DHS's 'Secure Flight' Program Proven Insecure

News.com is reporting the somewhat unsurprising news that a government program we were assured was 'perfectly safe', has actually been proven to be a privacy nightmare. The 'Secure Flight' program matched air traveler information with commercial databases in the interests of national security. The charter for the program specifically forbade the TSA from accessing this information; the organization got their hands on it anyway. The Department of Homeland Security has released a report, detailing these findings and analyzing the situation. The News.com piece makes it clear the report was released on Friday in an attempt to obscure it from public notice; it was only linked to from a DHS subsite, and has not shown up on the DHS or TSA main pages. From the article: "The report from the Homeland Security privacy office takes pains to say that the privacy compromises over Secure Flight were 'not intentional,' and includes a list of seven recommendations to avoid similar mishaps in the future. Those include explaining to the public exactly what's going on and creating a 'data flow map' to ensure information is handled in compliance with the 1974 Privacy Act. This isn't the first report to take issue with Secure Flight. Last year, auditors at the U.S. Government Accountability Office reported that the program violated the Privacy Act."

Misreading

Am I the only one who had read "the 1984 Privacy Act" ?

Re:

all signs point to yes.

Just like criminal background checks...

...it hasn't any right at all to be anything but a Boolean, at least at first. DHS has a right to check for the answer to the question 'Is this person a terror suspect?', and perhaps 'Is this person a known friend or confidant of a terror suspect?'. ONLY if the answer to one of those questions is 'yes' have the underpaid security monkeys at the airport got any right whatsoever to see any information on people. All too often, the quest for 'security' is just another grab for power and intimidation.

Re:

'Is this person a terror suspect?'

In the new world order, everybody is a terror suspect until proven otherwise. It won't be long before special rewards will be authorised for children who inform on their non-conformist parents.

Re:

Only you can't prove that someone is/isn't a suspect... that's why they call it "suspicion" ;-)

Re:

In the new world order, everybody is a terror suspect until proven otherwise.

Actually there are classes of people who do not have to be proven otherwise. e.g. those who pass and enforce laws about terrorist suspects.

Re:Just like criminal background checks...

Is this person a terror suspect?

Is *which* person a terror suspect?

Obviously, it would be nice to know if the person at the airport is actually suspected of being a terrorist, via evidence of links to known terrorists, etc., but to do that, you have to be able to correctly identify the person at the airport, and not just by name, and you also have to know that the reason for the suspicion is real.

All this system does is pick out people who identify themselves using a name that matches one that was placed on the list somehow. Read that last statement carefully, and identify all of the ways in which it's different from "identify suspected terrorists". Then think about what kind of program you'd have to implement in order to really "identify suspected terrorists", and what kind of police state would be required to make it work.

it hasn't any right at all to be anything but a Boolean, at least at first

Given a full profile of the terror suspect, trained TSA agents might be able to ascertain with some reliability whether or not the person trying to travel is actually the suspect, so if implemented it should definitely NOT be a boolean value based only on a matching name. Since the whole thing is so completely unreliable, though, and the only way to make it reliable is to further eliminate our civil liberties, the better solution is just to scrap it.

Somehow, the people in the US need to realize that the blood that must water the tree of liberty isn't just the blood of soldiers who go "over there" and kill the enemy. A free society is vulnerable in ways that a police state is not, but accepting that vulnerability is part and parcel of freedom. If an occasional 9/11 is the price of our civil liberties, we should be prepared to pay it, and consider it the bargain that it is. Cue the famous Benjamin Franklin quote.

I wonder...

I wonder how long it will be before we hear politicians praising a new bill to remove these constraints, framing it in terms of a "wall" which prevents the TSA from effectively securing our skies, like they did when they wanted to let foreign intelligence and domestic law enforcement exchange data?

See, this is why I'm always skeptical of these things. And for some reason, critics are always written off as paranoid or unrealistic. I wonder if they said the same things when people warned that the new "small" income tax would quickly grow?

Re:

I wonder how long it will be before we hear politicians praising a new bill to remove these constraints

A new bill? Why? Haven't you noticed, the government doesn't obey laws now anyway. They just do what they want. Surely they don't f

Re:

And for some reason, critics are always written off as paranoid or unrealistic.

