"CAPPS II: TSA reveals more data transfers"

Wednesday, June 23, 2004

TSA reveals more data transfers
By Shaun Waterman
UNITED PRESS INTERNATIONAL


At least eight airlines and airline reservation systems gave personal
information about millions of passengers to the Transportation Security
Administration and its contractors to help test data-mining technology,
federal officials said yesterday. 

David Stone, TSA's acting chief administrator, told the Senate
Governmental Affairs Committee that in addition to previously disclosed
data transfers from American Airlines and JetBlue airlines, agency
contractors received data from Delta, Continental, America West and
Frontier airlines, and from the Galileo International reservation
system. 

TSA received personal data from the Sabre reservation system, one of the
world's largest and the system used by most Internet travel sites. 

Mr. Stone was before the committee as part of his confirmation hearing
to be named the TSA's permanent chief administrator. 

Mr. Stone said no "system of records notice" was prepared by his agency
or the contractors. Such a notice generally is required by the Privacy
Act, but he said the agency's legal advisers decided that it was not
necessary. 

"Since the information was not to be accessed or retrieved by name or
personal identifier to make individual determinations, TSA believed that
it did not need to publish a system of records notice under the Privacy
Act," he wrote in answers to questions by senators before the hearing. 

The news brought condemnation from privacy advocates and lawmakers, who
said it raised questions about the legal framework for protecting
citizens' privacy and about the TSA's commitment to the law. 

"The admission follows repeated denials to the public, Congress, General
Accounting Office and Department of Homeland Security Privacy Office
that the agency had acquired or used real passenger data" to test the
technology, said the Electronic Privacy Information Center. 

The personal data, known as Passenger Name Records or PNR, were used by
four contractors working on technology to assess threat levels to
airline travelers. 

PNRs have dozens of data fields, including the passenger's name, address
and telephone numbers, credit card and frequent-flier details, and
dietary requirements - which can reveal religious or ethnic backgrounds.


In May 2002, Mr. Stone told the committee that TSA engaged Lockheed
Martin Corp., HNC Software Inc., Infoglide Software Corp. and Ascent
Technology Inc. to develop a test for the second-generation Computer
Assisted Passenger Prescreening System, or CAPPS II - a computerized
system that would allocate every traveler a threat rating. 

Lawmakers suggested that the news yesterday put a question mark over the
future of CAPPS II, which has faced repeated delays and aggressive
oversight. 

"These revelations cause concern because the information was obtained
without any public notice or clear guidelines for protecting the
passengers' privacy," said Sen. Susan Collins, Maine Republican and
committee chairman.


 Do you have an opinion about this story?
Share it with other readers in our CAA Discussion Forums

http://www.californiaaviation.org/dcfp/dcboard.php


*****************************************