Secondary Screening

Archives
By Date
April 2006
March 2006
January 2006
December 2005
November 2005
October 2005
September 2005
August 2005
July 2005
June 2005
May 2005
April 2005
March 2005
February 2005
January 2005
December 2004
November 2004
October 2004
September 2004
August 2004
By Category
Airline Security Measures
Bicycles
Book Reviews
Congress
Data Mining
Department of Homeland Security
Freedom of Information
Government Secrecy
Miscellany
Other People's Writing
Privacy
Security Measures
The Courts
The New Web
Threat Level
Recent Entries
Change of Address
Privatized Registered Traveler On Track
Software Bug Shuts Down Nation's Busiest Airport
HostGator Rocks
But some butter is more butter than other butter
TSA Picks Privacy Player
AT&T Loses A Customer Over NSA Lawsuit
Jetsons Video Phone? Deaf Say Yes!
AT&T *69s EFF
Narus Not in the Know
Published articles
Wired News Articles
Links
Wired News
DefenseTech
Practical Nomad
BeSpacific
DHS Privacy Office
Memory Hole Blog
Electronic Privacy Information Center
Privacy Digest
Electronic Frontier Foundation
Homeland Security Institute
Secrecy News
Emergent Chaos
EPIC West's Chris Hoofnagle
Prawfs Blog with Daniel Solove
Ann Harrison
Reuter's Andy Sullivan
Schneier on Security
Talk Left
Reason's Hit & Run
W. David Stephenson
Phillip Carter's Intel Dump
Project on Government Oversight
Technology Liberation Front
Edward Felten's Freedom to Tinker
Contact
Email me
415.375.3150
Subscribe
Feed: Your Reader
Atom
RSS 1.0
RSS 2.0
RSD
About Ryan Singel
I'm a San Francisco-based freelance journalist who covers antiterrorism programs, civil liberties, the Internet and privacy.
« Looks Like Ivan, But It's Just Construction | Main | Secure Flight Test Announced »
September 20, 2004 | Times Gets CAPPS II History Wrong

Matthew Wald and John Schwartz of the New York Times both advance and rewrite the story of CAPPS II in this story published in the Sunday edition.

Wald and Schwartz lay out a history whereby CAPPS II suffered from mission creep and became, over time, a bloated program that was just as focused on catching criminals as it was on keeping terrorists off planes.

The story leans heavily on successive draft copies of "privacy impact statements" -- a required step for new federal databases under Lieberman's E-Governmnent of 2002. It is however a new process and few agencies know how do them, except for those such as the IRS who have been writing them for years as a way to make sure privacy is built into a system at the beginning, not tacked on later when under fire.

Those documents were acquired by the Electronic Privacy Information Center through a FOIA request and then a follow-up lawsuit. The lawsuit was necessary because the Transportation Security Administration wanted to withhold the drafts.

Wald and Schwartz try to use the documents to show how the program expanded in 2003.

They write:

But what began as a program intended to focus narrowly on terrorism in air travel expanded greatly as it developed. The agency developed a series of "Privacy Impact Assessments" for CAPPS 2 as required by federal law. These assessments are the documents that the privacy center obtained. The first draft of the privacy assessment stated the purpose of the program in one concise paragraph, saying that CAPPS 2 information "may be disclosed to federal, state, local and international law enforcement officials who have jurisdiction over the airframe and/or the individual who is a known or suspected foreign territorial or who is a threat to aviation safety, civil aviation or national security."

By the third draft, in July 2003, there were 15 paragraphs, saying the system could be used in other cases of violent crime by "appropriate federal, state, local, international, or foreign agencies or authorities." The third version of the privacy statement also included contractors, consultants, "other federal agencies conducting litigation, as well as the General Services Administration and the National Archives." The expansion of the program's mission has been reflected in public statements by Homeland Security officials, as well.

In May 2003, Adm. James Loy, then director of the Transportation Security Administration, said that the program would not be used as a trolling net for criminals. "The ax murderer that gets on the airplane with a clean record in New Orleans and goes to Los Angeles and commits his or her crime, that is not the person we are trying to keep off that airplane at the moment," Admiral Loy said in Congressional testimony.

By July 2003, however, the chief privacy officer of the Department of Homeland Security, Nuala O'Connor Kelly, said the system could be used to detain a passenger who had "an outstanding warrant for a crime of violence." But there were to be limits. "You're not going to get pulled over because you ran a red light," she said, "because I did one the other day."

So essentially, according to the Times and TSA insiders, CAPPS II started off as something narrow, then expanded, and now the TSA is going to revert to the early, more politically palatable version.

A nice clean narrative.

But it is wrong.

One needs only to look at the first CAPPS II Privacy Act Notice, which was published in the Federal Register on January 15, 2003.

Unlike PIAs, Privacy Act notices have been around since the 1970s. They say what kind of information will be in a database, who has to provide the info, what the penalties are for non-compliance, how long the records will be held and who the records will be shared with.

And this particular notice was the bureaucratic announcement of CAPPS II. It preceded work by the TSA on the Privacy Impact Assessment, (that makes sense because the PIA has a later deadline by law and is more complicated).

And what was in the first privacy act notice? CAPPS II could look for anyone who violated any law and the TSA could share info in the system with just about anyone.

Though I have not seen the PIAs, from my conversation last week with EPIC and reading the description in the Times article, it is fair to say that the first document about CAPPS detailed a system BROADER in scope than the final draft PIA, that the Times says proves that CAPPS II expanded.


Here's an only slightly edited list of what the January 15, 2003 Privacy Act notice said about information sharing:

Information may be disclosed from this system as follows: (1) To appropriate Federal, State, territorial, tribal, local, international, or foreign agencies responsible for investigating or prosecuting the violations of, or for enforcing or implementing, a statute, rule, regulation, order, or license, where TSA becomes aware of an indication of a violation or potential violation of civil or criminal law or regulation. (2) To contractors, grantees, experts, consultants, agents and other non-Federal employees ... ... (5) To a Federal, State, or local agency, where such agency has requested information relevant or necessary for the hiring or retention of an individual, or issuance of a security clearance, license, contract, grant, or other benefit. (6) To the news media .... (7) To the Department of State, or other Federal agencies concerned with visas and immigration, and to agencies in the Intelligence Community, ... (8) To international and foreign governmental authorities in accordance with law and formal or informal international agreements. ... (10) To airports and aircraft operators, to the extent the disclosure is deemed required in the interests of transportation security. (11) To the National Archives and Records Administration (NARA) ...

So why then did the first draft PIA talk about a narrow system? And why did each successive draft grow longer and more descriptive?

Three words. Chief Privacy Officer.

The Department of Homeland Security hired Nuala O'Connor Kelly in March 2003.

My educated hunch is that O'Connor Kelly, who is a proceduralist at heart, kept sending the PIA back to the TSA precisely because the PIA was not an accurate description of CAPPS II.

I know from other documents that the TSA did not know how to write a PIA and relied on a template the TSA got from the Department of Transportation.

The Times version is just plain wrong. CAPPS II was intended from the start to be uber-comprehensive passenger screening system that would use and feed law enforcement and intelligence databases.

The new version of CAPPS II, Secure Flight, does not go back to the original model of CAPPS II. It goes further back. How far back is hard to say due to the TSA's unwillingness to give reporters additional details, but I will attempt to find out a little more this week.

Posted by Ryan Singel at September 20, 2004 12:01 AM
Powered by
Movable Type 3.2