Air Travel Privacy

The right to travel is a part of the "liberty" of which the citizen cannot be deprived without due process of law under the Fifth Amendment ... Freedom of movement across frontiers in either direction, and inside frontiers as well, was a part of our heritage. Travel abroad, like travel within the country, may be necessary for a livelihood. It may be as close to the heart of the individual as the choice of what he eats, or wears, or reads. Freedom of movement is basic in our scheme of values. "Our nation," wrote Chafee, "has thrived on the principle that, outside areas of plainly harmful conduct, every American is left to shape his own life as he thinks best, do what he pleases, go where he pleases."

-- Justice William O. Douglas, Kent v. Dulles (1958)

Post-September 11, several measures have been considered to improve aviation security. Some of these proposals, such as improved training for airport screeners, checking all bags for bombs, strengthening cockpit doors, and placing air marshals on flights, do not implicate privacy interests and are sound security measures. Others, however, present privacy and security risks to air travelers. These proposals concern efforts to identify passengers and schemes to distinguish the "good guys" from the "bad." EPIC will make available on this page aviation security and privacy related documents it obtains from the government under the freedom of information law to promote and inform the public debate over these new schemes.

In earlier responses to security threats the FAA issued a secret regulation that allowed airlines to demand photo identification and instituted a new profiling program called CAPPS (Computer Assisted Passenger Pre-screening System) based on travel data airlines routinely collected. See Previous Files. New proposals advocate using biometric credentials for "trusted travelers" and using extensive data mining of credit history, criminal records, and travel patterns to profile all airline passengers. NASA has even suggested developing "non-invasive neuro-electric sensors" or brain scans at the security gate to see if people are having suspicious thoughts.

The stated goal of these new proposals is to rely on technology to reduce the "hassle factor" in airports and to reduce security threats. The core idea is to focus security resources on suspicious travelers, while ensuring that most people are not inconvenienced by heightened security. Terrorists, however, have been known to go to great lengths to look like most people. Former Transportation Security Agency chief John Magaw refused to endorse a "trusted traveler" card, fearing that it would be the first thing a terrorist will try to obtain. New profiling and identification programs will convert airport security into all-purpose police stops where criminals, deadbeat dads, and others seeking to avoid law enforcement for non-aviation security related reasons face the risk of being arrested.

The basic structure of passenger profiling is to use an algorithm to determine indicators of characteristics or behavior patterns that are related to the occurrence of certain behavior. The CAPPS-II initiative will expand the range of databases searched for suspicious activity so that each airline passenger will be subjected to an extensive profiling. John Pointdexter's office in the Defense Department is considering developing a similar Total Information Awareness system. Each structural element of the CAPPS-II profiling system, however, raises a host of complex questions:

Algorithm: What logic will be used? What is the basis for developing the algorithm? What are acceptable false positive and false negative rates?

Indicators: What indicators are relevant? Are these indicators available? Who will collect and store the relevant indicators?

Related: How are the indicators related to particular kinds of behavior? Is that relationship reliable?

Behavior: Who determines what behavior should be targeted? What types of specific behavior will the system try to catch?

In addition there are several technical issues such as how reliable is the data used to make profiling decisions? What kind of data should be collected and how long should the data be retained? Who will have access to the data and for what purposes?

The policy issues also need to be addressed: what will be the rights of individuals to control their personally identifiable information? What recourse will be available for someone wrongly identified or denied a service? Will profiling based on deep data-mining stand up to charges of equal protection and due process violations? The new proposals directly implicate long standing constitutional protections under the fourth and first amendments, including the right to travel, and must be clearly understood and properly considered by the public.

