I am honored to be included in the list of 2017-2018 Berkman Klein community members. This group of scholars, researchers, legal experts, technologists, information specialists, and more inspire me every year, and I can’t wait to meet the newest class. Here’s hoping I can continue to be worthy of inclusion in this fantastic community…the things I’ve learned over the last two years makes me incredibly excited for what’s to come in year three.
Over on the Measure the Future project blog, I posted about going formally into public beta. I’m very proud of the work that’s been done to get the project to this point. I couldn’t have gotten this far without help from so many people, including especially the Alpha testers and the development team (Clinton Freeman, you’re a miracle worker). Here’s an excerpt from the longer post over on the MtF blog:
Measure the Future is also adding additional locations for installs with a new round of 4 Beta partner libraries. These additional locations (announcement soon on who those are) will give us even more feedback and will work with us to determine the best way to present this new type of library usage data. We will be answering the questions that our Beta partners want answered, so if you have questions you want our help with, please let us know. We have room for a couple more libraries in our Beta testing, and would love to work with you.
The big development goal for our Beta period is the move from local visualization of activity and attention in library spaces to a cloud-based portal that will allow for much richer visualizations. We are dedicated to making this move from local-to-cloud as privacy-focused and security-aware as possible, and so we will be taking great care in how we move forward.
Head over to read the full announcement, and visit Measure the Future to see all the code, instructions, and more that we released this weekend. There’s more to come, including a walk-though of a setup as soon as I can get some video and screen recordings together.
This year I have a small number of international speaking engagements, and I just returned from the first of those in 2017…which means it was the first since the recent spat of increased DHS and Customs enforcement. It was also my first trip to a Muslim-majority country, and while not one on the magic list, it still made me consider my re-entry into the US and the possible attention therein. These things combined to make me far more attentive to and aware of my personal information security (infosec) than every before. This post will be an attempt to catalog the choices I made and the process I used, as well as details of what actual technological precautions I took prior to leaving and when actively crossing the border.
This trip was to the SLA Arabian Gulf Library Conference, held this year in Manama, Bahrain, where I was on a panel discussing future tech. This means flying internationally through a major city, which for me meant flights from Nashville to JFK to Doha International Airport in Qatar, then finally to Manama, Bahrain. The return was was the same, with the exception of flying back into the US via O’Hare in Chicago rather than JFK. This meant crossing into at least 2 foreign countries physically on each leg of the trip, although in Qatar I remained in the international section of the airport and didn’t go through customs and enter the country proper. Still, there were LOTS of checkpoints, which meant lots of potential checks of my luggage and technology.
What was my concern, and why was I thinking so hard about this prior to the trip? After all, I’m a law-abiding US citizen, and as the saying goes, if you’ve nothing to hide, why worry? First off, the “if you’ve nothing to hide” argument is dismissible, especially given the last 6 weeks of evidence of harassment and aggression at the US border. I am a citizen of the US, but I have also been very outspoken online regarding my feelings for the actions of the current administration. On top of that, information security isn’t just about the individual…it’s about everyone I’ve exchanged email with, texted, messaged on Facebook, sent a Twitter DM, and the like….the total extent of my communications and connections could, if dumped to DHS computers, theoretically harm someone that isn’t me, and that was not ok in my book. A primary goal was to prevent any data about my communications or contacts from being obtained by DHS.
DHS and Border Control has very, very broad powers when it comes to searching electronic devices at the border. I was not certain of the power granted to Border Agents in Qatar and Bahrain, but my working assumption was they had at least the powers that the US Agents did. I also assumed that the US agents would probably have better technological tools for intrusion, so if I could protect my data against that threat, I was safe for the other locations as well.
A secondary goal in my particular model was to attempt to limit the possibility for delay in my travels. If I could comply with requests up to a certain point without breaking my primary goal of data protection, that would likely result in less delay. When considering these levels of access, I thought about questions like: could I power on my devices without any data leakage? Could I unlock my devices if requested and allow the Agent to handle my phone, for instance, without risking data leakage? Could I answer questions about my device and the apps on it (or other apps in question, for instance social media accounts such as Facebook or Twitter) honestly without risking data leakage?
With all of that in mind, here’s how I secured my technology for border crossing. Your mileage may vary, as your threat model may be very different, and the manner in which you choose to answer the various questions above may be different. If everything had gone south and my devices were impounded, I’d be writing a very different post (and contacting the EFF). But for this particular trip, this is my story.
What to Take
First off, I decided quickly that I wasn’t going to travel with my MacBook Pro. I was lucky enough that I didn’t need it for this trip, because there wasn’t any work that I would be doing on the road that necessitated a general purpose computer. I had work to do, but it all involved writing…some email, some writing text for a project, some viewing of spreadsheets and analysis of them. Simple and straightforward things that luckily could easily be done with a tablet and a decent keyboard. I already had an iPad with the Apple keyboard case, which made for an easily-carried and totally capable computing device for the trip. I could load some movies and music on it, fire up a text editor, answer email, and generally communicate without issue. It’s also iOS based, which makes it enormously more secure than Mac OS from first principles.
Since both my main computing device and my phone ran the same OS, I was able to also double-up any planning and efforts in security, as any decision I made could be equally applied to both devices. This turned out to be very, very convenient, and saved me time and effort.
The first thing that I did was backup the both the iPad and iPhone to a local computer here at my house (not iCloud) and ensure that those backups were successful. I stored those backups on my home network to ensure their safety…if anything went wrong later, these would be my “clean” images that I could revert to upon returning home. Then I used Apple Configurator 2 to “pair lock” my devices to my laptop, which would remain at home.
This process was best described back in 2014 by security researcher Jonathan Zdziarski. While his instructions are fairly out of date, the general idea is still there and still works in iOS 10 and Apple Configurator 2. Basically, pair-locking an iOS device is a method by which the device is flashed with a cryptographic security certificate that prevents it from allowing a connection to any computer that doesn’t have the other half of the cryptographic pair on it. This means that once locked to my laptop (which, again, wasn’t in my possession and was still at my home), my iPhone and iPad would simply refuse to connect to any other computer in the world…whether that was someone that stole it from me and and attempted to reflash it using iTunes on their computer, or whether that is a diagnostic device being used by law enforcement.
