Updated COPPA Rules Coalition Ltr to FTC

December 22, 2011
Federal Trade Commission
Office of the Secretary
Room H-113 (Annex E)
600 Pennsylvania Avenue, N.W.
Washington, DC 20580
Re: COPPA Rule Review, 16 CFR Part 312, Project No. P-104503
The undersigned privacy and consumer organizations write today to applaud the Federal TradeCommission (FTC) for updating the privacy safeguards in the Children’s Online PrivacyProtection Act (COPPA) rule by expanding the definition of personal information, limiting the duration information is retained, and improving the mechanisms for protecting this personal information. We urge the Commission not only to implement these safeguards as part of any final rulemaking but also to seek opportunities to go beyond young people and push, through Commission reports and use of the Commission’s authority under section 5, to apply these privacy protections to internet users of all ages.
Information collection online has become a robust ecosystem where marketers and others gather,link, and store information on consumers, both children and adults, for a variety of purposes. A detailed picture of consumer habits and behaviors emerges from these efforts. A third partycreates and holds a detailed dossier of an individual consumer’s interests, reading habits, friendsand family, financial status, health information, religious and political affiliation. Such a dossierexists largely outside a consumers control and knowledge.
As the FTC rightly recognizes, two identifiers play a key role in the information collectionprocess. Internet Protocol (IP) information (derived from internet addressing and routinginformation) and persistent cookies (a unique identifier assigned by the website) create a directlink between individuals and their online activities. IP addresses and cookies have the sameutility as a name, postal address or social security number in identifying users. These internet identifiers assist in ascertaining the websites consumers visit, in tracking consumer movementsacross the internet, and in collecting private and often sensitive information such as personalinterests, banks, and online accounts. By recognizing the role that these two identifiers play inidentifying consumers online, the Commission is taking the first step toward allowing consumers to regain control over their online information.
We approve also of the provision in the proposed rule including geo-location information withinthe definition of personal information to be protected. The FTC’s inclusion of geo-location information is an important recognition of the growing breadth and scope of consumer data. Location enabled devices, including cell phones and laptops, and data derived from them, suchas geo-tagged photos and logs of individual movements from location based services, arebecoming ubiquitous. Such devices and data provide not only the ability to identify individualsbut also a wealth of new information about them.
The proposed rule correctly identifies a third area, a data retention standard, which requires broader protections. For the first time the Commission has proposed a COPPA requirement tohold personal information no longer than reasonably necessary to fulfill the purpose for which itwas collected. Deleted information cannot be lost, misused or otherwise harm an individual. This axiomatic fact is why data retention limits are a core privacy value and why it is soimportant that they be part of not only COPPA but any privacy protection regime.
The proposed rule also updates the controls and protections governing consumer personalinformation. The new COPPA safe harbor process would now require any party seeking to use asafe harbor to provide evidence of its ability to enforce compliance, a full text of all compliancerequirements, and the provision of independent compliance audits. Website operators would alsohave to assure consumers that if the operators share information with third parties, the third parties would take reasonable measures to protect the confidentially and security of consumerinformation. Such requirements help assure that any safe harbor provides not just theoreticalprotection for consumers but actual, enforced safeguards for their personal information.
We applaud the Commission for these proposed improvements to COPPA and urge the FTC toinclude them in the final rule and, to the greatest extent possible, expand these protections toevery American.
Sincerely,
American Civil Liberties Union
Center For Digital Democracy
Center for Financial Privacy and Human Rights
Common Sense Media
Consumer Action
Consumer Federation of America
Consumer Watchdog
Electronic Privacy Information Center
PrivacyActivism
Privacy Journal, Robert Ellis Smith, Publisher
Privacy Rights Clearinghouse
Privacy Rights Now Coalition, Remar Sutton, Founder
the FoolProof Initiative
U.S. Public Policy Council of the Association for Computing Machinery (USACM)
World Privacy Forum

Coalition Letter to DHS on Racial Profiling Audit

U.S. Department of Homeland Security
Washington, DC 20528

The Honorable Charles K. Edwards
Acting Inspector General U.S. Department of Homeland Security
245 Murray Drive SW, Building 410
Washington, DC 20528

Re: TSA Racial Profiling Audit

Dear Secretary Napolitano and Mr. Edwards:

December 1, 2011

We, the undersigned organizations, representing diverse communities across the United States, call upon the Department of Homeland Security to promptly undertake a comprehensive publicly-reported audit of the civil rights impact of Transportation Security Administration (TSA) airport screening policies on racial and religious minorities. The time for such an important audit is long overdue.

According to a disturbing news report by KITV-ABC in Hawaii last month, a group of TSA screeners called the “Mexicutioners” by their colleagues deliberately subjected Mexican air travelers to additional questioning and stops at Honolulu International Airport. The allegations are consistent with reports from New Jersey that TSA officers deliberately subjected Mexican and Dominican travelers to extra scrutiny at Newark Airport. Since 2007, Sikh travelers have reported that they are routinely selected for secondary screening at some American airports, even after clearing advanced imaging technology machines without incident.

Prior to your taking office, several of our organizations sent a joint letter to TSA in April 2008 urging adoption of stronger internal controls against racial and religious profiling. Sadly, we did not receive a positive response and therefore proper internal controls against profiling were not put into place. This failure makes it more likely that TSA officers will engage in discriminatory behavior that demeans its victims and undermines our security.

Put simply, we are concerned that the latest reports from Hawaii and New Jersey represent the „tip of the iceberg‟ and that TSA officers are engaged in a wider pattern or practice of profiling racial and religious minorities instead of focusing on actual criminal behavior. In this context, only an independent, publicly-reported audit can reveal the full extent to which TSA officers are violating civil rights and liberties, wasting taxpayer dollars, and undermining national security.

Instead of issuing boilerplate statements against profiling, TSA needs to take effective action to stop it. We hope you will agree and respectfully request that you meet with our organizational representatives as soon as possible to address our concerns.Respectfully submitted,

Adhikaar
Alliance for Immigrants Rights & Reform – Michigan
American-Arab Anti-Discrimination Committee (ADC)
American Civil Liberties Union
Arab American Institute
Arab Resource and Organizing Center
Asian American Justice Center, member of the Asian American Center for Advancing Justice
Asian Law Alliance
Asian Law Caucus
Asian Pacific American Legal Center
Bill of Rights Defense Committee
Blacks in Law Enforcement of America – Washington, DC
Causa Justa :: Just Cause (CJJC)
Center for Financial Privacy and Human Rights
Coalition for Humane Immigrant Rights of Los Angeles (CHIRLA)
Council on American-Islamic Relations
DRUM – Desis Rising Up & Moving
Electronic Privacy Information Center (EPIC)
Interfaith Coalition for Immigrant Rights (CLUE-CA)
Islamic Networks Group (ING)
Japanese American Citizens League
The Leadership Conference on Civil and Human Rights
Muslim Advocates
Muslim Progressive Traditionalist Alliance
Muslim Public Affairs Council
NAACP
National Asian Pacific American Bar Association (NAPABA)
National Center for Transgender Equality
National Council of La Raza (NCLR)
National Network for Arab American Communities (NNAAC)
National Network for Immigrant and Refugee Rights OneAmerica Rights Working Group
Sikh American Legal Defense and Education Fund (SALDEF)
Sikh Coalition South Asian Americans Leading Together (SAALT)
South Asian Network (SAN)
United Sikhs

cc:
Committee on the Judiciary, U.S. Senate
Committee on the Judiciary, U.S. House of Representatives
Committee on Homeland Security and Governmental Affairs, U.S. Senate
Committee on Homeland Security, U.S. House of Representatives
Office for Civil Rights and Civil Liberties, U.S. Department of Homeland Security
Office of Civil Rights and Liberties, Transportation Security Administration

CTC OECD Defunding Letter 2011

COALITION FOR TAX COMPETITION
October 25, 2011
Dear U. S. Senators and U. S. Representatives:
As part of an overall effort to help control the size of government, we believe Americantaxpayers should not subsidize the Organization for Economic Cooperation and Development(OECD).
Even if we had a balanced budget, OECD funding would be contrary to US interests. The Paris-based bureaucracy increasingly promotes a left-wing economic agenda, despite the fact that UStaxpayers contribute nearly one fourth of their annual budget. We have long been disturbed thatthe OECD has a “harmful tax competition” project that seeks to hinder the flow of jobs andcapital to low-tax nations. And since the United States is the world’s biggest beneficiary of international capital flows and tax competition, it is the height of folly for the American taxpayerto subsidize this effort.
We’ve also noticed a disturbing tendency for the OECD to endorse big government positions ondomestic policy issues. The OECD has supported so-called “stimulus” spending, advocated forcap-and-trade regulation, and suggested a value-added tax in the US, just to name a fewexamples. In effect, US taxpayers are subsidizing further advocacy for bigger government andhigher taxes – positions against their own interests.
We look forward to working with you to bring spending under control and to ensure that US taxdollars are allocated in ways that advance America’s interests above all else.
Sincerely,
Andrew F. Quinlan ~ President, Center for Freedom and Prosperity Foundation
Grover Norquist ~ President, Americans for Tax Reform
Stephen J. Entin ~ President, Institute for Research on the Economics of Taxation
Pete Sepp ~ Executive Vice President, National Taxpayers Union
Phil Kerpen ~ Vice President for Policy, Americans for Prosperity
Tom Schatz ~ President, Council for Citizens Against Government Waste
Jim Martin ~ President, 60 Plus Association
John Berlau ~ Director, Center for Investors and Entrepreneurs, Competitive Enterprise Institute
Nicole Neily ~ Executive Director, Independent Women’s Voice
Eli Lehrer ~ National Director and Vice President, The Heartland Institute
Bob Bauman ~ Legal Counsel, The Sovereign Society
Terrence Scanlon ~ President, Capital Research Center
J. Bradley Jansen ~ Director, Center for Financial Privacy and Human Rights
Lew Uhler ~ President, National Tax Limitation Committee
Wayne Brough ~ Chief Economist and Vice President of Research, FreedomWorks
Karen Kerrigan ~ President & CEO, Small Business & Entrepreneurship Council

Comments on DHS 2011 0060 and 0061FINAL

More info here http://www.govexec.com/dailyfed/0811/080811cc1.htm
and here http://www.homelandsecuritynewswire.com/dhss-new-terrorist-database-rankles-privacy-groups
and here http://www.charityandsecurity.org/news/Groups_Oppose_Proposed_Secret_DHS_Watchlist_Database

Thanks to Steve Meyer of Chain of Evidence for the pic and podcast.

Thanks to Monique for the video

Computers Freedom Privacy Conference 2011-Privacy Policies from Monique Altheim on Vimeo.

Listen to the podcast here.

