home > archive > 2004 > this article

TSA readies secure fright…just in time for Halloween!

By Dallas Pierce
web posted September 27, 2004

Last week the Transportation Security Administration announced the release of a Privacy Impact Assessment for the testing phase of their new "Secure Flight" program, along with a proposed order to airlines to provide one month's worth of Passenger Name Record (PNR) data to be used for program testing. The PNR data the government is ordering airlines to turn over is from "all passengers who flew in the month of June 2004."

You might remember the earlier version of Secure Flight, CAPPS II, the Computer Assisted Passenger Prescreening System, the controversial airline profiling system that never happened. CAPPS II would have required passengers to supply their birth dates, home phone numbers and addresses before being permitted to board U.S. flights. Under CAPPS II, these and other personal details were to be checked against government and commercial databases, "tagging" individuals with color-coded scores indicating the level of risk they would have posed. Based on the assigned color/score, passengers would have been processed for boarding as normal, or interviewed, detained or subjected to additional searches. Presumably one color/score would have prohibited someone from flying altogether.

Though it's not clear how Secure Flight will differ from CAPPS II, there are no birth dates or home addresses in the PNRs the government plans on ordering airlines to turn over to them for testing in October. Airlines were not required to collect such information back in June, the period from which the government will have acquired the data they'll use to test the new system.

The idea of being "wrongly accused" strikes at the heart of civil libertarians objections to just about anything. How the government intends on accurately matching passenger names to databases without utilizing additional identifying information like birth dates (DOBs) or social security numbers will be interesting to watch [1]. In the end, the government can call the new automated screening program anything they'd like; there's one key reason why they will not attempt to use one without collecting additional information: it can't be done.

Moreover, expecting the government to resist placing this requirement on the backs of the airlines would be a lot like watching them turn around a fully loaded ore freighter in your favorite trout stream. Look for them to order the travel industry to start collecting passenger DOBs as a first step in this process.

Another system designed for the innocent

But why should the government continue using travel industry reservations networks as platforms from which to operate their database checks in the first place? Do they seriously expect terrorists to supply airline reservation agents, travel agents, or worse -- volunteer over the web -- correct spellings of their names (knowing it is from this data that the government would be checking them)? If the purpose were to match an individual's name to a criminal database or watch list, shouldn't it be done directly off the scan of an official document like a passport or driver's license? At a minimum, passengers should be required to physically present their identifying document to authorities at airport checkpoints anyway. Why is the government involving the travel industry in the collection of such data? It's a lot like … well, placing baggage-screening equipment directly under or adjacent to thousands of passengers at airports: it's designing a system under the assumption that only honest, law-abiding people will be flying. That no one's ever going to booby-trap or actually attempt to bring explosives through airport screening.

I'm with the ACLU, innocent until proven guilty, but when it comes to suicidal terrorism, let's not make things quite so easy. Let's design a security system that pre-supposes terrorists will again attempt to fly to, and within, the United States. Rather than trying to design a security profiling system by studying PNRs belonging to all the non-terrorists that flew back in June, let's take a closer look at the 19 we're quite certain about from … say, 3 years ago. Everything we need to know begins with those 19 PNRs. Since we already know there were no criminals among them, at least in the sense that they had no criminal histories in the western world, this might be a good place to start. Imagine telling the ACLU, we're particularly not interested in your clients.

Why the government changed the name of the Trusted Traveler Program

Because they'd rather not "trust" participants in the various Registered Traveler Programs -- even after verifying their personal identities. Semantics? Of course, but what does it say about allowing people to fly when you know even less about them (without use of additional information such as DOBs, Passport numbers, and/or driver's licenses to access risk)? Focusing on real security is going to require hitting the matter head on. Changing the name of CAPPS II in a poorly conceived attempt to disguise and retry an old concept, or worse, in an attempt to try a new less secure one will not fly. The government needs to begin working with private enterprise to develop a secure transportation system that thwarts actual terrorists.

To begin this process they will need to start considering the massive amounts of data airlines have been accumulating on frequently flying customers for the better part of the past 20 years. There's got to be something in there that might suggest that someone who's been flying peacefully over the past 10 to 15 years can be trusted to do so for another 10, 15, or … even, dare it be said; fly peacefully for remainder of their lives?

It's important to keep people with criminal records off airplanes, but considering the backgrounds of those involved in 9/11 (I'd rather we not, since none had records), positively identifying those that have spent years in the U.S., and knowing exactly when, where, and how they've traveled in the past is as crucial to decisions related to accessing them as security risks as most data the government owns.


[1] See Time online story entitled: "You Say Yusuf, I Say Youssouf…" Also note; when the name "Yusuf Islam" is entered into the search engine Google, 79,000 results are returned -- including one for his own "official" web site. In contrast, when the name "Youssouf Islam" is entered into Google, 144 results are returned; few of which are in English. How could the U.S. government have featured such a spelling, particularly to the exclusion of the one he goes by, and, most notably, the one featured on his passport?

Dallas Pierce is the pseudonym of an employee of a major American airline.

Printer friendly version
Printer friendly version
Send a link to this page!
Send a link to this story

Printer friendly version Send a link to this page!

Get weekly updates about new issues of ESR!



1996 - 2005, Enter Stage Right and/or its creators. All rights reserved.