CAPPS II will not make us any safer. It is an expensive and intrusive program that will provide only illusory security. The cost of the program is not just the dollars wasted, however. The real cost is to our civil liberties as the government begins to keep tabs on all of us, assigning labels that are both unreliable and unreviewable.
Under CAPPS II, every time a person makes an airline reservation, the airline will be required to obtain the passenger’s full name, address, phone number, and date of birth. The airline must then provide that information, along with the passenger’s itinerary, to TSA. It may also pass along other information, such as method of payment.
TSA will then send this information to a “commercial data provider,” i.e., one of the many companies that routinely collect information about individuals and their activities and then sell or use that information for marketing or other purposes. The data provider will, in turn, “authenticate” the passenger’s identity by providing TSA with an authentication score. TSA will next enter the passenger’s name into a “Black Box”—a computer program using a secret set of law enforcement, intelligence, and other databases to generate a “risk assessment” for each passenger based on a secret set of criteria. Not even TSA will know just what databases or risk assessment criteria are used. Those passengers whose threat risk is set at green will be subjected only to standard scrutiny. Those passengers rated yellow, will receive more intensive scrutiny before being allowed to fly, and those rated red will be barred from flying and probably referred to law enforcement or other authorities for “appropriate action.”
CAPPS II is doomed to fail. The ease with which persons can commit identity theft means that real terrorists will have little difficulty in circumventing CAPPS II, while large numbers of innocent travelers will be subjected to the humiliation and inconvenience of being wrongly labeled a threat to airline security. One can use the Internet to purchase another person’s name, address, phone number, and date of birth for less than $50. That information can easily be used to create a driver’s license or passport with the terrorist’s own photograph and the name, address, telephone number, and date of birth of the person whose identity has been stolen. CAPPS II will have no way of knowing that the person making the reservation is not the person whose information is being analyzed.
While a committed terrorist will have little difficulty in slipping past CAPPS II, the story is quite different for the unfortunate passengers who are wrongly identified as presenting a security threat. TSA officials project that three to four percent of the approximately 100 million people who fly each year will fail to get a green light. No one can seriously contend that most of these three to four million passengers should be tagged yellow or red.
The high rate of projected false positives is a predictable result of the unreliability of the databases to be used for identity authentication and risk assessment. Anyone who has looked at his or her own credit report knows that they frequently contain many errors. For obvious privacy reasons, TSA says it will not be using credit ratings, instead relying on even less accurate commercial databases for identity authentication. The problem is exacerbated once information goes into the Black Box. Although the government will not reveal which particular law enforcement and intelligence databases will be used, presumably one of those databases will be the FBI’s giant criminal database known as NCIC (National Crime Information Center). NCIC’s accuracy is apparently so poor that, in April 2003, the Justice Department exempted it from the Privacy Act’s requirement that databases be maintained with “such accuracy . . . as is reasonably necessary to assure fairness.”
The unreliability of CAPPS II is compounded by having the assignment of a threat level to passengers made not by human beings but by computer algorithms. The computer is not simply asked to determine the likelihood that a passenger is a known terrorist or has identifiable links to known terrorists or terrorist organizations. Rather the system is also asked to predict whether the passenger “otherwise poses a threat to passenger or aviation security.” Such an exercise in clairvoyance is an invitation to abuse when attempted at the human level. It is an even greater recipe for disaster when we ask computers to undertake this task.
CAPPS II threatens both our privacy and our freedom. The threat to privacy from using massive commercial and government databases to make decisions about who we are and whether we pose a threat to the nation’s security is obvious. Moreover, the kinds of databases that will be incorporated into CAPPS II are likely to grow. For example, while TSA now says that it will not be using credit or health records, nothing in the description of the program prohibits TSA from later including these records and, since the records relied on remain secret, we will never know whether or not these records are now in the hands of the government.
The threat to our freedom is even greater. First, because CAPPS II operates behind a veil of secrecy with no meaningful oversight, individuals have no realistic hope of correcting the mistakes that will inevitably be made through mistaken identity, computer error, or inaccurate information. The situation is truly Kafkaesque: because the victims of the system do not know why they are labeled suspect, they have no way of challenging that determination. Rather, they are relegated to a blacklist of the untrustworthy.
This has already been the fate of those erroneously placed on the FBI’s notorious “no-fly” list. Passengers like Jan Adams and Rebecca Gordon, two Bay Area peace activists, are told they are on the list, but not how they got there or how they can get off. Are they there because they have names similar to those of suspected terrorists? Or did their political affiliations have something to do with it? The ACLU of Northern California has filed suit to find answers to these questions, but their experience serves as a warning of what will happen when 100 million passengers are subjected to CAPPS II.
Second, there is the problem of mission creep; if you build it, it will grow. Right now CAPPS II is limited to airline passengers. However, TSA has made it clear that it plans to expand the program to other transportation systems, such as ports and train stations. Bus stations, public buildings, and even events such as the Super Bowl will be tempted to follow suit. The net result will be a system of internal government checkpoints that bears all the hallmarks of a police state.
The purposes for which CAPPS II is used are also likely to expand. When the government originally proposed this system, it said that the only targets were terrorists. The latest description of the system makes clear that TSA also intends to use CAPPS II to identify “persons with outstanding state or federal warrants for crimes of violence.” It is quite predictable that CAPPS II will quickly be expanded to include enforcement of the immigration laws or as an additional tool in the government’s failed war on drugs. There are simply no built-in limits to its use.
Finally, it is almost inevitable that those who are disadvantaged most by CAPPS II will be the poor and members of ethnic and religious minorities. Those on the lowest rung of the economic ladder are more likely to have frequent changes of address and less likely to have a “history” in commercial databases. They are the ones whose “authentication score” will be too low to permit them to travel easily. It is equally likely that the risk assessment process will rely on the same kind of ethnic and racial profiling of Muslims, Arabs, and South Asians that has characterized the government’s past actions. The shroud of secrecy makes it all the easier to hide the practice.
When the Defense Department proposed the Total Information Awareness (“TIA”) program, designed to use commercial and government databases to gather information about the entire population, it was met with howls of resistance. Congress ultimately refused to fund it. CAPPS II is simply TIA “Lite.” Once in place, it has the potential to make TIA a reality through the process of accretion. Although CAPPS II will fail to enhance airport security, it places our freedom in jeopardy. It must be stopped now.
Ann Brick is a lawyer for the American Civil Liberties Union
of Northern California
Download the Spring/Summer 2008 ACLU-NC Newsletter and read about our latest events and initiatives.
| • | Letter to the Editor - Crime cameras useless, anyway |
| • | Letter to the Editor - Teen behavior |
| • | What to do when marriage ruling is announced |
About Us | Newsroom | Action Center | Issues | Cases | Legislation | Support Us | Library/Resources 
