British Human Rights Activist Faces Prison For Refusing To Hand Over Passwords At UK Border
from the digital-strip-search dept
As Techdirt readers will recall, in 2013 David Miranda was held by the UK authorities when he flew into Heathrow airport, and all of his electronic equipment was seized, in an act of blatant intimidation. His detention was under Schedule 7 of the UK's Terrorism Act, which, as its name implies, is supposed to be used only if someone is involved in committing, preparing or instigating "acts of terrorism."
That was clearly ridiculous in Miranda's case, and it's just as outrageous in the latest example of UK border bullying, this time against Muhammad Rabbani. He's a British citizen, and the international director of Cage, which describes itself as "an independent advocacy organisation working to empower communities impacted by the War on Terror." The Guardian fills in the background:
Rabbani, 35, from London, is involved through Cage in investigating torture cases. He said he was stopped at Heathrow in November returning from one of the Gulf states where he had been investigating a torture case allegedly involving the US.
He said he handed over his laptop and mobile phone but refused to provide his passwords. Although not a lawyer, he said the laptop contained information about the case and the client refused permission to release it. Rabbani was then arrested.
Rabbani later said that he felt that he had been subjected to a "digital strip search," and pointed out:
Using this power, [UK] officers can compel a person to surrender their passwords without cause and there's also no right to remain silent. There is nothing like this anywhere in the Western world.
Rather than dropping the case, this week the UK authorities have formally charged Rabbani under the Terrorism Act. He told the Guardian that he intends to fight, because the move has "serious implications" for journalists, lawyers and human rights, even though he faces three months in jail if he loses. This may be the first time Rabbani's been charged, but he is certainly no stranger to being stopped by the UK border officials:
Rabbani said he had been detained 20 times over the last decade by border officials and had handed over his laptop and mobile phone. On previous occasions, after refusing to hand over passwords, they were returned to him and he was allowed to go. But not on this occasion.
He's not alone in being subjected to this kind of harassment by the UK authorities. Figures published in an article on the Middle East Eye site reveal just how ineffective Schedule 7 examinations are at spotting terrorists:
More than 28,000 people were subjected to Schedule 7 examinations in 2015-16 resulting in about 10,000 intelligence reports being filed, according to a report by the Independent Reviewer of Terrorism Legislation.
About 500,000 are also estimated to have been subjected to pre-examination screening questions in the same period.
According to 2016 statistics, only 0.02 percent of stops lead to an arrest. An even smaller number lead to criminal charges.
The good news is that the UK court of appeal has already criticized Schedule 7 for forcing people to betray confidences and thus make it unlikely that others would trust them again with information in the public interest. That holds out the hope that Rabbani will ultimately win in the courts, since his case is very similar. The bad news, of course, is that the US is thinking of demanding passwords from every foreigner who visits the US.
Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: muhammad rabbani, passwords, schedule 7, terrorism act, uk
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Ouch
[ link to this | view in chronology ]
Re: Ouch
The only exclusion that I can see is "officers should take care not to copy material that is, or may be, subject to legal professional privilege". Note that is not refusal to give, or let them see and read, but only not copy
[ link to this | view in chronology ]
Re: Re: Ouch
[ link to this | view in chronology ]
Re: Re: Ouch
[ link to this | view in chronology ]
Re: Re: Re: Ouch
[ link to this | view in chronology ]
Re: Re: Ouch
[ link to this | view in chronology ]
Typo...?
At some point the 'War on Terrorism' became the 'War on Tourism.'
[ link to this | view in chronology ]
Re: Typo...?
"Welcome to the US, let us start your vacation off right! Step right over here so our officer can dig through your personal belongings and your electronic devices. Once your done there, in case that wasn't humiliating enough, move forward to the next station for your complimentary sexual assault. Then if your one of our lucky winners you might even win a full cavity search!"
[ link to this | view in chronology ]
Re: Re: Typo...?
The grope checks and porn scans starting a decade ago didn't help. The new "digital strip search" rules make it worse.
[ link to this | view in chronology ]
Re: Re: Re: Typo...?
[ link to this | view in chronology ]
Re: Re: Re: Re: Typo...?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
The War on Terror (TM) is just a show. It was lost the moment it was declared and civil, human rights started being dismantled and ignored because of it.
[ link to this | view in chronology ]
Re: Re:
That is why, when I cross into the USA and Canada, when I take road trips all over North America, I wipe my devices, and don't leave any passwords on them they can CBP or CBSA can demand.
