Card to prevent future terrorists from entering the borders of the U.S. Throughout his presidency, President Bush signed several dozen executive orders titled as “Homeland Security Presidential Directives” (HSPDs) or “National Security Presidential Directives” (NSPDs). On August 27, 2004, President George W. Bush signed HSPD-12, “Policy for a Common Identification Standard for Federal Employees and Contractors.” HSPD-12 required the establishment of a government-wide minimum standard for the issuance or a secure identification card or uniform identification credential to federal employees and contractors. HSPD-12, however, did not specify how to achieve that goal. The U.S. Department of Commerce and National Institute of Standards and Technology (NIST) subsequently concluded HSPD-12 required the development and issuance of a Personal Identification Verification (PIV) digitalized ID card that should be implanted with a computer circuit chip that contains the cardholder’s biometrics (computerized 10-digit fingerprints captured through fingerprinting scanners) and other personal information. The PIV card is machine readable and records points of entry and exit by federal employees and contractors. Each federal agency was directed to develop a background check and credentialing program pursuant to HSPD-12 prior to issuing the PIV card to federal employees and contractors. Multiple policy proposals since 9/11 have contemplated the national adoption of a similar biometric ID credentialing system.18 Calls for a Biometric National ID Card increased after passage of Arizona Senate Bill 1070 (SB 1070), the controversial “racial profiling” law that is at the heart of the Supreme Court challenge in Arizona v. U.S. “I’m ready to give a little blood and a little DNA to prove that I’m legally working in the United States of America[,]” Congressman Luis Gutierrez (D-Ill.) declared on national television immediately after SB 1070 passed, protesting both Arizona’s presumptive “racial profiling” mandate and the current “broken” immigration system.19 Congressman Gutierrez elaborated that a biometric-based, “high-tech” 18 Conceptual Outline for Comprehensive Immigration Reform was released on April 29, 2010, by the Offices of Senators Reid (D-NV), Schumer (D-NY), Menendez (D-NJ), Leahy (D-VT), Durbin (D-IL) and Feinstein (D-CA): the Outline was titled, "Real Enforcement with Practical Alternatives for Immigration Reform" (REPAIR). Available at http://thehill.com/images/stories/news/2010/PDFs/immigration2.pdf [hereinafter Conceptual Outline for Comprehensive Immigration Reform (April 29, 2010)]. The Conceptual Outline is 26 pages long. Ten pages of the proposal, pages 8 to 18, discussed in a section titled, "ENDING ILLEGAL EMPLOYMENT THROUGH BIOMETRIC EMPLOYMENT VERIFICATION”. Proponents of the immigration reform plan claim that the Biometric Employment Verification system would utilize a “high-tech” Social Security Card, and deny that such a card is a Biometric National ID Card. See also A. Michael Froomkin and Jonathan Weinberg, Aarti Kohli, ed., Hard to BELIEVE: The High Cost of a Biometric ID Card, Warren Institute on Law and Social Policy, Berkeley School of Law (Feb. 2012) available at www.law.berkeley.edu/files/Believe_Report_Final.pdf. 19 Lynn Sweet, “Gutierrez Arrested for Immigration Protest; Explains on ‘Face the Nation’”, Chicago Sun-Times



8

Social Security card was essential to fixing the immigration system. Kris Kobach, described in media reports as the “Architect of Arizona Immigration Law SB 1070,”20 has explained in congressional testimony that biometric passports are necessary to “secure the border” and verify the identity of those in the U.S. who may be potential terrorists.21 Consequently, both opponents and proponents of Arizona SB 1070 have called for the implementation of a Biometric ID.

Further, the introduction of a Biometric National ID Card appears more likely in the wake of the Supreme Court's recent decision in Chamber of Commerce v. Whiting. In Whiting, the Court recently upheld the Legal Arizona Workers Act (LAWA), which mandates employer use of E-Verify, a highly experimental identity management technology. E-Verify is an internet-driven database screening program that purports to allow employers to verify identity and citizenship status of employees by running personally identifiable information through government databases. Although E-Verify was intended by Congress to be a voluntary, test pilot program, LAWA’s state immigration law required all employers in Arizona to run new hires through the database screening program. Through a strict textualist approach, the Court reasoned that although Congress prohibited the federal government from mandating E-Verify use, nothing in the federal statute explicitly prohibited a state from mandating E-Verify use.22

Soon after the Supreme Court issued its decision in Whiting, Congress proposed the Legal Workforce Act of 2011.23 Under this law, E-Verify data screening is required by all employers across the country. The law also requires a biometric ID to facilitate the E-Verify database screening protocol. Specifically, the law requires that each new employee present to an employer at the time of hire identification that “contains a photograph of the individual and biometric identification data from the individual and such other personal identifying information relating to the individual as the Secretary of Homeland Security finds, by regulation, sufficient for purposes of [the law][.]”24

A. Complex Web of Preexisting Identity Management Programs

To more fully appreciate the potential consequences of a Biometric National ID system, however, such a measure cannot be examined alone as a freestanding program. Rather, it should be assessed as a system which will unfold within a complex web of preexisting identity management programs which have proliferated rapidly since the terrorist attacks of September 11, 2001. Most of these programs are advanced purportedly to serve national security objectives, and to control crime and immigration. The post-9/11 conflation of crime and immigration policy

(citing transcript from Face the Nation) May 2, 2010. Blogs.suntimes.com/sweet/2010/05/gutierrez_arrested_for_immigra.html. 20 John Hanna, Associated Press, Kris Kobach, Architect of Arizona Immigration Law SB 1070, Is Behind Other Controversial Laws (May 10, 2010), available at http://www.huffingtonpost.com/2010/05/10/kris-kobach-architect-of_n_570662.html. 21 Kris W. Kobach, Professor of Law, University of Missouri (Kansas City) School of Law, April 30, 2009, Testimony on “Comprehensive Immigration Reform in 2009, Can We Do It and How?” Before the Senate Committee on Judiciary, Subcommittee on Immigration, Border Security and Refugees. 22 See Margaret Hu, Reverse-Commandeering [article on file with author] (discussing Court’s treatment of preemption doctrine through strict textualism in Whiting). 23 H.R. 2885: “Legal Workforce Act” (Sept. 12, 2011) introduced by Lamar Smith (R-TX), available at http://www.govtrack.us/congress/billtext.xpd?bill=h112-2885 24 Id. (Mandates national expansion of E-Verify, and online employment eligibility verification system that purports to verify identity and citizenship status through government database screening).


9

has been referred to as “crimmigration.”25 Many identity management systems, thus, have been justified under a “crimmigration-counterterrorism” policy frame.

According to the government, these identity management programs and technologies are promulgated to facilitate the government’s ability to quickly and efficiently sort out immigrants and noncitizens who may be terrorists, “criminal aliens”, and those who may be perpetrators of fraud, including benefits, voting, and licensing fraud. Consequently, the proliferation of various identification screening, verification, and credentialing programs currently include: HSPD-12,26 E-Verify,27 REAL ID,28 SAVE,29 HAVA,30 US-VISIT,31 SEVIS,32 BCC,33 S-COMM,34 CAP,35 SSNVS,36 Secure Flight,37 TWIC,38 CIDR,39 and ISAP40 to name just a few.41

25 Juliet Stumpf, The Crimmigration Crisis: Immigrants, Crime, and Sovereign Power, 56 AM. U. L. REV. 367 (Dec. 2006). Other scholars note that the conflation of crime and immigration policy, however, is a trend that began in the 1970s and 1980s, culminating with the Immigration Reform and Control Act of 1986. 26 Homeland Security Presidential Directive-12. 27 Originally named “Basic Pilot Program”, E-Verify is an online employment eligibility verification program jointly operated by the U.S. Department of Homeland Security and the Social Security Administration. 28 Real ID Act of 2005, mandating uniform driver’s licensing requirements, credentialing protocols, technological enhancements and state cooperation in centralized federal data systems. 29 Systematic Alien Verification for Entitlements (SAVE). 30 Help America Vote Act of 2002 (HAVA) imposes a Statewide Voter Database Requirement that requires each State to collect the driver’s license number or the last four digits of the Social Security Number to be associated with each new registered voter. 42 U.S.C. § 15483(a)(5)(A)(i)(I) and (II). 31 United States Visitor and Immigrant Status Indicator Technology Program. “US-VISIT supports the Department of Homeland Security’s mission to protect our nation by providing biometric identification services to federal, state and local government decision makers to help them accurately identify the people they encounter and determine whether those people pose a risk to the United States.” http://www.dhs.gov/files/programs/usv.shtm 32 Student Exchange and Visitor Information System 33 BCC is the acronym for the biometric Mexican Border Crossing Card. For more information about the BCC program, see http://www.uscis.gov/ilink/docView/SLB/HTML/SLB/0-0-0-1/0-0-0-11261/0-0-0-15905/0-0-0-16440. See also html www.uscis.gov/files/pressrelease/BioMexBorder_092801.pdf. 34 Under S-COMM or the Secure Communities Program, state and local law enforcement agree to “share the fingerprints of individuals who are booked into jails with the FBI to see if they have a criminal record. Under Secure Communities, the FBI automatically sends the fingerprints to ICE [DHS Immigration and Customs Enforcement] to check against its immigration databases.” http://www.ice.gov/secure_communities/ 35 Criminal Alien Program or CAP “identifies, processes and removes criminal aliens incarcerated in federal, state and local prisons and jails throughout the U.S.” http://www.ice.gov/criminal-alien-program/. Under CAP, state and local law enforcement agencies agree to allow the federal government to conduct immigration status screening through databases and biometric screening on location at individual jail sites by an ICE officer. See, e.g., Randy Capps, Marc R. Rosenblum, Cristina Rodriguez, and Muzzafar Chishti, Delegation and Divergence: A Study of 287(g) State and Local Immigration Enforcement, Migration Policy Institute (Jan. 2011). 36 Social Security Number Verification Service. See SSNVS HANDBOOK, http://www.ssa.gov/employer/ssnvshandbk/ssnvs_bso.htm (last visited Jan. 31, 2012). 37 Formerly CAPPS and CAPPS II (Computer Assisted Passenger Prescreening System). U.S. Department of Homeland Security, CAPPS II: Myths and Facts, http://www.dhs.gov/xnews/releases/press_release_0348.shtm (last visited Feb. 26, 2012). 38 Transportation Worker Identification Credential or TWIC is a program operated by the Transportation Safety Administration and the U.S. Coast Guard. “TWICs are tamper-resistant biometric credentials issued to workers who require unescorted access to secure areas of ports, vessels, outer continental shelf facilities and all credentialed merchant mariners.” http://www.tsa.gov/what_we_do/layers/twic/index.shtm. 39 Citizenship and Immigration Data Repository System of Records (CDIR), September 8, 2010, DHS announced in the Federal Register a new database that will allow officials to vet applications for fraud and national security concerns, detect misuse of immigration information by agency employees for personal gain, and respond to

http://www.uscis.gov/ilink/docView/SLB/HTML/SLB/0-0-0-1/0-0-0-11261/0-0-0-15905/0-0-0-16440

http://www.ice.gov/criminal-alien-program/

http://www.ssa.gov/employer/ssnvshandbk/ssnvs_bso.htm


10

In the national security context, the government operates pure data mining programs such as REVEAL, combining “information from sixteen government and private databases, including those maintained by the IRS and Social Security Administration[;]”42 MATRIX;43 and data “fusion centers” that are an outgrowth of TIA44 to target specific individuals based on data profiling. Under the FBI’s Next Generation Identification (NGI) project, the federal government is attempting to institute a comprehensive, centralized, and technologically interoperable biometric database that spans across military and national security agencies, as well as all other federal government agencies, that contains whatever biometric data is available on all citizens and non-citizens in the U.S., including information on DNA, fingerprints, iris retinal scans, and facial recognition data captured through digitalized photos (e.g., U.S. Passport photos).45

Some of the harms of these identity management programs are already known. HSPD-12 requires the acquisition of a biometric ID card by all federal employees and contractors. However, the federal government concedes that “the information on the biometric PIV (Personal Identification Verification) Card can be read by a wireless device” and, therefore, the biometric and other personal “data [from the biometric ID card] can be inadvertently or maliciously captured.”46 Independent studies conducted to evaluate the impact of E-Verify, an online employment eligibility verification program jointly operated by the U.S. Department of Homeland Security (DHS) and the Social Security Administration (SSA), have concluded that foreign-born work-authorized individuals and naturalized U.S. citizens are more likely to experience discrimination under the program.47 An unknown number of U.S. citizens and

classified requests for information that could assist intelligence and law enforcement investigations. http://webcache.googleusercontent.com/search?q=cache:mPRZ_O8YlroJ:www.thefederalregister.com/d.p/2010-09-08-2010-22306+CIDR+DHS&hl=en&gl=us&strip=1 40 Intensive Supervision Appearance Program (ISAP) offers what DHS describes as “virtual” detainment through GPS ankle bracelet monitoring technology. 41 Richard Sobel, The Demeaning of Identity and Personhood in National Identification Systems, 15 HARV. J. L. & TECH. 319 (Spring 2002). Sobel catalogues various national databases, including: The Center for Education Statistics which “tracks children’s educational records . . .and also includes socioeconomic status, learning disabilities, medical, behavioral and family problems”; The Bank Secrecy Act of 1970 which “created permanent records of all individuals’ checks, deposits, and other banking activities”. 42 Christopher Slobogin, Is the Fourth Amendment Relevant in a Technological Age? at 7-8, The Future of the Constitution Series, Governance Studies at Brookings Institution (Dec. 8, 2010) available at www.brookings.edu/slobogin/1208_4th_amendment_slobogin.pdf. 43 Id. at 8. 44 Id. 45 For more information about the FBI’s Next Generation Identification project see http://www.fbi.gov/about-us/cjis/fingerprints_biometrics/ngi; http://www.fbi.gov/news/stories/2009/january/ngi_012609. 46 Shirley Radack, Editor, Computer Security Division, Information Technology Laboratory, National Institute of Standards and Technology, “Personal Identity Verification (PIV) of Federal Employees and Contractors: Federal Information Processing Standard (FIPS) 201 Approved by the Secretary of Commerce”, available at www.itl.nist.gov/lab/bulletns/bltnmar05.htm. 47 See, e.g., Doris Meissner and Marc Rosenblum, “The Next Generation of E-Verify: Getting Employment Verification Right,” Migration Policy Institute (July 2009), p. 9, available at: http://www.migrationpolicy.org/pubs/Verification_paper-071709.pdf; Westat Report to DHS: Findings of the E-Verify Program Evaluation (Dec. 2009) and Summary: Westat Evaluation of the E-Verify Program: USCIS Synopsis of Key Findings and Program Implications (Dec. 2009) available at http://www.uscis.gov/portal/site/uscis/menuitem.5af9bb95919f35e66f614176543f6d1a/?vgnextoid=3a351e56d3856210VgnVCM100000082ca60aRCRD&vgnextchannel=75bce2e261405110VgnVCM1000004718190aRCRD; Westat, Findings of the Web Basic Pilot Evaluation, Report to DHS (Sept. 2007), p. xxi, available at: http://www.uscis.gov/files/article/WebBasicPilotRprtSept2007.pdf

http://www.migrationpolicy.org/pubs/Verification_paper-071709.pdf

http://www.uscis.gov/portal/site/uscis/menuitem.5af9bb95919f35e66f614176543f6d1a/?vgnextoid=3a351e56d3856210VgnVCM100000082ca60aRCRD&vgnextchannel=75bce2e261405110VgnVCM1000004718190aRCRD


http://www.uscis.gov/files/article/WebBasicPilotRprtSept2007.pdf


11

authorized workers have been denied employment opportunities due to various deficiencies that remain unresolved under E-Verify; however, the total number of potentially harmed thus far by the E-Verify program could be upwards of 189,000 or more.48 Litigation surrounding compliance with federal Help America Vote Act (HAVA) database screening requirements alleged that up to 200,000 voters would be removed from the voter registration rolls in Wisconsin due to potential errors in the recording of driver’s license numbers and Social Security Numbers.49 The New York Times reported that 5,880 U.S. citizens were misidentified as criminal illegal aliens and wrongfully targeted for potential deportation through S-COMM.50 S-COMM allows for local law enforcement to screen the fingerprints of every person jailed, citizens and noncitizens, against federal immigration and FBI criminal databases.51 Several U.S. citizens have initiated legal action, contesting wrongful deportations.52

Congress is also contemplating adding a biometric verification protocol to the E-Verify internet database screening protocol, or a Biometric National ID Card, to compensate for deficiencies in the E-Verify program.53 Either a Biometric National ID Card—e.g., a biometric 48 U.S. Government Accountability Office (GAO), “Employment Verification: Federal Agencies Have Taken Steps to Improve E-Verify, but Significant Challenges Remain,” (Dec. 2010) at 16 [hereinafter GAO 2010 E-Verify Report]. In Fiscal Year 2009, “about 189,000 [new hires], received an FNC [Final Nonconfirmation under E-Verify] because their employment eligibility verification status remained unresolved.” Id. 49 Van Hollen v. Government Accountability Board, Dane County Circuit Court (Case 2008-CV 004085); Wisconsin Court of Appeals (Case 2008-AP 002804). Jan. 23, 2009 50 Julia Preston, Nov. 12, 2009, New York Times, “U.S. Identifies 111,000 Immigrants with Criminal Records”, http://www.nytimes.com/2009/11/13/us/13ice.html?_r=1 (“According to ICE figures, about 5,880 people identified through the program turned out to be United States citizens.”). 51 Secure Communities. See supra at n. 31. 52 See, e.g., Lyttle v. Holder, (D. Ga Oct. 13, 2010). Mark Lyttle, a U.S. citizen, was deported to Mexico in 2009. See, e.g., Kristin Collins, N.C. Native Wrongly Deported to Mexico, available at http://www.charlotteobserver.com/2009/08/30/917007/nc-native-wrongly-deported-to.html (last accessed April 29, 2011). An unpublished 2006 report by the Vera Institute of Justice identified 125 people in immigration detention whose lawyersbelieved they had valid citizenship claims. Marisa Taylor, “Immigration officials detaining, deporting American citizens,” McClatchy Newspapers, January 24, 2008, http://www.mcclatchydc.com/227/story/25392.html ICE disputes this. See, Congressional testimony of Gary Mead, February 13, 2008, p.9 (asserting that ICE has never knowingly or intentionally detained a U.S. citizen or deported a U.S. citizen). See, e.g., media reports on U.S. citizens either deported by DHS or who were put into deportation proceedings. For example, Luis Delgado, a U.S. citizen, was deported to Mexico in 2010. Peter Guzman, a U.S. citizen, was deported to Mexico in 2007. See Jill Serjeant, Lawsuit Filed Over Man Deported and Lost in Mexico, available at http://www.reuters.com/article/2008/02/27/us-usa-immigration-lawsuitidUSN2747919120080227 (last accessed April 29, 2011); Susan Carroll, Deported Man May be Houston-Born Citizen, available at http://www.chron.com/disp/story.mpl/metropolitan/7077166.html (last accessed April 29, 2011). Emily Ruiz, a U.S. citizen, was deported to Guatemala in 2011. Sam Dolnick, U.S. Returns Young Girl, a [U.S.] Citizen, to Guatemala, available at http://www.nytimes.com/2011/03/23/nyregion/23citizen.html?_r=1 (last accessed April 29, 2011). Thomas Warziniack, a U.S. citizen, was detained by ICE in 2007 and was put into deportation proceedings, however, was not deported. See, e.g., Marisa Taylor, Immigration Officials Detaining, Deporting American Citizens, available at http://www.mcclatchydc.com/2008/01/24/25392/immigration-officials-detaining.html (last accessed April 29, 2011). Similarly, Eduardo Caraballo was detained by ICE in 2010. See, e.g., Alex Perez & B.J. Lutz, American Citizen Faced Deportation, available at http://www.nbcchicago.com/news/local/eduardo-caraballo-puerto-rico-deportion-94795779.html (last accessed April 29, 2011). Rennison Castillo, a U.S. citizen, was detained by ICE in 2005 and put into deportation proceedings. Andrea Christina Nill, U.S. Military Veteran Who Was Wrongfully Detained Sues Immigration Officials, available http://www.laprogressive.com/immigration-reform/military-veteran-wrongfully-detained-suesimmigration officials (last accessed April 29, 2011). 53 Keith Aoki and John Shuford, Welcome to Amerizona--Immigrants Out! Assessing “Dystopian Dreams” and Usable Futures” of Immigration Reform, and Considering Whether “Immigration Regionalism” is an Idea Whose Idea Has Come, 38 FORDHAM URB. L. J. 1 (Nov. 2010) (observing that immigration federalism has incorporated a

http://www.nytimes.com/2009/11/13/us/13ice.html?_r=1

http://www.reuters.com/article/2008/02/27/us-usa-immigration-lawsuitidUSN2747919120080227

http://www.nbcchicago.com/news/local/eduardo-caraballo-puerto-rico-deportion-94795779.html

http://www.nbcchicago.com/news/local/eduardo-caraballo-puerto-rico-deportion-94795779.html

http://www.laprogressive.com/immigration-reform/military-veteran-wrongfully-detained-suesimmigration

http://www.laprogressive.com/immigration-reform/military-veteran-wrongfully-detained-suesimmigration


12

Social Security Card, biometric driver’s license, and/or biometric passport—or a biometric E-Verify program would likely require a universal biometric database, requiring the collection and permanent or semi-permanent electronic storage of the fingerprints, eye retinal scans, DNA samples, etc., of everyone legally present in the U.S. Congress has only begun to consider the electronic privacy safeguards necessary for internet database screening technologies through electronic privacy legislation, which would attempt to protect against discrimination and data misuse that could relate to digitalized universal biometric database. The constitutional, technological, social, and economic impact of a biometric ID credentialing program implemented on a national scale is difficult to overstate.

