[Roundup courtesy of the Free Congress Foundation. --Declan] > * Privacy Villain: FBI And Their Push For Online Privacy > > EU Parliament Threatens Legal Action > Over Collection Of Passenger Data > By Constant Brand > The Los Angeles Times > March 18, 2004 > > Editor's Note: According to the article: "If the EU's highest court finds > it does violate EU rules, it would nullify the pact." > > A European Parliament committee on Thursday threatened to challenge in > court a deal allowing U.S. authorities to collect personal data on airline > passengers, saying it undermined the privacy of European Union citizens. > > http://www.sfgate.com/cgi-bin/article.cgi?file=/news/archive/2004/03/18/international0635EST0501.DTL > > CAPPS II Under Fire In Congressional Hearing > > Editor's Note: The TSA claims 75,000 red and yellow alerts a day -- > virtually none a bona fide terrorist -- is progress? How seriously can we > believe in the TSA's assertions that the misidentified will really have > recourse? As Rep. Peter DeFazio (D-OR) asserted "the Achilles heel' of > the CAPPS II system is that a sophisticated terrorist will be able to > assume an identity that it will not trigger a "yellow" (cautionary) or > "red" (definitely do not allow to board) rating. To paraphrase Stanley > Baldwin: "The smart terrorist network will always get through CAPPS II." > By the TSA's own reckoning, 75,000 people a day -- virtually all who will > be innocent -- will not. This is progress? > > If a corporation were administering this system, it would trigger class > action lawsuits. Because it's the Federal Government's Transportation > Security Administration singling out 300,000 passengers a day -- virtually > all innocent -- for extra questioning and inspections, the CAPPS system > has gotten a pass from a serious court challenge -- so far. > > TSA Defends Its Scrutiny > Of Airline Workers > By Jonathan Krim > The Washington Post > March 18, 2004 > > David L. Sobel, general counsel of the Electronic Privacy Information > Center, testified that the TSA's plan raises serious constitutional > questions and runs afoul of a 1974 privacy law. > "This is a secret, classified system," he said, with the TSA under no > obligation to tell passengers what data has been collected about them. > Nor, he said, would the public have any legal rights to correct > information that is wrong. > > http://www.washingtonpost.com/wp-dyn/articles/A2916-2004Mar17.html > > Excerpts from Testimony Of Kevin P. Mitchell, Chairman of the Business > Travel Coalition Regarding CAPPS II Before the U.S. House of > Representatives Committee on Transportation and Infrastructure > Subcommittee on Aviation > > Editor's Note: Mr. Mitchell, as a representative of the business travel > industry, is to be commended for raising serious questions about CAPPS II. > No doubt many privacy advocates have a simpler recommendation to provide > to Congress: "SCRAP CAPPS II -- period." Nonetheless, Mr. Mitchell's > recommendations are quoted verbatim below and given that TSA may succeed > in using some system -- be it CAPPS II or something else -- the > recommendation that it come with the string of a sunset provision is > something that privacy advocates should bear in mind. The Electronic and > Privacy Information Center's David L. Sobel lays out the goals TSA must > meet to make CAPPS II acceptable from a civil liberties and privacy > standpoint. Now, it's TSA's move. Do they concede the legitimacy of > concerns, as expressed by David Sobel, by revising the system and its > policies? Or do they press on in their campaign to sell a big-budget > system that infringes upon our privacy and of very dubious effectiveness. > > "Recommendations: > > "1. CAPPS II should be strictly authorized for use only in aviation system > security. > > "2. The process and timeframe for U.S. citizens and foreigners to have > their risk profiles corrected needs to be efficient-to-a-fault, and > ironclad. > > "3. The threshold requirements that Congress wisely placed on the TSA for > CAPPS II to be fully funded should be revised to reflect GAO's recently > published CAPPS II audit results as well as the ideas and concerns that > will come to light from a thorough public policy debate. > > "4. An organization such as GAO answerable only to Congress, should have > sufficient national security clearances and attendant authority to monitor > all aspects of a CAPPS II including policies, programs and practices of > other supporting government agencies and private sector contractors. > > "5. CAPPS II should be sunseted after 3 to 5 years to enable Congress to > carefully evaluate costs, efficacy and ongoing need for the program and > determine if it warrants reauthorization." > > Mr. Mitchell's Submitted Statement to the Committee can be read at: > > http://btcweb.biz/c2testimony.htm > > Excerpts From the Statement of David L. Sobel, General Counsel of the > Electronic Privacy Information Center Before the House Committee on > Transportation and Infrastructure Aviation Subcommittee on "The Status of > the Computer Assisted Passenger Prescreening System (CAPPS II). > > "DHS's Chief Privacy Officer [Nuala O'Connor Kelly] recently touted the > protections afforded by the Privacy Act, explaining that the law > > `provides substantial notice, access, and redress rights for > > citizens and legal residents of the United