Focusing public attention on emerging privacy and civil liberties issues

Air Travel Privacy

The right to travel is a part of the "liberty" of which the citizen cannot be deprived without due process of law under the Fifth Amendment ... Freedom of movement across frontiers in either direction, and inside frontiers as well, was a part of our heritage. Travel abroad, like travel within the country, may be necessary for a livelihood. It may be as close to the heart of the individual as the choice of what he eats, or wears, or reads. Freedom of movement is basic in our scheme of values. "Our nation," wrote Chafee, "has thrived on the principle that, outside areas of plainly harmful conduct, every American is left to shape his own life as he thinks best, do what he pleases, go where he pleases."

-- Justice William O. Douglas, Kent v. Dulles (1958)

Post-September 11, several measures have been considered to improve aviation security. Some of these proposals, such as improved training for airport screeners, checking all bags for bombs, strengthening cockpit doors, and placing air marshals on flights, do not implicate privacy interests and are sound security measures. Others, however, present privacy and security risks to air travelers. These proposals concern efforts to identify passengers and schemes to distinguish the "good guys" from the "bad." EPIC will make available on this page aviation security and privacy related documents it obtains from the government under the freedom of information law to promote and inform the public debate over these new schemes.

In earlier responses to security threats the FAA issued a secret regulation that allowed airlines to demand photo identification and instituted a new profiling program called CAPPS (Computer Assisted Passenger Pre-screening System) based on travel data airlines routinely collected. See Previous Files. New proposals advocate using biometric credentials for "trusted travelers" and using extensive data mining of credit history, criminal records, and travel patterns to profile all airline passengers. NASA has even suggested developing "non-invasive neuro-electric sensors" or brain scans at the security gate to see if people are having suspicious thoughts.

The stated goal of these new proposals is to rely on technology to reduce the "hassle factor" in airports and to reduce security threats. The core idea is to focus security resources on suspicious travelers, while ensuring that most people are not inconvenienced by heightened security. Terrorists, however, have been known to go to great lengths to look like most people. Former Transportation Security Agency chief John Magaw refused to endorse a "trusted traveler" card, fearing that it would be the first thing a terrorist will try to obtain. New profiling and identification programs will convert airport security into all-purpose police stops where criminals, deadbeat dads, and others seeking to avoid law enforcement for non-aviation security related reasons face the risk of being arrested.

The basic structure of passenger profiling is to use an algorithm to determine indicators of characteristics or behavior patterns that are related to the occurrence of certain behavior. The CAPPS-II initiative will expand the range of databases searched for suspicious activity so that each airline passenger will be subjected to an extensive profiling. John Pointdexter's office in the Defense Department is considering developing a similar Total Information Awareness system. Each structural element of the CAPPS-II profiling system, however, raises a host of complex questions:

Algorithm: What logic will be used? What is the basis for developing the algorithm? What are acceptable false positive and false negative rates?

Indicators: What indicators are relevant? Are these indicators available? Who will collect and store the relevant indicators?

Related: How are the indicators related to particular kinds of behavior? Is that relationship reliable?

Behavior: Who determines what behavior should be targeted? What types of specific behavior will the system try to catch?

In addition there are several technical issues such as how reliable is the data used to make profiling decisions? What kind of data should be collected and how long should the data be retained? Who will have access to the data and for what purposes?

The policy issues also need to be addressed: what will be the rights of individuals to control their personally identifiable information? What recourse will be available for someone wrongly identified or denied a service? Will profiling based on deep data-mining stand up to charges of equal protection and due process violations? The new proposals directly implicate long standing constitutional protections under the fourth and first amendments, including the right to travel, and must be clearly understood and properly considered by the public.