EPIC E-Verify Comments Final 06.08.11

U.S. Dept. of Homeland Security Comments of EPICComments on DHS-2011-030 June 8, 20111

COMMENTS OF THE ELECTRONIC PRIVACY INFORMATION CENTER
Joined By
THE 5-11 CAMPAIGN
THE ALA WASHINGTON OFFICE
THE AMERICAN CIVIL LIBERTIES UNION
THE AMERICAN POLICY CENTER
THE CENTER FOR FINANCIAL PRIVACY AND HUMAN RIGHTS
THE CENTER FOR MEDIA AND DEMOCRACY
THE CYBER PRIVACY PROJECT
THE DEFENDING DISSENT FOUNDATION
THE ELECTRONIC FRONTIER FOUNDATION
THE LIBERTY COALITION
PRIVACY ACTIVISM
UNITED SIKHS
Privacy ExpertCHIP PITTS, Lecturer of Law at Stanford University Law School
to
THE DEPARTMENT OF HOMELAND SECURITY

“Notice of Privacy Act System of Records”DHS-2011-0030

June 8, 2011

By a System of Records Notice (“SORN”) published in the Federal Register on May 9,2011, the Department of Homeland Security (“DHS”) and the United States Citizenship andImmigration Services (“USCIS”) proposed to establish a new system of records for the DHS E-Verify RIDE Program.
1
Pursuant to the DHS notice in the Federal Register, the ElectronicPrivacy Information Center (“EPIC”) along with a coalition of privacy, consumer rights, and

U.S. Dept. of Homeland Security Comments of EPICComments on DHS-2011-030 June 8, 20113

EPIC’s recommendations.
3
Again in Congressional testimony in June 2007, EPIC urgedCongress to strengthen privacy and security safeguards associated with the EEVS the underlyingdatabases.
4
EPIC has analyzed flaws in such systems in a number of reports.
5
EPIC has alsofocused on employment verification systems as part of its “Spotlight on Surveillance” series.
6
The 5-11 Campaign is a not-for-profit grassroots campaign set to repeal nationalidentity laws, laws requiring data surveillance specific to identified persons and/or to fitfully stopall appropriations to implement national identity.The ALA Washington Office was established in 1945 to represent libraries on CapitolHill. The ALA was founded on October 6, 1876 during the Centennial Exposition inPhiladelphia, It was created to provide leadership for the development, promotion, andimprovement of library and information services and the profession of librarianship in order toenhance learning and ensure access to information for all. ALA Washington Office’s currentstrategic plan, ALA Ahead to 2010, calls for continued work in the areas of Advocacy and Valueof the Profession, Education, Public Policy and Standards, Building the Profession, Membershipand Organizational Excellence.The American Civil Liberties Union (“ACLU”)

is the nation’s oldest and largest civilliberties organization with more than half a million members, countless additional supporters and
3
Marc Rotenberg, Exec. Dir., EPIC,
Testimony and Statement for the Record at a Hearing on H.R. 98, the “Illegal Immigration Enforcement and Social Security Protection Act of 2005,” Before the Subcomm. on Immigration, Border Sec., and Claims, H. Comm on the Judiciary
, 109th Cong. (May 12, 2005),
available at

http://www.epic.org/privacy/ssn/51205.pdf.

4
Marc Rotenberg, Exec. Dir., EPIC,
Testimony and Statement for the Record at a Hearing on Employment Eligibility Verification Systems (EEVS) Before the Subcomm. on Social Sec., H. Comm on Ways & Means
, 110thCong. (June 7, 2007), available at http://www.epic.org/privacy/ssn/eevs_test_060707.pdf.

5

See EPIC, Social Security Numbers, http://epic.org/privacy/ssn/; EPIC, Secure Flight,http://www.epic.org/privacy/airtravel/secureflight.html; and EPIC, National ID Cards and the REAL ID Act,http://epic.org/privacy/id-cards/.

6

See EPIC, E-Verify System: DHS Changes Name, But Problems Remain for U.S. Workers
(July, 2007),http://epic.org/privacy/surveillance/spotlight/0707/default.html; EPIC,
National Employment Database Could Prevent Millions of Citizens From Obtaining Jobs
(May, 2007),http://epic.org/privacy/surveillance/spotlight/0507/default.html.

U.S. Dept. of Homeland Security Comments of EPICComments on DHS-2011-030 June 8, 20114

activists, and 53 affiliates across the country. It advocates for individual rights though litigation,lobbying, and public education on a broad array of issues. The ACLU monitors the interplay between cutting-edge technology and civil liberties, actively promoting responsible uses of technology that enhance privacy and freedom, while opposing those that undermine our freedoms and move us closer to a surveillance society.The American Policy Center (“APC”), located in suburban Washington, D.C., is a privately funded, nonprofit, 501(c)(4), tax-exempt grassroots action and education foundationdedicated to the promotion of free enterprise and limited government regulations over commerceand individuals.The Center for Financial Privacy and Human Rights (“CFPHR”), was founded in 2005 todefend privacy, civil liberties and market economics. The Center is a non-profit human rightsand civil liberties organization whose core mission recognizes traditional economic rights as anecessary foundation for a broad understanding of human rights. CFPHR is part of the Libertyand Privacy Network, a non-governmental advocacy and research 501(c)(3) organization.The Center for Media and Democracy is an independent, non-profit, non-partisan, publicinterest organization that focuses on investigating and countering spin by corporations, industryand government; informing and assisting grassroots action that promotes public health, economic justice, ecological sustainability, human rights, and democratic values; advancing transparencyand media literacy to help people recognize the forces shaping the information they receive aboutimportant issues affecting their lives; and promoting “open content” media that enable peoplefrom all walks of life to “be the media” and help write the history of these times.The Cyber Privacy Project Cyber Privacy Project is a non-partisan organization focusingon governmental intrusions against Fourth and Fifth Amendment rights of privacy, particularly
in government databanks and national identification schemes for voting, travel and work, and onmedical confidentiality and patient consent.The Defending Dissent Foundation (“DDF”), founded in 1960, is a national grassrootscivil liberties organization working to protect and advance the right of dissent in the UnitedStates. DDF translates grassroots civil liberties concerns into national policy debate and action;and alerts grassroots activists when civil liberties are threatened; and educates the public, the press and policymakers about the important role dissent plays in a democracy.The Electronic Frontier Foundation (“EFF”) is a member-supported nonprofit civilliberties organization with more than 14,000 members worldwide, dedicated to the protection of citizens’ online civil rights, privacy, and freedom of expression. EFF engages in strategiclitigation in the United States and works in a range of international and national policy venues to promote balanced laws that foster innovation and empower consumers. EFF is located in SanFrancisco, California and has members in 67 countries throughout the world.

The Liberty Coalition works to help organize, support, and coordinate transpartisan public policy activities related to civil liberties and basic rights. We work in conjunction withgroups of partner organizations that are interested in preserving the Bill of Rights, personalautonomy and individual privacy.

Privacy Activism is a non-profit organization whose goal is to enable people to makewell-informed decisions about the importance of privacy on both a personal and societal level. Akey goal of the organization is to inform the public about the importance of privacy rights andthe short and long-term consequences of losing them – either inadvertently, or by explicitlytrading them away for perceived or ill-understood notions of security and convenience.

Social Security numbers, which employees are otherwise not required to provide.
10
In fact,despite the Social Security Administration’s (“SSA”) participation in the E-Verify system, theSSA has previously stated that “[r]epetitive use and disclosure of SSNs in organizational recordkeeping systems . . . multiplies the susceptibility of persons to potential identity theft.”
11
Employers submit their employees’ SSNs to the Department of Homeland Security, as well asother personal information the employee provides through a “Form I-9″ questionnaire.
12
The Department matches the information it receives against E-Verify’s databases, populated with records from the SSA’s “Numident” System.
13
The Numident master file is arecord of personally identifying information (“PII”) including name, date of birth, and SSN.
14
The information is provided to the government by SSN applicants on Form SS-5 “Applicationfor a Social Security Number.”
15
The Department also uses the E-Verify system to matchemployee information against any number of the twenty-one databases maintained by DHS andother federal agencies.
16
These additional databases contain signatures, fingerprints, photoimages, immigration statuses, addresses, changes of address, prior visa issuances or refusals, andgovernment benefit eligibility data.
17
In its System of Records Notice, the Department providesan example of database verification.
18
An employee who provides an “Alien Number” wouldtrigger an agency search into the USCIS Central Index System (“CIS”) and a photo match with
10
May 9, 2011 System of Records Notice at 26739.

11
Soc. Sec. Admin.,
Avoid Identity Theft: Protect Social Security Numbers
,
available at

http://www.ssa.gov/phila/ProtectingSSNs.htm.

12
May 9, 2011 System of Records Notice at 26739.

13
May 9, 2011 System of Records Notice at 26739-40.

14
S
OCIAL
S
ECURITY
A
DMINISTRATION
,

T
HE
S
OCIAL
S
ECURITY
A
DMINISTRATION
‘
S
I
MPLEMENTATION OF THE
E-V
ERIFY
P
ROGRAM FOR
N
EW
H
IRES
,

A
UDIT
R
EPORT
A-03-09-29154,

O
FFICE OF THE
I
NSPECTOR
G
ENERAL
N.2

(2010).

15

Id
.

16
May 9, 2011 System of Records Notice at 26740. U. S. Citizenship and Immigration Services, Dept. of Homeland Security, E-Verify Program Privacy Impact Assessment 20-24 (May 4, 2010)..

17
U. S. Citizenship and Immigration Services, Dept. of Homeland Security, E-Verify Program Privacy ImpactAssessment 20-24 (May 4, 2010)..

18
May 9, 2011 System of Records Notice at 26740.

U.S. Dept. of Homeland Security Comments of EPICComments on DHS-2011-030 June 8, 20118

an Employment Authorization Document (“EAD”) image.
19
If DHS concludes that its searchthrough these databases “verif[ies] the employee’s employment eligibility,” the agency sends theemployer an “Employment Authorized” notification.
20
If not, the employer receives a”Verification in Process” response, and the Department undertakes further review.
21
The Department’s current proposal would add a new E-Verify database against which tocheck employee information.
22
The new database would merge federal background check records with state driver license data sets. The agency proposes to use AAMVAnet, described inthe SORN as a “secure framework.” In 2006, the Department of Transportation stated thatAAMVAnet is “based on outdated, 1980’s-vintage technology.”
23
If employees present their employers with state drivers’ licenses or permits, or state identification cards for those who donot drive, the Department proposes to check the identification document against the newdatabase of state motor vehicle records, which the agency proposes to aggregate through”voluntary” state participation.
24
Only one state, Mississippi in 2009, has voluntarily granted E-Verify access to itsresidents’ information.
25
Forty nine states have refused, likely on grounds EPIC identified inCongressional testimony regarding E-Verify: “[p]rivacy is better safeguarded by storing data inmultiple, decentralized locations, and only when necessary.”
26
As EPIC has highlighted in the
19

Id
.

20

Id
.

21

Id.

22
May 9, 2011 System of Records Notice.

23
U.S. Dep’t of Transp., FY 2006 E-Government Act Report (2007), available athttp://www.dot.gov/webpoliciesnotices/dotegovactreport2006.htm.

24

Id.
at 26738.

25
U. S. Citizenship and Immigration Services, Dept. of Homeland Security, E-Verify RIDE Privacy ImpactAssessment Update 10 (May 6, 2011).

26
Employment Eligibility Verification Systems (EEVS): Hearing Before the Subcomm. on Social Security of theH. Comm. on Ways and Means, 110th (2007) (statement of Marc Rotenberg, President, Electronic PrivacyInformation Center) at 4..

19 p.
19 p.
1 p.
18 p.
4 p.
34 p.
13 p.
20 p.
22 p.
2 p.
63 p.
2 p.
1 p.
2 p.
1 p.
1 p.
1 p.
2 p.
1 p.
2 p.
1 p.
1 p.
1 p.
2 p.
1 p.