Specifically, a digitalized ID, as part of a national identification credentialing database, would offer the public and private sectors a tool to facilitate comprehensive data collection and ubiquitous database screening through the development of a “universal data backbone” based upon traditionally gathered personally identifiable information, as well as newly-acquired data, such as biometric data. Currently, a Social Security Number, for example, provides an essential “universal data backbone” for many identity management programs and database screening systems such as E-Verify and HAVA. As a de facto National ID number, the Social Security Number is used to track and screen data on individuals for a multiplicity of purposes. The political branches, however, are currently considering enhancing this numerical-based data backbone with a biometric-based data backbone.

Increasingly, multiple federal and state statutes, as well as public and private programs, require the harvesting of biometric data, including DNA, fingerprints, digital photos, and other personal data, for identification purposes. Biometric identifiers are becoming an essential data backbone for identity management database screening systems such as S-COMM and US-VISIT. Once implemented, a more comprehensively invasive universal data backbone could be utilized to analyze data on any given individual through data mining and profiling. Already, government and government-contracted data aggregation systems analyze data from publicly available databases (tax records, traffic violations, news reports, etc.) and private data and databases (banking records, credit card purchases, cell phone records, emails, google searches, etc.).54 Currently, in addition to an individual’s name, one’s birthdate and Social Security Number, and other numbers (driver’s license, passport, etc.), are used to facilitate this type of database sorting. Adding biometric data enhancement to a numerical data backbone risks even greater government intrusiveness because of the sensitive information that can gleaned from an individual’s DNA (genetic disorders, behavioral genetic profiling, religious and ethnic heritage, etc.)55 as well as information that can be analyzed from other biometric data, such as information yielded by a digital photo (demographic information such as race, color, etc., as well as digitalized facial analytical profiling, etc.).

With a Biometric National ID Card, or Biometric REAL ID driver’s license or Biometric Social Security Card, state and local law enforcement under S.B. 1070-type laws could request to see our digitalized biometric card through routine traffic stops.56 With a biometric identifier “dystopian dream”: “[T]he reliance on racial profiling and technologies (such as biometric identification and surveillance) that are overreaching in application and arguably in nature as well.” Id. at 11-12 (citations omitted). 54 See, generally, Simon Garfinkel, DATABASE NATION (O’Reilly Media Cambridge 2001); Robert O’Harrow, Jr., NO PLACE TO HIDE (Free Press New York 2006); Dana Priest and William M. Arkin, TOP SECRET AMERICA: THE RISE OF THE NEW AMERICAN SECURITY STATE (Little Brown and Co. 2011). 55 Troy Duster, BACKDOOR TO EUGENICS (Routledge 2003). 56 The Court has upheld the constitutionality of state statutes requiring suspects to “identity themselves” during police investigations. Hiibel Hiibel v. Sixth Judicial District Court of Nevada, Humboldt County, 542 U.S. 177


13

extracted from our body—digitally scanning our face, fingerprints, iris and retina, or extracting a DNA sample with a hand-held device, for instance—law enforcement could run this information against biometric databases to authenticate identity. Next, with the ease of a card swipe, law enforcement could instantly compile a “detailed digital dossier”57 from a search of multiple secret national security databases and private databases. Applying the “no-fly list” practice to a more universal application, law enforcement could use a suspicionless threat risk assessment to search and detain those stopped. Given current trends in DNA-based prosecutions, evidence from a database search could potentially lead to arrest and conviction based on “cold hit” DNA database evidence alone.58

B. NASA v. Nelson & HSPD-12

The Court thus far has had limited occasion to address whether it will play a role in posting judicial limits on the way cybersurveillance and dataveillance technologies intrude on the lives of citizens. The Supreme Court, over the past term and current term, has begun to confront the legality and constitutionality of cybersurveillance and dataveillance techniques. However, in several cases heard in the prior term—such as NASA v. Nelson, Tolentino v. New York, and Chamber of Commerce v. Whiting—and in cases heard this term— including Jones and Arizona v. U.S.—either the Fourth Amendment claims originally raised by the challenging party has been dropped by the lower court or the Court has failed to address the consequences of the cybersurveillance or dataveillance technology in question. As an example, NASA v. Nelson was a narrowly-tailored case with limited consequences, and that, in part, is the problem. NASA v. Nelson59 involved a challenge to aspects of the Homeland Security Presidential Directive-12 (HSPD-12) program60 in an effort by private citizens to limit the impact of this identity management program on personal privacy rights. In NASA v. Nelson, private contractors who were contracted to do work for NASA argued that the security background check required by the HSPD-12 program violated a constitutional right to informational privacy. The Court ruled against the contractors, holding that the background check process that was challenged consisted

(2004) (Court held that law enforcement’s legitimate need to dispel suspicion of criminal activity justified requiring self-identification by a suspect during Terry stops, under the rubric of Terry v. Ohio, 392 U.S. 1 (1968)). The Court in Hiibel also held that the state statute’s requirement of self-identification did not violate the Fifth Amendment, however, left open the potential that providing a name could be self-incriminating and may implicate the Fifth Amendment in another factual circumstance. United States v. Brignoni-Ponce, 422 U.S. 873 (1975) (Court held that U.S. Border Patrol may stop vehicles near the U.S.-Mexico border and query citizenship and immigration status of vehicle occupants who appear to be of Mexican national origin, combined with other facts and inferences that raise reasonable suspicion regarding legal immigration status of those questioned). See also Kevin Johnson, United States v. Brignoni-Ponce and Whren v. United States and the Need for Rebellious Lawyering, 98 GEORGETOWN L. J. 1005 (2009). 57 Simson Garfinkel, DATABASE NATION: THE DEATH OF PRIVACY IN THE 21ST CENTURY, Sebastopol, CA (2000) at 70. 58 Andrea Roth, “Safety in Numbers?: Deciding When DNA Alone is Enough to Convict,” NYU L. REV., Vol. 85 (2010). 59 National Aeronautics and Space Administration (NASA) v. Nelson, 131 S.Ct. 746, 562 U.S. ___ (2011) (challenging whether HSPD-12 that mandates standardized credentialing for all federal employees and contractors violates constitutional right to privacy). 60 HSPD-12 is titled: “Policy for Common Identification Standard for Federal Employees and Contractors.” The HSPD-12 policy is available at http://www.dhs.gov/xabout/laws/gc_1217616624097.shtm.


14

of “reasonable, employment-related inquiries that further the Government’s interests in managing its internal operations.”61

NASA v. Nelson is not so much interesting for the questions it presented to the Court as it is for the broader questions peripherally touched upon concerning the over-intrusive potential of identity management technologies such as HSPD-12-type biometric ID credentialing programs and the national security dataveillance policy that has given rise to an increased reliance on database-driven biometric security technologies. In NASA v. Nelson, the Court assumed, without deciding, that a constitutional right to privacy existed, but that any such right does not preclude “the Government from asking reasonable questions . . . in an employment background investigation that is subject to the Privacy Act’s safeguards against public disclosure.”62 Justices Antonin G. Scalia and Clarence Thomas filed separate concurrences, both of which asserted that no constitutional right to privacy exists.

On its face, the position of the respondents, 28 federal contractor scientists working at NASA’s Jet Propulsion Laboratory, that the government was not entitled to probe into whether they had a history of drug use might appear, as Justice Scalia characterized it, “[r]idiculous.”63 Whether scientists with a history of drug abuse should be allowed to assume sensitive positions of responsibility within NASA’s Jet Propulsion Laboratory appeared to the Justices to present an open-and-shut question with serious national security implications. NASA v. Nelson, however, is only the beginning. The case is one of the first of multiple cases that are attempting to seek judicial review of government identity management programs and datveillance technologies, programs that are rapidly flourishing in both scope and number. The number of individuals and private entities affected by government identity management programs is growing as rapidly as the programs themselves, and future attempts to seek judicially-imposed limits on such programs appear inevitable. The broader question, thus, is not so much whether the scientists in NASA v. Nelson were denied a constitutional right to privacy, but, whether any limiting principle can be articulated to curtail the government’s attempt to engage in post-9/11 dataveillance and biometric dataveillance credentialing in the name of furthering national security, crime control, and immigration policy.

NASA v. Nelson appears on its face to present a “ridiculous” question of law. Yet, by affirming the credentialing protocol surrounding HSPD-12 and, in effect, sanctioning an identity management technology, a machine-readable Biometric ID Card encoded with digitalized biometric data and other personally identifiable data, the case actually opens the door to profound questions of constitutional law, electronic privacy law and policy, and data surveillance policy that are yet to be resolved. These questions include the role of biometric technology and dataveillance in national security policy; whether the search and seizure of data in general and biometric data in particular constitutes a violation of the Fourth Amendment; and whether HSPD-12 will eventually serve as a programmatic and technological prototype for a Biometric National ID Card—or biometric passport, biometric REAL ID driver’s license, biometric Social Security Card and/or biometric E-Verify program—in the future.

The Supreme Court’s decision in NASA v. Nelson, was widely anticipated by privacy experts and scholars. Over three decades have passed since the Supreme Court “referred broadly to a constitutional privacy ‘interest in avoiding disclosure of personal matters.’”64 When the

61 Nelson at 759. 62 Id. at 757. 63 Id. at 769. 64 Nelson at __ (citing Whalen v. Roe, 429 U.S. 589, 599-600; Nixon v. Administrator of General Services, 433 U.S.


15

Court granted certiorari, therefore, some were hopeful that NASA v. Nelson presented a ripe opportunity to reaffirm the role of a constitutional right to information privacy in safeguarding private individuals—here privately-employed scientist-contractors performing low-security-risk research for NASA through a private university—from unnecessarily overbroad disclosure requirements by the government, and the risks of inadvertent or malicious exposure of personal information that could result from the government’s digitalized data collection procedures. One amicus brief filed in the case explained, “Constitutional privacy safeguards are particularly important in this case because NASA’s failure to meet its obligations under the Privacy Act and the agency’s poor data security practices pose substantial risks to the scientists’ personal information.”65

Given the apparent significance of the case, especially in light of increasing public concerns regarding suspicionless data mining by the government, and recent well-publicized cases of government database compromise through both negligence and hacking, it was a surprise to many when the Court issued its decision rather quickly and summarily, fairly soon after oral argument. In a relatively brief opinion, the Supreme Court “assume[d], without deciding, that the Constitution protects a privacy right[.]”66 The Court then concluded that NASA’s background security check, newly-implemented to bring the federal agency within compliance of HSPD-12, did not violate a right to privacy, if one were to assume that such a right might exist.67 The Court held, “The Government’s interests as employer and proprietor in managing its internal operations, combined with the protections against public dissemination provided by the Privacy Act of 1974, 5 U.S.C. § 552a, satisfy any ‘interest in avoiding disclosure’ that may ‘arguably ha[ve] its roots in the Constitution.’”68

With its decision, the Supreme Court overturned a preliminary injunction that had ordered the suspension of NASA’s background check process after the Ninth Circuit U.S. Court of Appeals found aspects of the government’s questions to be in violation of the scientists’ constitutional right to privacy.69 The Supreme Court explained the Ninth Circuit was in error because “[t]he questions respondents challenge are part of a standard background check of the sort used by millions of private employers.”70 Yet, the significance of this case is misstated and misunderstood when cast as a simplistic battle over background security check protocol under the government’s HSPD-12 program, and whether that protocol may or may not implicate constitutional privacy interests.

After years of litigation, like the ancient game of telephone with two cans and string, by the time the Court delivered its decision in NASA v. Nelson, the initial message delivered by Mr. Robert M. Nelson and the 27 other scientists at the California Institute of Technology seems garbled at best. What was the constitutional wrong Mr. Nelson and the other scientists considered was inflicted upon them? Both the Supreme Court and the Ninth Circuit Court of Appeals appear to focus on a series of drug-related questions that is presumed to be the most offensive to the scientists and that are listed on the SF-85 (Standard Form-85: Questionnaire for Non-Sensitive Positions). SF-85 asks whether an employee has “used, possessed, supplied, or 425, 457 (1977)). 65 Marc Rotenberg, Counsel of Record, Brief of Amici Curiae Electronic Privacy Information Center (EPIC) and Legal Scholars and Technical Experts in Support of the Respondents, Aug. 9, 2010, at 6. 66 Nelson, 562 U.S. at __ 67 Id. 68 Id. Citing Whalen at 599, 605. 69 506 F. 3d 713 (2007). 70 Nelson, 562 U.S. at __ Syllabus at 3.


16

manufactured illegal drugs” in the last year. In issuing the preliminary injunction, the Court of Appeals concluded that the form’s “‘open-ended and highly private questions’ were not ‘narrowly tailored’ to meet the Government’s interests in verifying contractors’ identities and ‘ensuring the security of the JPL [Jet Propulsion Laboratory at NASA].’”71

In fact, the process of judicial review shifted the focus of the legal inquiry which began with central and important question—whether “the Government’s interests in verifying [private] contractors’ identities” was appropriate and “‘narrowly tailored’ to meet the Government’s interests”72—toward a more peripheral and an almost inconsequential discussion on whether “[t]he questions challenged by respondents are part of a standard background check of the sort used by millions of private employers.”73 Justice Scalia was scathingly dismissive of the issue, characterizing the scientists’ position as one of “utter silliness,”74 while the Court telegraphed its own disinclination to open the courthouse to these kinds of claims by characterizing respondents request for judicial review as amounting to a charge upon the judiciary to “go line-by-line through the Government’s employment forms and to scrutinize the choice and wording of the questions they contain.”75

Meanwhile, in a footnote, the Court noted a more compelling question raised by the scientists that had been dismissed by the Ninth Circuit as unripe and had not been made the subject of a cross-petition: a question of the so-called “suitability” criteria that the government used to determine employment eligibility at Jet Propulsion Laboratory.76 These factors include consideration of a candidate’s financial and emotional health as well as things like “carnal knowledge.”77 The “suitability” criteria were derived from a 94-page government document titled, “NASA Desk Guide for Suitability and Security Clearance Processing, Version 2.”78

Specifically, understanding the heart of the scientists’ constitutional complaint and their desire to invoke some right to informational privacy requires an understanding of the type of morality and character testing criteria that was open for questioning and evaluation during the background check process required under NASA’s implementation of HSPD-12. On page 65 of the Desk Guide, NASA includes an “Issue Characterization Chart” that allows NASA to assess individuals’ character and “suitability” on the bases of over 100 itemized characteristics. These items appeared to assess good moral character and trustworthiness. Consequently, the evaluation includes: “[d]runk”; “[b]ad check”; “[p]attern of irresponsibility as reflected in credit history”; “[c]arnal knowledge”; “indecent proposal”; “sodomy”; “voyeurism [or] peeping tom”; “[m]ailing, selling, or displaying obscene material”; “[b]eastiality”; and “[p]attern of excessive [substance abuse] as reflected in inability to function responsibly [and] medical treatment or poor health”, “[d]isorderly conduct”; “[a]ttitude [and] [p]ersonality [c]onflict”, “[t]respassing”, and “[m]inor traffic violation[.]”79

71 Id. 72 Id. 73 Id. at 758. 74 Id. at 769. 75 Id. at 758. 76 Id. at 754 n. 5. 77 Id. A copy of NASA’s HSPD-12 credentialing protocol, NASA Desk Guide for Suitability and Security Clearance Processing, Version 2 (NASA Desk Guide), is available at http://hspd12jpl.org. 78 Id. 79 Id. The NASA Desk Guide provides this caveat: “([T]raffic violations not required to be admitted on the OF 306 or other application material/QSP will not be considered issues)”.


17

Upon successful completion of the NASA “Suitability and Security Clearance Processing” protocol that requires the aforementioned extensive assessment of one’s morality and character, the Desk Guide authorizes the agency to issue the NASA employee or private contractor with a biometric ID card, in accordance with HSPD-12. Failure to pass this newly-implemented clearance process resulted in the employee's termination of employment. While the “suitability” criteria were not before the Court, the Acting Solicitor General, Neal Katyal, nevertheless felt compelled to assert at oral argument that “’NASA will not and does not use’” such the objectionable criteria “’to make contractor credentialing decisions.’”80 The need for such assurance indicates the scientists did indeed have real privacy concerns, even if they did not crystalize into part of a live claim before the Court.

Thus, lost in NASA v. Nelson was the legitimate concern about what information NASA, or any other government agency, is allowed to seek from private contractors, or any private citizen, under the identity verification procedures imposed by HSPD-12, and whether the constitution, under a privacy right, imposes any fundamental limiting principle on that identity verification process. The Acting Solicitor General’s assurance that intimate personal details about credit card debt and carnal knowledge, for example, will not be considered by NASA is nothing more than that – just an assurance. Meanwhile the drafting of a document identifying such “suitability” concerns as criteria that could be used to determine the denial of the issuance of a biometric ID card under HSPD-12 makes clear that fears that government identity management programs may become over-intrusive are not paranoid or baseless.

To understand why NASA initiated an extensive “Suitability and Security Clearance Processing” protocol, it is critical to understand the historical genesis of HSPD-12. In addition to HSPD-12, multiple other presidential directives, including HSPD-6, HSPD-11, HSPD-24, and National Security Presidential Directive (NSPD) 59, were implemented under the Bush administration to promote and coordinate biometric data collection, database screening protocols, and data surveillance, or dataveillance, as a matter of national security policy. Thus, to understand why the “suitability” and character-testing concerns raised but not reviewed in NASA v. Nelson remain live, it is critical to understand other presidential directives that are interrelated with HSPD-12, such as NSPD-59/HSPD-24.

C. Biometric Dataveillance Policy & Contextual Information In addition to HSPD-12, there are at least three additional Homeland Security Presidential Directives (HSPDs) that relate to biometric screening technology either implicitly or explicitly: HSPD-6, HSPD-11, and HSPD-24. HSPD-6, is titled, “Integration and Use of Screening Information,” and was signed by President Bush on September 16, 2003.81 HSPD-11 is titled, “Comprehensive Terrorist-Related Screening Procedures,” and was signed by President Bush on August 27, 2004.82 National Security Presidential Directive (NSPD)-59/HSPD-24 is titled, “Biometrics for Identification and Screening to Enhance National Security,” and was signed by President Bush on June 5, 2008.83 NSPD-59/HSPD-24 directs the military and federal government to work collaboratively “to collect, store, use, analyze, and share biometrics to

80 Nelson at 754 n. 5. 81The full text of HSPD-6 is available at http://www.dhs.gov/xabout/laws/gc_1214594853475.shtm. 82 The full text of HSPD-11 is available at http://www.dhs.gov/xabout/laws/gc_1217614237097.shtm. 83 The full text of HSPD-24 is available at http://www.dhs.gov/xabout/laws/gc_1219257118875.shtm.

http://www.dhs.gov/xabout/laws/gc_1219257118875.shtm


18

identify and screen KSTs [known and suspected terrorists] and other persons who may pose a threat to national security.”84

NSPD-59/HSPD-24 directs federal agencies use compatible methods and procedures in the use of “biometric and associated biographic and contextual information of individuals in a lawful and appropriate manner, while respecting privacy and other legal rights under United States law.”85 The NSPD-59/HSPD-24 directive attempted to build upon existing identity screening consolidation and coordination efforts put in motion by HSPD-6, HSPD-11, and HSPD-12. Specifically, it was intended to ensure that high-level identity screening programs are implemented throughout government. In theory, these multiple presidential directives do not impose biometric or database screening requirements on state, local, or tribal authorities, or on the private sector. Also in theory, the directive does not provide any authority or government mandate for the collection, retention, or dissemination of personal information, or for identification and screening activities. The reality appears to reflect something else. The drift toward identity management technologies such as S-COMM and E-Verify, both programs that were considered “voluntary” at the time these presidential directives were signed, are now considered "mandatory" in multiple contexts, thereby requiring biometric and database screening requirements on state and local governments, in the case of S-COMM, as well as imposing database screening requirements on private employers in the case of E-Verify. The mandate to collect, store, use, analyze, and share “contextual information” on individuals as set forth in NSPD-59/HSPD-24 is particularly telling. In identity management technology vernacular, “contextual information” is both very specific and very ambiguous. To private companies in the high-tech industry, “contextual information” is a technological term of art and reflects relatively recent advances in database, internet, and other technological screening innovation. It is specific because it is seeking biographical information and information that detects individualistic characteristics (e.g., specific product preferences and internet behavior patterns) that can form the basis of an accurate personal data profile. It is ambiguous because it is universal in nature—any information that can be captured and made available to the screening software is fair game. In short, contextual information encompasses the kinds of “suitability” and moral character questions the Acting Solicitor General disavowed at oral argument in NASA v. Nelson – and it mandates the accumulation, storage and sharing of that personal “preference” information.

Since the 1990s, researchers have been studying how to accurately profile individuals--as consumers of products (e.g., ordering books over Amazon or music on Apple itunes) or technology users (e.g., engaging various internet search engines, such as Google, or social media sites, such as Facebook)--through the development of methods, tools, and techniques for “contextual information access, seeking and retrieval” and evaluation.86 Through complex statistical algorithms that attempt to account for idiosyncratic anomalies and other factors of scientific instability (e.g., reliability of data may be environment-dependent), daily advances in screening technologies have resulted in attempts to capture and then predict our consumer tastes and technological user preferences and habits with more and more accuracy.