Nah, just left-wing nutjobs. That drumbeat will continue until the next time a Democrat is elected president and the new administration addresses the security rules. At which p

Re:

It's not quite that black and white. There is a fundamental difference between good security, and absolute security. What the government is promising us is absolute security if we just give up the Constitution. Would that be a worthwhile trade-off? Not to

Friday news releases...

the report was released on Friday in an attempt to obscure it from public notice

It's an old trick to release news on a Friday night, when less people are going to see it. Also, any day in which a major news story (superbowl, oscar night, day after elections, etc.) is scheduled -- those are the days to read the newspaper carefully-- those are days that are typically used to obscure potentially damaging news.

In a 24-hour news cycle it's much harder to hide bad news from the public, but there are still golden times when the government and others are virtually guaranteed no one will be paying attention. Kudos for bringing this story to light.

Re:

In a 24-hour news cycle it's much harder to hide bad news from the public

Thank god we have reliable 24 hour news, like CNN. Oh wait, I don't see anything about Brad Pitt and Angelina Jolie in the story... this isn't NEWS!!!

Re:

It's an old trick to release news on a Friday night, when less people are going to see it. Also, any day in which a major news story (superbowl, oscar night, day after elections, etc.) is scheduled -- those are the days to read the newspaper carefully-- th

Re:

We read it here first [schneier.com].

This is actually

The very reason why I refrain from currently travelling to the US after having visited ~20 times in the 90s (and the last time in 2002). It's not so much the fingerprinting / mug shot procedure, which I resent, but the fact that potentially any slimeball marketing sleazoid may be able to get hold of my private data.

Sorry dudes in the US; you really, really need to clean up your privacy laws to actually protect the individual and not to favor major business (and making identity theft darn easy in the bargain).

Lock 'em up!

Sorry, but "not intentional" doesn't cut it when something happens that was explicitly forbidden in the charter of the program.

If I sign a contract that specifically says I can only get X under condition of Y and Z, then breaking those conditions invalidates the contract. Secure Flight should be terminated and TSA be made liable for any and all damages.

Why is it that governments and corporations can fuck up constantly on a scale that makes you dizzy while any natural person doing a fuckup on a similar scale would be locked away for life?

Re:

There is not any explicit right to privacy in the USA. It's been written by case law over the last 30-40 yrs. However, when the Government is concerned should you even expect you REALLY have privacy?? Come on, they have your name, address and phone in the

Re:

Only if you claim the donation as a deduction. The libraries are not controlled by the FBI. As for name, address and phone, that's something I WANT the government to have in case they need to contact me. Your point about the barriers to abuse being technic

So. It was proven pointless long before that.

The Murder rate in the USA is 16,000 PER YEAR.
The US terror rate since (and before) 911 death toll was 3,300 TOTAL.

We maintained our constitution for over 200 years with the number of murders growing the whole time, and we didn't take that as a reason to torch our own constitution.

911 shouldn't have changed a damn thing. Yet it seems as if the Bush team has milked it to build the bedrock for a police state. Given their political donations come from the same private interests that profit from such draconian right wing lunacy, it looks like the Bush team staged it themselves, quite honestly.

http://www.the7thfire.com/Politics%20and%20History /Missile-Not-Flight-77.html [the7thfire.com]

Getting security "locked down" is the wrong answer. Getting the nazis out of office is the right answer.

Re:

Correction.
The US terror rate since (and before) 911 death toll was 3030. TOTAL.

you were making great points

Your comments about the murder rate vs. terror rate and torching the constitution were strong.

You lost me with the conspiracy theory about the neocons planning 9/11. As much as I distrust Cheney, Rumsfeld, and their puppet, the theories about missles hitting the Pentagon just aren't credible to me. At most, I will believe that 9/11 was a happy accident [reference.com] which Cheney leveraged to enrich his friends at Haliburton. He sold it to Bush as an opportunity to finish what his dad had started. Rumsfeld? Well, that guy wanted to prove a war could be fought on the cheap and wanted to take credit for that accomplishment. Turned out it can be fought on the cheap, so long as you're not concerned with winning.

Seth

Re:

the theories about missles hitting the Pentagon just aren't credible to me. At most, I will believe that 9/11 was a happy accident [reference.com]

I don't know about the missile story... on 9-11 it was a "car bomb", then a "truck bomb" that blew up at the pentagon after the plane hit in NY.

But I think it was at LEAST a happy accident, possibly something that was allowed to happen, and at my most cyn

Re:

Man have you missed something! Haven't you seen the "video" released after some years by the fed after confiscating ALL surveillance footage in the area- including footage that was shot from private property? The "video" consists of five frames, taken at a

Re:

Man have you missed something! Haven't you seen the "video" released after some years by the fed

Yeah, I also saw the surveillance footage from the parking lot's security booth shown on TV some time after 9-11 (not years after, weeks I think), it showed very little and was dated 9-12.

