UK Group Fights Arrest Over Refusing To Surrender Passwords At The Border

An anonymous reader quotes The Guardian: The human rights group Cage is preparing to mount a legal challenge to UK anti-terrorism legislation over a refusal to hand over mobile and laptop passwords to border control officials at air terminals, ports and international rail stations... The move comes after its international director, Muhammad Rabbani, a UK citizen, was arrested at Heathrow airport in November for refusing to hand over passwords. Rabbani, 35, has been detained at least 20 times over the past decade when entering the UK, under schedule 7 of terrorism legislation that provides broad search powers, but this was the first time he had been arrested... On previous occasions, when asked for his passwords, he said he had refused and eventually his devices were returned to him and he was allowed to go. But there was a new twist this time: when he refused to reveal his passwords, he was arrested under schedule 7 provisions of the terrorism act and held overnight at Heathrow Polar Park police station before being released on bail. He expects to be charged on Wednesday.
Rabbani "argues that the real objective...is not stopping terrorists entering the UK, but as a tool to build up a huge data bank on thousands of UK citizens." And his position drew support from Jim Killock, executive director of the UK-based Open Rights Group. "Investigations should take place when there is actual suspicion, and the police should be able to justify their actions on that basis, rather than using wide-ranging powers designed for border searches."

Re:His name gives it away

[K.+S.+Kyosuke]

You just have to repeat it until you make a terrorist out of the disgruntled guy, right?

Useless Policy

[mentil]

This type of policy won't do anything to impede terrorists. At best you'll get the low-hanging fruit of a few guilty-minded people looking for an excuse to be stopped, but I have a feeling that rarely happens. The dumbest terrorists will simply wipe anything incriminating off their phone before traveling (or not keep anything incriminating on their phone in the first place), or keep everything locked behind an app that customs is unlikely to ask for the password to. Smarter terrorists will stash a SIM on them, or carry no phone and buy a burner when they reach their destination, or have a phone shipped to them. The smartest terrorists will use no phones at all, and then SIGINT is of no help; you need old-fashioned boots on the ground to catch those.

I'm skeptical that searching these people's phones (who already seem to be on some kind of list) is an attempt to create a 'huge data bank on thousands of UK citizens.' First, a database with info on thousands of people isn't 'huge', this isn't 1980 anymore. Second, the UK govt. presumably ALREADY has data on these thousands of people... leading to them being put on the 'search their phone' list. I find it more likely that one of the main purposes is 'intimidation', sending a message of 'we have our all-seeing eye on you', along with a not-so-subtle message of "you're not welcome here." It seems the UK is giving in to Islamophobia recently, I hear.

Re:Useless Policy

[houghi]

In Belgium the idiots that bombed in Brussels used burner phones and burner sims. It used to be easy to just buy a pre-paid sim and start using it. That is now not possible anymore. As you already had to have an ID (Dates back till at least 50 years) demanding an ID is not that much of an issue as these IDs are with chip (and open source software is available to read them)

The idiots in Brussels had many burner phones and sims around They did 1 call and threw them away. At 20EUR a piece, not that expensive.

Nor sure if this is a European thing that people need to register their ID with a pre-paid phone

Also as you pointed it is trivial to go around it if you are a bad person with bad intentions. On a PC you can easily just add a second user. Or if you do not care them looking at it, disable the password till you are through control and enable it again later. Have your secret stuff encrypted online or if you really need it, have an encrypted zipfile online and download it at wherever you are. It is like throwing a gun over the metal detector. The alarm won't go off.

So why are they doing this? The same the Mericans are doing it, because they are afraid to say that doing it sounds as if they don't care. It is pure security theater.

He's managing director of anti-torture charity

It's hardly random, to catch some sort of low hanging fruit.

"Rabbani, who studied economics at the School of Oriental and African Studies, University of London, joined Cage five years ago as managing director. In August last year, he became international director, a role that includes helping investigations of torture victims."

If you keep arresting an anti-torture charity managing director and keep demanding his passwords, obviously you want information related to his work. This hardly looks random or even terrorist related. More he's investigated some company with political or police connections back in the UK.

How are collected passwords stored/secured?

Privacy issues aside, I object to this whole idea for the simple reason that governments governments have proven themselves rather inept at safeguarding even some of their most valuable information. Some of the CIA and NSA's "crown jewels" are currently freely available on the internet (and gave rise to the Wana ransomware). The TSA in the US has a track record of being a bunch of bumbling fuck-ups with a bad IT security track record. Placing account info for millions of private citizens into the hands of people like this is just asking for it to be hacked. It's not a matter of it, it's when.

And I've seen it suggested here and other places that people can just setup fake accounts and use those. That's not going to make it past even a cursory screening. If an account is new it's going to be flagged. If a good percentage of your friend's accounts are new, it's going to be flagged. If you don't post or a good percentage of your friends don't post your going to be flagged. Setting up a proper "legacy" on social media would take years... it's not something that you can just churn out unless you have a means to fake post dates on Facebook, Twitter, etc timelines. This is not something the average person is going to have the time or the means to do and all these companies already have mechanisms in place to spot these types of accounts because they are basically "bots". What turns the logic of this wholesale data grab on it's head is it is something that an organized terrorist group would be able to do. The 9/11 attacks were several years in the making, plenty of time for an organized group of people to establish a legitimate looking social media presence. Intelligence agencies have to have already figured this out which means this is either security theater or they want the data for other reasons.