As currently defined by high-tech corporations, contextual information relies on the “access, seeking and retrieval” of biographical and informational choice data that a private

84 Id. 85 Id. 86 “2009 ECIR Conference on Contextual Information Access, Seeking and Retrieval”, (April 6, 2009, Toulouse, France), available at www.wikicfp.com/cfp/servlet/event.showcfp?eventid=4394&copyownerid=320.


19

company can grab from the internet, social networking site activity, cell phones, GPS devices, personal databases and publicly-available government databases, etc.87 In more pedestrian, user-friendly terms, contextual information about an individual includes “all locations that you go[;] all the purchases you ever make[;] all your relationships[;] all activity[;] all your health, governmental, employer, academic and financial records[;] your web search history[;] your calendars and appointments[;] all your phone calls, data, texts, email[;] all peoples connected to your social circle[;] all your personal interests[;] and all other personal data[.]” 88

NASA and other federal agencies, under HSPD-12, are not restricted to harvesting personal information off the internet,89 so contextual information may include: “[d]runk”; “[b]ad check”; “[p]attern of irresponsibility as reflected in credit history”; “[c]arnal knowledge”; “indecent proposal”; “sodomy”; “voyeurism [or] peeping tom”; “[m]ailing, selling, or displaying obscene material”; “[b]eastiality”; and “[p]attern of excessive [substance abuse] as reflected in inability to function responsibly [and] medical treatment or poor health”, “[d]isorderly conduct”; “[a]ttitude [and] [p]ersonality [c]onflict”, “[t]respassing”, and “[m]inor traffic violation[.]”90

In one recent study titled, “Contextual Information Search Based on Ontological User Profile,” researchers describe how to construct a profile of an internet user based on “user context”, by conducting a “semantic [word context] analysis” of all files accessed over the internet to build an initial profile of the “user.”91 The software is then programmed to adapt the individual’s profile ontologically, or sort data based on the data’s/user’s relationships with other data/users with shared characteristics.92 The profile grows in its sophistication in ever greater degrees of predictable accuracy over a period of time through continuing to study internet activity and other technological “log files” that are added to the profile over the years, and comparing it with other reliable comparator data/users. 93 Based on technological advances, the prediction of who we are and our habits will be made more accurate by not only comparing our current habits to our prior habits, but to others that are considered to be fair or similarly situated comparators within our “profile”.94 Once this technologically-derived data is interfaced with the type of moral character and behavioral choice data of the nature sought by the security background check structured under NASA’s HSPD-12 protocol, the government’s ability to develop a more accurate “ontological” profile on an individual increases exponentially. The 87 Mark Davis, Microsoft, Partner Architect, keynote address, Privacy Identity and Innovation Convention 2010, available at http://www.networkworld.com/community/node/65750. 88 Id. 89 Monica Goodling, former White House Liaison for the U.S. Justice Department during the Bush Administration, apparently conducted a word search on both Lexis and the internet as part of her background check on potential political appointees in the U.S. Department of Justice to determine “suitability” for appointment. Word searches designed to assist in data mining and data profiling of potential political appointees included “Clinton,” “sex,” “Florida recount,” and “spotted owl.” U.S. Department of Justice Offices of Professional Responsibility and Inspector General, Joint Report, An Investigation of Allegations of Politicized Hiring by Monica Goodling and Other Staff in the Office of the Attorney General (July 28, 2008) at 20-22 available at www.justice.gov/oig/special/s0807/final.pdf. 90 The NASA Desk Guide, supra note __. 91 Nazim Uddin Mohammed, Trong Hai Duong, and Geun Sik Jo, Contextual Information Search Based on Ontological User Profile, Lecture Notes in Computer Science, 2010, Vol. 6422 at 490-500. (“We constsruct an ontological user profile describing the users preferences based on the users context. Finally, we use a sematic analysis of the log files approach for the initial construction of the ontological users profile and learn the profile overtime.”). 92 Id. 93 Id. 94 Id.


20

contextual information about an individual becomes more multi-dimensional and comprehensive over time, and conclusions about a profile’s accuracy will be more and more difficult to contest in light of the “insurmountable” evidence of data collected and analyzed.

After 9/11, it appears the federal government has promoted and utilized this cutting-edge profiling and data screening research for national security profiling programs, and appears to be using this type of profiling and screening technology for civil-based identity management programs as well as for criminal-based purposes. Some scholars warn that as this data profiling and biometric screening technology is increasingly adopted by the government for a multiplicity of purposes, the legal and constitutional limits of such usage are increasingly unclear.

II. Introduction to Biometric IDs & Identity Management Technologies

Digitalized biometric data is currently defined as information that provides a unique

technological identifier based on an individualized characteristic of one’s body. Biometric data currently can be pulled from fingerprints, DNA, iris retinal scans, skeletal bone imaging, facial recognition software through digital photographs, voice recognition software through voice recordings, etc., to name some common examples.95 Although an over-simplification, the use of biometric data in identity verification can be described as a four-step process: Enrollment, Capture, Comparison, and Decision.96 Each step is briefly summarized as follows. (1) Enrollment: An individual first identifies himself and actually puts his fingerprint down, has a digital photo taken, has eyes scanned, etc. (2) Capture for Recognition: A template for that identity is created to use for future identification purposes. (3) Comparison: The individual’s currently presented biometric data (e.g., fingerprint/facial or eye scan) is cross referenced with the originally presented biometric data (e.g., enrollment and identity template). And (4) Decision: Statistical algorithms are developed to “match” the probability that the initial biometric data, fingerprint/facial or eye scan or DNA, can be accurately compared to the currently presented biometric data, or make a determination that the data does not “match.”

As a brief overview, it is worth noting at the outset that the utilization of biometric data for identification credentialing is considered highly experimental.97 Scientifically, many experts have concluded that biometric data is an unstable and unreliable foundation for verifying identity on a mass scale.98 The reason for this is relatively straightforward. Unlike other identity verification protocol where there is a 100% accuracy match rate in the decision (e.g., through 100% match of a PIN number, or 100% match of an identity security token, etc.), in biometric identity verification, 100% accuracy is a 100% technological impossibility. In fact, 100% accuracy in biometric identity verification is a sign of fraud. Consequently, at any level below 100% accuracy, identity verification in biometric technology necessitates an ironic conclusion: you may not be able to confirm your identity because of inaccuracies in the data or because of other technological limitations.

Accepting false positives and false negatives, therefore, are the necessary preconditions for adopting biometric identity verification technology. For example, if, on a scale of 1 to 100,

95 See, e.g., John R. Vacca, BIOMETRIC TECHNOLOGIES AND VERIFICATION SYSTEMS (Elsevier Press 2007); Joseph N. Pato & Lynette I. Miller, Eds., BIOMETRICS RECOGNITION: CHALLENGES AND OPPORTUNITIES at xiii-ix (National Academy of Sciences, The National Academies Press, 2010). 96 Id. 97 Id. 98 Id.


21

one deems 70 as the minimum score needed for a match, there will be some individuals below 70 that have given genuine fingerprints. Likewise, there will be some individuals above 70 that have given fraudulent fingerprints. The higher the minimum score, the less fraudulent fingerprints are returned as a match, but the more genuine fingerprints that may be rejected. Who decides what accuracy level is appropriate for the purposes at hand and how that accuracy rate is assessed becomes critically important. Currently, the federal government outsources the management of its biometric identification technologies to private corporate “vendors.” Vendors are not required to test for accuracy and also are not required to provide results of “no-matches,” or how a “match” or “no-match” is decided, to the government. There is no regulatory body of the federal government that oversees what biometric data standards or technologies are considered minimally proficient.

What is also misunderstood is the manner in which a biometric ID card or biometric database screening technology removes the process from the trained expertise of specific forensic experts, such as the fingerprint or DNA matching protocol followed during a criminal investigation, and places the matching process into an automated system. The accuracy of the automated biometric data matching process, therefore, is driven by the capabilities and limitations of the software (e.g., the statistical algorithms) and the hardware (e.g., the scanning technology that collects the data and the sorting technology that analyzes the data). Yet, both the underlying databases and the database screening technology, and the attendant scientific and programmatic safeguards required to regulate the databases and technology, have been unable to keep up with the burdens increasingly placed on such systems.99 Yet, through multiple programs and statutes advanced since the 2001 terrorist attacks, it is evidenced that database screening technologies and biometric data, in particular, are increasingly relied upon by policymakers seeking a “zero-risk tolerance solution” to the “problem” of “identity verification” in order to “secure the border.”100

Put another way, biometric database screening is increasingly viewed as the “gold standard” by which to accurately verify identity and citizenship status.101 Thus, in the context of homeland security policy and immigration control, it is increasingly considered by the political branches as a “magic bullet.”102 Consequently, it is characterized in policy proposals as one of the most effective methods by which to prescreen individuals before the grant of certain rights and privileges, such as establish lawful presence before authorizing the right to work (e.g., E-Verify online employment eligibility verification program),103 the right to drive (e.g., REAL ID driver's licenses),104 etc. in order to more effectively “secure the border” and “screen out” the potential terrorist and criminal alien. Yet, experts have concluded that the technology and

99 See, e.g., SSA OFFICE OF THE INSPECTOR GENERAL (OIG), CONGRESSIONAL RESPONSE REPORT: ACCURACY OF THE SOCIAL SECURITY ADMINISTRATION’S NUMIDENT FILE (Dec. 2006). 100 See, e.g., Froomkin and Weinberg, Hard to BELIEVE, supra n. 3. 101 Interview notes with Benjamin Wittes, national security expert and Co-Director, Harvard Law School-Brookings Project on Law and Security, senior fellow in Governance Studies, Brookings Institution (May 20, 2011). 102 Id. 103 E-Verify as of yet does not require a biometric data identifier, however, Congressional proposals surrounding the extension of the E-Verify program have discussed adding a biometric verification component such as fingerprint verification. Further, E-Verify does include a "photo tool" that allows employers to screen the identity of employees through digital photo, one form of biometric identification. 104 Similarly, although the REAL ID Act of 2005 does not require the biometric verification of a fingerprint, REAL ID does include "technological enhancements" and requires digital photos that can be analyzed with facial recognition software.


22

processes required to safely and accurately conduct the automated biometric matching of hundreds of millions of individuals on a national scale simply do not exist.

The technology needed to adequately support a Biometric National ID Card, therefore, is based upon speculative science, or what the National Academy of Sciences explains in a recently published report is a science fiction understanding of biometric data screening and sorting technology.105 The Academy notes that popular misconceptions regarding the capabilities of biometric identification have been entrenched through cultural influences, such as science fiction and futuristic films.106 According to the Academy, these cultural biases complicate an ability to grasp the distinction between the efficacy of individualized biometric matching based on case-by-case determinations that utilize the training and judgment of human experts, on the one hand, and mass biometric matching of millions of individuals based on large-scale digitally-generated determinations, on the other hand.107 Further, the Academy cautions against the premature adoption of such a system in part because of the severe restrictions on an individual's ability to exercise rights to due process that would likely result.108 For example, such a system would likely neither allow for an interrogation of the “chain of evidence” nor afford a process for confronting the databases or algorithms from which the conclusions are drawn.

In addition, experts warn the removal of the biometric data matching process from a specific and narrowly-tailored context—such as prosecutorial context for the purposes of establishing evidence for specific crimes—to a universal and general-purpose context—such as identity and citizenship status verification—significantly increases the risk of the future abuse of biometric data. The potential misuse or unlawful treatment of such data matching or data screening protocols by both the public and private sectors is expanded, therefore. For example, genetic ethicists note that attempts by scientists to decode DNA in recent decades has led to classifications that draw correlative evidence between genetic markers that signify race, ethnicity, religion, etc., and behavioral analytics, such as criminal disposition, intelligence testing, etc.109 Also, the private health information that could be yielded through a universal DNA database would require a reconceptualization of what medical privacy could be protected once such a database exists. Therefore, experts predict that a universal DNA database poses risks of demographic and behavioral profiling, as well as health and medical profiling, in ways that may be challenging or impossible to regulate or mitigate.110

Finally, electronic privacy experts have noted that the cybersurveillance consequences of a digitalized National ID card are immense. The breadth and depth of the surveillance implications are yet to be fully known and what minimal privacy protections could be ensured from such a program are thus far underresearched. What is known, however, is that ID documents such as driver's licenses in multiple states and all U.S. passports issued since 2007 are now implanted with radio frequency identification technology (RFID). Experts note that RFID

105 Joseph N. Pato & Lynette I. Miller, Eds., BIOMETRICS RECOGNITION: CHALLENGES AND OPPORTUNITIES at xiii-ix (National Academy of Sciences, The National Academies Press, 2010). 106 Id. 107 Id. 108 Id. at 10-11. 109 See, e.g., Troy Duster, BACKDOOR TO EUGENICS (Routledge 2003). For an excellent discussion on how developments in neuroscience pose similar challenges to the Fourth and Fifth Amendments, respectively, see Nita Farahany, Searching Secrets, 160 UNIV. PENN. L. REV __ (2012) (forthcoming); Nita Farahany Incriminating Thoughts, 64 STAN. L. REV. __ (2012) (forthcoming) available at http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1783101. 110 See, e.g., Eugene Thacker, THE GLOBAL GENOME: BIOTECHNOLOGY, POLITICS, AND CULTURE (MIT Press 2006).


23

and GPS satellite tracking technologies are merging.111 Thus, it is predicted that within time, ID documents implanted with RFID technology may likely provide the government with capacity to conduct continuous or near-continuous geospatial monitoring of everyone lawfully present in the U.S. who is required to possess and produce such IDs.112 The forced submission of Social Security Numbers by employees to employers as a part of the identity management database screening protocol under E-Verify, as now sanctioned by Whiting,113 is already allowing DHS to create a record of entry/exit points of the U.S. workforce through a comprehensive employment record database for those employed by employers who are participating in E-Verify voluntarily or under mandate by a state immigration law.

A. Overview of Identity Management Programs

1. E-Verify and Genesis of Database-Driven Identity Management Programs

In 1996, in the aftermath of the first terrorist attacks on the World Trade Center on

February 26, 1993, Congress passed the Illegal Immigration Reform and Immigrant Responsibility Act (IIRIRA).114 IIRIRA included several technological proposals to strengthen border security and increase the efficacy of immigration enforcement policy, or policy intended to control unwanted migration. Utilizing immigration database sorting technology and the then-fledgling emergence of internet technology, IIRIRA included the programmatic genesis of several identity management technologies that are used now to further post-9/11 dataveillance policy. IIRIRA, for instance, provided the statutory foundation for multiple identity management programs that were authorized by that legislation, including, E-Verify (at the heart of the Court’s consideration of the Legal Arizona Workers Act in Whiting), 1373(c) database screening through immigration and FBI databases (at the heart of the Court’s consideration of

111Manon G. Guillemette, Ph.D., Isabelle Fontaine, M.Sc., and Claude Caron, Ph.D., Hybrid RFID-GPS Real-Time Location System for Human Resources: Development, Impacts, and Perspectives, Proceedings of the 41st Hawaii International Conference on Social Systems (2008) (article on file with author); David H. Williams and Gary Hartwig, How Will the Convergence of Location Technologies Such as RFID, GPS, RTLS, and LBS Affect Business? NBIZ Magazine (Summer 2008) available at www.nbizmag.com/magarticles/rfid.pdf; CS101 Handheld RFID Reader Adds GPS & Cellular Communication (Feb. 8, 2012) available at http://rfid.net/product-listing/reviews/176-csl-cs101-handheld-reader. See also Beth Bacheldor, Hybrid Tag Includes Active RFID, GPS, Satellite and Sensors, RFID Journal (Feb. 24, 2009) available at http://www.rfidjournal.com/article/view/4635. 112 Ironically, however, experts also note that those who fall outside of the law will not possess such documents and will not be subject to this cybersurveillance. 113 Whiting left unresolved whether the forced production of a Social Security Number pursuant to the E-Verify database screening protocol now conflicts with the Privacy Act. The Privacy Act allows SSA to disclose Social Security numbers for certain restricted purposes. See Privacy Act of 1974, 5 U.S.C. § 552a(b)(3) (2006). The Privacy Act and the Social Security Act both impose limitations on SSA’s ability to disclose information from the SSA database. See id.; Social Security Act § 1106, 42 U.S.C. § 1306(a) (2006). SSA through promulgating regulations has set forth a “routine use” definition by which to guide its disclosure of Social Security numbers, and includes within its “routine use” definition the disclosure of numbers to employers for the purpose of ensuring accurate wage reporting. See 20 C.F.R. § 401.150 (2007) (regulatory basis to issue a routine use disclosure of Social Security number information to employers). Whether disclosure of Social Security number information to employers for immigration control purposes under state requirements that an employer engage in E-Verify would violate the Privacy Act and Social Security Act is an unsettled matter of law. 114 Pub. L. No. 104-208, 110 Stat. 3009 (1996) (codified in scattered sections of 8, 18 U.S.C.).

http://www.nbizmag.com/magarticles/rfid.pdf

http://rfid.net/product-listing/reviews/176-csl-cs101-handheld-reader

http://rfid.net/product-listing/reviews/176-csl-cs101-handheld-reader

http://www.rfidjournal.com/article/view/4635


24

Arizona SB 1070 in Arizona v. U.S.), 287g agreements (genesis for the highly controversial S-COMM program), SAVE, SEVIS, and other database screening technologies.

Table 1. Pre-9/11 Federal Statutes Supporting Identity Management Programs

Statute Agency Purpose

Illegal Immigration Reform and Immigrant Responsibility Act of 1996 (IIRIRA)115

DHS Created several database screening protocols, including E-Verify; 1373(c); SAVE; and SEVIS116. Requires the former Immigration and Naturalization Service, now DHS/INS, to develop an alien border crossing card that includes "a biometric identifier (such as the fingerprint or handprint of the alien) that is machine readable.”117

Personal Responsibility and Work Opportunity Reconciliation Act of 1996 (PRWORA)118

DHS Requires states to implement an electronic benefits transfer program “using the most recent technology available[.]”119 These technologies include: personal identification numbers [and] photographic identification[,]” as well as “other measures to protect against fraud and abuse.”120

Immigration Control and Financial Responsibility Act of 1996 (ICFRA)121

DHS Directs establishment of a data system "to verify eligibility for employment in the United States, and immigration status in the United States for purposes of eligibility for benefits under public

115 Id. 116 Id. at §§ 401-405 (codified as amended in 8 U.S.C. § 1324a). 117 Id. at § 104(a) (codified as amended at 8 U.S.C. § 1101(a)(6)). 118 Pub. L. No. 104-193, 110 Stat. 2105 (1996) (codified in scattered sections of 42 U.S.C.). 119 Id. at §825(a). 120 Id. 121 S. Rep. No. 104-249 (1996).


25

assistance programs . . . or government benefits."122 This system "must be capable of reliably determining with respect to an individual whether . . . the individual is claiming the identity of another person."123

E-Verify is central to any discussion involving the future implementation of a Biometric National ID Card. This is because Congress has proposed adding either a biometric verification element to E-Verify or substituting the paper Social Security Card with a Biometric Social Security Card, or “high-tech” Social Security Card, to ensure that the E-Verify identity management system is “fool proof” and “counterfeit resistant.” Experts note that such a card would functionally serve as a Biometric National ID Card. E-Verify is a logical site, thus, to initiate an interrogation of the methodology and underlying technological assumptions surrounding identity management programs that are driven by database sorting tools. E-Verify was established as a “test pilot” or “pilot program” experiment under IIRIRA that attempted to allow an employer to access government database screening software via the internet on a voluntary basis to supplement the Employment Eligibility Verification Process mandated under federal immigration law.124 E-Verify purports to allow an employer to verify the identity and citizenship status of employees through the online data screening of government databases.

E-Verify was first proposed under IIRIRA as one of three “test pilot” programs to be implemented by the then-INS (Immigration and Naturalization Service) to assist employers in screening out undocumented workers from the U.S. workforce pursuant to the Immigration Reform and Control Act of 1986 (IRCA). E-Verify was the only program out of the three original “test pilot” programs that survived the testing phase. The other two programs were considered too unreliable and unworkable to continue. E-Verify, although also unreliable according to some experts and empirical tests, was considered the best technology out of the three. E-Verify is referred to as the “Basic Pilot Program” in IIRIRA and in subsequent congressional action extending its funding.125 It was renamed as “E-Verify” in 2007126 as a marketing strategy by the U.S. Department of Homeland Security (DHS) to increase voluntary employer participation in the pilot program to facilitate greater testing of the program.

