EPIC v. DHS - Body Scanner FOIA Appeal
- FBI to Monitor Twitter: According to FBI contracting documents, the FBI has hired Dataminr to monitor in real-time more than 500 million daily tweets. EPIC has warned that these techniques of mass surveillance will subject more innocent people to government investigation. In 2012, EPIC successfully obtained documents detailing the social media monitoring program of the Department of Homeland Security, including instructions to analysts to monitor critics of the agency. EPIC's FOIA work led to a Congressional hearing on social media monitoring and government surveillance. (Nov. 29, 2016)
- EPIC Opposes DHS Plan to Collect Social Media Identifiers: In comments to the Department of Homeland Security, EPIC urged the agency to drop a plan to review the social media accounts of people seeking to visit the U.S. EPIC argued that the proposal threatens important First Amendment rights, risked abuse, and would disproportionately impact against minority groups. Documents obtained by EPIC in 2011 in a Freedom of Information Act lawsuit revealed that the DHS gathered social media comments to identify individuals, including US citizens, critical of the agency and the government. A 2012 Congressional hearing, based on the documents obtained by EPIC, revealed bipartisan opposition to the original DHS social media monitoring program. (Aug. 23, 2016)
- EPIC, Coalition Call for Congressional Hearings on Unlawful TSA Mandate for Body Scanners: EPIC and 25 organizations have urged Congress to hold a hearing on TSA's decision to end the opt-out for airport body scanners. Dozens of organizations petitioned the DHS secretary in 2010 to solicit public comments on the original program. In EPIC v. DHS the lawsuit that followed, the D.C. Circuit ruled that TSA violated federal law when it installed body scanners in airports without public comment. The agency said at the time that the body scanner program was optional. The Court also concluded because "any passenger may opt-out of AIT screening in favor of a patdown" there was no violation of the Fourth Amendment. (Jan. 13, 2016)
- Supreme Court Denies EPIC's Petition to Obtain Cellphone Shutdown Policy: Today, the U.S. Supreme Court declined to review EPIC v. DHS, concerning the government's cellphone shutdown policy. EPIC had pursued the secret policyafter government officials disabled cellular service at a BART station in San Francisco during a peaceful protest. A district court in Washington, D.C. ruled in EPIC's favor when the DHS sought to withhold the policy, but the court of appeals later overturned the ruling. EPIC urged the Supreme Court to review the case to resolve a conflict between the D.C. Circuit and the Second Circuit Courts of Appeals. EPIC also pointed to competing public safety interests when cell service is disabled, but the Court declined. Despite today's order, EPIC successfully obtained a redacted version of the shutdown policy. (Jan. 11, 2016)
- Ignoring Federal Law, TSA Drops Opt-Out Option for Body Scanners: The TSA has used a "Privacy Impact Assessment Update" to announce an unlawful procedure for screening air travelers in the United States. The agency claims that it may "mandate body scanner screening for some passengers." In EPIC v. DHS (Suspension of Body Scanner Program, the D.C. Circuit Court of Appeals ruled that the screening was Constitutional because passengers could always opt out. As Judge Ginsburg explained, "any passenger may opt-out of AIT screening in favor of a patdown, which allows him to decide which of the two options for detecting a concealed, nonmetallic weapon or explosive is least invasive. "The TSA has also failed to "act promptly," as the Court mandated, to finalize the legal authority for the program. (Dec. 19, 2015)
- D.C. Circuit Orders TSA to Produce Schedule for Final Rule on Body Scanners: The Court of Appeal for the D.C. Circuit today ordered TSA to comply with the ruling in EPIC v. DHS and conduct an "expeditious" rulemaking on the use of body scanners at airports. EPIC successfully sued TSA in 2011 to compel notice-and-comment rulemaking after the agency failed to solicit public comments as required by law. EPIC said the body scanner program was "unlawful, invasive, and ineffective." The backscatter x-ray devices were subsequently removed from U.S. airports, though the millimeter devices remain. In 2015 the Competitive Enterprise Institute filed a petition to compel TSA to issue a final rule as required by the EPIC v. DHS mandate. TSA now has 30 days to submit a rulemaking plan to the court. (Oct. 23, 2015)
