Privacy advocates said the plan was unlikely to deter terrorists from coming into the U.S. and might be turned upon Americans traveling abroad.

Share story

WASHINGTON — Privacy advocates voiced indignation Thursday at a White House plan to demand that some visa-bearing foreign travelers to the United States provide officials the passwords to their social-media accounts and turn over their cellphones to be searched.

The advocates said the plan was unlikely to deter terrorists and might be turned on Americans traveling abroad.

“If we adopt it, other countries are going to adopt it,” said David Kaye, a law professor at the University of California, Irvine. “Americans who travel better be prepared to provide this to other governments.”

Homeland Security Secretary John Kelly laid out the proposal this week on Capitol Hill and again in an interview with National Public Radio that aired Thursday.

Under the plan, Kelly said, border agents would ask visitors “to give us a list of websites that they visit and the passwords to get on those websites to see what they’re looking at.” Agents would also examine “what they tweet, cellphones, cellphone conversations or cellphone contact books to where we can run them against databases: telephone numbers, people, names.”

To start, Kelly said, the proposal would be aimed at visitors from the seven nations named in a 90-day travel ban in President Trump’s Jan. 27 executive order. (The order is on hold after rulings by an appeals-court panel in San Francisco and a federal judge in Seattle.) Those majority-Muslim countries are Iran, Iraq, Libya, Somalia, Sudan, Syria and Yemen. Kelly added that the program “could be” expanded.

“This is security theater. This isn’t actually going to help,” said Nuala O’Connor, a former Department of Homeland Security official who now heads the Center for Democracy & Technology, a civil-liberties and privacy group headquartered in Washington.

O’Connor called the proposal a “sledgehammer response to the San Bernardino terrorist attack” in late 2015 in which 14 people were slain at a holiday party in that Southern California city.

“The theory of the case is, if we could see everybody’s Facebook profiles and LinkedIn profiles and Twitter accounts — both public and private postings — in theory the country could have prevented San Bernardino,” O’Connor said, noting that one of the two assailants, Pakistani-born Tashfeen Malik, is believed to have posted jihadist rants on Facebook before taking part in the terrorist shooting.

“That is totally flawed,” said O’Connor, who served as the chief privacy officer at DHS from 2003 until 2005 under President George W. Bush. “First off, we don’t have enough translators to read all that stuff.”

“It’s kind of the equivalent of asking everyone to take off our shoes at the airport because of the shoe bomber,” O’Connor said, referring to the 2001 case of Richard Reid, a British Muslim who tried but failed to set off a bomb in his shoes on a flight from Paris to Miami.

Questions about the social-media activity of foreign travelers began under the Obama administration. Since December, DHS has asked visitors from 38 countries — including European Union nations — that usually travel visa-free to the United States to fill out an online form that has an optional listing of social media used by the traveler.

The Trump administration has not outlined how it would store or analyze the information it would collect under the broader policy,

The proposal lit up social media around the world, and one activist said he feared that the information repository of traveler data could become vulnerable.

“From what I heard, when you give up your phone to Homeland Security, they download the contents,” said Jamal Dajani, a journalist, Middle East analyst and founder of Arab Talk Radio, a program based in San Francisco. “Where does that content go to? Where is it kept? How safe? Is it encrypted?”

He noted that U.S. government entities have been hacked by Russia, China and other nations, and that information in the hands of the government is not necessarily safe.