Latest News/Events

  • EPIC FOIA: EPIC Obtains Secure Flight Documents + (Oct. 12, 2018)
    In response to EPIC's Freedom of Information Act request, the Transportation Security Administration has released records about Secure Flight, a program that compares airline passenger records with various watch lists. The documents provided to EPIC contain an interagency agreement between the TSA and Customs and Border Protection, as well as related documents about Secure Flight. During the processing of EPIC's request, the TSA destroyed over a hundred pages of responsive records "due to the records disposition schedule." EPIC has testified before Congress and published a "Spotlight on Surveillance" report about the Watchlist Program. For more information, see EPIC: Passenger Profiling, and EPIC: Air Travel Privacy.
  • DHS Privacy Office Releases 2015 Data Mining Report + (Mar. 4, 2016)
    The Department of Homeland Security has released the 2015 Annual Data Mining Report. The report describes several of the Agency's profiling systems that assign secret "risk assessments" to U.S. citizens. EPIC recently prevailed in a FOIA case involving a controversial DHS passenger screening program, the "Analytic Framework for Intelligence." In EPIC v. USCG, another case concerning a DHS profiling program, EPIC uncovered records about a program to track boaters operating in US waters in which DHS stated that boaters "have no expectation of privacy." The 2015 DHS report indicates expansion of agency profiling programs, including the "Automated Targeting System."
  • Homeland Security Revised Traveler Screening Violates Federal Privacy Act + (Feb. 10, 2014)
    The Transportation Security Administration and Customs and Border Protection, components of the Department of Homeland Security, have announced plans for agency record disclosures without Privacy Act notifications. The agencies Common Operating Picture ("COP") program would permit TSA and CBP to exchange personal information held by the agencies to place travelers on federal watch lists. Although TSA and CBP have proposed new uses for personal data, the agencies have declined to solicit public comments as required by the Privacy Act. Currently, the agencies use the Automated Targeting System to perform "risk assessments." EPIC has called for DHS to suspend "risk-based" passenger profiling and to make public the algorithms that are used to assess travelers. For more information, see EPIC: Secure Flight, EPIC: Passenger Profiling, and EPIC: Air Travel Privacy.
  • More top news

