The Report TSA Is Trying to Bury

November 14, 2005 - News

"Based on the limited test results presented to us, we cannot assess whether even the general goal of evaluating passengers for the risk they represent to aviation security is a realistic or feasible one or how TSA proposes to achieve it. We do not know how much or what kind of personal information the system will collect or how data from various sources will flow through the system. Until TSA answers these questions, it is impossible to evaluate the potential privacy or security impact of the program..."

The SFWG was tasked with evaluating the security and privacy elements of Secure Flight, the current iteration of the TSA's airline passenger screening system, and of submitting a report to the Department of Homeland Security's Aviation Security Advisory Committee (ASAC).

After nine months, based on the limited and dated information it had received, and on the absence of any consistently articulated plan describing the architecture or operating policies of Secure Flight, the SFWG concluded that there was little to say about it from the standpoint of privacy and security.

On September 19, 2005, the SFWG report was submitted to ASAC and was posted on the TSA web site. It was delinked sometime in October, although it remains on the TSA's servers. The rest of the story, including TSA efforts at counter-spin, is summarized by Ryan Singel at Secondary Screening (TSA 'Refreshes' Web Site, Removes Critical Report) and Lauren Gelman at Center for Internet and Society (TSA Censors SecureFlight Working Group Report).

Update: the report appears to have been removed from the TSA's web site, but is still available on a Stanford University server.

More information is available at <http://cyberlaw.stanford.edu/blogs/gelman/archives/SFWG_Report_September_19_2005_Final_V_1_.4.pdf>.

Last updated February 4, 2006