U.S. secretly gathers data on travelers - Privacy experts decry program

U.S. secretly gathers data on travelers - Privacy experts decry program
By Frank James, Washington Bureau. "Assessing risk" list by the Associated Press
Copyright © 2006, Chicago Tribune and The Associated Press
Published December 2, 2006

WASHINGTON -- A government program that secretly collects data on millions of travelers entering and leaving the United States, then assigns them terrorist-risk ratings, has raised concerns about privacy and the possibility of innocent people being mistakenly labeled terror threats.

Another source of alarm for some is that the scores produced by the 4-year-old Automated Targeting System, or ATS, aren't accessible for individual review, and so can't be checked for accuracy the way financial credit scores can be.

Furthermore, the Department of Homeland Security says it will keep the information for 40 years, even for people not judged to be risks. And, the department says, the information will be available to other parts of the government, for criminal prosecutions, for instance.

Customs officials for years have assessed the terrorist risk of cargo entering the U.S., with cargo that raised suspicions given extra scrutiny. Privacy advocates had no problem with that.

But they were surprised to learn recently of the ATS, a scoring system for people begun in 2002 that came to light only after Homeland Security published a notice last month in the Federal Register about the program.

"Never before in American history has our government gotten into the business of creating mass `risk assessment' ratings of its own citizens," Barry Steinhardt of the American Civil Liberties Union said in a statement.

"That is a radical new step with far-reaching implications, but one that has been taken almost thoughtlessly by expanding a cargo-tracking system to incorporate human beings, and with little public notice, discussion or debate," said Steinhardt, who directs the ACLU's Technology and Liberty Project.

Privacy experts predicted that European Union officials would be dismayed by ATS, since Europeans have been very assertive about protecting citizen privacy in recent years. In October, the Homeland Security Department finally reached agreement with the Europeans over what passenger information airlines servicing the European continent could share with the U.S. agency--an agreement made more difficult because of European privacy concerns.


Program made public

It was unclear to experts why Homeland Security made the program's existence public now. Some weren't even certain from the Federal Register filing whether the agency was talking about a proposed program or one that already was in operation.

Homeland Security spokesman Jarrod Agen confirmed that it was an existing program and sought to downplay any controversy about something that isn't new.

Agen said a good-government effort on the department's part was the reason ATS was placed in the Federal Register a few weeks ago.

"Because the department is relatively new ... we are making sure the public has an idea of how our systems function," he said. "This is a case of us taking the lead and getting that information out in the public realm so people can know how we collect and screen data."

Privacy experts who have dealt with the department scoffed at that explanation. "That's positively Orwellian," Steinhardt said in an interview. "DHS is the most closed agency in the federal government.

"The notion that they're transparent and would come forward because of their great respect for transparency is laughable," he said.

According to the Federal Register notice, the data analyzed by the program come from the information travelers give to airlines, as well as the information those who cross the border by car or on foot provide to border and customs agents.

"As part of this screening function, the ATS compares information obtained from the public with a series of queries designed to permit targeting of conveyances, goods, cargo, or persons to facilitate [Homeland Security's] border enforcement mission," the published notice said.


Similarity to previous program

To some privacy advocates, the ATS project seemed a resurrection of the Defense Department program known as Total Information Awareness. In that program, federal officials sought to data mine the consumer and banking records of millions of Americans to discern patterns that might point to individuals as possible terrorists.

The congressional and public outcry after TIA details started to emerge in late 2002 killed the program, at least publicly
What's going on here is the terrorist scoring of U.S. citizens which really should have been left on the shelf after TIA was canned," said Marc Rotenberg, executive director of the Electronic Privacy Information Center based in Washington.

Rotenberg called the ATS a "perfect example of mission creep" because a cargo program is now being applied to people.

But "cargo doesn't have privacy rights, people do," he said. "And information about people can be misused and abused. It can be inaccurate. It can be incomplete. It can leave people to be denied jobs, security clearances and government contracts. Lots of people now are having the experience of being kept off airplanes for reasons that the government won't tell them."

Agen, the Homeland Security spokesman, said the department has acted to help travelers who have been wrongly placed on do-not-fly lists.

"The department as a whole is working on streamlining that process even further ... so that anybody who encounters these types of problems can very easily rectify them.

"But the department's job is to protect the homeland," he said. "The data that we're receiving on passengers or cargo that are coming into the U.S., our ability to collect that data and to use that data to protect the homeland is our ultimate goal. ... That's why we have no-fly lists and watch lists and targeting systems like this."

- - -

Assessing risk

Some of the data used by the Automated Targeting System to assess international travelers' potential terrorist risk:



PERSONAL DATA

Passenger name, seat information and address

Billing address and telephone numbers

E-mail address

Personal searches



TRAVEL DATA

Aircraft arrival records

Reservation/travel dates

Form of travel payment

Travel itinerary

Visa data
Immigration control records

Frequent flyer miles

Travel agency used

Travel agent who made arrangements

Passenger travel status

History of one-way travel

History of not showing up for flights

Number of bags

Special services, such as wheelchair or meals for dietary or religious reasons

Voluntary/involuntary upgrades



COURT RECORDS

FBI crime data

Property seizure records

Vehicle seizure records

--Associated Press

----------

fjames@tribune.com