Original URL: http://www.theregister.co.uk/2004/09/29/uk_intros_semaphore_capps_uk/

Blair's Britain vies with US in ID snoop wars

The CAPPS fits, Blunkett's wearing it

By John Lettice

Posted in Media, 29th September 2004 14:32 GMT

A lucky 6 million travellers on riskier air routes are to begin to experience the first phase of the UK version of US-VISIT/CAPPS II by the end of this year. The government has not as yet specified the routes "chosen on the basis of risk assessments by the border agencies", so we are in no position to gauge the likely complexion or religious persuasion of the first wave of victims, but one may surmise.

Aside from the essential inanity of a pilot scheme using specific routes "on the basis of risk assessments" (which merely decreases the risk of these routes and increases the risk of the 'safer' ones), this doesn't matter greatly in the longer term, because the government is taking the 'collar the lot' approach, and intends to extend the scheme to encompass everybody travelling into and out of the UK. And some - this particular pilot, Semaphore, is intended as a component of the projected e-Borders programme, which is envisaged as linking the Foreign Office, the Home Office, the Department for Work and Pensions, Immigration and Nationality, Customs & Excise, the Passport Service and of course, the biometric ID card. From that list the borders in e-Borders would seem to extend quite a distance inland.

The implementation of Semaphore was allegedly announced by Tony Blair yesterday, although the scheme's been known to have been in preparation since the beginning of this year. In his speech Blair merely said: "We will introduce identity cards and electronic registration of all who cross our borders," but that clearly commits the government to the whole national ID card and monitoring agenda, as opposed to something that's allegedly limited to a border watch.

That does not stop David Blunkett pitching it that way. "Secure and effective border controls are vital to the UK in the 21st century," he tells us: "That is why our immigration service enforces our border controls 24 hours a day, all year round. [are you absolutely sure about this one, David? - Ed] Our challenge is to safeguard our citizens against terrorism, serious and organised crime and illegal immigration, while at the same time facilitating entry for legitimate travellers, including 90 million tourists and business visitors every year."

The major British airports actually had a throughput of 230 million passengers last year, which obviously includes multiple trips by individuals, but as UK citizens will also have to be included, the Home Office's 90 million understates the total number of individuals who will be monitored. Blunkett then proceeds to sing from the same songsheet as the US government: "This will further secure the UK’s borders by efficiently recording people travelling into and out of the UK, using airline reservation information and capturing passengers’ biometric data." Which is precisely what the US is doing with US-VISIT (or more, given that the current US administration is committed to not introducing a national ID card).

Also following the US lead "Project Semaphore... is a key first step in putting in place comprehensive electronic analysis of passenger travel data, which will be crucial to being able to register entry and exit without gross inconvenience to passengers." It's not entirely clear to us why this follows, unless one views the alternative as being a non-comprehensive, capricious system with possible random inputs that produces gross inconvenience for retired rock stars and US senators. The system being deployed "will identify people who have boarded transport destined for the UK, check them automatically against databases of individuals who pose a security risk, and keep a simple electronic record of entry into the country," which of course is not "comprehensive electronic analysis." It is, like the current US system, a check against a threat list, and is going to be as good or bad as that list. The size and components of this will be worth investigating, and checking at regular intervals - what agencies, UK and non-UK, does the Home Office see contributing to it? How quickly will it grow?

Immigration minister Des Browne provides us with some more US-derived faulty logic: "At the same time, technology will allow us to speed through low risk passengers, helping British business and visitors to the UK." This is Project IRIS, which is an iris recognition system intended to speed up the admission of "pre-assessed bona-fide travellers", and which is intended to be fully operational by next summer. Now, this works up to a point, but it only works if the total numbers falling into the 'definitely safe' category is sufficiently small for it too be properly monitored and policed, i.e., sufficiently small to be not particularly relevant in the grand scheme of things. If it's feasible for terrorists to get on the list (which it quite possibly could have been for middle-class Saudis three years ago), then doing so would ease their operations greatly. And probably more likely, people on the gold list could be swayed by the prospect of easy money as a drug mule who'd probably never be caught (we raise this possibility specifically to wipe the smiles off the smug bastards' faces). Depending on how the Home Office defines "low risk" and how granular it proposes to make the system, we could however be facing the kind of 'gradations of threat' categories envisaged in the US.

Coincidentally, US rules requiring the face scanning and fingerprinting of all visitors to the US come into force tomorrow, and to mark this Privacy International has published a comprehensive assessment of US-VISIT, its implications and consequences (and there's even a flowchart here). PI argues that US-VISIT risks false accusations on a mass scale, "ignores the legal concept of proportionality by creating mass surveillance in order to identity a relatively small number of suspects", redefines due process and abolishes all principles of privacy. Nor is this necessarily simply a matter of gross inconvenience - among other examples PI cites the case of Syrian-born Canadian citizen Mohamed Arar, picked up on the strength of faulty Canadian police while connecting in New York (i.e. he wasn't even visiting the US) and despatched to Jordan on condition he then be sent to Syria, where he endured a year of torture and prison. Wackily, he was eventually released and sent back to Canada because the Syrians decided he wasn't guilty.

PI also notes that the US Enhanced Border Security and Visa Entry Reform act, EBSVERA, calls for the integration of US-VISIT with other databases covering a wide range of different purposes. So while the ID card itself might be a difference, in terms of multi-agency surveillance and data crunching the UK and US could be said to be in a race for the bottom (with the EU in general probably not far behind). The result, positively encouraged by the US ("We welcome other countries moving to this kind of system. We fully expect that other countries will adopt similar procedures" - DHS undersecretary Asa Hutchinson), will be a global biometrics and data system containing billions of entries. US-VISIT, says PI, "is the gold standard for privacy invasion." And the Home Office is working to it. ®

Related stories

UK gov pilots passenger tracking in fight against terror
Tag, track, watch, analyse - UK goes mad on crime and terror IT
Everything you never wanted to know about the UK ID card
US using EU airline data to test CAPPS II snoop system
Accenture accensured for offshore tax haven
Accenture wins $10bn Homeland Security gig