  • Government Audit Finds TSA's Behavioral Analysis Program "Ineffective" + (Nov. 14, 2013)
    The Government Accountability Office issued a report to Congress finding that the Transportation Security Administration's behavioral analysis program, known as "Screening of Passengers by Observation Techniques" (SPOT), is ineffective. The GAO determined that there is no scientifically valid evidence for behavior indicators, and that TSA screeners cannot reliably interpret passenger behavior. The GAO report also notes that the there have been significant concerns over racial and ethnic profiling. There are around 3,000 TSA officers currently assigned to the SPOT program, which has cost approximately $900 million since 2007. The GAO recommended the Congress reduce further funding of the program. In testimony before the 9/11 Commission in 2003, EPIC warned that "It is easy to construct a device that can determine whether a person is carrying a gun before he boards an airplane. It is much more difficult to construct a device that can probe his thoughts and determine his intent to commit a crime." Since that time, EPIC has objected to the DHS's practice of assigning threat profiles based on race, ethnicity, and gender. EPIC has also called upon the TSA to undertake a comprehensive audit of the civil rights impact of airport screening policies on racial and religious minorities. For more information, see EPIC: Passenger Profiling.
  • EPIC Objects to Secret Profiling of Air Travelers + (Oct. 10, 2013)
    EPIC has submitted comments to the Department of Homeland Security, objecting to the agency's plan to secretly profile U.S. air travelers and remove Privacy Act safeguards. The DHS proposed to exempt TSA PreCheck from the federal privacy law. The PreCheck database contains detailed personal information, including name, birthdate, biometric information, Social Security Number, and financial information. The TSA plans to release applicant data to federal, state, tribal, local, territorial agencies and foreign governments. However, the TSA proposes to remove the rights of PreCheck applications concerning notification, access, and correction. The agency also intends to keep secret the basis for approving PreCheck applicants. EPIC described the substantial privacy and security risks of Precheck, urged the DHS to narrow the Privacy Act exemptions, and recommended that the DHS withdraw routine use disclosures. For more information, see EPIC: Secure Flight, EPIC: Passenger Profiling, and EPIC: Air Travel Privacy.
  • Documents Reveal New Details About DHS Development of Mobile Body Scanners + (Aug. 31, 2011)
    EPIC has obtained more than one hundred fifty pages of documents detailing the Department of Homeland Security’s development of mobile body scanners and other crowd surveillance technology. The documents were obtained as a result of a Freedom Information Act lawsuit brought by EPIC against the federal agency. According to the documents obtained by EPIC, vehicles equipped with mobile body scanners are designed to scan crowds and pedestrians on the street and can see through bags, clothing, and even other vehicles. The documents also reveal that the mobile backscatter machines cannot be American National Standards Institute “certified people scanners” because of the high level of radiation output and because subjects would not know they have been scanned. For more information see EPIC: Whole Body Imaging Technology and EPIC: EPIC v. DHS (Suspension of the Body Scanner Program).
  • EPIC Files for Rehearing in Airport Body Scanner Case + (Aug. 30, 2011)
    Citing significant errors in an earlier decision, EPIC has petitioned a federal appeals court to rehear the organization's challenge to the TSA's controversial body scanner program. "The court overstated the effectiveness of the body scanner devices and understated the degree of the privacy intrusion to the travelling public," stated EPIC President Marc Rotenberg. EPIC's petition challenged the Court's finding that the devices detect “liquid and powders," which was never established and was not claimed by the government. EPIC also argued that the court wrongly concluded that the TSA is not subject to a federal privacy law that prohibits video voyeurism. The panel found that TSA body scanner employees are “engaged in law enforcement activity," contrary to the TSA's own regulations. EPIC is pursuing related litigation on the government's deployment of mobile body scanners. For more information, see EPIC: EPIC v. DHS.
  • DHS Refuses to Disclose Details of Mobile Body Scanner Technology + (Aug. 17, 2011)
    New documents released by the Department of Homeland Security to EPIC indicate the the agency continues to hide details about body scanners. In November 2010, EPIC filed a Freedom of Information Act request with the agency regarding the deployment of body scanners in surface transit and street-roving vans. In its latest document release the agency supplied several papers that were completely redacted. As a result of the agency's failure to comply with the Freedom of Information Act, EPIC has filed suit to force disclosure of the records. For more information, see: EPIC: Body Scanner Technology and EPIC: FOIA Note #20.
  • EPIC-led Coalition Calls For Suspension of Secret Government Watchlist + (Aug. 5, 2011)
    EPIC and a coalition of privacy, consumer rights, and civil rights organizations filed a statement to the Department of Homeland Security. The group opposed proposed changes to the Watchlist Service, a secretive government database filled with sensitive information. The agency has solicited comments on the program, which entails developing a real-time duplicate copy of the database and expanding the groups and personnel with immediate access to the records. The groups focused on the security and privacy risks posed by the new system, as well as The Privacy Act. Passed by Congress in 1974, the Act requires DHS to notify subjects of government surveillance in addition to providing a meaningful opportunity to correct information that could negatively affect them. EPIC has testified before Congress and published a "Spotlight on Surveillance" report about the Watchlist program. For more information, see EPIC: Secure Flight and EPIC: Passenger Profiling.
  • TSA Expands Behavioral Profiling at Boston Airport + (Aug. 3, 2011)
    The Transportation Security Administration has begun training screeners at Logan International Airport in Boston to engage in behavioral profiling of air travelers. The program authorizes Transportation Security Officers to ask airline passengers personal questions concerning their travel plans and employment. Some travelers will be subjected to additional, invasive searches based on their responses. For more, see EPIC: Air Travel Privacy.
