Secondary Screening

Archives
By Date
April 2006
March 2006
January 2006
December 2005
November 2005
October 2005
September 2005
August 2005
July 2005
June 2005
May 2005
April 2005
March 2005
February 2005
January 2005
December 2004
November 2004
October 2004
September 2004
August 2004
By Category
Airline Security Measures
Bicycles
Book Reviews
Congress
Data Mining
Department of Homeland Security
Freedom of Information
Government Secrecy
Miscellany
Other People's Writing
Privacy
Security Measures
The Courts
The New Web
Threat Level
Recent Entries
Change of Address
Privatized Registered Traveler On Track
Software Bug Shuts Down Nation's Busiest Airport
HostGator Rocks
But some butter is more butter than other butter
TSA Picks Privacy Player
AT&T Loses A Customer Over NSA Lawsuit
Jetsons Video Phone? Deaf Say Yes!
AT&T *69s EFF
Narus Not in the Know
Published articles
Wired News Articles
Links
Wired News
DefenseTech
Practical Nomad
BeSpacific
DHS Privacy Office
Memory Hole Blog
Electronic Privacy Information Center
Privacy Digest
Electronic Frontier Foundation
Homeland Security Institute
Secrecy News
Emergent Chaos
EPIC West's Chris Hoofnagle
Prawfs Blog with Daniel Solove
Ann Harrison
Reuter's Andy Sullivan
Schneier on Security
Talk Left
Reason's Hit & Run
W. David Stephenson
Phillip Carter's Intel Dump
Project on Government Oversight
Technology Liberation Front
Edward Felten's Freedom to Tinker
Contact
Email me
415.375.3150
Subscribe
Feed: Your Reader
Atom
RSS 1.0
RSS 2.0
RSD
About Ryan Singel
I'm a San Francisco-based freelance journalist who covers antiterrorism programs, civil liberties, the Internet and privacy.
« A Newspaper for the Blog World | Main | All I need is a badge and a cell phone »
November 11, 2005 | TSA "Refreshes" Website, Removes Critical Report

The Transportation Security Administration has removed a link from its website to an internal report highly critical of its newest airline passenger screening proposal, while simultaneously adding rebuttals to it.

The scathing report was written by a group of privacy experts and technologists appointed to the Secure Flight Working Group, which was tasked by the TSA with evaluating the effectiveness and privacy risks of its proposed upgrade to the current passenger watchlist system, now dubbed "Secure Flight."

Frustrated by incomplete briefings, the group recommended that Congress ban live testing of the program until the Department of Homeland Security clarifies how it will work.

When asked about the delinking of the report, TSA spokesman Nico Melendez said by email the delinking was part of a "'scrub' of our website."

"Several items have been refreshed to ensure appropriate information for public consumption is available," Melendez said.

The report was posted in full to the TSA's website in mid-September to the surprise of several group members who did not expect the critical report would be allowed to be made public.

"Based on the limited test results presented to us, we cannot assess whether even the general goal of evaluating passengers for the risk they represent to aviation security is a realistic or feasible one or how TSA proposes to achieve it," the report said. "We do not know how much or what kind of personal information the system will collect or how data from various sources will flow through the system. Until TSA answers these questions, it is impossible to evaluate the potential privacy or security impact of the program..."

The group's membership included security expert Bruce Schneier, noted technologist Ed Felten, corporate privacy lawyer Martin Abrams, and Steve Lilienthal of the conservative Free Congress Foundation.

The TSA has since delinked the report, replacing it with an executive summary of the report (.doc) that simply summarizes the nature of the working group and the Secure Flight program. It contains none of the report's findings.

The revision seems to have been done by a TSA employee named Jose Carrao on October 12.

Oddly, the full report (.pdf) remains on the TSA's servers, though there are no links to it. A saved copy can also be found here.

The TSA also added two rebuttals from aviation groups (Word docs here and here) and one clarification (.pdf) from the Terrorist Screening Center, which is responsible for creating the centralized terrorist watchlist.

One of rebuttals itself has been revised to remove original comments about the size of the TSA watchlists, saying that information "has been determined by TSA/DHS to be Sensitive Security Information (SSI)." SSI is not classified information, but the TSA uses the designation to withhold information from the public, such as airport security plans and the fact it requires airlines to ask for identification from passengers. One federal judge has already ruled that the TSA uses SSI designation frivolously.

The working group's report discusses the watchlist's composition and length, relying on information provided to it by a TSA employee and other information found in a Justice Department report on the watchlist(.pdf).

In part, the working group wrote that "As of spring 2005, there were about 270,000 entries in the TSDB [Terrorist Screening Database], many of them aliases of the same individual. Of these, about 30,000-40,000 were on the No-Fly list, and 30,000-40,000 were on the Selectee list, for a combined total of about 70,000. As the TSDB and TSA lists are further scrubbed, TSA officials predict that the number of No-Flys might be reduced to as few as 20,000. However, the number of Selectees was expected to increase substantially, so that the total of the No-Fly and Selectee lists might be about 160,000 persons."

Melendez did not reply to a follow-up email asking if the report contained sensitive information inappropriate for public consumption.

If the document does contain information that is too sensitive for the public to know about, it is unclear why the TSA simply delinked the document without removing it from their servers, since the report is easily available through search engines.

Melendez also declined to say why the TSA uses the word "refresh" to refer to the removal of information from its website.

Posted by Ryan Singel at November 11, 2005 10:25 AM

 Trackback Pings

TrackBack URL for this entry:
http://www.secondaryscreening.net/cgi-bin/mt-tb.cgi/247

Listed below are links to weblogs that reference TSA "Refreshes" Website, Removes Critical Report:

» TSA Censors SecureFlight Working Group Report (find it here) from Blogs at CIS - Lauren Gelman
In a fitting end to my participation on the TSA Secure Flight Working Group on Privacy and Security, the TSA... [Read More]

Tracked on November 11, 2005 02:13 PM

» Airline Security from Schneier on Security
My seventh Wired.com column is on line. Nothing you haven't heard before, except for this part: I know quite a lot about this. I was a member of the government's Secure Flight Working Group on Privacy and Security. We looked... [Read More]

Tracked on December 1, 2005 08:15 AM

» Airline Security a Waste of Cash from The Crooked Links
"...The program has been a complete failure, resulting in exactly zero terrorists caught. And even worse, thousands (or more) have been denied the ability to fly, even though they've done nothing wrong." [via; see also]... [Read More]

Tracked on December 2, 2005 04:45 AM
Powered by
Movable Type 3.2