This process is designed with the concept of using it for enterprise installation of iOS devices that need high security procedures to prevent employees from being able to connect their home computer to their work phone and retrieve any information. But it works very well for the purposes of preventing any possible attacker from accessing the phone’s memory directly through it’s lightning port. This processes ensures that even if the phone is unlocked and taken from my possession, DHS or other attacker cannot dump the memory directly or examine it using typical forensic information gathering devices.
Once both devices were pair-locked, I was left with two freshly installed iOS devices that I needed to reload with apps and content that would be useful for me. After loading a set of games and apps that would allow me to pass the time and still get some work done, as well as media I might want to consume on the road, I loaded my password manager (I use and am very happy with 1Password) and created a very, very long and complicated vault password that there was no possibility I could remember. I recorded that password on paper (left at home in a fireproof safe) and gave it to a trusted person that had instructions not to give the password to me until I had cleared the border and only over a secured channel.
I then changed the 1Password vault password to be that password plus a phrase that I knew and could remember (a sort of salt). 1Password was set up to allow me to login with TouchID, so I could still operate normally (logging into services and such) until such a time as that TouchID credential was revoked. Once revoked, I would be completely locked out of my passwords, with no ability to access them, until through a pre-arranged time and secure channel I got the vault password from either of the mentioned trusted sources. Those trusted sources, meanwhile, couldn’t access my password vault either, since the salt was resident only in my head.
It may be obvious, but I also ensured that everything in my life that was accessed with a password had a very strong one that was held by 1Password, and that I didn’t know and couldn’t memorize even if I tried. My bank, social media, dropbox…everything that could get a password, had a very, very secure one. Any service that supported 2-factor authentication had said 2 factor turned on, with the second factor set to an authentication app that supports a PIN (or, in the case of Very Important Accounts, a physical Yubikey that was left in TN as well). This is security 101, and not directly related to my border crossing…but if you don’t have the basics covered, nothing else really matters.
I made sure that iOS had most iCloud sync services off….no contact syncing, no calendar syncing, really the only thing I left syncing was my photo gallery. I did not install any social media apps (no Facebook app, no Twitter app, etc) and only logged in and out on the websites in question. The browser on both devices was set to not remember passwords, and I clear cache and history regularly when traveling. As far as I could, I eliminated anything that stored conversations or messages between myself and others…no Facebook Messenger app, etc. I deleted my email app, and didn’t enter my account information for email into the standard iOS mail app.
This was, keep in mind, just for the transit period. Once in country and across borders, I could use a VPN to connect to the ‘net and download any apps needed, log into them after retrieving the password from one of the trusted sources, and effectively use both devices normally (with basic security measures in place all the time, of course).
At this point, I had a device that couldn’t be memory dumped, that had very little personal information on it, and even less information about my contacts on it. It mostly acted normally for me, because 1Password handled all of my logins and I used TouchID during daily usage…right up until I needed to cross a border. Before I did so, I deleted my TouchID credentials via Settings (by deleting the fingerprint credential), and powered-cycled my phone. Those two actions did several things all at once:
The first was that it prevented me from being able to know or retrieve any passwords for anything in my life. That’s a pretty scary situation, but I knew it was fixable in the future (this wasn’t a permanent state). It also meant that if I were asked to unlock my phone, I could do so pretty much without anything of interest being capable of access. Without the ability to dump the phone forensically, officers could ask me for passwords for accounts and I could truthfully say that I had no way of telling them, because the password manager knew them all and I didn’t. And I couldn’t give them the password vault login because I literally didn’t know it.
The idea with all of this was to create a boundary of information access beyond which, if DHS wanted to try and access, they would need to impound the phone and potentially subpoena the information from me with a warrant. My guess (which turned out to be correct) was that they would ask to have it powered on, and maybe they would ask to see it unlocked, but that would be it. If they pried further, well…I was prepared to tell them truthfully that I didn’t know, that I couldn’t know. And I would call a lawyer if detained, and proceed from there.
The worst case scenario for me was minimal delay and discomfort. I am enormously privileged in my position to be able to think about this sort of passive resistance without actual fear for bodily harm or other forms of retribution. For me, the likely worst case, even if things had escalated to asking for social media passwords, would have been the confiscation of my devices and my being detained for a time. This is assuredly not the worst case for many, and it is extraordinarily important that each person judge their own risks when deciding on security practices.
For some, it is far better to simply not carry anything. Or to carry a completely blank device. Or purchase an inexpensive device when you arrive in the country of your destination. For me, I had the ability to prepare and be ready for resistance if needed. Your mileage may, and should, vary.
The results of all this thought and effort? Nothing at all. Not a single bit of attention was paid to me at the various border crossings, by either US or foreign agents. On the leg of my flight leaving Qatar, I went through no fewer than 4 security checkpoints from the time I landed until getting onto the plane taking me to O’Hare, and at each one there was a baggage scanner and metal detector, agents pulling people out of line for additional screening, and the like. When I finally got to my gate, it had its own private security apparatus, again with metal detector and baggage X-ray. At this security checkpoint, I was randomly selected for additional screening, but the agent in question (a Qatar security agent) was incredibly professional, thorough, and neither invasive nor abusive. I got a pat down (much less severe than those I’ve been given at US airports), and they asked to look inside my carryon…they even asked me to power on my iPhone and iPad. But they didn’t ask to unlock them, and they didn’t ask for passwords of any type.
When entering into the US at O’Hare, the plane was greeted by DHS agents at the gate, who asked to check passports upon exiting the plane. The agent I was greeted by barely had time to glance at my US Passport before waving me through…again, the privilege of my appearance and nationality was evidenced by the fact that several of my fellow passengers were not waved through so easily. The last thing I heard as I walked up the jetway towards Customs was a DHS Agent saying to the robed gentleman behind me “So you don’t speak very much English, huh….”
The current state of our country cannot stand. We are a nation of immigrants many peoples1, and a nation that believes in the privacy of our affairs and effects. This concern I had for my own and my friends’ information shouldn’t have been necessary. We should be able to be secure in our possessions, even and especially when those possessions are information about ourselves and our relationships to others. I do not want to be in a position where I have to threat model crossing the border of my own country. And yet, here we are.
