The Transportation Security Administration (TSA) has broadened its screening of passengers before they arrive at the airport by using government and private databases revealing personal information.
The expanded screening, which used to apply only to people entering the United States, now affects domestic travelers, and can include TSA agents reviewing car registrations and employment information.
“It is unclear precisely what information the agency is relying upon to make these risk assessments, given the extensive range of records it can access, including tax identification number, past travel itineraries, property records, physical characteristics, and law enforcement or intelligence information,” Susan Stellin wrote for The New York Times.
TSA claims that the purpose of the expanded passenger data scans is to identify low-risk passengers in order to lighten their security screening at the airport and thus make actual searches more targeted. The agency’s goal is to be able to do that with 25% of all passengers by the end of 2014. Those designated low-risk travelers will get to move through a separate line and be able to keep their shoes and jackets on.
Privacy groups expressed concern over the TSA’s widening reach into people’s personal records.
Previously, the air travel background checks, called Secure Flight, only involved a comparison of a passenger’s name, gender and date of birth to terrorist watch list data. Now it is clearly much more.
“I think the best way to look at it is as a pre-crime assessment every time you fly,” Edward Hasbrouck, a consultant to the Identity Project, one of the groups that oppose the prescreening initiatives, told the Times. “The default will be the highest, most intrusive level of search, and anything less will be conditioned on providing some additional information in some fashion.”
TSA has not announced details of the program, but it reportedly has already been launched.
To Learn More:
Security Check Now Starts Long Before You Fly (by Susan Stellin, New York Times)
As TSA Expands beyond Airports, Concerns are Raised over Warrantless Searches (by Noel Brinkerhoff and Danny Biederman, AllGov)
TSA Spreads to Trains, Subways, Bus Terminals and Ferries (by Noel Brinkerhoff and David Wallechinsky, AllGov)
Tennessee First State to Allow TSA Highway Random Search Program (by David Wallechinsky and Noel Brinkerhoff, AllGov)
Classified TSA documents revealed by clerical error show that the agency does not think terrorists are plotting to attack airplanes, suggesting that nude body scans are unnecessary to protect passengers.
After Rapiscan developed “backscatter” body scanners using Advanced Imaging Technology in 2007, Jonathan Corbett sued the Transportation Security Administration three years later.
He claimed that the TSA procedures violated the Fourth Amendment’s prohibition against unreasonable searches in requiring agents to touch the passengers’ private areas and let them see clear images of the passengers’ nude bodies.
Corbett claimed that the “the abstract risk[s] of terrorism without a credible, specific threat” does not justify the unreasonable screening procedures, which are performed without probable cause or a search warrant.
“The nude body scanners serve to palpate every inch of skin, this time with electromagnetic radiation rather than fingers,” he wrote in a recent brief. “Every crevice, fold, and bump is turned into a picture of the traveler’s nude body. It is, essentially, the high-tech version of an invasive pat-down.”
After a federal judge found in 2011 that only federal courts of appeals can hear challenges to TSA orders, Corbett’s case is now pending before the 11th Circuit.
In the course of discovery, the TSA gave Corbett classified documents, which he incorporated into the brief that he filed under seal.
A clerk at the 11th Circuit somehow neglected to place the document under seal, however, allowing the public to see the redacted information.
This mistake revealed the TSA’s apparent admission that terrorists are unlikely to target airports in a subsequent attack.
“As of mid-2011, terrorist threat groups present in the Homeland are not known to be actively plotting against civil aviation targets or airports; instead, their focus is on fundraising, recruiting, and propagandizing,” the TSA said.
In addition, the brief states that “the government concedes that it would be difficult to have a repeat of 9/11 due to hardened cockpit doors and the willingness of passengers to challenge hijackers rather than assume a hijacking merely means a diversion to Cuba. The government also credits updated pre-flight security for that difficulty assessment, but the assessment was written before the en masse deployment of body scanners and before the update to the pat-down procedure. Further, the government admits that there have been no attempted domestic hijackings of any kind in the 12 years since 9/11.”
The nude body scanners are not very good at detecting explosives, and almost everything caught by the machine, such as guns, could be found using a traditional metal detector, Corbett says.
The only thing the scanners allegedly excel at over a metal detector is finding illegal drugs, which do not threaten the safety of passengers.
Because less intrusive, but equally effective, search methods exist, the TSA’s use of nude scanners and full pat-downs is unnecessary and unconstitutional, according to the brief Corbett filed pro se.