The E-Verify system is complex, relying upon statistical algorithms and multiple databases in order to conclude the identity and citizenship status of an individual has been sufficiently “verified.” In an oversimplified description, however, it can be explained that E- 122 Id. at § 111(a)(1)(A). 123 Id. at § 111(c)(1)(A). 124 Under 8 U.S.C. § 1324a of the Immigration and Nationality Act, as amended by IRCA, all employers are required to verify the employment eligibility (identity and citizenship status) of all new hires pursuant to a paper document inspection protocol known as the "Form I-9," a government form issued by DHS. 125 Other congressional statutes refer to E-Verify as the Electronic Employment Verification System (EEVS). 126http://www.uscis.gov/portal/site/uscis/menuitem.eb1d4c2a3e5b9ac89243c6a7543f6d1a/?vgnextoid=84979589cdb76210VgnVCM100000b92ca60aRCRD&vgnextchannel=84979589cdb76210VgnVCM100000b92ca60aRCRD


26

Verify works this way. First, an employer collects personally identifiable data from an employee (Name, date of birth, Social Security Number, etc.). Next, this information is entered by the employer or an employer's “designated agent” into a software program that is accessible online, free of cost. The software runs the data through first the Social Security Administration (SSA) database and then through DHS immigration databases. The program informs the employer within seconds whether an individual is “confirmed” or “verified.” If there is an anomalous result in the database screening algorithms, however, the individual falls within a category titled “Tentative Nonconfirmation” (TNC). Pursuant to the guidelines set forth by the program, an employer is then required to allow an employee to contest the TNC result. If an employee is unable to resolve the TNC result within 8 business days with DHS or SSA, the system generates a “Final Nonconfirmation” (FNC) result, and an employer is required to terminate the employee.

E-Verify is highly controversial for many reasons, including: (1) failure to achieve its goal of verifying identity; (2) high database error rate; (3) technological due process challenges; (4) widespread discriminatory impact; (5) electronic privacy concerns; (6) the delegation of “Big Brother” government database screening duties and responsibilities to private employers; and (7) the cyber-surveillance aspects of the program.127

Empirical studies on E-Verify have concluded that the program is largely inefficacious. The primary reason for the program's impotency is its inability to detect identity theft. In fact, all identity management technologies face this inherent challenge. The most any database-driven identity management system can hope to achieve is the automated verification of digital data. Thus, technology experts have observed that verification of data is not the same as verification of identity. If an individual presents the system with what appears to be accurate data, an individual is “confirmed” or “verified” under the system, even if that individual is impersonating another individual’s true identity. This leads to what experts studying the E-Verify program have concluded is an unacceptably high false positive rate. Moreover, both the DHS and SSA databases that form the basis of E-Verify’s statistical algorithms are rife with errors. This leads to what experts studying the E-Verify program have concluded is an unacceptably high false negative rate. If an individual presents the system with accurate data, and the underlying databases are inaccurate or the statistical algorithms are insufficient in its methodology to "match" the data, an individual is considered a “nonconfirmation” and, thus, his or her identity is wrongly rejected by the system.

In the realm of technological due process concerns, if an employer does not allow an employee to contest a TNC under E-Verify, the employee has no ability to challenge the result of the system. For example, if an employer secretly prescreens a job applicant through the program 127 E-Verify has been the subject of many policy and research reports by the federal government and non-governmental organizations. See, e.g., Doris Meissner & Marc Rosenblum, The Next Generation of E-Verify: Getting Employment Verification Right, MIGRATION POLICY INST. (July 2009) 9, http://www.migrationpolicy.org/pubs/Verification_paper-071709.pdf; WESTAT, FINDINGS OF THE E-VERIFY PROGRAM EVALUATION (Dec. 2009), http://www.uscis.gov/USCIS/E-Verify/E-Verify/Final%20E-Verify%20Report%2012-16-09_2.pdf [hereinafter WESTAT, 2009 FINDINGS]; WESTAT, WESTAT EVALUATION OF THE E-VERIFY PROGRAM: USCIS SYNOPSIS OF KEY FINDINGS AND PROGRAM IMPLICATIONS (Jan. 28, 2010), http://www.uscis.gov/USCIS/Native%20Docs/Westat%20Evaluation%20of%20the%20E-Verify%20Program.pdf [hereinafter WESTAT, EVALUATION]; WESTAT, FINDINGS OF THE WEB BASIC PILOT EVALUATION (Sept. 2007) xxi, http://www.uscis.gov/files/article/WebBasicPilotRprtSept2007.pdf [hereinafter, WESTAT, 2007 FINDINGS]. Academic discourse on E-Verify has been limited thus far. See, e.g., Micah Bump, Immigration, Technology, and the Worksite: The Challenges of Electronic Employment Verification¸22 GEO. IMMIGR. L.J.. 391 (2008); Lora L. Ries, B-Verify: Transforming E-Verify Into a Biometric Employment Verification System, 3 ALB. GOV’T L. REV. 271 (2010).


http://www.uscis.gov/files/article/WebBasicPilotRprtSept2007.pdf


27

and does not inform the employee of a TNC result, the employee has no opportunity to contest the database error or the inaccurate result of a faulty algorithm. Additionally, the program has resulted in a widespread discriminatory impact against immigrant workers lawfully present in the U.S. Women, in particular, are vulnerable to false results under E-Verify due to name changes stemming from marriage and divorce. Finally, DHS concedes that the program poses significant electronic privacy challenges. It is nearly impossible, for instance, to detect and monitor employer misuse and data abuse of the personally identifiable data, or to regulate manner in which an employer is executing the database screening protocol.128

In broader conceptual terms, E-Verify is an identity management technology that arguably can be classified as a government dataveillance tool. Each entry of personally identifiable data (e.g., name, Social Security Number, date of birth, etc.) into the E-Verify internet system is electronically stored indefinitely and allows the government to monitor and track the employment activities of those individuals entered into the system.129

IIRIRA and subsequent statutory language prohibit the mandatory implementation of E-Verify on a national scale, requiring that participation must be strictly “voluntary” given that the technology is still in the testing phase and given the controversial nature of the program. Arizona, however, enacted the Legal Arizona Workers Act (LAWA) in 2007, mandating employer use of E-Verify in direct contravention to the express language of the federal statute. Immediately after LAWA was signed into law by then-Governor Janet Napolitano, the Chamber of Commerce filed a complaint against the state of Arizona, claiming that the federal statute, IIRIRA, preempted the state legislation, LAWA, as well as contending that LAWA violated the Fourth Amendment. Specifically, the Chamber argued that E-Verify required an unconstitutional search and seizure of employee’s personally identifiable information by Arizona employers. In Whiting, however, the Supreme Court upheld LAWA, reasoning that the federal statute only prohibited the federal government from mandating E-Verify. The Court concluded that Congress did not expressly prohibit states from mandating E-Verify use. Therefore, under a strict textualism approach, the Whiting Court concluded that mandatory E-Verify use at the state level was allowed under the federal statute.130

Of the states currently mandating E-Verify use, they can be grouped generally into three categories. Several states require all employers, both public and private to enroll in E-Verify (Arizona,131 Mississippi,132 and South Carolina133). Some states require all public employers, as 128 Other scholarship and research reports discuss these and other issues pertaining to the E-Verify program in greater detail. 129 Some of the consequences of post-9/11 dataveillance have been explored recently, including the fact that databases compiled for one purpose are being used for others. See, e.g., Eric Lipton, Panel Says Census Move on Arab-Americans Recalls World War II Internments, N.Y. TIMES (Nov. 10, 2004) (As a result of a Freedom of Information Act request by the Electronic Privacy Information Center, it was revealed that the U.S. Census Bureau provided DHS with information on the residences of the Arab-American community in the U.S., and that the Census Bureau has also admitted that it cooperated in aggregating data and providing information on the Japanese-American community to the U.S. Department of Defense for Japanese internment purposes in 1941-1942). See also Electronic Privacy Information Center, Department of Homeland Security Obtained Data on Arab Americans from Census Bureau (July 23, 2004) available at epic.org/privacy/census/foia/ (“The [Census] tabulations apparently include information about United States citizens, as well as individuals of Arab descent whose families have lived in the United States for generations.”). E-Verify, of course, is susceptible to uses other than work-authorization verification. 130 See Margaret Hu, Reverse-Commandeering (forthcoming) (article on file with author). 131 The Arizona Fair and Legal Employment Act, H.B. 2779 (2007), available at: http://www.azca.com/html/pdf/hb2779c.pdf (requires all employers to use E-Verify); see also Arizona H.B. 2745 (2008), available at: http://www.azag.gov/LegalAZWorkersAct/hb2745h.pdf (prohibits government contracts to any contractor and subcontractor that

http://www.azca.com/html/pdf/hb2779c.pdf

http://www.azag.gov/LegalAZWorkersAct/hb2745h.pdf


28

well as state government contractors and subcontractors to enroll in the program (Missouri,134 Nebraska,135 Oklahoma,136 and Utah137). Other states only require the use of E-Verify by state agencies and/or state contractors. (Colorado,138 Georgia,139 Idaho,140 Minnesota,141 North Carolina,142 Rhode Island,143 and Virginia144). In order to bring an end to the patchwork quilt of state-by-state immigration enforcement schemes and preserve national coherence in the development and oversight of the E-Verify program, which is administered federally, Congress is now being forced under Whiting to mandate this dataveillance technology for all employers.145

Consequently, less than a month after the Supreme Court issued Whiting, Congress proposed legislation that would mandate the expansion of E-Verify nationally. E-Verify is illuminating, therefore, in demonstrating that a “voluntary” and “experimental” identity management technology that has been proven to be inefficacious and that experts warn poses a multiplicity of harms during its “test pilot” stage can still survive. In fact, this “test pilot” database screening program established under IIRIRA in 1996 is now poised for mandatory expansion nationally in the wake of Whiting, despite multiple empirical reports establishing that E-Verify is not only unable to achieve its purported objective of “verifying” identity, but also leads to a widespread discriminatory impact and introduces technological challenges that, as of yet, DHS has been unable to remediate.146 Rather than dismantle the system, as was anticipated by Congress if the program proved to be ineffective, however, statutory proposals seeking to fails to use E-Verify). 132 Mississippi S.B. 2988 (17 Mar. 2008), available at: http://billstatus.ls.state.ms.us/documents/2008/pdf/SB/2900-2999/SB2988SG.pdf. 133 South Carolina H.B. 4400 (4 June 2008), available at: http://www.scstatehouse.gov/cgi-bin/web_bh10.exe?bill1=4400&session=117&summary=T. 134 Missouri H.B. 1549 (7 July 2008), available at: http://www.house.mo.gov/billtracking/bills081/biltxt/truly/HB1549T.HTM. 135 Nebraska L. 403 (8 Apr. 2009). 136The Oklahoma Taxpayer and Citizen Protection Act, H.B. 1804 (2007), available at: webserver1.lsb.state.ok.us/2007-08bills/HB/HB1804_ENR.RTF. 137 Utah S.B. 81 (13 Mar. 2008) (requires public employers, public contractors and subcontractors to use E-Verify; also makes it unlawful to discharge a lawful employee while retaining an unauthorized alien in the same job); Utah S. 251 (31 Mar. 2010) (requires private employers with more than 15 employees to use E-Verify). 138 Colorado H.B. 1343 (6 June 2006), available at: http://www.colorado.gov/DPA/dfp/sco/contracts/aliens/HB1343.pdf (prohibits state agencies from entering into contracts with contractors who knowingly employ illegal immigrants and requires prospective contractors to verify the work authorization of all employees). 139 The Georgia Security and Immigration Compliance Act, S.B. 529 (17 Apr. 2006), available at: http://www1.legis.ga.gov/legis/2005_06/pdf/sb529.pdf (requires public employers, contractors and subcontractors with more than 500 employees to enroll in E-Verify); Georgia H.B. 2 (11 May 2009), available at: http://www1.legis.ga.gov/legis/2009_10/pdf/hb2.pdf (requires every public employer, contractors and subcontractors to use E-Verify to confirm work authorization of all newly-hired employees). 140 Idaho Exec. Order No. 2006-40 (13 Dec. 2006) (requires that state agencies participate in E-Verify). 141 Minnesota Exec. Order No. 08-01 (7 Jan. 2008) (hiring authorities for the state government, as well as any employer seeking to enter into a state contract in excess of $50,000 must use E-Verify). 142 North Carolina S.B. 1523 (23 Aug. 2006) (requires state agencies, offices, and universities to use E-Verify). 143 Rhode Island Exec. Order 08-01 (27 Mar. 2008), available at: http://www.projo.com/news/pdf/2008/0327_immigrationorder.pdf (requires executive agencies and all persons and businesses, including grantees, contractors and their subcontractors and vendors to use E-Verify). 144 Virginia H. 737 (2010) (requires state agencies to enroll in the program by December 1, 2012). 145 See Margaret Hu, Reverse-Commandeering (forthcoming) (article on file with author). 146 See, e.g., Doris Meissner and Marc Rosenblum, “The Next Generation of E-Verify: Getting Employment Verification Right,” Migration Policy Institute (July 2009), p. 9, available at: http://www.migrationpolicy.org/pubs/Verification_paper-071709.pdf; Westat Report to DHS: Findings of the E-Verify Program Evaluation (Dec. 2009) and Summary: Westat Evaluation of the E-Verify Program: USCIS Synopsis of Key Findings and Program Implications (Dec. 2009) available at http://www.uscis.gov/portal/site/uscis/menuitem.5af9bb95919f35e66f614176543f6d1a/?vgnextoid=3a351e56d3856210VgnVCM100000082ca60aRCRD&vgnextchannel=75bce2e261405110VgnVCM1000004718190aRCRD;

http://billstatus.ls.state.ms.us/documents/2008/pdf/SB/2900-2999/SB2988SG.pdf

http://billstatus.ls.state.ms.us/documents/2008/pdf/SB/2900-2999/SB2988SG.pdf

http://www.scstatehouse.gov/cgi-bin/web_bh10.exe?bill1=4400&session=117&summary=T

http://www.scstatehouse.gov/cgi-bin/web_bh10.exe?bill1=4400&session=117&summary=T

http://www.house.mo.gov/billtracking/bills081/biltxt/truly/HB1549T.HTM

http://www.colorado.gov/DPA/dfp/sco/contracts/aliens/HB1343.pdf

http://www1.legis.ga.gov/legis/2005_06/pdf/sb529.pdf

http://www1.legis.ga.gov/legis/2009_10/pdf/hb2.pdf

http://www.projo.com/news/pdf/2008/0327_immigrationorder.pdf





29

expand and mandate E-Verify suggest that a universal biometric database can resolve the program's deficiencies.147

Table 2. Examples of Immigration-Related Identity Management Programs

Program Agency/Organization Purpose

E-Verify (Formerly “DHS Basic Pilot Program”)148

DHS/USCIS and SSA149

Free internet-based database screening program that attempts to allow employers to verify identity and citizenship status of new hires and, under FAR Rule, to screen entire current workforce.150

FAR Rule (Federal Acquisition Regulation Rule implementing Executive Order 12989)151

Federal Acquisition Regulatory Council and DHS/USCIS152

Federal rule requiring government contractors to screen workforce through E-Verify as a precondition of the government contract.

SAVE (Systematic Alien Verification for Entitlements)153

DHS/USCIS154 Fee-based internet-based database screening program that attempts to prevent federal benefits fraud by allowing state employees to verify citizenship status of benefits applicants.155 DMV offices and other licensing organizations increasingly using SAVE before issuing licenses to applicants.

147 H.R. 2885: “Legal Workforce Act” (Sept. 12, 2011). 148 Authorized by the IIRIRA, Pub. L. No. 104-208, §§ 401-405, 110 Stat. 3009 (1996) (codified as amended in 8 U.S.C. § 1324a). 149 Implementation of E-Verify: Database screening protocol conducted by all public and private employers in states mandating E-Verify; and on voluntary basis by employers in states not mandating use. 150 DHS, E-Verify, www.uscis.gov (follow “E-Verify Home page” hyperlink) (last visited Feb. 24, 2012). 151 FAR case 2007-013, Employment Eligibility Verification. 152 Implementation of FAR Rule: Database screening protocol conducted by all corporations seeking federal government contracts pertaining to requirements of agency contract. 153 DHS, SAVE, www.uscis.gov (search for “SAVE”; follow top hyperlink for “USCIS - SAVE ”) (last visited Feb. 24, 2012). 154 Implementation of SAVE: Database screening protocol conducted by state welfare benefits offices and benefit-issuing agencies, institutions, licensing bureaus, and other governmental entities. 155 IRCA, as amended, mandates the following programs and implementing agencies to verify the citizenship status of applicants seeking benefits under Temporary Assistance to Needy Families (TANF), Medicaid, and certain Territorial Assistance Programs (U.S. Department of Health and Human Services); the Unemployment Compensation Program (U.S. Department of Labor); Title IV Educational Assistance Programs (U.S. Department of Education); and certain Housing Assistance Programs (U.S. Department of Housing and Urban Development). DHS, SAVE, www.uscis.gov (search for “SAVE Governing Laws”; follow top hyperlink for “USCIS – SAVE Governing Laws”) (last visited Feb. 24, 2012).


30

CIDR (Citizenship and Immigration Data Repository System of Records)156

DHS/USCIS157 Database program that attempts to allow government officials to vet applications for fraud and national security concerns, and detect misuse of immigration information by agency employees for personal gain.

SEVIS (Student Exchange Visitor Information Service)158

DHS/USCIS/ICE159 Database program that tracks information on foreign students by requiring data entry by host institutions.

ISAP (Intensive Supervision Appearance Program)160

DHS/ICE/Detention and Removal161

GPS monitoring ankle bracelet and voice-recognition technology applied to track undocumented immigrants awaiting deportation hearings. ISAP imposes monitoring protocols through a curfew and unannounced phone calls. Requires installation of voice recognition technology on phone to allow DHS to confirm they are speaking with ISAP participant. “Voluntary” alternative to detention.

156 75 Fed. Reg. 54642-03 (Sept. 8, 2010). 157 Implementation of CIDR: Database screening protocol conducted by federal agencies attempting to respond to classified requests for information that could assist intelligence and law enforcement investigations of fraud and national security. 158 U.S. Immigration and Customs Enforcement, SEVIS-Student and Exchange Visitor Information System, http://www.ice.gov/graphics/sevis/index.htm (last visited Feb. 24, 2012). 159 Implementation of SEVIS: Educational and cultural institutions supporting foreign student exchange programs. 160 U.S. Immigration and Customs Enforcement, Memorandum For Field Office Directors (2005), http://www.ice.gov/doclib/foia/dro_policy_memos/dropolicymemoeligibilityfordroisapandemdprograms.pdf (last visited Feb. 24, 2012). 161 Implementation of ISAP: ICE during deportation hearing process. Government contractor for ISAP Program is Behavioral Interventions which received $40 million contract in 2004 when ISAP was first launched by DHS. Gabriela Reardon, The Gentle Way of Detainment, Report: Homeland Security (November/December 2008), nacla.org/files/A0410601_1.pdf.


31

2. Post-9/11 Statutes Supporting Identity Management Programs

Congress has enacted multiple statutes since the terrorist attacks of September 11, 2001, that require the implementation or “test pilot” experimentation of new identity management technologies. Some of these programs and technologies purport to further “crimmigration-counterterrorism” policy objectives simultaneously. Other programs purport to discretely serve only one area or a combination of two out of the three areas of national security, crime prevention, and/or immigration control. The identity management programs, however, all share a similar goal: to facilitate the ability of federal and state governments to utilize database screening technology to assist in cybersurveillance and the denial of specific benefits and privileges after ascertaining a data classification of certain individuals. Some of these database-driven identity management programs and technologies “verify” identity and citizenship status in order to screen out “unauthorized” persons or “undocumented” immigrants and, thus, a failed verification may have consequences like detainment or the denial of specific benefits and privileges. This database-driven determination is predominantly based upon criminal-related or immigration-related databases. However, other screening programs, like the No-Fly List, increasingly utilize contextual information in arriving at screening decisions. Thus, screening programs are increasingly based upon a broad range of databases, enabling the aggregation of consumer data, credit history data, geospatial data, travel data, etc., as well as the aggregation of data gathered through secret intelligence efforts. Consequently, several statutes both operate separately and work in combination to authorize or mandate the collection, analysis, and screening of personally identifiable data and biometric identification.

Table 3. Examples of Post-9/11 Federal Statutes Creating Identity Management Programs

Statute Agency/Organization Section(s) USA PATRIOT Act of 2001 (Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism)162

DHS US-VISIT (United States Visitor and Immigrant Status Indicator Technology; Incorporates NSEERS (National Security Entry-Exit Registration System: NSEERS)): Section 403(c) mandates the development of “a technology standard that can be used to verify the identity of persons” applying for or seeking entry into the U.S. on a visa “for the purposes of conducting background checks, confirming identity, and ensuring that a person has not

162 USA Patriot Act, Pub. L. No. 107-56, 115 Stat. 272 (2001).


32

received a visa under a different name.”163

EBSVRA (Enhanced Border Security and Visa Entry Reform Act of 2002)164

DHS Border Crossing Card: Section 303(b)(1) requires that only "machine-readable, tamper-resistant visas and other travel and entry documents that use biometric identifiers" shall be issued to aliens by October 26, 2004.165

HSA (Homeland Security Act of 2002)166

DHS Science & Technology Special Programs Division. DHS components, intelligence community, public and private sector in developing technologies in “Emerging Threats, Risk Sciences, Intelligence, Surveillance, Reconnaissance (ISR)[.]”167

“In accordance with the Homeland Security Act of 2002, ensuring especially sensitive technologies involving homeland defense are transferred to, or coordinated with, the Under Secretary for S&T [Science & Technology].”168

HAVA (Help America Vote Act of 2002)169

State coordination with SSA.170

Section 15483(a) requires each state to implement and maintain an electronic database of all registered voters.171 HAVA also requires states to verify the identity of the voter registration application through cross-checking the applicant’s driver’s license or last four digits of the applicant’s Social Security number. If the individual has neither number, the state is

163 Id. at § 403(c). 164 Pub. L. No. 107-173, 116 Stat. 543 (2002). 165 Id. at § 303(b)(1). 166 Pub. L. No. 107-296, 116 Stat. 2135 (2002). 167 U.S. Department of Homeland Security, Science and Technology Special Programs Division, http://www.dhs.gov/xabout/structure/gc_1239044157050.shtm (last visited Feb. 24, 2012). 168 Id. 169 Pub. L. No. 107-252, 116 Stat. 1666, 1666-1730 (codified as amended at 42 U.S.C. §§ 15301-15545). 170 Implementation of HAVA: State agency tasked with overseeing election rules and procedures for that state. See Social Security Administration, Social Security Legislative Bulletin, http://www.ssa.gov/legislation/legis_bulletin_110702.html (last visited Feb. 26, 2012). 171 42 U.S.C. § 15483(a) (2002).


