Supreme Court Throws Out 2002 ‘Born in Jerusalem’ Passport Law

Posted: 12:04 pm EDT
[twitter-follow screen_name=’Diplopundit’ ]

Excerpt from the SCOTUS  6-3 decision from ZIVOTOFSKY, BY HIS PARENTS AND GUARDIANS, ZIVOTOFSKY ET UX. v. KERRY, SECRETARY OF STATE (pdf):

Petitioner Zivotofsky was born to United States citizens living in Jerusalem. Pursuant to §214(d) of the Foreign Relations Authorization Act, Fiscal Year 2003, his mother asked American Embassy officials to list his place of birth as “Israel” on, inter alia, his passport. Section 214(d) states for “purposes of the registration of birth, certification of nationality, or issuance of a passport of a United States citizen born in the city of Jerusalem, the Secretary shall, upon the request of the citizen or the citizen’s legal guardian, record the place of birth as Israel.” The Embassy officials refused to list Zivotofsky’s place of birth as “Israel” on his passport, citing the Executive Branch’s longstanding position that the United States does not recognize any country as having sovereignty over Jerusalem. Zivotofsky’s parents brought suit on his behalf in federal court, seeking to enforce §214(d). Ultimately, the D. C. Circuit held the statute unconstitutional, con- cluding that it contradicts the Executive Branch’s exclusive power to recognize foreign sovereigns.

Quick background of this long-standing practice: Place of birth was first added to the U.S. passport designed in 1917. An October 4, 1963 staff study by the Passport Office on “Place of Birth” information in the United States Passport reflects “the passport used during World War I was the first in which including the place of birth of the passport holder was mandatory as part of the identification of the bearer, probably was a wartime travel control measure. The item was included in all subsequent revisions of the passport format, down to and including the present issuances.”

For United States passport purposes, the Department of State has defined the term “bearer’s origin” to be the bearer’s place of birth as it is presently recognized. That entry is included to assist in identifying the individual, not the individual’s nationality. The passport very clearly states that the bearer is a United States national or citizen.

7 FAM 1360: Birthplace in Jerusalem (pdf):

For a person born in Jerusalem, write JERUSALEM as the place of birth in the passport. Do not write Israel, Jordan or West Bank for a person born within the current municipal borders of Jerusalem. For applicants born before May 14, 1948 in a place that was within the municipal borders of Jerusalem, enter JERUSALEM as their place of birth. For persons born before May 14, 1948 in a location that was outside Jerusalem’s municipal limits and later was annexed by the city, enter either PALESTINE or the name of the location (area/city) as it was known prior to annexation. For persons born after May 14, 1948 in a location that was outside Jerusalem’s municipal limits and later was annexed by the city, it is acceptable to enter the name of the location (area/city) as it was known prior to annexation.

.

.

.

.

.

#

Advertisements

Burn Bag: An Exercise on ‘Just Wondering’ About Enduring Accomplishments in Saigon and Kabul EERs

Via Burn Bag:

 

“I wonder if the EERs* written at Embassy Saigon in 1973 contained as many self-congratulatory declarations of enduring accomplishment as those penned at Embassy Kabul in 2015.”

[protected-iframe id=”2728018605606a2e204bac746b181f1e-31973045-31356973″ info=”//giphy.com/embed/lELRD773cY7Sg?html5=true” width=”480″ height=”258″ frameborder=”0″]

(image via giphy.com)

EER — Employee Evaluation Report
Correction: previous burn bag referenced Kabul in 1975. Author meant 2015.

 

OPM Hack Compromises Federal Employee Records, Not Just PII But Security Clearance Info

Posted: 3:39 am EDT
[twitter-follow screen_name=’Diplopundit’ ]

 

On June 4, WaPo reported that hackers working for the Chinese state breached the computer system of the Office of Personnel Management in December, and that the agency will notify about 4 million current and former federal employees that their personal data may have been compromised.

We should note that OPM’s Federal Investigative Services (OPM-FIS) oversees approximately 90% of all background investigations.

Reuters reported on June 6 that most of the State Department employees had not been exposed to the breach because their data was not housed on the hacked OPM systems. Apparently, only those who had previously been employed by another federal agency may have been exposed, it said. Did you get the notice on the data breach?

It appears, however, that OPM has a requirement that all candidates being offered positions of employment at U.S. government agencies or departments, including at the State Department, are to complete their Questionnaires for National Security Positions (SF-86) on-line via the electronic Questionnaires for Investigations Processing (e-QIP). We don’t know what happens to those completed questionnaires after they are submitted to OPM; are they transferred to the State Department and deleted from OPM servers?

OPM released the following statement:

The U.S. Office of Personnel Management (OPM) has identified a cybersecurity incident potentially affecting personnel data for current and former federal employees, including personally identifiable information (PII).

Within the last year, the OPM has undertaken an aggressive effort to update its cybersecurity posture, adding numerous tools and capabilities to its networks.  As a result, in April 2015, OPM detected a cyber-intrusion affecting its information technology (IT) systems and data. The intrusion predated the adoption of the tougher security controls.

OPM has partnered with the U.S. Department of Homeland Security’s Computer Emergency Readiness Team (US-CERT) and the Federal Bureau of Investigation (FBI) to determine the full impact to Federal personnel. OPM continues to improve security for the sensitive information it manages and evaluates its IT security protocols on a continuous basis to protect sensitive data to the greatest extent possible. Since the intrusion, OPM has instituted additional network security precautions, including: restricting remote access for network administrators and restricting network administration functions remotely; a review of all connections to ensure that only legitimate business connections have access to the internet; and deploying anti-malware software across the environment to protect and prevent the deployment or execution of tools that could compromise the network.

