The New York Times
September 22, 2004
U.S. Wants Air Traveler Files for Security Test
By MATTHEW L. WALD
WASHINGTON, Sept. 21 - The Transportation Security Administration said Tuesday that it planned to require all airlines to turn over records on every passenger carried domestically in June, so the agency could test a new system to match passenger names against lists of known or suspected terrorists.
The data will vary by airline. It will include each passenger's name, address and telephone number and the flight number. It may also include such information as the names of traveling companions, meal preference, whether the reservation was changed at any point, the method of ticket payment and any comment by airline employees, like whether a passenger was drunk or belligerent in encounters with airline personnel.
The goal, the agency said, is to reduce the number of passengers selected for more intensive screening, including "wanding," pat-downs and hand-searches of carry-on luggage, and to increase the chance that people on government watch lists will in fact be searched. Under the current system, the airlines check their passengers' names against government lists of suspicious people. But, the government, fearing that the lists could fall into the wrong hands, does not give the airlines all the names.
The new order, to take effect after a 30-day comment period, would require airlines to provide the same kind of information on passengers that several, including JetBlue and Northwest, voluntarily turned over to the government or to a private company looking at ways to spot terrorists. The airlines were embarrassed by disclosure that they did so willingly.
"We believe the government needs to have a legal order to compel production of this data," said Jack Evans, a spokesman for the Air Transport Association, the trade group of the major carriers, who added that delivering the information under government order would protect the carriers from passenger lawsuits.
The department's sensitivity on the issue is reflected by the fact that it is placing several documents related to the proposal in the Federal Register on Wednesday for public comment, a first for the agency, which is promising to listen to airlines, privacy advocates and others who opposed an earlier proposal. "We're giving them a chance to comment on the order, which we almost never do," said Justin Oberman, director of the Office of National Risk Assessment at the Transportation Security Administration. "We want to do this collaboratively," he said.
The agency plans to issue the order for the June records 10 days after the comment period, and if the test is successful, to start requiring continuous reporting in the spring.
The proposal, for a program called Secure Flight, replaces one for a program that was to be called Capps 2, for Computer Assisted Passenger Prescreening System, but appears to contain some of the elements that privacy advocates had found objectionable in the first proposal.
In the documents scheduled for publication Wednesday, the security agency said it had dropped Capps 2 because of objections to "mission creep." Capps 2 would have been used not only to determine who should be subjected to additional scrutiny before boarding and who was on the "no fly" list, but also to catch people for whom there were outstanding warrants for violent crimes. The Secure Flight program will not be used to apprehend those wanted people, officials said.
But the American Civil Liberties Union said the program appeared to retain most of the objectionable features of the one that was dropped. By demanding the entire airline "passenger name record," the security agency would be receiving not only the traveler's name, phone number and address, said Barry Steinhart of the A.C.L.U., but also information like "whether you ordered the low-salt kosher meal and who is sleeping in your hotel room."
He said there was nothing to prevent the government from reviving the idea of using the airport security system to catch people wanted for unrelated crimes. But he added that his group had never opposed the idea of having the government, rather than the airlines, check passenger names against a watch list. "The question is not whether TSA should do the administration, it's what program they should be administering," he said.
He said he was struck by the argument that the agency did not trust the airlines with all the names of possible terrorists. "If they weren't giving the worst names to airlines, what were they doing? Who were they screening, then?" he asked.
Secure Flight continues to make use of another feature that raised the hackles of privacy advocates: government use of commercial data about citizens who are not accused of any crime. The T.S.A. said it would use that data with techniques used by private companies to find people who might be committing identity theft. In the agency's case, the object would be to find people who might be flying under assumed names, and thus might be security risks.
But Mark O. Hatfield Jr., a spokesman for the agency, said that in every hearing where screening had been discussed, members of Congress asked how the security agency would ensure that travelers were using their real names.
Lisa S. Dean, the agency's privacy officer, said under the proposed system, "we're not looking for every passenger as a potential terrorist.''
"What we're looking for is the people who are actually on that list," Ms. Dean said.
But at the Electronic Privacy Information Center, which recently used the Freedom of Information Act to obtain T.S.A. documents that showed how the Capps 2 program had grown beyond aviation purposes, Marcia C. Hofmann, staff counsel and director of the Open Government Project, gave Secure Flight a mixed review.
She said the agency had made a step forward by asking for comment, but she added, "The T.S.A. has exempted Secure Flight from as many legal obligations under federal privacy law as it possibly could."
For example, she said, federal privacy law usually requires that when an agency creates a system of records, individuals can have access to information about them, and correct or amend it. "T.S.A. exempted Secure Flight from that," she said. And the information could be used for activities that have nothing to do with aviation security, she said.
When Congress created the T.S.A. almost three years ago, it ordered the agency to come up with a better way to screen passengers; the one used now was invented by Northwest Airlines in the mid-1990's as a way to pick which luggage to screen, in response to the 1988 Libyan bombing of a jetliner over Lockerbie, Scotland. The existing system, Capps 1, relies on factors like paying cash for a ticket and booking a one-way flight.
The agency said Capps 1 snags about 15 percent of travelers and Secure Flight would subject only about one-third that number to more intrusive scrutiny. Mr. Steinhart of the A.C.L.U. said the agency had no firm basis for the 15 percent estimate.
In fact, its record-keeping is so poor, the T.S.A. will not be able to compare those "selected" in June with the list of who would have been selected through the new system because the agency does not know who was picked in June for secondary screening.
One unresolved question is whether old airline computer systems can communicate successfully with the T.S.A.'s, and, if not, who will pay to modernize them.