Government Report Shows TSA Violated Privacy Act with Screening Program; Used Passengers' Private Records Without Telling Congress or the Public

FOR IMMEDIATE RELEASE
Contact: Media@dcaclu.org

WASHINGTON – The Government Accountability Office, Congress’ non-partisan investigative arm, today confirmed that the Transportation Security Administration used personal information to test a controversial passenger-screening program, without telling Congress or airline travelers. The ACLU cited the move, which violates the Privacy Act, as yet another reason why lawmakers should protect Americans’ privacy by scrapping the Secure Flight program.

“Today the government confirmed growing concerns over TSA’s inability to safeguard the public’s most sensitive information,” Timothy Sparapani, an ACLU Legislative Counsel. “TSA has just given the public 100 million more reasons to demand that Congress halt Secure Flight before it is implemented.”

A TSA contractor obtained more than 100 million records from commercial data brokers and combined them with passenger name records obtained from airlines, the report said. The information was collected to move forward with a test of the controversial Secure Flight passenger-screening program, which is the follow-up to the CAPPS II program canceled last year amid growing bipartisan concerns that it would not protect Americans’ privacy or security.

TSA violated the Privacy Act, the report said, when it “collected and stored commercial data records even though TSA stated in its privacy notices that it would not do so.” The GAO report noted that the agency’s privacy notices which were meant to inform travelers of how their information is used, did not reveal what data would be collected, whose data would be collected and how the public can “access and amend their data.”

When it was revealed in June that TSA had collected these personal records, the agency took steps to retroactively amend its privacy notices to inform the public of what happened. The ACLU said that the steps taken were too little, too late.

“Lawmakers must undertake a full investigation into TSA’s data mismanagement,” Sparapani said. “TSA has shown it cannot securely, and honestly, manage sensitive personal information for proposed screening programs. If the agency is allowed to move forward with Secure Flight, Americans’ private information will be at risk.”