Questions for the Dept of Homeland Security on CAPPS II [priv]

[Declan McCullagh <declan () well com>]

COMMENTARY: CAPPS II: QUESTIONS THAT NEED TO BE ANSWERED

Should CAPPS II be cleared for takeoff?

The new, new thing developed by the TSA that they claim will enhance
aviation security has encountered plenty of turbulence even before it's
taken off.

Certainly, privacy advocates are concerned about the new system with its
color-coded risk assessment. Who gets a cautionary yellow? Who gets a red
which means you will be forbidden to board? What factors will determine the
rating system? What recourse do passengers who think they have been stopped
unfairly have?  For that matter, just how accurate will this color-coded
system be?

The TSA admits that they have not been able to fully plan and test the
system yet. Clearly, a very important stumbling block has been the failure
of the airlines to provide on time needed passenger data to the TSA.
Airlines may very well fear that cooperating with TSA will lead to boycotts
or bad publicity. Perhaps a more important issue that may be lurking but so
far has been largely undiscussed by the airlines and the travel industry is
that the CAPPS II system will saddle them with added costs as they will have
to revamp their reservation systems to collect the passenger authentication
data required by CAPPS II.  It's an unfounded mandate by the Federal
government on the travel and airline industry. (see Business Travel News
Online.com article)

But the concerns expressed about the system have also been expressed by a
recent report issued by the Government Accounting Office called: "Computer
Assisted Prescreening System Faces Significant Implementation Challenges."

Here are some excerpts:

"TSA program officials said that testing government databases for overall
accuracy will be challenging. For example, TSA does not know exactly what
type of information the government databases contain, such as whether a
database will contain a person's name and full address, a partial address,
or no address at all. Furthermore, a senior program official said that TSA
has no indication of the accuracy of information contained in government
databases. The official stated that using data without assessing accuracy
and mitigating data errors could result in erroneous passenger assessments,
and that government database accuracy and mitigation measures will be
completed before the system is placed in operation.

"Although TSA plans to take measures to mitigate errors in commercial and
government databases used by CAPPS II, TSA officials and commercial data
providers stated that databases determined to have an acceptable level of
accuracy will likely still contain errors. Consequently, in addition to
using multiple databases and a process to identify misspellings to correct
errors in commercial databases, TSA is also developing a redress process
whereby passengers can attempt to get erroneous data corrected. However, it
is unclear what access passengers will have to information found in either
government or commercial databases, or who is ultimately responsible for
making corrections. Additionally, if errors are identified during the
redress process, TSA does not have the authority to correct erroneous data
in commercial or government databases. TSA officials said they plan to
address this issue by establishing protocols with commercial data providers
and other federal agencies to assist in the process of getting erroneous
data corrected."

But will these protocols ensure effective followup? To get others to
"assist" in making corrections makes it sound as if the commercial or
government agencies keeping the data bases are doing aggrieved passengers a
favor, not fulfilling what should be an iron-clad responsibility to maintain
the accuracy of their databases. How much teeth will these protocols have?
How effective will the monitoring process be?

The GAO report credits the TSA for issuing plans that "appear to address
many of the requirements of the Privacy Act, the primary legislation that
regulates the government's use of personal information."

However, the GAO report goes on to say: "In January 2003, TSA published a
proposed rule to exempt the system from seven Privacy Act provisions but has
not yet provided the reasons for these exemptions, stating that this
information will be provided in a final rule to be published before the
system becomes operational. As a result, TSA's justification for these
exemptions remains unclear. Until TSA finalizes its privacy plans for CAPPS
II and addresses such concerns, we lack assurance that the system will fully
comply with the Privacy Act."

The Department of Homeland Security, in which TSA is housed, has a Chief
Privacy Officer who, among other things, is supposed to ensure DHS agencies
are in compliance with Privacy Act measures. However, how effective can the
CPO be in ensuring privacy act protection under CAPPS II when the TSA is
seeking a number of exemptions? Consider what is stated below by GAO.

