Testimony of
Kevin P.
Mitchell
Chairman,
Business Travel Coalition
Regarding
CAPPS II
Before the
U.S. House of Representatives
Transportation
and Infrastructure Committee
Subcommittee
on Aviation
March 17,
2004
Mr. Chairman and Members of the Committee, thank you for scheduling this hearing regarding the Computer Assisted Passenger Prescreening System (CAPPS II). My name is Kevin Mitchell. I am chairman of the Business Travel Coalition (BTC), which represents the interests of major corporate buyers of commercial air transportation services.
Today, BTC testimony additionally represents the concerns of more than 100 individual travel industry supplier, distributor and technology firms who were Signatories to a letter recently transmitted to this Subcommittee regarding CAPPS II.
BTC testimony also represents the interests of travel industry
associations representing hundreds of European Union corporations and travel
agencies with aggregate business travel purchases of some $20 billion dollars.
These associations service U.S.-based and foreign-based corporations
that have employees who are citizens of other countries and who travel to and
within the U.S., and sometimes work here for extended periods of time.
The following associations join with BTC in its Statement this
morning:
The Institute of Travel Management that represents 1,000 business travel managers, buyers and
suppliers in the UK and Ireland;
The Business Travel Association of Germany that represents more than 400 member
companies; and
The Guild of Business Travel Agents which accounts for 75% of UK travel management company purchases and
represents members such as American Express, Carlson Wagonlit and BTI-UK.
The business traveler, and those organizations that fund business travel activities, would ultimately be burdened with the majority of direct costs of CAPPS II in the forms of taxes, fees and ticket prices. Should the system be plagued with inaccuracies, the cost of disruptions to the conduct of business would also be born by these airlines' best customers. Firms in the travel industry distribution business face unknowable costs at this time to reconfigure their systems in accordance with the requirements of a CAPPS II.
There may be compelling rationale for revamping the current passenger prescreening system that BTC and other interested parties could support. However, as the GAO report and other analyses point out, we do not yet know in a comprehensive way what CAPPS II would be. That is to say we do not understand the privacy and civil liberty tradeoffs required in return for expectations of greater security. Nor do we know about the safeguards, remedies, costs, future program growth and alternatives associated with such an unparalleled program.
Current concerns of aviation system customers and other stakeholders regarding CAPPS II fall into three main categories: 1) transparency and public policy debate regarding program design, 2) potential system cost and effectiveness, and 3) due process and privacy protections. This morning we will offer our assessment of these concerns as well as recommendations that would address them.
TRANSPARENCY AND DEBATE
Some 88% of participants in a recent BTC survey indicated that CAPPS II has been insufficiently debated on a national or international basis. CAPPS II has received relatively little press attention and most U.S. citizens as well as other countries' citizens who travel to and within the U.S. are simply unknowledgeable about the program, its costs and its short and long-term implications. This hearing will serve to elevate awareness and encourage further debate.
By transparency, we do not mean that we want would-be terrorists to understand details such that a system could be outsmarted. Rather, we seek transparency sufficient to know that respected experts in privacy, security, technology, cost accounting and travel industry distribution are centrally involved in developing the best CAPPS II design possible. Furthermore, we seek assurances that Congress would maintain joint accountability with TSA for ongoing program review.
CAPPS II could reach a historic threshold of intrusion on privacy rights that argues for extraordinary oversight. Throughout history, in times of national crisis, the U.S. government often emplaced policies and programs that had the effect of infringing on personal privacy and liberty. Sometimes, as in the case of Japanese Americans during World War II, the cost was dear. Historically, as crises abated, though, policies that infringed upon freedoms were likewise rolled back, or eliminated.
Unlike temporary programs to frustrate past U.S. enemies, CAPPS II, as a response in the U.S. War on Terrorism, is being viewed as permanent in nature; as if the War will be permanent. By definition, if CAPPS II is to be effective, it must be powerful, adaptable and somewhat secretive. By its nature, a government agency that manages a program such as CAPPS II would over time likely seek to expand the program's capabilities and applications while endeavoring to avoid public scrutiny.
For example, if major U.S. infrastructure facilities were successfully attacked via a gasoline tanker, it would be claimed quickly that a version of CAPPS II should be implemented at interstate toll booths. Likewise, if suicide bombers began targeting Amtrak trains, passengers could expect to be color-coded at train stations. Sporting events, political rallies and other venues where freedoms are celebrated could soon follow.
In the final analysis, these steps might indeed be rational and effective ones to take in a continuing War on Terrorism. However, the mere possibility of these unfortunate developments underscores the need for a thorough public policy debate prior to CAPPS II implementation so that all Americans and foreign citizens understand the program and accept the many potentially serious implications.
Importantly, given the program's current scope, permanency and opportunity for expansion, consideration needs to be given to the circumstances under which Congress might be able to determine that the War on Terrorism has been won so that CAPPS II could be rolled back. After all, President Bush states that the War will be won. Alternatively, if less invasive alternatives to CAPPS II become available, a formal mechanism is needed to override natural bureaucratic tendencies to resist change and protect power.
SYSTEM COST AND EFFECTIVENESS
A program with such potentially far reaching consequences such as CAPPS II requires an understanding of the projected total direct and indirect costs over a multi-year time horizon. Knowing the required resources of money, expertise, time and computing capacity would assist in evaluating alternative uses of these resources in other problematic areas of aviation security, such as cargo.
On a more basic level, and beyond the proposed TSA CAPPS II testing phase, we need to know if the program would actually make aviation system security sufficiently better when considering the resources required and the tradeoffs in personal privacy and freedoms.