I’d love any thoughts about the process described above, especially from security types or lawyers. Any holes or issues, any thoughts about what was useless, anything at all would be great to hear. I hope, as I so often hope these days, that all of this information never becomes applicable to you and that you never need to use it. But if you do, I hope this helped in some way.
1 I was called out on Twitter for my use of “immigrant” as an inclusive term for people in the US, when, of course, many US citizens ancestry is far more complicated and difficult than “they chose to come here”. It was written in haste and while it works for the emotion I was attempting to convey, it definitely undercuts the violent and difficult history of many people in the US. I’ve edited the text to reflect the meaning more clearly and left the original to indicate my change.
Warning: This is a very long post. There are lots of resources mentioned, laws referenced, and opinions given. If you’re looking for a TL;DR version for a tweet, here you go:
Recent immigration enforcement efforts by the current administration should be alarming to libraries & we need to have action plans in hand.
Read on for lots, lots more.
Table of Contents
Libraries and Immigration
With the release on Feb 21st of Department of Homeland Security (DHS) memos (one and two) detailing increased efforts relating to the efforts of Immigration and Customs Enforcement (ICE) and related federal offices (Customs and Border Control ((CBP)) and the like), the threat that there may be immigration raids in libraries continues to grow. I have been trying to gather information about such threats since the initial increase in ICE raids began just a few weeks ago, and here is what I’ve discovered, links to resources, and some of my thoughts on the matter.
Since Trump took office, ICE and CBP have been on a much, much looser leash when it comes to the allowances they have to question, detain, and remove non-citizens from the US. Reports of mothers being removed from their children, removal of someone after a court appearance, arresting people leaving church-based hypothermia shelters, and the like have shown a willing disregard for humanitarian instincts and that no location should consider itself safe from the threat of immigration officers entering your space, questioning individuals, and potentially removing them for deportation.
As I see it, there are two threats for libraries that emerge from the current reimagining of US immigration policy. The first is similar to the threat that the PATRIOT act and other historical efforts have illustrated: the use of library-gathered information to target or identify an individual or group of people. That information could be circulation records, attendance lists for library programs, library card records, and the like. Libraries are aware of the threat to these sorts of records, there are State laws that outline limitations and protections for that information, and we have a history of protecting it. There are myriad resource that will give libraries tips on how to manage their technology in such a way to limit the information they keep, and action plans that outline how to react to an information request.
The second threat is, however, a new(ish) one. That threat is to the patrons inside or around your library, and the threat that an “enforcement action” could result in ICE agents entering your building, asking patrons for proof of citizenship, detaining those that cannot provide such, and expeditiously moving those patrons into “detention centers” and from there to deportation and out of the US entirely. If we protect patrons information so closely, with so much effort and vigor, how much more effort must we put forth in protecting the patrons themselves? What are the limits of protecting individuals in your community?
Given libraries’ efforts in assisting immigrant populations of the US, and that many libraries provide significant citizenship assistance, we should be very aware of the potential for a visit by ICE officers. Public libraries in particular should have an action plan for this, in the same sort of way that we had action plans for an FBI visit post-9/11 in regards to the PATRIOT act.
The Department of Homeland Security does specify “Sensitive Locations” within which ICE must meet a higher degree of legal proof before they are empowered to enter, question, detain, or remove someone. These include schools, hospitals, churches, and more:
it is worth noting that libraries are NOT called out in this list. It’s possible that they could be construed as part of “educational-related activities,” but in practice that refers to school activities that may take place after official school hours. I do not believe that any of the above categories affirmatively includes libraries.
Even if libraries WERE to be construed as Sensitive Locations, that designation only protects what ICE refers to as an “enforcement action”:
The question of what powers ICE and CBP can bring to bear is a complicated one. Within the borders of the US, ICE has particular limits to their operations. They cannot enter a private home without permission or a warrant, for example. However, there is special legal dispensation given in US law to what is commonly known as the 100 Mile Zone, that is, any area within 100 miles of the border of the US.
As you may note, that 100 mile zone includes enormous sections of the population of the US, including the entirety of Florida, Hawaii, Maine, Michigan, and most of the largest cities (New York, Los Angeles, Houston, Chicago, Miami, San Francisco, and more. Within this zone, CBP has more authority to pursue immigration issues. The memos linked above direct ICE to hire an addition 10,000 agents, and CBP to hire an addition 5,000 agents, in order to pursue immigration issues more aggressively. I hope that it is obvious why this might be worrisome.
Finally, while we are seeking things to worry about, there’s the Delegation of Immigration Authority Section 287(g). This allows the Department of Homeland Security to “partner” with local and/or state law enforcement and thus allow the local officers to act on immigration issues…effectively, a form of ICE deputization. The memos linked above also direct ICE to more regularly use this in their enforcement efforts, increasing the number of officers available to detain and arrest immigrants even further.
How to Prepare
Given the combination of the broad powers assigned to DHS and the zeal with which the current administration appears to be going after immigrants, I believe strongly that it would be a dereliction of our duty to our communities to not consider how to respond to the potential of immigration officer activity in your library. This is a situation of not if, but when.
The resources linked below are almost all available in both English and Spanish, and most of those that are designed to be handed out to patrons are available in several languages.
A first step is being the information resource that your patrons need. Print and distribute rights cards for your patrons, so that they understand what their rights are here in the US, and how they should and shouldn’t interact with ICE agents. Here is a page with even more resources for patrons, many of which you could provide in your buildings.
This Community Raid Preparedness Checklist is a fantastic resource (with more coming from the same group), and outlines several steps that libraries should be looking at as quickly as they possibly can. NILC also has a presentation called Raids: What is Happening and How to Respond that was put together jointly with the Southern Poverty Law Center, and other stakeholders just a week ago that outlines the current state of things as well as possible responses.
The National Immigration Project has a variety of other amazing resources that libraries should have on hand, discuss, and implement where they can, including this FAQ that answers questions in a framework that I feel is very useful for libraries.
Finally, the most thorough response document I have found is this one, the Defend Against ICE Raids and Community Arrests toolkit, which has well-considered suggestions, resources, and ideas in it. It focuses on home raids, but much of the advice can be adjusted and used for public places.
ALA has a Libraries Respond page entitled Immigrants, Refugees, and Asylum Seekers with links to ALA statements on service to these communities, as well as a few external links to resources. Some of the resources are older than I would like, but there are links to more current news reporting on the current situation. I would prefer to see ALA taking a much stronger stance on this, but understand their limitations.
