Air Travel Privacy
The right to travel is a part of the "liberty" of which the citizen cannot be deprived without due process of law under the Fifth Amendment ... Freedom of movement across frontiers in either direction, and inside frontiers as well, was a part of our heritage. Travel abroad, like travel within the country, may be necessary for a livelihood. It may be as close to the heart of the individual as the choice of what he eats, or wears, or reads. Freedom of movement is basic in our scheme of values. "Our nation," wrote Chafee, "has thrived on the principle that, outside areas of plainly harmful conduct, every American is left to shape his own life as he thinks best, do what he pleases, go where he pleases."
-- Justice William O. Douglas, Kent v. Dulles (1958)
Post-September 11, several measures have been considered to improve aviation security. Some of these proposals, such as improved training for airport screeners, checking all bags for bombs, strengthening cockpit doors, and placing air marshals on flights, do not implicate privacy interests and are sound security measures. Others, however, present privacy and security risks to air travelers. These proposals concern efforts to identify passengers and schemes to distinguish the "good guys" from the "bad." EPIC will make available on this page aviation security and privacy related documents it obtains from the government under the freedom of information law to promote and inform the public debate over these new schemes.
In earlier responses to security threats the FAA issued a secret regulation that allowed airlines to demand photo identification and instituted a new profiling program called CAPPS (Computer Assisted Passenger Pre-screening System) based on travel data airlines routinely collected. See Previous Files. New proposals advocate using biometric credentials for "trusted travelers" and using extensive data mining of credit history, criminal records, and travel patterns to profile all airline passengers. NASA has even suggested developing "non-invasive neuro-electric sensors" or brain scans at the security gate to see if people are having suspicious thoughts.
The stated goal of these new proposals is to rely on technology to reduce the "hassle factor" in airports and to reduce security threats. The core idea is to focus security resources on suspicious travelers, while ensuring that most people are not inconvenienced by heightened security. Terrorists, however, have been known to go to great lengths to look like most people. Former Transportation Security Agency chief John Magaw refused to endorse a "trusted traveler" card, fearing that it would be the first thing a terrorist will try to obtain. New profiling and identification programs will convert airport security into all-purpose police stops where criminals, deadbeat dads, and others seeking to avoid law enforcement for non-aviation security related reasons face the risk of being arrested.
The basic structure of passenger profiling is to use an algorithm to determine indicators of characteristics or behavior patterns that are related to the occurrence of certain behavior. The CAPPS-II initiative will expand the range of databases searched for suspicious activity so that each airline passenger will be subjected to an extensive profiling. John Pointdexter's office in the Defense Department is considering developing a similar Total Information Awareness system. Each structural element of the CAPPS-II profiling system, however, raises a host of complex questions:
Algorithm: What logic will be used? What is the basis for developing the algorithm? What are acceptable false positive and false negative rates?
Indicators: What indicators are relevant? Are these indicators available? Who will collect and store the relevant indicators?
Related: How are the indicators related to particular kinds of behavior? Is that relationship reliable?
Behavior: Who determines what behavior should be targeted? What types of specific behavior will the system try to catch?
In addition there are several technical issues such as how reliable is the data used to make profiling decisions? What kind of data should be collected and how long should the data be retained? Who will have access to the data and for what purposes?
The policy issues also need to be addressed: what will be the rights of individuals to control their personally identifiable information? What recourse will be available for someone wrongly identified or denied a service? Will profiling based on deep data-mining stand up to charges of equal protection and due process violations? The new proposals directly implicate long standing constitutional protections under the fourth and first amendments, including the right to travel, and must be clearly understood and properly considered by the public.
