April 2006: Americanizing the Restriction of Canadians' Rights

Security overtaking trade as driver of "deep integration"
April 1, 2006

At the time the Free Trade Agreement (FTA) and later the North American Free Trade Agreement (NAFTA) were negotiated, Canadians were told that they could enjoy the benefits of free trade with the United States without losing the benefits of sovereignty.

Neither part of this promise has been kept. NAFTA has not been beneficial for Canadians. The effects of the agreement on workers, the environment, and public health have been pernicious, and the softwood lumber case proves that any benefits the agreement does offer certain industries cannot be counted on since the U.S.--and particularly the Bush administration--will act unilaterally and refuse to be bound by the contract and arbitration decisions made pursuant to it.

At the same time, the agreement has severely undermined Canadian sovereignty. NAFTA’s Chapter 11 allows investors to hold governments at all levels hostage when it comes to legislating in the public interest, and potentially allows important policy areas like health care, agriculture, and resource management to be taken out of government control. In fact, NAFTA was never a trade agreement in the traditional sense, but rather the first of a new generation of agreements that give investors unprecedented rights against national governments and subject important areas of public policy to rules that privilege the interests of capital over those of citizens.

The business lobby in Canada has been pushing the government to adhere to, and even expand on NAFTA, and to replicate its provisions in the World Trade Organization regime (WTO) and the proposed Free Trade Agreement of the Americas (FTAA). It is apparent from reading the Canadian Council of Chief Executives’ North American Security and Prosperity Initiative document of January 2003 and the report of the tri-national Independent Task Force on the Future of North America of May 2005 (chaired by former Industry Minister John Manley), that this lobby would be content to have Canadian social and regulatory policy brought into line with that of the U.S., as it would have to be in the kind of economic union the lobby is proposing. Indeed, the Canadian business lobby appears to be willing to achieve economic union whatever the cost to Canadian sovereignty or the public good. As a result, it has become a formidable advocate for deep integration in all realms of policy with the United States.

Some pundits have speculated, however, that the Canadian business lobby might not get what it wants. If the U.S., in its current unilateralist mood, continues to lose cases under NAFTA and the WTO, and fails to get the concessions it wants under the FTAA and new WTO rounds, it might decide that, in the economic sphere as in other spheres, it is more advantageous for the U.S. not to be bound by multilateral regimes like NAFTA that have binding dispute resolution mechanisms.

But even if the U.S.-–or Canada, reacting against U.S. failures to honour its contractual obligations-–were to withdraw from NAFTA or the other new generation “trade” agreements, deep integration between Canada and the United States would continue to be a “live” project. Since September 11, 2001, the U.S. has been calling for—even demanding--unprecedented integration between Canada’s customs, immigration, transportation, security intelligence, policing, and military functions and those of the U.S., and threatening economic sanctions in the form of border delays and closures if its demands are not met.

Security is overtaking trade as a driver of deep integration.

The security agenda that the U.S. is pushing is aimed, not just at Canada, but at countries around the world.

There are a number of factors behind the myriad of new security initiatives being introduced by the United States. At a superficial level, the Bush administration is responding to real feelings of vulnerability on the part of a deeply shaken population. At the same time, however, the administration is taking advantage of the politics of fear to consolidate its power. It is using security to divert attention away from the social policies it wants to implement in the interests of the corporate and upper classes. It is using security to project the neoconservative foreign policy expressed in think-tank documents like Rebuilding America’s Defenses: Strategy Forces and Resources for a New Century onto the international stage-–and to sell it at home. It is positioning the U.S. in strategic regions like the Middle East, the Caspian Sea, and the Philippines in ways that allow it to better enforce its hegemonic interests. It is using the security agenda to concentrate unprecedented power in the hands of the Executive branch of government. And it is using security measures to increase control over domestic dissent and the population in general.

