CAPPS II: Questions that need to be answered By Steve Lilienthal web posted March 8, 2004 Should CAPPS II be cleared for takeoff? The new, new thing developed by the TSA is something that they claim will enhance aviation. But it has encountered plenty of turbulence already. Certainly, privacy advocates are concerned about the new system with its color-coded risk assessment. Who gets a cautionary yellow? A red rating means you will be forbidden to board. What factors will determine the rating system? What recourse do passengers who think they have been stopped unfairly have? For that matter, just how accurate will this color- coded system be? The TSA admits that they have not been able to fully plan and test the system yet. Clearly, a very important stumbling block has been the failure of the airlines to provide on time passenger data that is needed by the TSA to test the system. Airlines may very well fear that cooperating with TSA will lead to boycotts or bad publicity. Perhaps a more important issue that may be lurking, but one that so far has been largely undiscussed by the airlines and the travel industry, is that the CAPPS II system will saddle them with added costs. Reservation systems will have to be revamped to collect the passenger authentication data required by CAPPS II. It's an unfunded mandate by the Federal government on the travel and airline industry. But the concerns expressed about the system have also been expressed by a recent report called "Computer Assisted Prescreening System Faces Significant Implementation Challenges" that was issued by the Government Accounting Office. Here are some excerpts: "TSA program officials said that testing government databases for overall accuracy will be challenging. For example, TSA does not know exactly what type of information the government databases contain, such as whether a database will contain a person's name and full address, a partial address, or no address at all. Furthermore, a senior program official said that TSA has no indication of the accuracy of information contained in government databases. The official stated that using data without assessing accuracy and mitigating data errors could result in erroneous passenger assessments, and that government database accuracy and mitigation measures will be completed before the system is placed in operation." "Although TSA plans to take measures to mitigate errors in commercial and government databases used by CAPPS II, TSA officials and commercial data providers stated that databases determined to have an acceptable level of accuracy will likely still contain errors. Consequently, in addition to using multiple databases and a process to identify misspellings to correct errors in commercial databases, TSA is also developing a redress process whereby passengers can attempt to get erroneous data corrected. However, it is unclear what access passengers will have to information found in either government or commercial databases, or who is ultimately responsible for making corrections. Additionally, if errors are identified during the redress process, TSA does not have the authority to correct erroneous data in commercial or government databases. TSA officials said they plan to address this issue by establishing protocols with commercial data providers and other federal agencies to assist in the process of getting erroneous data corrected." But will these protocols ensure effective followup? To get others to "assist" in making corrections makes it sound as if the commercial or government agencies keeping the data bases are doing aggrieved passengers a favor, not fulfilling what should be an iron-clad responsibility to maintain the accuracy of their databases. How much teeth will these protocols have? How effective will the monitoring process be? The GAO report credits the TSA for issuing plans that "appear to address many of the requirements of the Privacy Act, the primary legislation that regulates the government's use of personal information." However, the GAO report goes on to say: "In January 2003, TSA published a proposed rule to exempt the system from seven Privacy Act provisions but has not yet provided the reasons for these exemptions, stating that this information will be provided in a final rule to be published before the system becomes operational. As a result, TSA's justification for these exemptions remains unclear. Until TSA finalizes its privacy plans for CAPPS II and addresses such concerns, we lack assurance that the system will fully comply with the Privacy Act." The Department of Homeland Security, in which the TSA is housed, has a Chief Privacy Officer who, among other things, is supposed to ensure DHS agencies are in compliance with Privacy Act measures. However, how effective can the CPO be in ensuring privacy act protection under CAPPS II when the TSA is seeking a number of exemptions? Consider what is stated below by the GAO report: "...TSA plans to exempt CAPPS II from the Privacy Act's requirements to maintain only that information about an individual that is relevant and necessary to accomplish a proper agency purpose. These plans reflect the subordination of the use limitation practice and data quality practice (personal information should be relevant to the purpose for which it is collected) to other goals and raises concerns that TSA may collect and maintain more information than is needed for the purpose of CAPPS II, and perhaps use this information for new purposes in the future. Further, TSA plans to limit the application of the individual participation practice -- which states that individuals should have the right to know about the collection of personal information, to access that information, and request correction -- by prohibiting passenger access to all personal information about them accessed by CAPPS II. This raises concerns that inaccurate personal information will remain uncorrected in and continue to be accessed by CAPPS II." The GAO report does admit that the actions to restrain the use of Fair Application Policies -- international principles reflected in the Privacy Act -- are not violating federal requirements. In GAO's view, TSA is attempting a balance between privacy and concerns regarding enforcement and administration. The conclusion of the GAO report states: "Without proper oversight, there is limited assurance that the system and its data will be adequately protected against misuse, and that the system is operating as intended...Lastly, given the concerns regarding the protection of passenger data, the system cannot be fully accepted if it lacks a comprehensive redress process for those who believe they are erroneously labeled as an unknown or unacceptable risk." The DHS differs with key conclusions of the GAO report. They stress that CAPPS II is still a system that is "under development" but overarching privacy policies and redress mechanism have been established." The selective quoting in this commentary reflect the entire range of concerns covered in the extensive 50 page GAO report and the Department of Homeland Security's side, expressed in a letter over two pages that was signed by Undersecretary for Management Janet Hale, is clearly treated in passing in this commentary. The report in its entirety and the DHS letter is available on the GAO webpage: It's worth noting that even The Heritage Foundation in a recent webmemo called "Passenger Screening Program is Vital -- and Vital to Get Right" by James Carafano, Paul Rosenzweig and Ha Nguyen, asserts that "Several privacy and data protection issues...should be addressed before CAPPS II is deployed" and that congressional guidance is needed to "set criteria for data accuracy, prevention of unauthorized use, privacy protection, and redress procedures and should require guidelines and risk mitigation strategies to prevent costs from spiraling out of control." If you travel frequently or have experienced problems with government or commercial databases or both then you have every reason to want to learn more about CAPPS II because this system and its color coded risk assessment will determine whether you will be able to board a plane and takeoff to your destination. The use of government and commercial databases and their accuracy and the effectiveness of the privacy protections that will be in place and the procedures for effective recourse for passengers who feel that they have been misrated by CAPPS II are also significant concerns and certainly invite questions. The Senate Commerce Committee or one of its subcommittees is expected to hold a hearing within the next few weeks on CAPPS II. There's no better time than now to let the senators and staff who serve on that committee know what questions you want answered about this system. Steve Lilienthal is Director of the Center for Privacy and Technology Policy at the Free Congress Foundation. Enter Stage Right -- http://www.enterstageright.com