The Transportation Security Administration is expanding its screening of
passengers before they arrive at the airport by searching a wide array
of government and private databases that can include records like car
registrations and employment information.
While the agency says that the goal is to streamline the security
procedures for millions of passengers who pose no risk, the new measures
give the government greater authority to use travelers’ data for
domestic airport screenings. Previously that level of scrutiny applied
only to individuals entering the United States.
The prescreening, some of which is already taking place, is described in
documents the T.S.A. released to comply with government regulations
about the collection and use of individuals’ data, but the details of
the program have not been publicly announced.
The new pre-screening procedure is more exhaustive than a federal
background check. The TSA will now be dramatically expanding their reach
into the lives of every passenger, and scouring all of the following
documents, according to the New York Times:
- private employment information
- vehicle registrations
- travel history
- property ownership records
- physical characteristics
- tax identification numbers
- past travel itineraries
- law enforcement information
- “intelligence” information
- passport numbers
- frequent flier information
- other “identifiers” linked to DHS databases
The measures go beyond the background check the government has conducted
for years, called Secure Flight, in which a passenger’s name, gender
and date of birth are compared with terrorist watch lists. Now, the
search includes using a traveler’s passport number, which is already
used to screen people at the border, and other identifiers to access a
system of databases maintained by the Department of Homeland Security.
Privacy groups contacted by The New York Times expressed concern over the security agency’s widening reach.
“I think the best way to look at it is as a pre-crime assessment every
time you fly,” said Edward Hasbrouck, a consultant to the Identity
Project, one of the groups that oppose the prescreening initiatives.
“The default will be the highest, most intrusive level of search, and
anything less will be conditioned on providing some additional
information in some fashion.”
An agency official discussed some aspects of the initiative on the
condition that she not be identified. She emphasized that the main goal
of the program was to identify low-risk travelers for lighter screening
at airport security checkpoints, adapting methods similar to those used
to flag suspicious people entering the United States.
Anyone who has never traveled outside the United States would not have a
passport number on file and would therefore not be subject to the rules
that the agency uses to determine risk, she said, although documents
indicate that the agency is prescreening all passengers in some fashion.
The official added that these rules consider things like an individual’s
travel itinerary, length of stay abroad and type of travel document,
like a passport. If an airline has a traveler’s passport number on file,
it is required to share that information with the T.S.A., even for a
domestic flight.
The agency also receives a code indicating a passenger is a member of
the airline’s frequent-flier program and has access to details about
past travel reservations, known as passenger name records. This official
could not confirm if that information was being used to assess a
passenger’s risk...
...Data in the Automated Targeting System is used to decide who is placed
on the no-fly list — thousands of people the United States government
has banned from flying — and the selectee list, an unknown number of
travelers who are required to undergo more in-depth screening, like Mr.
Darrat. The T.S.A. also maintains a PreCheck disqualification list,
tracking people accused of violating security regulations, including
disputes with checkpoint or airline staff members.
Much of this personal data is widely shared within the Department of
Homeland Security and with other government agencies. Privacy notices
for these databases note that the information may be shared with
federal, state and local authorities; foreign governments; law
enforcement and intelligence agencies — and in some cases, private
companies for purposes unrelated to security or travel.
For instance, an update about the T.S.A.’s Transportation Security
Enforcement Record System, which contains information about travelers
accused of “violations or potential violations” of security regulations,
warns that the records may be shared with “a debt collection agency for
the purpose of debt collection.”
A recent privacy notice about PreCheck notes that fingerprints submitted
by people who apply for the program will be used by the F.B.I. to check
its unsolved crimes database.
“The average person doesn’t understand how much intelligence-driven
matching is going on and how this could be accessed for other purposes,”
said Khaliah Barnes, a lawyer with the Electronic Privacy Information
Center, which has fought to block these initiatives. “There’s no
meaningful oversight, transparency or accountability.”
For travelers who feel they have been wrongly placed on some type of
watch list or experienced security screening problems, the Department of
Homeland Security has established a Traveler Redress Inquiry Program.
According to a review by the department’s Privacy Office, there were at
least 13,000 inquiries to the redress program in the nine months ending
March 31, but civil liberties groups and some travelers described the
redress process as a black hole.