dcsimg
RealTime IT News

TSA Books Data Mining Program

The Bush administration is again raising the ire of privacy groups with the announcement last week of a controversial pilot program for airlines known as the Computer-Assisted Passenger Pre-Screening System II program (CAPPS II).

The new system, which will be administered by the Transportation Security Administration (TSA), will scan government and commercial databases for potential terrorist threats when a passenger makes flight reservations.

Under the program, airline passengers will be required to provide their full name plus address, phone number and date of birth. Once that information is entered, the airline computer reservation system will automatically link to the TSA for a computer background check on the traveler that can include a credit, banking history and criminal background check.

The TSA will then assign a red, yellow or green score to the passenger based on the agency's risk assessment of the traveler. The score color will then be encrypted on the passenger's boarding pass. A green score will allow passengers to proceed through the usual airport security checks. Passengers with a yellow score will be subjected to additional security checks and a red score will ground the passenger.

According to a January Federal Register notice containing some details of the program, a yellow code in a person's file could be shared with other government agencies at the federal, state and local level, with intelligence agencies such as the CIA and with foreign governments and international agencies.

Lockheed Martin has developed the program technology infrastructure and will administer it for TSA through a five-year, $12.8 million task order contract. IBM is developing the front-end architecture while Delta Airlines will begin testing the program later this month at three undisclosed airports. TSA will conduct the actual risk assessments.

In announcing the Lockheed Martin contract last week, the Department of Transportation issued a statement that said, "CAPPS II is being designed with the utmost concern for the individual privacy rights of American citizens. CAPPS II is a passive system activated by a traveler's airline reservation request."

The statement also said a passenger's full name, address, phone number and date of birth will be the "only public source information that TSA will collect for CAPPS II."

Privacy and civil liberties groups, however, were quick to criticize the CAPPS II program.

"CAPPS II is based on the same concept as the Pentagon's Total Information Awareness (TIA) program, which proposed massive fishing expeditions through some of our most personally sensitive data," said Barry Steinhardt, director of the ACLU's Technology and Liberty Program. "We are all concerned about airline security, but we must not let the unique needs in our airports give the government an opening to create the kind of Big Brother program that Americans rejected so resoundingly in the Pentagon."

The TIA program, under the direction of the Defense Advanced Research Projects Agency (DARPA), aims to capture the "information signature" of people in order to track potential terrorists and has been sharply criticized by privacy and civil liberties advocates. Congress is currently blocking funding for the program because of privacy concerns.

According to ACLU, the CAPPS II program would collect information about individuals including financial and transactional data, which could include credit card and other consumer-purchase data, housing information, communications records, and health records. The ACLU says it would also make use of public source information such as law enforcement and legal records.

"This (CAPPS II) system threatens to create a permanent blacklisted underclass of Americans who cannot travel freely," said Katie Corrigan, an ACLU legislative counsel. "Anyone could get caught up in this system, with no way to get out. Despite the potentially serious consequences of being accused by your own government of being a security risk, CAPPS II would not allow innocent Americans to see the information that such a designation was based on, would not permit them a meaningful way to appeal, and would not reveal the criteria on which such judgments were based so they could avoid suspicion in the future."

PrivacyActivism, a coalition of the Electronic Frontier Foundation, Privacy Rights Clearinghouse, the Cyber Privacy Project, and CASPIAN, has filed comments with the Department of Transportation, strongly opposing the CAPPS II proposal.

Delta's participation in the program spawned a Boycott Delta site that went live on Monday morning. Site creator Bill Scannell, a former journalist who nows work in public relations for a Silicon Valley-based software firm, told Internetnews, "Defining an invasion of privacy is difficult, but I know it when I see it. This is an egregious violation of privacy by Delta."

TSA officials did not return telephone inquires from Internetnews.