Beaten up by pundits and press, the CAPPS II air traveler security system is taking the jump seat in favor of a pilot for the voluntary registered traveler concept that the Bush administration this month said would begin in June. The registered traveler program will be examined for three months in an undetermined set of airports, said a Transportation Security Administration spokesperson, claiming that press reports were wrong to name five specific airports.
The program would ensure that flyers who consent to background checks and security assessments are not selected for random secondary screening, which the TSA official said happens to 12 percent to 15 percent of passengers and can take three to five minutes. "This program would reduce the number of people being selected randomly," she said. As a means to authenticate the identity of participants, "We're exploring any number of technological solutions, including biometrics. During the pilot, we'll be testing a number of concepts and will make any necessary adjustments. The program will be voluntary and how it's rolled out is to be determined."
TSA acting administrator David Stone this month told the House Transportation and Infrastructure Committee's subcommittee on aviation that the registered traveler program is a "high priority with us and one we're eager to move forward with."
All other details are to be determined, the spokesperson said, including answers to a number of questions raised in 2002 by the General Accounting Office
(see editorial), primarily "the central question of whether such a program will effectively enhance security or will inadvertently provide a means to circumvent and compromise new security procedures."
Much Ado About CAPPS IIBusiness Travel Coalition chairman Kevin Mitchell was surprised by the aggressive timetable for the registered traveler test. "I don't think TSA wants to do CAPPS II," he said. "Trusted traveler is the second horse. I wouldn't be surprised to see Congressman James Mica [R-Fla.] replace CAPPS II with trusted traveler over the summer and declare victory. Somebody has to say what's required before you know what it will cost, and I don't know how many business travelers are willing to spend money and give data on something that's undefined. It could be a solution in search of a problem."
In addition to urging Congress to support the deployment of registered traveler before the launch of the second-generation computer assisted passenger screening program, and submitting its privacy principles regarding CAPPS II, Air Transport Association president and CEO James May confirmed from the airlines' perspective that CAPPS II faces major technical hurdles, first reported by Business Travel News
(BTNOnline, Feb. 13). "All airline and third-party computer systems will have to be reprogrammed to work with CAPPS II," May said. "This will create substantial resource demands on airlines. Since more than 70 percent of all passengers book their travel through third parties, such as travel agents and online services, any CAPPS II rule must also require those travel industry partners to collect required passenger data records."
"When I look at it and ask, 'What are the chances of that working?' I'm seeing that debit memos already have increased tremendously because of the fact that there are so many more requirements for data being input," Cornerstone Information Systems president Mat Orrego said. "With CAPPS II, you throw ideas out and see what sticks, and obviously not many have."
As TSA's Stone referred to plans to create a rule requiring reluctant airlines—as well as reservation system providers and travel agencies—to turn over passenger name records for a system that originally was slated for testing this spring
(BTN, March 15), ATA's May showed that the air carriers have yet to be informed "how TSA will extract traveler information from airline reservation systems."
Opposition to CAPPS II served as a common pet issue for corporate travel organizations trying to make good on their vows to boost political activism on the industry's behalf
(BTN, March 15).Arguing against plans for the system in its current form, BTC's Mitchell, the Association of Corporate Travel Executives and others earlier this month told the House subcommittee on aviation that CAPPS II will infringe upon privacy and burden the business travel industry with costs. They said CAPPS II needs an overhaul.
On behalf of the National Business Travel Association, executive director Bill Connors this month wrote to Sen. John McCain (R-Ariz.), chairman of the Senate Committee on Commerce, Science and Transportation, and Rep. Don Young (D-Alaska), chairman of the House Committee on Transportation and Infrastructure, urging Congress to address inconsistencies in airline screening procedures and to ensure that CAPPS II will "improve the effectiveness of secondary screening by identifying those passengers who may represent a higher security risk.
"While business travelers are safer and more secure than before Sept. 11, 2001, there remains considerable room for improvement in airline security," according to Connors. He cited a recent NBTA survey, released this month, in which 70 percent of 150 corporate travel managers found "inconsistencies" in security procedures at major airports. Half reported they are concerned about "inefficiencies at security checkpoints and 'observable gaps' in aviation security," NBTA said.
Additionally, NBTA said 75 percent of respondents cited the need for data accuracy, and about 60 percent are "concerned about prevention of abuse relative to the collection of passenger data."
The survey also demonstrated the potentially adverse economic effects that CAPPS II could have on the industry. Three in five corporate travel managers told the association that if such new security requirements as CAPPS II and US VISIT
(BTN, Feb. 9) impede business travel, they would implement more business conference calls in lieu of travel, while 40 percent said they would recommend limiting out-of-town meetings.
ACTE executive director Nancy Holtzman also sent testimony to the subcommittee stressing that CAPPS II could cost the industry $2 billion, "a highly conservative estimate that gives CAPPS II the benefit of the doubt. This approach is unacceptable to corporate America, which will undoubtedly bear the brunt and expense of the charges and ultimately the costs of lost business and productivity."
According to Holtzman, CAPPS II should "not be submitted for consideration" until all related costs are analyzed. She asked the subcommittee to take pressure off the airlines to supply passenger name records to the government "until an exact process—that complies with security requirements, corporate privacy policies and resolution issues—is developed." ACTE also suggested the involvement of "major stakeholders" in the system's development process.
BTC's Mitchell presented to the subcommittee joint testimony with U.K-based Institute of Travel Management, The Business Travel Association of Germany and the Guild of Business Travel Agents, highlighting privacy and efficiency concerns. In his testimony, Mitchell said TSA is seeking exemptions from the Privacy Act for the program, "without providing sufficient rationale. CAPPS II places the riskiest aspect of the program—the determination of risk and the construction of rules for conducting background checks—into the purview of secretive intelligence and law enforcement programs and databases. This operating platform reinforces suspicion and concern that CAPPS II would be beyond reasonable public review and oversight.
"BTC research since 2001 has demonstrated that business travelers are willing to give up some privacy for security if it can be proven that they would really be more secure," according to Mitchell. "This important burden of proof should be on the government." He also questioned the value of ID checks, the possible over-reliance on technology and the danger of instituting a system that replaces random checks, which Mitchell said is a deterrent to terrorism.
Additionally, Mitchell's statements posed questions on how to correct mistaken profiles and false positives: "Who would pay for the false positive-related travel disruptions when a business traveler who consistently scores yellow for unknown and unresolved reasons consequently misses scheduled flights?"
Mitchell asked the subcommittee that CAPPS II be "strictly authorized for use only in aviation system security, efficient-to-a-fault" in its process and time for correcting a traveler's risk profile and "sunsetted" in, at most, five years for cost and efficiency evaluations.