Stop asking people for their passwords, rights warriors yell at US Homeland Security

File request under: 'Trash can'

By Shaun Nichols in San Francisco

Posted in Security, 18th April 2017 22:55 GMT

Civil and digital rights groups are leading a campaign to stop the US Department of Homeland Security's demanding access to foreigners' social media accounts when entering America.

In an open letter to DHS secretary John Kelly, the group argues that by forcing travelers from some countries to give border patrol agents free rein on their devices and social networks, the DHS is violating human rights and putting folks at risk of abuse.

"Please reject any proposal to require visa applicants, refugees, or other foreign visitors to provide passwords for online accounts, including social media, in order to enter the United States," the letter asks of Kelly.

"Such a requirement would violate human rights, create digital security risks, and undermine US industry. It would chill the speech and behavior of people around the world."

The profile-scanning practices were revealed to the public in early March, and caused an outcry from privacy advocates.

The groups signing on in support of the campaign include the ACLU, the Center for Media Justice, the Open Technology Institute and the Electronic Privacy Information Center (Epic.org). Members of the public are also being urged to participate.

"Login access to social media accounts provides intimate information on a person as well as their connections. If you use a social media account to log in to other websites, it may also create a detailed dossier that broadly maps your entire digital life," the group wrote, inadvertently explaining exactly why the DHS would want the information.

The letter goes on to note a pair of caveats that the DHS has yet to explain its work-arounds for: the delete button and the burner phone.

"The requirement will disproportionately impact low-risk travelers, since terrorists and criminals will simply evade these requirements by using different accounts and devices," they note. "US citizens will also feel the impact, as other countries will almost certainly follow suit." ®

Sign up to our NewsletterGet IT in your inbox daily

91 Comments

More from The Register

'Cyber kangaroo' ratings for IoT security? Jump to it, says Australia's cyber security minister

Proposed labelling scheme will try to match similar efforts in UK, USA

Australia launches critical infrastructure security reforms

Part 1: find out who owns what. Part 2: get them to take security seriously ... or else

US Homeland Security breach compromised personal info of 200,000+ staff

DHS 'fesses up 8 months after finding ex-staffer had copy of investigations database

Australia's IoT security rating might work, if done right

INTERVIEW Cyber kangaroo isn't loose in minister Teehan's top paddock

US Homeland Security says hardly any Kaspersky software left on federal networks

They'd say more but Eugene K's loading the sueball-flinger

Australia to probe Web giants' impact on news, ads, competition

Google, Facebook, named as worthy of inquiry

US Homeland Security CIO hits ctrl-alt-delete after just three months

Staropoli lasts just under nine Mooches

Australia Bureau of Statistics may wind back internet usage data collection

Budget cuts lead bureau to wield the axe

Huawei claims national security is used as plausible excuse for 'protectionism'

Global government affairs veep wants trade rules to apply

Homeland Security drops the hammer on Kaspersky Lab with preemptive ban

Government departments have 90 days to rip and replace