33

required to assign a voter ID number to the applicant.172

FAA Reauthorization Bill (Federal Aviation Administration Reauthorization Bill is also known as Vision 100-Century of Aviation Reauthorization Act of 2003)173

DHS/TSA CAPPS or now Secure Flight (Computer Assisted Passenger Prescreening System).174 CAPPS relies upon the Passenger Name Record database (PNR). CAPPS checks the passenger’s data against the TSA “No-Fly” list, FBI lists, and assigns a terrorist “risk score” through statistical algorithms.175

IRTPA (Intelligence Reform and Terrorism Prevention Act of 2004)176

DHS/TSA Secure Flight177 Passenger Prescreening Program through PNR database and other databases.

REAL ID (Real ID Act of 2005)178

TSA Technological enhancements and data gathering requirements for driver’s licenses. Centralizes state DMV information in DHS databases. Stores digital photo in FBI biometric databases. Requires production of ID documents to DMV prior to issuance of license. Many states are requiring SAVE immigration-related database screening before issuing driver’s licenses.179

DNA Fingerprint Act of 2005180

FBI Requires the submission of DNA samples by all non-citizens in detention as a result of any arrest or apprehension, including misdemeanors,

172 Id. 173 Pub. L. No. 108-176, 117 Stat. 2490 (2003) (codified as amended in scattered sections of 49 U.S.C.). 174 Id. at § 608, 117 Stat. at 2569-70. 175 U.S. Department of Homeland Security, CAPPS II: Myths and Facts, http://www.dhs.gov/xnews/releases/press_release_0348.shtm (last visited Feb. 26, 2012). 176 IRTPA, Pub.L. No. 108-458, 118 Stat. 3638 (2004). 177 73 Fed. Reg. 64018, 64066 (Oct. 28, 2008) (issued pursuant to Pub. L. No. 108-458, § 4012(a)). 178 Pub. L. No. 109-13, div. B, 119 Stat. 231 (2005) (codified as amended in scattered sections of 8 U.S.C.). 179 Id. at § 202. 180 Pub. L. No. 109-162, Title X (2005) (codified as amended at 42 U.S.C. § 14132 (2006)).

https://advance.lexis.com/GoToContentView?requestid=660bd244-a9b4-4306-96cf-5b79072d7c0b


34

made under federal authority.181

DRA (Deficit Reduction Act of 2005)182

HHS/MMS/OCR183 Requires identity verification through presentation of original identity documents (birth certificate) to state officials before the administration of Medicare/Medicaid benefits.184

Adam Walsh Act (Adam Walsh Child Protection and Safety Act of 2006)185

FBI186 Allows for the tracking of sex offenders with GPS technology.187 Requires compilation of national database registry that includes the Social Security Number, address, employment information and license plate number of registered vehicles of sex offenders.188

SCHIP (State Children’s Health Insurance Program Reauthorization Act of 2009)189

HHS Requires verification of identity and citizenship status through database screening prior to issuing benefit.190

ACA (Affordable Care Act of 2010, also referred to as Obama Health Care Bill)191

HHS Requires verification of identity and citizenship status through database screening prior to issuing benefit.192

3. Post-9/11 Identity Management Data Mining Programs

Additionally, in the national security context, the government operates or contracts the use of pure data mining programs such as REVEAL, combining “information from sixteen government and private databases, including those maintained by the IRS and Social Security

181 Id. at § 1004 (codified as amended at 42 U.S.C. § 14132(a)-(b)). 182 Pub. L. No. 109-171, 120 Stat. 4 (2005) (codified as amended in scattered sections of 20, 42 U.S.C.). 183 Implementation of DRA: State benefit granting agencies charged with distributing Medicare/Medicaid benefits. 184 Id. at § 6036 (codified as amended at 42 U.S.C. § 1396b (2011)). 185 Pub. L. No. 109-248, 120 Stat. 587 (2006) (codified at 42 U.S.C.A. §§ 16911-16929 (Supp. 2009)). 186 Implementation of Adam Walsh Act: State Parole Boards monitoring release of sex offenders. 187 Pub. L. No. 109-248, Title VI, § 621, 120 Stat. 587 (2006). 188 Id. Title I, §§ 114, 119 (codified at 42 U.S.C.A. § 16914 (Supp. 2009)). 189 Children’s Health Insurance Program Reauthorization Act of 2009, Pub. L. No. 111-3, 123 Stat. 8 (2009). 190 Id. at § 211. 191 Pub. L. No. 111-148, 124 Stat. 224 (2010). 192 Id. at § 1411.


35

Administration[;]”193 MATRIX;194 and data “fusion centers” that are an outgrowth of the Terrorism Information Awareness (TIA)195 program, targeting specific individuals based on data collection and database profiling. Under the FBI’s Next Generation Identification (NGI) project, the government has announced its attempt to institute a comprehensive, centralized, and technologically interoperable biometric database that spans across military and national security agencies, as well as all other state and federal government agencies. Once complete, NGI will strive to centralize whatever biometric data is available on all citizens and non-citizens in the U.S. and abroad, including information on fingerprints, DNA, iris retinal scans, voice recognition, and facial recognition data captured through digitalized photos, such as U.S. Passport photos and REAL ID driver’s licenses.196

Table 4. Examples of Post-9/11 Identity Management Data Mining Programs


REVEAL197 DHS Database aggregation of information from 16 private and public databases.

MATRIX (Multistate Anti-Terrorism Information Exchange Program)198

NSA Private and public data mining and data profiling effort that utilizes surveillance and dataveillance technologies.

TIA/Fusion Centers (Terrorism Information Awareness)199

Federal-State Data Record Collection and Analysis

Data mining effort that combines federal and state data collection and database profiling.

Recorded Future200 CIA-Google (joint venture) Google and In-Q-Tel/CIA funded venture that “uses [predictive] analytics to scour Twitter, blogs and websites” for personal information which is used to “assemble real-time dossiers on people.”201

193 Christopher Slobogin, Is the Fourth Amendment Relevant in a Technological Age? at 7-8, The Future of the Constitution Series, Governance Studies at Brookings Institution (Dec. 8, 2010) available at www.brookings.edu/slobogin/1208_4th_amendment_slobogin.pdf. 194 Id. at 8. 195 Id. 196 For more information about the FBI’s Next Generation Identification project see http://www.fbi.gov/about-us/cjis/fingerprints_biometrics/ngi; http://www.fbi.gov/news/stories/2009/january/ngi_012609. 197 Christopher Slobogin, Is the Fourth Amendment Relevant in a Technological Age? at 7-8, The Future of the Constitution Series, Governance Studies at Brookings Institution (Dec. 8, 2010) available at www.brookings.edu/slobogin/1208_4th_amendment_slobogin.pdf. 198 Id. at 8. 199 Id. 200 www.recordedfuture.com (last visited Feb. 28, 2012). 201 Noah Schachtman, Exclusive: Google, CIA Invest in ‘Future’ of Web Monitoring, Wired: Danger Room (July 28, 2010, 7:30 PM), http://www.wired.com/dangerroom/2010/07/exclusive-google-cia.


36

Table 5. Examples of Biometric Database Programs: Federal and State

Program Agency/Organization Purpose CODIS (Combined DNA Index System)202

FBI DNA database (federal and state DNA combined database) containing DNA from almost 8.5 million offenders, as well as about 324,000 samples collected during ongoing state criminal investigations.203 “CODIS software makes it possible for local, state and federal crime laboratories to share and compare DNA data.”204

NDIS (National DNA Index System)205

FBI DNA database (federal DNA database)206

IAFIS (Integrated Automated Fingerprint Identification System)

FBI Fingerprint database207

ABIS (Automated Biometric Identification System)

U.S. Department of Defense To enable military agencies to conduct automated fingerprint searches. 208

IDENT DHS Database of digital photos and fingerprints209

NGI (Next Generation Identification)

FBI Interoperable, centralized, and technologically compatible biometric data system across federal, state, and military operations and databases.210

202 Authorized by the DNA Identification Act of 1994 (codified at 42 U.S.C. § 14132 (2006)). 203 Federal Bureau of Investigation, CODIS-NDIS Statistics, http://www.fbi.gov/about-us/lab/codis/ndis-statistics (last visited Feb. 26, 2012). 204 Anna Stolloey Persky, An Arresting Development: Courts Split Over DNA Testing for Those Merely Charged with a Crime, ABA Journal (Jan. 2012) at 15. 205 Authorized by the DNA Identification Act of 1994 (codified at 42 U.S.C. § 14132 (2006)). 206 Federal Bureau of Investigation, Frequently Asked Questions on the CODIS Program and the National DNA Index System, http://www.fbi.gov/about-us/lab/codis/codis-and-ndis-fact-sheet (last visited Feb. 26, 2012). 207 Federal Bureau of Investigation, Integrated Automated Fingerprint Identification System, http://www.fbi.gov/about-us/cjis/fingerprints_biometrics/iafis/iafis (last visited Feb. 26, 2012). 208 Biometrics Task Force, Annual Report FY07 6 (2007), www.biometrics.dod.mil/Files/Documents/Annual Reports/fy07.pdf (last visited Feb. 26, 2012). 209 U.S. Department of Homeland Security, Privacy Impact Assessment for the Automated Biometric Identification System (IDENT) (2006), http://www.dhs.gov/xlibrary/assets/privacy/privacy_pia_usvisit_ident_final.pdf (last visited Mar. 3, 2012). 210 Federal Bureau of Investigation, Next Generation Identification, http://www.fbi.gov/about-


37

The growing prevalence of a universal biometric data collection mandate is now reflected

as well in recent comprehensive immigration reform proposals, including “BELIEVE”: Biometric Enrollment, Locally Stored Information and Electronic Verification of Employment.”211 BELIEVE is unlike HSPD-12, US-VISIT, and the DNA Fingerprint Act of 2005, which limit the collection of biometric data to discrete subsets of the U.S. population. In contrast, recent immigration reform and identity management proposals recommend a universal or near-universal collection of biometric data, such as the scanned fingerprints and DNA, from every U.S. citizen and non-citizen currently residing in the U.S., approximately 311 million men, women, and children, according to the U.S. Census.212 In BELIEVE, Congress recommends replacing the paper-based Social Security Card with a digitalized National Biometric ID Card,213 also referred to as a “high-tech Social Security Card.”214 The BELIEVE immigration reform proposal recommends collecting and including our biometric data on a machine-readable card, similar to a credit card.

Although proponents of such a measure contend that a “high-tech” Social Security Card is not a “Biometric National ID Card,” several experts have already concluded that such a “high-tech” card would function as a National ID given that the Social Security Number has transformed in its original intended function. Although established in the 1930s as a government-assigned number intended to facilitate the transmission of a federal retirement benefit, experts have observed that the Social Security Number has morphed into a universal de facto National ID Number. Further, identity management technologies such as E-Verify utilize the Social Security Number as a key database sorting backbone. The statistical algorithms of the E-Verify software program necessitate, therefore, the collection of an employee's Social Security Number, if such a number exists.

Additionally, a Biometric National ID Card, such as the one promulgated under BELIEVE, would likely significantly impact existing “stop and identify yourself” laws215 and programs. State and local law enforcement, in partnership with the federal government, increasingly incorporate elements of database screening technologies, including biometric database screening protocols.216 Consequently, the proponents of immigration federalism—state and local government efforts to control unwanted migration—have specifically called for the

us/cjis/fingerprints_biometrics/ngi (last visited Feb. 26, 2012). 211 Sen. Schumer and Sen. Lindsey Graham, The Right Way to Mend Immigration, WASH. POST OP-ED (March 10, 2010) (“We would require all U.S. citizens and legal immigrants who want jobs to obtain a high-tech, fraud-proof Social Security card. Each card’s unique biometric identifier would be stored only on the card[.]”). See Senate Conceptual Outline for Comprehensive Immigration Reform (April 2010) http://thehill.com/images/stories/news/2010/PDFs/immigration2.pdf 212 U.S. and World Population Clocks. Available at http://www.census.gov/main/www/popclock.html 213 See supra note __. 214 Id. 215 See, e.g., Hiibel v. Sixth Judicial District Court of Nevada, 542 U.S. 177 (2004) (held that state “stop and identify” statutes do not violate Fourth Amendment). Arizona S.B. 1070 is codified in 2010 Ariz. Sess. Laws ch. 113 et seq., amended by Ariz. Sess. Laws 0211 (H.B. 2162, 49th Leg., 2d Sess.) (Ariz 2010). The four key provisions enjoined in U.S. v. Arizona, 641 F.3d 339 (9th Cir. 2011) (upholding district court’s injunction of key provisions of S.B. 1070), are specifically codified in Ariz. Rev. Stat. § 11-1051; § 13-1509; § 13-2928(C); and § 13-3883(A)(5). On August 11, 2011, Arizona filed a petition for certiorari in Arizona v. U.S. (Supreme Court docket no. __). 216 See S-COMM, CAP, 287(g) agreements, supra note __.



38

implementation of a biometric ID. A Biometric National ID Card would greatly facilitate the database screening protocols that are required by various dataveillance tools embedded within biometric data screening protocols mandated by immigration federalism laws.

A close examination of the Court’s treatment of E-Verify in Whiting is critically important in the way that it underscores how immigration federalism,217 when combined with national security federalism,218 is driving the exponential expansion of identity management programs and biometric database screening. Specifically, LAWA and Arizona Senate Bill 1070 (SB 1070), also referred to as the “racial profiling” law or “show me your papers” law, both rely upon database screening protocols.219 LAWA mandates E-Verify and both LAWA and SB 1070 mandate the biometric database screening protocol of S-COMM or 1373(c) of the Immigration and Nationality Act. Therefore, these state immigration laws could be accurately characterized as a “show me your data” law or “show me your biometrics” law, in addition to being characterized as a “show me your papers” law.

Table 6. Examples of Immigration-Related Biometric Database Screening Programs


S-COMM (Secure Communities)

DHS/ICE/FBI220 Fingerprint-based arrest protocol requiring biometric database screening of anyone apprehended by state and local law enforcement through DHS and FBI databases.221

CAP (Criminal Alien Program)

DHS/ICE/FBI222 Cooperating state and local jails, prisons, and detention facilities allow federal immigration agents to conduct biometric database (fingerprint-based) screening onsite through DHS and FBI databases.223

NCIC (National Criminal Information Center)

FBI Database that interfaces FBI criminal databases with immigration databases,

217 See, e.g., Kris W. Kobach, Reinforcing the Rule of Law: What States Can and Should Do To Reduce Illegal Immigration, 22 GEO. IMMIGR. L.J. 459, 475 (2008). 218 See, e.g., Matthew C. Waxman, National Security Federalism in the Age of Terror, 64 STAN. L. REV. 289 (2012). 219 Margaret Hu, Reverse-Commandeering (forthcoming) (article on file with author). 220 Implementation of S-COMM: All state and local law enforcement agencies by 2013 by DHS mandate. 221 U.S. Immigration and Customs Enforcement, Secure Communities, http://www.ice.gov/secure_communities/ (last visited Feb. 26, 2012). 222 Implementation: DHS/ICE with cooperation and assistance of state and local jails, prisons, and detention facilities. 223 U.S. Immigration and Customs Enforcement, Fact Sheet: Criminal Alien Program, http://www.ice.gov/news/library/factsheets/cap.htm (last visited Feb. 26, 2012).


39

including biometric databases.224

US-VISIT (United States Visitor and Immigrant Status Indicator Technology; Incorporates NSEERS (National Security Entry-Exit Registration System: NSEERS))

DHS/USCIS Requires biometric data collection of all non-citizen visitors to the U.S.225

Table 7. Examples of Biometric ID Credentialing Programs Implemented by the U.S.


PIV (Personal Identification Verification) Card, or biometric ID required under HSPD-12 (Homeland Security Presidential Directive 12)226

Department of Commerce; National Institute of Standards & Technology; Office of Personnel Management227

Biometric ID credentialing program and background check for all federal workers and federal contractors under private employers. Biometric data collected: fingerprints and digital photograph.228

TWIC (Transportation Worker Identification Credential)229

TSA/U.S. Coast Guard/DHS Biometric ID credentialing program for the maritime transportation system. Biometric data collected: fingerprints and digital photograph.230

BCC (Border Crossing Card)231

DHS Biometric ID credentialing program to facilitate border crossing between U.S. and Mexico border. Biometric

224 Federal Bureau of Investigation, National Crime Information Center, http://www.fbi.gov/about-us/cjis/ncic (last visited Feb. 26, 2012). 225 U.S. Department of Homeland Security, Fact Sheet: US-VISIT Program, http://www.dhs.gov/xnews/releases/press_release_0155.shtm (last visited Feb. 27, 2012). 226 Homeland Security Presidential Directive/HSPD-12: Policy for a Common Identification Standard for Federal Employees and Contractors, 40 WEEKLY COMP. PRES. DOC. 1709-10 (Aug. 27, 2004), available at http://www.dhs.gov/xabout/laws/gc_1217616624097.shtm. 227 Implementation of HSPD-12: All federal agencies. 228 See Homeland Security Presidential Directive/HSPD-12 – Policy for a Common Identification Standard for Federal Employees and Contractors, 2 Pub. Papers 1765 (Aug. 27, 2004). 229 Established through the Maritime Transportation Security Act of 2002, Pub. L. No. 107-295, § 102, 116 Stat. 2064 (2002) (codified as amended at 46 U.S.C. §70105). 230 Transportation Security Administration, Program Information, http://www.tsa.gov/what_we_do/layers/twic/program_info.shtm (last visited Feb. 27, 2012). 231 Section 104 of the Illegal Immigration Reform and Immigrant Responsibility Act of 1996 (IIRIRA) serves as the legal basis for the issuance of Border Crossing Cards.