States whose > information is held by a branch of the federal government. > The law provides robust advance notice, through detailed > "system of records" notices, about the creation of new > techno - > logical or other systems containing personal information. > The > law also provides the right of access to one's own records, > the > right to know and to limit other parties with whom > information > has been shared, and the right to appeal > determinations regarding > the accuracy of those records or the disclosure of those > records.' > > "TSA, however, has sought to exempt CAPPS II from nearly all of the > Privacy Act provisions Ms. O'Connor Kelly described." > > [quotation of Ms. O'Connor Kelly is from: Remarks of Nuala O'Connor Kelly > Before the 25th International Conference of Data Protection and Privacy > Commissioners, Sydney, Australia, September 11, 2003] > > "As the recent GAO report found, TSA has failed to adequately address the > very real privacy and due process issues that permeate the proposed > system. Based upon TSA"s Privacy Act notice for the system, I believe > there is reason to doubt whether the system, as currently envisioned, can > ever function in a manner that protects privacy and provides citizens with > basic rights of access and redress. In order for CAPPS II to pass muster > from a privacy and civil liberties perspective, TSA must, at a minimum: > 1.) ensure greater transparency through the establishment of a > non-classified system; 2.) provide individuals enforceable rights of > access and correction; 3.) limit the collection of information to only > that which is necessary and relevant; and 4.) substantially limit the > routine uses of collected information. Further, development of the system > should be suspended until TSA provides a final Privacy Impact Assessment, > discloses it to the public and receives public comments. Finally, the > agency should not acquire personal information, even for testing purposes, > until it has revised its policies and procedures as suggested above." > > > > Mr. Sobel's Submitted Statement On CAPPS II Can Be Read At: > > http://www.epic.org/privacy/airtravel/capps_testimony_3_04.pdf > > Also, see: 3/18/04 Associated Press story on "TSA Plans To Test Low-Risk > Flyer Program" (posted on The New York Times webpage) > > http://www.nytimes.com/aponline/national/AP-Airline-Passenger-Screening.ht > ml > > Kevin Mitchell, chairman of the Business Travel Coalition, said he wasn't > sure passengers would embrace the ``registered traveler program'' because > of privacy concerns. > ``We are, as an organization, very much in favor of it,'' Mitchell said. > ``But I'm not sure there are a lot of business travelers willing to pay to > turn over all that information.'' > And: 3/17/04 Reuters Article On "U.S. To Force airlines To Provide > Traveler Data"(posted on The New York Times webpage) > > CAPPS II would check government intelligence and consumer data amassed by > companies like Acxiom Corp. to verify passengers' identities and determine > if they have criminal records or links to groups such as al Qaeda. > > http://www.nytimes.com/reuters/news/news-airlines-security.html > > And: 3/18/04 United Press International Article by Shaun Waterman on > "Privacy Officer, Board To Oversee Profiling System"(posted on The > Washington Times webpage) > > Privacy specialists cautioned that the oversight board, to be truly > effective and independent, would need to include people willing to > challenge and question the agency. > > "They ought to include persistent critics of the program," said one > longtime privacy professional who asked not to be named. "If they're all > ex-TSA employees, that will be a danger sign." > > http://www.washtimes.com/national/20040317-110813-1393r.htm > > And: 3/17/04 Associated Press Story on "Airlines OK Security Plan" Posted > on Wired News.com > > The Air Transport Association said it supports the concept of the > Computer-Assisted Passenger Prescreening System, or CAPPS II, provided the > government follows seven "privacy principles." The Associated Press > obtained the list of principles Tuesday, a day before they were to be > revealed at a House hearing. > > http://www.wired.com/news/privacy/0,1848,62701,00.html > > Read The 3/16/04 AP Story Listing The Air Transport Association's Seven > Privacy Principles > > ...TSA shall provide passengers with effective and expeditious means to... > resolve complaints about the collection, accuracy, processing or use of > personal information. > > http://www.sfgate.com/cgi-bin/article.cgi?file=/news/archive/2004/03/16/fi > nancial0225EST0007.DTL > > And: 3/17/04 Federal Computer Week Article By Sarita Chourey On "Norton > Raises CAPPS II Liability Fears" > > "May I suggest that this program is going nowhere until you get an opinion > on liability," Norton said. > She assailed what she characterized as an assumption that CAPPS II would > not have any liability concerns. CAPPS II officials must be prepared "to > deal with what happens to people who... in any imperfect system, will be > misidentified and will have major losses as a result," Norton said. _______________________________________________ Politech mailing list Archived at http://www.politechbot.com/ Moderated by Declan McCullagh (http://www.mccullagh.org/)
This archive was generated by hypermail 2b30 : Mon Mar 22 2004 - 10:47:28 PST