Contact: Jim Harper

(202) 546-3701

http://www.privacilla.org

Washington, D.C. — Privacilla.org filed comments today on the latest version of the CAPPS II program, currently under testing by the federal Transportation Security Administration. The comments come at the conclusion of a comment period on privacy issues conducted by the agency.

Congress recently required a special study of the privacy and due process impacts of CAPPS II before it goes forward. CAPPS II is the second iteration of the Computer-Aided Passenger Pre-Screening System, an identification-based transportation security program.

"The new CAPPS II is substantially improved over previous versions," said Jim Harper, Editor of Privacilla.org. "Unfortunately, this is because the previous version was so bad."

Privacilla's comments note several privacy weaknesses in the current program. The TSA still plans to record the movements of every American traveler, treating them as crime and terrorism suspects. It will share information with private contractors for risk assessment, but will not require destruction of data when the risk assessment is complete. And the TSA's plans to use personal information already in the hands of the government remains murky.

"There are hundreds, if not thousands, of databases of personal information ensconced throughout the U.S. government," Privacilla's comments say. "[T]he U.S. government has by far the greatest capacity of any entity to profile citizens and learn detailed information about all facets of their lives. If CAPPS II will use data from a variety of agencies, this 'internal' risk assessment function may still be extremely intrusive — a new Total Information Awareness program."

The Privacilla comments acknowledge hard work by the Homeland Security Department: "The Department’s Privacy Office has demonstrated its good faith through this notice and through affirmative outreach to privacy advocates and groups. But good faith does not protect privacy. The structure of programs and explicit legal protections do."

A variety of important non-privacy issues also persist. Use of the system to search for people with outstanding warrants is mission creep that would convert the program to an internal passport system. It appears that some government officials may be exempted from security checks, a notion Privacilla called "as elitist as it is foolish."

Significant due process concerns are raised by the use of private data to create passenger risk scores. "Delegation of government power to a private-sector entity does not dispose of the constitutional rights against government that apply."

Privacilla's comments say that "commercial data providers would be wise to avoid this market if they wish to avoid public-utility-style regulation of their functions, or public ownership of their data."

The Privacilla comments conclude that much of the difficulties with CAPPS II stem from the federal policy "creating a special government security function for the private transportation industry. Were the responsibility for security properly placed in the hands of the industry itself, airlines could use personal data as fully or as restrictively as consumers wished, restrained from extremes on either side by the public demand for both privacy and security."

Privacilla.org (http://www.privacilla.org) is an innovative Web site that captures "privacy" as a public policy issue. Privacilla has been described as a "privacy policy portal" and an "online think-tank."