If the data has been wiped, there is no data or passwords for them to demand
[ link to this | view in chronology ]
Re: Re: Re:
Wipe your device, and they might hold onto it "until they can recover the data."
[ link to this | view in chronology ]
Re: Re: Re: Re:
it would be obvious if you had a squeaky clean phone with no apps installed on it. Just install a few apps to make it look like the phone has been used since the last factory reset.
You just need to know how to fool Customs where they will not know the phone has been reset.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
You'll also need to create fake contacts, fake email, fake web favorites, fake web browser logs etc. By that point it's not worth the hassle.
(I'm guessing that it's those contacts and emails that they're want. Trying to create a vast database of who knows who. So that when a person of interest is identified, they can see everyone they've ever been in contact with based on OTHER people's contact history.)
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re:
If a Customs agent asks why there is no call log, just tell them you periodically clear the call log to keep from butt-dialing people.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re:
You can have illegal stuff on your devices without even knowing it, and people have been burned because of that.
Deleting and obliterating web history on your devices, before passing through Customs is not illegal in the United States or Canada. So I am breaking no laws in either country by wiping out and reinstalling Windows on my laptops.
I have two versions of my Windows installations, one with a pointer to the VPN on my home comptuer, and one without. I have the one without the VPN credentials to my home computer, or any indication I acessed my home PC remootely, on there when I pass through US or Canadian Customs, so they cannot demand the passwords to my home computer. Then, after passing Customs, I just re-image the laptops with the version of Windows that does have the credentials for my home computer stored.
I also have a version that neither has my bank info on there, or any stored passwords for such. Of course PayPal, and some banks have made it where your login information does get stored, and you have to re-enter every time you log on.
And there is no law against doing this in either Canada, or the United States. Deleting and wiping web history, and other stored browser info, before passing through Customs.
And there is a way you can create fake call history. Before returning home, just use something like SpoofCard to make a few spoofed calls to your phone and put a bunch of random calls into the call log. Customs will never know you made spoofed calls to your phone, and this dos not violate either Canadian or US laws to make spoofed calls into your own phone for that purpose
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re:
You can't beat these bastards. You'll only hurt yourself if you try anything 'smart' like that.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re:
If they put a GPS "anklet" on you, that can be jammed with either a GPS jammer, or a jammer that jams mobile data connections, rendering the monitoring station not able to locate you.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:
Jammers are going to be an issue, if God forbid, we have WWIII, which could well happen, assuming it did not go total nuclear, which I don't think Putin would want to do right away.
When gas rationing was done in WWII, it was not for a shortage of gas, but a shortage of rubber. With electric and hybrid cars out there, enforcing mileage limits, which is what WWII gas rationing was meant for, to save rubber, could only be done on electric cars using GPS tracking.
There is also the fact that, unlike WWII, cars get all different kids of mileage, where all cars got pretty much the same in WWII, so GPS tracking is the only it can be enforced, but it can also be jammed.
GPS tracking can be defeated with a jammer, making wartime mileage limits, to save rubber, unenforceable, if WWIII should happen.
[ link to this | view in chronology ]
Re: Re:
As far as them wanting to login to your work network, your boss can also set up a "dummy" account on the company VPN, and you just give that to HM Customs, so they will not find anything.
I am trying to start my own company soon, and it will be policy for any employees travelling abroad to be given temporary "dummy" accounts on the company network, so HM Customs, CBSA, or CBP will not find anything, when they access those accounts. It CBSA, CBP, or HM Customs do not like my policy, they can all just kiss my ASS.
Same thing with your home computer. Just set up a "dummy" account on your computer, if they want to examine the contents on your computer back home. Make sure that account does not have admin access.
HM Customs has no jurisdiction over a computer in the United States. The British cannot seize a computer in the United States.
[ link to this | view in chronology ]
Re: Re: Re:
most places call this resisting, obstruction, and/or lying.
Enough to go to jail on those alone in pretty much all nations, think again before you advise people to mislead or lie to authorities.
[ link to this | view in chronology ]
Proceedure to the rescue.
[ link to this | view in chronology ]
Re: Proceedure to the rescue.
The company involved in this would quickly be charged for facilitating this. Laws are usually written specifically to account for these kinds of tricks. There literally would have to be a way for the business to allow law enforcement full access "or else".
[ link to this | view in chronology ]
Re: Re: Proceedure to the rescue.
Limiting access to company systems from foreign countries can be considered good security policy, much like a blanket policy to delete emails over six months old.
[ link to this | view in chronology ]
Re: Re: Re: Proceedure to the rescue.