Laws Regarding Resistance
In classic Internet style, here is where I remind you that I Am Not A Lawyer. Luckily, my friend Kyle K. Courtney is a lawyer, and a damned good one. He is, however, not your lawyer, and this section is meant as a summary of possibly applicable laws and cases regarding interfering with federal officers. The more you know, the better off you are in developing your action plan. Take it away, Kyle:
The concept of resisting, opposing, impeding, intimidating, or interfering with federal agents’ duties has been considered by the courts for decades, and is governed by federal statutes. It is important that you know and understand the law surrounding these actions. While we outline some of the major laws here, there are usually a large segment of ways you can be held or, of course, simply detained and later charged with misdemeanors.
Main Federal Statutes
18 U.S.C.A. § 111
This federal statute makes it a crime for anyone forcibly to assault, resist, oppose, impede, intimidate, or interfere with certain enumerated federal officers and employees while they are engaged in the performance of their official duties.
Note also that 18 U.S.C.A. § 1114 is critical to determining the official status of the person assaulted, so, in order to fall within the scope of 18 U.S.C.A. § 111, the person assaulted must be within the definition of government officers, etc. as defined in § 1114.
The statute provides for two offense levels:
- simple assault—a misdemeanor
- forcible assault—a felony
- Enhanced penalty for a forcible assault that involves use of a deadly or dangerous weapon or one that inflicts bodily injury.
The elements of the offense of an assault on a federal officer are:
(1) a forceful assault;
(2) committed voluntarily and intentionally;
(3) against an officer employed by the federal government who was then engaged in the performance of an official duty or on account of the performance of official duty.
*Cases have found that § 111 does not require that the assailant be aware that the victim is a federal officer.
- The scope of what a federal officer is “employed to do,” for purposes of determining whether an officer is engaged in the performance of official duties within the meaning of the statute, is not defined by whether the officer is abiding by the laws and regulations in effect at the time of the incident, nor is the touchstone whether the officer is performing the functions covered by his or her job description. Rather, the test is whether the officer was engaged in what he or she was employed to do rather than being on what the courts refer to as a “personal frolic.” There is no bright-line test, it is a case-by-case factual judgment.
28 U.S.C.A. § 1501
There is also a lesser offense of willful and knowing obstruction defined in 28 U.S.C.A. § 1501, making it a misdemeanor to obstruct, resist, or oppose any officer of the United States in attempting to serve or execute any legal or judicial writ or process.
A § 1501 violation contains all of the elements of a § 111 violation, except the element of force is required for a conviction under § 111.
18 U.S.C.A. § 1071
§1071 makes it a federal offense for a person to harbor or conceal any person for whose arrest a warrant or process has been issued under the provisions of any law of the United States, so as to prevent that person’s discovery or arrest, after notice or knowledge that a warrant or process has been issued for his arrest.
The federal offense of harboring or concealing a fugitive so as to prevent his discovery and arrest may be viewed as being comprised of three elements. Thus, in order for § 1071 to be applicable there must be:
(1) an act or acts of harboring or concealing done so as to prevent the discovery and arrest of an individual;
(2) a warrant or process issued under the provisions of any law of the United States for the arrest of the individual who is harbored or concealed; and
(3) notice or knowledge on the part of the person who performs the act or acts of harboring or concealing, before the performance of such act or acts, that a warrant or process has been issued under the provisions of any law of the United States for the arrest of the individual who is harbored or concealed
The following caselaw is a sample of the enforcement of the federal statutes listed above. Some are specific to immigration and border patrol officers, while other are interpretations of the statutes for any enumerated federal officers and employees. There are even a few cases where third parties attempt to resist, oppose, impede, intimidate, or interfere with federal officers that are engaged in the performance of their official duties, namely arresting another party.
|Bennett v. U.S., 285 F.2d 567 (5th Cir. 1960)||In a prosecution for assault on an immigration officer, it is not necessary to prove scienter, that is, that the accused knew the object of the assault was a federal officer (Border Patrol officers in plain clothes on horseback)|
|U.S. v. Varkonyi, 645 F.2d 453 (5th Cir. 1981).
|It is no defense that the accused was attempting to protect his or her private property from trespassers who were immigration officers.|
|United States v. Vigil, 431 F.2d 1037 (10th Cir. 1970)
|Third person does not have right to assist in resisting the arrest of another if third person knows or has good reason to believe the person making arrest is government official authorized to make arrest and official is not clearly using unnecessary force.|
|United States v. Ulan, 421 F.2d 787 (2d Cir. 1970)
|Demonstrating bystander, who voluntarily intervened and struck federal deputy marshal in attempt to prevent arrest of co-demonstrator was found guilty of assaulting and interfering with federal deputy marshal in performance of his official duties|
|U.S. v. Davis, 690 F.3d 127 (2nd Cir. 2012)||Evidence was insufficient to support defendant’s conviction for misdemeanor of resisting arrest which showed only that defendant ran from a DEA agent and, when tackled to the ground, struggled against being handcuffed, primarily by putting their hands under their stomach. There was no evidence that defendant engaged in any conduct that demonstrated a desire to injure an agent or would cause an agent to apprehend immediate injury.|
|U.S. v. Steele, 550 F.3d 693 (8th Cir. 2008)||When defendant’s mother gave federal officer permission to enter her house and defendant was extremely angry and made threatening gestures, a reasonable juror could determine that defendant was not justified in using force to resist arrest.|
|U.S. v. Span, 970 F.2d 573 (9th Circ. 1992)||Defendants do not have a right to resist arrest by federal officers even if supported by probable cause|
|U.S. v. Cunningham, 509 F.2d 961 (D.C. 1975)||Federal officers engaged in performance of their duty may not be forcibly resisted; the subject of officers’ action must submit peaceably and seek legal redress thereafter.|
|U.S. v. Beyer, 426 F.2d 773 (2nd Cir. 1970)||Even if warrant of arrest or arrest itself had been invalid, defendant was not entitled to resist arrest by physically assaulting federal officer executing warrant|
|Darrah v. City of Oak Park, 255 F.3d 301 (6th Cir. 2001)
|Federal court (applying state law) found that while arrestees have the right to use physical force to resist an unlawful arrest, third-party intervenors do not have the same right.|
|United States v. Heliczer, 373 F.2d 241 (2d Cir. 1967)
|Bystander was guilty of assaulting a federal narcotics agent and interfering with agent’s performance of official duties because bystander attempted to kick one of the agents, even though bystander had opportunity to inquire of the agents about the arrest of another party, but did not do so.