Group Letter Opposing Grimm Draft Bill to Weaken SEC and CFTC Whistle Blower Programs“>SEC Whistleblower letter

May 24, 2011
Chairman Spencer Bachus
Ranking Member Barney Frank
House Committee on Financial Services
Chairman Scott Garrett
Ranking Member Maxine Waters
Subcommittee on Capital Markets, Insurance, and Government-Sponsored Enterprises
House of Representatives
Washington, DC 20512
RE: Draft bill proposed by Representative Grimm to amend the whistleblower incentives andprotections programs at the SEC and CFTC

Chairman Bachus, Ranking Member Frank, Subcommittee
Chairman Garrett and SubcommitteeRanking Member Waters:
We are writing to express our opposition to the proposals in a draft bill by RepresentativeMichael Grimm (R-NY) to amend the whistleblower award programs at the Securities andExchange Commission (SEC) and Commodity Futures Trading Commission (CFTC). The Grimm draft bill is an extreme approach that would silence would-be whistleblowers, endangercritical inside informants, undermine investigations, hamstring enforcement at the SEC andCFTC, and provide lawbreaking financial firms with an escape hatch from accountability.
The whistleblower programs the Grimm draft seeks to upend are based on America’s mosteffective anti-corruption statute, the False Claims Act, which has returned more than $27 billiontaxpayer dollars since 1987. Under sections 748 and 922 of the Dodd-Frank Wall Street Reformand Consumer Protection Act, the CFTC and the SEC can compensate whistleblowers whosedisclosures lead to enforcement actions with penalties of $1 million or more. Like the False Claims Act right to file lawsuits on behalf of taxpayers to challenge fraud in governmentcontracts and share the recovery, these programs are designed to allow the enforcement agenciesto create partnerships with insiders with critical knowledge of large-scale corporate misconductto better protect taxpayers.
Our groups strongly support the new whistleblower award programs at the SEC and CFTC enacted in the Dodd-Frank Wall Street Reform and Consumer Protection Act because incentivesand protections for whistleblowers are a solid investment in strengthening the SEC and CFTC’sability to monitor securities and commodities markets and enforce the law with their far toolimited resources. Indeed, these whistleblower programs are needed now more than ever to avertanother Wall Street collapse and to monitor speculation on today’s run-away oil prices.
The SEC and CFTC are on the verge of issuing their final rules to implement these programsafter carefully considering the concerns of all stakeholders—including the regulated industries—through a robust rulemaking process. Even though the agencies have not yet fully implementedthe programs, Chairman Schapiro recently noted that since creating the SEC whistleblower office, the SEC has seen a “significant increase in high-quality tips.” In other words, Section 922of the Dodd-Frank Act is already bearing fruit.
The Grimm draft bill would gut the whistleblower programs before they begin, and resemblesthe proposals made by industry without consideration for the stakeholders the whistleblowerrules are designed to protect: investors and taxpayers. There are no evidence-based improvements to investigations and enforcement or whistleblower program best practices to befound in the proposal. Instead, the Grimm draft bill would:
• Tip off lawbreakers by requiring whistleblowers to report internally before going to theSEC or CFTC, and requiring the SEC to provide notification before taking enforcementaction based on a whistleblower disclosure. This would permit lawbreaking companies tothwart SEC enforcement actions by intimidating witnesses and destroying or alteringevidence. Most companies acting in good faith with strong compliance programs canexpect employees to report internally first without such requirements. These requirementsonly serve lawbreakers.
• Disqualify many would-be whistleblowers by denying incentives and awards to anywhistleblower with a contractual obligation to cause the employer to investigate orrespond to the misconduct or violations. This provision would allow employers to denyaccess to the incentives and awards created by the new law to any and all employeessimply by having them sign an employment agreement containing language stating thisobligation. It also would give the SEC and CFTC the ability to claim a whistleblower wasculpable and deny an award without any specific criteria or due process for making thatdetermination.
• Deny anonymity and counsel by prohibiting contingency fee representation of whistleblowers. According to Dodd-Frank, anonymity is only an option if thewhistleblower is represented by counsel, and most whistleblowers cannot affordrepresentation unless it is on contingency. Therefore the Grimm draft bill would denyanonymity to nearly all whistleblowers, and severely undermine the efficacy of theprogram.
• Remove the incentive to inform regulators by eliminating a minimum awardrequirement and giving the SEC and CFTC the discretion to give whistleblowers nominalawards. Whistleblowers put their livelihoods at great risk and make enormous personaland financial investments in revealing the wrongdoing to regulators. The incentive to doso must be at least the minimum award of 10 percent already in the law, which is stillbelow the 15 percent minimums which have created adequate incentives forwhistleblowers to use the successful False Claims Act and IRS programs.
• Strip protections for whistleblowers who face retaliation for contacting the SEC or CFTC. The Dodd-Frank Act includes protections against retaliation that are consistentwith several other laws that protect a host of private sector employees, including those infinancial services, manufacturing, food production and distribution, defense contracting,transportation, and healthcare. The Grimm draft would legalize retaliation whenever a company’s employment agreements, policies, or company manuals bar employees fromcommunicating with the government. This gives corporate criminals a blank check to gagemployees and eliminate whistleblowers at will.
• Create an accountability loophole by allowing special treatment for “self-reporting” if an accused firm does an internal investigation and makes some corrective action oncenotified by the SEC and CFTC of the whistleblower tip and pending enforcement action.Under the Grimm draft bill, this is a complete loophole for lawbreakers. They would begranted special treatment under the law with reduced penalties—as though they had self-reported—just by virtue of conducting an internal investigation and taking “appropriatecorrective action.” Although this subsection comes under the title “Good Faith,” theloophole would in fact allow firms with bad faith to whitewash any allegations of misconduct and instantly reduce their liability.
Not only are the Grimm proposals the wrong approach, in any case it is far too early to determineif the SEC and CFTC whistleblower reward programs warrant modification. The Dodd-Frank provisions were thoughtfully crafted as state-of-the-art whistleblower incentive and protectionprograms. Additionally, Congress should not undermine the substantial investment of time andresources in the rulemaking process made by the public, stakeholders, and the SEC and CFTC. Instead, Congress should wait for full implementation and the SEC Inspector General’s full-scaleexamination of the functionality of these programs mandated by Dodd-Frank before arbitrarilyamending them without a demonstrated need to do so.
We strongly urge you to oppose the Grimm proposals, which would greatly harm the interests of investors, shareholders, whistleblowers, and taxpayers. We would welcome more discussion onthe SEC and CFTC whistleblower programs, which can be arranged by contacting Angela Canterbury at the Project On Government Oversight at 202-347-1122 or acanterbury@pogo.org.
Sincerely,
AFL-CIO
Americans for Financial Reform
Association of Research Libraries
Center for Financial Privacy and Human Rights
Center for Media and Democracy
Citizens for Responsibility and Ethics in Washington (CREW)
Common CauseConsumer Federation of America
Defending Dissent Foundation
Fund for Constitutional Government
Government Accountability Project (GAP)
iSolon.org
OpenTheGovernment.org
New Jersey Action
OMB Watch
Project On Government Oversight (POGO)
Public Citizen
Service Employees International Union (SEIU)
Taxpayers Against Fraud
Taxpayers Protection Alliance
U.S. PIRG
Voices for Corporate Responsibility
cc: Representative Michael G. Grimm
SEC Chairman Mary L. Schapiro
SEC Commissioners Casey, Walter, Aguilar, and Paredes

1 Melanie Waddell, “SEC’s Mary Schapiro Talks About Whistleblower Office, 12b-l: Exclusive Interview,” (April26 2011).
2 Department of Labor, Occupational Safety & Health Administration, “The Whistleblower Program,” March 29,2011. http://www.whistleblowers.gov/index.html (Downloaded May 11, 2011)

IRS Nonresident Interest Testimony“>IRS testimony

Oral Testimony

Transcript of May 18, 2011, IRS Hearing on Guidance (REG-146097–09) on Reporting Interest Paid to Nonresident Aliens

MR. JANSEN: My name is Brad Jansen. I’m with the Center for Financial Privacy and Human Rights. I’m here speaking on behalf of the 60 Plus Association.

The main points that I wanted to address are concerns about the abuse of information that’s collected. There’s no shortage of database abuse examples in the media. There’s an expectation of privacy, a concern that I think is being misapplied here. And as a personal victim of identify fraud, I also want to bring that up, that this is a growing concern: the more times that we share information, the more information that that’s shared, we exponentially increase that likelihood. This is already a huge problem for way too many Americans.

In addition, there are legitimate and considerable human rights implications on the exchange of this information with foreign governments. And this is not just for tax evasion. Beyond that, there are regulatory burdens that are spoken for by others, and there’s a hugely disproportionate regulatory burden there that also disproportionately affects seniors and vulnerable people in our society… immigrants, racial and ethnic minorities especially.

When this regulation was proposed, or a version of it a decade ago, I spoke out against it then. You’ve got at the end of the testimony copies of my op-eds then. One of the examples that I used on the abuse of database information then was Theresa Hill, who was an FDIC employee, who was convicted of an identify-fraud ring where she herself, using the information she got from working at the FDIC on the information that was reported, she would steal the identifies of different people, run up credit card debt, and cause lots of other problems. She was convicted, spent time in jail.

So the idea that this is a cost-free proposition…so long as it’s involving human beings, there’s the risk there that there’s going to be great risk for identity fraud and human rights implications.

Much more recently, we had the example of the Epsilon case where a great number of companies had their data exposed through this third-party marketing, including Target, Kroger, U.S. Bank, JPMorgan Chase, Capital One, Citibank, Home Shopping Network, and the list goes on. The more information…again, the more information that’s shared, the greater the risk for abuse. And I don’t think that the IRS has fully taken that into consideration. They did last time, which is why it was limited to just Canada…and I think that was a much better approach. But to do this on a global scale is just to invite global disaster.

The rules are promulgated under the idea of the premise of the Bank Secrecy Act Supreme Court decisions. The Bank Secrecy Act violated state constitution, common law privacy protections, and also, I believe, Fourth Amendment privacy protections as well, and the [59:05] Supreme Court case and others.

The court ruled that so long as the information had a high degree of usefulness for U.S. government officials on law enforcement and regulatory issues, that it would be acceptable. I think that was the wrong decision. But even then I think this is being misapplied here because there was no benefit to law enforcement here. So the high-degree-of-usefulness standard does not… is not met by this proposed regulation since all reporting for U.S. law is already being done.

In addition, there’s a widespread and growing understanding among the Congress and the public policy circles that we need to control abuses of information and be aware of new technologies that are coming up.

In fact, just this week, Senator Leahy introduced legislation to reform ECPA, the Electronic Communications Privacy Act. So this is a 10-year-old law. ECPA was done in ‘86. The ease with of which information is being shared and distributed and hacked in many cases needs to be more fully addressed.

And I think that for the IRS to be at the forefront of this before Congress has a way of addressing these questions with ECPA reform is seriously putting the cart before the horse. And we need to wait and let Congress hold their hearings and hold their deliberations and address the ways in which we sell and share information and the ways in which law enforcement regulatory agencies have that information.

