Stop asking people for their passwords, rights warriors yell at US Homeland Security
File request under: 'Trash can'
Civil and digital rights groups are leading a campaign to stop the US Department of Homeland Security's demanding access to foreigners' social media accounts when entering America.
In an open letter to DHS secretary John Kelly, the group argues that by forcing travelers from some countries to give border patrol agents free rein on their devices and social networks, the DHS is violating human rights and putting folks at risk of abuse.
"Please reject any proposal to require visa applicants, refugees, or other foreign visitors to provide passwords for online accounts, including social media, in order to enter the United States," the letter asks of Kelly.
"Such a requirement would violate human rights, create digital security risks, and undermine US industry. It would chill the speech and behavior of people around the world."
The profile-scanning practices were revealed to the public in early March, and caused an outcry from privacy advocates.
The groups signing on in support of the campaign include the ACLU, the Center for Media Justice, the Open Technology Institute and the Electronic Privacy Information Center (Epic.org). Members of the public are also being urged to participate.
"Login access to social media accounts provides intimate information on a person as well as their connections. If you use a social media account to log in to other websites, it may also create a detailed dossier that broadly maps your entire digital life," the group wrote, inadvertently explaining exactly why the DHS would want the information.
The letter goes on to note a pair of caveats that the DHS has yet to explain its work-arounds for: the delete button and the burner phone.
"The requirement will disproportionately impact low-risk travelers, since terrorists and criminals will simply evade these requirements by using different accounts and devices," they note. "US citizens will also feel the impact, as other countries will almost certainly follow suit." ®
- Black Hat
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- Digital certificate
- Identity Theft
- Kenna Security
- Palo Alto Networks
- Privacy Sandbox
- Social Network
- Trusted Platform Module
- Zero trust