DHS's 'Secure Flight' Program Proven Insecure

News.com is reporting the somewhat unsurprising news that a government program we were assured was 'perfectly safe', has actually been proven to be a privacy nightmare. The 'Secure Flight' program matched air traveler information with commercial databases in the interests of national security. The charter for the program specifically forbade the TSA from accessing this information; the organization got their hands on it anyway. The Department of Homeland Security has released a report, detailing these findings and analyzing the situation. The News.com piece makes it clear the report was released on Friday in an attempt to obscure it from public notice; it was only linked to from a DHS subsite, and has not shown up on the DHS or TSA main pages. From the article: "The report from the Homeland Security privacy office takes pains to say that the privacy compromises over Secure Flight were 'not intentional,' and includes a list of seven recommendations to avoid similar mishaps in the future. Those include explaining to the public exactly what's going on and creating a 'data flow map' to ensure information is handled in compliance with the 1974 Privacy Act. This isn't the first report to take issue with Secure Flight. Last year, auditors at the U.S. Government Accountability Office reported that the program violated the Privacy Act."

Misreading

[by Anonymous Coward]

Am I the only one who had read "the 1984 Privacy Act" ?

Re:

[jazir1979 (637570)]

all signs point to yes.

Just like criminal background checks...

[Caspian (99221)]

...it hasn't any right at all to be anything but a Boolean, at least at first. DHS has a right to check for the answer to the question 'Is this person a terror suspect?', and perhaps 'Is this person a known friend or confidant of a terror suspect?'. ONLY if the answer to one of those questions is 'yes' have the underpaid security monkeys at the airport got any right whatsoever to see any information on people. All too often, the quest for 'security' is just another grab for power and intimidation.

Re:

[geoff lane (93738)]

'Is this person a terror suspect?'

In the new world order, everybody is a terror suspect until proven otherwise. It won't be long before special rewards will be authorised for children who inform on their non-conformist parents.

Re:

[mpe (36238)]

In the new world order, everybody is a terror suspect until proven otherwise.

Actually there are classes of people who do not have to be proven otherwise. e.g. those who pass and enforce laws about terrorist suspects.

Re:Just like criminal background checks...

[swillden (191260)]

Is this person a terror suspect?

Is *which* person a terror suspect?

Obviously, it would be nice to know if the person at the airport is actually suspected of being a terrorist, via evidence of links to known terrorists, etc., but to do that, you have to be able to correctly identify the person at the airport, and not just by name, and you also have to know that the reason for the suspicion is real.

All this system does is pick out people who identify themselves using a name that matches one that was placed on the list somehow. Read that last statement carefully, and identify all of the ways in which it's different from "identify suspected terrorists". Then think about what kind of program you'd have to implement in order to really "identify suspected terrorists", and what kind of police state would be required to make it work.

it hasn't any right at all to be anything but a Boolean, at least at first

Given a full profile of the terror suspect, trained TSA agents might be able to ascertain with some reliability whether or not the person trying to travel is actually the suspect, so if implemented it should definitely NOT be a boolean value based only on a matching name. Since the whole thing is so completely unreliable, though, and the only way to make it reliable is to further eliminate our civil liberties, the better solution is just to scrap it.

Somehow, the people in the US need to realize that the blood that must water the tree of liberty isn't just the blood of soldiers who go "over there" and kill the enemy. A free society is vulnerable in ways that a police state is not, but accepting that vulnerability is part and parcel of freedom. If an occasional 9/11 is the price of our civil liberties, we should be prepared to pay it, and consider it the bargain that it is. Cue the famous Benjamin Franklin quote.

I wonder...

[by Anonymous Coward]

I wonder how long it will be before we hear politicians praising a new bill to remove these constraints, framing it in terms of a "wall" which prevents the TSA from effectively securing our skies, like they did when they wanted to let foreign intelligence and domestic law enforcement exchange data?

See, this is why I'm always skeptical of these things. And for some reason, critics are always written off as paranoid or unrealistic. I wonder if they said the same things when people warned that the new "small" income tax would quickly grow?

Re:

[koreth (409849)]

And for some reason, critics are always written off as paranoid or unrealistic.

Nah, just left-wing nutjobs. That drumbeat will continue until the next time a Democrat is elected president and the new administration addresses the security rules. At which point the new security rules will instantly become either (a) an unacceptable affront to America's tradition of personal liberty and a symbol of how the left is out to control everyone's lives (if the restrictions are tightened), (b) a sign that the left is

Re:

[ScrewMaster (602015)]

It's not quite that black and white. There is a fundamental difference between good security, and absolute security. What the government is promising us is absolute security if we just give up the Constitution. Would that be a worthwhile trade-off? Not to me, certainly, but some might accept it if it was possible to have absolute security. As you correctly pointed out, it isn't. However, that doesn't mean that ordinary good security isn't worth striving for. It can be done. Other nations have managed to do

Friday news releases...

