Secondary Screening

Archives
By Date
April 2006
March 2006
January 2006
December 2005
November 2005
October 2005
September 2005
August 2005
July 2005
June 2005
May 2005
April 2005
March 2005
February 2005
January 2005
December 2004
November 2004
October 2004
September 2004
August 2004
By Category
Airline Security Measures
Bicycles
Book Reviews
Congress
Data Mining
Department of Homeland Security
Freedom of Information
Government Secrecy
Miscellany
Other People's Writing
Privacy
Security Measures
The Courts
The New Web
Threat Level
Recent Entries
Change of Address
Privatized Registered Traveler On Track
Software Bug Shuts Down Nation's Busiest Airport
HostGator Rocks
But some butter is more butter than other butter
TSA Picks Privacy Player
AT&T Loses A Customer Over NSA Lawsuit
Jetsons Video Phone? Deaf Say Yes!
AT&T *69s EFF
Narus Not in the Know
Published articles
Wired News Articles
Links
Wired News
DefenseTech
Practical Nomad
BeSpacific
DHS Privacy Office
Memory Hole Blog
Electronic Privacy Information Center
Privacy Digest
Electronic Frontier Foundation
Homeland Security Institute
Secrecy News
Emergent Chaos
EPIC West's Chris Hoofnagle
Prawfs Blog with Daniel Solove
Ann Harrison
Reuter's Andy Sullivan
Schneier on Security
Talk Left
Reason's Hit & Run
W. David Stephenson
Phillip Carter's Intel Dump
Project on Government Oversight
Technology Liberation Front
Edward Felten's Freedom to Tinker
Contact
Email me
415.375.3150
Subscribe
Feed: Your Reader
Atom
RSS 1.0
RSS 2.0
RSD
About Ryan Singel
I'm a San Francisco-based freelance journalist who covers antiterrorism programs, civil liberties, the Internet and privacy.
« Times Gets CAPPS II History Wrong | Main | Homeland Security History »
September 22, 2004 | Secure Flight Test Announced

CAPPS 3.0 (renamed Secure Flight by the TSA to differentiate it from the controversial CAPPS 2.0 proposal), will be tested starting in November.

Airlines, according to a proposed order unveiled Tuesday, will have to turn over their reservation databases from June 2004.

Some more details from my story in Wired News today.

Secure Flight will expand on the current use of watch lists by using a centralized terrorist watch list run by the Terrorist Screening Center housed at the FBI.

The center's director, Donna A. Bucella, told Congress in March the list is now 120,000 names long.

The centralization, while long planned, embraces one of the key recommendations of the 9/11 commission, according to TSA spokeswoman Yolanda Clark.

TSA wants to run the test with real data to make sure its centralized system can handle checking 2 million passengers a day and to see if the use of a larger -- but centralized -- watch list will increase or decrease the number of people erroneously fingered by the system.

The TSA will also test the effectiveness of verifying passenger identities using commercial databases such as those operated by data giants LexisNexis and Acxiom.

Now, as we saw today, the expanded terrorist watch list will catch more people, including those, like Cat Stevens, who the government suspects may have donated money to terrorist groups.

Cat Stevens was snared by the Customs and Border Protection agency which is responsible for vetting flights in to the country. The TSA has responsibility inside the country, via the proposed Secure Flight and the current smaller operated by the airlines.

Secure Flight will use the exact same watch list.

Now the TSA hopes that bringing the lists in-house will prevent misidentifications using the watch lists, to keep Teddy Kennedy and every David Nelson in the country from being flagged for extra screening.

I've yet to hear a good explanation of how this will happen, unless the TSA requires passengers to provide more information when booking a flight. Otherwise there is no way to know from an airline reservation, whether the Teddy Kennedy booking a flight is the one wanted by the list or the senior senator from Massachusetts.

The list itself may have more information (e.g. can include more sensitive intelligence information) but a huge percentage of airline reservations do NOT include home phone numbers or addresses (many travel agents, including Travelocity, insert their own addresses and phone numbers in those slots).

There's going to be a lot more to this story.

Airlines are not doing well financially, and I believe that they will resist much of Secure Flight if they believe any of these three things: 1) Secure Flight won't speed up screening, 2) Airlines will have to pay substantial and ongoing costs to keep their computers in contact with the TSAs or 3) a substantial part of the public thinks the system is stupid, ineffective or invasive.

Now the TSA needs to prove that the system really will work, That means it has to hit the trifecta -- it has to be simulaneously efficient, uninvasive and effective at keeping real threats off planes.

Given the program's history, that is no small task.

Posted by Ryan Singel at September 22, 2004 04:37 PM
Powered by
Movable Type 3.2