Here's the real issue

[XB-70]

The point between when you leave one country and enter another is a very scary legal limbo. The issue is not what you are mandated to provide, the issue is that there is no recourse to reasonable justice should you disagree with border officials.

Re:His name gives it away

[Misagon]

You do know that almost a quarter of the world's population is Muslim, don't you? It is the second largest religion and the fastest growing. There are many denominations.
Only a tiny portion of that would be considered radical fundamentalists. Otherwise there would be a constant war between countries with different religions, which there aren't - there are isolated incidents now and then.
The most well-known incidents in recent years have been caused by people living in the West who were driven more by dissatisfaction of their position in society and how they had been singled out as Muslims than by any religious fervour.

Re:His name gives it away

[jandersen]

He's a muslim, I'd rather they are careful now rather than sorry later.

OK - can we all assume that if, one day, you were traveling to somewhere, where they felt they had reasons to suspect Christians, it would be OK to demand all your passwords, strip search you and worse, and arrest you, because "Your name is obviously Christian". There are after all Chistian terrorists, operating in the US, for example, attacking abortion clinics, am I right? Guilt on suspicion was a guiding principle once - after all, if the Spanish Inquisition, annointed by God's infallible representative, were to suspect you, how could you not be guilty? You are treading a dangerous path here, and you never know if you would end up on the wrong side of that particular legal practise.

Re:His name gives it away

Which portion belongs to a religion by their own free will and not forced into it when they were kids?

Which portion of the world population is not a victim of forced religion by their own parents or other childhood authorities?

If it was forced on you, it is not your religion. You are a victim and your belonging to the religion is the result of brainwashing.

It does not matter if most of the world does it. It does not matter if it has been done for thousands of years. It is wrong and forced religions nor their followers won't get human rights protection in that regard. Their bullshit religions continue to exist because of human rights abuses. World religions would all but vanish unless they were forced on kids.

Re:His name gives it away

By FAR the most "terrorist acts" are carried out by US and Israeli armed forces.
Islamic "terrorism" always involves handfuls of people, whereas the fore-mentioned armed forces have "terrorized" countless millions over the last few decades.
It's not "Islamic" bombs being dropped from great heights on people's homes or Islamic drones terrorizing people around the globe.
No Islamic country has invaded any other countries recently, but the US and Israel do it regularly.
Israeli groups were the first real "terrorist" perpetrators with the bombing of the King David Hotel.

Re:His name gives it away

[TheRaven64]

Humans are perfectly capable of attaching religious fervour to anything, irrespective of its connection to deities of philosophy. Remove religion and people will go to war over access to resources, their favourite king, economic system, or text editor.

Re:His name gives it away

[TheRaven64]

The Russian, French and Chinese revolutions would be good counterexamples. So are the original Luddites. I suppose you could claim that most of the wars in Europe for the last thousand years were in the name of God because the divine right of kings was invoked to get people to fight, but it's a bit of a stretch. The first and second world wars both had huge death tolls and neither side was religiously motivated.

Re:Freedom, Passports and Irish Grandfathers

[stealth_finger]

Thank God I had an Irish grandfather.

This allows me an Irish passport.

This means I can continue it live and work in the EU - and so not be forced back into the UK to live under this Government of whom I so profoundly disapprove.

It wasn't that long ago that the Irish were to social bogeyman and having an Irish accent or even ginger hair was enough to get you fucked. Same with the Russians. Now it's the Muslim's turn. Before too long there will be a new bogeyman and the Muslims will probably be right alongside everyone else jumping on whoever the poor group happens to be this time.

Re: His name gives it away

There are several different issues here which may be conflated.

Firstly, the GP said that most terrorism "in today's world" is Muslim terrorism, which is correct. The link you provided discusses only terrorism in the US.

Secondly, restricting ourselves to the US, there is the distinction between terrorism carried out by immigrants, and terrorism carried out by native US-born citizens. This is an important distinction to make when discussing immigration policy, but is not the same as the distinction between Muslim and non-Muslim terrorism: it's possible for native-born citizens to be Muslim, or for immigrants to be non-Muslim.

Thirdly, there is a distinction between non-Muslim terrorists and "Right-wing white supremecists [sic]", who constitute only a subset of these. Islam aside, the left wing is perfectly capable of producing its own terrorists.

Fourthly, there is a difference between a group supplying a majority of terrorists, and a group which is disproportionately likely to be terrorists. Muslims in the US may or may not meet the first criterion, depending on how you play with the definition (e.g. excluding 9/11), but - being a tiny minority, but responsible for at least a substantial fraction of terrorism - they certainly meet the second criterion.

PII, PHI, Trade secrets etc...

[aicrules]

If I give my password to my work laptop to someone, I get fired. It's in my employee agreement. I've worked at companies where there are laws protecting access to patient data that would be on my laptop any time I traveled. How do they deal with that kind of situation?