“The limited support that the TSA has for the nude body scanners and pat-down procedures in Congress, in the eyes of the public, and in the courts so far is a direct result of the TSA’s insistence that these devices are necessary to mitigate the threat of non-metallic explosives,” it states. “When given the choice between sacrificing some of their privacy or risk being blown up, many people – especially politicians who would not want to have the finger pointed at them for being ‘responsible’ for allowing the next terrorist attack to happen – choose the former.
“However, this is a false choice, and the TSA has deliberately misled the public, Congress, and the courts into concluding that no less invasive alternatives can ‘do the job.’ At least three other technologies are available to the TSA for the purpose of screening travelers for explosives, and a review of the administrative record shows that the TSA’s decision to use nude body scanners and pat-downs over these other technologies was arbitrary and capricious.”
Cases of misconduct among airport screeners employed by the Transportation Security Administration (TSA) increased by 26 per cent between 2010 and 2012, according to a new report. It comes as the agency expands its services beyond airport security gates.
The report, which was released last week by the US Government Accountability Office (GAO), found 9,622 cases of misconduct among TSA workers from 2010 through the 2012 fiscal year. It concluded that the agency had insufficient procedures for reviewing and recording the outcomes of misconduct cases.
At the same time, fresh attention has been cast on TSA’s expanding its roles into train terminals and even sporting events in the form of Visible Intermodal Prevention and Response squads, or VIPR teams, which have been assigned to counterterrorism security checks at transportation hubs in the US since 2005.
According to a profile published this week by The New York Times, TSA’s VIPR program now boasts a $100 million annual budget and is growing quickly. The scheme has grown since 2008, consisting of 37 teams in 2012.
Meanwhile, the agency’s records show that it has provided security for over 8,800 “unannounced checkpoints” and other search operations in conjunction with local law enforcement outside of airports. Such events have included the Indianapolis 500 race and both the Democratic and Republican national conventions.
VIPR teams usually comprise of federal air marshals, explosives experts, and baggage inspectors. The squads move through crowds at events and transportation hubs with bomb-sniffing dogs and perform random stops on individuals. Plainclothes members of VIPR teams monitor crowds for suspicious behavior.
“Our mandate is to provide security and counterterrorism operations for all high-risk transportation targets, not just airports and aviation,” TSA administrator John S. Pistole said. “The VIPR teams are a big part of that.”
However, members of Congress and officials at the Department of Homeland Security question whether the teams are properly trained while civil liberties groups wonder what the VIPR teams have to do with TSA’s original mandate to provide security at the nation’s airports.
“The problem with TSA stopping and searching people in public places outside the airport is that there are no real legal standards, or probable cause,” said Khaliah Barnes, administrative law counsel at the Electronic Privacy Information Center.
“It’s something that is easily abused because the reason that they are conducting the stops is shrouded in secrecy.”
Representative Bennie Thompson, a ranking member on the House Homeland Security Committee with oversight of TSA, supports the VIPR teams but remains concerned about warrantless searches and the process of detecting suspicious behavior.
“This is a gray area,” he said. “I haven’t seen any good science that says that is what a terrorist looks like. Profiling can easily be abused,” Thompson told The New York Times.
As for the rising number of offenses among TSA workers, the majority of those listed in the report include attendance and leave violations and excessive absences or tardiness. Only a small fraction represented instances of theft.
Specific violations of screening and security rules were outlined in 20 per cent of the cases profiled in the report. One of those offenses included sleeping while on duty.
Although the GAO report does not indicate high occurrences of issues such as theft, there have still been some high profile cases among the 56,000-strong staff which is spread out among 450 airports across the US.
For example, a TSA officer at Orlando International Airport pleaded guilty to embezzlement and theft after stealing 80 laptop computers and electronics from passenger luggage in 2011. The items were worth $80,000.
Another TSA employee was arrested after allegedly stealing some $50,000 worth of electronics at Fort Lauderdale-Hollywood International Airport the same year, although the GAO does not cite that incident.
It remains to be seen whether the occurrences of misconduct listed in the report will carry over into TSA’s growing role. For the most part, the presence of VIPR teams seems to mostly confuse and irritate the public.
A joint operation in 2012 involving VIPR, Houston police, and local transit officers led to complaints of stops and searches of bags. The deployment yielded a few arrests, mostly for passengers with existing warrants for prostitution and minor drug possession, according to The Times.
“It was an incredible waste of taxpayers’ money,” said Robert Fickman, a local defense lawyer who attended a subsequent meeting in the city packed with angry residents. “Did we need to have TSA in here for a couple of minor busts?”