BTC research since 2001 has demonstrated that business travelers are willing to give up some privacy for security if it can be proven that they would really be more secure. This important burden of proof should be on the government.
Respected international aviation security experts raise the following concerns regarding the potential effectiveness of CAPPS II:
· Over Reliance on Technology. In the view of former El Al airline global security chief Issac Yeffet, the U.S. is currently over reliant on technology, and not very good technology, at airports for carry-on and checked baggage screening, at the expense of developing human expertise. At issue is once CAPPS II is implemented, how would passengers who are color-coded yellow be further processed? As Yeffet states, "Who will interview you? Who will do the investigation? Who will determine who is suspicious when we only train people how to operate x-ray machines and do body searches only when the alarm goes off?"
· Value of ID Checks. Ostensibly, identification systems seek to identify and create two categories of people-potential good guys and potential bad guys. With CAPPS II, the first category (green) contains passengers requiring little screening and the second category (yellow and red) includes passengers that require additional screening measures. However, this kind of system creates a third and dangerous category: Bad guys that do not fit the profile.
As chief technology officer at Counterpane Internet Security, and identification expert Bruce Schneier states, "Oklahoma City bomber Timothy McVeigh, Washington-area sniper John Allen Muhammed and many of the Sept. 11 terrorists had no previous links to terrorism. The Unabomber taught mathematics at UC Berkeley. Profiling can result in less security by giving certain people an easy way to skirt security."
Of concern is that a U.S.-based Al-Qaeda sleeper cell could throw 50 members at a CAPPS II until it identified 10 that were color-coded green. Once a person is color-coded green, it follows that he or she would always be categorized as such until and unless something fundamental changes in the person's profile. Such a system could not only provide a false sense of security at considerable economic and non-economic costs, but it could actually reduce our absolute level of security.
· Reduction of Randomness. TSA states that as a benefit of CAPPS II the current 15% of passengers who are flagged for secondary screening would be reduced to just 2% to 3%. Security experts worldwide consider the possibility of random selection for secondary screening to be a best-practice deterrent vis-à-vis would-be terrorists. Benefits from CAPPS II could be outweighed by the loss of this deterrent.
DUE PROCESS AND PRIVACY PROTECTIONS
There are numerous serious privacy and civil liberty concerns that privacy groups and others have raised that BTC shares. I would like to focus, however, on just those concerns expressed by the Signatories to the letter BTC recently sent to this Committee as well as the concerns of industry associations previously listed.
· Secrecy. TSA is seeking exemptions from the Privacy Act for the CAPPS II program without providing sufficient rationale. So, from the outset, privacy protections would appear to be diluted. Moreover, CAPPS II places the riskiest aspect of the program, the determination of risk and the construction of rules for conducting background checks, into the purview of secretive intelligence and law enforcement programs and databases. This operating platform reinforces suspicion and concern that CAPPS II would be beyond reasonable public review and oversight.
· Profile Mistakes. How would a passenger challenge his risk assessment score and how long would it take to correct inaccuracies in one's profile? It is extremely worrisome to business travelers from around the world that erroneous information in databases might result in their being perpetually flagged for extra screening. With TSA's recently announced policy that a passenger with a bad attitude could have hefty fines levied against him, it would seem that some passengers would be set on a collision course with the U.S. government.
This issue is particularly important to U.S. and foreign-based corporations that have employees who are citizens of other countries who travel to and within the U.S. and sometimes work here for extended periods of time. What extra steps would a foreigner be required to take, and at what expense, to prove that he is low risk to the U.S. aviation system? If one member of a group traveling together is color-coded yellow or red, would the entire group receive additional screening?
Importantly, Islam is the fastest growing religion among African Americans, many of whom are business travelers. Often conversion to Islam leads to a name change of the kind that could be mistaken for names on various terrorist watch lists. What assurance would there be that such individuals would have access to timely and complete corrections to their records?
TSA is currently in a disagreement with the airlines over who should pay for lost, stolen or damaged luggage. Passengers have claims that are 18 months old, and still unresolved. So, if TSA cannot do right by passengers with a simple compensation issue over luggage, how are passengers to have confidence that they would have better results with correcting inaccuracies in their risk profiles?
· The Cost of Mistakes. Who would pay for false-positive related travel disruptions when a business traveler who consistently scores yellow for unknown and unresolved reasons consequently misses scheduled flights? Who would be responsible for the additive cost of thousands of dollars for walk-up fares required for subsequently scheduled flights? Would a traveler's employer patiently wait 18 months or longer for the traveler to rectify his record with the TSA? The overall cost to a corporation from lost business opportunities could be considerable.
RECOMMENDATIONS
1. CAPPS II should be strictly authorized for use only in aviation system security.
2. The process and timeframe for U.S. citizens and foreigners to have their risk profiles corrected needs to be efficient-to-a-fault, and ironclad.
3. The threshold requirements that Congress wisely placed on the TSA for CAPPS II to be fully funded should be revised to reflect GAO's recently published CAPPS II audit results as well as the ideas and concerns that will come to light from a thorough public policy debate.
4. An organization such as GAO, answerable only to Congress, should have sufficient national security clearances and attendant authority to monitor all aspects of a CAPPS II including policies, programs and practices of other supporting government agencies and private sector contractors.
5. CAPPS II should be sunseted after 3 to 5 years to enable Congress to carefully evaluate the costs, efficacy and ongoing need for the program and determine if it warrants reauthorization.
Thank you for the opportunity to provide this testimony.
|
NEWSLETTER
|
| Join the GlobalSecurity.org mailing list |
|
|
|
