Lisa Dean and TSA: Will opposites attract?- Gordon Housworth [ 3/29/2004 - 16:31 ] #
In what can only be called an inspired choice, the Transportation Security Administration (TSA) has appointed one of its harshest critics, Lisa Dean, as it first chief privacy officer. I say inspired as Dean's credentials as an adversary of government surveillance at the Electronic Frontier Foundation and the Free Congress Foundation leave her, at the moment, above reproach.
My question is, has TSA silenced, absorbed or adopted this critic. While that may not have been the intent of those who hired her, bureaucracies have a way of convincing and co-opting those they envelop. What seems implausible from the outside can come to seem valuable from the inside.
I can only assume that CAPPS II, its purpose to combat international terrorism, and potential "scope creep" that draws it more deeply into the national fabric will be high on her priorities. In a 17 February, 2004 letter to the House Committee on Transportation and Infrastructure, Dean raised critical questions with respect to CAPPS II (Computer Assisted Passenger Prescreening System) and airline PNRs (Passenger Name Records):
What passenger information is collected, how is it shared and with whom?
How long is the information retained?
What are the names and numbers of government contractors (Torch), data-brokers and other third parties as well as their level of involvement in the PNR process?
What rights do passengers have to correct information, as they do their credit reports?
What rights do passengers have to view their personal data, as they do their medical records?
What recourse do passengers have if they believe they have been wrongly "flagged"?
Will CAPPS II be effective for identifying individuals who pose a threat to aviation security?
How much will it cost the travel industry as a whole to comply with requirements to provide TSA with data not currently collected by the agency?
Only days earlier, the GAO had noted that TSA had no effective answer for any of these questions. Dean will have to resist not only federal employees who have heretofore seen state protection as a higher calling, but commercial firms that seek to implement such data mining applications. The excesses of the JetBlue affair again highlighted the fact that tool builders and data repository owners have not previously demonstrated restraint in this respect.
The understandable intent of the contracting firms is to leverage their TSA/CAPPS investment and so that will drive them to expand their tools content. Should Dean stipulate limitations, it will require diligent verification that the applications do not exceed their brief and that neither private data or their source code migrate to inappropriate venues.
It will be interesting to follow Dean's trajectory at TSA.
See GAO's Aviation Security: Computer-Assisted Passenger Prescreening System Faces Significant Implementation Challenges
Gordon Housworth
InfoT Public Infrastructure Defense Public
|  | |
|
| << | May 2013 | >> | | Sun | Mon | Tue | Wed | Thu | Fri | Sat | | 28 | 29 | 30 | 1 | 2 | 3 | 4 | | 5 | 6 | 7 | 8 | 9 | 10 | 11 | | 12 | 13 | 14 | 15 | 16 | 17 | 18 | | 19 | 20 | 21 | 22 | 23 | 24 | 25 | | 26 | 27 | 28 | 29 | 30 | 31 | 1 | | 2 | 3 | 4 | 5 | 6 | 7 | 8 |
|
