According to a C|Net article, 30,000 airline passengers have been mistakenly placed on the federal watch list. Having your name match with a name on the watchlist means you are subject to extra screening. According to Jim Kennedy, director of the Transportation Security Administration’s redress office, none of these passengers were kept from boarding.

In order to avoid these inconveniences, a person must submit forms to the TSA proving their identity, and the evaluation of these forms can take 45 to 60 days. At this point, the passenger’s name is not removed from the list. Instead, their name is put on a “clearance” list. This means they will not be able to check-in at a kiosk, and they would typically have to explain their situation to a customer service representative at check-in.

As a private citizen, I understand that sometimes all we have to go on is a name. Consider the possibility that a list of names were found in a known-terrorist’s desk drawer. These names are then put on the watchlist. This seems like a reasonable action. However, as a computer scientist and a researcher, it seems inefficient and almost irresponsible to just place a person’s name on a “clearance” list after having their identity verified and still subject the individual to inconvenience whenever they travel. If this is the best that the government has come up with, it seems a bit disturbing.

In the government’s defense, it seems they are trying to rectify these issues with a new Secure Flight program that is currently being scrutinized before approval. According to this GovExec.com article, Homeland Security is in the final stages of approving a new pre-flight screening process. The Data Privacy and Integrity Advisory Commitee is advising them to narrowly focus the pre-screening program, possibly by requiring a passenger’s name and date of birth. The advisory panel also says that the TSA has yet to fully define Secure Flight, while the American Civil Liberties Union has repeatedly called on Homeland Security to eliminate the program.

Read more about this C|Net story here.

A previous blog entry discussed Diebold’s struggles with the latest electronic voting law passed in North Carolina. The situation then was that Diebold said it could not meet the law’s requirements, and its efforts in seeking an exemption had been dismissed. On Friday, December 2, the North Carolina Board of Elections still certified Diebold as one of three approved vendors for the state, despite Diebold’s admitted inability to comply with law.

The EFF, which had fought Diebold’s attempts at an exemption in court, immediately posted its criticism of the board’s decision. An EFF attorney is quoted as saying: “In August, the state passed tough new rules designed to ensure transparency in the election process, and the Board simply decided to take it upon itself to overrule the legislature. The Board’s job is to protect voters, not corporations who want to obtain multi-million dollar contracts with the state.” The position of the North Carolina Board of Elections is that none of the electronic voting machine vendors could fully meet the requirements, so the board simply loosened the standards regarding source code escrow. The EFF disputes this claim, however, saying that at least one of the other vendors “has publicly stated that it is capable of meeting the escrow requirement for the code used it its system.”

A C|Net article quotes an advisor to the board as saying that “the Board of Elections decided at the last minute that it would allow the companies to be certified as long as they provided the state with the outside escrow locations of all the codes” – a requirement that must be met by December 22. This advisor to the board further says: “This is an extra step the board has decided to put in to strengthen the law that we have to work with.” I find this statement to be very inaccurate and unfortunate – how can making an exception and an end-run around the law possibly strengthen it?

The Baltimore Sun put up a well-reasoned editorial on the general concerns with electronic voting companies. Their conclusion: “Most nations do not use private companies to count their national election results; if the United States must, it had better make sure the voting, counting and transmission of poll data are as transparent and auditable – at every point – as possible.”

On the 9th of December, 2005, a Denver woman is scheduled to be arraigned in a federal District court. Apparently, this 50 year old mother of four was taking a public bus to work when a security guard got on the bus and demanded to see everyone’s “papers.” Deborah Davis, knowing she had done nothing wrong, refused, and the security guard called federal officers to arrest her.

This situation raises some interesting concerns. Should we be required to identify ourselves whenever we take public transportation? Allowing this to stand in court may open the door to more disconcerting implications. At what point do we draw the line? In large cities, the government would be able to track the movement of the majority of its citizens at all times. This is already possible when a person purchases a monthly, electronic pass. However, this is currently optional and an individual may opt to pay cash for their transportation to avoid Big Brother knowing their location. If this case holds up, it seems to me that it could be used to justify a system where everyone can be tagged, identified, and located whenever they use public transportation.

In London, surveillance cameras provide the government means to visually track persons using their public transportation. This seems to be a less invasive way of tracking people who use public transportation without forcing them to identify themselves. It would also prove to be more useful to prove criminal offenses carried out in public areas. However, many feel this alternative also exploits the privacy rights of citizens. Read more here.

According to a Raleigh News & Observer article, North Carolina passed a law that allows people to freeze their credit reports to thwart identity thieves. Essentially, by freezing their credit reports, the person creates a shield around their credit report so that companies attempting to view their credit report are denied. Since creditors generally will not grant credit to people when they cannot access their credit report, this keeps identity thieves from applying for credit cards, loans, etc. under the victim’s name. This is one of 40 laws that North Carolina is enacting in order to combat a problem that carries a national cost of $48 billion a ear for businesses and $5 billlion for consumers.

Read more about this by accessing the N&O article here.

Earlier this year, the North Carolina legislature passed a bill that sets up standards for voting equipment used in elections. The bill sets out to “restore public confidence in the election process”. The law outlines many vendor responsibilities in Section 2.(a), including that “the vendor shall place in escrow with an independent escrow agent approved by the State Board of Elections all software that is relevant to functionality, setup, configuration, and operation of the voting system, including, but not limited to, a complete copy of the source and executable code…” as well as including “a list of programmers responsible for creating the software”. The penalties for violating the bill include a felony charge and a civil penalty of up to $100,000 per violation.

The new state law has led to Diebold threatening to pull out of the state, due to not being able to meet these openness requirements. Diebold originally sought an exemption, via an injunction guarding against prosecution as well as reinterpreting the law to not include Diebold’s situation. According to this AP article, Diebold claims that it cannot provide the source code nor list of programmers for Windows, on which their voting machines are based. The EFF was involved in the case to thwart Diebold’s exemption status; the EFF details its involvement and links to its legal brief here.

I find Diebold’s position confusing and questionable in this situation. To say that they cannot comply with the state law means that they are either unwilling to comply, find it overly difficult to do so, or actually find it impossible to meet the requirements. If the first or second case is true, then Diebold is simply making a business decision not to compete in North Carolina. If, however, compliance is actually impossible, then one wonders how Diebold is still able to do business in California, where the Elections Code requires “an exact copy of the source code” for voting machines be provided to the state. Is the North Carolina market simply not worth it to Diebold?

North Carolina is supposed to announce today the list of approved vendors for electronic voting machines that meet the new law’s requirements.