Latest News

  • Federal Budget Announced for Fiscal Year 2011, Surveillance Projects Scrutinized: The Office of Management and Budget has released the federal budget for fiscal year 2011. The budget proposes funding for several new surveillance initiatives, including over $700 million to the Department of Homeland Security for "Passenger Aviation Security". The Department would like to purchase 500 body scanner machines for U.S. airports, bringing the projected total number of machines to 1,000 at a cost of over $200 million by the end of 2011. The new budget also includes several hundred million dollars for the Department of Justice's national security programs, which were recently the subject of a critical Inspector-General's report for improper use of authority. For more information, see EPIC DHS and Privacy, EPIC Domestic Surveillance, EPIC Air Travel Privacy, and EPIC Whole Body Imaging. (Feb. 3, 2010)
  • EPIC Urges Increased Privacy for “Global Entry” Registered Traveler Program: On January 19, EPIC filed comments with the US Customs and Border Protection (CBP), urging the agency to “to revise its establishment of the Global Entry program and to reconsider the privacy and security implications of the program.” CBP proposed to make permanent the Global Entry program, under which pre-registered international travelers can bypass conventional security lines by scanning their passports and fingerprints at a kiosk, answering customs declaration questions, and then presenting a receipt to Customs officials. EPIC urged CBP to ensure that Global Entry complied with the Privacy Act and to conduct a separate Privacy Impact Assessment. Those measures are particularly pressing in light of recent problems, including data breaches and bankruptcy, experienced by “Clear,” a similar registered traveler program. In 2005, EPIC testified before Congress that the absence of Privacy Act safeguards for registered traveler programs would jeopardize air traveler privacy and security. For more information, see EPIC Global Entry, EPIC Air Travel Privacy, EPIC Biometric Identifiers, EPIC Automated Targeting System, and EPIC Whole Body Imaging. (Jan. 28, 2010)
  • Experts to Speak at National Press Club about Body Scanners: Leading privacy law scholars Anita Allen and Jeffrey Rosen, acclaimed author and surveillance authority James Bamford, world renowned security technologist Bruce Schneier, and EPIC President Marc Rotenberg will be at the National Press Club,  on Monday, January 25 at 8:30 a.m. for a panel discussion on "Body Scanners and Privacy." The event takes place as Congress is in the middle of hearings to determine whether to deploy full body imaging devices in US airports. (Jan. 24, 2010)
  • European Union Rejects US Demands on Body Scanners: EU President Alfredo Perez Rubalcaba announced today that European countries would not rush to install body scanners as the United States has urged. He said that there will first be studies to determine whether the devices "are effective, do not harm health, and do not violate privacy." The European countries have agreed that they will adopt a unified position on the body scanner proposal. European Minister Viviane Reding stated that "Europe's need for security cannot justify an invasion of privacy. Our citizens are not objects: they are human beings." Previous post-9/11 disputes between the US and the EU have involved the transfer of Passenger Name Records and financial information. The European position in the current dispute is strengthened by the recent adoption of the Lisbon Treaty and the entry into force of the Charter of Fundmental Rights. EPIC has scheduled a press conference at the National Press Club on January 25 on "Body Scanners and Privacy.” For more information, see EPIC: Whole Body Imaging Technology. (Jan. 21, 2010)
  • Congress Begins Hearings on the "Trouser Bomber" and Intelligence Reform: The Senate Judiciary Committee and the Senate Committee on Homeland Security opened hearings today on airline security and the intelligence failure on December 25. Questions about privacy and civil liberties were raised frequently by senators. Specifically, senators asked about the adequacy of privacy safeguards for the body scanners, database profiling, biometric identification, and the status of the President's Civil Liberties and Privacy Oversight Board. According to documents obtained by EPIC through a Freedom of Information Act request, the body scanners ordered by the TSA are designed to store and record images of American air travelers. EPIC has scheduled a press conference at the National Press Club on January 25 on "Body Scanners and Privacy.” (Jan. 20, 2010)
  • UPDATE - EPIC Sues Dept. of Homeland Security, Demands Additional Documents About Airport Body Scanners: EPIC has filed a second FOIA lawsuit, demanding the release of the full resolution images captured by airport "digital strip search" machines. EPIC's suit against the Department of Homeland Security also seeks records detailing air traveler complaints and security breaches that may have exposed data to unauthorized individuals. The TSA  has called for mandatory use of the body scanners in all US airports. A prior EPIC lawsuit forced the disclosure of documents that reveal that TSA officials can disable privacy filters and export raw image files. For more information, see EPIC Whole Body Imaging Technology and EPIC Open Government. (Jan. 13, 2010)
  • Top European Justice Official Opposes Body Scanners: In widely reported remarks, Viviane Reding, the Justice Minister for the 27-member European Union, has expressed opposition to the US proposal to deploy body scanners. Minister Reding told the European Parliament, "Our citizens are not objects. They are human beings." Ms. Reding also emphasized data protection and the Charter of Fundamental Rights, which establishes new rights for EU citizens, including a right to information privacy. Previous post-9/11 disputes between the US and the EU have involved the transfer of Passenger Name Records and financial information. For more information, see EPIC Passenger Profiling. (Jan. 12, 2010)
