US flies visa control kite over Pakistani Brit 'terror suspects'

Tough talk cloaks the next data grab?

Combat fraud and increase customer satisfaction

US representatives moved swiftly into denial mode in the wake of Monday's New York Times claim that homeland security secretary Michael Chertoff had proposed excluding UK citizens "of Pakistani origin" from the US visa waiver programme. The visa waiver programme allows visa-free travel to the US for citizens from a select group of countries, and comes under regular fire from log-rolling US politicians.

But the US rejects profiling, a spokesman for the Department of Homeland Security told BBC radio yesterday, while today, US London Embassy consul general John Caulfield denied that Chertoff had made the comments attributed to him by the NYT. Which is a puzzle, given that the NYT didn't attribute any comments directly to Chertoff. But it does look as if any plan to exclude UK-Pakistani citizens from the programme won't fly, because of the strength of the denials and for reasons of practicality and politics.

What, for example, might one mean by "of Pakistani origin"? The presence of such people, whoever they are, on the programme is described as a "loophole", but a precise definition is tricky. The DHS could to an extent nail down a list by confining it to British citizens who were born in Pakistan, but that wouldn't exactly get them very far, considering that this doesn't apply to quite a few of those who've been convicted in the current wave of high profile UK terror trials. Many of these were British born, and others are of non-Pakistani origin and/or ancestry. Dhiren Barot, for example, the "gas limo bomber" who was implausibly claimed to be the security services' biggest al-Qaeda pinch so far, is a muslim convert of Indian origin, while the July 21st defendants included an Eritrean and a Somali. Omar Khyam, "pivotal" in the fertiliser bomb plot, was born in the UK 25 years ago into a Pakistani family with "a tradition of serving in the Pakistani military and the ISI, the intelligence service" (Guardian 1st May 2007), and trained in a "terror" camp in Pakistan in 2000. This, unfortunately, turns out to have been an ISI-sponsored camp for Kashmiri militants.

Essentially, if the DHS wanted to exclude those it deems a terror risk it would have to consider ancestry, and figure out what to do about all of those suspicious characters who were neither Pakistan born nor of Pakistani ancestry. Dark complexioned muslims then? Tricky, but not necessarily wildly out of line with what happens to them already at US immigration. Or how about people with a history of travelling to and from Pakistan?

Now, in our estimation this is a little closer to what's really happening. First of all, look not at the fallout but at what the NYT story actually said:

"Among the options that have been put on the table, according to British officials, was the most onerous option to Britain, that of canceling the entire visa waiver program that allows all Britons entry to the United States without a visa. Another option, politically fraught as it is, would be to single out Britons of Pakistani origin, requiring them to make visa applications for the United States."

Note that these are not 'either/or' options. They are proposals tabled as part of discussions with the UK Home Office, and they're both effectively unthinkable, cancellation of the programme being a nuclear option regularly deployed in talks with the EU, but not something the US could do without costing itself a bundle in lost business and tourist spend.* Excluding Pakistani Brits from the programme we've already seen is unworkable, and would come with the additional payload of undermining the US relationship with Pakistan itself, a key ally in the GWOT (honest, the ISI's on our side really). They're both negotiating ploys.

Now, check what the NYT says the British Government says:

"Rather than impose any visa restrictions, the British government has told Washington it would prefer if the Americans simply deported Britons who failed screening once they arrived at an airport in the United States, British officials said. The British also screen at their end, and share intelligence with the Americans."

Should you feel tempted to join sections of the UK media in tentatively congratulating the Home Office on its tough stance against the US threats, consider what this means in terms of the third degree and summary expulsion for the people whose rights it's 'defending.' Then take into account the fact that one of Chertoff's major concerns with the UK and Europe over the past few years has been to increase the amount of data the US gets on EU citizens visiting the US and to encourage countries to "assist the United States in doing effective checks on travelers" (statement, 28th November 2006).

Significantly, in 'rejecting' profiling yesterday the DHS spokesman said that the DHS does "see value in profiling based on behaviour", and came up with the weird example of "going in and out of the bathroom repeatedly." He did not specify whether or not frequency of urination and Heathrow CCTV records would be added to the passenger name records currently supplied to the US by airlines, but the DHS is clearly keen to collect a lot more data about potential visitors, and this push for better security based on more intensive behavioural profiling has been a common thread in US responses to the visa waiver story over the past two days.

So what have we got? Data hungry US officials in talks with data sharing crazy UK Home Secretary John Reid. UK-Pakistani citizens will surely be 'saved' from expulsion from the waiver programme, but the price will be further easing of the already doubtful restrictions on data sharing with the US, and increased, systematic scrutiny of muslim, sorry, UK-Pakistani visitors to the US. But they're being behaviorally, not racially, profiled. ®

* Continuing to qualify for the waiver programme is habitually trotted out by HMG as a core justification for blowing £20 billion or more on a national ID scheme. So getting kicked off the programme would almost be worth it for the entertainment value of watching them try to explain why that wasn't the point after all.

Top three mobile application threats

More from The Register

next story
Lavabit loses contempt of court appeal over protecting Snowden, customers
Judges rule complaints about government power are too little, too late
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
Record labels sue Pandora over vintage song royalties
Companies want payout on recordings made before 1972
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Edward Snowden on his Putin TV appearance: 'Why all the criticism?'
Denies Q&A cameo was meant to slam US, big-up Russia
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Judge halts spread of zombie Nortel patents to Texas in Google trial
Epic Rockstar patent war to be waged in California
German space centre endures cyber attack
Chinese code retrieved but NSA hack not ruled out
APPLE FAILS to ditch class action suit over ebook PRICE-FIX fiasco
Do not pass go, do cough (up to) $840m in damages
prev story


Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.