CAPPS II Data-Mining System Will Invade Privacy and Create Government Blacklist of Americans, ACLU Warns

February 27, 2003

FOR IMMEDIATE RELEASE
Contact: Media@dcaclu.org

WASHINGTON -- A secretive new system for conducting background checks on all airline passengers threatens to create a bureaucratic machine for destroying Americans' privacy and a government blacklist that will harm innocent Americans, the ACLU said today.

The ACLU's warning came in response to statements by officials of the Transportation Security Agency that the Computer Assisted Passenger Pre-screening System II (CAPPS II) will be tested at several airports around the U.S. starting sometime in March.

"CAPPS II is based on the same concept as the Pentagon's 'Total Information Awareness' program, which proposed massive fishing expeditions through some of our most personally sensitive data," said Barry Steinhardt, Director of the ACLU's Technology and Liberty Program. "We are all concerned about airline security, but we must not let the unique needs in our airports give the government an opening to create the kind of Big Brother program that Americans rejected so resoundingly in the Pentagon."

At a news conference yesterday, the government said that under the program Americans will be labeled as a "green," "yellow" or "red" security risk. The red code would be reserved for those on terrorist watch lists. Far less clear is who would get a yellow code in their file; those passengers would be subject to extra-intensive security screening. 

"This system threatens to create a permanent blacklisted underclass of Americans who cannot travel freely," said Katie Corrigan, an ACLU Legislative Counsel. "Unfortunately, history suggests that the government will be capricious, unfair and politically biased in deciding who to stamp as suspect. Anyone could get caught up in this system, with no way to get out." 

According to a January Federal Register notice containing some details of the program, a yellow code in a person's file could be shared with other government agencies at the federal, state and local level, with intelligence agencies such as the CIA and with foreign governments and international agencies - all of which could use those designations for many purposes, including employment decisions and the granting of government benefits. 

"Despite the potentially serious consequences of being accused by your own government of being a security risk, CAPPS II would not allow innocent Americans to see the information that such a designation was based on, would not permit them a meaningful way to appeal, and would not reveal the criteria on which such judgments were based so they could avoid suspicion in the future," Corrigan said. "In fact, individuals would not even have the right to confirm how they have been labeled."

The CAPPS program would collect information about individuals including "financial and transactional data," which could include credit card and other consumer-purchase data, housing information, communications records, health records and many other sources of information about us. It would also make use of public source information such as law enforcement and legal records.

"Once the infrastructure for a system of government files and security ratings on American citizens is built, it won't be limited to air transportation for very long," said Steinhardt. "Nothing like it has ever been done in this country."

Steinhardt cited as an example of the kind of thing that can happen the FBI's "Project Lookout," in which the agency gave corporations a list of hundreds of names of people it sought in connection with September 11. The list, which was riddled with inaccuracies and contained the names of many people the Bureau simply wanted to talk to, was widely circulated and took on a life of its own. No one knows how many innocent people have been denied jobs or suffered other harm because of the list. 

"CAPPS II threatens our liberty, but its security benefits are far from clear," said Steinhardt. "It will leave security screeners at sea in an ocean of private data; some of that data will be fraudulent, and much of it just plain wrong. Like TIA, CAPPS II is apparently based on the belief that you can find a needle in a haystack by adding more hay to the stack."

Statistics image