I also remember, from that faithfull day, an announcer asking a fol

Re:

They predictably won so much power and funding as a result, it's hard not to think they would want it to happen.

Well, you can take it that far without just "thinking" it. We know with 100% certainty that they wanted it to happen, since they stated exactly

Re:

I'm seeing an awful lot of score 0 mods lately, most likely originating with bleeding heart fascist sympathizing american sheep ... at least score 1 ...

Your karma is so bad that you now post as low as an AC.

Re:you were making great points

Perhaps the conspiracy theories are not so wrong. Politics and the economy seem to dictate that in a tragedy, their will be some that profit and others that loose. Look at Haliburton. Haliburton's profits increased megafold as a result of non-competitive contracts with the DoD. Come on folks, we know if the owners of Haliburton were some poor inner city folk (or just a start up without political connections) they wouldn't have gotten a chance to even bid on the contract. I also have to say that our freedoms have erroded. This is not theory, this law. The Patriot Act puts severe limitations on our freedoms and we are traveling down a steep, slippery slope. As much as I despise the acts of 9/11, I cannot condone Guantanamo Bay and the secret prisons and the domestic wire tapping program.

We accused Clinton of being a liar and Bush repeatedly lied about their being no domestic wire tapping program or secret prison Mr. Bush drove us to war on a lie. There were no weapons of mass destruction. While I do not like Cynthia McKinney from Georgia at all, she drove a point by attempting to introduce legislation to impeach Bush. Honestly, he is far more impeachable than Clinton. We hold ourselves up on such high, hypocritical horses that we punished Clinton for a blow job: a harmless, repeat harmless act whereas Mr. Bush has effectively killed 16,000 people because he wanted to finish daddy's work. Mr. Bush needs to answer for his actions but, so long as he has money, he has a get out of jail ticket. It would take the collective bravery of the International Criminal Court to bring charges down. I could only hope that the ICC is brave enough to take this on. Bush has committed war crimes under a guise.

Bush is an extremeist in his own right. He is the antithesis of Ahmadenjinad of Iran. It has been speculated that Bush has some fascination with the Apocalypse and the Born-Again Christians do have a preocupation with this event. Clinton got some undeserved negative attention. He did wonders for the economy. The presidency requires an intelligent, well-thought, and well-spoken indidivdual.

Some have attempted to compare Bush to Lincoln. True, both were in unpopular wars and both rather folksy. There remains an important difference. Lincoln was not ideologically driven and he was doing what was morally correct for ANY time period: ending a wrong justified by pseudoscientific means. Lincoln saw the problems with calling our nation free while slavery still existed. This was a moral and ethical dilemna. Lincoln dealt with this. While Lincoln is folksy, it is clear that his intelligence and thought capacity is higher than that of Bush. As far as I am concerned there is no comparison and history will see the George W. Bush Presidency as one of the worst administrations in the history of our country.

Re:you were making great points

Gratulations. Your words give me hope that there are americans that are not idiots. Seriously - you spoke the truth, in exactly the way it needs to be spoken.

I am european, and I have always thought as the US as the country wher edemocracy was strong - today I am not traveling to the US because I refuse to deal with terrorist nations, and unless the us government gets some sort of clue what country they re supposed to govern, the US is just not a place I want to step on even for a day.

Let's all hope that things change once Mr. Bush is out of his office. The uss has dealt with horrendous aberrations in the past (just say McCarthy Era) and recovered.

Re:

Lincoln was not ideologically driven and he was doing what was morally correct for ANY time period:

You think so? There was more to the Civil war than slavery you know. In fact there was tension between the federalists and states rights folks for some t

Re:

OK, if what you say is true, why on Earth did the Southern states insist so strongly on maintaining slavery? Why did they secede when their candidate lost a fair election? Could it possibly be that maybe the South has to share some of the guilt for all t

Re:

We're always going to see slavery as the reason because it was the most revolutionary change created by the war. You must remember southerners of the time (and many still today) saw the slavery debate as a hit to their pride rather than a moral issue. Mo

Re:

The conspiracy nuts were the ones who unraveled Watergate and Telephone Tapping scandals.
So don't go about dissing them.

If they weren't there, your rights which you inherited because some lame ass-kicking horse jockey fought on your behalf and ACTUALLY die

Re:

Agreed. The whitehouse's continued attempts to pin the blame for 9/11 on a terrorist attack was full of holes from the very start.