40

data collected: fingerprints and digital photograph.232

EAD (Employment Authorization Document)

DHS/USCIS Biometric ID credentialing program. TPS (Temporary Protected Status) Biometric data collected: fingerprints and digital photograph.233

Lawful Permanent Residency Card (Green Card)

DHS/USCIS Biometric data collected: digital photograph234

U.S. Passport U.S. Department of State Biometric data collected: digital photograph.235

REAL ID Driver's License236 TSA/DHS Biometric data collected: digital photograph.237

4. Post-9/11 Military-Based Biometric ID Programs

In the defense context and the ongoing “war on terror,” the military claims that “biometrics have become a useful battlefield tool in Iraq and Afganistan[.]”238 The government explains that the Biometrics Identity Management Agency (BIMA) is in the process of being converted from a temporary task force to a permanent component of the U.S. Department of Defense.239 BIMA explains: “This transformation reflects both the successes biometrics have had in supporting the warfighter and protecting our country and allies from terrorism and what biometrics can bring to the DoD in the future.”240 This has led Air Force General Victor Renuart to announce that more biometric data collection is needed domestically to assist the military in its war effort abroad. “‘Interestingly, we are probably further forward in using biometrics outside our country in some of the combat environments than we are inside our country,’ said the general. ‘We’ve got to find a way to fix that.’”241 232 Department of State, Border Crossing Cards, http://travel.state.gov/visa/temp/types/types_1266.html (last visited Feb. 27, 2012). 233 Dawn Lurie and Lindsey Baldwin, USCIS’ Fraud Detection Efforts Continue: Employment Authorization Document and Permanent Residence Card Redesigned (June 21, 2010), http://www2.gtlaw.com/practices/immigration/compliance/pdf/GTAlert_USCIS_Fraud_June2010.pdf. 234 U.S. Citizenship and Immigration Services, News Release: USCIS To Issue Redesigned Green Card, http://www.aila.org/content/default.aspx?docid=31962 (last visited Feb. 27, 2012). 235 U.S. Department of State, Digital Image Requirements, http://travel.state.gov/visa/visaphotoreq/digitalimagereq/digitalimagereq_5327.html (last visited Feb. 27, 2012). 236 As required under the REAL ID Act of 2005, Pub. L. No. 109-13, 119 Stat. 231 (2005) (codified as amended in scattered sections of 8 U.S.C.). 237 Id. at § 202. See also 73 Fed. Reg. 5272, Part II (Jan. 29, 2008). 238 United Press International, Biometric System Working in Afghanistan (July 14, 2011) available at http://www.upi.com/Top_News/US/2011/07/14/Biometric-system-working-in-Afghanistan/UPI-74141310652220/ 239 Biometrics Identity Management Agency, Annual Report FY 2010, Director’s Message at 1. Available at www.biometrics.dod.mil/Files/Documents/AnnualReports/fy10.pdf. 240 Id. 241 Nathan Hodge, General Wants to Scan More U.S. Irises, Fingerprints, Wired.com (Jan. 29, 2009) available at http://www.wired.com/dangerroom/2009/01/biometrics-need/


41

Table 8. Examples of Post-9/11 Military-Based Biometric Identification Programs

Program Agency/Organization Program Authorized Military Biometric ID U.S. Department of Defense Biometric ID Card issued to

military and contract personnel in Iraq and Afghanistan.242

Biometric Data Collection of Civilians and Detainees in Iraq and Afghanistan

U.S. Army and U.S. Air Force Biometric data used to inform military operations, including preemptive force. 243

B. Smart Card-Biometric ID & Dataveillance

The PIV (Personal Identification Verification) Card required by HSPD-12 is known in the identity management industry as a “smart card.” The Smart Card Alliance is a coalition of industry partners that promote public and private sector use of smart cards for a variety of purposes. The Alliance defines a smart card in this way:

A smart card is a device that includes an embedded integrated circuit chip (ICC) that can be either a secure microcontroller or equivalent intelligence with internal memory or a memory chip alone. The card connects to a reader with direct physical contact or with a remote contactless radio frequency interface. With an embedded microcontroller, smart cards have the unique ability to store large amounts of data, carry out their own on-card functions (e.g., encryption and mutual authentication) and interact intelligently with a smart card reader. Smart card technology conforms to international standards (ISO/IEC 7816 and ISO/IEC 14443) and is available in a variety of form factors, including plastic cards, fobs, subscriber identity modules (SIMs) used in GSM mobile phones, and USB-based tokens.244

Table 9. Examples of Federal “Smart Cards” or Digitalized ID Credentialing Systems

Program Agency Purpose HSPD-12 Personal Identity Verification (PIV) Card245

OPM Personal Identity Verification (PIV) Card246

DoD Common Access Card U.S. Department of Defense Common Access Card247

242 Biometrics Task Force, Biometrics on the Ground and in the DOD, U.S. Army (June 1, 2009), http://www.army.mil/article/21940/biometrics-on-the-ground-and-in-the-dod/. 243 Richard Tomkins, Biometrics Play Important Role in Afghanistan, Human Events (Feb. 23, 2010), http://www.humanevents.com/article.php?id=35735. 244 Smart Card Alliance, Introduction: Primer on Smart Cards, available at http://www.smartcardalliance.org/pages/smart-cards-intro-primer 245 Homeland Security Presidential Directive/HSPD-12: Policy for a Common Identification Standard for Federal Employees and Contractors, 40 WEEKLY COMP. PRES. DOC. 1709-10 (Aug. 27, 2004), available at http://www.dhs.gov/xabout/laws/gc_1217616624097.shtm. 246 Smart Card Alliance, Introduction: Primer on Smart Cards, http://www.smartcardalliance.org/pages/smart-cards-intro-primer (last visited Feb. 29, 2012).

http://www.smartcardalliance.org/pages/smart-cards-intro-primer


42

DHS Transportation Workers Identification Credential

DHS/TSA/U.S. Coast Guard TWIC Credential248

DHS First Responder Authentication Credential

DHS FEMA249

U.S. ePassport U.S. Department of State ePassport250

Smart cards are proliferating in use across the European Union as a method of identification. In 2002, Estonia became one of the first countries in the EU to issue smart cards as a primary identification for citizens, replacing the passport in domestic and EU use. As of 2010 about 1 million smart cards have been issued (total population is about 1.3 million) and they are widely used for both physical access, logical access, and a combination of physical and logical access (e.g., internet banking, purchasing tickets for transportation, authorization on various websites, etc.). In 2009, Spain and Belgium adopted eID card. These smart cards contain two certificates: one for authentication and one for signature. This signature is legally enforceable, and EU countries are increasingly using the eID to secure access and permit authorization. In addition to government workers and contractors under HSPD-12, emergency response personnel have now begun to carry enhanced PIV cards that are outfitted with RFID, purportedly to facilitate identification in emergency situations. The cards carried by FEMA first responders contain additional personal information, such as medical records and skill sets. The National Institute for Science and Technology (NIST) and other scientists and experts, however, have identified a variety of concerns surrounding the implementation of the the PIV biometric ID card, that is required under HSPD-12, and other biometric IDs. These concerns include:

(1) Liveness Detection: How does the system recognize whether the fingerprint has been stolen and has been replicated for verification purposes? How does any system administrator ensure that the individual using the system is using a live fingerprint? The biotech industry has not yet developed the technology yet to ensure the fingerprint is not forged (e.g., an individual is wearing a latex glove with someone else’s fingerprints manufactured into the glove). Even if a system administrator is watching an individual provide a fingerprint, they may not be able to tell whether the fingerprint is “live” or forged. Research done in this area is sparse and currently, no verifiable standards exist at this point.

(2) Revocability: Currently, there is no remedy availability if an individual’s biometric data is stolen. Technologically, there is no way to develop encryptions within our biometric data because our biometric data is derived from our body. Furthermore, using biometrics in one domain can allow someone to track your movements in another domain. For instance, if someone steals biometric information that is

247 U.S. Department of Defense, Common Access Card (CAC), http://www.cac.mil/common-access-card/ (last visited Feb. 27, 2012). 248 Transportation Security Administration, Program Information, http://www.tsa.gov/what_we_do/layers/twic/program_info.shtm (last visited Feb. 27, 2012). 249 Federal Emergency Management Agency, First Responder Authentication Credential (FRAC), http://www.fema.gov/about/offices/ncr/editorial_0849.shtm (last visited Feb. 27, 2012). 250 U.S. Department of State, The U.S. Electronic Passport, http://travel.state.gov/passport/passport_2498.html (last visited Feb. 27, 2012).


43

embedded in a microchip on a gym card or bank card, this biometric information can be used to perpetrate the acquisition of a fraudulent biometric-based REAL ID driver’s license. NIST also notes that there is no research on how robust fingerprint data is over time, or how data captured on one type of machine would be translated once newer technology is used to replace older hardware or obsolete software.

(3) Reliability: In biometric verification technology, accuracy improves if all other factors remain stable in the environment. For example, NIST has learned through PIV card/biometric ID card implementation under HSPD-12 that the same vendor must be used to ensure higher accuracy. Biometric technology users are instructed to attempt to ensure the environment for the biometric data enrollment and the verification are identical (e.g., attempt to use same staff at same room, same lighting, same humidity levels, etc.). Unfortunately, if the federal government expresses reliability concerns about a vendor, there is almost no way to remediate the situation because the government has selected to rely on one biometric ID vendor. In addition, NIST has realized that it needs to develop an alternative system for people with no fingerprints, those with “damaged” fingerprints, Displasia (no lines in fingerprints), etc. Biometric research has determined that biometric data is less accurate and harder to recognize for women (fine skin and less defined fingerprints due to housecleaning solution and face cleansing, the elderly due to decaying skin, etc.). Biometric research has also determined that the statistical algorithms have a racially disparate impact in accuracy for reasons that are not wholly known. Finally, biometric technology has not yet adopted a uniform standard domestically or internationally. Some advocate adoption of the INTERPOL fingerprinting standard which is similar to the American standard (e.g., use image and points within fingerprint).

C. Biometric-RFID Cards & Cybersurveillance The advent of radio frequency identification (RFID) technology has added a surveillance angle to modern identification credentialing programs. RFID allows for the monitoring of an individual’s movement through hand-held devices as well as satellite tracking technologies. Since 2007, each U.S. Passport is now implanted with RFID chips in the booklet’s back cover.251 Additionally, the REAL ID Act of 2005 requires the inclusion of RFID-compatible technology in all REAL ID-compliant driver’s licenses.252 The human implantation of RFID microchips is now FDA-approved.253 New RFID technology is being tested on human “volunteers” who are willing to be “chipped” through surgical implantation of the microchip in the bicep.254 According to reports, currently, the RFID device in U.S. Passports can be read from a distance of around 10 meters, or approximately 33 feet.255 In response to criticism that data on U.S. Passports could be maliciously or inadvertently stolen, the U.S. Department of State upgraded the protection of the RFID-U.S. Passports to incorporate a thin metal lining to make it 251 U.S. Passports contain RFID chips “encoded with the information printed on the data page, a biometric version of the bearer's photograph, a unique chip number, and a digital signature to protect the integrity of the stored information.” (70 Fed. REg. 61553, 61555 (Oct. 25, 2005) (codified at 22 C.F.R. pt. 51). 252 REAL ID Act of 2005, Pub.L.No. 109-13, § 202(a)(1), (b)(8)-(9), 119 Stat. 231, 312. 253 VeriChip Corporation received FDA approval for human implantation of the VeriChip RFID microchip in 2004. 254 David Streitfield, “First Humans to Receive ID Chips; Technology: Device Injected Under the Skin Will Provide Identification and Medical Information,” L.A. TIMES (May 9, 2002). 255 http://www.contactlessnews.com/2006/11/30/contactless-inlays-from-smartrac-ordered-for-us-epassport-project


44

more difficult for unauthorized readers to “skim” or “steal” the information encoded on the RFID. Reports describing security measures taken to protect the information encoded on the RFID chip have explained that the U.S. Department of State has adopted a Basic Access Control (BAC) system which apparently functions as a Personal Identification Number (PIN), and the PIN must be entered into an RFID reader before the chip can be read. The BAC purports to encrypt all communications between the RFID chip and the “interrogator” of the chip information. The RFID passports are interoperable with the systems of other nations, complying with the standards and technological specifications developed by the International Civil Aviation Organization (ICAO). The ICAO requires a minimum capacity of 32 kilobytes of memory for storage on the passport RFID chip, however, the U.S. Department of State has included a chip that has 54 kilobytes of memory, or double the minimum required data storage capacity. The State Department has explained that the purpose for this extra storage is to allow for the implantation of additional biometric data, such as fingerprints, iris scans, and presumptively DNA, in the future. According to press reports, “[b]efore the department adds additional data or biometric identifier other than a digitized photograph, however, it says it will seek public comment through a new rule-making process.”256

Table 10. Examples of DNA Data Harvesting Programs

Program and/or Statute Agency/Organization Purpose DNA Analysis Backlog Elimination Act of 2000257

FBI Compels production of DNA samples from parolees.258

Katie Sepich Enhanced DNA Collection Act of 2010 passed by a vote of 357 to 32.259

FBI Compilation of national DNA databases taken from people arrested of crimes (does not require conviction for DNA data harvesting).

“Julie’s Law” 260 and other state DNA Harvesting Laws. “According to the National Conference of State Legislatures, all 50 states require that convicted sex offenders provide DNA samples. Increasingly, according to the conference, states are expanding these policies to include all felony

Under many of the state laws requiring DNA harvesting, DNA saliva swabbing kits are provided to state prisons and local jails, where samples are collected. The information gathered often includes offenders' names, Social Security numbers, birth dates, signatures, federal or state offender identification

DNA collection of those detained for felony and misdemeanor offenses of assault and battery, domestic abuse, stalking, possession of a controlled dangerous substance, outraging public decency, resisting arrest and peeping tom. Some state laws require the collection of DNA from those suspected of

256 http://www.rfidjournal.com/article/articleview/1951/1/132/ 257 42 U.S.C. § 14135a (2006). 258 Id. at §14135a(a)(2). 259 H.R. 4614, 111th Cong. (2010). 260 Oklahoma Senate Bill 1102 (May 20, 2009) named after Julie Buskin, a University of Oklahoma student murdered in 1996. State lawmakers contend the expansion of DNA harvesting at the state level can bring “cold case” criminals to justice through “cold hit” DNA evidence.


45

convictions and even some misdemeanors as well.”261

numbers and fingerprints. unlawful presence.

According to the National Conference of State Legislatures, all 50 states and the District of Columbia require the collection of DNA samples from newborns for genetic screening purposes.262

Hospitals DNA stored in state labs for anywhere from three months to indefinitely, depending on the state. In some states, genetic screening for diseases is conducted by taking blood samples of the newborn child without parental consent.

“Bring Your Genes to Cal” University of California Berkeley

In 2010, incoming freshman at UC Berkley can voluntarily submit to genetic testing.263

Table 11. Examples of Fingerprint Data Harvesting Programs

Program and/or Statute Agency/Organization Purpose

S-COMM (Secure Communities)

DHS/ICE/FBI264 Fingerprint-based arrest protocol requiring biometric database screening of anyone apprehended by state and local law enforcement through DHS and FBI databases.265

US-VISIT (United States Visitor and Immigrant Status Indicator Technology; Incorporates NSEERS (National Security Entry-Exit Registration System: NSEERS))

DHS/USCIS Requires biometric data collection of all non-citizen visitors to the U.S.266

Thumbprint Signature Program utilized by numerous state bankers associations.267

Private banking institutions Thumb scan may be required to open bank account or to cash a check.268

261 Anna Stolloey Persky, An Arresting Development: Courts Split Over DNA Testing for Those Merely Charged with a Crime, ABA Journal (Jan. 2012) at 15. 262 National Conference of State Legislatures, Newborn Genetic and Metabolic Disease Screening (Nov. 2007) http://www.ncsl.org/default.aspx?tabid=14416. 263 Ferris Jabr, California Legislators’ Effort to Prevent Student DNA Testing Could Come Too Late: A New Bill is Designed to Halt Berkeley’s Controversial Genetic Testing Project, Scientific American (July 9, 2010), http://www.scientificamerican.com/article.cfm?id=berkeley-bill-dna-testing. 264 Implementation of S-COMM: All state and local law enforcement agencies by 2013 by DHS mandate. 265 U.S. Immigration and Customs Enforcement, Secure Communities, http://www.ice.gov/secure_communities/ (last visited Feb. 26, 2012). 266 U.S. Department of Homeland Security, Fact Sheet: US-VISIT Program, http://www.dhs.gov/xnews/releases/press_release_0155.shtm (last visited Feb. 27, 2012). 267 See e.g. Indiana Bankers Association, Thumbprint Signature Program, http://www.indianabankers.org/displaycommon.cfm?an=1&subarticlenbr=16#.T1OKZvGPWf4 (last visited Mar. 4, 2012); New York Bankers Association Online, Thumbprint Signature Program,


46

24 Hour Fitness (using MorphoTrak biometric scanning technology) (adopted test pilot program in 60 Bay Area gyms in California in Aug. 2010)

Private health clubs Index fingerprint required for gym membership.269

California Handgun Ammunition Registration Bill (signed into law Oct. 2009)270

Private gun dealers February 1, 2011, submission of fingerprints required to purchase ammunition California. Required that all ammunition sales in California involve a face-to-face transaction and fingerprint registration of the purchasers. Use of online sites or catalogs requires ammunition shipped to a local gun dealer: transaction must be performed in person under the law.271

Table 12. Examples of Facial Recognition Data Harvesting Programs

Program Agency/Organization Purpose REAL ID Act of 2005 & Driver’s License Facial Recognition Application

DHS At least 34 states use facial recognition systems to “verify a person’s claimed identity and track down people who have multiple licenses under different aliases[.]”272

U.S. Passports and ePassports U.S. Department of State Passports and ePassport273 require digital photo that is provided to centralized facial recognition database.

http://www.nyba.com/profit/product_list/Thumbsig.html (last visited Mar. 4, 2012). 268 Reuters News Service, No Thumbprint, No Money, Bank Tells Armless Man (Sept. 3, 2009), http://www.reuters.com/article/2009/09/03/us-bank-thumbprint-idUSTRE58247Y20090903. 269 Demian Bulwa, Fingerprint Check-in Tried at 24 Hour Fitness, San Francisco Chronicle (Aug. 23, 2010), http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2010/08/23/MN201EVV36.DTL. 270 A.B. 962, Ch. 628 (Ca. 2009). 271 Fresno County Superior Court Judge Jeffrey Hamilton ruled the law unconstitutional in January 2011. Parker v. California, No. 10 CECG 02116 (Cal. Dep’t Super. Ct. Jan. 31, 2011). 272 Meghan E. Irons, Man Sues Registry After License Mistakenly Revoked, The Boston Globe (July 17, 2011), http://www.boston.com/news/local/massachusetts/articles/2011/07/17/man_sues_registry_after_license_mistakenly_revoked/?page=full. 273 U.S. Department of State, The U.S. Electronic Passport, http://travel.state.gov/passport/passport_2498.html (last visited Feb. 27, 2012).


47

E-Verify Photo Tool (incorporated into E-Verify in September 2007)274

DHS/USCIS and SSA “[E]nables employers to match the photo on an employee’s EAD [Employment Authorization Document] or a Permanent Residence Card (‘green card’) to the photo that USCIS has on file for that employee.”275

Scotland Yard’s Program to ID Rioters After 2011 London Riots

Scotland Yard and Facebook & Twitter

Surveillance technology (CCTV) interfaces facial recognition software with social media sites (Facebook and Twitter) to identify rioters.276

Like most proposals, a Biometric National ID Card and database system is, at this stage, nothing more than a legislative concept. In order for the proposal to take shape, it awaits the attempts of a policymakers, civil servants and private contractors retained by DHS to implement the mandate once enacted. Based on policy precedent involving the proliferation of database screening programs, however, it is unlikely that a Biometric National ID Card would simply take the form of a digitalized Social Security Card that contains a computer chip with fingerprint information or other biometric information--such as a DNA, retinal scan or skeletal bone scan-- as some lawmakers describe. Most likely, a Biometric National ID Card would provide the digital tool to serve a combination of purposes:

(1) Restricting Access to certain benefits and privileges until the government is satisfied

that identity and citizenship or immigration status has been established prior to granting the right to work, right to vote, right to access a driver’s license, etc. A Biometric National ID Card would likely replace the Form I-9 (DHS Employment Eligibility Verification Form) (identity verification protocol as a precondition for the right to work); Help America Vote Act (HAVA) documentation and screening requirements (identity verification protocol as a precondition for the right to vote); and documentation requirements under REAL ID—mandating standardization of driver’s licenses (identity verification protocol as a precondition for driving privileges).

(2) Automated Screening and Sorting to determine whether an individual is an unauthorized immigrant (e.g., E-Verify or HAVA), unauthorized for federal benefits (e.g., SAVE), unauthorized for air travel (e.g., No-Fly list), etc. A Biometric National ID Card would most likely be used for database screening and pre-screening through linking information on the Biometric National ID Card with FBI and DHS databases,

274 Visalaw.com – The Immigration Law Portal, The ABC’s of Employer Compliance: E-Verify, http://www.visalaw.com/compliance/everify.html (last visited Mar. 3, 2012). 275 Id. 276 CBS News, UK Using Facial Recognition to Hunt Rioters (Aug. 11, 2011), www.cbsnews.com/2102-202_162-20091186.html?tag=contentMain;contentBody.


48

as is currently being implemented through S-COMM and CAP, for example; or linking information with DHS and Social Security Administration databases, such as E-Verify and SAVE; and/or screening through a combination of public and private databases (e.g., MATRIX and REVEAL) to initiate action.

(3) Dataveillance to assess characteristics and patterns of the individuals who are the target of investigations, or classifications of individuals, such as targeting groups based on immigration status, national origin, credit history or zipcode. Through current databases, the government can seek private informational databases, such as ChoicePoint, which collects data on consumer habits, credit reports, etc. Shortly after 9/11, the Justice Department negotiated a $67 million contract to secure access to ChoicePoint’s national databases that track consumer habits. Consequently, the government can engage in surveillance based upon data gleaned from credit card receipts, cell phone records, magazine subscriptions, income, zipcode, etc. Currently, interlocking databases would include information on an individual as an employee (e.g., E-Verify); recipient of benefits (e.g., SAVE); international traveler (Global Entry Trusted Traveler Program and US-VISIT); consumer (e.g., ChoicePoint consumer database); and through banking records, school records, and health records.

(4) Cybersurveillance to record our movement or create a virtual security checkpoint through recording our whereabouts at the time of the card swipe (e.g., requiring the Biometric National ID Card to be swiped at certain points of entry or exit, such as is the case with the US-VISIT program or HSPD-12, for example, to track movements). Or if a Biometric National ID Card is embedded with RFID/GPS tracking technology, such a card could be used to conduct continuous geospatial surveillance. Many state immigration laws, such as SB 1070 under challenge in Arizona v. U.S., now require residents to possess and carry identification credentials at all times. Therefore, an ID card could facilitate 24/7 tracking of the movements of anyone who possesses and carries such cards.

III. Contours of the 1984 Surveillance Problem

The breadth of the developing identity management technologies and cybersurveillance-dataveillance techniques the government has or seeks to have at its disposal is neither fully known nor even fully comprehended by experts and average citizens alike. This is due to several factors, including: the complex opacity of such technologies; the classified nature of some of the programs; the dense administrative and highly technical regulatory structure in which many of the non-classified identity management programs unfold; and the manner in which many of the programs and technologies are outsourced to private corporate vendors who then, in turn, claim intellectual property rights over the technology once the government contract is awarded. Yet, in recent years, the judiciary been forced to come to grips with this increasingly complex cybersurveillance apparatus and begin the process of determining if it or the Constitution has any role in posing restraints on these technologies and cutting-edge surveillance techniques.

NASA v. Nelson is one of the first cases to confront some of the surveillance consequences of a biometric ID credentialing system, but in that case the legal question the Court finally dealt with was boiled down to a fairly mundane question of what kinds of background information can an employer, specifically, the federal government, require from potential applicants. The growing number of cases challenging state immigration laws such as the Legal


49

Arizona Workers Act277—the subject of the Court's recent decision in Chamber of Commerce v. Whiting278—and Arizona SB 1070279—the subject of the Court's current consideration in Arizona v. United States280—requiring database-driven identification screening protocols have cybersurveillance implications. Those Fourth Amendment implications, however, are not the driving force behind the litigation and, therefore, the cybersurveillance and dataveillance consequences of these laws has been eclipsed and obscured.

