TSA officials cite challenges in revised passenger screening program

Transportation Security Administration officials on Thursday outlined some of the toughest challenges they face in developing and implementing a revised screening system for airline passengers.

TSA will begin internal testing of the system known as Secure Flight in November, and hopes to begin implementing it at airports across the country within five months, said Justin Oberman, director of the agency's office of national risk assessment. The system will compare information on every passenger, such as name and date of birth, to FBI watchlists of known or suspected terrorists.

"We're finally off to the races," Oberman said. "It's going to be a wild ride but we feel good about where we're at today."

For testing purposes, TSA issued a draft order to the nation's airlines last month that would require them to turn over records on all passengers who took a domestic flight last June--about 50 million people. Public comments on the order are due by Monday. Oberman said a final order to the airlines for the records is expected next week.

The goal of Secure Flight is to determine if somebody is lying about who they say they are and, therefore, needs secondary screening before boarding a flight, Oberman said. He emphasized that TSA is not looking for criminals but rather for known or suspected terrorists.

Secure Flight is not intended to prosecute people who are caught by the system, Oberman said, but airports most likely will notify law enforcement agencies, including the FBI, when somebody is tagged.

According to Oberman, the biggest challenges for Secure Flight include stress testing, or making sure the system works during high-travel times without causing flight delays; developing software that accurately identifies people; and determining whether commercial data can be used to improve the system's efficiency.

TSA plans to competitively bid for testing Secure Flight and determining whether commercial data can be used, Oberman said.

Another challenge is determining whether airlines have to change their reservation systems in order to comply with Secure Flight. For example, the FBI terrorist watchlists include names and birthdates, but most airline reservation systems do not ask for birth information.

"We may have to compel the dates of birth to be required," Oberman said, adding that TSA plans to "work closely" with airlines to make any modifications.

In the long run, Oberman contends, Secure Flight will reduce costs to airlines because they no longer will have to spend their own money on labor and administrative costs to screen passengers. Today, airlines are responsible for comparing passenger information to government watchlists.

Additionally, Oberman said TSA might take over the cost and administration of the Computer Assisted Passenger Prescreening System, which has been used by airlines since the 1990s to determine if people need secondary screening.

Critics, however, remain concerned that people's privacy rights might be violated by the system, especially if watchlists are inaccurate.

Last month, the Electronic Privacy Information Center filed a Freedom of Information Act request for information about how the FBI intends to protect the privacy of travelers as it maintains records in its terrorist-screening database.

EPIC asked the transportation agency for more information on how it plans to help maintain the database, arguing that the public does not know how people are placed on the lists, how the FBI maintains the lists, or the procedures that the FBI follows in protecting privacy.

Oberman said TSA is working with the FBI on protocols for Secure Flight and how to do name matches. He added that additional staff will be needed. "We're going to need human beings to help analyze results and make determinations," he said.

TSA also is evaluating what other agencies, if any, the passenger information should be shared with, Oberman said.

In order to address privacy and civil rights concerns, TSA plans to create an office of identity protection exclusively to help passengers resolve discrepancies. The agency also plans to issue a new privacy impact assessment before rolling out Secure Flight next year.

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
Close [ x ] More from GovExec

Thank you for subscribing to newsletters from GovExec.com.
We think these reports might interest you:

  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

  • Cyber Risk Report: Cybercrime Trends from 2016

    In our first half 2016 cyber trends report, SurfWatch Labs threat intelligence analysts noted one key theme – the interconnected nature of cybercrime – and the second half of the year saw organizations continuing to struggle with that reality. The number of potential cyber threats, the pool of already compromised information, and the ease of finding increasingly sophisticated cybercriminal tools continued to snowball throughout the year.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • GBC Issue Brief: The Future of 9-1-1

    A Look Into the Next Generation of Emergency Services

  • GBC Survey Report: Securing the Perimeters

    A candid survey on cybersecurity in state and local governments

  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

  • eBook: State & Local Cybersecurity

    CenturyLink is committed to helping state and local governments meet their cybersecurity challenges. Towards that end, CenturyLink commissioned a study from the Government Business Council that looked at the perceptions, attitudes and experiences of state and local leaders around the cybersecurity issue. The results were surprising in a number of ways. Learn more about their findings and the ways in which state and local governments can combat cybersecurity threats with this eBook.


When you download a report, your information may be shared with the underwriters of that document.