Re:

911 shouldn't have changed a damn thing. Yet it seems as if the Bush team has milked it to build the bedrock for a police state. Given their political donations come from the same private interests that profit from such draconian right wing lunacy, it looks like the Bush team staged it themselves, quite honestly.

Maybe they did, I guess we'll never really know, since by definition the people capable of that are capable of killing to cover it up.

But even if they didn't explicitly plan it, Ossama was trained, funded and armed by the CIA, back when the Taliban were l

Re:

the city of Chicago, Illinois, USA doesn't allow handguns. Even if you interpret the US Constitution as not allowing each individual person to own guns (as groups like the American Civil Liberties Union do) the Illinois State Constitution http://www.ilga.gov/commission/lrb/con1.htm/ [ilga.gov] explicitly provides for that, leaving little if any room for such interpretation.

Handguns. What about hunting rifles?

Re:

It depends on your definition of "hunting rifle", I guess. My understanding is that Chicago outlaws "assault weapons" as well; however, I can't find documentation of that anywhere. I guess I didn't mean or want to start a debate about "gun control". I just wanted to say that the government's violation of Constitutional rights isn't restricted to the context of defeating terrorism

To be fair, banning AK-47s is somewhat related to preventing terrorism.

Re:

9/11 was not a person murdering another person, you frame this as if it were a typical crime we should pursue through our court system.

There was never any reason NOT to handle it through our court system. I DO frame it as if it should have been handled in

Re:

No, I'm saying 911 was a single event, and if you ask me it looks more like an event planned against hte american people by their own government in an effort to galvanize them against an invisible enemy, in order to gain a more absolute form of dictatorial

Re:

The number of murders per year climbs over time (but not necessarily constantly; sometimes it drops, too) and that means we should torch the constitution?

No, it means that since 9/11 did less damage to us than we regularly do to ourselves, we shouldn't use either as an excuse to destroy our civil liberties.

I've always compared it to the death toll from traffic accidents (which exceeds the 9/11 death tol

Re:

How about, we shouldn't worry about terrorism - because if we don't get scared, terrorism has FAILED.

The response should have been an investigation, and a change in hijacker handling policy (previous policy was to just give them what they wanted) and a "co

Re:

I know it sounds crazy. I can hardly get myself to look at it with credibility, but the facts ARE in line.

The third WTC building on 911 collapsed without ANYTHING touching it. It just collapsed straight down as if it had been demolished. They even aband

Re:

The third WTC building on 911 collapsed without ANYTHING touching it. It just collapsed straight down as if it had been demolished. They even abandoned it first. It was UNDAMAGED until it collapsed.

You're waaaay behind the times, buddy.

http://www.kolumbus. [kolumbus.fi]

Re:

Oh, there was damage done to the building, they wouldn't have wasted that building for no reason. That doesn't mean it wasn't a controlled demolition, though.

The lease holder [cbsnews.com] gave the OK to "pull it [youtube.com]".
I didn't know you could do that. Can just any building b

Re:

The lease holder gave the OK to "pull it".
I didn't know you could do that. Can just any building be "pulled", just like that?

"Pull it" is not a term for explosive demolition. No where, no how, no matter how many times the conspiracy theorists say it is (no

Re:

The lease holder gave the OK to "pull it".
I didn't know you could do that. Can just any building be "pulled", just like that?

"Pull it" is not a term for explosive demolition. No where, no how, no matter how many times the conspiracy theorists say it is (none of them are demolitions experts). The owner of Controlled Demolitions, Inc. has written a short paper about WTC7 (don't have a link at the moment, getting ready to leave for the holiday).

"Pull it" means to literally pull the building over with cables or the like. You don't do that to a 47 story building.

Larry Silverstein is not a demolition expert.
He's an old real estate tycoon. You kids and your fancy demolition talk. Why, in my day! Get off my lawn! We had to walk to work in snow, and when you wanted your building pulled down, you said to pull it! I sa

Take the train.

Chooo! Choo! All tokers know that, duh!

What is going to make your life suck first?

This seems like a small incremental threat increase given
that the information is already available to anyone who
wants to buy it. Anyone foriegn or domestic regardless
of criminal record can buy data right? That TSA got what
everyone else can access seems a

Re:

Whereas in the UK, we voted for a bunch of people hwo arent supposed to be Neo-conservative, and ended up with a police state anyway.

If you think this sort of things dont happen in european states, your wrong. Were just better at keeping it quiet.

Hea

Re:

No we didn't. Bush had to get a court ruling to get in the first time and the second time he did not have the majority of the popular vote even if he got the electoral votes.