On the Record

The Secure Flight program, which is set for full roll-out next year, is a revised version of a discredited proposal for a passenger profiling system known as the Computer Assisted Passenger Prescreening System or CAPPS II which the Alaskan plaintiffs also opposed. Secure Flight, which has proven just as controversial, is intended to prevent terrorists from boarding domestic commercial flights by comparing Passenger Name Records (PNR) data provided by the airlines to the government’s so-called “no-fly” lists or other watch lists.

The airline’s PNR data sent to the government vary by airline, but they usually include your full name, address, and phone number. These records will also include information on your travel plans such as your credit card number, frequent flier number and itinerary. The airlines don’t actually store the reservation data, it’s kept by companies called Computerized Reservation Systems (CRS) which are used by airlines, hotel and car rental agencies.

The airlines are currently responsible checking their passengers against government watch lists. When Secure Flight is launched, the government will compare the passenger names against their new watch list using the System of Records that the Alaskans oppose.

The TSA has been testing the Secure Flight system by ordering 72 domestic airlines to release passenger travel records for domestic travel during the month of June 2004. The four Alaskan plaintiffs, Dr. John David, Sarah Huntley, Charles Beckley, and William Beck, said they traveled in the month of June and have been trying for three months to acquire copies of their travel records.

Wired News reported that the federal government said it destroyed 3 million of the 15 million PNR records it collected to test Secure Flight because they were no longer needed for testing. The records were deleted on April 19, two months before TSA announced that it was deleting the records.

Nobody who traveled in June 2004 gave the government permission to access or delete their travel data. But the TSA used these PNR records to create a dossier on these travelers, comparing their names to its controversial terrorism watch list that reportedly contains over 120,000 names. The TSA has already issued - or will issue - a secret Security Directive ordering all airlines to turn over their passenger records for this purpose.

The TSA had to order the airlines to turn over the data after it was revealed last year that several airlines, including Jet Blue, Northwest and American, secretly gave the government personal information on 12 million passengers without the travelers’ permission or knowledge. According to an Inspector General’s report, the TSA was less than honest about its role in collecting the data which sparked class action lawsuits against the airlines and government data contractors.

In Alaska, where the plaintiffs live and work, air travel is a necessary form or transportation in remote areas unreachable by other transportation. The Alaskans charge in their complaint that the creation of identity based national security systems, such as Secure Flight, weakens long-standing individual rights and lessens protections against government abuse of power.

Secure Flight essentially creates a system of internal border controls compromising not only privacy rights, but the Constitutional right to freedom of travel and assembly. Harrison says his clients don’t want the federal government telling them whether they can travel and screen them with databases based on secret parameters.

The Creation of A Secret Database

The TSA has continued to mislead the public about their creation of screening databases for Secure Flight. The TSA stated in its official Privacy Act notice that it would not store commercial data on airline passengers. But documents printed in the Federal Register in June revealed that the TSA gave about 42,000 passenger name records to a Virginia-based contractor named EagleForce Associates. EagleForce compared the records to information from three commercial data aggregators.

The commercial data included first, last and middle names, home address and phone number, name suffix, second surname, spouse first name, gender, second address, third address, zip code and latitude and longitude of the address. EagleForce produced CD-ROMS with the commercial data that TSA stored and used for watchlist match testing.

The TSA admitted in a revised Privacy Act statement in June that it was using and storing commercial data. TSA spokesman Mark Hatfield was quoted by the Associated Press on June 21st saying that it was routine to change Privacy Act statements during testing and that access to the data was highly restricted. “Secure Flight is being built on an airtight privacy platform, and the GAO and Congress are providing close oversight every step of the way,” Hatfield told the AP.

But according to the GAO report, the TSA permitted EagleForce to expand the passenger names from 42,000 to about 200,000 by generating variations on names. This scooped up the data of people who may not even have flown in June. Data aggregators working for EagleForce also provided social security numbers of passengers even through the government claims it never requested this data.

The private companies who manage this commercial data will determine whether you are who you say you are. They will also run federal, state and local criminal background checks and decide whether you are color coded green (which means you pass normally through airport security), yellow (which would require you to undergo additional screening) or red (which would bar you from an airplane as a potential terrorist and possibly result in your arrest on outstanding warrants - or the warrants of someone who they have mistaken for you.)

The TSA does not require any of these databases to actually be accurate. Those who have been wrongly placed on this list quickly find out how difficult it is to get the error corrected or review their data.

Getting The Records

Secure Flight program director Justin Oberman told Wired News that that it is possible that the TSA never collected flight records for the Alaskans since airlines process 60 million flight records a month and TSA received only 15 million records for June 2004.

But the Alaskan plaintiffs had every reason to think that their travel records might be contained in the System of Records used to test Secure Flight. Plaintiffs Dr. John A. Davis, superintendent of the remote Bering Strait School District and Charles Beckley, coordinator of technology for the school district, repeatedly flew inside the U.S. on commercial airlines during the month of June. Plaintiffs Sally Huntley and Bill Beck are travel agents whose agent information is likely contained within hundreds of passenger name records on tickets they booked for their customers during the month of June 2004.

When TSA provided notice that they were creating their Secure Flight System of Records in September 2004, the Privacy Act allowed for individuals to request any of this data. On May 8, the plaintiffs filed their Privacy Act requests for both their PNR and information on them provided by commercial database firms. But when the plaintiffs requested their records from TSA, the agency gave them the round around.

On June 20, 2005, the American Civil Liberties Union issued a press release noting that the TSA was set to disclose in the Federal Register that the agency had indeed collected and stored personal data about airline travelers despite a Congressional ban - and promises by the agency that it would not do so. The ACLU pointed out that “the secret collection of personal data from private companies shows a complete disregard for the privacy of Americans.”

On June 22, the TSA replied to the Alaskan’s request for their records by informing them that “[a] search within the Transportation Security Administration (TSA) was conducted and no documents responsive to your requests were located.”

On the same day the TSA told plaintiffs that they couldn’t find their records, the TSA filed a notice in the Federal Register admitting that commercial data had been included in the records and stating that it had decided to destroy “certain copies of the original [records] provided by the air carriers.” The notice also sought to amend the existing record system to include commercial data and identified the commercial data providers as Insight, Acxiom, and Qsent. “Can an agency just destroy the records and say ‘sorry,’ they don’t have them any more?” asked Harrison?

The plaintiffs immediately appealed the TSA’s conclusion that their records could not be located. They cautioned TSA not to destroy any part of their System of Records and asked for the confirmation of any destruction of data.

Oddly, a month after the plaintiffs appealed TSA’s conclusion that their records could not be located, TSA came back and asked the plaintiffs to disclose which airlines they traveled on and when so “an adequate search of the records” could be performed. Harrison immediately provided TSA with the requested information. But despite repeated requests and administrative appeals by plaintiffs that their records not be destroyed, the Alaskans have not been notified that the destruction of these records has been halted. TSA has exceeded its 30 day limit for replying to the request.

The Alaskans are now demanding that that the court order the TSA and the DHS to immediately disclose what records contained in the System of Records to test Secure Flight were destroyed, by whom and when. They want to court to declare that TSA and DHS violated the Privacy Act and their own rules to comply with the Privacy Act. And of course, the plaintiffs want the court to force TSA and DHS to hand over copies of their personal travel dossiers and comply with the law.

Harrison said he was contacted today by TSA who denied that they had any information about his clients.