For the IRS to step in before Congress has a chance to address those issues, I think, is chutzpah beyond any recognition. As I explained to the House Banking Committee in 2005, there were reports, again, of bank employees and state government agencies and regulators that were selling information to identity theft rings. That is still a legitimate concern, and that is a source of terrorist financing. And we know that from other hearings. I won’t get into that now.

So again, the more…the looser the control of information, the greater the dangers that we’ve got, including on human rights and terrorist financing. And again, there are no shortage of examples in history, despite what my predecessor said here at the podium, of human rights abuses and civil liberties…civil rights and civil liberties abuses from bank data.

My home state of Ohio tried to circumvent a law on protecting political speech by using bank records to come up with membership lists of the Socialist Workers Party, for example. And the Supreme Court ruled that that was an unconstitutional breach of their rights and violated their First Amendment freedom of association.

It’s also no secret that Stalin and Hitler and others used bank information and financial information for those. In fact, the first list of Jews that Hitler got was from getting the information from the insurance agent…from the insurance companies.

So information is collected for one purpose and then often used for other ones with very disastrous results. And whatever the honorable intentions of the IRS in collecting the information, you have to realize that when you share this more broadly, that that information is going to be used for other purposes, and you cannot control how that’s going to be used.

And to the extent that we’re sharing…potentially sharing the information with countries that do not respect human rights, civil liberties and civil rights the way we do, we are opening up gross violations of those from an American perspective.

I’d go into more of those in other detail, but I’m trying to go quickly here.

In addition, I wanted to explain how it affects seniors and vulnerable populations in the United States. Because of the disproportionate regulatory burden that’s been spoken about by some of the other banking institutions here, the smaller institutions are more likely to be detrimentally affected. And in addition to that, you’re raising the barrier of entry for new entrants into the marketplaces, so that from the senior’s perspective, they’re more likely, through the course of their lives, to have accumulated great savings and put those into different banks.

They put them into different banks because under the current FDIC rules, you can only…you’re only protected up to a certain amount. So by putting it across multiple smaller institutions, you can better protect your savings for your retirement. We know now Social Security and other things aren’t going to be there…protecting them that way are. We need not go attacking seniors’ private savings accounts.

And this is the net effect of what this regulation could do by harming the community banks that the seniors rely on and the necessary requirement they rely on multiple institutions with the FDIC regulations.

In addition to seniors relying on community banks, credit unions and smaller depository institutions, the most vulnerable parts of society…our society do too. They’re generally not cost- effective for the large money-center banks, so immigrant populations…racial and ethnic minorities…are disproportionately more reliant on smaller financial institutions, credit unions and community banks, where the large money-center banks are not serving their communities. They often don’t have automobiles. They don’t speak…you know, languages and others. And they rely on those community institutions to protect their financial assets.

And we need them to be greater integrated into the American financial system. The concerns of the unbanked is widely discussed. And this regulation, if enacted, would contradict our concerns of integrating the unbanked the American financial system.

Doing so, by bringing the unbanked into the formal financial system, would give greater financial intelligence to law enforcement, would help with tax compliance, and would help the economic instability and achievement of the country.

The other instance of the disproportionate regulatory burden would be to contribute to the too-big-to-fail problem that we’ve got in this country and the greater likelihood of taxpayer bailouts. If the regulatory burden is disproportionately harder on smaller institutions, and it is, we’re contributing to that too-big-to-fail problem.

So in conclusion, I would just like to say that government-mandated information-sharing regulations are at the heart of our identity theft problem. This proposal would exacerbate this problem by sending U.S. financial record information abroad without adequate controls. And already, some U.S. financial regulators have abused access to our data. Just imagine the Russians, the Chinese, the Nigerians, or the Venezuelans have in store for us.

We know from the Arab uprisings that…you know, someone brought up Mubarak before. Title III of the USA PATRIOT Act was supposed to go after corrupt foreign officials. I was an opponent of that approach then. I said it was doomed to fail. It has failed, which is why we’re still bringing it up now. Continuing down that wrong path is still not going to correct the problem.

Thank you.

Written testimony of

Internal Revenue Building,
1111 Constitution Avenue, NW,
Washington, DC.

Thank you for allowing me the opportunity to submit testimony on this important question. My name is Brad Jansen, and I am the director of the Center for Financial Privacy and Human Rights. CFPHR was founded in 2005 to defend privacy, civil liberties and market economics and is part of the Liberty and Privacy Network, a Washington, DC-based 501(c)(3) organization. I am here also on behalf of the 60 Plus Association. Founded in 1992, the 60 Plus Association is a non-partisan seniors advocacy group with a free enterprise, less government, less taxes approach to seniors issues.
My main points can be summarized as follows:
• Database information is frequently abused,
• Expectations of privacy are often violated under the Bank Secrecy Act, which uses a questionable standard of “high degree of usefulness,”
• Information reporting contributes to identity fraud,
• There are considerable human rights implications involved in exchanging information with despotic governments, and
• Burdens for reporting regulations often fall most heavily on seniors and other vulnerable groups.
Unfortunately since I first publicly opposed this idea a decade ago, the problems I outlined then are worse today and the alleged benefits remain as illusory.
There are all too often press reports of abuses of database information. Perhaps the most spectacular recent example is the Epsilon case. Epsilon is a third-party vendor that provides marketing services to a number of companies. Millions of Americans had their data violated by companies that contracted with Epsilon. Explained CNET, “The list of Epsilon clients whose customer e-mail addresses were stolen is not complete, and is likely to grow. But so far Target, Kroger, TiVo, US Bank, JPMorgan Chase, Capital One, Citi, Home Shopping Network, Ameriprise Financial, LL Bean Visa Card, McKinsey & Company, Ritz-Carlton Rewards, Marriott Rewards, New York & Company, Brookstone, Walgreens, The College Board, Disney Destinations, and Best Buy have notified their own customers about the breach. Hilton Hotels and Ethan Allen are also said to be affected.”1 This proposal would mandate increased information sharing without adequate controls further threatening our data security.
These rules are promulgated under a false premise of “high degree of usefulness” standard. In a terrible series of court cases on the Bank Secrecy Act, the US Supreme Court permitted the sharing and selling of our personal information despite contractual, common law and constitutional (state and federal) prohibitions if the sharing met a “high degree of usefulness” standard for law enforcement. Since there is no alleged benefit for US law enforcement here, this rule makes no effort to meet the required tests and must be abandoned.
In fact the Congress is moving now to address information sharing concerns and update outdated laws and regulations. How will information be shared and transmitted under this proposed regulation? Just this week, Senate Judiciary Committee Chairman Patrick Leahy introduced a bill to revise the Electronic Communications Privacy Act (ECPA). My center is part of the Digital Due Process Coalition that has been working to reform this law.2 Care should be taken to make sure the sharing of sensitive personal and tax information is secure.
The information reporting contributes to identity fraud. As I explained to the House banking committee in 2005, “Today’s newspapers report both bank and state government employees selling information to identity theft rings—a mode of terrorist financing.”3 I expound on this point with more examples in my previous writings appended at the end of the statement (see especially “Information Exchange Dangers”).
There is no shortage of examples of governments abusing tax and bank information to violate political, civil and human rights. This proposal would not sufficiently address those concerns. Right now the IRS is under scrutiny because of the chilling of political speech by its audits of non-profit organizations. My own home state of Ohio illegally circumvented protections on political expression by the Socialist Workers Party by collecting dues payments from financial institutions to compile membership lists.4 It is no secret that Stalin, the Nazis and other tyrannical regimes in history have used bank and tax information for gross violations of human rights: Hitler’s first list of Jews for extermination was culled from insurance records, e.g. Until the IRS can guarantee that no information will be shared with any country that will now or in the future may abuse the information, you must rescind this proposal.
Regulatory burdens fall disproportionately on smaller financial institutions (and tax preparers).5 This additional compliance cost would have the effect of further consolidating assets in the financial system (contributing to our “too big to fail” problem and greater taxpayer bailouts). The marginal effect reduce the number of credit unions and community banks (as well as increase the barrier to entry for new competitors).
Since seniors are more likely, relative to the general population, to hold accounts in multiple institutions (usually in an effort to conform to the FDIC insurance limitations on accounts), they would be the most adversely affected group along with racial and ethnic minorities (and other unbanked people here) that rely disproportionately on smaller institutions underserved by the larger money center banks.
In conclusion, the government-mandated information sharing regulations are the heart of our identity theft problem.  This proposal would exacerbate this problem by sending US financial record information abroad without adequate controls–already some US financial regulators have abused access to our data, just imagine what the Russians, Chinese, Nigerians and Venezuelans have in store for us.
Thank you for the opportunity to comment. If you have any questions or need additional information, please do not hesitate to contact me by email at bjansen@financialprivacy.org.
Respectfully submitted,


J. Bradley Jansen, Director
Center for Financial Privacy and Human Rights

1 http://news.cnet.com/8301-31021_3-20050555-260.html#ixzz1MgpAa9fW
2 http://digitaldueprocess.org/index.cfm?objectid=37940370-2551-11DF-8E02000C296BA1633 http://financialprivacy.org/2005/05/ron-paul-adds-cfphr-letter-on-financial-privacy-to-hearing-record/4 459 U.S. 87 (1982). More on this idea in my speech here:

http://financialprivacy.org/2005/05/jansen-presentation-on-bank-secrecy-and-sound-money/

5 www.federalreserve.gov/pubs/staffstudies/1990-99/ss171.pdf

APPENDIX

http://financialprivacy.org/2011/04/cfphr-calls-for-financial-privacy-on-center-for-freedom-and-prosperity-letter-to-irs-april-7-2011/

April 7, 2011

Hon. Timothy F. Geithner
Secretary of the Treasury
1500 Pennsylvania Avenue, N.W.
Washington, D.C. 20220

Dear Secretary Geithner:

We are writing to express our deep concern with an onerous regulation (REG-146097-09), proposed by the Internal Revenue Service, that would undermine American banks and the U.S. financial system by requiring the reporting of deposit interest paid to nonresident aliens.

This regulation is both contrary to existing law and is not needed to enforce tax law. This proposed rule, which is a retread of a rejected Clinton-era proposal, should be withdrawn.

There are many reasons why this proposed regulation faces strong opposition from Congress, private industry and public policy organizations. This initiative is an abuse of the regulatory process that seeks to overturn the law rather than to enforce it. Moreover, it will undermine our economy’s performance by causing capital to flee the American banking system. This will have a negative impact on homeowners, consumers, and businesses.

The proposed regulation flouts statutory language and congressional intent. On several occasions, lawmakers have visited the issue of how to treat the interest income earned by nonresident aliens. In every case, the desire to attract capital to the American economy led legislators to decide not to tax the income and not to require that the income be reported to foreign tax authorities.

•        The proposed regulation is not required to administer U.S. law. Interest income paid to nonresident aliens is not subject to tax. Other regulations and forms already ensure that citizens and/or resident aliens are not able to falsely claim nonresident alien status to benefit from this preferential tax status.

•        The proposed regulation is not required by tax treaties. The IRS has openly admitted in the past that it wants to collect this data in order to provide the information to nations that have signed tax treaties with America. Tax treaties, however, only require the exchanging of information that is collected for purposes of domestic law enforcement. There is no obligation to impose additional regulatory burdens solely for the purpose of enforcing other nation’s laws.