  • UPDATE - EPIC Posts TSA Documents on Body Scanners: EPIC has posted more than 250 pages of documents it obtained in  a Freedom of Information Act lawsuit concerning body scanners. The documents, released by the Department of Homeland Security, reveal that Whole Body Imaging machines can record, store, and transmit digital strip search images of Americans. This contradicts assurances made by the TSA. The documents include TSA Procurement Specifications, TSA Operational Requirements, TSA contract with L3, TSA contract with Rapiscan (1), and TSA contract with Rapiscan (2). The DHS has withheld other documents that EPIC is seeking. For more information, see EPIC: Whole Body Imaging Technology and EPIC: Open Government. (Jan. 11, 2010)
  • EPIC Obtains Documents about Body Scanners: As a result of a Freedom of Information Act lawsuit, EPIC has obtained the TSA technical specifications and the vendor contracts for Whole Body Imaging devices, commonly called "body scanners." The documents reveal that TSA mandated that the devices have hard disk storage, USB access, and ethernet connectivity. The documents obtained by EPIC also detail a "Level Z" authority for TSA that allows the security agency to disable privacy filters and to export raw image files. The documents will be posted later today. EPIC is pursuing other information from the agency, including policy guidance. For more information, see EPIC's Whole Body Imaging page. (Jan. 11, 2010)
  • President Obama Cites Intelligence Failure in Christmas Day Plot: Today President Obama discussed the airplane attack on Christmas Day. The President pledged to investigate and address intelligence failures that allowed an Al Qaeda operative to board a plane with an explosive device. President Obama stated "this was not a failure to collect intelligence, it was a failure to integrate and understand the intelligence we already had." The President said that steps would be taken to improve watch lists. The President also recommended "smarter screening" at the nation's airports, but did not endorse an expansion of whole body imaging devices. For more information, see EPIC: Whole Body Imaging Technology, EPIC's Spotlight on Surveillance, and FB Group: Stop Airport Strip Searches. (Jan. 5, 2010)
  • Attempted Bombing on U.S. Flight Prompts Renewed Debate Over Body Scanners: On December 25, 2009, Umar Farouk Abdul Mutallab, a Nigerian citizen, attempted to detonate explosives hidden in his underwear during a Christmas Day flight. Abdul Metallab was en route from Amsterdam, Netherlands to Detroit, Michigan when he attempted to detonate the device, which resulted in a fire on board the aircraft. In the days following the attack, some advocated for wider implementation of whole body imaging machines. Privacy organizations and others have continued to object to these devices, citing the invasive nature of the scans, the ineffectiveness of the machines and the lack of government transparency concerning privacy safeguards. For more information see EPIC: Whole Body Imaging Technology. (Dec. 26, 2009)
  • EPIC Files Lawsuit for Information about "Digital Strip Search" Devices: On December 17, 2009, EPIC filed a lawsuit against the Department of Justice concerning the use of devices that capture images of individuals stripped naked. The Transportation Security Administration has confirmed the Whole Body Imaging machines are being used in at least one Virginia federal court by the US Marshall Service. EPIC submitted a FOIA request for information about these devices including the contracts with the manufacturer of the machines, and information about technical specifications and training materials. The Marshall Service failed to respond adequately to the request. EPIC filed suit, said that the agency had not performed a sufficient search and should disclose the documents requested. For more information, see EPIC's Open Government Page and Whole Body Imaging Page. (Dec. 18, 2009)
  • DHS Announces "Global Entry" Biometric Identification System for U.S. Airports: Today, the Department of Homeland Security proposed to make permanent Global Entry, a program the agency says will “streamline the international arrivals and admission process at airports for trusted travelers through biometric identification.” Under the proposed system, pre-registered international travelers can bypass conventional security lines by scanning their passports and fingerprints at a kiosk, answering customs declaration questions, and then presenting a receipt to Customs officials. The DHS announcement follows the recent news that Clear, a Registered Traveler program, had entered bankruptcy, raising questions about the possible sale of the biometric database that was created. In 2005, EPIC testified before Congress that the absence of Privacy Act safeguards for Registered Traveler programs would jeopardize air traveler privacy and security. The agency is taking comments on the proposal. For more information, see EPIC Air Travel Privacy, EPIC Biometric Identifiers, EPIC Automated Targeting System, and EPIC Whole Body Imaging. (Nov. 19, 2009)
  • EPIC Sues Homeland Security for Information About Digital Strip Search Devices: EPIC filed a Freedom of Information Act lawsuit challenging the Department of Homeland Security's failure to make public details about the agency's Whole Body Imaging program. The devices capture detailed naked images of air travelers in the United States. After the agency announced that the body scanners would become the primary screening device in US airports, EPIC demanded that the agency disclose records that describe the scanners' capacity to save and transmit images. In June, EPIC sent a letter to the Secretary of Homeland Security Janet Napolitano urging her to suspend the digital strip searches. For more, see EPIC Backscatter X-ray, Whole Body Imaging and EPIC Air Travel Privacy. (Nov. 9, 2009)