- Government Gets Second Extension in EPIC Supreme Court Case about Cellphone Shutdown Policy: The US Supreme Court has granted the Solicitor General more time to respond to EPIC's charges that the government's effort to keep under wraps a controversial cellphone shutdown policy violates the law. EPIC has pursued public release of the government policy since BART subway officials shut down cellphone service during a peaceful protest in 2011. After EPIC prevailed in district court and a judge ordered release of the policy, the government appealed and a federal appeals court reversed. In the Supreme Court petition, EPIC argued that the was "contrary to the intent of Congress, this Court's precedent, and this Court's specific guidance on statutory interpretation." The government's response is now due on November 13. (Oct. 12, 2015)
- Government Gets Extension in EPIC Supreme Court Case about Cellphone Shutdown Policy: The US Supreme Court has granted the Solicitor General extra time to respond to EPIC's charges that the government's effort to keep under wraps a controversial cellphone shutdown policy violates the law. EPIC has pursued public release of the government policy since BART subway officials shut down cellphone service during a peaceful protest in 2011. After EPIC prevailed in district court and a judge ordered release of the policy, the government appealed and a federal appeals court reversed. In the Supreme Court petition, EPIC argued that the was "contrary to the intent of Congress, this Court's precedent, and this Court's specific guidance on statutory interpretation." The government's response is now due on October 14. (Sep. 14, 2015)
- Appeals Court Turns Down EPIC's Challenge to Cellphone Shutdown Secrecy : The Court of Appeals for the D.C .Circuit has denied EPIC's petition for further review of EPIC v. DHS, 14-5013. The Court sided with the DHS earlier this year, ruling that the agency could withhold from the public its cellphone shutdown policy. EPIC then asked that the full Court review the earlier ruling, arguing that the three-judge panel misconstrued the relevant law. The case is now headed back to the district court to determine which portions of the secret document the DHS must release. EPIC brought the case after cellphone service in a BART station was shutdown in advance of a peaceful protest. (May. 14, 2015)
- EPIC Files Lawsuit for Details About Government "Pre-crime" Program: EPIC has filed a Freedom of Information Act lawsuit about "Future Attribute Screening Technology", a "Minority Report" program that purports to identify individuals who will commit crimes in the future. EPIC filed the complaint after the DHS failed to respond to EPIC's FOIA request for information. EPIC charged that the agency uses secret algorithms to identify behavioral "abnormalities" that the agency claims indicate "mal intent." "Minority Report" is a 2002 movie with Tom Cruise about "a special police unit is able to arrest murderers before they commit their crime." (Feb. 26, 2015)
In February 2007, the Transportation Security Administration ("TSA"), a component of the U.S. Department of Homeland Security ("DHS"), began testing full body scanners - also called “whole body imaging,” and "advanced imaging technology" - to screen air travelers. Full body scanners produce detailed, three-dimensional images of individuals. Security experts have described full body scanners as the equivalent of "a physically invasive strip-search."
TSA is using full body scanner systems at airport security checkpoints, screening passengers before they board flights. The agency provided various assurances regarding its use of full body scanners. TSA stated that full body scanners would not be mandatory for passengers and that images produced by the machines would not be stored, transmitted, or printed. A previous EPIC FOIA lawsuit against DHS revealed that TSA’s body scanner images can be stored and transmitted.
On February 18, 2009, TSA announced that it would require passengers at six airports to submit to full body scanners in place of the standard metal detector search, which contravenes its earlier statements that full body scanners would not be mandatory. On April 6, 2009, TSA announced its plans to expand the mandatory use of full body scanners to all airports. TSA renewed its call for mandatory body scans for all air travelers in the wake of the attempted bombing of Northwest Flight 253, which traveled from Amsterdam to Detroit on December 25, 2009.
