Privacy steps forward

Two controversial systems that comb public databases for information on potential terrorists have come under fire, and officials are taking steps to alleviate some privacy concerns.

Government officials are backpedaling due to the sharp criticism concerning privacy issues with the systems, privacy advocates said. As details on the Computer Assisted Passenger Prescreening System (CAPPS) II have emerged, the form of the project has changed, officials said. Meanwhile, officials from the Defense Advanced Research Projects Agency portrayed the Total Information Awareness (TIA) system this month as a less invasive system that would not draw on financial and health records to determine terrorist activities.

The Transportation Security Administration's CAPPS II would only use basic passenger information to verify identity and then determine risk, which is presented in a score and its corresponding color: green permitting passengers to travel, yellow necessitating further investigation and red prohibiting passengers from traveling altogether. The information would not be shared beyond TSA officials or necessary law enforcement, and the information would be destroyed after the passenger has traveled, TSA Administrator James Loy told lawmakers this month.

"CAPPS II has the most potential to improve security and customer service," Loy testified before the House Government Reform Committee's Technology, Information Policy, Intergovernmental Relations and the Census Subcommittee.

The system would start with four pieces of passenger information, voluntarily provided when passengers purchase airline tickets: name, address, phone number and date of birth. CAPPS II then searches databases to build a risk assessment score, Loy said. The limited tool is looking only for terrorist-related information and will check passenger information against crime databases.

Mihir Kshirsagar, policy analyst for the Electronic Privacy Information Center (EPIC), said there have been a number of major changes in the system since its introduction in a Federal Register notice in January. "It got slammed by us and various privacy groups who balked at the major problems," he said. "Basically, TSA has been backpedaling by justifying and saying, 'We won't do this and we won't do that.' "

"If you look at the notice," he continued, "they said they'll be looking at transactional data, financial records, and information on people deemed a risk will be stored for 50 years."

Loy said there was potential to expand the system to include other forms of security screening and possible use in other forms of travel, an implication that leaves privacy advocates uneasy. "Today it's boarding an airplane; tomorrow it's entering a federal building," Kshirsagar said.

Loy said TSA has been working closely with Congress and privacy groups to ensure that passengers' civil liberties are protected. "We can design a solid program where security and privacy are complementary goals," he said.

Jay Stanley, spokesman for the American Civil Liberties Union, agreed that agency officials are backtracking, which is likely a mix of taking privacy concerns into account and presenting the system in a way to quell opposition. Although he commended TSA officials for saying CAPPS II would expunge data after a passenger has traveled, he expressed concern about what information will be used to determine risk.

"It's cold comfort," Stanley said. "We're glad they seem to be taking these concerns into account, but we're still not satisfied. Once you create these infrastructures, they will inevitably be expanded."

Lara Flint, staff counsel for the Center for Democracy and Technology, praised TSA officials for following through with promises they made in a private meeting with privacy groups in mid-March. "We were very pleased to hear about the data-retention policy."

DARPA's director presented more details on the agency's TIA program to try to soothe fears at the same House hearing. TIA takes a hypothetical of an attack scenario, creates a pattern of behavior and then checks that pattern against databases, DARPA Director Tony Tether said.

The system would focus on information collected from government intelligence agencies, but Tether said DARPA is also researching what other information might aid in counterterrorism efforts, such as transportation information and transactions.

The system would not merge separate government and private databases, and sensitive intelligence information would stay with the agency that collected it. Agencies would still be able to collaborate without compromising their sources and methods of information gathering, Tether said.

"We are developing a technology that will allow the agencies to easily collaborate with each other," he told lawmakers. "We don't want to get rid of the stovepipes, and I don't think anyone really wants to, because there is a role for the cultures."

Tether's assurance to lawmakers that databases will remain distributed left Kshirsagar unimpressed.

"Anyone with some experience with computers knows there won't be one big database," he said. "The whole question is how you access these databases. To say they are going to be distributed doesn't say how the significant privacy issues will be addressed."

Flint said privacy groups still need more information on TIA, because officials have yet to outline what information they will use and how they will access it. "They have been considerably less forthcoming," Flint said of DARPA officials, compared to TSA officials.

***

Eyeing systems

Two controversial systems in particular have been under the careful watch of privacy advocates:

* The Transportation Security Administration's Computer Assisted Passenger Prescreening System II will comb commercial and government databases to assess the terrorism threat that airline travelers pose. Privacy groups have questioned the system's constitutionality and demanded more details on how it will work.

* The Defense Advanced Research Projects Agency's Total Information Awareness system would allow national security analysts to detect, track, understand and block terrorist attacks by monitoring patterns in public and private transactions. Privacy advocates and some lawmakers are concerned that the system would access too much personal information on citizens. Congress is awaiting a report from DARPA due May 20 with further details on the system.