Take Action — Traveler Tracking Program May Violate US Law
by Catherine Komp
Dec. 11 — A US Department of Homeland Security program that compiles data on millions of travelers and determines how likely they are to be terrorists may be operating illegally, according to privacy advocates and some members of Congress.
The Automated Targeting System (ATS) gathers travelers’ data from foreign governments, from numerous Customs and Border Protection sources, and from the Passenger Name Record, a controversial system used by the United States and Europe to gather travelers’ information from airlines and travel agencies.
ATS has long been used to track imported and exported cargo. But recent revelations by the Department show ATS is also being used to scrutinize airline passengers and cars entering or leaving the United States. The system draws on the collected data to assign a risk factor to each person or vehicle in order to help border patrol agents decide whether travelers “should receive additional screening because the traveler may pose a greater risk for violation of US law.”
It is unclear how long ATS has been used to screen humans. The DHS announced it had expanded ATS to include monitoring people in a November 2 notice in the Federal Register. However, the Department did not say when the expansion took place and some DHS officials have said the program has been in place for years.
Calling the program “equitable,” the agency said it “uses the same risk assessment process” for all individuals.
The DHS has announced it will keep the personal data gathered by ATS for up to 40 years to “cover the potentially active lifespan of individuals associated with terrorism or other criminal activities.
At least two lawmakers, Representative Martin Sabo (D-Minnesota) and Senator Patrick Leahy (D-Vermont), believe the program violates a provision of the 2007 DHS spending bill. That provision prohibits the testing or development of programs using computerized databases to assign risk to passengers who are not already on watch lists.
The Bush administration insists the program is legal.
Yet, in response to public opposition to the program, the DHS announced it would extend the public comment period from December 4 to December 29. (emphasis added by editors)
In a 30-page privacy-impact assessment about the program, the DHS said it will use the system to identify “suspicious or unusual behavior” using a set of “constantly evolving” rules. The program is being used on both international travelers and people involved in importing and exporting goods.
But the agency also admits there are privacy risks, including inaccurate information used against people who may not be aware that the government is compiling data about them.
In its Federal Register announcement, the DHS states that the system cannot be accessed by individuals wishing to contest the information included about them. (emphasis added)
“This program may be right for cargo, but it’s all wrong for people. Congress has already repeatedly declared that it does not want the government engaging in this kind of mass computerized dragnet,” said the ACLU’s Timothy Sparapani in a press statement. “Now [Congress] needs to weigh in on this program — get to the bottom of what is being done, and reaffirm its views on what should not be done.”
The ACLU said it “appears” that the program also violates the 1974 Privacy Act, which requires public notice of government databases that contain personal data before they can be implemented. The ACLU, along with other privacy advocates, is calling for the DHS to abandon the program.
© 2006 The NewStandard.
Nov. 2 Notice of Privacy Act system of records” Federal Register
“ATS extension of comment period” Federal Register
“DHS Privacy Impact Statement” Dept. of Homeland Security
“Traveler risk system may violate ban” Associated Press
“Department of Homeland Security Appropriations Act, 2007″ GovTrack
“Traveler Data Program Defied Ban, Critics Say” Washington Post
“DHS Acknowledges That Terror Ranking Program Is Already in Effect” ACLU
The ACLU’s comments on the Automated Targeting System can be found at:
Some discussion on the “right to travel” and “freedom of movement” can be found at:
and at www.ibike.org/cuba/ofac/law.htm.
Electronic Frontier Foundation, an important organization fighting privacy encroachment in many areas, has published much more information :
American Travelers to Get Secret ‘Risk Assessment’ Scores (eff.org/news/archives/2006_11.php#005030)
EFF Fights Huge Data-Mining Program Set for Rollout on U.S. Borders
Washington, D.C. – An invasive and unprecedented data-mining system is set to be deployed on U.S. travelers Monday, despite substantial questions about Americans’ privacy. In comments sent to the Department of Homeland Security (DHS) today, the Electronic Frontier Foundation (EFF) asked the agency to delay the program’s rollout until it makes more details available to the public and addresses critical privacy and due process concerns.