U.S. demands have been backed by UN Security Council Resolution 1373, under which member states failing to comply risk Security Council sanctions, and by the economic, political, and military power of the United States. Under this pressure and for their own reasons, many governments have followed the U.S., enacting a web of anti-terrorism laws and measures which have led to a growing harmonization and integration of security functions globally.

Canada is one of the nations that is the furthest advanced down this road, but a lot of what has been done has taken place under the public radar. The federal government has avoided being seen to “toe the line” on the more “hot button” security integration issues: Iraq and Missile Defense. And, apart from the fairly high-profile promulgation of the Canadian Anti-terrorism Act, which is modelled on the USA Patriot Act, the government has taken a low-key, incremental approach to implementing security initiatives. Most have been put in place through administrative agreements, international joint working groups, regulations, and the use of international forums such as the International Civil Aviation Organization and the G-8.

In this way, the government has avoided having to table initiatives before Parliament, and the public debate and democratic accountability that go along with that process. The Canada-U.S. Smart Border Agreement and Action Plan, an administrative agreement negotiated in December 2001 by John Manley when he was Deputy Prime Minister, is the blueprint for security integration between the two countries. The Canadian National Security Policy unveiled in April 2004, the Security and Prosperity Partnership of North America announced in March 2005 following the summit meeting between Bush, Martin and Fox, and the 300 proposals discussed at the tri-national meeting of Ministers in June 2005, more or less reflect the content of the Smart Border Action Plan.

This Plan calls for common biometric standards for identity cards that can be used across different modes of travel, coordinated visa and refugee policy, coordinated risk assessment of travellers, integrated border and marine enforcement teams, integrated national security intelligence teams, coordinated terrorist lists, new counter-terrorism legislation, increased intelligence sharing, and joint efforts to promote the Canada-U.S. model internationally.

Complying with the Smart Border Action Plan, Canada has harmonized its visa requirements with those of the U.S. and coordinated its refugee policy by entering into a Safe Third Country Agreement with the Bush administration.

The best way to make sense of the remaining Smart Border initiatives is to see that what the U.S. is aiming to set up, with the help of Canada and other G-8 countries, is what amounts to a global infrastructure for the registration and surveillance of populations. The premise of the infrastructure is that states can register populations using biometric identifiers, link information to individuals’ identifiers from as many sources as possible, and use the resulting dossiers of personal information to assess the risk individuals pose to the state.

A major paradigm shift is occurring. The U.S. and its allies are no longer focused on ordinary police and intelligence work, where state agents concern themselves with specific risks, starting with specific leads on specific suspects and work outwards. Rather, they are pursuing a project of mass surveillance, in which everyone is viewed as a suspect, and the aim is to eliminate risk. States are not just trying to identify known terrorists or those suspected of terrorism on reasonable grounds from out of the crowd as they cross borders or conduct transactions. They are trying to predict who might be a terrorist-–a little like the film Minority Report in which officials use technology to read people’s minds in order to stop criminal acts before they happen (although the reality falls far short of the Hollywood fantasy).

In effect, states that have thrown away or allowed the “precautionary principle” to be severely undermined in policy areas like public health and the environment over the past two decades, through new-generation trade agreements like NAFTA and the loosening of environmental protections, are now embracing it unquestioningly in the area of security.

The precautionary principle is an extremely beneficial principle when applied to many areas of public policy, but when it is applied to security matters, the effects are adverse. The rights and interests of individuals carry very little weight in a security regime premised on the precautionary principle. Ordinary legal protections that are fundamental to democratic societies, like the presumption of innocence, rights against unreasonable search and seizure, and rights against arbitrary detention and punishment, are viewed as intolerable risks in a precautionary regime. Guilt and innocence and the real identity of individuals are beside the point in such a regime. What matters to the risk-screeners is the management and avoidance of risk from the point of view of the state.

