Two government reports confirm what EFF and other privacy advocacy organizations have long known: the Transportation Security Administration (TSA) lied about its role in using airline passengers as guinea pigs for testing "Secure Flight" - the latest version of a fundamentally flawed passenger-profiling system for screening terrorists. And not only did TSA lie, it lied repeatedly, to everyone.
A DHS report [PDF], released this past Friday, reveals that TSA misled individuals, the press, and Congress in 2003 and 2004. A GAO report [PDF], released Monday, also shows that Secure Flight has failed to meet 9 out 10 conditions the GAO set for giving the program the go-ahead. These conditions include providing adequate protection for passengers' privacy and ensuring the accuracy of the data it would use to classify people as terrorist risks.
Passenger records contain detailed personal information, such as your name, address, phone number, travel itinerary -- even your credit card number. Yet the DHS report says TSA shared passenger information with outside contractors while neglecting to "inquire whether the data used by the vendors had been returned or destroyed."
"This is worse than ChoicePoint," says EFF Senior Privacy Attorney Lee Tien. "It reflects an attitude toward the privacy of Americans that falls well below what people are up in arms about in the commercial data industry. These people have a public trust and they're abusing it."
For additional information, see Bruce Schneier's GAO's Report on Secure Flight; for background, see TSA and CAPPS II -- Anatomy of a Cover Up.
[Note: This report was corrected to distinguish between two separate reports on Secure Flight.]