“[A]s a general rule, he has no right to intervene if in fact a lawful arrest is being made by a federal agent, whether the bystander knows it or not, because, like the person being arrested, he is subject to [other caselaw] and to a great degree takes a chance in assisting another to resist arrest.”
|Amaya v. U.S., 247 F.2d 947 (9th Cir. 1957)||Defendants, suspected to be aliens by an immigration officer, were found guilty of who 18 U.S.C.A. § 111, when immigration officer entered a public café and commenced asking persons therein suspected to be aliens as to their place of birth. The officer was struck by the first defendant while questioning the man, who was edging toward the front door. As the officer attempted to handcuff the first defendant, a co-defendant jumped the officer and took his gun.|
|U.S. v. Cho Po Sun, 409 F.2d 489 (2d Cir. 1969)||Two immigration officers, employed to assist in obtaining compliance with immigration laws, were assaulted by the defendant when they went into the kitchen of a restaurant where six Asian employees were present and asked the defendant questions as to his citizenship status.
*Note: The court rejected the defendant’s argument that the officers had no right to interrogate him, since he was neither an alien nor a person reasonably believed to be an alien whom they were authorized by 8 U.S.C.A. § 1357 to interrogate.
|United States v. Cain, 413 F. Supp. 2d 197 (W.D.N.Y. 2006)
|U.S. Marshals were arguably engaged in the performance of official duties when they were allegedly assaulted while assisting state officers in executing a state arrest warrant, acting pursuant to a MOU where state and federal officers worked together in apprehending persons with outstanding state and federal bench warrants.|
Call to Action
I feel strongly that the aggressive pursuit and removal of immigrants, in the manner of the current administration, is morally wrong and inhumane. It is driven by racism and xenophobia, and has at its base some of the ugliest of human beliefs. In Stand, Fight, Resist I wrote:
Libraries are powerful forces for good. Now is the time to muster our powers, to stand brave against the people who seek to limit and reduce our rights and our understanding of the world….This country, and the people in it, deserve a better world than the one that is currently being forced upon them. Use your power as pillars of your communities, as the guardians of knowledge and the providers of help, use that power now to resist the normalization of fascism and bigotry, of hate and fear and greed. Stand for truth and knowledge, justice and equity for all. Stand for facts, and stand for those who are most at risk. Stand against the horrorshow revealing itself to us, and fight with those who are determined to create equity among people, justice in the face of the unjust, and love out of hate.
I’m not sure how to say it better than that. Libraries must stand for justice and freedom for all people, for the best parts of our republic. We need to continue to fight on the information front, to show that immigrants who come to this country bring with them the strength that will make the US better than it is now.
Concretely, libraries need a clear and direct set of policies that outline their response to an immigration enforcement action. We need to have those in place now, as quickly as possible. There needs to be a clear set of directives for your staff, meetings to gather feedback and to clarify your local threat model (libraries on borders will have very different sets of threats than non-border libraries), and connections made with local civic and non-profit groups that are already active in this space. You need to have meetings with your Mayor, City Council, and local representatives about this issue. We need to be ready to protect our communities.
As bad as things are in this moment, they are going to get much, much worse. The administration has a stated goal of the removal of all undocumented immigrants in the US, which amounts to over 10 million people. There is no way to do this humanely, or with respect for human dignity and agency. It is the equivalent of rounding up, processing, and deporting every single person in New York City and Chicago, combined. It is easy on the Internet to fall into Godwin’s Law, and until recently one could expect that comparison of a current practice to the Nazi Party was, in fact, somewhat hyperbolic. Rounding up 11 million people, placing them into “detention centers” and attempting to remove them from our society…I’m not sure there are comparisons other than the Nazis that make any sense of it.
We are better when we embrace differences, when the marketplace of ideas is a bustling mercado and souq. None of us is as smart as all of us, and we are going to need all of us if we are to find that future where the United States is still a shining city upon the hill. That light is dimmed now, and sputtering, but it isn’t dark just yet. Libraries are partial keepers of this flame, and we need to be prepared to protect the people in our communities when they are threatened, however and whenever we can.
It has been quite a couple of months since my last post, and I suppose the best I can say right now is that my fears that were outlined in Stand, Fight, Resist have only amplified. Fascism is no longer a theoretical threat, it is real and it is working systematically to tear down the checks and balances of our republic, from an open and free press to judicial oversight of legislative and executive overreach. In the midst of all of this, I have never been prouder to be a librarian, to watch the profession react (sometimes poorly, but react all the same) to these political times. I’ve been doing what I can as a citizen to communicate to my elected representatives how important their choices are, and what they might mean for our collective future. I’m also looking for opportunities to write and present on privacy and information security for libraries and librarians, trying to help where my particular set of knowledge and skills may.
As a librarian and technologist, I’m doing several thing over the next few months that I wanted to mention here…if you are attending any of these events, please let me know!
February 24-26th – MisInfoCon, Cambridge, MA – http://www.misinfocon.com
I’m incredibly excited to be a part of this event, which is being hosted by the MIT Media Lab and the Neiman Foundation for Journalism. From their website:
MisinfoCon is a community of people focused on the challenge of misinformation and what can be done to address it. The gathering seeks to strengthen the trustworthiness of information across the entire news ecosystem: journalism, platform, community, verification, fact checking and reader experience.
Bringing together participants from different backgrounds to lead discussions and develop and test product prototypes, our goal is to connect leaders and develop actionable steps on how the various sectors can work together.
This is obviously somewhere where I think librarians have enormous knowledge and potential to make a difference. I often find that, unfortunately, journalists and policy makers don’t think about librarians in this capacity, but I’ll be there flying the librarian flag high. I hope others are there to help me in that quest.
