March 25, 2003

Dear Chairman Cox and Ranking Member Turner:

We write as a nonpartisan coalition of national organizations to urge Congress to stop the deployment of the Transportation Security Administration’s (TSA) second-generation airline passenger profiling system known as CAPPS II (“Computer Assisted Passenger Prescreening System”) unless it can be shown to be both effective and consistent with privacy and due process principles.  CAPPS II would attempt to assess the security risk of every single airline passenger based on commercial and government data.  As a result, innocent people could be branded security risks on the basis of flawed data and without any meaningful way to challenge the government’s determination.  At a minimum, Congress should require the TSA to answer key questions about both the effectiveness of CAPPS II and its implications for privacy and civil liberties before the program is fully developed and TSA constructs the infrastructure for a general-purpose domestic risk assessment system.

In January, the TSA published a Federal Register notice announcing the Aviation Security Screening Records (ASSR) database.  The Federal Register notice described a system that would allow the government access to “financial and transactional data” as well as virtually unlimited amounts and kinds of data from other proprietary and public sources.  TSA also indicated in that notice that many private and public entities might gain access to the personal information used in the ASSR database.   Yet the notice did not provide information about how passengers can challenge their “score” or otherwise seek redress for their treatment at airports if they think it is based on inaccurate information.  Over 100 individuals and organizations filed comments on the ASSR database that were almost universally critical of the program. 

TSA plans to revise the Federal Register notice to more specifically reflect the evolving nature and scope of CAPPS II and the agency has begun a series of meetings with privacy organizations, industry groups and other stakeholders to explain the program in more detail.  

In the past few weeks, TSA officials have clarified the basic structure of CAPPS II.  First, TSA officials said the program would gather only four pieces of information about each passenger from the airlines: full name, home address, home phone number and date of birth.  That information would then be checked against  “credit header” information and other data held by various data aggregators - private corporations that maintain files on the commercial activities of most American citizens - in an effort to verify the traveler’s identity.  However, credit header information can be inaccurate and identity thieves could easily sidestep the identity check by presenting a false driver's license or passport, undercutting the system's entire mission, which is why we believe that effectiveness is a threshold issue.

            Although the TSA’s recent outreach to stakeholders is welcome, Congress should not allow the TSA to develop unilaterally a tool that could invade individual privacy and brand innocent airline passengers a security risk without meaningful review.

            Congress should carefully and deliberately assess the program’s effectiveness as a security measure, its cost in economic terms, and its cost to civil liberties before allowing TSA to move forward with CAPPS II.  To start, Congress should ask TSA the following questions:

Effectiveness of the Program

·        How will the CAPPS II program work? What information will be examined about passengers?  From where will the data be collected? Who will handle the data? How will the risk assessment be made? Under what circumstances would a passenger be prevented from flying? What risk levels will be assigned (e.g. red, yellow, and green) and what will be the consequence to the passenger of each level?

·        Has CAPPS II (or any of its component programs) been evaluated or have any determinations been made as to effectiveness or feasibility as an air security measure? If so, what are the results of these evaluations or feasibility studies?

·        What is the presumed error rate of the underlying data (in both government and commercial databases)? How would error rates affect the "scoring" of airline passengers?

·        What is the presumed error rate of the algorithm used to determine a passenger "score"?

·        What is now being tested by Delta Airlines? Is this simply a test of whether reservation information could be used in a CAPPS program or is some version of CAPPS II with the assignment of risk scores or other actual screening of passengers taking place?

Privacy of Personal Information

·        What passenger data will be retained and by whom - the government or a private contractor?  (The answer may vary for different sets of data and at different points in the system.)

·        What internal oversight mechanisms would be in place for either government or commercial databases used for CAPPS II (e.g. data quality standards, audit controls, ombudsman or complaint process)?

·        What external oversight mechanisms would be in place for these same databases (e.g. judicial review)?

·        How could CAPPS II be used by law enforcement, intelligence, and other federal, state, or local government agencies? What specific agencies have expressed interest in the program to date? For what activities?

·        In the view of the government, what laws govern the use and unauthorized use or collection of the data to be used in CAPPS II?

·        What private entities could gain access to the personal information used by TSA or to the risk assessment (either the actual "score" or fact of the color code)? For what purposes? What limitations would there be on third party use of that information?

Air passengers’ "Risk Assessment"

·        Who or what would conduct the so-called "risk assessments"?

·        How would passengers challenge their "score" - or even find out what it is? What procedures would be in place for passengers to correct or challenge a "risk assessment"? What rights would an individual have at the airport to remedy the assessment?

Cost of CAPPS II

·        What would be the cost of developing and initially implementing the program including personnel, technology, and oversight mechanisms to federal, state and local governments and private industry?  What would be the ongoing costs of the program?

·        What private contractors, including private industry and academic researchers, have received funding for research, development and implementation of CAPPS II to date? How much?

It is important that Congress exercise its oversight role and start asking questions about CAPPS II now, because the project is moving ahead with a pilot program at Delta Air Lines.  And air travelers are worried about CAPPS II; according to The New York Times, in a recent survey conducted by the Association of Corporate Travel Executives, 82 percent of respondents considered the program an invasion of privacy.

Thank you for your consideration of this matter. 

Sincerely,

American Civil Liberties Union

American Conservative Union

American Defense Council

Americans for Tax Reform

Center for Democracy and Technology

Christian Coalition

Eagle Forum

Electronic Frontier Foundation

Electronic Privacy Information Center

Free Congress Foundation

People for the American Way

cc:            Members of the House Select Committee on Homeland Security