By: Anthony Kimery
A Privacy Impact Assessment (PIA) issued by
the Department of Homeland Security (DHS) April 13 on the Transportation
Security Administration's (TSA) TSA Pre✓™ “reflects the establishment
of the TSA Pre-Check program and its interaction with Customs and Border
Protection’s (CBP) Secure Flight.”
TSA Pre✓™ has begun to allow existing CBP Trusted
Traveler participants and eligible members of the US Armed Forces to
receive expedited screening, although TSA notes it still reserves the
right to incorporate random enhanced screening protocols.
TSA is exploring the feasibility of expanding the
Known Traveler program beyond these populations to include certain
active security clearance holders, aviation workers, other
transportation-sector populations for whom TSA performs a security
threat assessment, and other populations. The PIA will be updated as TSA
incorporates new Known Traveler populations into the Secure Flight
program.
The updated PIA also considers that Secure Flight
will include the aircraft operator frequent flyer designator code in
conjunction with the Secure Flight Passenger Data (SFPD) of passengers
who sign up for TSA Pre✓™.
According to the updated PIA, Secure Flight will
collect a designator code from participating aircraft operators for the
purpose of verifying that a passenger is a frequent flyer program member
eligible for expedited screening.
The purpose of the Secure Flight program is to
background check individuals before they access airport sterile areas or
board aircraft.
“Generally,” the PIA update said, “this screening
has been designed to identify and prevent known or suspected terrorists
or other individuals from gaining access to airports and airplanes where
they may jeopardize the lives of passengers and others. To identify
those who present a threat to aviation security, the Secure Flight
program compares passenger and non-traveler information to the No Fly
and Selectee List components of the Terrorist Screening Center Database
(TSDB) and, when warranted by security considerations, other watch lists
maintained by TSA or other federal agencies.”
Secure Flight also screens passengers against a list
of passengers with redress numbers assigned by DHS Traveler Redress
Inquiry Program (TRIP), and against the list of individuals whom the
Centers for Disease Control and Prevention (CDC) has identified to DHS
as persons who should not be permitted to board an aircraft because of
public health concerns.
With the proof-of-concept program announced in the
August 2011 Secure Flight PIA update, TSA began to test the use of a
largely dormant aspect of the Secure Flight program -- the Known
Traveler feature -- to identify those individuals for whom expedited
screening may be appropriate. TSA also announced that Secure Flight
would accept frequent flyer designator codes for use in conjunction with
risk-based security rules using SFPD. By reducing the airport screening
resources devoted to trusted travelers, TSA believes it will be able to
focus its screening efforts on passengers who are more likely to pose a
threat to civil aviation.
The new PIA update also provides notice that, as
part of Pre-Check, TSA will create and maintain a watch list of
individuals who are disqualified from receiving expedited screening for
some period of time or permanently because they have been involved in
violations of security regulations of sufficient severity or frequency.
These names are kept on the the TSA Pre-Check Disqualification List.
Disqualifying violations of aviation security
regulations may involve checkpoint and checked baggage violations, such
carrying as a loaded firearm that is discovered in carry-on baggage at
the checkpoint.
As discussed in the August 2011 PIA update, TSA
leverages CBP’s Automated Targeting System (ATS) to identify individuals
requiring enhanced screening prior to boarding an aircraft. This PIA
update also provides notice that TSA creates and provides risk-based,
intelligence-driven, scenario rules to CBP for use in ATS to identify
international travelers requiring enhanced screening.
TSA receives from CBP a continuously updated watch
list of these individuals for use in Secure Flight. Certain
intelligence-driven scenario rules may result in some travelers
receiving enhanced screening for subsequent domestic and international
flights for a period of time. Oversight will be exercised by the DHS
privacy office, DHS Office for Civil Rights and Civil Liberties, and DHS
Office of General Counsel to ensure threat-based intelligence is
appropriately applied.
The new PIA builds on an update to the Secure Flight PIA in August 2011. It reflected a number of changes, including:
- The initiation of a Known Traveler proof of concept starting with individuals enrolled within CBP’s Trusted Traveler programs, and expected to expand to include other populations such as transportation sector workers receiving TSA security threat assessments and members of the military; and
- The receipt by Secure Flight of aircraft operator frequent flyer status codes for use in conjunction with risk-based security rules using SFPD.
