home > archive > 2004 > this article
Is CAPPS II our ticket to better aviation security?
By Steve Lilienthal
Is CAPPS II the cure-all to prevent future 9/11s or is it simply an attempt at a political panacea? As scrutiny of the proposed aviation security system heightens, this question will have increased salience for those privacy advocates who are critical of its mission.
Clearly, there are security experts who do have questions about its impact. One such expert is Bruce Schneier, the author of Beyond Fear: Thinking Sensibly About Security in an Uncertain World, who argues that true security systems need information to be effective, not more data, whereas CAPPS II appears to be premised on the belief that the more data it holds about passengers, the more safe we will be.
The odds are high that a terrorist network planning to penetrate aviation would be able to defeat CAPPS II by figuring out which types of people can receive a "green" rating and then send them on their deadly way.
Another thing that needs to be understood by the American public is that the cost of the CAPPS II system will be very high. Not only is there the cost of simply operating the system itself, but also airline reservation agents and travel agents are using reservation systems that are not equipped to process the identifying information that TSA will demand. Re-conversion will be very expensive. In that sense, the CAPPS II system is an unfounded mandate on the travel and airline industries.
In the meantime, the TSA had been unresponsive to Congress' own demand for placing an effective defense system on airliners by arming pilots. TSA has dragged its feet in implementing this congressionally mandated program causing Senator Jim Bunning (R-KY) and Rep. Joe Wilson (R-SC) to take the lead in sponsoring legislation to make sure that TSA's bureaucrats implement the armed pilots program the way Congress intended. Even Sen. Barbara Boxer
There are other things that TSA could be pressing. One would be to upgrade the quality of screeners. Another would be to improve the quality of security involving airport employees. This is considered to be a gaping hole within aviation security. Greater use of sky marshals on flights and reinforced cockpit doors are other items that need to be advanced.
These are very real items that deserve consideration by Congress. The issue of airport screeners received that scrutiny last week by the aviation subcommittee of the House Transportation & Infrastructure Committee. Also being addressed was the issue of whether to spend CAPPS II money on upgrading human intelligence capabilities, (considered to be a more effective way to stop terrorist actions), or a standstill system such as CAPPS II that is an invitation for terrorists either to avoid or defeat.
Frankly, more effort needs to be put forth by the critics of CAPPS II in developing sound, constructive alternatives while keeping in mind the cost to the privacy of airline passengers.
The TSA is seeking exemptions from the Privacy Act. The Government Accounting Office stated earlier this year, " ...TSA plans to exempt CAPPS II from the Privacy Act's requirements to maintain only that information about an individual that is relevant and necessary to accomplish a proper agency purpose. These plans reflect the subordination of the use limitation practice and data quality practice (personal information should be relevant to the purpose for which it is collected) and to other goals and raises concerns that TSA may collect and maintain more information than is needed for the purpose of CAPPS II, and perhaps use this information for new purposes in the future. Further, TSA plans to limit the application of the individual participation practice - which states that individuals should have the right to know about the collection of personal information, to access that information, and request correction - by prohibiting passenger access to all personal information about them accessed by CAPPS II. This raises concerns that inaccurate personal information will remain uncorrected in and continue to be accessed by CAPPS II."
The largely unmentioned price tags of CAPPS II will be costly. 1) Airlines and travel agencies, in converting their reservation systems to satisfy what amounts to an unfounded mandate, will spend very real dollars and cents. 2) The cost of the potential impact on privacy and due process (particularly given that information from government and commercial databases will be used) in factoring the color rating of passengers and - let's not forget - the exemptions that are being sought from the Privacy Act.
Concerned citizens can call for an independent review committee to assess what databases are used and to ensure that the information contained within them is indeed accurate.
Furthermore, shouldn't the grievance procedure for CAPPS II be more formalized than simply relying on the TSA's Privacy Office and Passenger Advocate (and the TSA in general) to judge why a yellow or red rating is given? The Government Accounting Office report stated, "Given the concerns regarding the protection of passenger data, the [CAPPS II] system cannot be fully accepted if it lacks a comprehensive redress process for those who believe they are erroneously labeled as an unknown or unacceptable risk."
That process still has yet to be adequately defined.
CAPPS II may or may not be stopped. If it isn't, then the TSA and DHS owe the American public more than promises of "trust us". Americans deserve clear action in order to ensure that everything possible is being done to make passengers safe - both from terrorists and from being tyrannized by an incorrect rating.
Steve Lilienthal is Director of the Center for Privacy and Technology Policy at the Free Congress Foundation.
Get weekly updates about new issues of ESR!
© 1996-2018, Enter Stage Right and/or its creators. All rights reserved.