  • TSA Announces Installation of "Stick Figure" Software for Some Body Scanners + (Jul. 21, 2011)
    The TSA has announced that it will begin installing software on millimeter wave body scanners that will display a generic stick figure on a computer monitor and not the naked bodies of individual air travelers. The TSA said this will address privacy concerns. However, there is no plan to install similar software on the more widely used backscatter x-ray devices. It is also still unclear whether t the body scanners are capable of capturing, storing, or transferring the underlying graphic naked image. Seeking to answer this question, EPIC filed a lawsuit, following the TSA's failure to provide an adequate response to EPIC's FOIA request. For more information see: EPIC: Body Scanner Technology.
  • Federal Appeals Court: TSA Violated Federal Law, Must Take Public Comment on Body Scanners + (Jul. 15, 2011)
    As a result of a lawsuit brought by EPIC, the D.C. Circuit Court of Appeals has ruled that the TSA violated federal law when it installed body scanners in airports for primary screening across the country without first soliciting public comment. The Administrative Procedure Act requires federal agencies to provide notice and opportunity for comment when implementing a rule that affects the rights of the public. Writing for a unanimous court, Judge Ginsburg found there was "no justification for having failed to conduct a notice-and-comment rulemaking," and said, "few if any regulatory procedures impose directly and significantly upon so many members of the public." EPIC's brief alleged that airport body scanners are "invasive, unlawful, and ineffective," and that the TSA's deployment of the devices for primary screening violated the U.S. Constitution and several federal statutes. For more information, see EPIC: EPIC v. DHS and EPIC: Whole Body Imaging Technology. Press Release.
  • European Parliament Takes Stance Against Airport Body Scanners + (Jul. 6, 2011)
    The European Parliament has adopted a resolution that sets out strict safeguards for airport body scanners. The resolution requires that Member States only "deploy technology which is the least harmful for human health" and establish substantial privacy protection. The resolution prohibits the use of body scanners that use ionizing radiation. New guidelines also state that airport body scanners "must not have the capabilities to store or save data." EPIC currently is pursuing a lawsuit to suspend the use of body scanners in the United States, citing several federal laws and the US Constitution. EPIC has called the US airport body scanner program "invasive, ineffective, and unlawful." For more information, see EPIC: EPIC v. DHS (Suspension of Body Scanner Program) and EPIC: Whole Body Imaging Technology.
  • EPIC Testifies Before the Homeland Security Committee
    EPIC Associate Director Lillie Coney testified (pdf) at a Congressional hearing on "Ensuring America's Security: Cleaning Up the Nation's Watchlists". Ms. Coney said that there are several problems with the watchlist program: it is not subject to the Privacy Act, the watchlists are full of errors, the secure flight program may become a textbook case of "security theater," and the traveler redress program is not designed to do what it claims. For more information, see EPIC Spotlight on Surveillance: Secure Flight, EPIC Spotlight on Surveillance: Travel Redress Program, and EPIC Air Travel Privacy Page. (Sept. 9)
  • Temporary Agreement Reached on Transfer of Passenger Data
    The United States and the European Union have established a temporary arrangement for the transfer of personal information on European travelers that will expire in July of 2007. An earlier agreement was annulled by the European Court of Justice. The new agreement gives the Europeans greater control over the disclosure of passenger data to the United States. However, it leaves unresolved whether the United States has adequate privacy protections to safeguard the private information of European consumers. For more information, see the EPIC pages on Air Travel Privacy and EU-US Airline Passenger Data Disclosure. (Oct. 6)
  • US, Europeans Fail to Reach Accord on Passenger Data
    The European Union and the United States are in a "legal vacuum" three months after the European Court of Justice struck down the passenger name record deal that allowed the transfer of personal information on European travelers to the U.S. government. European airlines face lawsuits by European citizens for violating European privacy laws if the information is disclosed to the U.S. without a new agreement. European consumer organizations have called for strong safeguards for personal data. Officials say negotiations will continue. More information at EPIC pages on Air Travel Privacy and EU-US Airline Passenger Data Disclosure. (Oct. 3).
  • European and US Consumer Groups Urge Privacy Safeguards for Air Travel Information. The Trans Atlantic Consumer Dialogue has written to Homeland Security Secretary Michael Chertoff and European Commissioner Franco Frattini recommending the establishment of legal protections for passenger information collected by the US government. The letter follows an earlier statement from TACD that identified numerous risks to consumers that would result from the disclosure of detailed personal information. The TACD letter responds to Secretary Chertoff's recent call for increased government snooping. EPIC has filed a Freedom of Information Act request with the Department of Homeland Security regarding the program and whether adequate privacy safeguards have been established. The European Court of Justice earlier held that there was no legal basis for the Homeland Security program. For more information, see EPIC's air travel privacy page. (Sept. 13)
  • Senate Subcommittee Holds hearings on Airline Passenger Screening. On September 7, the Senate Subcommittee on Terrorism, Technology, and Homeland Security will hold a hearing on pre-screening international travelers who are flying into the United States. A Homeland Security program that acquired European passenger name records for pre-screening was opposed for its privacy violations by the European Parliament, and struck down by the European Court of Justice earlier this year. Homeland Security Secretary Chertoff has announced plans not only to revive the program, but also to expand certain aspects of it. For more information, see EPIC's Passenger Data page. (Sept. 5)