Jones is the case where thus far the question of limits on these technologies has most come to a head. Yet, ultimately, Jones addressed plain, vanilla-flavored covert surveillance: traditional body tracking of a criminal suspect by law enforcement through GPS technology. At the same time, GPS technology is a form of surveillance by 24/7 data collection. The GPS device transmits geospatial data that captures current location multiple times per minute for as long as the device is left in place. That in turn creates a system of records enabling authorities to pinpoint the location of the device at a given time on a given day – and all this is accomplished with minimal effort and resources by the authorities. Once the device is in place, data begins to be amassed automatically without the need for any law enforcement officers to be involved in its collection. And the comprehensive volume of that data led to the lower court, the D.C. Circuit Court of Appeals, to hold that the sheer scale of this comprehensive intrusion constituted a Fourth Amendment violation by allowing the government to see the entire mosaic of the suspect rather than the tile of the suspect’s potential criminal activity.281 The Jones Court, however, declined to follow this “digital mosaic theory” of the Fourth Amendment.282

At the end of the day, the Court’s decision in Jones dodged the complex questions raised by the cybersurveillance-dataveillance consequences that GPS tracking technology emblemizes. Nevertheless, the Court has revealed that significant concerns remain regarding the implications of GPS technology as a surveillance tool. Specifically, the Jones argument revolved around the question of whether such all-encompassing cybersurveillance enabled by GPS technology was culturally tolerable, even as the Justices seemed to have no clear sense of how the Court’s Fourth Amendment jurisprudence provided any legal basis for restraining the government’s use of that technology.

A. Orwellian Surveillance Technologies & Devolution of the Fourth Amendment

During the Supreme Court argument of Jones, George Orwell’s dystopian novel 1984 was raised on at least six separate occasions.283 The transcript is filled with evidence that Jones seemed to compel a consideration of the limits of cultural toleration for potentially untrammeled surveillance: the Court noted a need to avoid “an omen of 1984[,]”284 “a 1984-type invasion”285 277 Legal Arizona Workers Act, 2007 Ariz. Sess. Laws 1312 (codified at ARIZ. REV. STAT. ANN. §§ 13-2009, 23-211 to 23-214 (2008)). 278 Chamber of Commerce v. Whiting, 131 S. Ct. 1968 (2011). 279 Support Our Law Enforcement and Safe Neighborhoods Act, ch. 113, 2010 Ariz. Sess. Laws 450 (codified in scattered sections of ARIZ. REV. STAT. ANN. tits. 11, 13, 23, 28, 41), as amended by Act of Apr. 30, 2010, ch. 211, 2010 Ariz. Sess. Laws 1070. 280 United States v. Arizona, 641 F.3d 339 (9th Cir. 2011), cert. granted 181 L. Ed. 2d 547 (2011). 281 See United States v. Maynard, 615 F.3d 544 (D.C. Cir. 2010). 282 For a detailed discussion on the mosaic theory, see Benjamin Wittes, Databuse: Digital Privacy and the Mosaic, Governance Studies at Brookings Institution (April 1, 2011). 283 Supreme Court oral argument transcript in U.S. v. Jones at 13:10, 25:3, 26:18, 33:1, 34:20, and 56:22, available at www.supremecourt.gov/oral_arguments/transcripts/10-1259.pdf. 284 Id. at 26:18.


50

of privacy, “the so-called 1984 scenarios[,]”286 and the “1984 Ministry of Love, Ministry of—of Peace problem.”287 In this manner, 1984 served as a cultural touchstone denoting the limits of acceptable monitoring of citizens even while it was not at all clear that such monitoring violated any reasonable expectation of privacy under the Fourth Amendment.

This usage of 1984 in the Supreme Court argument of Jones underscores the potency of deeply ingrained cultural self-perceptions about normatively appropriate limits on government intrusiveness in an age when technological innovation is rapidly changing the government’s capacities. The not insubstantial rhetorical force of the invocation of 1984 by the Court’s Justices made a government defeat in Jones almost predictable, even as it provided no clear grounds for the legal basis of the holding. In effect, it illuminated the “cultural software”288 embedded within the Fourth Amendment’s “doctrinal hardware.” In the end, the Court avoided addressing whether 24/7 GPS surveillance constituted an unreasonable search. Rather, in utilizing trespass doctrine-tort theory, the Court held against the government on the narrower ground that warrantless placement of a GPS device on a person’s vehicle without their consent constituted a search under the Fourth Amendment.

While Jones clearly marks an important victory for those seeking more robust Fourth Amendment protections, the Court’s resolution of the case was largely designed to reject the government’s position that the Court’s established Fourth Amendment jurisprudence permitted warrantless GPS surveillance of drivers for any length of time while, at the same time, avoid the unresolved question of how one establishes a new doctrine that can adequately address the emerging cybersurveillance and dataveillance technologies at the disposal of law enforcement specifically and the government in general.

Jones posed the question of whether government GPS-enabled surveillance of your every movement, every minute of every day for as long as the government may wish raises a Fourth Amendment problem. On the one hand, it is settled law that there are typically little or no Fourth Amendment protections for our movements in public places because there is no reasonable expectation of privacy in places where other people can naturally observe you. Thus, a lot more of nothing--in the form of all-encompassing tracking of your movement in public spaces--is still nothing. Or, as Judge Sentelle of the D.C. Circuit quipped, “The sum of an infinite number of zero-value parts is also zero.”289 And yet, to say that unlimited and comprehensive surveillance of the kind facilitated by 24/7 GPS tracking is not legally cognizable as a Fourth Amendment problem did not itself seem wholly reasonable to the Justices of the Court. In fact, the Justices appeared to admit that it appears dystopian. The Justices on numerous occasions invoked 1984 as a way to characterize the scenario the government was asking them to ratify. The invocation of a dystopian reality served as a placeholder by the Justices to mark the intuitively unreasonable nature of the legally reasonable proposition that since we lack any reasonable expectation of privacy with regard to our public comings and goings, we lack any reasonable expectation of privacy in the accumulation, by the government, of data tracking our every movement every day for as many days, or months, or years, as the government wishes. Ironically, the government argued this proposition is even more reasonable because the virtual nature of cybersurveillance does not

285 Id. at 56:22. 286 Id. at 25:3. 287 Id. at 34:20. 288 See, e.g., Jack M. Balkin, CULTURAL SOFTWARE (1998). 289 U.S. v. Jones, 625 F.3d 766, 769 (D.C. Cir. 2010) (J. Sentelle dissenting from denial of en banc hearing).


51

offend an expectation of freedom from physical intrusion, one of the traditional bulwarks of Fourth Amendment protection. As more and more data is shared with the government and third parties during the course of normal day-to-day activities, and as continuous tracking becomes normalized through daily usages, once a Biometric National ID credentialing system is adopted by Congress, the government will be able to argue with increasing persuasiveness that no reasonable expectation of privacy is violated by cybersurveillance or dataveillance that is facilitated by biometric IDs embedded with GPS/RFID tracking technology.

Table 13. Examples of Normalizing GPS Tracking Into Day-to-Day Usage

Program Agency or Company Purpose GPS Shoes290 GTX Shoes are embedded with a

miniature GPS chip. Envisioned use is to locate children and the elderly.291

OnStar OnStar Available in vehicles that were not originally equipped with OnStar. The rear view mirror contains a GPS sensor.292

iPhone GPS Tracking Device293

Apple Location tracking.294

GPS Pet Collars Various Companies Tracking lost pets.295 ISAP (Intensive Supervision Appearance Program)296

DHS/ICE/Detention and Removal297

GPS ankle bracelet tracks undocumented immigrants awaiting deportation hearings.

290 Patented GPS Smart Shoe, www.gpsshoe.com (last visited Mar. 4, 2012). 291 Patented GPS Smart Shoe, Frequently Asked Questions, www.gpsshoe.com/faq.cfm (last visited Mar. 4, 2012). 292 OnStar FMV, www.onstar.com/web/fmv/home (last visited Mar. 4, 2012). 293 Grown Up Geek, How to Use Your iPhone to GPS Track Someone’s Location, http://grownupgeek.com/iphone-gps-track-someone (last visited Mar. 4, 2012). 294 Stef DiPietrantonio, GPS Leads Deputies to 12-year-old Phone Thief, My Fox Tampa Bay (Mar. 1, 2012), http://www.myfoxtampabay.com/dpp/news/local/nature_coast/gps-leads-deputies-to-12-year-old-phone-thief-030112. 295 See e.g. SpotLight GPS Pet Locator, www.spotlightgps.com/home.aspx (last visited Mar. 4, 2012). 296 U.S. Immigration and Customs Enforcement, Memorandum For Field Office Directors (2005), http://www.ice.gov/doclib/foia/dro_policy_memos/dropolicymemoeligibilityfordroisapandemdprograms.pdf (last visited Feb. 24, 2012). 297 Implementation of ISAP: ICE during deportation hearing process. Government contractor for ISAP Program is Behavioral Interventions which received $40 million contract in 2004 when ISAP was first launched by DHS. Gabriela Reardon, The Gentle Way of Detainment, Report: Homeland Security (November/December 2008), nacla.org/files/A0410601_1.pdf.


52

Table 14. Examples of Normalizing RFID Tracking Into Day-to-Day Usage

Program Agency or Company Purpose RFID Human Implant Chips Embedded in Arms of VIP Club-goers at Barcelona Club

VeriChip Corporation (now PositiveID)

“The night club offers its VIP clients the opportunity to have a syringe-injected microchip implanted in their upper arms that not only gives them special access to VIP lounges, but also acts as a debit account from which they can pay for drinks.”298

EpicMix RFID Embedded Ski Passes

Vail Ski Resorts & Facebook The resorts are laced with RFID readers to read guests’ lift tags. Enables guests to “share their whereabouts on the mountain with their Facebook friends.”299

Implantable RFID Chips for Soldiers

Israeli Defense Force (ordering RFID human implant chips manufactured by PositiveID)

The stated use for the chips is in “disaster preparedness and emergency management by the Israeli Military.”300

E-ZPass301 RFID Card for Toll Booths

E-ZPass Group RFID device in card transmits a unique ID number to the toll booth receiver, which is matched to an individual account.302

Possible RFID Chip Implantation of Colombian Immigrant Guest Workers Provided to U.S.

Government of Colombia Colombian President Alvaro Uribe said he “would consider having Colombian workers have microchips implanted into their bodies before they are permitted to enter the United States to work on a seasonal basis.”303

298 Simon Morton, Barcelona Clubbers Get Chipped, BBC News (Sept. 29, 2004), http://news.bbc.co.uk/2/hi/technology/3697940.stm. 299 Chris Murphy, How Vail Turns Resort Customers Into ‘Brand Activists,’ InformationWeek (Sept. 14, 2011), http://www.informationweek.com/news/global-cio/interviews/231600967. 300 PositiveID Receives VeriChip Order for Israeli Military, RFID News (Oct. 11, 2011), http://www.rfidnews.org/2011/10/11/positiveid-receives-verichip-order-for-israeli-military. 301 The program encompasses 24 toll agencies in 14 states with more than 21 million E-ZPass devices in circulation. E-ZPass Group, www.e-zpassiag.com (last visited Mar. 4, 2012). 302 Id. 303 152 Cong. Rec. S3495 (2006).


53

Driver's Licenses Under REAL ID (Real ID Act of 2005)304

TSA Technological enhancements and data gathering requirements for driver’s licenses. Some states offer “enhanced” driver's licenses that incorporate RFID technology.305

U.S. Passports and ePassports U.S. Department of State Passports and ePassport306 implanted with RFID technology in 2007.

B. Culturally-Ingrained Privacy Customs & the Fourth Amendment

A close reading of the Jones' oral argument transcript seems to indicate that the repeated invocation of 1984 throughout argument was not mere rhetoric. There was real concern on the bench that its prior precedent was driving it into a corner in which it would have to affirm a government position whose implications, although resisted by the government, were clearly viewed by the Court as “Orwellian.” The play of that dystopian rhetoric is significant and worth studying in light of comprehensive cybersurveillance and dataveillance technologies. Specifically, it delineates what might be called a customary understanding of what protections the Fourth Amendment should afford, as a matter of an objective societal expectation under established privacy customs, regardless of how those non-lawyerly expectations diverge from what Fourth Amendment precedent indicates is actually protected by the Constitution.307 Consequently, this dystopian rhetoric reveals that the ideas embodied within the cultural shadow cast by the novel 1984 are anchoring a certain normative conceptualization of the relationship between citizen and government,308 one that is, strictly speaking, irrelevant legally unless it is construed as being encompassed by a customary law framework309—but one which is nevertheless exerting a kind of gravitational pull on the development of legal doctrine, as illustrated by Jones.

Much of the Jones argument revolved around the Court’s 1982 case, United States v. Knotts,310 which, according to the government, set forth the relevant legal standard and, applied

304 Pub. L. No. 109-13, div. B, 119 Stat. 231 (2005) (codified as amended in scattered sections of 8 U.S.C.). 305 Priya Ganapati, New York Offers Drivers License with RFID Tag (Sept. 17, 2008) Wired.com available at http://www.wired.com/gadgetlab/2008/09/new-york-offers/. 306 U.S. Department of State, The U.S. Electronic Passport, http://travel.state.gov/passport/passport_2498.html (last visited Feb. 27, 2012). 307 For an excellent discussion on the foundational genesis and philosophical underpinning of customary law, see Curtis A. Bradley and Mitu Gulati, Rethinking Opinio Juris in Customary International Law, DUKE L.J. (2012) (forthcoming) (on file with author). 308 Orin Kerr, An Equilibrium-Adjustment Theory of the Fourth Amendment, 125 HARV. L. REV. 476 (2011) (Fourth Amendment doctrine should evolve to help preserve the balance of power between citizen and government in the face of emerging technologies). 309 The appropriate role of custom in law, and how and when custom transforms into something that is cognizable as embodying the force of law, is the topic that is central to a robust debate in the international law context. See Curtis A. Bradley and Mitu Gulati, Withdrawing from International Custom, 120 YALE L.J. 202 (2010) Available at http://www.yalelawjournal.org/the-yale-law-journal/article/withdrawing-from-international-custom/ 310 460 U.S. 276 (1983).


54

to the facts, are not distinguishable in any material way from Jones. Jones’ attorneys relied on a caveat in the Knotts holding that, in effect, preserved an evolution of the jurisprudence. The Knotts Court recognized that if the Court’s decision in that case opened the door to over-intrusive government surveillance, it would be willing to reconsider its holding or at least consider whether different constitutional principles ought to be given play in shaping the result.

Knotts explained that the Fourth Amendment applies where “the person invoking its protection can claim a ‘justifiable,’ a ‘reasonable,’ or a ‘legitimate expectation of privacy’ that has been invaded by government action.”311 Parsing that standard out involves a twofold inquiry: first the Court asks “whether the individual, by his conduct, has ‘exhibited an actual (subjective) expectation of privacy.’”312 Second, the Court asks “whether the individual’s subjective expectation of privacy is ‘one that society is prepared to recognize as ‘reasonable.’”313 The Court elaborated the second prong as asking whether “the individual’s expectation, viewed objectively, is ‘justifiable’ under the circumstances.”314

Thus, and relevantly here, we can characterize the standard as customary in nature insofar as the second prong involves asking whether society would ratify an individual’s expectation of privacy “under the circumstances” in which the individual held it. There is much to be said – and much has been said – about the kind of exercise this forces courts to engage in to delineate the contours of the Fourth Amendment’s protections, but for present purposes it suffices to note that what is reasonable is to some extent contextually defined and, therefore, subject to change as the context changes.

Circumstantial reason leaves ample room for maneuver by litigants but it also allows a Court to maintain a flexible Fourth Amendment doctrine. In the case of Jones, the government argued that the apparent intrusiveness of its increasingly comprehensive surveillance methods is mediated by a public increasingly accustomed to being monitored by new forms of technology. In short, the expectations of privacy are diminishing as people come to understand that they are enmeshed in a weave of various surveillance technologies and voluntarily assent to a number of them. Jones’ attorneys argued expectations of privacy have not morphed to accommodate technological changes exposing individuals to quotidian surveillance at times and in ways that were not considered practicable before. Put differently, and opening the door to the rhetorical play the dystopian genre gains in this jurisprudential discourse, increasingly comprehensive surveillance cannot be socially normalized, cannot become “reasonable” because a society in which such all-encompassing surveillance is the norm is not itself reasonable – i.e., it is something out of 1984.

However, the legal quandary in Jones is how to distinguish Knotts. In Knotts, law enforcement officers were able to discover the location of a secluded amphetamine and methamphetamine drug laboratory by enclosing a transmitting device in a can of chloroform sold to one of the defendants. The car carrying the chloroform transmitted beeping signals enabling police to track the car even after pursuing agents abandoned a physical tail.315 The government in Jones argued that GPS is simply a more technologically efficient and advanced beeper—the GPS device is simply a super-beeper.

311 460 U.S. at 280. 312 Id. at 281 (quoting Justice Harlan’s concurrence in Katz v. United States, 389 U.S. 347, 361 (1967)). 313 Id. 314 Id. (quoting Katz, at 353). 315 460 U.S. at 278.


55

In issuing the Knotts decision, the Court concluded there was no Fourth Amendment violation. It began noting that the beeper provided nothing other than locational information, explaining that the “governmental surveillance conducted by means of the beeper in this case amounted principally to the following of an automobile on public streets and highways.”316 Because a car driving down the road is subject to public scrutiny, one cannot reasonably expect their location to be private: “A person travelling in an automobile on public throroughfares has no reasonable expectation of privacy in his movements from one place to another.”317 As the Court noted, by driving on the road, one is submitting to “[v]isual surveillance,” but one does not expect, necessarily, to constantly transmit their location to the public through means of an electronic beeper. But the Court refused to find something qualitatively different between old-fashioned eye-balling and electronic surveillance: “Nothing in the Fourth Amendment prohibited the police from augmenting the sensory faculties bestowed upon them at birth with such enhancement as science and technology afforded them in this case.”

Thus, according to the Court, technology that amplifies the capacity to see what could be seen in any event by the naked eye does not alter the Fourth Amendment analysis.318 For example, using a searchlight to explore the deck of a ship only reveals information that was already available to the naked eye, albeit under limited conditions (i.e., during the day to a person situated to survey the deck).319 Similarly, use of a phone entails surrendering to public view (more specifically, the view of the phone company) the number dialed because the “switching equipment that processed those numbers is merely the modern counterpart of the operator who, in an earlier day, personally completed calls for the subscriber.”320 Thus the fact that the human element might drop out completely, rendered obsolete by technological improvements, is a distinction without a difference.

The automation of surveillance makes feasible a quantitative increase in the surveillance to which a person can be subject without in any way altering a person or society’s expectations regarding the circumstances in which it is reasonable to expect not to be observed. Thus, in Knotts there was no basis to sanction the use of a beeper that continuously transmits locational information to the police as long as there was no expectation of privacy regarding such locational information in the first place. In other words, “scientific enhancement . . . raises no constitutional issues which visual surveillance would not also raise.”321

That should have been the end of the matter in Knotts, but the Court did see fit to entertain a parade of horribles argument that, based on the reasoning of the case, should have been off-point: “Respondent does not actually quarrel with this analysis, though he expresses the generalized view that the result of the holding sought by the government would be that ‘twenty-four hour surveillance of any citizen of this country will possible, without judicial knowledge or supervision.”322 The Court observed that alleging that the police are becoming more effective fails to state a constitutional claim, but it also noted that “the reality hardly suggests abuse,” and then reserved for another day reconsideration should the proposed scenario appear anything less than hysterical or overblown: “if such dragnet type law enforcement practices as respondent 316 Id. at 281. 317 Id. 318 By contrast, technology that provides new capacities can invade Fourth Amendment protections. E.G. cite the heat vision case. 319 Knotts at 281 (citing United States v. Lee, 2 74 U.S. 559, 563 (1927)). 320 Knotts citing 442 U.S. at 744-45. 321 Id. at 285. 322 Id. at 283.


56

envisions should eventually occur, there will be time enough then to determine whether different constitutional principles may be applicable.”323

The Knotts Court suggested in other words that the newly-developed principle could be revisited should circumstances change and at that juncture, the Court might scrutinize other constitutional principles to discover a means of limiting the conduct Knotts appears to sanction. That vagueness sufficed because the Court did not take seriously the hypothetical proffered by Knotts regarding the flowering of a dragnet scheme of 24/7 surveillance tracking individuals. But by 2010, the D.C. Circuit had concluded that Knotts’ hypothetical was now the reality and at oral argument, Justice Breyer could observe to government counsel: “[I]f you win this case then there is nothing to prevent the police or the government from monitoring 24 hours a day the public movement of every citizen of the United States.”324

C. U.S. v. Jones & the Future of Cybersurveillance Jurisprudence

1. Nothing Has Changed Since U.S. v. Knotts

Jones picks up where Knotts left off and, from the perspective on offer from the government, is indistinguishable from it. Law enforcement agents attached a GPS device to Antoine Jones’ jeep while he had left it in a public parking lot in Maryland. The device was left on his vehicle for the next four weeks. During that time, the device, at ten-second intervals calculated and transmitted the vehicle’s precise location to law enforcement computers that recorded and stored the data transmitted. Thus, the government over the course of a month amassed precise and comprehensive locational data concerning the whereabouts of Jones’ jeep every ten seconds. Tracking the jeep enabled the government to discover the whereabouts of a stash house containing large amounts of narcotics.

