31 July 2003

U.S. Limits Air Passenger Data Use in Anti-Terrorist System

Homeland Security Dept. details proposed changes in CAPPS II

The U.S. Department of Homeland Security has narrowed the planned use of air passenger information in a new computer system designed to identify terrorists and other high-risk individuals before they board commercial planes.

In a July 31 news release, the department announced publication of a notice explaining action its Transportation Security Administration (TSA) took to address privacy concerns expressed in response to its publicized intent to introduce the second generation Computer Assisted Passenger Prescreening System (CAPPS II).

CAPPS II will run information routinely provided by passengers during the reservation process against commercial databases to confirm a passenger's identity with a high degree of certainty, the department said.

Under the revised rules, TSA will not allow commercial data providers to own, retain or commercially use passenger name records.

Passenger information used by CAPPS II will not include bank, credit or medical records and will be deleted, for "almost all" passengers but a few high-risk individuals, "soon" after the trip is completed, the department said.

The notice also proposes to establish a passenger advocate office that would help passengers to correct any inaccurate information about them entered into the system, the department said.

Following is the text of the news release:

(begin text)

U. S. DEPARTMENT OF HOMELAND SECURITY

Transportation Security Administration
JULY 31, 2003

NEW NOTICE OUTLINES CHANGES TO CAPPS II SYSTEM
Posting in Federal Register Reflects Public Comments

The U.S. Department of Homeland Security today published a notice in the Federal Register to narrow how a new computer system will use passenger information to make flying more secure without impinging on individual privacy rights.

The notice, signed by Homeland Security Secretary Tom Ridge, details plans for how the Transportation Security Administration (TSA) will manage information assessed by the second generation Computer Assisted Passenger Prescreening System (CAPPS II).

Eliminated from a Jan. 15 Federal Register notice was language that led some to believe that large amounts of information about individuals would be collected and maintained for up to 50 years. As proposed, CAPPS II seeks to keep terrorists off commercial aircraft, while also flagging violent criminals with outstanding federal or state arrest warrants for law enforcement action.

Before activating CAPPS II, TSA must complete development and then a thorough review of the system to evaluate its speed, accuracy and efficiency; that process could take up to 180 days. Homeland Security will continue to evaluate public comment and a third privacy notice will be published before CAPPS II is operational.

During the test period, TSA hopes to confirm that CAPPS II will significantly reduce the number of passengers who are misidentified as potential threats to passenger or airline security, thus reducing inconvenient delays for innocent travelers.

"The Department of Homeland Security leadership, in concert with Transportation Security Administration officials, has taken today a very positive step towards further refining the CAPPS II program," said Nuala O'Connor Kelly, Chief Privacy Officer of the Department of Homeland Security. "The proposed program increases passenger security and strengthens civil aviation in our country, while respecting the privacy of persons affected by the system."

"CAPPS II is primarily designed to confirm the identities of air travelers and to flag would-be travelers who may pose a threat to other passengers," said Adm. James M. Loy, TSA Administrator. "CAPPS II will also be a valuable tool in holding down passenger wait times by reducing the number of people who undergo secondary screening or who are misidentified as potential terrorists."

CAPPS II will be a government-run system that replaces CAPPS I, which was administered by the airlines under federal guidelines.

CAPPS II, when active, will use routine information that individuals will provide when making reservations -- name, date of birth, home address and home phone number -- to confirm a traveler's identity and assess a risk level. For almost all passengers, that information will be deleted soon after the trip is safely completed. For a few "high risk" persons the length of time the information will be kept is still under consideration.

Under CAPPS II, the passenger name record will be run against commercial data bases, giving TSA a score indicating a confidence level in that passenger's identity.

CAPPS II will also conduct a risk assessment using national security information to determine the likelihood of a passenger being a known terrorist or having links to terrorists or terrorist organizations.

Most passengers will be identified as "low risk" and simply pass through ordinary screening. A small percentage of passengers may present an elevated or uncertain risk, requiring a secondary screen using a handheld wand. A statistically negligible number of passengers are expected to score as a "high risk" and be brought to the attention of law enforcement.

The Jan. 15 Federal Register notice was a broadly written document intended to elicit public comment. Numerous comments were received, including those from persons and groups concerned about privacy, and both Homeland Security and TSA have had numerous meetings with all interested parties. Many of the changes announced today were the result of that dialogue.

Under the revised plan, TSA will not allow commercial data providers to acquire ownership of passenger name records, or to retain or commercially use those records or passenger scores. Also, CAPPS II will not use bank records, records indicating creditworthiness or medical records.

The Homeland Security notice also calls for establishing a Passenger Advocate Office for passengers to contact if they believe CAPPS II has inaccurate information about them. The Advocate will work on behalf of passengers to identify the source of any erroneous data and take appropriate corrective action.

(end text)

(Distributed by the Bureau of International Information Programs, U.S. Department of State. Web site: http://usinfo.state.gov)

This page printed from: http://usinfo.state.gov/xarchives/display.html?p=washfile-english&y=2003&m=July&x=20030731120426ikceinawza0.4175226&t=usinfo/wf-latest.html