  • House Committee Examines Future of Registered Traveler Program: A Congressional committee will hold a hearing today on the the Registered Traveler Program.  The program, which operated under the brand name "Clear," shut down and the company that operated it has declared bankruptcy, leaving open the question of what will happen to the biometric identifiers, including fingerprints and iris scans, that were obtained from customers.  The New York Times reports that the company's assets have been purchased and the program may restart within the year.  EPIC testified before Congress in 2005 that the absence of Privacy Act safeguards would jeopardize air traveler privacy and security.  See also EPIC Air Travel Privacy, EPIC Secure Flight, and EPIC Spotlight on Surveillance - Registered Traveler Card. (Sep. 30, 2009)
  • Homeland Security Privacy Office Okays Suspicionless Seizure of Personal Information Stored on Digital Devices of US Citizens: The Department of Homeland Security released a Privacy Impact Assessment for searching electronic devices possessed by travelers, including US citizens, at US borders. The agency determined that laptops and cell phones are equivalent to briefcases and backpacks and granted itself broad authority to seize these devices from travelers and to copy stored data whether or not wrongdoing is suspected. The DHS policy fails to comply with the intent of the federal Privacy Act and leaves US citizens returning to the United States subject to surveillance by government and an enhanced risk of identity theft. See EPIC Traveler Privacy. (Aug. 28, 2009)
  • House Committee Opens Investigation into Clear Data: Leaders of the House Homeland Security Committee sent a letter to the Transportation Security Administration regarding the bankruptcy of Verified Identity Pass, the parent company for the Clear registered traveler (RT) program. Clear was the largest RT program in the nation operating out of 20 airports with about 165,000 members.  The TSA established RT security, privacy and compliance standards for the Clear program and bolstered the company's credentials with the traveling public. The Clear RT application process collected a great deal of personal information from members, such as proof of legal name, data of birth, citizenship status, home address, place of birth, and gender. The information was used to pre-screen travelers for express service through airport security checkpoints.   The committee is investigating among other things: when the TSA became aware of the bankruptcy; whether they have asked the company for its plan regarding its RT data; if the agency is seeking a privacy impact assessment on the bankruptcy; and whether the agency has a contingency plan for safeguarding the data now that the company has gone out of business. See EPIC Air Travel Privacy and EPIC Secure Flight (Jun. 29, 2009)
  • TSA Responds to Whole Body Imaging Objections: The Transportation Security Administration has replied to the Privacy Coalition statement on whole body imaging systems. The agency claims that the Privacy Impact Assessment (PIA) provides adequate protection. The Privacy Coalition letter pointed out that "the devices are designed to capture, record, and store detailed images of individuals undressed" and said that "If the public understood this, they would be outraged by the use of these devices by the US government on US citizens." The Privacy Coalition said that the use of the devices should be suspended pending an investigation. The letter was prompted by the TSA's announcement that Whole Body Imaging would replace metal detectors as the primary screening technique at US airports. The House of Representatives recently passed legislation that would establish clear privacy safeguards for the devices. See also EPIC's page on Whole Body Imaging. (Jun. 23, 2009)
  • Airport Security Program Closes Operations - What Happens to the Data?: Verified Identity Pass, a company that provided the Registered Traveler program, under the brand name "Clear" shut down operation on June 22, 2009 citing inability to "negotiate an agreement with its senior creditor." The Clear program provided travelers who had undergone an extensive background check to go through special security lines at airports. The screening process required extensive data collection, including biometric identifiers, from passengers. The closure raises concern about the transfer of the customer data, which may be attached by creditors in a bankruptcy proceeding. Clear's Privacy Policy is silent on the issue. At a 2005 Congressional hearing, EPIC warned that the absence of Privacy Act safeguards would post a security risk to Clear customers. See also EPIC's page on Registered Traveler Card. (Jun. 23, 2009)
  • Congress Approves Bill Limiting TSA's Use of Whole-Body Imaging: Today, the House approved a bill that will limit the use of Whole-Body Imaging machines, installed by the Transportation Security Administration, in US airports. The devices photograph American air travelers stripped naked and could easily be programmed to record images. Congressman Jason Chaffetz (R-UT) sponsored the bill that will prohibit the use of the devices as the sole or primary method of screening aircraft passengers; require that passengers be provided information on the operation of such technology and offered a pat-down search in lieu of such screening; and prohibit the storage of an image of a passenger after a boarding determination is made. EPIC launched a campaign and a Facebook Group seeking to raise public awareness about Whole Body Imaging. See EPIC's Backscatter X-ray, Whole Body Imaging, and Air Travel Privacy pages. (Jun. 4, 2009)