March 5-10th – Special Libraries Association, Arabian Gulf Chapter Conference, Manama, Bahrain
I am very excited about the opportunity to meet and speak with librarians from the Middle East, as it is a part of the world where I have very little personal knowledge of their challenges and opportunities. At the same time, the last couple of weeks have made me extremely cautious of international travel…especially to a Muslim-majority country. Not because I am concerned about my safety there, or that I have worries about Islam, but because of the recent actions of my own country relating to re-entry into the United States. Reports of highly-improper questioning, requests for social media information (including passwords), and seemingly arbitrary delays and overly-aggressive confrontations with DHS officers have all made me carefully consider what I am comfortable with on those fronts. And I’m a white male American, cis-presenting and everything…I am, as Scalzi pointed out, playing this game on easy mode. I cannot imagine the difficulties and considerations that must go into this sort of travel if I were not.
June 10-15th – Next Library 2017, Aarhus, Denmark
I will be participating in the Next Library conference, as a part of a panel on Smart Libraries. It will be the European debut of Measure the Future, and I am very excited to be a part of it. I’ve spent most of the last 2 years thinking about and working on the development of sensor-based metrics that give librarians much better ideas of usage and attention in their spaces. I can’t wait to meet and learn from the amazing librarians in Aarhus.
There are a couple of open possibilities in April and May, but those aren’t quite nailed down yet, including maybe a couple of online “Personal Information Security” classes that I’m hoping to offer very soon. If you’re interested in that, watch this space.
The idea that libraries are neutral spaces has been well and disabused over the last few years. From the services we offer to the collections that we curate, the decisions that libraries and librarians make are political ones that reflect values. Sometimes those are the values of the organization, sometimes the values of the individuals, and sometimes they are the values of the communities that the library serves. Those values are illustrated by our technologies, our ontologies, and our descriptors. Those who attempt to hold that “neutrality” of information access is an ideal for which to strive have had a hard time holding to that stance as increasing numbers of librarians question and deconstruct our profession. I would like to suggest something even stronger…that even if it were possible for libraries to be neutral spaces, that to create such a space would be morally questionable, and potentially actively morally wrong.
I say this as someone who firmly believes in the maxim of combating bad speech with more speech. I am not here advocating controls or restrictions on speech. But it is not the responsibility of every library to collect and distribute literature of hate, or falsehoods, or lies. Some libraries do need to collect everything, the good and the bad, for archival and historical study purposes, but those libraries are fairly obviously identified in practice and the vast majority of libraries should and could take a stand with their actions, programs, policies, and collections to be on the side of justice and scientific fact.
Neutrality favors the powerful, and further marginalizes the marginalized. In the face of the current political climate, with the use of opinions as bludgeons and disinformation as the weapon of choice for manipulation and intellectual coercion, it is up to those who value fact and believe in the care of those in need to stand up and positively affirm that to do otherwise is evil.
For libraries and librarians, that means:
- Making the physical space of the library safe for those that need it by publicly stating your stance on the targeting of marginalized communities and then following up with actions and policies that back up those statements
- Protecting your patrons from targeting and oppression, even in the face of possible governmental pressures, by resisting calls for information about your patrons at every level
- Making your digital spaces safe for patrons by limiting the data you collect, eliminating the data that you store, encrypting your communications at all levels and importantly insisting that your vendors do the same
- Running programs that actively provide support for your at-risk patrons, whatever that looks like in your community
- By being the voice of reason and compassion when dealing with your city or county government, and by modeling the same by advocating for those at risk
These things are vital and necessary. Especially now.
It has been barely more than a month since Election Night 2016, and the normalization of the President-Elect and his positions have already taken hold. Major media outlets report his actions but don’t follow up to question his statements or refute his words. When one of his key surrogates, Scottie Neil Hughes, says that facts aren’t real anymore, we that live in the real world must not simply accept these types of statements.
This moment in history is not the time for neutrality, it is not the time for libraries to quietly serve their communities. When I say that the next 4 years may be the most important in the history of our country, I am not doing so metaphorically or in an attempt at hyperbole. I sincerely believe that the fate of the republic is potentially at hand, and that the threat of fascism is real and imminent. In the face of such potential, the library is both refuge and target, bastion against disinformation and simultaneously at risk of being trampled under the boot of anti-intellectualism.
Neutrality should be abandoned, and we must stand positively against the threat of the removal of rights of citizens and noncitizens alike. We must eschew presenting false equivalency between two opposing explanations about the world when one is evidence-based and the other is not. We must continue to defend a fact-based world, rooted in the scientific method of understanding, an understanding of reality that is testable, refutable, and falsifiable . We must build collections that reflect the scientific consensus about the world, and not fall prey to the rhetoric of “balance” and “opinion”. Opinion does not hold once it begins impinging upon the personhood of others, nor when it stands in opposition to accepted scientific facts. We must be the defenders of fact and reason.
Maya Angelou said “when someone shows you who they are, believe them the first time.” Our President-Elect has shown us who he is: a shallow, ignorant man who surrounds himself with those who seek power at the expense of the marginalized and will use every opportunity to demonize in order to dehumanize those they wish to trample. Our government will soon be composed of those who want to actively harm LGBTQ people among us, that wish to hunt down and persecute people for their religion, that have such base misunderstandings of the Constitution and the Bill of Rights that they are prepared to roll back hard-won freedoms for the sake of their own comfort and power. If history shows us anything about those that seek this sort of power, it is that it is best for a society when that power is held in check and they are not allowed to be overly comfortable.
The library must be a space for all and everyone, but most importantly those at most risk, both now in the future. It must be a positive force for our understanding of the world and our compassion for the people within it. Neutrality and balance are not the way forward. We must resist the forces that seek to normalize segregation, aggression, and ignorance.
Libraries are powerful forces for good. Now is the time to muster our powers, to stand brave against the people who seek to limit and reduce our rights and our understanding of the world. Let us throw off the false cloak of neutrality and work to embrace and support a world of social justice, equity for all, and scientific understanding. This country, and the people in it, deserve a better world than the one that is currently being forced upon them. Use your power as pillars of your communities, as the guardians of knowledge and the providers of help, use that power now to resist the normalization of fascism and bigotry, of hate and fear and greed. Stand for truth and knowledge, justice and equity for all. Stand for facts, and stand for those who are most at risk. Stand against the horrorshow revealing itself to us, and fight with those who are determined to create equity among people, justice in the face of the unjust, and love out of hate.