As a result of the incident, OPM will send notifications to approximately 4 million individuals whose PII may have been compromised.  Since the investigation is on-going, additional PII exposures may come to light; in that case, OPM will conduct additional notifications as necessary.  In order to mitigate the risk of fraud and identity theft, OPM is offering credit report access, credit monitoring and identify theft insurance and recovery services to potentially affected individuals through CSID®, a company that specializes in these services.  This comprehensive, 18-month membership includes credit monitoring and $1 million in identity theft protection services at no cost to enrollees.

“Protecting our Federal employee data from malicious cyber incidents is of the highest priority at OPM,” said OPM Director Katherine Archuleta. “We take very seriously our responsibility to secure the information stored in our systems, and in coordination with our agency partners, our experienced team is constantly identifying opportunities to further protect the data with which we are entrusted.”

OPM has issued the following guidance to affected individuals:

•Monitor financial account statements and immediately report any suspicious or unusual activity to financial institutions.

•Request a free credit report at www.AnnualCreditReport.com or by calling 1-877-322-8228.  Consumers are entitled by law to one free credit report per year from each of the three major credit bureaus – Equifax®, Experian®, and TransUnion® – for a total of three reports every year.  Contact information for the credit bureaus can be found on the Federal Trade Commission (FTC) website, www.ftc.gov.

•Review resources provided on the FTC identity theft website, www.identitytheft.gov.  The FTC maintains a variety of consumer publications providing comprehensive information on computer intrusions and identity theft.

•You may place a fraud alert on your credit file to let creditors know to contact you before opening a new account in your name.  Simply call TransUnion® at 1-800-680-7289 to place this alert.  TransUnion® will then notify the other two credit bureaus on your behalf.

How to avoid being a victim:

•Be suspicious of unsolicited phone calls, visits, or email messages from individuals asking about employees or other internal information.  If an unknown individual claims to be from a legitimate organization, try to verify his or her identity directly with the company.

•Do not provide personal information or information about your organization, including its structure or networks, unless you are certain of a person’s authority to have the information.

•Do not reveal personal or financial information in email, and do not respond to email solicitations for this information. This includes following links sent in email.

•Do not send sensitive information over the Internet before checking a website’s security (for more information, see Protecting Your Privacy, http://www.us-cert.gov/ncas/tips/ST04-013).

•Pay attention to the URL of a website.  Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com vs. .net).

•If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly.  Do not use contact information provided on a website connected to the request; instead, check previous statements for contact information.  Information about known phishing attacks is also available online from groups such as the Anti-Phishing Working Group (http://www.antiphishing.org).

•Install and maintain anti-virus software, firewalls, and email filters to reduce some of this traffic (for more information, see Understanding Firewalls, http://www.us-cert.gov/ncas/tips/ST04-004; Understanding Anti-Virus Software, http://www.us-cert.gov/ncas/tips/ST04-005; and Reducing Spam, http://www.us-cert.gov/ncas/tips/ST04-007).

•Take advantage of any anti-phishing features offered by your email client and web browser.

•Employees should take steps to monitor their personally identifiable information and report any suspected instances of identity theft to the FBI’s Internet Crime Complaint Center at www.ic3.gov.

Potentially affected individuals can obtain additional information about the steps they can take to avoid identity theft from the following agencies. The FTC also encourages those who discover that their information has been misused to file a complaint with them.

More:
.

.

.

.

#

Photo of the Day: Meet John Kerry’s Top Lieutenants

Posted: 2:43 am EDT
[twitter-follow screen_name=’Diplopundit’ ]

 

 

Who’s missing from the picture? Tom Sullivan.  He was appointed Deputy Chief of Staff on April 20, 2015 but his bio was not up at state.gov when we blogged about these appointments in May. The official bio is now up:

Tom Sullivan serves as Deputy Chief of Staff for Policy at the U.S. Department of State. Most recently, he was Principal Deputy Assistant Secretary in the Bureau of Legislative Affairs.

Prior to joining the Department of State in August 2012, he worked for U.S. Senator Amy Klobuchar from 2007-2012, serving as her Deputy Chief of Staff.

He previously worked at the Council on Foreign Relations as a Research Associate to President Emeritus Leslie Gelb from 2003-2005.

A native of Minneapolis, MN, Tom holds a M.A. in International Affairs from the University of Chicago and a B.A. from Yale University.

Related post:
Who’s Running Foggy Bottom? You Get Three Guesses. Wait, Four Guesses?

#

Most Apt Question on #ClintonEmails: “Simply put, where was everyone?”

Posted: 2:36 am EDT
[twitter-follow screen_name=’Diplopundit’ ]

 

“I remain mystified by the fact that the use of a private e-mail account apparently went either unnoticed or unremarked upon during the four-year tenure in office of the former secretary” […] ”Simply put, where was everyone? Is there any record indicating that any lawyer, any FOIA officer, any records person, any high-level official ever respectfully confronted the former secretary with reasonable questions about the practice of sending e-mails from a private account? It is unfathomable to me that this would not have been noticed and reported up the chain.”

Jason Baron
Former Director of Litigation, NARA
Source: HRC Emails: Federal officials voiced growing alarm over Clinton’s compliance with records laws, documents show

 #