Since June 2009, the TSA has installed hundreds of additional full body scanners in American airports. On July 2, 2010, EPIC filed suit in the U.S. Court of Appeals for the D.C. Circuit to suspend the TSA’s full body scanner program. The Court ruled that the TSA can only use the body scanners so long as passengers are allowed to "opt-out" and receive another form of screening. In addition, the Court ordered the agency to issue formal regulations on the use of the devices. The TSA did not issue a proposed rule until early 2013, and subsequently solicited public comment. The comments have been overwhelmingly opposed to the body scanner program.
Health Risks from Body Scanner Radiation Unknown
Experts have questioned the safety of full body scanners and noted that radiation exposure from devices like full body scanner increases individuals’ cancer risk. No independent study has been conducted on the health risks of full body scanners.
In April 2010, scientists at the University of California - San Francisco wrote to President Obama, calling for an independent review of the full body scanners’ radiation risks. The experts noted that children, pregnant women, and the elderly are especially at risk “from the mutagenic effects of the [body scanners’] X-rays.” Dr. David Brenner, director of Columbia University's Center for Radiological Research and a professor of radiation biophysics, has warned “it's very likely that some number of [air travelers] will develop cancer from the radiation from these scanners.” Peter Rez, a professor of physics at Arizona State University, has identified cancer risks to air travelers arising from improper maintenance and flawed operation of the TSA’s full body scanners. Other scientists and radiology experts have also identified serious health risks associated with the full body scanner program, including increased cancer risk to American travelers.
Automated Target Recognition ("ATR") Software
The manufacturers of body scanners have developed "Automated Target Recognition" ("ATR") software that allows TSA agents viewing the whole-body images to see only a generic human image instead of an image of a traveler's naked body. The software is actually designed to detect "anomalies" on travelers' bodies, and the TSA asserts that this will automatically detect threatening objects travelers are concealing. When an anomaly is detected somewhere on a body, that area is highlighted in red on the displayed generic image. TSA employees are directed to further screen the areas on passengers where anomalies are detected, including an enhanced pat down. If the machine does not detect any threatening objects, instead of displaying an image it will merely display a green "OK."
The TSA began testing the software in airports in February 2011, and has announced that it will be installing this software on all of its millimeter wave body scanners nationwide. Images are displayed alongside the body scanning machines, and passengers are able to view the same image as TSA employees monitoring them.
The TSA believes that ATR modifications will mitigate travelers' privacy concerns. However, it remains unclear whether body scanners using the ATR software will retain, store, or transfer the underlying raw naked images that are captured before they are analyzed and used to display a generic figure. EPIC seeks to determine how ATR software handles naked images of travelers, and how ATR software really impacts traveler privacy.
Body Scanner Radiation Request
On July 13, 2010, EPIC filed a Freedom of Information Act ("FOIA") request with the Department of Homeland Security ("DHS") seeking agency records related to radiation emissions from the machines used at airport security checkpoints. In particular, EPIC requested:
- All records concerning TSA tests regarding body scanners and radiation emission or exposure; and
- All records concerning third party tests regarding body scanners and radiation emission or exposure.
DHS acknowledged receipt of EPIC's FOIA request, but failed to disclose any documents. On November 19, 2010, EPIC sued DHS to force disclosure of the body scanner radiation documents. The suit challenged DHS's failure to disclose public records and failure to comply with the Freedom of Information Act. On the heels of EPIC's lawsuit, DHS disclosed key documents, including test results that indicated full body scanners could be emitting more radiation than the TSA claims. But DHS failed to produce all records demanded in EPIC's FOIA request.
Automated Target Recognition Software Requests
In June 2010 and October 2010, EPIC also filed two FOIA requests with the Transportation Security Administration seeking other body scanner records. EPIC sought documents related to the Automated Target Recognition ("ATR") software used by the machines. ATR software analyzes the images produced by the body scanners and identifies "anomalies" that it deems to be "potential threats." If an "anomaly" is found, it triggers additional screening and invasive pat downs by TSA agents. EPIC sought documents that would illuminate how the software works so that its privacy risks could be better understood and managed. DHS Secretary Janet Napolitano previously submitted some of this information in a letter to Senator Susan Collins. In particular, EPIC first requested:
- All specifications provided by TSA to automated target recognition manufacturers concerning automated target recognition systems.