This work is licensed under a Creative Commons Attribution 4.0 International License.
I was honored to give the opening keynote for the SEFLIN 2016 Virtual Conference, entitled “Innovation & Disruption: Past, Present, Future” where I talked about why innovation is important in libraries, how structures disempower innovation, and what technologies I am watching for their capacity for disruption. It was this last topic that garnered the most comments during the talk, and even afterwards via email and twitter.
I have come to believe that we’re on the cusp of some truly weird societal changes due to the exponential growth of technology. AI/Machine Learning, Robotics, ubiquitous presence and sensornets via the Internet of Things, decentralization….all of these things are beginning to turn the corner from interesting ideas into realized technologies in the world. A couple of them in particular that I spoke about have what I think are truly frightening outcomes over the next decade, and I’m hoping to expand my thinking on why and how here. Let’s start with robots, in the form of autonomous automobiles.
Robots, in the form of self-driving or autonomous vehicles, are going to transform the US economy in ways that, for certain populations, may be disastrous. I think it’s fairly clear at this point that we are moving towards autonomous vehicles at breakneck speeds, and there seems to be a pretty clear map that gets us from the current state of somewhat-partial autonomy to autonomous-on-interstates and finally to fully doesn’t-need-a-human vehicles. The consensus among people who do this stuff is that the easiest problem to solve is that of long-distance interstate or highway travel, and the largest target for disruption to this type of driving is that of commercial trucking.
When it comes to automation, commercial trucking has a lot of things going for it. From the perspective of the companies doing the movement of goods around the country, fewer drivers is better in almost every way: fewer accidents almost assuredly, but also lower fuel costs (as computers are very, very good at optimization algorithms), fewer delays (same reason), and over time huge costs savings…robots do not yet require health coverage and retirement plans. There are benefits of partial autonomization as well…we don’t have to have fully self-driving trucks for there to be huge benefits for the companies involved, since the reduction of humans in the equation will garner cost savings immediately, and one can easily imagine a pathway that begins reducing drivers gradually: instead of needing 3 drivers for 3 trucks heading across country, 1 driver in the first truck acting as “lead” could be followed by 2 robotic trucks in sort of psuedo-autonomous caravan.
This move from One-Human-per-Truck to One-Human-per-X-Trucks to No-Human-At-All is going to happen over the course of the next 5-10 years. Currently, one of the most common middle-income jobs in the entire US is that of a truck driver…not always over-the-road, but again as we move from pseudonymous to autonomous the disruption will happen at ever-more-local levels. As this job is displaced by automation, there will be larger and larger numbers of workers that go from middle-income to greatly reduced or no income over the course of the next decade. These workers disproportionately live in rural areas of the country, and are the most vulnerable economically as there are fewer secondary labor options for them.
The people in rural areas often also have higher than average relocation burdens to overcome. Simply “moving to where the jobs are” isn’t really an option at all, for both emotional and practical reasons. In my areas of interest (KY, TN, the rural South) there is a huge emotional and psychological connection to the place and the community…getting out has a huge cost and those that do move to more economically vibrant areas are seen as deserters or traitors. More practically, there is a cost-of-living gap between the rural US and cities/suburbs that is a barrier for movement for many. When you sell your $50,000-$100,000 home and the land that your great-grandfather settled and was passed down to you, the move to any city is simply impossible financially. The math just doesn’t work to be able to reasonably move your family into a home even in the suburbs for that much, and trading the stability of a mortgage for renting an apartment when the entire reason you are moving is wage depression and loss…well, it just isn’t possible.
We have a situation where, over the course of the next decade, one of the most common middle-income jobs in the rural US could disappear, and it could mostly affect areas where the secondary job market for these workers is very constrained. The social services for everything to information about re-skilling to job application fulfillment will fall to the public library in their communities, as they are very often the only easily accessible and well-trusted governmental program in rural areas.
In addition to largely helping to deal with this crisis on an individual level, libraries will be stuck with ever-decreasing budgets in areas where said budgets are based on local taxes. The slow-motion economic collapse of rural america that has played out in the areas that I care about the most (the rural south, Eastern Kentucky, Middle Tennessee) will accelerate, and as these jobs collapse, families will be devastated and the tax base for library support will dwindle.
Libraries will be in a situation where they are asked, yet again, to do more for their local communities when the very communities that they are trying to save can’t possibly contribute to their budgets.
Since we love to argue with each other, when I pointed out on Twitter than I thought this round of economic upheaval due to automation was different, Tim Spalding of Librarything said:
— Tim Spalding (@librarythingtim) September 16, 2016
Tim points out a common refrain from people who are skeptical of the ability of automation to “take jobs” from humans. He’s right to be skeptical, as every previous time this has happened, the overall economy has grown and individuals have re-skilled and found new jobs. Automation hasn’t, in the past, actually ended in a removal of jobs on average from a country, nor has it decreased average earnings.
The problem with that argument is that it generalizes from large-scale to small-scale. On average, the numbers for the US might still look ok…but the small towns, the places that are only still places at all because of their ready access to an interstate, those places and the people in them are going to have a very rough time of it. There are more jobs in the energy sector than ever before, but that doesn’t help the coal miners in Appalachia.
This highly localized effect will disproportionately affect the rural parts of the US, and thus will also disproportionately affect the libraries in those areas….libraries that are often already vulnerable to small changes in budget. My concern is that as this change begins, we will see a sort of wave of challenges: first the trickle of job loss, which begins to put pressure on local economies, and as the trickle becomes a swell and then a wave the combination of decreasing wages and localized economic depression will increase the movement out of rural areas. This will further depress the tax base, and rural library systems will see an ongoing downwards slope of budget.
There is an admitted problem of what the timeline looks like for this entire process. The automation of trucking is likely to begin affecting local economies in the next 5-10 years, but the rest of my prediction (the increased exodus of youth from rural areas, the mobility of those that can move quickly as opposed to the generational resettling that this movement begets) will take perhaps decades to fully unfold.
Is it possible that there will be a counter-balancing effect of some type that maintains the economy of these areas? Some form of job replacement that offsets, even partially, the jobs lost to autonomous trucks? For the country as a whole, of course there will be. There are going to be yet-unimagined new opportunities. As depressing as this possible-future is for rural America, I am overall a technological utopianist. I think that big-picture, we are moving in positive directions. If nothing else, I would absolutely be willing to trade localized economic disruption for the massive savings of human life that we will see as humans are replaced as drivers.