  • EPIC Urges Homeland Security to Stop Digital Strip-Searches: EPIC sent a letter to the Secretary of Homeland Security, Janet Napolitano, urging the suspension of the Whole Body Imaging program. The devices would capture detailed naked images of all passengers at US airports. EPIC and thirty organizations asked Napolitano to begin a formal rulemaking and investigate less invasive means of screening. EPIC has also launched a campaign and established a Facebook Group to stop the program. See EPIC's Backscatter X-ray, Whole Body Imaging, and Air Travel Privacy pages. (Jun. 2, 2009)
  • Despite Privacy Objections, Enhanced Identity Documents Required for Travel: The Western Hemisphere Travel Initiative went into effect today despite substantial privacy and security risks. The federal government now requires US citizens to present identity documents when entering the US. These documents incorporate RFID technology that jeopardizes the privacy and security of US travelers. EPIC has previously urged the State Department to abandon the proposal. Senator Leahy has also criticized the program. See also EPIC's Spotlight on Surveillance. (Jun. 1, 2009)
  • Congressman Seeks Ban on Whole-Body Imaging at Airports: Congressman Jason Chaffetz has introduced legislation seeking a ban on Whole-Body Imaging machines installed by the Transportation Security Administration in various airports across America. Describing the method as unnecessary to securing an airplane, Congressman Chaffetz stated that the new law was to "balance the dual virtues of safety and privacy." The TSA recently announced plans to make the scanners, which capture a detailed picture of travelers stripped naked, the default screening device at all airport security checkpoints. For more information, see EPIC's Whole Body Imaging page. (Apr. 24, 2009)
  • EPIC Testifies Before the Homeland Security Committee
    EPIC Associate Director Lillie Coney testified (pdf) at a Congressional hearing on "Ensuring America's Security: Cleaning Up the Nation's Watchlists". Ms. Coney said that there are several problems with the watchlist program: it is not subject to the Privacy Act, the watchlists are full of errors, the secure flight program may become a textbook case of "security theater," and the traveler redress program is not designed to do what it claims. For more information, see EPIC Spotlight on Surveillance: Secure Flight, EPIC Spotlight on Surveillance: Travel Redress Program, and EPIC Air Travel Privacy Page. (Sept. 9)
  • Temporary Agreement Reached on Transfer of Passenger Data
     The United States and the European Union have established a temporary arrangement for the transfer of personal information on European travelers that will expire in July of 2007. An earlier agreement was annulled by the European Court of Justice. The new agreement gives the Europeans greater control over the disclosure of passenger data to the United States. However, it leaves unresolved whether the United States has adequate privacy protections to safeguard the private information of European consumers. For more information, see the EPIC pages on Air Travel Privacy and EU-US Airline Passenger Data Disclosure. (Oct. 6)
  • US, Europeans Fail to Reach Accord on Passenger Data
     The European Union and the United States are in a "legal vacuum" three months after the European Court of Justice struck down the passenger name record deal that allowed the transfer of personal information on European travelers to the U.S. government. European airlines face lawsuits by European citizens for violating European privacy laws if the information is disclosed to the U.S. without a new agreement. European consumer organizations have called for strong safeguards for personal data. Officials say negotiations will continue. More information at EPIC pages on Air Travel Privacy and EU-US Airline Passenger Data Disclosure. (Oct. 3).
  • European and US Consumer Groups Urge Privacy Safeguards for Air Travel Information. The Trans Atlantic Consumer Dialogue has written to Homeland Security Secretary Michael Chertoff and European Commissioner Franco Frattini recommending the establishment of legal protections for passenger information collected by the US government. The letter follows an earlier statement from TACD that identified numerous risks to consumers that would result from the disclosure of detailed personal information. The TACD letter responds to Secretary Chertoff's recent call for increased government snooping. EPIC has filed a Freedom of Information Act request with the Department of Homeland Security regarding the program and whether adequate privacy safeguards have been established. The European Court of Justice earlier held that there was no legal basis for the Homeland Security program. For more information, see EPIC's air travel privacy page. (Sept. 13)
  • Senate Subcommittee Holds hearings on Airline Passenger Screening. On September 7, the Senate Subcommittee on Terrorism, Technology, and Homeland Security will hold a hearing on pre-screening international travelers who are flying into the United States. A Homeland Security program that acquired European passenger name records for pre-screening was opposed for its privacy violations by the European Parliament, and struck down by the European Court of Justice earlier this year. Homeland Security Secretary Chertoff has announced plans not only to revive the program, but also to expand certain aspects of it. For more information, see EPIC's Passenger Data page. (Sept. 5)
  • DHS Seeks Expanded Access to Travelers' Data. The Department of Homeland Security recently proposed expanding a program that would transfer detailed airline passenger recordsbetween European airlines and the US government. In 2003, the Department secretly entered into an agreement with European governments to obtain personal information on European travelers to the United States. The European Parliament challenged the agreement and the European Court of Justice recently ruled that the agreement lacked a legal basis. Negotiators have until September 30 to come up with a program that complies with European privacy law. (Aug. 22)