•        The proposed regulation would impose significant damage on the U.S. economy. The IRS failed to perform an economic analysis or conduct any cost/benefit analysis. Nonresident aliens are estimated to have deposited over $3 trillion in U.S. financial institution, yet if this regulation is approved, a substantial portion of this money will flee to competing institutions in other jurisdictions.

•        The proposed regulation endangers human rights. Innocent people seeking to protect themselves and their assets from tyrannical, corrupt, and venal governments will be thwarted by this regulation. The unfortunate reality is that most of the world still lives in countries where there is persecution based on ethnic, racial, religious, economic and political characteristics. Sharing private financial information about U.S. bank deposits with thugs such as Venezuela’s Hugo Chavez should not be the objective of the U.S. government.

The likely withdrawal of several hundred billion dollars from the U.S. economy would have a deleterious impact on many financial institutions. Borrowers also would suffer. Families seeking mortgages, consumers seeking car loans, and businesses seeking money to create jobs and expand operations all would be adversely affected. This means less economic growth at a time when policymakers are overwhelmingly focused on promoting economic recovery.

Because the proposed rule is irreparably flawed, we urge its immediate withdrawal.

Sincerely,

Andrew F. Quinlan ~ President, Center for Freedom and Prosperity Foundation
Grover Norquist ~ President, Americans for Tax Reform
Duane Parde ~ President, National Taxpayers Union
Thomas A. Schatz ~ President, Citizens Against Government Waste
James L. Martin ~ President, 60 Plus Association
Karen Kerrigan ~ President and CEO, Small Business & Entrepreneurship Council
John Berlau ~ Director, Ctr. for Investors and Entrepreneurs, Competitive Enterprise Institute
Carrie Lukas, Executive ~ Director, Independent Women’s Forum
Phil Kerpen ~ Vice President-Policy, Americans For Prosperity
J. Bradley Jansen ~ Director, Center for Financial Privacy and Human Rights
Tom Giovanetti ~ President, Institute for Policy Innovation
Dick Patten ~ President, American Family Business Institute
Stephen J. Entin ~ President, Institute for Research on the Economics of Taxation
Lew Uhler ~ President, The National Tax Limitation Committee
Chuck Muth ~ President, Citizen Outreach

http://financialprivacy.org/2001/06/information-exchange-dangers/

Information Exchange Dangers
By J. Bradley Jansen
June 7, 2001

The Internal Revenue Service posted a ruling for comment period that could have serious unintended consequences for the United States. Promulgated in the final days of the Clinton Administration, the IRS proposed a rule on the “Guidance on Reporting of Deposit Interest Paid to Nonresident Aliens.” The rule should be withdrawn before it causes negative economic dislocations to the US by triggering massive withdrawals of foreign deposits from U.S. banks and, potentially, contributes to a new source of identity theft and other privacy violations.

Currently, U.S. financial institutions are only required to report the U.S. deposit interest, so called IRS Form 1042-S reporting, only on Canadian nationals. With the Canadians, we have a close working relationship, share a long, peaceful border, and are long-time friends and allies.

To expect the same kind of relationship with less stable countries that do not have a long history of respecting civil rights and civil liberties is a mistake that belies the message of the Statue of Liberty and our identity as a safe haven in the world.

As America’s Community Bankers explained in their comment period on the rule, “It is one thing to share such information on the wealth of its citizens with the Canadian government; it is quite another to share that information with countries where the rule of law may be less well established – a group that includes some of our treaty partners. Nonresident aliens from unstable or repressive nations that have tax treaties with the United States could have a well-founded fear regarding IRS information sharing. As a result of IRS sharing of information, their wealth could be expropriated, and they – or their families – could be threatened with criminal prosecution, violence, or kidnapping from their home countries.” The rule could impose a severe regulatory burden without identifying any greater, offsetting benefit. The IRS rule would also adversely affect some institutions unfairly at the expense of others.

The risks of information sharing should be obvious: from a privacy and security perspective, the more information is shared, and the more people that have information to that data, the risk-in fact, the likelihood-of the data being abused rises exponentially.

Just recently, an FDIC employee, Theresa A. Hill of Seat Pleasant, MD, was sentenced to five years of probation in connection with an identity fraud scheme. She was also ordered to pay $87,531 in restitution. The scheme’s victims included employees of the Federal Deposit Insurance Corporation and the Department of Health and Human Services’ (HHS) Office of Inspector General (OIG).

Ms. Hill reportedly conspired with five others to purchase gift certificates, jewelry and electronic equipment among other goods and services in retail stores and order merchandise over the Internet. She and the others reportedly purchased these items on credit by using the names and personal information of unwitting victims. According to the FDIC, Ms. Hill admitted that the conspirators obtained fraudulent identification cards in the victims’ names. In furtherance of the conspiracy, Ms. Hill checked the victims’ credit status by applying for credit accounts using the victims’ names, Social Security numbers and other identifying information.

The FDIC release says that the indictment alleges that the conspirators obtained personal information, including names, birth dates, Social Security numbers and home addresses, about victims who were employed by the FDIC and the HHS OIG. Ms. Hill was employed in the FDIC’s finance division, where she allegedly had access to personnel records of FDIC employees. On another front, the Paris-based Organization for Economic Cooperation and Development is attempting to institute a type of reporting and data exchange requirement on their list of small, developing jurisdictions that have low taxes. This new reporting and data exchange requirement is similar to the IRS rule that many here oppose in this country.

In a related manner, the Financial Action Task Force aims to institute a global Know Your Customer regime that specifically targets the Internet and electronic commerce. The FATF report makes clear that their goal is to effectively deputize accountants, lawyers, notaries and others in the same way that the domestic Bank Secrecy Act regulations effectively deputized bank tellers as law enforcement agents against their customers.

Together, the reporting and data exchange requirements of the OECD and FATF are a blueprint for enabling identity theft and curtailing the benefits of the nascent electronic commerce. The next logical step for the FATF according to their February report would be to deputize Internet Service Providers and others involved in electronic commerce as government snitches. Recognizing the importance of public confidence in financial and electronic commerce must not be lost pursuing policies that are not cost effective – if they work at all.

These proposals for surveillance of bank accounts and information exchange need further consideration regarding privacy and security issues. What safeguards would be in place to protect sensitive personal information from being misused, abused, or compromised from technological security breaches? The recent sentencing of a former FDIC employee in an identity fraud scheme illustrates the dangers of identity theft and other potential problems with government data exchange. The privacy and security of our personal, private information is only as good as the worst safeguards of the others with whom it is shared.

http://financialprivacy.org/2001/10/jansen-et-al-letter-to-president-bush-regarding-anti-money-laundering-proposals/

October 3, 2001
The Honorable George W. Bush
President of the United States
The White House
1600 Pennsylvania Avenue NW
Washington, DC 20500
Dear Mr. President,
We are writing to express our concerns about proposals that will undermine international cooperation in the fight against terrorism. Specifically, we are concerned that two pieces of legislation – Senator Kerry’s “International Counter-Money Laundering Act” (S. 398) and Senator Levin’s “Money Laundering Abatement Act” (S. 1371) – will discourage other nations from assisting the United States in the investigation and prosecution of universally recognized crimes such as the murderous attacks of September 11.
Law enforcement already has the authority to seize terrorist assets without trial. Section 11 of S. 1371 would allow the government to seize bank accounts without the government having to establish that they are traceable to a crime. Forfeiture practices are already generating serious abuses and should not be expanded without thoroughgoing review, especially when the proposal appears to have little to do with terrorism.
Section 101 of S. 398 would allow the Treasury Secretary unchecked authority with no due process protections to impose “special measures” on his own authority. These special measures would include his ability to require financial institutions and a long list of other businesses to disclose almost any information of any nature that he deems appropriate and gives the Secretary the ability to sever financial ties with any country or financial institution. This is an unprecedented, vast and broad degree of power to give one official. It is represents the effective abolition of financial privacy and due process. It is inappropriate in a country dedicated to the rule of law.
Both S. 398 and S. 1371 create protectionist barriers and regulatory burdens that threaten political and financial ties with many nations. These jurisdictions, needless to say, will have little incentive to help our nation track down criminals and their illicit proceeds. To add insult to injury, both bills will drive capital out of the U.S. economy at a time when our economy is in need of more investment.
Fortunately, there is something that can be done to help law enforcement track down terrorists and others who violate the common laws of civilized nations. The United States should expand its network of mutual legal assistance treaties (MLATs). These international agreements create procedures for information sharing and other forms of assistance in the investigation and prosecution of crime. MLATs, along with other cooperative bilateral accords, are effective tools in the fight against crime.
Unfortunately, the United States has MLATs – either in force or awaiting ratification – with only about 50 nations. The negotiation, ratification, and implementation of additional MLATs should be part of our anti-crime agenda. This approach also will reveal nations that are unwilling to help and deserving of sanctions, either because they refuse to negotiate a MLAT or because they fail to comply with one that is in force.
To eliminate a barrier to the expansion of MLATs, we also encourage the immediate withdrawal of the tax harmonization initiatives of the European Union and Organization for Economic Cooperation and Development. Many low-tax jurisdictions with financial service centers want MLATs with America and other nations, but they correctly refuse to be bullied into “information exchange” proposals that would force them to put the tax laws of other nations above their own.
Policy makers should unite behind proposals that will help America track down terrorists and other criminals. Mutual legal assistance treaties are a proven, effective tool for international cooperation. The Levin and Kerry bills, by contrast, would destroy financial privacy and due process protections afforded the American people and others, undermine international cooperation, and drive capital out of the U.S. economy.
Sincerely,
Grover Norquist, President, Americans for Tax Reform

John Berthoud, President, National Taxpayers Union and Foundation

Richard Rahn, Senior Fellow, Discovery Institute

Dan Mitchell, Senior Fellow, The Heritage Foundation

Andrew Quinlan, President, Center for Freedom and Prosperity

Stephen Moore, President, The Club for Growth

Thomas A. Schatz, President, The Council for Citizens Against Government Waste

Larry Hunter, Chief Economist, Empower America

Karen Kerrigan, Chair, Small Business Survival Committee
Solveig 
Singleton, Senior Analyst, Competitive Enterprise Institute

Christian Josi, Executive Director, American Conservative Union

J. Bradley Jansen, Deputy Director, Center for Technology Policy, Free Congress Foundation

Lewis K. Uhler, President, National Tax Limitation Committee

David Burton, Senior Fellow, Prosperity Institute

Paul Craig Roberts, former Assistant Secretary of the Treasury

Jim Martin, President, 60 Plus Association

Duane Parde, Executive Director, American Legislative Exchange Council

Adrian Day, President, Global Strategic Management

Tom DeWeese, President, American Policy Center

Robert Funk, Executive Director, American Shareholders Association

Bert Ely, Banking Consultant, Ely & Company, Inc.

Joe Eldred, President and Founder, God Bless America

Dr. Jane Orient, Association of American Physicians and Surgeons

Gordon Jones, President, Association of Concerned Taxpayers

Ken McEldowney, Consumer Action

Alan Gottlieb, Citizens Committee for the Right to Keep and Bear Arms

Audrey Mullen, Independent Women’s Action Project

Christopher Whalen, The Whalen Consulting Group

Erik Johnson, National Chairman, Young Americans for Freedom

*Organizations listed for identification purposes only.