But the places that I love are going to be hurt. And even when I know that the good outweighs the bad, the bad is still bad.
How can libraries make a difference? Simply being aware of this possible future is the first step, and watching for leading indicators in their communities. Strategically, getting in front of the job loss wave by preparing for re-skilling and educational opportunities, making connections with other community resources in those arenas as well as other governmental offices that will be needed could be a way of preparing to be of the most use to the community. Rural libraries should have a relationship with their nearest community colleges or other formalized higher education options and should have strategies in place that help people move into formalized training or other economic recovery options.
In the next installment of Disaster Scenarios, I hope to take a look at AI/Machine Learning and see if there’s a similar story to tell about the way it is going to change not only how people interact with information, but how they are able to interact with information and the risks therein. I think information professionals might be in for some real weirdness in the next decade.
Below are the slides from my presentation given at Internet Librarian 2016 concerning the blockchain and how it may change our perceptions about intellectual property. The blockchain provides for something unique in the history of our digital world, that of provable digital scarcity. The fact that we can have scarce digital objects for which ownership is publicly provable is a very odd concept, and is contrary to the last 20 years of thinking about digital objects. That concept, along with the peculiarities of data storage on the blockchain, should interest information professionals for its potential.
Alongside the general interest, blockchain driven tech stands to change the way the Internet and Web are structured and move power away from the center and towards the edges and the users of the systems. I’ve written about why this should be interesting to libraries, and I continue to believe that the next 5 years will see a slow motion movement towards these technologies.
Here is the keynote I delivered last month in Cali, Colombia (link to original post with slides and more). The topic is trends and the future of technology, with a focus on how that future should concern libraries. This is the first time I’ve done a dual-language presentation…my wonderful wife gave me the assist on the slideshow, and the conference provided real-time English-to-Spanish translation over radio for participants, and Spanish-to-English for me where necessary. It was a fascinating and wonderful experience, although exhausting.
There is a tiny bit of technical difficulty in the middle of the thing…had to do some fast editing just before giving the talk due to my laptop audio getting fried by a bad cable (Protip: don’t plug an electrically live cable into your computer’s minijack). Please excuse a bit of fumbling on my part. Otherwise, I hope this is useful!
Way back in 2014 I wrote a Library Technology Report called 3D Printers for Libraries, one of the first long form works that set out to explain 3D printing to librarians. It is licensed under a CC BY-NC license, and 2 years seems like plenty of time for me to avoid linking to a copy here on the blog, so if you’re interested, here’s a PDF copy of it for you.
Since then, the market for 3D printers has exploded, but there have emerged a few new leaders that weren’t as well established when I wrote the LTR. Since that report was released, my favorite printers and the ones that I recommend for libraries are the Lulzbot Mini and Lulzbot Taz 6…they are spectacular FDM printers, capable and easy to use. Even better, they are certified Open Hardware and use Open Source software top to bottom, which means that they are easily repaired and have a myriad of options for printer management, slicing, and control.
One of those options is something that I’ve not seen recommended for libraries, but that I feel like they and others could get a huge amount of mileage from. Octoprint is an open source control program for 3D printers that runs on a variety of hardware (there are install instructions for Windows, OS X, and Linux) but by far the most interesting and useful method for using it is via the OctoPi project that uses a Raspberry Pi as a host for the Octoprint system and all its requirements. You can download pre-built images for a Raspberry Pi, flash an SD card, boot up the Pi, and have a robust and flexible management system for your 3D printer ready to go.
What does Octoprint do? For compatible printers (which includes nearly any that use the industry standard gcode instructions to print), Octoprint can control every aspect of the printer, including:
- Print queuing
- Physical control (movement of printhead, temperature, etc)
- Gcode previewing, including printhead movement
- Start, stop, and pause prints
- Full plugin architecture that allows for everything from cost estimation and filament usage, printer usage statistics, and integration with a variety of messaging apps (get Slack notifications when a print is completed, for example)
- Native support for video streaming via an attached webcam, including the ability to use the same camera for time lapses of your prints
The best part? All of the above take place in a web browser. No client software needed, no keeping up with installs of Cura or other printer-specific software. Suddenly you can start a print or monitor your printer from anywhere on your network, or from anywhere in the world if you forward the appropriate port externally. I recently uploaded and started a new print on the printer in my basement while in a different hemisphere…
You can preset the available plastic types and quality settings through printing profiles for slicing of uploaded STL files. For my part, since my primary printer is a Lulzbot Mini, I just downloaded the profiles directly from the manufacturer and uploaded them to Octoprint, and can now upload any STL that I find directly to my printer, from anywhere I am in the world.
For most libraries, just the ease of statistics and usage tracking would be enough to make Octoprint useful enough to try out.
But add in the ability to control your printer(s) from any computer, to video stream the printing and watch for errors remotely, to be alerted when a print completes…it’s just a much more robust way of managing your 3D printing. And for the cost of a Raspberry Pi and maybe an hour of setup, you can be up and running.
This isn’t to say that Octoprint solves all 3D printing problems. It’s largest shortcoming in my opinion is its lack of plating tools…if you have an STL, you are stuck with just printing that single STL with Octoprint. If you need to plate several STL files together on a single print plate, you would have to do that in Cura or other program (you could even do it in Tinkercad if you wanted to stay in-browser I suppose) and then either save the collection as an STL or go ahead and slice it to gcode and upload the gcode directly to Octoprint. It is technically possible for a single install and Raspberry Pi to control more than one 3D printer, but it isn’t built in to the system and is something I’d only recommend to technical users. RPi’s aren’t expensive, and having one per printer isn’t the end of the world, but hopefully over time the OctoPi setup will evolve to handle multiple printers natively.
I’ve been using the latest version of Octoprint for months now, and it’s simplified so much of my work with my 3D printer. If you are responsible for running the makerspace or 3d printer service in your library, check out Octoprint. I’m guessing it will make your life easier.
I’m considering putting together a workshop on how to install and use Octoprint with your 3D printer…would anyone be interested in such a training? If so, leave me a comment and let me know, I’ll see if I can find a venue and do it sometime this winter.