Security official details screening process for air travelers
Personal data about airline travelers to be collected for a system designed to identify terrorists will not be accessible either to the government or the database companies verifying passenger identities, a top official developing the system said on Thursday.
The data assembled for the Homeland Security Department's Computer Assisted Passenger Pre-screening System (CAPPS II) will not be accessible because of a technology that allows database companies to read but not copy passenger data, said Steve Thayer, deputy director of the Office of National Risk Assessment (ONRA).
The program has been slowed by privacy concerns, and Homeland Security officials have said they will not proceed with CAPPS II until it issues regulations subject to a Privacy Act notice.
Thayer, testifying before the Defense Department's Technology and Privacy Advisory Committee, said ONRA is testing the system and hopes to have it running by the end of March. He said ONRA is developing CAPPS II.
"Commercial companies can only read but not copy the information," Thayer said. "In effect, there is no record" of the passenger names, addresses, phone numbers and dates of birth that travelers would have to provide to airlines when they purchase tickets.
As CAPPS II previously has been described, that personal information would be passed to commercial companies like ChoicePoint or LexisNexis, who would run the information through their databases to verify the identities of travelers.
Using algorithms to be determined by ONRA, the database companies would return scores to group passengers into "green," "yellow" or "red" categories. Green passengers would be cleared for travel, yellow passengers would be searched more thoroughly, and red passengers would be blocked from boarding airplanes and could be arrested.
But Thayer said data collected by the system could not subsequently be used by law enforcement agencies to track individual travel patterns because of advanced technology called Radiant Trust designed by Lockheed Martin.
"We use the data to authenticate [the individual] by comparing that information with that which is contained in a commercial data source," Thayer told the advisory committee. "The commercial data is never revealed to the government. It stays on the other side in the commercial database."
Similarly, the database companies could not glean insights about customers' travel patterns because of the use of Radiant Trust. "Technology also allows us to ensure that the [database companies] cannot use the names or the information that we provide to them," he said.
Thayer, the former executive director of the American Conservative Union, also commented on the ongoing negotiations between Homeland Security and the European Union over what information foreign airlines must give the U.S. government about incoming passengers.
"I just returned from four days in Brussels," he said. "As a person who has been very involved in privacy for many years, I think we have a lot of common ground."