  • Registered Traveler Hits Turbulence. The Transportation Security Administration says security concerns have delayed the controversial air passenger prescreening program Registered Traveler, which was to be rolled out beginning Tuesday. EPIC has testified previously (pdf) and submitted comments (pdf) about the flawed program, warning that problems with watch list errors have not been resolved, that there are no legal safeguards to prevent misuse, and that "mission creep" is almost certain. For more information, see EPIC's Spotlight on Surveillance and Passenger Profiling pages. (Jun. 22)
  • European Court Rejects Data Transfer to US. The European Court of Justice has just ruled that the 2004 airline passenger data transfer agreement (pdf) between the U.S. Department of Homeland Security and the European Union is to be voided after September 30, 2006. The Court held that the agreement was illegal because it exceeded the scope of the EU 1995 Directive on data protection, which excludes operations concerning public security, defense, state criminal law and state security. Since the framework for data transfer was dictated by public authorities, and amounted to processing operations concerning public security, the Court held that the Commission lacked legal competence under the Directive to address public and state security issues. Privacy International describes the holding as a "pyrrhic victory" because the Court ruled on the basis of legal authority, and did not address the privacy implications of the transfer of the personal data to the U.S. The European Data Protection Supervisor is concerned that the ruling has created a loophole because it is uncertain that the Directive protects data collected for commercial reasons but used for police matters. (May 30)
  • EPIC Urges Privacy Safeguards for Traveler Database. In comments (pdf) to Customs and Border Protection, EPIC opposed the agency's plan to exempt a vast database from legal requirements that protect privacy and promote government accountability. The Global Enrollment System would include employment history and biometric data. Among many possible activities, the agency will use this system to determine which travelers are "low-risk" and eligible for the "Trusted Traveler" program. EPIC warned that the absence of effective redress procedures would leave many travelers improperly designated as "high-risk." For more information, see EPIC's Passenger Profiling page. (May 22)
  • EPIC Joins Campaign Against Biometric Identification. Civil liberties organizations have sent a letter to the International Civil Aviation Organization (ICAO) regarding their plans to include biometric identifiers such as fingerprints and facial scans on all newly issued electronic passports. The letter, organized by Privacy International, warns this will lead to the first truly global database of biometric information. For more information, read the letter from the Campaign, see EPIC's biometrics page, and read a story by the BBC. (Mar. 30)
  • EPIC Suit Uncovers Watchlist Errors. EPIC has uncovered agency documents through the Freedom of Information Act that raise important questions about how the Transportation Security Administration currently operates the "No-Fly" watchlist. The concerns surrounding the agency's administration of the list previews several potential problems with the proposed roll out of CAPPS-II, the Enhanced Computer Assisted Passenger Pre-screening System. For more information, see EPIC's analysis of the FOIA documents. (Apr. 1)
  • Senators Want Answers on Air Profiling. The Senate Commerce Committee has unanimously agreed to an amendment (pdf) by Sen. Ron Wyden (D-OR) that would require the Transportation Security Administration to report to Congress on the privacy and civil liberties implications of the controversial CAPPS-II air passenger profiling system. See EPIC's Passenger Profiling page for more information. (Mar. 13)
  • EPIC Comments on Air Travel Database. EPIC submitted comments on a Transportation Security Administration (TSA) proposal [PDF] to create a new database of Aviation Security Screening Records on all airline passengers. EPIC argued that the proposed system did not provide sufficient information for the public to contribute meaningfully to this rule-making procedure, and that the proposed system would infringe on the Constitutional right of association and travel. See TSA Docket for more information and public comments. (Feb. 24)
  • EPIC Criticizes Gov't Rule on Citizen Travel. EPIC has filed comments [PDF] on the Immigration and Naturalization Service (INS)'s proposed rule to collect passenger manifest information on all international travelers, including American citizens and legal permanent residents. The comments argue that the proposed rule is legally deficient because the INS has not complied with the Privacy Act in creating this new "system of records." EPIC has asked the INS to reissue its notice and meet the requirements of the Privacy Act. The comments also note that, by collecting and sharing travel data about citizens, the INS is placing a burden on the right to travel and the rights of anonymous association. (Feb. 4, 2003)
  • EPIC Files Suit for "No-Fly List" Information. Seeking information about aviation security watchlists, EPIC has filed a lawsuit [PDF] against the Transportation Security Administration (TSA) in federal court in Washington. The legislation creating TSA authorizes the agency to maintain such lists, which reportedly have been used to interfere with the travel of political activists. (Dec. 12, 2002)