There are historical antecedents of this kind of system: the witch hunts of the McCarthy period, the secret files of the Stasi. But the system that is currently being constructed is unlike systems that we have seen before in that its technological capacity far outstrips earlier systems, and its global reach ensures that one has to worry, not just about what one’s own state might do with one’s personal information, but about what any other state might do with it.

In the current period, as in earlier periods, the stakes are very high. Already, we have seen states acting aggressively on the information they are gathering and sharing through global registration and surveillance to stop dissidents from flying, stop activists and intellectuals at borders, detain people without reasonable grounds, and, at the far end of the continuum, to render people to third countries and extraterritorial camps run by the U.S., where they face indefinite detention without charge, torture, and even death.

One of the first actions of the U.S. after 9/11 was to systematically register all males between the ages of 16 and 45 with links to Muslim and Arab countries visiting or travelling through the U.S. under the National Security Entry-Exit Registration System, or NSEERS. Under this program, all registrants were required to provide fingerprints as a biometric identifier.

Biometric registration was then expanded to most visa-carrying visitors to the U.S., under the U.S. Visitor and Immigrant Status Indicator Technology (US-VISIT) program. Under US-VISIT, visa applicants are fingerprinted at the U.S. consulate in the country in which they apply for their visa, and their fingerprints and other personal information are stored in a U.S. database for 100 years.

The next challenge for the U.S. was to expand registration to citizens. In common-law democracies like the U.S., however, the idea of a national identity card has historically been unpopular. The American people and Congress have, in the past, always rejected the idea of a national identity card. In Canada, a proposal for a new national identity card was floated by the Liberal government in the fall of 2002, and was soundly shot down by public opinion and the Parliamentary Committee reviewing the matter. A similar hot debate occurred in the U.K. where the government was forced to shelve plans for a national identity card—at least temporarily.

The U.S. solution for registering citizens in all countries with biometric identifiers was the imposition of a global requirement for biometric passports. The U.S. ensured the realization of this goal with its Enhanced Border Security and Visa Entry Reform Act of 2002. The Act required all countries wishing to retain their visa waiver status with the U.S. to adopt a passport with biometric identifiers by October 2004, and designated the International Civil Aviation Organization (ICAO) as the standard-setter. This legislation, along with a May 2003 agreement among the G-8 member countries to adopt a biometric passport system, provided the momentum that resulted in a global standard being set. In its spring 2004 meeting in Cairo, ICAO set a face recognition standard with optional fingerprint and iris scan standards. In fall 2004, Canada announced the introduction of a mandatory biometric passport using face recognition, starting in 2005. The E.U. announced the introduction of mandatory biometric passports with facial scans required from 2006 and fingerprints from 2007; and the U.S. introduced a mandatory biometric passport with facial recognition starting in 2005.

It is interesting to note that, once the British and American public were “softened up” to the idea of biometric travel identification documents, proposals for biometric national ID cards were resurrected in each country. The U.K. government has introduced a scheme proposing a new national identity card with mandatory biometric requirements. In the U.S., where most people do not carry passports, the government managed to pass the Intelligence Reform and Terrorism Prevention Act and the REAL ID Act, which contain plans for creation of a de facto national ID card, using drivers’ licenses. In light of these developments, the prospect of a mandatory biometric national ID card being introduced in Canada is not out of the question.

Until very recently, Canadian citizens were exempt from providing a biometric identifier at the U.S. border. Canada was not part of the U.S. Visa Waiver Program and had its own special exemption from U.S. requirements that visitors carry either a biometric visa or a biometric passport. However, the Intelligence Reform and Terrorism Prevention Act of 2004 closes that exemption. The Act requires Canadians to present a biometric passport or some other approved biometric identity document at the U.S. border. Negotiations over what those other approved documents should be might be the “opener” to a resurrection of the idea of a national ID card for Canadians. And if the U.S and Canadian governments follow through with the Smart Border Action Plan item requiring biometric identity cards with common standards designed to be “used across different modes of travel,” one wonders how Canadians will avoid having a new biometric national identity card imposed on them.