Well... if you get caught that is...
You do not have to be guilty of anything else, just guilty of misleading law enforcement to get into a heap of trouble.
[ link to this | view in chronology ]
Re: Re: Re: Re: Proceedure to the rescue.
So, a US company blocking all IP addresses belonging to HM government is only subject to US laws, and is not subject to prosecution in Britain
[ link to this | view in chronology ]
Re: Re: Re: Re: Proceedure to the rescue.
[ link to this | view in chronology ]
Re: Re: Re: Re: Proceedure to the rescue.
This is because I also had a message forum as well, and decided to block all known IP ranges for K-12 schools, just in a student was among the users, and school administration decided to demand his/her password for any reason, they would be unable to access my site. And the same service was also configured to block access from all known VPNs and proxies, so that block could not be circumvented.
I was breaking no laws by doing this to prevent school administrators who might demand passwords from students from being able to access.
My network, my rules, I had a right to deny access from whomever I wanted, and if some school administrator did not like that, they could just kiss my ass.
[ link to this | view in chronology ]
Re: Re: Proceedure to the rescue.
[ link to this | view in chronology ]
Re: Re: Proceedure to the rescue.
Here is another thing. If you are fired for giving Customs your workplace password, you just leave that company OFF the list of places you worked for when you apply for your next job.
[ link to this | view in chronology ]
Re: Re: Re: Re:
In other words, they will be blocked at the firewall level, so even if those working for me are forced to give their passwords for the company network, the goverment will be blocked at the firewall level. I will block all ranges belonging to the US government, as well as those used by HM Customs and Canadian Border Services Agency (CBSA).
Plus anyone workking for mee will be instructed to notify immiedately if Customs, anywhere, demanded their password, and then the password would be changed ASAP to lock CBSA, CBP, or HM Customs out of the network. That will be company policy. That person working for me can get their new password when they next report for work.
That will be company policy, and CBP, CBSA, or HM Customs do not like my policy on that, they can KISS MY *ASS*!!!!
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
That's so cute. You don't think a govt employee is capable of using a VPN service to change his location/IP address. And that no govt controls any IP addresses that aren't publicly identified as govt.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re:
You could do the same to keep the the government out of your network. After blocking all government IP ranges, you use a service like this to keep the government from using any kind of VPN or proxy to gain access to your network.
Using a service, like blocked.com, is how sites like Netflix, BBC, and others are enforcing their VPN bans. The banned IP list is updated by the service, and it is foolproof, as it also blocks incoming access from all colocation centers, where VPNs are hosted.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
Probably something to do with the many stories like this: [http://www.telegraph.co.uk/news/uknews/terrorism-in-the-uk/11442602/Cage-the-extremists-peddl ing-lies-to-British-Muslims-to-turn-them-into-supporters-of-terror.html] (Cage: the extremists peddling lies to British Muslims to turn them into supporters of terror). Sorry for the long URL, but the article is very informative.
So it seems that 'human rights activist' is less accurate than 'terrorist apologist and recruiter disguised as human rights activist', which is a shame as it casts a shadow on legitimate human rights work. As this guy has legit terrorist connections, it seems like the detention might also actually be legit as there's probably actual investigations into him, and this was not 'random harassment' as originally portrayed.
[ link to this | view in chronology ]
Re: Re:
It was never portrayed as "random harassment". Exactly the opposite. Sorry he isn't the most sympathetic victim for you. But being a British citizen, they are free to serve a proper warrant on him at any time. (Or intercept all his shit like they are probably doing anyway.) It's not like he is some faceless entity in the wind.
This is nothing but expensive security theater, a waste of everyone's time, an invasion, a stripping of rights, an annoyance, and significant inconvenience to everyone who travels (or no longer does). It's not about defending this one guy (oh look Techdirt is sticking up for criminals again). The point is that it is wrong. It's wrong regardless of who it catches. Unreasonable laws, powers, and methods are not justified by catching someone occasionally and annoying people whose views are wrong or unlikable, along with everyone else.
Never mind the British government, and the US, and friends, are just as much terrorists as the groups this guy apparently chooses to be an apologist for. The Telegraph article also, while maybe technically correct, glibly dismisses the the ambient bigotry, and the special government targeting Muslims face. So there is about zero moral high ground here. But that is wholly irrelevant to the unconscionable dumpster fire that is "border security".