Understood within the framework of just the facts of the case, Jones is, as the government contends, indistinguishable from Knotts. The GPS device did not provide information about what was inside Jones’ jeep or conversations or activities carried out while in the jeep. It merely transmitted locational data on a constant basis. Knotts made clear that there was no reasonable expectation of privacy with regard to the location of a vehicle driving along public roads since such a vehicle was exposed to the general public. The GPS device operated similarly to the beeper device in Knotts except that it made feasible long term comprehensive surveillance whose results were automatically recorded as data subject to law enforcement review at their convenience. Knotts went out of its way to establish that technological innovation that amplified surveillance capacities did not raise any constitutional issues provided the surveillance was restricted to movements occurring with no reasonable expectation of privacy. Justice Alito, in his concurrence, objected to the fact that majority “accepts the holding in United States v. Knotts” and instead chose to “decide this case based on 18th-century tort law.”325 Thus, the government held its position by articulating distinctions drawn by the Supreme Court in the past: public v. private spaces in Knotts; interference with possessory interests v. technical trespasses in United States v. Karo;326 open fields doctrine v. trespass law violations in Oliver v. 323 Id. at 284. 324 Jones oral argument transcript at 13, available at www.supremecourt.gov/oral_arguments/transcripts/10-1259.pdf. 325 Jones at __ (Alito, J., concurring). 326 468 U.S. 705 (1984).


57

United States;327 etc. The government explained that “there are enclaves of Fourth Amendment protection that this Court has recognized[,]” and that the usage of the GPS technology at issue in Jones does not fall within these specified enclaves.328 The government also reminded the Court that is has previously dealt with surveillance technology that at the time of the Court’s contemplation “seemed extraordinarily advanced[.]”329

Thus, in Jones, the Deputy Solicitor General, Michael Dreeben, explained to the Court: “If this Court agrees with principles in Knotts and Karo and applies them to this case, the [privacy] remedy is through legislation.”330 Congress indeed has taken action to protect privacy interests legislatively in light of advancing electronic communication technologies.331 The “privacy mosaic theory” advanced by the D.C. Circuit to preserve the Fourth Amendment’s protections in Jones was met with the government’s counter-theory, an “investigation mosaic theory.” The government argued that the point of any investigation is to piece together a mosaic and that the Court has allowed the government in the past to utilize tools to build that mosaic. GPS is not the only tool that helps in the development of the mosaic, the government explained. “So does a pen register, so does a garbage pull. So does looking at everybody’s credit card statement for a month. All of those things this Court has held are not searches.”332 Concluded the government during Jones oral argument: “If this Court believes that there is an excessive chill created by an actual law or universal practice of monitoring people through GPS, there are other constitutional principles [such as Equal Protection Clause and the First Amendment] that are available.”333 Second: “[I]f the Court believes that there needs to be a Fourth Amendment safeguard as well [as a legislative one], we have urged as a fallback position that the Court adopt a reasonable suspicion standard[.]”334

2. Expectations of Privacy Adapting to Efficiencies of Technology

While the D.C. Circuit’s holding rested within the Knotts framework, the argument before the Court seemed to proceed in a different direction. The Justices seemed to be wrestling with the notion of whether Knotts was itself reasonable in the modern age of surveillance. The argument cuts both way. One avenue, advanced briefly by the government at oral argument, contended that what is reasonable is subject to change and that as technology like a GPS become normalized, expectations of privacy will alter to accommodate them. Put differently, the reasonable expectation of privacy exists in an increasingly diminished sphere as the public itself grows to embrace technologies that effectually turn the private into public. Thus, the Deputy Solicitor General, Michael Dreeben, advances this line of defense at the Jones argument:

Mr. Chief Justice, advancing technology cuts in two directions. Technological advances can make the police more efficient at what they do through some of the examples that were discussed today: cameras, airplanes, beepers, GPS. At the

327 466 U.S. 170 (1984). 328 Jones oral argument transcript at 13, available at www.supremecourt.gov/oral_arguments/transcripts/10-1259.pdf. 329 Id. 330 Id.at 12. 331 Electronic Privacy Communications Act of 1986, codified in 18 U.S.C.A.§ 2510. 332 Jones oral argument transcript at 16, available at www.supremecourt.gov/oral_arguments/transcripts/10-1259.pdf. 333 Id. at 23. 334 Id. at 26.


58

same time, technology and how it’s used can change our expectations of privacy in the ways that Justice Alito was alluding to. Today perhaps GPS can be portrayed as a 1984-type invasion, but as people use GPS in their lives and for other purposes, our expectations of privacy surrounding our location may also change. For that –335

At that point, however, the Deputy Solicitor General was cut off – because the thrust of the argument was clear. And unacceptable:

Justice Kagan: Mr. Dreeben, that – that seems too much to me. I mean, if you think about this, and you think about a little robotic device following you around 24-hours a day anyplace you go that’s not your home, reporting in all your movements to the police, to investigative authorities, the notion that we don’t have an expectation of privacy in that, the notion that we don’t think that our privacy interests would be violated by this robotic device, I’m – I’m not sure how one can say that.336

Yet, it is worth noting that Justice Kagan’s concerns do not register a problem under Knotts. If the “robotic device following you around” is observing nothing other than what could be observed by a bystander, then the fact of automation is itself a distinction without a difference under Knotts. But Justice Kagan is not attempting to articulate a legal principle here; she is rehearsing a set of circumstances that appear intuitively unacceptable – dystopian.

Justice Alito’s concurrence (in which Justice Kagan joined) recognized the potentiality of the “reasonable expectation” test to actually accommodate ever increasing government intrusiveness. Justice Alito noted that the “hypothetical reasonable person” is presumed to have a “well-developed and stable set of privacy expectations. But technology can change those expectations.”337 People accept diminished privacy as a “tradeoff” for the “increased security and convenience” of new technology and “even if the public does not welcome the diminution of privacy that new technology entails, they may eventually reconcile themselves to this development as inevitable.”338

3. Preserving Reasonable Expectations in an Unreasonable Surveillance State

Unlike the D.C. Circuit, which had relied upon a digital mosaic theory, the Jones Court did not seem to have any clear direction on how to distinguish Knotts. Put differently, the argument did not seem to take issue with the fact that Jones had no reasonable expectation of privacy when traveling on public thoroughfares. Instead, as noted above, it was the aspects of the case that Knotts had held immaterial that seemed most objectionable in Jones: that the surveillance was automatic and effortless, and that it was all encompassing. The context in which an average individual continued to have no reasonable expectation of privacy had changed between Knotts and Jones: the "national surveillance state" had become itself unreasonable.

Justice Alito’s concurrence does not fully explain how he would have resolved the case, however, he offers a critical shift away from privacy and towards intrusion: “The best that we can do in this case is apply existing Fourth Amendment doctrine and to ask whether the use of GPS tracking in a particular case involved a degree of intrusion that a reasonable person would

335 Id. at 57. 336 Id. 337 Jones at __ (Alito, J., concurring). 338 Id.


59

not have anticipated.”339 It is not clear that existing Fourth Amendment doctrine is actually being applied in this formulation since “intrusiveness” does not necessarily equate to a reasonable expectation of privacy. Further, what constitutes over-intrusive surveillance remains unelaborated. Indeed, Justice Alito's concurrence avoids these questions by invoking a certitude that the Fourth Amendment bars the government’s conduct: “We need not identify with precision the point at which the tracking of this vehicle became a search, for the line was surely crossed before the 4-week mark.”340 That certitude, which enables the analysis to proceed without elaboration, is precisely the hallmark of the invocation of the dystopian genre during argument: except in the context oral argument, it marked the certitude that something improper was before the Court while betraying uncertainty as to exactly why, legally speaking, the Constitution is offended. In the context of Justice Alito’s concurrence, it enables an ipse dixit assertion that the Fourth Amendment is offended, while leaving it to later cases to parse out just when the government’s surveillance transforms into an unreasonable search due to unreasonable intrusiveness rather than due to an unreasonable privacy violation.

The Jones argument had several moments where the Justices recognized that they were faced with an unreasonable state of affairs without the ability to articulate a legal doctrine that is violated by its presence. Here is Justice Breyer, early in the argument, speaking to the government’s counsel:

If you win this case then there is nothing to prevent the police or the government from monitoring 24 hours a day the public movement of every citizen of the United States. And – and the difference between the monitoring and what happened in the past is memories are fallible, computers aren’t. And no one, at least very rarely, sends human being to follow people 24 hours a day. That occasionally happens. But with machines, you can. So if you win, you suddenly produce what sounds like 1984 from their brief. I understand they have an interest in perhaps dramatizing that, but – but maybe overly. But it still sounds like it.341

Justice Scalia pointed out that this tack was flawed in that while it painted an unpleasant scenario, it failed to offer a legally cognizable constitutional problem. With characteristic cutting wit he interjected at a later point in argument: “Well, it must be unconstitutional if it’s scary. I mean, what is it, the scary provision of what article?”342 Yet for all that, the Justices were uninhibited. Thus, Justice Breyer was unabashed in explaining the stakes: “What would a democratic society look like if a large number of people did think that the government was tracking their every movement over long periods of time?”343

Justice Ginsburg articulated, without being able to resolve, the problem of how reasonable expectations of privacy as set forth in current Court doctrine can lead to altogether unreasonable results in the context of current surveillance capabilities:

But the Fourth Amendment protects us against unreasonable searches and seizures. And if I were to try to explain to someone, here is the Fourth Amendment, the Fourth Amendment says – or it has been interpreted to mean that

339 Id. 340 Id. 341 Jones oral argument transcript at 13, available at www.supremecourt.gov/oral_arguments/transcripts/10-1259.pdf. 342 Id. at 37. 343 Id. at 24.


60

if I’m on a public bus and the police want to feel my luggage, that’s a violation, and yet this kind of monitoring, installing the GPS and monitoring the person’s movement whenever they are outside their house in the car is not? It just – there is something about it that, that just doesn’t parse.344

In other words, the Court was faced with this conundrum: If the Court's reasonable expectation of privacy jurisprudence is explained to a reasonable person, in this context, warrantless 24/7 surveillance does not appear reasonable. Justice Roberts takes up this point at another juncture in the Jones oral argument:

You can see, though, can’t you, that 30 years ago if you asked people does it violate your privacy to be followed by a beeper, the police following you, you might get one answer, while today if you ask people does it violate your right to privacy to know that the police can have a record of every movement you made in the past month, they might see that differently?345

Justice Roberts articulated distinctions that do not make a difference under Knotts. He is intuitively asserting, however, that the average person on the street would assent to the notion that such a scenario would constitute a Fourth Amendment violation.

Table 15. Examples of Invisible National Security Dataveillance & Cybersurveillance

Program Agency or Organization Purpose

Echelon National Security Agency (NSA)

An estimated minimum of 120 satellites monitor phone calls, emails, and other electronic communications on daily basis. Five countries (U.S., U.K., Australia, Canada, and New Zealand) are linked directly to NSA. Voice recognition capability enables the filtering of billions of international communications for key words or word patterns that are programmed into system.346

Recorded Future347 CIA-Google (joint venture) Google and In-Q-Tel/CIA funded venture that “uses [predictive] analytics to scour Twitter, blogs and websites” for personal information which is used to “assemble

344 Id. 345 Id. at 4. 346 Jason Leopold, Revisiting Echelon: The NSA’s Clandestine Data Mining Program, The Public Record (July 15, 2009), http://pubrecord.org/nation/2290/revisiting-echelon-nsas/. 347 www.recordedfuture.com (last visited Feb. 28, 2012).


61

real-time dossiers on people.”348

Tempest NSA “[O]perated by satellite, is capable of reading computer monitors, cash registers and automatic teller machines [ATMs][.]”349

Einstein 3350 DHS & NSA “Einstein 3's predecessors focused on intrusion detection, allowing analysts to scan records of connections to agencies’ systems and use signatures to scan network traffic for cyber threats. Einstein 3 would add the ability to prevent those intrusions.”351

Perfect Citizen352 NSA “[Perfect Citizen] would rely on a set of sensors deployed in computer networks for critical infrastructure that would be triggered by unusual activity suggesting an impending cyber attack[.]”353

Future Attribute Screening Technology (FAST)354

DHS “DHS tests project to screen people for behaviors linked to

348 Noah Schachtman, Exclusive: Google, CIA Invest in ‘Future’ of Web Monitoring, Wired: Danger Room (July 28, 2010, 7:30 PM), http://www.wired.com/dangerroom/2010/07/exclusive-google-cia. 349 Id. 350 For an extensive discussion on the Einstein Program and its impact on the Fourth Amendment, see Jack Goldsmith, The Cyberthreat, Government Network Operations and the Fourth Amendment, Brookings Governance Studies at Brookings (Dec. 8, 2010) available at www.brookings.edu/papers/2010/1208_4th_amendment_goldsmith.aspx. 351 Ben Bain, DHS Releases New Details on Einstein 3Intrusion Prevention Pilot, Federal Computer Weekly (March 19, 2010), http://fcw.com/articles/2010/03/19/einstein-3-test-intrusion-prevention-system.aspx. 352 For a discussion on the surveillance consequences of Perfect Citizen see Jeffrey Rosen, From Perfect Citizen to Naked Bodyscanners: When is Surveillance Reasonable? (Dec. 14, 2010) available at www.cspri.seas.gwu.edu/JeffRosenAbstract.pdf. 353 Siobhan Gorman, U.S. Plans Cyber Shield for Utilities, Companies, Wall Street Journal (July 8, 2010), http://online.wsj.com/article/SB10001424052748704545004575352983850463108.html (“Defense contractor Raytheon Corp. recently won a classified contract for the initial phase of the surveillance effort valued at up to $100 million.”). 354 The Future Attribute Screening Technology program is a “voluntary” and “test pilot” program that is attempting to use multiple cybersurveillance and dataveillance techniques to predict crime and terrorism before it occurs. See http://www.dhs.gov/files/programs/gc_1218480185439.shtm.

http://online.wsj.com/article/SB10001424052748704545004575352983850463108.html


62

violence or crime before it happens.”355

Conclusion

The Jones Court held that GPS tracking devices are subject to the tort doctrine of trespass and may not be surreptitiously placed on a person’s effects without his or her consent, at least without a warrant. Yet, with RFID tracking technology being utilized in IDs such as driver's licenses and passports, persons will increasingly consent to GPS-like tracking by virtue of applying for and agreeing to carry and produce IDs. Thus, the Court’s holding in Jones has only temporarily avoided the thornier question of whether the Court’s “reasonable expectation of privacy” doctrine under the Fourth Amendment will pose any meaningful restraints on the government’s growing virtual cybersurveillance capacities since no warrant will be needed, and no trespass will be found, as invisibly non-invasive and remotely-conducted surveillance technologies continue to progress.

The government already has in place numerous cybersurveillance technologies and dataveillance programs that are utilized purportedly to further national security, and immigration and crime control purposes. Moreover, with popular support for identity management programs increasing, and with biometric ID credentialing and identity management systems considered by the political branches as the most efficacious solution to “secure the border” and combat terrorism, the presence of identity credentialing-based cybersurveillance and database-driven dataveillance technology will soon become thoroughly entrenched. Indeed, the momentum for adopting of these technologies into current legislation is building, as evidenced by proposals such as BELIEVE, the most recent comprehensive immigration reform plan recommended by Congress,356 and the Legal Workforce Act of 2011,357 proposed in the wake of the Court’s decision in Whiting which would mandate E-Verify database screening nationally—both which embed within the legislative proposals the implementation of a national biometric ID system.

Yet, Jones left open the question of whether the judicial branch will now have any meaningful role to play in placing restraints on cybersurveillance and dataveillance, or whether such efforts should be left to the political branches. In Jones, the government argues that societal expectations of reasonableness are shaped by and eventually conform to technological advances that are increasingly intrusive and comprehensively invasive. In other words, “reasonable expectations of privacy” will change as new technologies are adopted that allow for the increased sharing of personally identifiable information with the government and corporate third parties--cellular telecommunication companies, internet search engines, online transactions, email providers, etc. If accepted, this argument implies that as cybersurveillance is normalized and integrated into our day-to-day lives, warrantless GPS tracking will appear to be less and less unreasonable because “reasonable expectations of privacy” will likely diminish over time, given current trends in both the public and the private sectors. 355 Elizabeth Montalbano, Homeland Security Tests Crime Prediction Tech, Information Week (Oct. 11, 2011) available at http://www.informationweek.com/news/government/security/231900555. 356 See, e.g., Froomkin and Weinberg, Hard to BELIEVE, supra n. 3. 357 H.R. 2885: “Legal Workforce Act” (Sept. 12, 2011) introduced by Lamar Smith (R-TX), available at http://www.govtrack.us/congress/billtext.xpd?bill=h112-2885 (mandating national expansion of E-Verify, and online employment eligibility verification system that purports to verify identity and citizenship status through government database screening).


63

At the same time, mounting effective judicial challenges to this burgeoning web of government and private cybersurveillance and dataveillance in an attempt to establish some means of accountability thus far appears an imposing task, underscoring the limitations of Fourth Amendment jurisprudence and existing privacy law doctrine. While the Court in Nelson downplayed, even ridiculed, the privacy challenge, it also confirmed that the potentiality for abuse and over-intrusiveness on the part of the government remains real. Meanwhile, the HSPD-12 credentialing program which the Court concluded posed no privacy issues could itself serve as a biometric ID credentialing protocol and biometric-based dataveillance policy that could establish a future prototype for the political branches. Such ID cards exponentially enhance comprehensive dataveillance capacities, facilitating data screening through multiple databases, both private and public, including criminal, health, education, consumer, transportation, and financial databases. The long-term impact of recently-introduced identity management technologies that are predominantly database-driven are yet to be fully known.

NASA v. Nelson, therefore, marked a largely failed effort to raise and defend privacy interests in the context of government-issued IDs. Government efforts to acquire and accumulate personal information in databases, and conducting dataveillance as a result of this collection, is occurring outside the context of employee background checks as well. They are playing a central role in government efforts to monitor and deter illegal immigration, criminal activity and, of course terrorism. Because HSPD-12 may now give the green light to the development of a Biometric National ID Card program, the precedent established by NASA v. Nelson may turn out to be something more than an inconsequential or “ridiculous” anomaly: it potentially marks the beginning of efforts by increasingly affected private citizens to seek the judicial branch’s aid in sorting out the limits of the dataveillance of private citizens. Thus, as the technology becomes widely accepted and the programs requiring government issued IDs more widespread, better vehicles for litigating privacy issues will come before the Court.

The Court’s Fourth Amendment doctrine, therefore, must now evolve in the face of modern surveillance technology to bring the jurisprudence into line with the cultural limits of acceptable government intrusion which is marked, in the moment of its transgression, as Orwellian. The Justices during the Jones oral argument recognized and rejected the theory of a technologically-driven devolution of the Fourth Amendment that seemed to be proffered by the government: that the protections against unreasonable searches and seizures will logically diminish proportionally to the advances in the technology which make such searches and seizures appear reasonable. This result led the Justices during the Jones oral argument to consider such a result to be an “omen of 1984.”

As a result, tellingly, the Jones argument revealed an assessment of “reasonable expectations of privacy” is quickly in the process of transforming into something akin to a “reasonable tolerance of government intrusiveness” standard. This evolving standard marks a discursive shift in the privacy law discourse, and may signal a more appropriate standard is likely forthcoming by the Court as the assessment of privacy reasonableness from an individual or societal point of view may become less and less feasible in light of the virtual intrusiveness of invisible surveillance, and as more and more data is shared by ordinary citizens with the government and third parties during the course of normal day-to-day activities. Such a transformation thus demands a contemplation of cultural norms and privacy customs that embody both objective and subjective standards of reasonableness under the Fourth Amendment doctrine, requiring the determination of whether such surveillance violates privacy customs in a manner that the Fourth Amendment prohibits.


64

Such an evolution of the doctrine is particularly critical in light of the coming dawn of biometric-RFID/GPS ID credentialing and identity management systems. Advancing technologies, like digitalized biometric ID cards, may normalize and invisibly integrate surveillance into the daily lives of citizens. Yet, providing a surveillance device that facilitates seamless and virtual accumulation, aggregation and analysis of biometric data, and interfacing this data with other databases—civilian, criminal, and national security intelligence, as well as from the private sectors—forces a reconceptualization of reasonable expectations of privacy under the Fourth Amendment’s prohibition against unlawful searches and seizures; a right to informational privacy; and a zone of privacy that legal scholars contend are contemplated under a “penumbral” right to privacy “emanating” from the constitution as set forth by other rights-based amendments. Consequently, Fourth Amendment jurisprudence which limits government surveillance of citizens based on their “reasonable expectations of privacy” must evolve if it is to remain relevant in the face of new surveillance technologies and techniques. That jurisprudence must take into account privacy customs and a normative “reasonable tolerance of government intrusiveness” standard when intrusions concern interests not currently regarded as “private” under the Court’s current Fourth Amendment doctrine.

law.duke.edu · With the emergence of new technologies, such as digitalized biometric...

Documents

Transcript of law.duke.edu · With the emergence of new technologies, such as digitalized biometric...