Homeland Security Dept. Revises Planned Passenger Data Requirements
The U.S. Department of Homeland Security today announced that in order to better protect individual privacy rights it has revised the parameters for a computer system that will use passenger information to make flying more secure.
A notice published today in the Federal Register details plans for how the Transportation Security Administration will manage information assessed by the second-generation Computer Assisted Passenger Prescreening System, known as CAPPS II.
Under the revised plan, information on passengers will be retained by the government only for a few hours after travel is complete, rather than for 50 years as initially proposed.
DHS suspended development of the program two months ago after receiving criticism from business travelers, civil liberties advocates and lawmakers who feared it gave the government too much leeway to intrude on travelers' privacy. "In the revised notice, DHS eliminated language from a Jan. 15 Federal Register notice that led some to believe that large amounts of information about individuals would be collected and maintained for up to 50 years," the agency said in a statement.
"Travel managers were especially disturbed at the lack of information regarding the CAPPS II program, and the few answers we received to the questions we asked were less than reassuring," said Mark Williams, president of the Association of Corporate Travel Executives and director of travel and meeting management at PricewaterhouseCoopers. "I'm gratified that the Homeland Security Department is taking our objections to privacy incursions seriously, but it's time they reconciled projects within their own department. The Registered Traveler Program was initially intended to provide the government with all of this information--on a voluntary basis--to reduce the number of frequent travelers who had to bear close scrutiny. That project is still moving forward."
CAPPS II is being developed to take routine information that people provide when making reservations and compare it with commercial databases to confirm each passenger's identity. It will match against watch lists and other national security data to determine if a passenger has any links to terrorist or militant groups, as well as flag violent criminals with outstanding federal or state arrest warrants for law enforcement action.
In addition, commercial data providers that assist the government in confirming a passenger's identity will not be allowed to retain the information. CAPPS II will not use bank or credit data or medical records as previously was suggested.
According to the notice, DHS expects to implement the new program by late this year or early next year, with officials saying they hope CAPPS II will help reduce passenger wait times by reducing the number of people who have to go through secondary screening or who are misidentified as potential terrorists.
"The proposed program increases passenger security and strengthens civil aviation in our country, while respecting the privacy of persons affected by the system," said Nuala O'Connor Kelly, chief privacy officer for DHS. "CAPPS II, when active, will use routine information that individuals will provide when making reservations--name, date of birth, home address and home phone number--to confirm a traveler's identity and assess a risk level," O'Connor said. "For almost all passengers, that information will be deleted soon after the trip is safely completed. For a few "high risk" persons, the length of time the information will be kept is still under consideration.
Before activating CAPPS II, TSA must complete development of and then thoroughly review the system to evaluate its speed, accuracy and efficiency. That process could take up to 180 days. DHS will continue to evaluate public comment and a third privacy notice will be published before CAPPS II is operational.
According to Williams, "Travel managers across the country regarded--and still regard CAPPS II--as an invasion of personal privacy."