Tuesday, June 21, 2005

NY Times : : Gov't Collected Data on Airline Passengers

Defying Congressional edict and its own repeated promises, the TSA is accumulating personal data on airline passengers. This leaves librarians the sole protectors of our right to privacy, apparently.

The federal agency in charge of aviation security revealed that it bought and is storing commercial data about some passengers -- even though officials said they wouldn't do it and Congress told them not to...
...But Secure Flight and its predecessor, CAPPS II, have been criticized for secretly obtaining personal information about airline passengers, not doing enough to protect it and then misleading the public about its role in acquiring the data.

2 Comments:

Blogger Management said...

Gov't. Collected Airline Passenger Data
The Associated Press

Monday 20 June 2005

Washington - The federal agency in charge of aviation security collected extensive personal information about airline passengers even though Congress forbade it and officials said they wouldn't do it, according to documents obtained Monday by The Associated Press.

The Transportation Security Administration bought and is storing details about U.S. citizens who flew on commercial airlines in June 2004 as part of a test of a terrorist screening program called Secure Flight, the documents indicate.

"TSA is losing the public's trust," said Tim Sparapani, a privacy lawyer with the American Civil Liberties Union. "They have a repeated, consistent problem with doing one thing and then saying they did another."

Secure Flight and its predecessor, CAPPS II, have been criticized for secretly obtaining personal information about airline passengers and failing to do enough to protect it.

The TSA and several airlines were embarrassed last year when it was revealed that airlines gave personal information on 12 million passengers to the government without the travelers' permission or knowledge. An inspector general's report found TSA misled the public about its role in acquiring the data.

Class-action lawsuits have been brought against airlines and government contractors for sharing their passengers' information. As a result, airlines agreed to turn over passenger data for testing only after they were ordered to do so by the government in November.

According to the documents, which will be published in the Federal Register this week, the TSA gave the data, known as passenger name records, to its contractor, Virginia-based EagleForce Associates. Passenger name records can include a variety of information, including name, address, phone number and credit card information.

EagleForce then compared the passenger name records with commercial data from three contractors that included first, last and middle names, home address and phone number, birth date, name suffix, second surname, spouse first name, gender, second address, third address, ZIP code and latitude and longitude of address. The reason for the comparison was to find out if the passenger name record data was accurate, according to the TSA.

EagleForce then produced CD-ROMs containing the information -- except for latitude and longitude and spouse's first name -- "and provided those CD-ROMs to TSA for use in watch list match testing," the documents said. TSA now stores that data.

According to previous official notices, TSA had said it would not store commercial data about airline passengers.

The Privacy Act of 1974 prohibits the government from keeping a secret database. It also requires agencies to make official statements on the impact of their record keeping on privacy.

The TSA revealed its use of commercial data in a revised Privacy Act statement to be published Wednesday in the Federal Register.

"This is like creating an FBI file, not just some simple check, and then they're storing the data," said Sparapani, the ACLU attorney.

TSA spokesman Mark Hatfield said the program was being developed with a commitment to privacy, and that it was routine to change Privacy Act statements during testing.

"Secure Flight is built on an airtight privacy platform, and the GAO (Government Accountability Office) and Congress are providing close oversight every step of the way," Hatfield said. "The purpose of the testing is to define what the program will ultimately look like."

The TSA said it is protecting the data from theft and carefully restricting access to it.

Congress said no money could be spent to test such an identity verification system "until TSA has developed measures to determine the impact of such verification on aviation security and the Government Accountability Office has reported on its evaluation of the measures." That language was part of the Homeland Security Department spending bill, which became law Oct. 18.

The GAO issued its report on Secure Flight testing on March 28. The report gave the TSA a failing grade, saying the program hadn't met nine of 10 criteria that Congress said it must meet before being implemented.

Hatfield said appropriate congressional committees were briefed in December on the contract awarded to EagleForce on Feb. 22.

But Bruce Schneier, a security expert who serves on the TSA-appointed oversight panel for Secure Flight, said the agency was explicitly told not to try to verify passengers' identity with commercial data.

"They're doing what they want and they're working around any rules that exist," Schneier said.

Last week, the Homeland Security Department's chief privacy officer, Nuala O'Connor Kelly, announced she's conducting an investigation of the TSA's use of commercial data for Secure Flight testing.

1:50 PM  
Blogger Management said...

FBI trawls libraries for terrorist readers

Jamie Wilson in Washington
Tuesday June 21, 2005
The Guardian

The bookish calm of a public library might not seem like the most obvious place to hunt for terrorists, but according to a report, the FBI and other US law enforcement agencies involved in counter-terrorism have made more than 200 requests for information about borrowers from libraries since September 11.

A list of people who had borrowed a book about Osama bin Laden was among the information to have been demanded since the introduction of the patriot act, the legislation that has enhanced the government's powers to investigate alleged terrorist activity after the attacks on the World Trade Centre and the Pentagon.

The power to subpoena library records has been fiercely resisted by the American Library Association, which believes it could put people off reading certain books or subjects.

It commissioned the study after the justice department sought to play down the likely number of requests for library records.

"What this says to us is that agents are coming to libraries and they are asking for information at a level that is significant, and the findings are completely contrary to what the justice department has been trying to convince the public [of]," Emily Sheketoff, the executive director of the library association's Washington office, told the New York Times.

The use of the patriot act to request information from librarians came to public attention last year when a library in Washington state received a demand for information after a user took out a book on Bin Laden and found a handwritten note in the margin that said: "Hostility toward America is a religious duty and we hope to be rewarded by God."

The borrower went to the FBI who in turn went to the library seeking names and information on borrowers who had taken out the biography since 2001.

The library turned down the request and fought a subsequent subpoena.

Critics claim that the patriot act is an infringement of civil liberties and that it has increasingly been the subject of debate in Congress.

7:16 PM  

Post a Comment

<< Home