Friday, 4 June 2004

CAPPS-II may be "phased in gradually", says DHS

In the first public admission that the USA Department of Homeland Security (DHS) may have to scale back or postpone its plans for the CAPPS-II airline passenger profiling and monitoring system, DHS Undersecretary for Border and Transportation Security Asa Hutchinson told a Reuters "Air and Defense Summit" yesterday:

The United States still plans to set up a much-delayed system that would run background checks on anyone who buys a plane ticket, but in the meantime officials are looking at ways to better pinpoint suspected hijackers using the existing system, said Asa Hutchinson.

The government might phase in CAPPS II gradually, Hutchinson said, first checking passenger names against a "no fly" list of those considered security risks, then adding more controversial elements such as the background checks.

But officials have not yet decided the best way to move forward, he said at the summit, held at Reuters offices in Washington.

Hutchinson directs the DHS Border and Transportation Security directorate, which includes the Transportation Secuirty Administration (TSA) and its Office of National Risk Assessment (ONRA), the agencies responsible for the CAPPS-II plan.

Congress has barred the DHS from deploying (except for testing) anything defined as part of CAPPS-II until specified criteria (see Section 519) have been met, as certified by the GAO. Those criteria haven't been met , and CAPPS-II as currently conceived is unlikely ever to meet them. But there is no law yet against implementing the same programs and requirements by any other name, if funds can be found as part of any existing program.

By redefining new requirements or functions as "changes to CAPS" (CAPS 1) rather than as part of CAPPS-II, the DHS could evade both the intent of Congress and GAO oversight. Congress needs to make sure that doesn't happen.

It's significant that, if forced to compromise on CAPPS-II, Hutchinson would postpone the real-time profiling and background checks of (non-travel) databases, and put his priority on DHS access to, and ability to check, passenger names.

This reinforces what I've been saying all along: the central function of CAPPS-II is surveillance, not security. The DHS want to mandate the identification of passengers and entry of sufficient identifying information in each PNR to enable the indexing of PNR's into lifetime travel histories, to which the DHS would have access at any time in the future. Profiling and background checks of passengers using other, non-travel commercial data are less important to the DHS.

But the DHS has, of course, never been willing to admit that CAPPS-II is a surveillance system, just as the DHS has never been willing to admit that CAPPS-II is a data mining program.

The recently-released report of the Technology and Privacy Advisory Committee to the Federal government, for example, repeatedly identifies CAPPS-II in its lists of current and proposed Federal government data-mining programs outside the Department of Defense War, whihc it recommends should be subject to new legal safeguards and restrictions. But the General Accounting Office's simultaneous survey of Federal data mining , which relied on agencies' self-reporting of their various data mining projects, did not list CAPPS-II at all.

It's also striking how little the fingerprint misidentification of Oregon attorney Brandon Mayfield by the FBI's leading "experts" has led to reexamination of DHS over-reliance on automated biometric identification as a core technology for homeland security. In the wake of Mayfield's arrest and imprisonment, incommunicado, without charges, serious questions need to be asked, and answered, before the adoption of any new biometric standards or requirements in identification or travel documents. If that isn't done, they are only increasing the number of people who will suffer the same injustices as Mayfield.

Link | Posted by Edward on Friday, 4 June 2004, 13:15 ( 1:15 PM) | TrackBack (0)
Comments
Post a comment









Save personal info as cookie?