Letter to Secretary Tom Ridge of the Department of Homeland Security Expressing Concerns About Testing of the Secure Flight Program
Secretary of Department of Homeland Security
Department of Homeland Security
Washington, DC 20528
Dear Secretary Ridge,
In recent weeks the Transportation Security Administration has said that it intends to begin testing the Secure Flight program. We are writing to confirm that the Department of Homeland Security will not proceed with testing the use of commercial data for the Secure Flight program until the Government Accountability Office has issued a report mandated by Congress.
As your agency is no doubt aware, the TSA is barred by law from carrying out parts of its test for Secure Flight until the TSA has developed certain performance measures and the Government Accountability Office has reported on those measures. Specifically, H.R. 4567, the Department of Homeland Security Appropriations Act, 2005 (Public Law 108-334) stipulates in Section 522(d) that no funds "may be utilized to test an identity verification system that utilizes" a database from a "non-Federal entity" until "TSA has developed measures to determine the impact of such verification on aviation security and the Government Accountability Office has reported on its evaluation of the measures."
We raise this concern because we have seen numerous official statements of the TSA's intent to proceed with testing Secure Flight, including its commercial identity verification system component. Yet, we have seen no mention of this statutory requirement.
For example, a Privacy Act Notice published by the TSA in the Federal Register on September 24, 2004 states that "TSA will also conduct a separate test of the use of commercial data to determine its effectiveness in identifying passenger information that is inaccurate or incorrect." Likewise, in a "Notice of Final Order for Secure Flight Test Phase" published in the Federal Register on November 15, 2004, the TSA states that "in addition to testing TSA's ability to compare passenger information with data maintained by the TSC [Terrorist Screening Center], TSA will separately test the use of commercial data to determine if use of such data is effective in identifying passenger information that is incorrect or inaccurate." Neither document includes any mention of a process for developing measures to determine the security impact of verification or a GAO report on such measures.
In addition, TSA officials have in public comments outlined an extremely aggressive timetable for implementing the Secure Flight program. For example, at the unveiling of Secure Flight on August 26, 2004, TSA Director David Stone stated that the agency aims to carry out the testing phase in November and December of 2004. Similarly, Justin Oberman, Director of the TSA's Office of Risk Assessment, in an October 21 appearance at the Heritage Foundation, stated that the secure flight test "will start next month [i.e. November] and will run for a period of several weeks." He stated that "We will do this test of the commercial data around the same time frame - December and January."
Again, in these public comments, no mention was made of the GAO report mentioned in this section of the statute. We are concerned over how the GAO reporting requirement will fit into such an ambitious timetable. As you know, the ACLU has considerable doubts about the advisability of the Secure Flight project, and we are particularly worried about the use of commercial data. We therefore think it extremely important that the GAO make an independent assessment of your plans and issue this report before you act.
Congress inserted the provision requiring an independent assessment of the Secure Flight verification proposal for good reason. Policymakers were concerned over the impact of identity verification not only on privacy, but also on aviation security. The GAO's February 2004 report on CAPPS II was very well-crafted and objective, and appeared to have played an important role in the decision by policymakers in your agency to terminate the CAPPS II program.
For these reasons, we respectfully request that you confirm that the TSA intends to wait until GAO has issued the report described in Section 522(d) of the 2005 Department of Homeland Security Appropriations Act before commencing with the testing of the commercial identity verification portion of Secure Flight.
Thank you for your consideration of this question. We look forward to hearing from you.
Director ACLU Technology and Liberty Project
Laura W. Murphy
Director ACLU Washington Legislative Office