TSA Didn't Break The Law... But Bent It Pretty Good | Aero-News Network
Aero-News Network
RSS icon RSS feed
podcast icon MP3 podcast
Subscribe Aero-News e-mail Newsletter Subscribe

Airborne Unlimited -- Recent Daily Episodes

Episode Date

AMA Drone Report

Airborne-Monday

Airborne-Tuesday

Airborne-Wednesday

Airborne-Thursday

Airborne-Friday

Airborne-Unmanned w/AUVSI

Airborne On ANN

AMA 03.23.17

Airborne
03.27.17

Airborne
03.28.17

Airborne
03.29.17

Airborne
03.30.17

Airborne 03.24.17

Airborne-Unmanned 03.28.17

Airborne-YouTube

AMA 03.23.17

Airborne
03.27.17

Airborne
03.28.17

Airborne
03.29.17

Airborne
03.30.17

Airborne 03.24.17

Airborne-Unmanned 03.28.17

Sun, Feb 22, 2004

TSA Didn't Break The Law... But Bent It Pretty Good

Homeland Security Officials Release Findings In Self-Investigation

The TSA didn't break the letter of the law when it asked JetBlue for access to passenger records. DHS wanted to turn them over to a contractor working on the development of the Base Security Enhancement program, designed to assess the terror risk to military facilities worldwide. But the Department of Homeland Security says the TSA pushed the edge of the envelope when it asked for the records and didn't notify the public.

The investigation centered on a company called Torch Concepts, based in Huntsville (AL). Executives there sent a proposal to the Defense Department, suggesting the use of personal data to profile those seeking access to military bases. It wanted to use passenger information for developing and testing the concept.

If that sounds suspiciously like CAPPS II, DHS says it's very much the same concept. In fact, CAPPS II, the controversial project to profile passengers and assign them color-coded risk labels, was being developed at the same time, shortly after the 9/11 attacks. But DHS says TSA wanted to keep the two projects separate.

The DHS investigation report says, on July 30, 2002, a "relatively new" employee at TSA sent a letter to JetBlue, asking for archived passenger records. The airline ended up turning over more than five million individual passenger records based on the request. That, DHS suspected when it began the investigation, might have violated the Privacy Act of 1974, which requires public notice whenever a new records system is created.

But Wired News, which broke the JetBlue story five months ago, reports DHS Chief Privacy Officer Nuala O'Conner decided the request wasn't illegal. Why? While she says the TSA worker "acted without appropriate regard for individual privacy interests or the spirit of the Privacy Act" and "arguably misused" the TSA's oversight authority over JetBlue to encourage data sharing, the Torch Concepts project wasn't directly related to TSA's mandate and didn't directly involve CAPPS II.

"No Privacy Act violation by TSA employees occurred in connection with this incident," said the DHS finding. "There is no evidence that any data were provided directly to TSA or its parent agency at the time, DOT. On the contrary, the evidence demonstrates that passenger data were transferred directly by jetBlue’s contractor, Acxiom, to Torch Concepts. As a result, the Privacy Act of 1974, which regulates the Federal Government’s collection and maintenance of personally identifiable data on citizens and legal permanent residents, does not appear to have been violated by TSA actions. Because TSA did not receive passenger data, no new system of records under the Privacy Act was established within TSA, nor was any individual’s personal data used or disclosed by TSA, its employees or contractors, in violation of the Privacy Act."

That's not to say that the Defense Department in general and the Army in particular didn't violate the Privacy Act. The DHS strongly implies the Army did indeed violate that law.

"The TSA employees involved acted without appropriate regard for individual privacy interests or the spirit of the Privacy Act of 1974. In doing so, it appears that their actions were outside normal processes to facilitate a data transfer, with the primary purpose of the transfer being other than transportation security. Such sharing exceeds the principle of the Privacy Act which limits data collection by an agency to such information as is necessary for a federal agency to carry out its own mission. While these actions may have been well intentioned and without malice, the employees arguably misused the oversight capacity of the TSA to encourage this data sharing."

"The department must seek to strike the right balance between security and privacy interests," said Senator Sue Collins (R-ME). "In this case, the TSA employees involved compromised the privacy interests of individuals without adequate justification."

The Army is now conducting its own investigation. But what about the TSA "new guy" who apparently skirted the Privacy Act by obtaining JetBlue records for DoD? It would appear that employee will receive a relatively minor slap on the wrist.

"The TSA employees involved, must, at a minimum, attend substantial Privacy Act and privacy policy training and must certify such training to the satisfaction of the DHS Privacy Office," according to the report.

FMI: www.dhs.gov/interweb/assetlibrary/PrivacyOffice_jetBlueFINAL.pdf

Advertisement

More News

Airborne-Unmanned 03.28.17: Gremlins UAS, Drone Privacy, Alpha Unmanned Helo

Also: Knifefish UUV, Runway Inspection Drones, Drone Hinders Firefighting, Canada's New Drone Regs DARPA has awarded two Phase 2 contracts of its Gremlins program to Dynetics, Inc.>[...]

G5 Electronic Flight Instrument Approved As A DG/HSI In Certificated Aircraft

Dual G5 Installation Options Support Safety-Enhancing Redundancy With Dual ADAHRS And Back-Up Battery Garmin has announced the approval of the G5 electronic flight instrument for i>[...]

Garmin TeamX Introduces New G3X Touch Display For Experimental Aircraft

Updated Device Features Seven-Inch Portrait Display Garmin has announced a new addition to the G3X Touch glass flight display family, the 7-inch G3X Touch portrait display. For fir>[...]

Airborne 03.29.17: F-16 Makes A Move, Sumwalt to NTSB, DJI Proposes Drone IDs

Also: SKYe SH09, AEA 2017 Opening/NPI, FAA Certifies Elite, Carrier Strike Group, G650 Sim, SBIRS Satellite, Hawaiian Airlines The ‘electric jet’ is moving to South Car>[...]

Airborne 03.28.17: Dynon ADS-B/WX Recvrs, B-29 'Doc' Touring!, Atlanta Tech

Also: Safety Focus, Aero-Calendar, Mechanic Pay, Alaska Airlines, GAMA, CA Aviation Hall Of Fame, Gogo Biz 4G Dynon’s new dual band SV-ADSB-472 receives ADS-B traffic via 978>[...]

blog comments powered by Disqus



Advertisement

Advertisement

Podcasts

Advertisement

© 2007 - 2017 Web Development & Design by Pauli Systems, LC