Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

TSA Violated Law, GAO Finds

From: David Farber <dave () farber net>
Date: Fri, 22 Jul 2005 17:59:44 -0400


Begin forwarded message:

From: prsingel <prsingel () pacbell net>
Date: July 22, 2005 5:10:01 PM EDT
To: dave () farber net
Subject: TSA Violated Law, GAO Finds


http://www.secondaryscreening.net/static/archives/2005/07/tsa_broke_the_
l.html#000217
Ryan Singel

TSA employeess did indeed violate a federal privacy law when they
secretly expanded the nature and extent of testing of a new passenger
screening system, according to congressional investigators.

The head of the Secure Flight program, Justin Olberman, has tried to
downplay the extent of the program's violations of privacy law in
briefings to the press by leaving out crucial infromation and describing
the violations as "technical."

Transportation Security Administration's chief spokesman Mark Hatfield
went further by lying to this reporter about whether the TSA ever
received data from private data companies.

Today's letter from the Government Accountablity Office to Congress
makes clear that the TSA's actions were more than just "technical"
violations of the nation's privacy laws.

In fact, the letter shows this is just the latest in a string of privacy
scandals at the TSA that have involved millions of passenger records and
repeated false statements to Congress and the media.

According to the GAO:

    "During the course of our ongoing review of the Secure Flight
program, we found that TSA did not fully disclose to the public its use
of personal information in its fall 2004 privacy notices as required by
the Privacy Act. In particular, the public was not made fully aware of,
nor had the opportunity to comment on, TSA's use of personal information
drawn from commercial sources to test aspects of the Secure Flight
program. In September 2004 and November 2004, TSA issued privacy notices
in the Federal Register that included descriptions of how such
information would be used.

    However, these notices did not fully inform the public before
testing began about the procedures that TSA and its contractors would
follow for collecting, using, and storing commercial data. In addition,
the scope of the data used during commercial data testing was not fully
disclosed in the notices. Specifically, a TSA contractor, acting on
behalf of the agency, collected more than 100 million commercial data
records containing personal information such as name, date of birth, and
telephone number without informing the public. As a result of TSA's
actions, the public did not receive the full protections of the Privacy
Act."

That's not the most damning prose, but its pretty clear the GAO, who was
*supposed* to be keeping a close eye on the TSA, feels like they got
misled.

In fact, no other program in the government is supposed to be as closely
monitored by the GAO as Secure Flight.

It's unclear whether anyone at TSA will actually get prosecuted for this
violation of the law or not, though Homeland Security's chief privacy
officer is investigating.

Whole 16 page report is http://www.gao.gov/new.items/d05864r.pdf.

Full Blog entry:
http://www.secondaryscreening.net/static/archives/2005/07/tsa_broke_the_
l.html#000217
Earlier Blog reporting on TSA lies
http://www.secondaryscreening.net/static/archives/2005/06/tsa_lies_could
.html#000206







-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/
Previous By Date Next
Previous By Thread Next

Current thread: