Passenger screening system flawed, report says
Published March 29, 2005
WASHINGTON - The government's latest computerized airline passenger screening program doesn't adequately protect travelers' privacy, according to a congressional report that could further delay a project considered a priority after the Sept. 11 attacks.
Congress last year passed a law that said the Transportation Security Administration could spend no money to implement the program, called Secure Flight, until the Government Accountability Office reported that it met 10 conditions. Those include privacy protections, accuracy of data, oversight, cost and safeguards to ensure the system won't be abused or accessed by unauthorized people.
The GAO found nine of the 10 conditions hadn't been met and questioned whether Secure Flight would ultimately work. "The effectiveness of Secure Flight in identifying passengers who should undergo additional security scrutiny has not yet been determined," the report said.
TSA spokesman Mark Hatfield called the report "interim" and said it contained no surprises. "The primary cause for the delays we've experienced were the result of additional steps implemented for privacy protection, public notification and solicitation of public comment," Hatfield said, adding the agency plans to go ahead with Secure Flight.
Key lawmakers said TSA has a lot more work to do, but indicated they expect the program to go forward.
"A significant amount of work needs to be done before all aviation passengers are checked against terrorist watch lists," said Rep. Harold Rogers, R-Ky.
Sen. Patrick Leahy, D-Vt., said Congress made it clear that Secure Flight can't go beyond the testing phase until all the bugs are worked out.
Secure Flight would allow the TSA to take over from the airlines the responsibility of checking passengers' names against those on terrorist watch lists. The TSA wants to begin Secure Flight with two airlines in August.
The program is supposed to work by transferring airline passengers' name records - which can include address, phone number and credit card information - to a government database. The government computer would flag names on the watch list and identify passengers who would go through additional screening.
The TSA recently finished testing Secure Flight using records of passengers who flew on domestic airlines in June, information the agency had ordered the airlines to turn over.
Privacy advocates complain that the government doesn't provide an avenue for people who incorrectly are included on watch lists or confused with terrorists who have the same names. Secure Flight doesn't address those concerns, the GAO concluded.
"The agency that's responsible for keeping dangerous people off planes is obviously going to err on the side of safety, and that's going to do very little for an innocent individual who can't fly," said Marcia Hofmann, staff attorney for the Electronic Privacy Information Center, an independent privacy group.
The GAO said Secure Flight might not keep terrorists off planes because of the quality of the information on watch lists as well as the quality of passenger information. The report said the Terrorist Screening Center, which maintains the terrorist screening database, doesn't know if its information is accurate.
Secure Flight is the successor to another prescreening project, CAPPS II. CAPPS II was scuttled in August, partly because of concerns that personal information about passengers wouldn't be protected.
[Last modified March 29, 2005, 01:32:11]
[an error occurred while processing this directive]