Resources

Identification Schemes

Profiling

Documents Obtained under the Freedom of Information Act (FOIA)

Other Documents

  • Final Report of the White House Commission.
  • Initial Report of the White House Commission (September 9, 1996).
  • Executive Order 13015 creating the White House Commission on Aviation Safety and Security (August 22, 1996) (PDF version)

  • 1994 statute authorizing FAA research into security matters (including "behavioral research") and exempting information relating to such research from disclosure under the FOIA.

Analysis

Previous Files

  • FAA Proposes Profiling Regulations. The Federal Aviation Administration published proposed regulations on April 19, 1999, governing "Security of Checked Baggage on Flights Within the United States." The draft rules detail the use of computer profiling techniques to identify suspicious passengers. Public comments can be filed until June 18, 1999.
  • Airline Passenger Profiling Goes Into Effect. The Computer Assisted Passenger Screening System is scheduled to be phased in nationwide beginning on January 1. Under the system, passengers who "fit the profile" will be selected for heightened security measures, which can include a thorough search of their luggage, intrusive personal questioning, tagging of luggage with orange tape, and a physical escort from the check-in counter to the airport gate by security personnel. The ACLU is providing an online complaint form for passengers targeted by the profiling system.
  • Microsoft Chief Architect Charles Simonyi tells what happens when you "fit the profile" (from Slate ).
  • Proposed FAA rule for collecting personal information including name, address, Social Security Number, Date of birth and next of kin for every domestic passenger.
  • General Account Office report, Aviation Safety and Security: Challenges to Implementing the Recommendations of the White House Commission on Aviation Safety and Security (Testimony, 03/05/97, GAO/T-RCED-97-90).
  • The Gore Commission has released its final report recommending passenger profiling. A coalition of 17 groups has sent a letter to Gore opposing ID checks, profiling, new x-ray technologies and excessive secrecy by the FAA in making decisions.