Whatever document is used, U.S.--and Canadian-–agencies will henceforth have a biometric identifier with which to build information dossiers on Canadians.

Since 9/11, the U.S. has made enormous efforts to collect data on individuals from as many sources as possible, and to link it. The government buys commercial information from data-aggregating companies; it has asked companies and institutions in the U.S. to give it vast amounts of data voluntarily, and they have; it has given the FBI broad authority to access the records of businesses under the USA Patriot Act (access which extends to the personal information of citizens in other countries wherever it is held by U.S. companies and their subsidiaries); it has bought entire voter registers and other government records of foreign countries; it has instituted new requirements on banks and businesses to report financial transactions; and it has entered into international agreements that provide for the sharing of information on financial transactions, electronic communications, and law enforcement records.

Information is shared between U.S. agencies, and the government has also linked public and commercial databases under programs like US-VISIT, the Computer Assisted Passenger Prescreening System or CAPPS II, and its successor program, Secure Flight, and the Multi-State Anti-Terrorism Information Exchange or MATRIX program. Unlike in Canada, the federal Privacy Act in the U.S. “regulates records the government stores, but does not regulate how [government] agencies access records from the private sector.” Insiders have spoken of a “black box” of information the U.S. is amassing for security purposes: no one knows exactly what it will eventually contain, only that it will be as comprehensive as possible.

Under the Smart Border Action Plan, there have been arrangements for increased sharing and interoperability of databases between Canadian and U.S. customs and law enforcement, and for increased sharing between diplomatic missions.

Canada and the U.S. have also set up integrated border, marine, and security intelligence units. Recently, the Arar Inquiry heard shocking testimony about the RCMP investigation into alleged terrorist cells in Toronto and Ottawa, which swept Canadian citizen Maher Arar into its net. Code-named AO Canada, it was an international effort in which the FBI and another U.S. agency (left unnamed for security reasons: likely the CIA) participated as partners, having access to all information gathered by the RCMP, without caveats. In fact, there were regular joint information meetings in Canada at which the U.S. agencies were provided with CD-ROMs containing the entire investigation file, which included 26 hard-disk drives that the RCMP had seized from seven raids but did not have the manpower to analyze themselves.

In addition to the linkage and convergence just described, the U.S. has been demanding that the air carriers of other countries hand over Advanced Passenger Information (API) and Passenger Name Record information (PNR) in order to allow U.S. agencies to track and control movement of people across borders. API is the list of passengers on the airline manifest. PNR is the information kept in air travel reservation systems. It can include over 60 fields of information, including the name and address of the traveller, the address of the person with whom the traveller will stay, the trip itinerary, the date the ticket was purchased, credit card information, seat number, meal choices (which can reveal religious or ethnic affiliation), medical information, behavioural information, and linked frequent-flyer information.

The Smart Border Action Plan provides for the sharing of API and PNR information between the U.S. and Canada. Canada has facilitated this by passing three pieces of legislation:

  • Bill C-44 amendments to the Aeronautics Act exempt Canadian air carriers from the Personal Information Protection and Electronic Documents Act in order to allow them to give the personal information of passengers to foreign agencies requesting it.
  • Bill S-23 amendments to the Customs Act, and regulations made pursuant to it, give Canada Customs and Revenue Agency (CCRA) access to all information relating to passengers in airline or travel agent reservation systems in respect of incoming flights to Canada. CCRA is storing and tracking the information for up to six years and sharing it with domestic and foreign law enforcement agencies.
  • The Public Safety Act provides for the collection and sharing of API, PNR, and other information by Canadian agencies in respect of domestic and incoming and outgoing international flights, and for any flights by Canadian carriers departing from anywhere in the world. According to a White House progress report on the Canada-U.S. Smart Border Action Plan, Canada started collecting API at Canadian airports on October 8, 2002, under a program called PAXIS, and an automated U.S.-Canada API/PNR data-sharing program was to have been in place by Spring 2003.