- All records concerning the capabilities, operational effectiveness, or suitability of automated target recognition systems, as described in Secretary Napolitano's letter to Senator Collins.
- All records provided to TSA from the Dutch government concerning automated target recognition systems deployed in Schiphol Airport, as described by Secretary Napolitano's letter to Senator Collins.
- All records evaluating the [body scanner] program and determining automated target recognition requirements for nationwide deployment, as described in Secretary Napolitano's letter to Senator Collins.
EPIC's second FOIA request asked for other ATR-related documents from DHS:
- All records provided from L3 Communications or Rapiscan in support of the submission or certification of ATR software modifications;
- All contracts, contract amendments, or statements of work related to the submission or certification of ATR software modifications;
- All information, including results, of government testing of ATR technology, as referenced by Greg Soule of the TSA in an e-mail to Bloomberg News, published September 8, 2010.
In November 2010, EPIC filed a lawsuit in the U.S. District Court for the District of Columbia against the Department of Homeland Security, for the agency's failure to respond to EPIC's FOIA request for radiation emissions documents. In February 2011, EPIC filed a similar FOIA lawsuit in the same court against the TSA, for failure to disclose documents related to ATR software.
Judge Royce Lamberth, presiding over both lawsuits, ordered the agencies to disclose some documents to EPIC that had previously been withheld. But the Court allowed some other documents to be withheld under the "deliberative process privilege" exemption to the FOIA. This exemption states that agencies may withhold materials that are "deliberative and predecisional" in nature, so as to protect the decision-making process by allowing agency officials to speak candidly. However, entire documents cannot be withheld simply because part of them are deliberative. Rather, the non-deliberative and deliberative materials must be separated and all non-deliberative materials must be disclosed unless they are "inextricably intertwined" with deliberative materials.
The Court, finding that some of the documents contained non-deliberative factual materials, nonetheless allowed the materials to be withheld in their entiretybecause the documents containing them, as a whole, were deliberative. EPIC objected to this incorrect interpretation of established legal precedent and filed an appeal in these cases to the D.C. Circuit Court of Appeals.
On April 16, 2013, EPIC appealed these decisions to the Court of Appeals for the D.C. Circuit. EPIC presented the following issue to be determined by the Court:
- "Whether the District Court erred in failing to apply this Circuit's 'inextricably intertwined test before determining that records containing non-deliberative, factual materials may properly be withheld in their entirety under Exemption 5 of the Freedom of Information Act ("FOIA")."
EPIC also filed a motion to consolidate the two appeals into one case, because they present substantially similar legal issues. Citizens for Responsibility and Ethics in Washington ("CREW") will be filing an amicus brief supporting EPIC's position.
District Court Documents
Court of Appeals Documents
- Procedural Documents
- Notice of Appeal, EPIC v. DHS, ___ F. Supp. 2d ___, No. 10-cv-1992, 2013 WL 829483 at (D.D.C. Mar. 7, 2013)
- Notice of Appeal, EPIC v. TSA, ___ F. Supp. 2d ___, No. 11-cv-0290, 2013 WL 829516 (D.D.C. Mar. 7, 2013)
- Motion to Consolidate
- Statement of Issues
- Briefs and Appendices
- Letter of Assessment, Final Release
- Comparison of X-Ray Technologies for Whole-Body Imaging
- Emission Safety Reports
- American National Standards Institute Standard N43.17-2009 Fact Sheet
- American National Standards Institute Standard N43.17 Fact Sheet
- TSA Full Body Scanner Fact Sheet
- EPIC: Open Government
- EPIC v. TSA - Body Scanner Modifications (ATR)
- EPIC v. DHS - Full Body Scanner Radiation Risks
- EPIC v. DHS - Suspension of Body Scanner Program
- EPIC: Whole Body Imaging Technology and Body Scanners
Share this page:
EPIC relies on support from individual donors to pursue our work.
Subscribe to the EPIC Alert
The EPIC Alert is a biweekly newsletter highlighting emerging privacy issues.
Communications Law and Policy
Jerry Kang and Alan Butler