More information here: http://papersplease.org/wp/2011/03/18/state-dept-proposes-biographical-questionnaire-for-passport-applicants/

Biographical Passport Question Comments“>Passport letter

Before the
BUREAU OF CONSULAR AFFAIRS DEPARTMENT OF STATE
Washington, DC 20037

COMMENTS OF THE IDENTITY PROJECT (IDP), CENTER FOR FINANCIAL PRIVACY AND HUMAN RIGHTS (CFPHR), KNOWLEDGE ECOLOGY INTERNATIONAL (KEI), CENTER FOR MEDIA AND DEMOCRACY, PRIVACY ACTIVISM, CONSUMER TRAVEL ALLIANCE (CTA), ROBERT ELLIS SMITH, AND JOHN GILMORE

Comments on proposed form DS-5513, OMB control number 1405-XXXX April 24, 2011
The Identity Project (IDP), Center for Financial Privacy and Human Rights (CFPHR), Knowledge Ecology International (KEI), Center for Media and Democracy (CMD), Privacy Activism, Consumer Travel Alliance (CTA), Robert Ellis Smith, and John Gilmore submit these comments in response to Department of State Public Notice 7345, “60–Day Notice of Proposed Information Collection: DS–5513, Biographical Questionnaire for U.S. Passport, 1405–XXXX ,” published at 76 Federal Register 10421 (February 24, 2011), and the proposed form, supporting statement, statement of legal authorities, and regulatory assessment which were provided to us by the Department of State in response to our requests, and which we have published for the benefit of other commenters at . We have posted the proposed Form DS-5513 at .
The Department of State (DOS) is seeking Office of Management and Budget (OMB) approval for a new collection of personal information from some subset of applicants for U.S. passports, as described in the “Notice of Proposed Information Collection” and the proposed Form DS-5513.
For the reasons discussed below, we oppose this information collection and proposed form as exceeding the statutory authority of the DOS, unconstitutional, and in violation of U.S. obligations pursuant to international human rights treaties to which the U.S. is a party. The DOS should withdraw its proposal; if it does not do so, OMB should disapprove the proposed information collection and form.
I. ABOUT THE COMMENTERS.
The Identity Project (IDP), , provides advice, assistance, publicity, and legal defense to those who find their rights infringed, or their legitimate activities curtailed, by demands for identification, and builds public awareness about the effects of ID requirements on fundamental rights. IDP is a program of the First Amendment Project, a nonprofit organization providing legal and educational resources dedicated to protecting and promoting First Amendment rights.
The Center for Financial Privacy and Human Rights (CFPHR), , was founded in 2005 to defend privacy, civil liberties and market economics. The Center is a non-profit human rights and civil liberties organization whose core mission recognizes traditional economic rights as a necessary foundation for a broad understanding of human rights. CFPHR is part of the Liberty and Privacy Network, a non-governmental advocacy and research 501(c)(3) organization.
Knowledge Ecology International (KEI), , is a not for profit nongovernmental organization that searches for better outcomes, including new solutions, to the management of knowledge resources. KEI is focused on social justice, particularly for the most vulnerable populations, including low-income persons and marginalized groups. KEI undertakes and publishes research and new ideas, engages in global public interest advocacy, provides technical advice to governments, NGOs and firms, enhances transparency of policy making, monitors actions of key actors, and provides forums for interested persons to discuss and debate Knowledge Ecology topics.
The Center for Media and Democracy (CMD), , is a national independent publisher located in Madison, Wisconsin. Our team of writers focuses on reporting that promotes informed decision-making about policies affecting our lives – our economy, our environment, our health, our liberty, our security, and the health of our democracy – and aids citizen involvement and grassroots action. Our opinion pieces and advocacy work help advance consumer rights and civil liberties, including the right to privacy, as well as the constitutional freedom to travel and freedoms of speech, press, and assembly.
Privacy Activism, , is a 501(c)(3) organization, based in California. We strive to help people make well-informed decisions about personal privacy and to show how privacy decisions affect society as a whole. A key element of Privacy Activism’s approach is to communicate information visually, in order to make the complexities of privacy law and policy more
accessible to people with no specialized expertise in the issues. We focus primary on areas of consumer privacy, including data mining of consumer information, identity theft, medical records privacy and online behavioral advertising and tracking.
The Consumer Travel Alliance (CTA), , is a nonprofit, nonpartisan organization that works to provide consumers an articulate and reasoned voice in decisions that affect travel consumers. CTA seeks to help improve consumer understanding of the travel environment, including aviation, rail, cruising, telecommunications, banking, Internet travel services, and insurance. CTA supports an individual consumer’s freedom to travel whether for business or leisure, and protection of consumers during their travel activities. Through its efforts, the focus is put on how travel rules and regulations, national laws, and corporate policies affect the consumer. CTA is one of the member organizations of the Consumer Federation of America.
Robert Ellis Smith, a lawyer and journalist, is a leading expert on the right to privacy in the U.S., and the founder and publisher since 1974 of Privacy Journal, a monthly newsletter on the individual’s right to privacy. Privacy Journal covers new technology and its impact on privacy, useful tips for protecting your privacy, and the latest on court decisions, legislation, professional conferences, and corporate practices.
II. THE DOS HAS GROSSLY UNDERESTIMATED THE DIFFICULTY OF COMPLETING THE PROPOSED FORM AND THE TIME REQUIRED TO DO SO.
Most people do not know the answers to all of the questions on the proposed form. Very few, if any, respondents would be able to complete the proposed form. A good-faith effort to complete as much of the form as possible would require an average of 100 hours or more per respondent, not 45 minutes as claimed by DOS in its proposal. No matter how hard or long they worked at it, even if they hired a private investigator and/or traveled the country searching out details of past residences, past employers and
supervisors, medical records, or people who might have information about them, almost nobody old enough to apply for a passport on their own would be able to locate all the requested information.
Most people don’t have records of many of the items required to complete the proposed form, such as their mother’s address a year before and after their birth, the dates of all of their mother’s pre-natal medical appointments, all the places they have ever lived since birth, the names and addresses of all the places they have ever been employed, and all their past supervisors’ names and telephone numbers. Why should they have such records, when there was never before any requirement to keep such records?
Years later, who can remember with certainty every job they have ever had, the address, the name(s) of their supervisor(s), and those supervisors’ phone number(s) – even for the job you quit after a day, or the summer job you had at McDonald’s back when you were in high school? Attempting to answer these questions would involve trying to track down former co-workers or other associates who might remember these details. Especially for those who have lived in widely separated places, that might require expensive and time-consuming travel, hiring a private investigator, and/or fees to commercial data brokers. And in many cases, it would still be a futile search for nonexistent records of long-vanished businesses and long-dead people.
Ask your parents – if they are still alive (and what if they aren’t?) – for your mother’s address a year before or after your birth, or all the addresses where you lived before you were old enough to remember, and the answer in may cases will be at most a street name, or merely a town or city, not a complete address. “I might recognize the house if I went back there and drove past, if it’s still there and the neighborhood hasn’t changed too much,” would be a common answer. So attempting to complete as much of the form as possible would, in many cases, involve difficult trips with older and perhaps frail relatives, and door-to-door search for former family homes to identity their addresses.
The expectation that any adult would have, or be able to obtain, complete records of their mother’s pre-natal medical appointments, or of who attended their birth, with sufficient certainty to be able to to attest to these facts under penalty of perjury, is patently absurd. A best effort to provide as much of an answer as possible would entail commissioning a private investigator to track down medical records (retained, if at all, by whomever has inherited a medical practice perhaps two or three generations of practitioners later) and conduct a snowballing series of interviews of doctors, nurses, midwives, etc. (in many cases aged and/or failing of memory) about who inherited their records and where they might be found, who was present at the birth, or who else might know these things.
If it is recorded at all, some of the required information, such as the dates of all of one’s mother’s pre-natal medical appointments, is likely to be contained in health care records subject to HIPAA. In most cases, HIPAA regulations forbid the release of such records of treatment of a deceased individual except to their personal representative or for purposes of medical treatment, neither of which exception would necessarily apply in the case of a passport application by a surviving child. At best, they would be able to obtain this information for this non-treatment purpose only if they are able to identify, track down, and obtain permission from their mother’s “personal representative” for HIPAA purposes. A health care provider is allowed up to 30 days to respond to a request for a copy of health records, or up to 60 days in the case of older records stored off-site. And that’s if they comply with the HIPAA deadlines. Obtaining old maternal health care records could easily take months, or could be entirely precluded by HIPAA. Foreign health care providers might not be under any deadline or any obligation to provide records at all. Dealing with foreign providers, of course, could take even longer.
The older people are, and the more scattered their family is around the country or around the world, the less chance they would have of finding older living relatives able and willing to help provide or track down missing data, and the longer the search for them would be likely to take. There’s no indication that passport applicants would have subpoena power to compel answers to interrogatories by relatives or former employers or co-workers (who might have the only records of supervisors’ names or phone
numbers, if any such records exist) , or the production of such records as might exist. Should one, or can one lawfully, be denied a passport or the right to travel because one’s estranged relatives or former employers or co-workers decline to help conduct this research? Or if they are willing to provide information only for a fee which the applicant can’t afford? Of course not.
Certain groups would be even less likely than the norm to have any chance of completing the proposed form. Adoptees who aren’t in touch with their birth parents would have no chance of being able to provide the required information about their mother’s residence, pre-natal medical appointments, or the circumstances of their birth. People who have worked as casual laborers, who may have had a different employer and supervisor every day for months, years, or a working lifetime, would almost never be able to provide a complete list of employers’ or supervisors’ names, addresses, or phone numbers. Other people whose places of employment change frequently would have only slightly less extreme difficulty: agricultural and other migrant laborers, constructions workers, and so forth. People who have been institutionalized may not have known, even at the time, at exactly what address they were being held.
Refugees, especially those who were in hiding, moving from place to place often, and/or in flight from persecution for extended periods of time, may have little or no access to records of the addresses of the places where they “resided” while en route to eventual asylum in the U.S. Someone giving sanctuary to victims of persecution has good reasons, for their own security, to keep those they are sheltering from knowing the exact location of their place of refuge or the name of the person giving them refuge. Of course, refugees are among those least likely to have retained or have access to birth records, and thus most likely to be required to fill out the proposed new form.
Because the proposed form must be attested to under penalty of perjury, even a slight error or omission – a forgotten short-term job or assignment or a different supervisor, or an unrecorded pre-natal consultation between one’s mother and a midwife, for example – could subject the respondent to severe criminal penalties. The grave risk of perjury prosecution would compel respondents to err on the side of
not submitting the proposed form, and withdrawing their application for a passport, in case of any uncertainty as to the responses to any of the questions, especially those which by their plain language require complete, exhaustive lists of particular categories of historical data (all addresses, all employers, etc.). The risk inherent in the requirement for submission under penalty of perjury would, in this way, further reduce the number of people who would be able to complete the form. Anyone for whom the answer to any of the questions on this form is, “I don’t know,” or even, “I’m not sure,” would be unable to attest to the answers under penalty of perjury, and thus would be unable to obtain a passport.
III. IN THE ABSENCE OF SUBSTANTIVE AND PROCEDURAL STANDARDS FOR DECIDING WHO IS REQUIRED TO COMPLETE THE PROPOSED FORM, ITS USE WOULD BE ARBITARY, IN VIOLATION OF STATUTORY, CONSTITUTIONAL, AND TREATY LAW.
According to the Paperwork Reduction Act submission and supporting statement, as provided to us by the DOS, 74,000 people per year would be required to complete the proposed Form DS-5513. That is only a small fraction of the number of annual passport applicants. But the DOS is silent as to how – according to what substantive standards and what procedural due process – the decision will be made as to which passport applicant will be required to complete the proposed Form DS-5513. The complete lack of substantive standards and procedural safeguards violates the due process requirements of the Administrative Procedure Act, the U.S. Constitution, and Article 12 of the International Covenant on Civil and Political Rights (ICCPR), and must therefore be withdrawn by the DOS or rejected by OMB.
The proposed form reminds us unpleasantly of the invidious historic “Jim Crow” use of a literacy or civics test of arbitrary difficulty, required as a condition of registering to vote and administered in a standardless manner. By making the test impossible to pass, voter registrars could use it as an arbitrary and discriminatory – but facially neutral – excuse to prevent any applicant to whom they chose to give a sufficiently difficult test from registering to vote, on the ostensible basis of their having “failed” the test.
In a similar way, choosing to require an applicant for a passport to complete the proposed Form DS-5513, which few if any applicants could complete, would amount to a de facto decision to deny that applicant a passport. And that decision would be standardless, arbitrary, and illegal.
Standardless or “discretionary” imposition of the requirement to complete the proposed form invites and creates the potential for, and likelihood of, numerous forms of abuse.
Who will be required to complete the proposed Form DS-5513, under penalty of denial of a U.S. passport and confinement for life to the territory of the U.S. – or, if they are applying for a passport abroad (such as to replace a lost or stolen passport), de facto banishment for life from the U.S.?
Will standardless DOS discretion be exercised to require individuals to complete the proposed Form DS-5513 on the basis of race, religion, or national origin? On the basis of their having visited (as evident from their passport submitted with an application for renewal), or intending to visit (as stated on their passport application), particular other countries? Or on the basis of their exercise of other rights protected by the First Amendment, such as associating with certain other people, expressing certain ideas, or criticizing the U.S. government in general and/or the DOS in particular?
Will those of us who submit comments opposing this proposed new form be singled out to be required to complete this form the next time we apply for or renew our U.S. passports, if it is approved?
And how, if at all, would it be possible to detect such invidious abuses of discretion?
Because the purportedly permissible “routine uses” of this information would include disclosure to any other agency of any government, it’s likely that it would be used as a means to compel answers of interest to other agencies, to questions and for purposes for which those agencies lack their own authority to compel responses. Someone exercises their right not to answer questions from police or other government agents about their family history, religious practices, or other intimate matters? Just alert the DOS that you are interested, and the next time this person applies to renew their passport, DOS will require them to complete Form DS-5513, under penalty of perjury, and “share” the responses with you. The proposed form, and its potential for abuse, should be evaluated as an all-purpose
interrogation tool, by which any government agency on whose behalf the DOS chooses to exercise its discretion could compel answers to all the questions on the proposed form, for any purpose.
IV. THE “ROUTINE USES” OF THE INFORMATION ON THE PROPOSED FORM WOULD INCLUDE IMPROPER, EXCESSIVE, AND PRIVACY-INVASIVE DISCLOSURES.
The information collected on the proposed Form DS-5513 would be part of the “Passport Records (STATE–26)” system of records, subject to a System Of Records Notice (SORN) published at 73 Federal Register 1660-1664 (January 9, 2008). According to the proposed form, “routine uses” of any or all of this information would include disclosure, without limitation, to “other government agencies and private contractors, … foreign government agencies, international organizations[,] … private persons and organizations [,]… and private employers.”
No meaningful limits are placed on these “routine uses” or the disclosures they purport to authorize. For example, the SORN purports to authorize as a “routine use” disclosures to, “Federal, state, local or other agencies for use in legal proceedings as government counsel deems appropriate. ” Under this provision, any lawyer employed by any government agency could authorize, at their sole discretion, disclosure of the entire DOS file on any passport applicant – including the proposed Form DS-5513 – to any agency of any government anywhere in the world, for any purpose that lawyer “deems appropriate.”
Pursuant to the Privacy Act of 1974, 5 U.S.C. 552a(a)(7), “the term ‘routine use’ means, with respect to the disclosure of a record, the disclosure of such record for a purpose which is compatible with the purpose for which it was collected.” The routine use of information collected on the proposed form “in legal proceedings as government counsel deems appropriate,” does not limit the allowable disclosure to any clear purpose. Regardless of how the imprecise term “legal proceedings” is defined, not all legal proceedings would be related to the purpose – passport issuance – for which DOS collects this information. “Deems appropriate” is standardless, and fails to address (let alone meet) the requirement of the Privacy Act for compatibility of routine uses with the purposes for which personal information is collected. Accordingly, this proposed “routine” use would violate the Privacy Act.
Crucially, no distinction is made in the applicable SORN between claimed authority to verify or divulge a person’s U.S. citizenship status as a “routine use” of this data, and disclosure of the entirety of the information collected on the new “Biographical Questionnaire” for (some) passport applicants.
No explanation or justification whatsoever has been offered as to why such a range of other U.S. and foreign government agencies and private third parties would need to know all of the information submitted in support of a passport application, and not just whether a U.S. passport has been issued.
The information required on the proposed form far exceeds, in both quantity and sensitivity including religious and medical details, what is described in the SORN or required on any prior passport application form. Indeed, it appears to be comparable to the information required on an application for a security clearance for access to classified information, and to exceed that required on an application for Federal government employment. The proposed information collection exceeds the scope of the SORN, and requires the DOS to conduct and publish for comment a new SORN and a new Privacy Impact Assessment (PIA) before submitting the proposed form to OMB for approval. If that is not done, OMB should reject the proposed form as exceeding the scope of the information collection and retention disclosed in the SORN for this system of records, and therefore in violation of the Privacy Act.