"...TSA plans to exempt CAPPS II from the Privacy Act's requirements to
maintain only that information about an individual that is relevant and
necessary to accomplish a proper agency purpose. These plans reflect the
subordination of the use limitation  practice and data quality  practice
(personal information should be relevant to the purpose for which it is
collected) to other goals and raises concerns that TSA may collect and
maintain more information than is needed for the purpose of CAPPS II, and
perhaps use this information for new purposes in the future. Further, TSA
plans to limit the application of the individual participation practice --
which states that individuals should have the right to know about the
collection of personal information, to access that information, and request
correction -- by prohibiting passenger access to all personal information
about them accessed by CAPPS II. This raises concerns that inaccurate
personal information will remain uncorrected in and continue to be accessed
by CAPPS II."


The GAO report does admit that the actions to restrain the use of Fair
Application
Policies -- international principles reflected in the Privacy Act -- are not
violating federal requirements. In GAO's view, TSA is attempting a balance
between privacy and concerns regarding enforcement and administration.

The conclusion of the GAO report states: "Without proper oversight, there is
limited assurance that the system and its data will be adequately protected
against misuse, and that the system is operating as intended...Lastly, given
the concerns regarding the protection of passenger data, the system cannot
be fully accepted if it lacks a comprehensive redress process for those who
believe they are erroneously labeled as an unknown or unacceptable risk."

The DHS differs with key conclusions of the GAO report. They stress that
CAPPS II is still a system that is "under development" but overarching
privacy policies and redress mechanism have been established."

The selective quoting in this commentary reflect the entire range of
concerns covered in the extensive 50 page GAO report and the Department of
Homeland Security's side, expressed in a letter over two pages that was
signed by Undersecretary for Management Janet Hale,  is clearly treated in
passing in this commentary.  The report in its entirety and the DHS letter
is available on the GAO webpage:
<http://www.gao.gov/cgi-bin/getrpt?GAO-04-385>

It's worth noting that even The Heritage Foundation in a recent webmemo
called "Passenger Screening Program is Vital -- and Vital to Get Right" by
James Carafano, Paul Rosenzweig, Ha Nguyen asserts that "Several privacy and
data protection issues...should be addressed before CAPPS II is deployed"
and that congressional guidance is needed to "set criteria for data
accuracy, prevention of unauthorized use, privacy protection, and redress
procedures and should require guidelines and risk mitigation strategies to
prevent costs from spiraling out of control."

If you travel frequently or have experienced problems with government or
commercial databases or both then you have every reason to want to learn
more about CAPPS II because this system and its color coded risk assessment
will determine whether you will be able to board a plane and takeoff to your
destination. The use of government and commercial databases and their
accuracy and the effectiveness of the privacy protections that will be in
place and the procedures for effective recourse for passengers who feel they
have been misrated by CAPPS II  are also significant concerns and certainly
invite questions.

The Senate Commerce Committee or one of its subcommittees is expected to
hold a hearing on CAPPS II in March. There's no better time to let the
senators and staff who serve on that committee know what questions you want
answered about this system.

Steve Lilienthal is Director of the Center for Privacy and Technology Policy
at the Free Congress Foundation.

Address:

Senate Commerce Committee
United States Senate
Washington, D.C. 20510

<http://commerce.senate.gov>


In fairness, the Department of Homeland Security's own view of CAPPS II:
Myths & Facts can be found at:

<http://www.dhs.gov/dhspublic/display?content=3163>

2/13/04 BTNonline.com (Business Travel Newsonline.com) Story: "Industry:
CAPPS II Faces Massive Technical Challenges"


<http://www.btnmag.com/businesstravelnews/headlines/article_display.jsp?vnu_
content_id=2091182>

2/18/04 The Heritage Foundation WebMemo #428: "Passenger Screening Program
is Vital -- and Vital to Get Right"

<http://www.heritage.org/Research/HomelandDefense/wm428.cfm?renderforprint=1
>



_______________________________________________
Politech mailing list
Archived at http://www.politechbot.com/
Moderated by Declan McCullagh (http://www.mccullagh.org/)