The U.S. has forced the E.U. into a PNR-sharing agreement even though it violates the E.U. Data Protection Directive. Canada also signed a PNR sharing agreement with the E.U. in October 2005, and ICAO has been asked to develop global standards for PNR sharing.

Having collected and linked all of the information just described, the U.S. and other countries are faced with the challenge of sorting through it to assess the risk that different individuals pose to security. There are “low” and “high-tech” approaches to this.

The High-Tech Approach

The “high-tech” version of risk assessment involves data mining and risk scoring: using computer programs to scrutinize masses of data for selected criteria or patterns which are supposedly indicative of the level of risk individuals pose.

The U.S. is pursuing high-tech solutions with fervor. Its most ambitious project was the Total Information Awareness program, run by John Poindexter (a key figure in the Iran-Contragate scandal) out of the Defense Advanced Research Projects Agency (DARPA). The goal of the program, as described by Poindexter, was to mine “the transaction space” to find “signatures” of terrorist activity. According to the project’s website, the transactions mined would include individuals’ financial, medical, travel, “place/event entry,” transportation, education, housing, and communications transactions. Poindexter planned to develop software that could analyze “multiple petabytes” of data.

In Fall 2003, Congress pulled the funding for the TIA program, but many of its component parts live on in hidden research and other programs. Steve Aftergood, of the American Federation of Scientists, has written that “the whole Congressional action looks like a shell game. There may be enough of a difference for them to claim TIA was terminated, while for all practical purposes the identical work is continuing.”

The MATRIX program mentioned earlier is also a data mining program, as was the CAPPS II program. According to a notice published in the U.S. Federal Register in January 2003, the intent of CAPPS II was to create a passenger screening database that would be linked to virtually unlimited amounts of data from private and public sources, including “financial and transactional data.” The program was also supposed to “risk-score” passengers as red, amber, or green (high, med, low) risks based on undisclosed criteria. CAPPS II was withdrawn over privacy and operational concerns, and replaced with a new program called “Secure Flight.” Secure Flight was to forgo the use of private sector data and risk scoring that its predecessor had employed, and the Transportation Security Administration (TSA) made assurances to this effect. However, reports have recently revealed that the TSA did in fact link passenger information to commercial databases under the program and had plans to test whether the program could be adapted to predict which passengers might be involved in terrorist activity.

The Smart Border Action Plan called on Canada and the U.S. “to explore means to identify risks posed by passengers on international flights arriving in each other’s country,” and the Canadian National Security Policy unveiled in April 2004 confirmed that Canada would spend resources “to study emerging technologies that could. . . improve our ability to screen passengers.” Pursuant to these commitments, Canada and the U.S. have agreed to implement an interoperable “risk-scoring mechanism”-–presumably what is being tested in the Secure Flight program. According to a Smart Border Action Plan Status Report, dated December 17, 2004, on the Department of Foreign Affairs website, the first phase of this exchange was implemented on August 10, 2004. The project is currently located in the Canadian Risk Assessment Centre, under the auspices of the Department of Public Safety and Emergency Preparedness. It is not known what criteria are being used or tested, only that the program, like the American CAPPS II program, is a data mining one: it uses computer algorithms to sort through personal information and identify the risk posed by travellers. A news report of January 2004 established that the program was going to score passengers as red, amber, and green risks, as did the CAPPS II program, but whether this aspect has been retained or not since the revamping of the CAPPS II program in the U.S. is not known.

Finally, it would seem that in Canada the risk-scoring project has been recently recast as the second phase of a new program called Passenger Protect. Announced in August 2005, Passenger Protect is composed of a terrorist watch list administered by the Department of Transport and an “advanced automated air passenger assessment system” (presumably a risk-scoring system) that is to be tested and administered by the Department of Public Safety.

