By Shane Harris
December 8, 2006Homeland Security Secretary Michael Chertoff says it should not surprise people that for years his department has searched for terrorists among tens of millions of airline passengers, cross-checking travelers' personal data against terrorist watch lists and analyzing them for potential terrorist activity.
"I've talked about the collection of this data and the analysis of this data incessantly," Chertoff said in an interview this week at his office. By "this data," Chertoff means the international passenger name records (PNRs) that airlines give to Homeland Security screeners.
Each PNR contains basics such as a passenger's name, address, and seat assignment, but also details how the ticket was paid, whom the person is traveling with, and what telephone number the passenger used to book the reservation.
The screeners analyze PNRs, including those of American citizens traveling abroad, as well as passport information, to see if anyone can be connected to a terrorist. But in the past two months, nearly 50 organizations and individuals have contacted the department to express varying degrees of concern and outrage over the computer program that actually performs this analysis: the Automated Targeting System.
That's because, in addition to crunching data, ATS tags every international traveler with a "risk assessment," which security officers use when deciding whether to interrogate passengers or to keep them from flying. Once generated, those assessments may stay locked in ATS for as long as 40 years, and it is unlikely that passengers could ever know precisely what their risk rating is and how it was calculated.
This is news to just about every major privacy and civil-liberties watchdog in the country; they thought that Homeland Security officials only wanted to use passenger data to target terrorists and assign risk ratings but had refrained from actually doing so. They believed that ATS was being used only to identify risky cargo aboard ships. So, did the watchdogs miss something?
"Yeah, they missed about 100 speeches that I gave," an exasperated Chertoff told National Journal on December 5. "I've talked about ... PNR data and biographic data and using it to analyze and connect the dots about people before they come into the country; I have to have given at least 20 speeches about it."
Chertoff called ATS "the process by which we collect that information and analyze it to see what are the patterns and the relationships that tell us, for example, that a particular telephone number is associated with a terrorist, or something of that sort." Chertoff acknowledged that he may have failed to use some key abbreviations in his speeches. "I don't know that I said the words 'ATS,' but that's just an analytic description," he said.
It appears, however, that people did not become fully aware of how Homeland Security is parsing passenger data until after November 2. On that date, the department's privacy office, with no fanfare, filed a Federal Register notice detailing what ATS collects, how the information is used, and whether passengers could contest their risk assessments.
Chertoff said that that public notice wasn't the first about ATS. Privacy experts, however, vehemently dispute that assertion, and a search of the Federal Register since 1995 for the exact phrase "Automated Targeting System" yielded only one notice mentioning airline passengers -- the November notice.
Chertoff said the new notice was prompted by the department's desire "to be even more transparent and write, in even clearer English, about what we were going to do," especially after lengthy, and well-publicized, negotiations with European officials over how to use their citizens' PNR data, which is generally more zealously guarded than is similar information on Americans.
Chertoff said the notice gave Homeland Security "an opportunity to make completely sure that there was no ambiguity" in how the department would handle European records.
But ambiguity and confusion abound. Now the department's critics contend that it has engaged in one of the most massive, widespread data-mining operations ever run on U.S. citizens, and that it has done the deed in secret.
The former charge is likely true -- more than 1 million people cross U.S. borders every day, and a former department official said that if any U.S. citizen has traveled internationally, he or she has been targeted by ATS. Just how secret that targeting was is a matter of perspective.
ATS has tracked airline passengers for at least the past seven years, but the degree to which its use was expanded after 9/11 isn't clear. In congressional testimony in April 1999, then-U.S. Customs Commissioner Raymond Kelly -- now New York City's police commissioner -- said that in addition to screening cargo, "ATS is also being used in the air-passenger environment."
Customs planned to "enhance" ATS's screening power, Kelly said then, and this would "increase the opportunity of locating and positively identifying high-risk travelers involved in drug smuggling, terrorism, and other transnational criminal activity."
But opponents of such passenger profiling call ATS an end run on their efforts to halt government's encroachment on personal privacy since the 9/11 attacks. Privacy advocates say that while they were sparring with the Transportation Security Administration over its post-9/11 CAPPS II program, which also would have assigned risk levels to passengers, officials at Homeland Security's Customs and Border Protection were already targeting millions of people with ATS.
This week, Rep. Bennie Thompson, D-Miss., the incoming chairman of the House Homeland Security Committee, asked Chertoff to halt further implementation of ATS until his staff can sort out the privacy and civil-liberties implications. The department postponed any decision until at least December 29.
Chertoff hardly seemed amused by the public reaction. In the interview, he talked at length about some critics' penchant for placing great demands on the department and then scolding it for missing deadlines or for being ineffective. Of ATS, Chertoff said, "This goes in the no-good-deed-goes-unpunished category."
"I've got a new rule," he added. "If I want to keep a secret, I give a speech about it. Because if I make a speech, no one picks it up. But if I put it in a document and I slip it under the table, then it gets the front page."
The legal mechanism for notifying the public that a government system is using personal information is a Privacy Act notice, usually through the Federal Register, said David Sobel, senior counsel for the Electronic Frontier Foundation, a watchdog group. Until November 2, there was no such notice for ATS, Sobel said. "Any use of that system prior to that time is illegal."
Clark Kent Ervin, who served as the Homeland Security Department's inspector general in 2003 and 2004, concurred. The November notice officials gave for ATS "strikes me as dishonest, and it strikes me as illegal on its face," said Ervin, who now directs the Homeland Security Initiative at the Aspen Institute.
Others, however, said that the notice was a stab at greater transparency by Customs and Border Protection. "Customs has been fairly up front in publicizing that they do risk assessments of all incoming passengers," said Stewart Verdery, the Homeland Security Department's former assistant secretary for policy, who is now the president of Monument Policy Group, a consulting firm.
Verdery said that Customs historically hasn't published all of its privacy notices but that the Federal Register notice effectively put all of the bureau's cards on the table about passenger targeting. "It baffles me that anyone would think this is some kind of secret," he said. "Now, the particulars of how it's done are secret. But the fact it's being done is not secret at all."
Brian Goebel, a former senior policy adviser at Customs, who helped to enhance ATS's capabilities after 9/11, said, "Though the system hasn't been secret, the department didn't do a good job of explaining that this notice is further describing practices that the department has disclosed previously." But both he and Verdery said that ATS is one of the best tools available for tracking potential terrorists. "There's no doubt in my mind whatsoever that the system is effective in dealing with security and other risks," Goebel said.
Meanwhile, Chertoff insisted that ATS and its passenger component -- which is also being used to screen people as they cross land borders -- shouldn't surprise anyone. He seemed to feel that if watchdogs have misunderstood his public remarks about a desire to collect passenger information, and to use it, they must have been out to lunch.
"Otherwise, why are we collecting the data?" he asked. "Just to have it to sit around? That would actually be a mistake."
By Shane Harris
December 8, 2006