V. THE DEPARTMENT HAS FAILED TO EVALUATE THE IMPACT OF THIS INFORMATION COLLECTION ON THE ABILITY OF U.S. CITIZENS TO EXERCISE RIGHTS PROTECTED BY THE FIRST AMENDMENT AND INTERNATIONAL TREATIES.
The proposal describes the proposed form as required for receipt of a Federal benefit. But international travel, for which a passport is now required, is a right, not a mere “benefit”.
The fundamental defect in this rulemaking is that the Department has failed to evaluate the impact of the proposed new requirement to complete a new form on the ability of U.S. citizens to exercise rights of assembly and freedom of movement protected by the First Amendment and international treaties.
When the current passport issuance regulations were established, it was still possible (although significantly encumbered) for U.S. citizens to enter or leave the U.S. without a passport or any other government issued identity credentials. Passport issuance laws and regulations were therefore evaluated, both by the DOS and by the courts, as pertaining to the issuance of credentials which were not essential for the exercise by U.S. citizens of their rights to cross U.S. borders.
That has changed, however, with the implementation of the “Western Hemisphere Travel Initiative” (WHTI), which requires a passport, passport card, other specified government issued identity credential, or a (standardless) “discretionary” waiver of this requirement, as a prerequisite to crossing any U.S. border by any means by any U.S. citizen. See our previous objections to those requirements, “Comments of the Identity Project, Documents Required for Travelers Arriving in the United States at Air and Sea Ports-of-Entry From Within the Western Hemisphere,” USCBP-2006-0097, September 25, 2006, available at , and “Comments of the Identity Project, Documents Required for Travelers Departing From or Arriving in the United States at Sea and Land Ports-of-Entry From Within the Western Hemisphere,” USCBP-2007-0061, August 27, 2007, available at .
The right to assemble and the right to petition for redress of grievances are directly protected by the First Amendment. In the case of U.S. citizens born and/or residing abroad, or U.S. citizens wishing to assemble with U.S. citizens abroad, the exercise of those rights requires crossing U.S. borders. The right to freedom of movement, specifically including both the right to leave any country and the right to return to one’s own country, is protected by Article 12 of the International Covenant on Civil and Political Rights (ICCPR), a treaty signed and ratified by, and binding on, the U.S. The ICCPR has been effectuated, with respect to rulemaking and other activities of agencies including DOS, by Executive Order 13107, “Implementation of Human Rights Treaties,” which directs all executive departments to “maintain a current awareness of United States international human rights obligations that are relevant to their functions and… perform such functions so as to respect and implement those obligations fully.”
Now that the U.S. government requires U.S. citizens to have passports for international travel, conditions on passport issuance must be considered according to the higher standard of justification applicable to regulations which burden the exercise of rights protected by both the First Amendment and Article 12 of the ICCPR, including a showing that the proposed rules are the least restrictive available means of accomplishing a permissible government purpose, and would in fact achieve that purpose.
As discussed in our previous comments to U.S. Customs and Border Protection on the WHTI document requirements in dockets USCBP-2006-0097 and USCBP-2007-0061, cited above, the Department of State has reiterated in its most recent report to the United Nations Human Rights Committee that, “As reported in the Initial Report, in the United States, the right to travel – both domestically and internationally – is constitutionally protected.” (Second and Third Periodic Reports of the U.S. Concerning the International Covenant on Civil and Political Rights, Paragraph 203, 28 November 2005, CCPR/C/USA/3, available at , referring to Initial Report by the U.S. Concerning Its Compliance with the International Covenant on Civil and Political Rights, July 1994, CCPR/C/81/Add.4 and HRI/CORE/1/Add.49, available at).Even before the promulgation of the WHTI regulations requiring U.S. citizens to obtain passportsfor travel with the Western Hemisphere, the Supreme Court had long recognized that passport issuanceimplicates the fundamental Constitutional freedom of travel. “The denial of a passport, given existingdomestic and foreign laws, is a severe restriction upon, and, in effect, a prohibition against, world-wideforeign travel.” Aptheker v. Secretary of State, 378 U.S. 500 (1964).Strict scrutiny is required for regulations which, like the proposed requirement to complete FormDS-5513, would burden passport issuance and thus the exercise of First Amendment rights. Strictscrutiny requires both a showing of actual effectiveness for a permissible government purpose, and thatno less restrictive effective alternative is available: “[T]he court should ask whether the challengedregulation is the least restrictive means among available, effective alternatives.” Ashcroft v. ACLU, 542U.S. 656 (2004).With respect to international treaties, Article 12, Section 4, of the International Covenant on Civiland Political Rights (ICCPR), ratified by the U.S. Senate on April 2, 1992 (138 Congressional Record S4782), provides that, “No one shall be arbitrarily deprived of the right to enter his own country.”The meaning of this section of the ICCPR is interpreted in Paragraph 21 of U.N. Human RightsCommittee,
General Comment No. 27 on Freedom of Movement in Article 12, issued under Article 40(4)of the ICCPR, CCPR/C/21/Rev.1/Add.9 General Comment No.27, 02/11/1999, available at:In no case may a person be arbitrarily deprived of the right to enter his or her owncountry. The reference to the concept of arbitrariness in this context is intended to emphasizethat it applies to all State action, legislative, administrative and judicial; it guarantees thateven interference provided for by law should be in accordance with the provisions, aims andobjectives of the Covenant and should be, in any event, reasonable in the particularcircumstances. The Committee considers that there are few, if any, circumstances in whichdeprivation of the right to enter one’s own country could be reasonable.
Sections 2 and 3 of Article 12 of the ICCPR provide:2. Everyone shall be free to leave any country, including his own.3. The above-mentioned rights shall not be subject to any restrictions except thosewhich are provided by law, are necessary to protect national security, public order (ordre public), public health or morals or the rights and freedoms of others, and are consistent withthe other rights recognized in the present Covenant.To be “necessary”, as is required by Section 3 of Article 12, requires more than that a restrictionon human rights be related to, or actually further, one of the enumerated purposes. “Necessity” requiresa showing that no less restrictive alternative could adequately serve the particular enumerated purpose.This interpretation of “necessity” is supported by the U.N. Human Rights Committee, GeneralComment No. 27 on Freedom of Movement in Article 12, which provides in Paragraph 14:Article 12, paragraph 3, clearly indicates that it is not sufficient that the restrictionsserve the permissible purposes; they must also be necessary to protect them. Restrictivemeasures must conform to the principle of proportionality; they must be appropriate toachieve their protective function; they must be the least intrusive instrument amongst thosewhich might achieve the desired result; and they must be proportionate to the interest to beprotected.Since there is no such showing of “necessity” in the proposal for this form or any of thesupporting documents, or even any evidence that less restrictive alternatives were considered, theproposal to require this form is flatly inconsistent with the U.S. obligations embodied in this article of theICCPR, and must be withdrawn or rejected by OMB.In addition, the proposed requirement to complete this form is inconsistent with Article 21 of theICCPR, which imposes a similar standard of “necessity” on rules which burden the right of assembly:The right of peaceful assembly shall be recognized. No restrictions may be placed onthe exercise of this right other than those imposed in conformity with the law and which arenecessary in a democratic society in the interests of national security or public safety, publicorder (ordre public), the protection of public health or morals or the protection of the rightsand freedoms of others.The same analysis of the DOS’s failure to make or support a showing of necessity applies withrespect to this Article 21 as with respect to Sections 2 and 3 of Article 12, as discussed above.
proposed information collection is thus inconsistent with Article 21 of the ICCPR as well, and must bewithdrawn.There are clearly less restrictive alternatives to the proposed requirement to complete this or anysimilar form, such as a form on which applicants may submit such information as they believe constitutes prima facie evidence of citizenship, and/or elimination of the requirement for U.S. citizens to have apassport to enter or leave the U.S. But the DOS has failed even to consider the heightened standard of justification required as a consequence of the imposition of the WHTI requirements for governmentissued identity credentials for U.S. citizens, which has made denial of a passport tantamount to acategorical bar on international travel (except with the discretionary and standardless case-by-case”waiver” of the passport requirement by the government, which fails to satisfy any due process standard).Before proposing any rule to require such a form, the DOS must evaluate the proposal against thestandard of justification applicable to rules that burden the exercise of rights protected by the FirstAmendment and the ICCPR, including consideration of these less restrictive alternatives.We raised these issues with the DOS in our previous comments regarding passport fees:“Comments of the Identity Project, Consumer Travel Alliance, Center for Financial Privacy and HumanRights, and John Gilmore, Schedule of Fees for Consular Services, Department of Stateand Overseas Embassies and Consulates ,” DOS-2010-0035 , March 11, 2010, available at. Although our comments were specificallymentioned in the analysis of comments published by the DOS along with the interim final rule, ourobjections on the basis of the First Amendment to the U.S. Constitution and Article 12 of the ICCPR werenot mentioned. (“Interim Final Rule, Schedule of Fees for Consular Services, Department of State andOverseas Embassies and Consulates ,” 75
Federal Register
36522-36535, June 28, 2010.) We still havereceived no response to our complaint that the rule violates U.S. obligations pursuant to the ICCPR.
We note that Executive Order 13107 requires that “The head of each agency shall designate asingle contact officer who will be responsible for overall coordination of the implementation of thisorder…. Each agency shall take lead responsibility, in coordination with other appropriateagencies, for responding to … complaints about violations of human rights obligations that fall withinits areas of responsibility or, if the matter does not fall within its areas of responsibility, referring it to theappropriate agency for response.”Despite diligent inquiries, including unanswered inquiries to the designated DOS point of contactfor this proposed information collection, we have been unable to determine who, if anyone, has beendesignated as the DOS “single contact officer” for implementation of Executive Order 13107, includingresponding to complaints of violations by DOS of human rights treaties.We therefore specifically request that our prior complaint, as made in our comments cited aboveon DOS-2010-0035, and this complaint, be referred to the officer designated by the Secretary of State asthe single contact officer for implementation of Executive Order 13107, and that we be provided with aresponse to each of these complaints of violations by DOS of human rights treaty obligations.
VI. THE DOS LACKS STATUTORY AUTHORITY TO REQUIRE PASSPORTAPPLICANTS TO COMPLETE THE PROPOSED FORM, OR TO DENY PASSPORTS TOTHOSE APPLICANTS WHO ARE UNABLE OR UNWILLING TO COMPLETE THE FORM.
Completion of the proposed form, in its entirety, is proposed to be mandatory for all thosepassport applicants who are selected (in some unspecified and apparently standardless and nonreviewablemanner) to receive this additional form. The form states that, “failure to provide the informationrequested may result in … the denial of your U.S. passport application. “However, none of the statutes listed as legal authorities for the proposed form provides any actualbasis for such a denial. A passport application may be denied only where there is a sufficient factual basis for a duly-made determination that the applicant is not a U.S. citizen. In the absence of such facts,the issuance of a passport is a matter of right.Even if there were Constitutionally valid statutory and regulatory authority for the imposition ofadministrative fines or other sanctions for refusal to complete the proposed “Biographical Questionnaire” – which has not been shown, and which we would question, especially since most people would be unableto complete the proposed form – any such sanctions would be independent of the entitlement of theapplicant to a U.S. passport, unless there is evidence establishing that the applicant is not a U.S. citizen.The only portions of the citied regulations that might even arguably provide authority for theproposed information collection are 22 CFR Sec. 51.28(c) (“Any official receiving an application for apassport or any Passport Issuing Office may require such additional evidence of identity as may bedeemed necessary”) and 22 CFR Sec. 51.54 (“Nothing contained in Secs. 51.43 through 51.53 shallprohibit the Department from requiring an applicant to submit other evidence deemed necessary toestablish his or her U.S. citizenship or nationality”). But those provisions are limited to evidence actuallydetermined, in a particular case, to be “necessary” to determining U.S. citizenship.Similarly, the abstract in the Paperwork Reduction Act statement accompanying the proposedform is based on a claim of necessity: “This form collects information necessary to verify a respondent’scitizenship and identity.” But this claim is false, and the proposed information collection is not limited toinformation that is, in any case much less in all cases, “necessary” for such a determination. While insome cases some of the information on the proposed form might be relevant to determining citizenship, inmost cases all or most of it would not even be relevant, much less essential. The suggestion that, forexample, it would never be possible to determine whether someone is a U.S. citizen without knowingwhether, when, and with what if any religious rituals they were circumcised, is obviously absurd.Since it is not based on any determination of “necessity”, the proposed information collectionexceeds the regulatory authority of the DOS, and must be withdrawn or rejected by OMB.