Data-mining programs like the ones described above are alarming because the technology they use and the assumptions upon which they are based are dangerously flawed. First, the facts they rely on are often inaccurate, incomplete, and lacking context, and the programs contain inadequate mechanisms to allow individuals to correct, contextualize, or even know the information that is being used against them. Second, the criteria used are necessarily overbroad and mechanically employed so that ethnic and religious profiling is endemic.

The CAPPS II program provides a good example of the unacceptable margins of error associated with these kinds of systems. The TSA estimated that 5% of the travelling public would be rated as amber or red under the CAPPS II program. The Association of Corporate Travel Executives has observed that, if only 2% were rated “red,” there would be up to eight million passengers detained or denied boarding every year in the U.S.

The Low-Tech Approach

In the “low-tech” approach to risk assessment, human beings make judgments about other human beings. However, in the current political climate there are strong bureaucratic incentives for risk assessors to err on the side of caution. No one wants to be the one who fails to flag, detain, or identify someone who later turns out to be a terrorist. This environment leads to indiscriminate interpretations of information and indiscriminate actions on the part of authorities. In the low-tech approach to risk assessment, as in the high-tech approach, ethnic and religious profiling is endemic.

In the U.S., some 1,500 to 2,000 innocent people, mostly with origins in Muslim countries, were swept off the street immediately after 9/11 and imprisoned in violation of their constitutional rights on immigration charges or material witness warrants.

Under the U.S. “no fly” list, peace activists and civil libertarians have been detained and denied boarding. Many other people have been stopped merely for having a name similar to one on the list. Senator Edward Kennedy was stopped from flying on several occasions and had to call the head of the Department of Homeland Security three times before his name was removed from the list.

The U.S. had at least a dozen terrorist watch lists administered by nine different agencies until most of them were consolidated in fall 2003 under the new FBI-CIA Terrorist Threat Integration Center (TTIC). News reports have put the number of names on the U.S. lists in the millions.

The U.S. has also been engaged in seizing and rendering individuals, often on the flimsiest evidence, to extraterritorial camps and prisons, where they have been detained indefinitely without charges and tortured. Pentagon figures and estimates of intelligence experts put the number of people being held by the U.S. directly or at its request at 9,000, as of May 2004.

The Smart Border Action Plan calls for the coordination of Canadian and U.S. terrorist lists. Canadian airlines are already enforcing the U.S. “no fly” list even in respect of flights within Canada. Canadian authorities are enforcing the UN list for freezing assets, which is made up largely of names from the American list for freezing assets. As mentioned earlier, Canada is also developing its own “no fly” list, which will likely be largely congruent with the U.S. list.

More ominously, testimony at the Arar Commission has been revealing possible Canadian complicity in the U.S. practice of extraordinary rendition. The testimony has suggested that Canada may also have had its own practice of allowing persons suspected of terrorist activities (often on the most dubious grounds) to travel to third countries where local authorities were tipped off by Canadian officials and the individuals were detained arbitrarily, interrogated without legal rights, and even tortured.

The report of the tri-national Independent Task Force on the Future of North America, chaired by John Manley, calls for a high-tech biometric security system to manage the U.S.-Canada and U.S.-Mexico borders, tied to integrated multinational databases; integrated visa regulations; integrated refugee laws; increased sharing of information on travellers; the creation of joint border authorities; and integrated watch lists.

Much of this, and more, has already been accomplished. Deep integration in the security realm is upon us, and its touted benefits are likely to be as illusory as the benefits of the “free trade” regime it is meant to guarantee.

(Maureen Webb is the author of a forthcoming book about the development, since 9/11, of a global infrastructure for mass registration and surveillance and its implications for democratic societies and movements. Titled Delusions of Security, the book will be published this fall. This article is drawn from her contribution to the upcoming CCPA book Living With Uncle, a collection of essays on “deep integration” mostly based on presentations made at the CCPA’s 25th anniversary conference.)