- EPIC FOIA: EPIC Obtains Secure Flight Documents + (Oct. 12, 2018)
- DHS Privacy Office Releases 2015 Data Mining Report + (Mar. 4, 2016)
- Homeland Security Revised Traveler Screening Violates Federal Privacy Act + (Feb. 10, 2014)
- Government Audit Finds TSA's Behavioral Analysis Program "Ineffective" + (Nov. 14, 2013)
- EPIC Objects to Secret Profiling of Air Travelers + (Oct. 10, 2013)
- Documents Reveal New Details About DHS Development of Mobile Body Scanners + (Aug. 31, 2011)
- EPIC Files for Rehearing in Airport Body Scanner Case + (Aug. 30, 2011)
- DHS Refuses to Disclose Details of Mobile Body Scanner Technology + (Aug. 17, 2011)
- EPIC-led Coalition Calls For Suspension of Secret Government Watchlist + (Aug. 5, 2011)
- TSA Expands Behavioral Profiling at Boston Airport + (Aug. 3, 2011)
- TSA Announces Installation of "Stick Figure" Software for Some Body Scanners + (Jul. 21, 2011)
- Federal Appeals Court: TSA Violated Federal Law, Must Take Public Comment on Body Scanners + (Jul. 15, 2011)
- European Parliament Takes Stance Against Airport Body Scanners + (Jul. 6, 2011)
More top news
EPIC Associate Director Lillie Coney testified (pdf) at a Congressional hearing on "Ensuring America's Security: Cleaning Up the Nation's Watchlists". Ms. Coney said that there are several problems with the watchlist program: it is not subject to the Privacy Act, the watchlists are full of errors, the secure flight program may become a textbook case of "security theater," and the traveler redress program is not designed to do what it claims. For more information, see EPIC Spotlight on Surveillance: Secure Flight, EPIC Spotlight on Surveillance: Travel Redress Program, and EPIC Air Travel Privacy Page. (Sept. 9)
The United States and the European Union have established a temporary arrangement for the transfer of personal information on European travelers that will expire in July of 2007. An earlier agreement was annulled by the European Court of Justice. The new agreement gives the Europeans greater control over the disclosure of passenger data to the United States. However, it leaves unresolved whether the United States has adequate privacy protections to safeguard the private information of European consumers. For more information, see the EPIC pages on Air Travel Privacy and EU-US Airline Passenger Data Disclosure. (Oct. 6)
The European Union and the United States are in a "legal vacuum" three months after the European Court of Justice struck down the passenger name record deal that allowed the transfer of personal information on European travelers to the U.S. government. European airlines face lawsuits by European citizens for violating European privacy laws if the information is disclosed to the U.S. without a new agreement. European consumer organizations have called for strong safeguards for personal data. Officials say negotiations will continue. More information at EPIC pages on Air Travel Privacy and EU-US Airline Passenger Data Disclosure. (Oct. 3).
- EPIC's Automated Targeting System, September 2007
- EPIC's presentation for the National Academy's seminar on Concealed Threat Detection, March 2005.
- Implementation of the Aviation and Transportation Security Act with a Focus on the 60-day Deadline for Screening and Checked Baggage House Transportation Committee, Subcommittee on Aviation, Jan. 23, 2002
- Audit Reports on Aviation Security Office of Inspector General, Department of Transportation
- White House Commission on Aviation Safety and Security web page.
- EPIC's National ID Page.
- EPIC's Face Recognition Page.
- EPIC's Terrorism Page: Information on pending efforts in Congress to increase wiretapping and gather personal information.
- EPIC's new page on Surveillance of European Air Travelers.
- Gilmore v. Ashcroft -- FAA ID Challenge
- Aviation Security Biometrics Working Group [see Steering Committee Analysis for detailed information on proposed biometric identification schemes]
- Smart Check-In Cuts Airport Lines Wired News, Feb. 5, 2001. [Trusted traveler schemes have been contemplated well before 9/11]
- Maximus Flysecure proposal
- Trading Freedom for Security. The New American Magazine, May 5, 2003.
- EPIC's new Passenger Profiling page.
- Air Security Focusing on Flier Screening. Washington Post, September 4, 2002.
- Intricate Screening Of Fliers In Works. Washington Post, Feb. 1, 2002.