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
[ link to this | view in chronology ]
Re:
Also, being an asshole is not a crime. No matter how many authority figures really wish "being asshole to authority" was a crime, it still isn't. (Unless your in such wonderful places as North Korea)
[ link to this | view in chronology ]
Re: Re:
Correction, it is a crime, and people are arrested for it frequently as well. "disorderly conduct", "failure to comply", "interfering with the process of law enforcement performing its functions", there are really a lot of laws that can get you arrested and fined for being an asshole.
Remember, you are ALREADY GUILTY, now we are just waiting for a cop to decide to process you.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Response to: Anonymous Coward on May 19th, 2017 @ 5:55am
I would agree, i have a feeling that after 20 stops in the past, he has turned a little arrogant.
I actually think people like this are trying to create incidents just to get attention to themselves and their work.
He could have easily encrypted the data and put it on a cloud storage and not carried it over the border. He seems to have sort of set this up.
[ link to this | view in chronology ]
Re: Response to: Anonymous Coward on May 19th, 2017 @ 5:55am
Assuming for a moment that he did plan it, a 'trap' like that only works if both sides cooperate. Just as he could have encrypted the data and put it in cloud storage they could have easily decided not to push the matter when he refused to hand over the password.
This however is not what happened.
If he was 'trying to create an incident' then like bumbling buffoons they walked right into it, and that's entirely on them.
[ link to this | view in chronology ]
If people who refuse to hand over the password for their device gets arrested, like this guy, isn't it possible that would account for about 0.02 percent?
I am guessing that they are included in the statistics.
So how many actual terrorists have they ever captured?
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
You know things are bad when spending a grand total of three months in jail for not turning over your passwords sounds pretty lenient compared to potential life in prison for a similar refusal in the U.S.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
The US has not actually made refusal to hand over passwords a criminal offence yet.
On a large scale, no, but the key word there is 'yet'.
On a smaller scale? Unfortunately that's not so true, and the charge is 'contempt of court', or in the case of DHS, 'Because we can'.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
If you have the means to afford it, you can get your name removed from the database.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
i know what to encrypt
about 100 times
and on the image the words YOUR A DICK
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
http://www.bbc.com/news/uk-40012738
[ link to this | view in chronology ]
[ link to this | view in chronology ]
how quaint
Remember, every time you turn to government for your safety needs, this is what you get, "their interpretations on what it takes to keep you safe". When will it get through your thick little noggins that you ARE getting what you asked for here?
This is government in a nutshell, "abusing authority" citizens ignorantly allow them to have!
Citizens: but but but....
Government: I have altered the deal, pray I do not alter it any further.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
They still do, if you are part of the government, as that is what state secrets are all about. However for everybody else they have decided that there will be no privacy.
[ link to this | view in chronology ]
Re: Re:
Even the USA whom kicked those fucks to the curb for greater independence didn't value privacy and freedom above all else for long.
It is just not in government's nature to value anything other than complete obedience from the people.
[ link to this | view in chronology ]
Re: Re: Re:
should have been
I like the fact that he is dumb enough to think the UK used to value privacy and freedom "ever".
[ link to this | view in chronology ]
Re: Re: Re:
The result was better. In theory.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Yes Officer...
You get your phone back when I get mine back and I am free to go. By the way, anything interesting i find will be posted to www.shitfoundonbordersecurityofficerphones.com"
[ link to this | view in chronology ]
Petty Authoritarian Control Freaks, Charades and Utopia
British Human Rights Activist Faces Prison For Refusing To Hand Over Passwords At UK Border
All persons should refuse to hand over their passwords at all borders at all times to any petty tyrant representing any totalitarian government masquerading as a republic or constitutional monarchy.
These authoritarian acts (based upon the most specious motives) of the US/UK governments require either mass non-violent civil disobedience where jet load after jet load of travelers refuse to divulge their passwords thus filling the "authorities" detention centers until they are bursting at the seams with non-compliant persons or travelers can simply boycott traveling to the US/UK and deny both governments the revenue associated with business persons and holiday seekers.
These are the actions of governments (ie criminals) that are fearful that people will find out the truth that they are really nothing more than criminal enterprises operating solely for their own benefit at the expense of all others while hiding behind the charade of national security justifications.
“As God loves me, when I consider this, then every modern society seems to me to be nothing but a conspiracy of the rich, who while protesting their interest in the common good pursue their own interests and stop at no trick and deception to secure their ill-gotten possessions, to pay as little as possible for the labor that produces their wealth and so force its makers to accept the nearest thing to nothing. They contrive rules for securing and assuring these tidy profits for the rich in the name of the common good, including of course the poor, and call them laws!” ― Thomas More, Utopia
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]