The Automated Targeting System (ATS) will create and assign “risk assessments” to tens of millions of citizens as they enter and leave the country. Individuals will have no way to access information about their “risk assessment” scores or to correct any false information about them. But once the assessment is made, the government will retain the information for 40 years — as well as make it available to untold numbers of federal, state, local, and foreign agencies in addition to contractors, grantees, consultants, and others.
“The government is preparing to give millions of law-abiding citizens ‘risk assessment’ scores that will follow them throughout their lives,” said EFF Senior Counsel David Sobel. “If that wasn’t frightening enough, none of us will have the ability to know our own score, or to challenge it. Homeland Security needs to delay the deployment of this system and allow for an informed public debate on this dangerous proposal.”
Earlier this month, EFF’s FLAG Project submitted a Freedom of Information Act (FOIA) request to DHS seeking more details about the ATS data-mining program, but the agency has not yet disclosed the requested information.
Electronic Frontier Foundation
HOW TO COMMENT:
[Federal Register: December 8, 2006 (Volume 71, Number 236)]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
DEPARTMENT OF HOMELAND SECURITY
Office of the Secretary
Privacy Act of 1974; System of Records
AGENCY: Privacy Office; Department of Homeland Security.
ACTION: Privacy Act System of Records Notice; extension of comment
SUMMARY: This document provides additional time for interested persons
to submit comments on the system of records notice for the Department
of Homeland Security, U.S. Customs and Border Protection Automated
DATES: Comments on the Privacy Act System of Records Notice must be
received on or before December 29, 2006.
ADDRESSES: You may submit comments, identified by docket number, by one
of the following methods:
Federal eRulemaking Portal: http://www.regulations.gov.
Follow the instructions for submitting comments via docket number DHS
Mail: Comments by mail may also be submitted to Hugo
Teufel III, Chief Privacy Officer, Department of Homeland Security,
Washington, DC 20528.
Instructions: All submissions received must include the
agency name and docket number for this rulemaking. All comments
received will be posted without change to http://www.regulations.gov,
including any personal information provided.
Docket: For access to the docket to read background
documents or comments received go to http://www.regulations.gov.
FOR FURTHER INFORMATION CONTACT: For general questions please contact:
Laurence E. Castelli (202-572-8790), Chief, Privacy Act Policy and
Procedures Branch, Bureau of Customs and Border Protection, Office of
Regulations & Rulings, Mint Annex, 1300 Pennsylvania Ave., NW.,
Washington, DC 20229. For privacy issues please contact: Hugo Teufel
III (571-227-3813), Chief Privacy Officer, Privacy Office, U.S.
Department of Homeland Security, Washington, DC 20528.
To provide expanded notice and transparency to the public, the
Department of Homeland Security (DHS), U.S. Customs and Border
Protection (CBP) published a Privacy Act system of records notice
(SORN) in the Federal Register regarding the Automated Targeting System
(ATS) on November 2, 2006 (71 Fed. Reg. 64543). As detailed in the
SORN, ATS is the enforcement screening module associated with the
Treasury Enforcement Communications System and was previously covered
by the Treasury Enforcement Communications System “System of Records
Notice.” This system of records is subject to the Privacy Act of 1974,
as amended (5 U.S.C. 552a).
The DHS Privacy Office published the Privacy Impact Assessment
(PIA) for ATS on November 24, 2006 on its Web site, http://www.dhs.gov/privacy
under “Privacy Impact Assessments.” The PIA provides additional
background information and context for the SORN, including specific
information on measures taken by DHS to protect the privacy of persons
whose information might be found in ATS.
The SORN referenced above did not identify or create any new
collection of information; rather DHS merely provided additional notice
and transparency of the functionality of these pre-existing systems.
The SORN provided for a thirty day comment period which expired on
December 4, 2006.
Extension of Comment Period
In response to the SORN published in the Federal Register, and the
PIA published on the web, DHS has received a number of comments from
the public requesting an extension of the comment period. DHS has
decided to grant the request for the extension. Accordingly, the period
of time for the submission of comments is being extended. Comments are
now due on or before December 29, 2006.
Dated: December 4, 2006.
Hugo Teufel III,
Chief Privacy Officer.
[FR Doc. 06-9595 Filed 12-5-06; 11:07 am]
BILLING CODE 4410-10-P