- Carnival Booth: An Algorithm for Defeating the Computer-Assisted Passenger Screening System. MIT/Harvard Law School Student paper.
- Electronic Record Systems and Individual Privacy. U.S. Congress Office of Technical Assessment OTA-CIT-296.
- House Transportation Hearing on Airline Passenger Profiling. Feb. 27, 2002.
- ACLU Passenger Profiling Complaint Form
- EPIC Suit Uncovers Errors in TSA's Watchlist (April 2003)
- NASA Ames Research Center Northwest Airlines Briefing (December 10-11, 2001)
- CBP Biometric Exit Program FOIA Request (October 17, 2017)
- Land Border Integration (LBI) Task Order Modification Statement of Work (SOW)
- Statement of Work (SOW), Land Border Integration (LBI) Transition O&M Bridge, May 2016
- Public Affairs Guidance for Departure Information Systems Test at Atlanta (Draft), June 2016
- Biometric Pathway: Transforming Air Travel, December 2016
- Capability Analysis Study Plan for Biometric Entry-Exit, January 2017
- Biometric Entry-Exit Program Mission Needs Statement, February 2017
- Biometric Entry-Exit Program Capability Development Plan, February 2017
- Capability Analysis Report for Biometric Entry-Exit, March 2017
- Biometric Entry-Exit Program Concept of Operations, June 2017
- Biometric Entry-Exit Concept of Operations (Requirements Decision and Action Memorandum), June 2017
- Traveler Verification Service Standard Operating Procedure, June 2017
- Technical Match Rates Over Time, September 2017
- Memorandum of Understanding Between and Among US Customs and Border Protection and [Redacted Airline Company], Fall 2017
- Final Report of the White House Commission.
- Initial Report of the White House Commission (September 9, 1996).
Executive Order 13015 creating the White House Commission on Aviation Safety and Security (August 22, 1996) (PDF version)
- 1994 statute authorizing FAA research into security matters (including "behavioral research") and exempting information relating to such research from disclosure under the FOIA.
- Image of a person scanned using a new x-ray device from AS&E.
- National Academy of Sciences report "Airline Passenger Security Screening: New Technologies and Implementation Issues"
- Paper on the limitations of profiling, Roger Clark, Australia National University.
- ACLU testimony before White House Commission on "Civil Liberties Implications of Airport Security Measures" (September 5, 1996).
- Letter to Privacy Journal editor Robert Ellis Smith from the FAA denying Smith's request for a copy of the FAA Security Directive on identification of airline passengers.
- HotWired article "Fear of Flying" on proposals. (September 11, 1996).
- FAA Proposes Profiling Regulations. The Federal Aviation Administration published proposed regulations on April 19, 1999, governing "Security of Checked Baggage on Flights Within the United States." The draft rules detail the use of computer profiling techniques to identify suspicious passengers. Public comments can be filed until June 18, 1999.
- Airline Passenger Profiling Goes Into Effect. The Computer Assisted Passenger Screening System is scheduled to be phased in nationwide beginning on January 1. Under the system, passengers who "fit the profile" will be selected for heightened security measures, which can include a thorough search of their luggage, intrusive personal questioning, tagging of luggage with orange tape, and a physical escort from the check-in counter to the airport gate by security personnel. The ACLU is providing an online complaint form for passengers targeted by the profiling system.
- Microsoft Chief Architect Charles Simonyi tells what happens when you "fit the profile" (from Slate ).
- Proposed FAA rule for collecting personal information including name, address, Social Security Number, Date of birth and next of kin for every domestic passenger.
- General Account Office report, Aviation Safety and Security: Challenges to Implementing the Recommendations of the White House Commission on Aviation Safety and Security (Testimony, 03/05/97, GAO/T-RCED-97-90).
- The Gore Commission has released its final report recommending passenger profiling. A coalition of 17 groups has sent a letter to Gore opposing ID checks, profiling, new x-ray technologies and excessive secrecy by the FAA in making decisions.