[by Anonymous Coward]

the report was released on Friday in an attempt to obscure it from public notice

It's an old trick to release news on a Friday night, when less people are going to see it. Also, any day in which a major news story (superbowl, oscar night, day after elections, etc.) is scheduled -- those are the days to read the newspaper carefully-- those are days that are typically used to obscure potentially damaging news.

In a 24-hour news cycle it's much harder to hide bad news from the public, but there are still golden times when the government and others are virtually guaranteed no one will be paying attention. Kudos for bringing this story to light.

Re:

[Dunbal (464142)]

In a 24-hour news cycle it's much harder to hide bad news from the public

      Thank god we have reliable 24 hour news, like CNN. Oh wait, I don't see anything about Brad Pitt and Angelina Jolie in the story... this isn't NEWS!!!

Re:

[mpe (36238)]

It's an old trick to release news on a Friday night, when less people are going to see it. Also, any day in which a major news story (superbowl, oscar night, day after elections, etc.) is scheduled -- those are the days to read the newspaper carefully-- those are days that are typically used to obscure potentially damaging news.

There's also releasing potentially politically embarrasing stories on the same day as a major disaster.

In a 24-hour news cycle it's much harder to hide bad news from the public,

This is actually

[CaptainZapp (182233)]

The very reason why I refrain from currently travelling to the US after having visited ~20 times in the 90s (and the last time in 2002). It's not so much the fingerprinting / mug shot procedure, which I resent, but the fact that potentially any slimeball marketing sleazoid may be able to get hold of my private data.

Sorry dudes in the US; you really, really need to clean up your privacy laws to actually protect the individual and not to favor major business (and making identity theft darn easy in the bargain).

Lock 'em up!

[Tom (822)]

Sorry, but "not intentional" doesn't cut it when something happens that was explicitly forbidden in the charter of the program.

If I sign a contract that specifically says I can only get X under condition of Y and Z, then breaking those conditions invalidates the contract. Secure Flight should be terminated and TSA be made liable for any and all damages.

Why is it that governments and corporations can fuck up constantly on a scale that makes you dizzy while any natural person doing a fuckup on a similar scale would be locked away for life?

So. It was proven pointless long before that.

[the_REAL_sam (670858)]

The Murder rate in the USA is 16,000 PER YEAR.
The US terror rate since (and before) 911 death toll was 3,300 TOTAL.

We maintained our constitution for over 200 years with the number of murders growing the whole time, and we didn't take that as a reason to torch our own constitution.

911 shouldn't have changed a damn thing. Yet it seems as if the Bush team has milked it to build the bedrock for a police state. Given their political donations come from the same private interests that profit from such draconian right wing lunacy, it looks like the Bush team staged it themselves, quite honestly.

http://www.the7thfire.com/Politics%20and%20History /Missile-Not-Flight-77.html [the7thfire.com]

Getting security "locked down" is the wrong answer. Getting the nazis out of office is the right answer.

you were making great points

[SethJohnson (112166)]

Your comments about the murder rate vs. terror rate and torching the constitution were strong.

You lost me with the conspiracy theory about the neocons planning 9/11. As much as I distrust Cheney, Rumsfeld, and their puppet, the theories about missles hitting the Pentagon just aren't credible to me. At most, I will believe that 9/11 was a happy accident [reference.com] which Cheney leveraged to enrich his friends at Haliburton. He sold it to Bush as an opportunity to finish what his dad had started. Rumsfeld? Well, that guy wanted to prove a war could be fought on the cheap and wanted to take credit for that accomplishment. Turned out it can be fought on the cheap, so long as you're not concerned with winning.

Seth

Re:you were making great points

[DaMattster (977781)]

Perhaps the conspiracy theories are not so wrong. Politics and the economy seem to dictate that in a tragedy, their will be some that profit and others that loose. Look at Haliburton. Haliburton's profits increased megafold as a result of non-competitive contracts with the DoD. Come on folks, we know if the owners of Haliburton were some poor inner city folk (or just a start up without political connections) they wouldn't have gotten a chance to even bid on the contract. I also have to say that our freedoms have erroded. This is not theory, this law. The Patriot Act puts severe limitations on our freedoms and we are traveling down a steep, slippery slope. As much as I despise the acts of 9/11, I cannot condone Guantanamo Bay and the secret prisons and the domestic wire tapping program.

