Secure Flight Encountering Turbulence

Michael Gips

12/1/2005 December 2005

IT’S DÉJÀ VU all over again for airline passenger prescreening. Last year, the controversial CAPPS II (Computer Assisted Passenger Prescreening System II) program was scrapped by the Transportation Security Administration (TSA) after privacy groups, lawmakers, consumer advocates, and others excoriated it over concerns about cost, privacy of personal data, database accuracy, and several other issues. More than a year after it was introduced, CAPPS II’s successor, Secure Flight, has been grounded by many of these same concerns.

Secure Flight, which aims to gather data about millions of domestic travelers and compare it to a consolidated watch list of terrorist information, has aroused concern by more than just civil liberties groups: The Secure Flight Working Group (SFWG), the Government Accountability Office (GAO), and the Department of Justice are troubled as well.

The SFWG, a body of experts on security and privacy appointed by the TSA, writes in a new report that the program raises many concerns. Will Secure Flight strictly try to match passenger data to terrorists posing a specific threat to air travel, or will it also try to identify violent criminals in general or track presumed terrorists who don’t necessarily intend to commit violence on a flight? How will commercial data sources be used?

Moreover, the program’s technical architecture is unknown. “We know very little about how data will be collected, transferred, analyzed, stored, or deleted,” the SFWG writes in its report. A member of the SFWG, privacy expert Bruce Schneier, has written on his blog that “Secure Flight is a disaster in every way” and that the TSA has shown a “complete disregard for the law or Congress.”

For its part, the GAO noted that only one of ten topics involving Secure Flight in which Congress had expressed interest—internal oversight—had been addressed. And the Office of the Inspector General at the Department of Justice released a report saying that the Terrorist Screening Center (TSC)—a multiagency effort to consolidate terrorist screening—“has faced difficulties in trying to support a program that has several critical undefined parameters.” The TSC doesn’t know how much data, or the quality of data, it will need to analyze.

The prospect of TSA gathering flawed or contradictory data also bothers Andrew R. Thomas, professor of international business at the University of Akron and author of Aviation Insecurity: The New Challenges of Air Travel. So does the unspecified use of data.

“My faith in the TSA to effectively execute a strategy to manage the data is not strong,” Thomas says. “As GAO and DHS reports continue to show, the agency still does not manage its primary functions of checkpoint and baggage screening very well. To add a new and major responsibility to an already poorly performing agency sets the system up for failure.”

As with CAPPS II, the TSA is overreaching on Secure Flight by having it take on expansive duties, says Bruce McIndoe, CEO of iJet, which advises corporate clients on travel security. The one element of Secure Flight that is critical is the integration of terrorist watch lists, he says. But the TSA is “piling on” other functions, like creating a dossier on travelers, which is raising legitimate privacy issues, McIndoe continues.

What the TSA should be doing, he says, is validating identification credentials. “When I come to the airport, if you can’t validate that I have a valid ticket—which they don’t do—and that I have a valid ID—which they don’t do—what’s it worth? It’s flawed right out of the gate.”