What did the Transportation Security Administration (TSA) do with the millions of personal files used to test the Secure Flight passenger screening system? And what additional personal records - including name, birthdate, phone number, mailing address, itinerary, and credit card information - did TSA obtain from commercial sources without the permission of either the passengers involved or Congress?
Advised by EFF, hundreds of individuals have been trying to find out by demanding the contents of their own files under the Freedom of Information and Privacy Acts. Together, we're working to uncover what the Department of Homeland Security won't say about information it is collecting about American citizens.
Last year, TSA seeded its experimental Secure Flight data-mining system with 42,000 names of passengers who flew in June 2004.
Despite telling Congress it would not do so, TSA then matched these travel records with millions of records from commercial data brokers. To cast as wide a net as possible, it instructed contractors to gather files on thousands of variations of the passenger names. Those merged records contained new information supplied by credit bureaus, including home addresses, previous addresses, and spouses' names.
If your name is a variation on the name of one of the passengers in the initial database, even if you did not travel in June of 2004, TSA may have collected data on you.
In total, millions of personal records were stored by the government - and that's just in the 2004 trial run of Secure Flight. The TSA plans to roll out the full version in 2006, monitoring everyone who flies in the United States.
We want to know more about how Secure Flight works - and find out just what records this government department has been gathering on the American public.
We've been asking our members to request their current files from TSA by exercising their rights under the Privacy and Freedom of Information Acts. From the agency responses, we're building our own profile: a map of Secure Flight's files, fields and their flaws.
TSA orders the nation's airlines to hand over passenger records for domestic flights completed in June 2004. Over 60 carriers comply, providing around 15 million records.
Four Alaskans send TSA Privacy Act requests for their Secure Flight records.
TSA replies, saying that it is unable to find any information on the Alaskans.
On the same day, TSA announces that it is destroying data collected during the trial.
The Alaskan Four write to the TSA demanding it preserve PDF the commercial data until the search for their files is complete.
EFF puts out an action alert urging members of the public to request the information collected about themselves by the TSA under the Privacy and Freedom of Information (FOIA) Acts. EFF asks people writing in for their information to request that all commercial data be preserved from deletion for closer examination.
TSA announce that they will no longer be deleting commercial data "in connection with ... the resolution of the multiple Privacy Act and Freedom of Information Act requests that have been directed to the agency."
The same day, TSA drafts a standard response PDF to go out to everyone who had made a request for their records. Among many revealing statements in this standard response, TSA claim that Secure Flight does not yet have the capability to perform "a simple computer search to locate responsive records."
To help with the difficult process of using a passenger screening database to uncover passenger records, TSA's official response asks for yet more information - including the telephone number of the inquirer, the dates of travel, and proof of American citizenship or permanent residency.
People who sent in the requests for information receive copies of the September 9th response. A month after the original request, TSA asserts that requestors have just ten days to reply or it it will "administratively close the request." No such time limit is defined in either FOIA or Privacy Act law.
EFF advises requesters to send one of two replies. Half of the inquirers provide fuller information for TSA to continue their search. The other half challenge TSA's reasoning. Is it really so hard for TSA to use its own database? Or are they merely dragging their feet?