VII. THE DOS HAS FAILED TO EVALUATE THE IMPACT OF BEING REQUIRED TOCOMPLETE THE PROPOSED FORM ON INDIVIDUALS AS “SMALL ENTITIES”PURSUANT TO THE REGULATORY FLEXIBILITY ACT.
According to the supporting statement, “The collection of information does not involve smallbusinesses or other small entities. ” This is clearly incorrect. The applicable statutory definition of a”small [economic] entity” does not distinguish between corporations or sole proprietors, and does notexclude natural persons. The individual persons subject to the requirement to complete the proposedform, as a condition of issuance of a passport, will include numerous “small entities”: sole proprietors,freelancers, and self-employed individuals. Given the extensive and growing prevalence of these self-employment arrangements, any rulemaking that affects a significant number of individuals is likely toinvolve a significant number of small entities, as this proposal would. Accordingly, the regulatoryanalysis is defective in failing to evaluate the impact of the proposal on these small entities.A proper analysis of the impact of the proposed form on individuals as small entities must beprepared and published for comment before the proposal can even be considered for approval.For those affected, the economic impact would be substantial. In a minority of the best cases, in which it is eventually possible for the affected individual to complete the form (after inquiries to olderrelatives and past co-workers, archival research, research travel to previous places of residence, andperhaps with the assistance of a private investigator) it would still cause potentially critical delay in beingable to accept or fulfill any contract requiring international travel during the weeks or months required toresearch answers to complete the form. In the vast majority of cases, in which it is impossible ever tocomplete the form, being required to complete the proposed Form DS-5513 would constitute a categoricallifelong bar to any pursuit of business opportunities that might require international travel. In anincreasingly global economy in which self-employed individuals, freelancers, and sole proprietors find a growing proportion of their customers and suppliers abroad, confining them to work solely within thedomestic U.S. economy will typically have a substantial lifelong negative impact on career and earnings.
VIII. CONCLUSIONS AND RECOMMENDATIONS
The proposal for Form DS-5513 should be withdrawn by the DOS. If it is not withdrawn, itshould be modified to eliminate any claim that declining to complete the proposed form – whetherbecause of inability to do so or for any other reason – constitutes a lawful basis for denial of a passport.If the DOS does not withdraw this proposal entirely, it must correct the estimated time required tocomplete it (in the rare cases when that is possible at all) to a more realistic estimate of at least 100 hoursper respondent; evaluate the impact of inability to complete proposed form on the ability of U.S. citizensto exercise rights protected by the First Amendment and international treaties; promulgate validsubstantive and procedural standards for determining which applicants will be required to complete theproposed form; conduct and publish for comment a new System of Records Notice and Privacy ImpactAssessement; and conduct and publish for comment an evaluation of the impact of the proposed rules onindividuals as “small economic entities”, pursuant to the Regulatory Flexibility Act.If the current proposal for Form DS-5513 is not withdrawn, it must be rejected by OMB.Pursuant to Executive Order 13107, this complaint and our previous (unanswered and stillpending) duly-filed complaint of violation of U.S. human rights treaty obligations by the DOS should bereferred to the officer designated by Secretary of State as the single contact officer for implementation ofExecutive Order 13107, and responded to in accordance with that Executive Order.

Respectfully submitted,
The Identity Project (IDP)A project of the First Amendment Project1736 Franklin St., 9th FloorOakland, CA 94612/s/Edward Hasbrouck,Consultant to IDP on travel-related issues
Center for Financial Privacy and Human Rights Post Office Box 2658 Washington, DC 20013-2658
Knowledge Ecology International 1621 Connecticut Ave. NW, Suite 500 Washington, DC 20009
Center for Media and Democracy 520 University Ave., Suite 260 Madison, WI 53703
Privacy Activism 4026 – 18th St.San Francisco, CA 94114
Consumer Travel Alliance 7062 Solomon Seal CourtSpringfield, VA 33152
Robert Ellis Smith, Publisher, Privacy Journal Post Office Box 28577 Providence RI 02908
John Gilmore Post Office Box 170608 San Francisco, CA 94117