  • DHS Seeks Expanded Access to Travelers' Data. The Department of Homeland Security recently proposed expanding a program that would transfer detailed airline passenger recordsbetween European airlines and the US government. In 2003, the Department secretly entered into an agreement with European governments to obtain personal information on European travelers to the United States. The European Parliament challenged the agreement and the European Court of Justice recently ruled that the agreement lacked a legal basis. Negotiators have until September 30 to come up with a program that complies with European privacy law. (Aug. 22)
  • Registered Traveler Hits Turbulence. The Transportation Security Administration says security concerns have delayed the controversial air passenger prescreening program Registered Traveler, which was to be rolled out beginning Tuesday. EPIC has testified previously (pdf) and submitted comments (pdf) about the flawed program, warning that problems with watch list errors have not been resolved, that there are no legal safeguards to prevent misuse, and that "mission creep" is almost certain. For more information, see EPIC's Spotlight on Surveillance and Passenger Profiling pages. (Jun. 22)
  • European Court Rejects Data Transfer to US. The European Court of Justice has just ruled that the 2004 airline passenger data transfer agreement (pdf) between the U.S. Department of Homeland Security and the European Union is to be voided after September 30, 2006. The Court held that the agreement was illegal because it exceeded the scope of the EU 1995 Directive on data protection, which excludes operations concerning public security, defense, state criminal law and state security. Since the framework for data transfer was dictated by public authorities, and amounted to processing operations concerning public security, the Court held that the Commission lacked legal competence under the Directive to address public and state security issues. Privacy International describes the holding as a "pyrrhic victory" because the Court ruled on the basis of legal authority, and did not address the privacy implications of the transfer of the personal data to the U.S. The European Data Protection Supervisor is concerned that the ruling has created a loophole because it is uncertain that the Directive protects data collected for commercial reasons but used for police matters. (May 30)
  • EPIC Urges Privacy Safeguards for Traveler Database. In comments (pdf) to Customs and Border Protection, EPIC opposed the agency's plan to exempt a vast database from legal requirements that protect privacy and promote government accountability. The Global Enrollment System would include employment history and biometric data. Among many possible activities, the agency will use this system to determine which travelers are "low-risk" and eligible for the "Trusted Traveler" program. EPIC warned that the absence of effective redress procedures would leave many travelers improperly designated as "high-risk." For more information, see EPIC's Passenger Profiling page. (May 22)
  • EPIC Joins Campaign Against Biometric Identification. Civil liberties organizations have sent a letter to the International Civil Aviation Organization (ICAO) regarding their plans to include biometric identifiers such as fingerprints and facial scans on all newly issued electronic passports. The letter, organized by Privacy International, warns this will lead to the first truly global database of biometric information. For more information, read the letter from the Campaign, see EPIC's biometrics page, and read a story by the BBC. (Mar. 30)
  • EPIC Suit Uncovers Watchlist Errors. EPIC has uncovered agency documents through the Freedom of Information Act that raise important questions about how the Transportation Security Administration currently operates the "No-Fly" watchlist. The concerns surrounding the agency's administration of the list previews several potential problems with the proposed roll out of CAPPS-II, the Enhanced Computer Assisted Passenger Pre-screening System. For more information, see EPIC's analysis of the FOIA documents. (Apr. 1)
  • Senators Want Answers on Air Profiling. The Senate Commerce Committee has unanimously agreed to an amendment (pdf) by Sen. Ron Wyden (D-OR) that would require the Transportation Security Administration to report to Congress on the privacy and civil liberties implications of the controversial CAPPS-II air passenger profiling system. See EPIC's Passenger Profiling page for more information. (Mar. 13)
  • EPIC Comments on Air Travel Database. EPIC submitted comments on a Transportation Security Administration (TSA) proposal [PDF] to create a new database of Aviation Security Screening Records on all airline passengers. EPIC argued that the proposed system did not provide sufficient information for the public to contribute meaningfully to this rule-making procedure, and that the proposed system would infringe on the Constitutional right of association and travel. See TSA Docket for more information and public comments. (Feb. 24)
  • EPIC Criticizes Gov't Rule on Citizen Travel. EPIC has filed comments [PDF] on the Immigration and Naturalization Service (INS)'s proposed rule to collect passenger manifest information on all international travelers, including American citizens and legal permanent residents. The comments argue that the proposed rule is legally deficient because the INS has not complied with the Privacy Act in creating this new "system of records." EPIC has asked the INS to reissue its notice and meet the requirements of the Privacy Act. The comments also note that, by collecting and sharing travel data about citizens, the INS is placing a burden on the right to travel and the rights of anonymous association. (Feb. 4, 2003)
  • EPIC Files Suit for "No-Fly List" Information. Seeking information about aviation security watchlists, EPIC has filed a lawsuit [PDF] against the Transportation Security Administration (TSA) in federal court in Washington. The legislation creating TSA authorizes the agency to maintain such lists, which reportedly have been used to interfere with the travel of political activists. (Dec. 12, 2002)
  • Resources

    Identification Schemes

    Profiling

    Documents Obtained under the Freedom of Information Act (FOIA)

    Other Documents

    Analysis

    Previous Files

    Share this page:

    Defend Privacy. Support EPIC.
    US Needs a Data Protection Agency
    2020 Election Security