The TSA has issued a “Market Research Announcement” in which the agency expresses a desire to expand its Pre-Check whitelist program by allowing private companies to carry out risk analysis of Americans that would determine whether they are “trusted” enough to participate in the trusted traveler program. This would be a major step toward turning the agency’s Pre-Check whitelist into the insidious kind of passenger profiling system that was proposed under the Bush Administration in the wake of 9/11, and a confirmation of our longstanding warnings that the logic of the risk-assessment approach to security will drive the government toward the use of more and more data on individuals. It would be the most significant of the new initiatives the TSA is looking at this year.
Currently, under Pre-Check, travelers who have attained a certain level within the frequent flier programs of six airlines can apply for the program by providing the government with certain information and, if they are accepted, receive access to expedited security lines. Department of Defense personnel and those with certain security clearances may now also join—and future expansions are inevitable. Although it is currently limited in scope, we have been warning that this kind of program points us down the road of engaging in background checks and discriminatory profiling of passengers. The concept raises knotty questions about fairness; we don’t know who is approved for this program and who is rejected, and based on what data, or what criteria for evaluating that data.
Defenders of Pre-Check point out that it is voluntary. However, as the agency explicitly states in this new document, “TSA desires to maximize appropriate participation in expedited screening initiatives.” In short, it hopes to lighten the screening load as much as possible by enrolling as many people as it can in Pre-Check. That means that ultimately, we face the prospect of a two-class airline security system, or even a system in which simply everyone has a Pre-Check ID, and the hapless group who can’t get one become a security underclass. Then the Pre-Check is adopted for all kinds of other purposes by piggybacking organizations, and like a “voluntary” credit card, it becomes impossible to fully participate in American life without one, and those who are shut out—and they won’t know why—face all kinds of obstacles and disadvantages.
As I discussed in this post, the Bush program, called CAPPS II, would have tapped into commercial data sources to perform background checks on every air passenger, and crunched that data to produce a profile of each traveler’s “risk to aviation.” The initial vision seemed to be to measure individuals’ “rootedness in their community,” measuring such things as how long a person has lived at their current address, held their current job, held a credit rating, etc. Among the numerous problems with this concept, it would have been enormously discriminatory in its impact (African-Americans, for example, tend to move more often than whites), and would have been grossly ineffective in spotting terrorists. (As Bruce Schneier has long pointed out, the danger is that to the extent you exempt some groups from security measures, you open up a pathway for terrorists to join or recruit their way into the program.)
We and others fought this terrible idea, and over several years of battles in Congress and the media, it was renamed “Secure Flight” and basically reduced to watch list checks. A victory of sorts—although the watch list system underpinning Secure Flight continues to be a mess.
Now it is clear that our concerns about Pre-Check sliding back towards some kind of CAPPS II-like profiling system have been warranted. In particular, the agency appears never to have lost its fixation with partnering with private-sector data aggregators to evaluate American citizens. The TSA writes:
TSA is particularly interested in techniques that … use non-governmental data elements to generate an assessment of the risk to the aviation transportation system that may be posed by a specific individual, and to communicate the identity of persons who have successfully passed this risk based assessment to TSA’s Secure Flight.
As I understand it, the concept here is that a company such as a data broker would sift through the enormous volumes of data they store on Americans and come up with a proposed algorithm for judging “the risk to the aviation transportation system” of any given individual. TSA would examine that algorithm, and upon the agency’s approval, the company would be authorized to sell Pre-Check memberships using that algorithm applied to its own data.
For now, the TSA says it “is seeking white papers that successfully demonstrate sound, well-reasoned concepts … to identify ‘known travelers’ pre-screened to a high degree of confidence.” The agency says it wants to allow “entities latitude to do what makes the most sense for them”:
TSA will specify a few common core requirements for process and algorithm content, while encouraging innovation by allowing participating entities to include additional elements in their algorithms as they see fit (as long as they are legal). These hybrid algorithms would have to meet certain performance criteria, described below.
Those criteria include:
- An enrollment process that is convenient and user friendly
- A proposal that “presents an effective process for gathering required personal information from potentially large numbers of prospective enrollees”
- Handling travelers’ personal information with various security and privacy safeguards
- “Has identified and obtained access to specific sources of current, accurate, and complete non-Governmental data that can be used to support effective screening of prospective travelers”
- An algorithm “that produces dependable results”
The agency outlines a three-phase process for turning these white papers into functioning part of our security system. Phase 1 (30 days) is selection of promising submissions, phase 2 (45-60 days) is prototype implementation, and phase 3 (4-6 months) will be live prototyping on actual passengers at an actual airport.