We accused Clinton of being a liar and Bush repeatedly lied about their being no domestic wire tapping program or secret prison Mr. Bush drove us to war on a lie. There were no weapons of mass destruction. While I do not like Cynthia McKinney from Georgia at all, she drove a point by attempting to introduce legislation to impeach Bush. Honestly, he is far more impeachable than Clinton. We hold ourselves up on such high, hypocritical horses that we punished Clinton for a blow job: a harmless, repeat harmless act whereas Mr. Bush has effectively killed 16,000 people because he wanted to finish daddy's work. Mr. Bush needs to answer for his actions but, so long as he has money, he has a get out of jail ticket. It would take the collective bravery of the International Criminal Court to bring charges down. I could only hope that the ICC is brave enough to take this on. Bush has committed war crimes under a guise.

Bush is an extremeist in his own right. He is the antithesis of Ahmadenjinad of Iran. It has been speculated that Bush has some fascination with the Apocalypse and the Born-Again Christians do have a preocupation with this event. Clinton got some undeserved negative attention. He did wonders for the economy. The presidency requires an intelligent, well-thought, and well-spoken indidivdual.

Some have attempted to compare Bush to Lincoln. True, both were in unpopular wars and both rather folksy. There remains an important difference. Lincoln was not ideologically driven and he was doing what was morally correct for ANY time period: ending a wrong justified by pseudoscientific means. Lincoln saw the problems with calling our nation free while slavery still existed. This was a moral and ethical dilemna. Lincoln dealt with this. While Lincoln is folksy, it is clear that his intelligence and thought capacity is higher than that of Bush. As far as I am concerned there is no comparison and history will see the George W. Bush Presidency as one of the worst administrations in the history of our country.

Re:you were making great points

[thona (556334)]

Gratulations. Your words give me hope that there are americans that are not idiots. Seriously - you spoke the truth, in exactly the way it needs to be spoken.

I am european, and I have always thought as the US as the country wher edemocracy was strong - today I am not traveling to the US because I refuse to deal with terrorist nations, and unless the us government gets some sort of clue what country they re supposed to govern, the US is just not a place I want to step on even for a day.

Let's all hope that things change once Mr. Bush is out of his office. The uss has dealt with horrendous aberrations in the past (just say McCarthy Era) and recovered.

Re:

[AceM2 (655504)]

We're always going to see slavery as the reason because it was the most revolutionary change created by the war. You must remember southerners of the time (and many still today) saw the slavery debate as a hit to their pride rather than a moral issue. Most rich plantation owners would quickly cease to be rich if slavery were abolished. Point being turning against slavery at that moment only serves to make the rich southerners angrier while making yourself look good to the northerners. Slavery would have

Re:

[the_REAL_sam (670858)]

No, I'm saying 911 was a single event, and if you ask me it looks more like an event planned against hte american people by their own government in an effort to galvanize them against an invisible enemy, in order to gain a more absolute form of dictatorial control. That's what 911 looks like, if you ask me.

Fighting a war against an invisible enemy, and using that as a justification for searching everyone who passes through an airport, train station, you name it, already encroaches on basic civil liberties.

Re:

[DarkVader (121278)]

How about, we shouldn't worry about terrorism - because if we don't get scared, terrorism has FAILED.

The response should have been an investigation, and a change in hijacker handling policy (previous policy was to just give them what they wanted) and a "cockpit door stays locked at all times" policy. And then we should have started flying again the next week, with EXACTLY the same airport security as before.

Everything that was done by the government was instead calculated to terrorize the population, as a

Re:

[Cl1mh4224rd (265427)]

The third WTC building on 911 collapsed without ANYTHING touching it. It just collapsed straight down as if it had been demolished. They even abandoned it first. It was UNDAMAGED until it collapsed.

You're waaaay behind the times, buddy.

http://www.kolumbus.fi/av.caesar/wtc/wtc7_2.jpg [kolumbus.fi]
http://img301.imageshack.us/img301/3990/wtc7roof7p z.jpg [imageshack.us]

It well known by people on the ground that WTC7 was going to collapse.

Here's some accounts from firefighters [bautforum.com] on the scene that day. They describe the severe structural damag

Re:

[Scrameustache (459504)]

Oh, there was damage done to the building, they wouldn't have wasted that building for no reason. That doesn't mean it wasn't a controlled demolition, though.

The lease holder [cbsnews.com] gave the OK to "pull it [youtube.com]".
I didn't know you could do that. Can just any building be "pulled", just like that?

("Silverstein's spokesperson, Dara McQuillan, said in September 2005 that by "pull it" Silverstein was referring to the contingent of firefighters remaining in the building, and confirming that they should evacuate the premises."

Take the train.

[by Anonymous Coward]

Chooo! Choo! All tokers know that, duh!

Re:

[ScouseMouse (690083)]

Whereas in the UK, we voted for a bunch of people hwo arent supposed to be Neo-conservative, and ended up with a police state anyway.

If you think this sort of things dont happen in european states, your wrong. Were just better at keeping it quiet.

Heard a great line on any questions today (A BBC Radio 4 comedy quiz show):
The americans had a revolution because they were sick of being told what to do from London.
Boy did THEY manage to turn things around.