[Infowarrior] - Chertoff: Traveler screening program wasn't a secret

[Richard Forno]

(c/o PWR)

Chertoff: Traveler screening program wasn't a secret

By Shane Harris, National Journal

http://www.govexec.com/story_page.cfm?articleid=35639&sid=28

Homeland Security Secretary Michael Chertoff says it should not surprise
people that for years his department has searched for terrorists among tens
of millions of airline passengers, cross-checking travelers' personal data
against terrorist watch lists and analyzing them for potential terrorist
activity.

"I've talked about the collection of this data and the analysis of this data
incessantly," Chertoff said in an interview this week at his office. By
"this data," Chertoff means the international passenger name records (PNRs)
that airlines give to Homeland Security screeners.

Each PNR contains basics such as a passenger's name, address, and seat
assignment, but also details how the ticket was paid, whom the person is
traveling with, and what telephone number the passenger used to book the
reservation.

The screeners analyze PNRs, including those of American citizens traveling
abroad, as well as passport information, to see if anyone can be connected
to a terrorist. But in the past two months, nearly 50 organizations and
individuals have contacted the department to express varying degrees of
concern and outrage over the computer program that actually performs this
analysis: the Automated Targeting System.

That's because, in addition to crunching data, ATS tags every international
traveler with a "risk assessment," which security officers use when deciding
whether to interrogate passengers or to keep them from flying. Once
generated, those assessments may stay locked in ATS for as long as 40 years,
and it is unlikely that passengers could ever know precisely what their risk
rating is and how it was calculated.

This is news to just about every major privacy and civil-liberties watchdog
in the country; they thought that Homeland Security officials only wanted to
use passenger data to target terrorists and assign risk ratings but had
refrained from actually doing so. They believed that ATS was being used only
to identify risky cargo aboard ships. So, did the watchdogs miss something?

"Yeah, they missed about 100 speeches that I gave," an exasperated Chertoff
told National Journal on December 5. "I've talked about ... PNR data and
biographic data and using it to analyze and connect the dots about people
before they come into the country; I have to have given at least 20 speeches
about it."

Chertoff called ATS "the process by which we collect that information and
analyze it to see what are the patterns and the relationships that tell us,
for example, that a particular telephone number is associated with a
terrorist, or something of that sort." Chertoff acknowledged that he may
have failed to use some key abbreviations in his speeches. "I don't know
that I said the words 'ATS,' but that's just an analytic description," he
said.

It appears, however, that people did not become fully aware of how Homeland
Security is parsing passenger data until after November 2. On that date, the
department's privacy office, with no fanfare, filed a Federal Register
notice detailing what ATS collects, how the information is used, and whether
passengers could contest their risk assessments.

Chertoff said that that public notice wasn't the first about ATS. Privacy
experts, however, vehemently dispute that assertion, and a search of the
Federal Register since 1995 for the exact phrase "Automated Targeting
System" yielded only one notice mentioning airline passengers -- the
November notice.

Chertoff said the new notice was prompted by the department's desire "to be
even more transparent and write, in even clearer English, about what we were
going to do," especially after lengthy, and well-publicized, negotiations
with European officials over how to use their citizens' PNR data, which is
generally more zealously guarded than is similar information on Americans.

Chertoff said the notice gave Homeland Security "an opportunity to make
completely sure that there was no ambiguity" in how the department would
handle European records.

But ambiguity and confusion abound. Now the department's critics contend
that it has engaged in one of the most massive, widespread data-mining
operations ever run on U.S. citizens, and that it has done the deed in
secret.

The former charge is likely true -- more than 1 million people cross U.S.
borders every day, and a former department official said that if any U.S.
citizen has traveled internationally, he or she has been targeted by ATS.
Just how secret that targeting was is a matter of perspective.

ATS has tracked airline passengers for at least the past seven years, but
the degree to which its use was expanded after 9/11 isn't clear. In
congressional testimony in April 1999, then-U.S. Customs Commissioner
Raymond Kelly -- now New York City's police commissioner -- said that in
addition to screening cargo, "ATS is also being used in the air-passenger
environment."

Customs planned to "enhance" ATS's screening power, Kelly said then, and
this would "increase the opportunity of locating and positively identifying
high-risk travelers involved in drug smuggling, terrorism, and other
transnational criminal activity."

But opponents of such passenger profiling call ATS an end run on their
efforts to halt government's encroachment on personal privacy since the 9/11
attacks. Privacy advocates say that while they were sparring with the
Transportation Security Administration over its post-9/11 CAPPS II program,
which also would have assigned risk levels to passengers, officials at
Homeland Security's Customs and Border Protection were already targeting
millions of people with ATS.

This week, Rep. Bennie Thompson, D-Miss., the incoming chairman of the House
Homeland Security Committee, asked Chertoff to halt further implementation
of ATS until his staff can sort out the privacy and civil-liberties
implications. The department postponed any decision until at least December
29.

Chertoff hardly seemed amused by the public reaction. In the interview, he
talked at length about some critics' penchant for placing great demands on
the department and then scolding it for missing deadlines or for being
ineffective. Of ATS, Chertoff said, "This goes in the
no-good-deed-goes-unpunished category."

"I've got a new rule," he added. "If I want to keep a secret, I give a
speech about it. Because if I make a speech, no one picks it up. But if I
put it in a document and I slip it under the table, then it gets the front
page."

The legal mechanism for notifying the public that a government system is
using personal information is a Privacy Act notice, usually through the
Federal Register, said David Sobel, senior counsel for the Electronic
Frontier Foundation, a watchdog group. Until November 2, there was no such
notice for ATS, Sobel said. "Any use of that system prior to that time is
illegal."

Clark Kent Ervin, who served as the Homeland Security Department's inspector
general in 2003 and 2004, concurred. The November notice officials gave for
ATS "strikes me as dishonest, and it strikes me as illegal on its face,"
said Ervin, who now directs the Homeland Security Initiative at the Aspen
Institute.

Others, however, said that the notice was a stab at greater transparency by
Customs and Border Protection. "Customs has been fairly up front in
publicizing that they do risk assessments of all incoming passengers," said
Stewart Verdery, the Homeland Security Department's former assistant
secretary for policy, who is now the president of Monument Policy Group, a
consulting firm.

Verdery said that Customs historically hasn't published all of its privacy
notices but that the Federal Register notice effectively put all of the
bureau's cards on the table about passenger targeting. "It baffles me that
anyone would think this is some kind of secret," he said. "Now, the
particulars of how it's done are secret. But the fact it's being done is not
secret at all."

Brian Goebel, a former senior policy adviser at Customs, who helped to
enhance ATS's capabilities after 9/11, said, "Though the system hasn't been
secret, the department didn't do a good job of explaining that this notice
is further describing practices that the department has disclosed
previously." But both he and Verdery said that ATS is one of the best tools
available for tracking potential terrorists. "There's no doubt in my mind
whatsoever that the system is effective in dealing with security and other
risks," Goebel said.

Meanwhile, Chertoff insisted that ATS and its passenger component -- which
is also being used to screen people as they cross land borders -- shouldn't
surprise anyone. He seemed to feel that if watchdogs have misunderstood his
public remarks about a desire to collect passenger information, and to use
it, they must have been out to lunch.

"Otherwise, why are we collecting the data?" he asked. "Just to have it to
sit around? That would actually be a mistake."