Aside from the fundamental effectiveness questions of this concept, there are a number of major problems with it from a civil-liberties point of view:
- Unfair effects. It is likely to have an unfair impact on the American public. As I mentioned above it could easily be discriminatory in its application, or otherwise unfair depending on the data sources used. For example, see this story about a man having problems with his credit score precisely because he had always been careful not to go into debt. The data aggregators are subject to no rules regarding data quality, and their databases are rife with errors, as are the credit ratings agencies’ (despite their being subject to some regulations).
- Secrecy. We probably won’t even know about such unfair effects because the system will be wrapped in secrecy. The TSA’s document specifies that “The specific sources and types of information employed for pre-screening purposes under this initiative may not be publicly disclosed.” It also contains a long section specifying that any private partners of the TSA will be subject to the agency’s Sensitive Security Information (SSI) rules.
- Private-sector delegation. Delegating security assessments to a private company raises significant issues. We have always believed that it’s a foolish idea to start building an algorithm-based system for “rating” Americans on their security “trustworthiness,” which is then used to curb people’s rights (such as the right to travel). If we must have such ratings performed, that would at least be an inherent law enforcement function. We shouldn’t have private, profit-oriented companies making those designations, any more than such companies should be deciding who to prosecute. Having private companies make the ratings, and the government acting upon them, may be pretty close to the worst of all worlds. In addition, much of the corporate world operates on relationships and favors—not to mention money; it’s not clear how the TSA would regulate these companies to ensure they won’t engage in corruption or abuse or systematic bias when deciding who can get a Pre-Check pass. Especially given that the TSA won’t routinely have access to the underlying data.
- Access to data. However, the agency does state that while it won’t “generally” access the personal information about an individual used by a company, it may do so during audits. Also, the “results of the pre-screening process” will be shared with the TSA “upon request”; it’s not clear to me what the agency means by “results” here.
Ultimately, the core problem with Pre-Check remains: it is (as I said here) caught between two possibilities: collecting so little information that it’s useless as a security measure, or so much that it is scarily intrusive. The TSA wants to take a long stride toward the latter. True, by outsourcing the data-crunching function to a private company, the agency won’t be collecting the information itself. That certainly ameliorates some of the privacy problems with the concept—but if anything worsens the other concerns, such as fairness, accuracy, due process, and the role of for-profit companies in providing what are essential government functions. Thwarted in its efforts to tap private databases a decade ago, the agency seems to be edging back toward that concept via a classic Surveillance-Industrial Complex strategy.
Rahinah Ibrahim, a citizen of Malaysia who earned a Ph.D. in construction engineering and management at Stanford University, sued the U.S. government after she was prevented from flying out of San Francisco International Airport in January 2005. Transportation Security Administration (TSA) authorities informed Ibrahim that her name was on the special list that denies those suspected of terrorist ties from flying on commercial airliners.
She was arrested, handcuffed, and placed in a holding cell for two hours, but eventually told she could go. She was also told that her name was removed from the no-fly list.
The next day, however, Ibrahim learned her name had not been removed from the list. Nevertheless, TSA officials allowed her to board her flight for Malaysia. Her visa was revoked and she was denied reentry into the U.S.
Her lawsuit has slowly made its way through the federal courts. The government has tried more than once to have the litigation thrown out, claiming Ibrahim lacked the legal standing to pursue her case.
Earlier this year, the Ninth Circuit Court of Appeals said Ibrahim had the right to continue her legal fight. Still, government attorneys tried again to derail the case, this time by submitting confidential records for the judge to review, but not for Ibrahim’s legal defense to see.
Judge William Alsup objected to the government’s tactic. He wrote: “Here the government seeks to affirmatively use allegedly privileged information to dispose of the case entirely without ever revealing to the other side what its secret evidence might be.”
“In sum, only in the rarest of circumstances should a district judge, in his or her discretion, receive an ex parte argument and evidence in secret from only one side aimed at winning or ending a case over the objection of the other side,” Alsup added. “Here, the government has not justified its sweeping proposal. It has gone so far as even to redact from its table of authorities some of the reported case law on which it relies! This is too hard to swallow.”
Ibrahim is currently dean of the Faculty of Design and Architecture at Universiti Putra Malaysia.
To Learn More:
Feds Blasted for Trying Dismiss Case in Secret ( by Chris Marshall, Courthouse News Service )