Aviation Security: Transportation Security Administration Did Not Fully Disclose Uses of Personal Information During Secure Flight Program Testing in Initial Privacy Notes, but Has Recently Taken Steps to More Fully Inform the Public

We have been reviewing the Department of Homeland Security's (DHS) Transportation Security Administration's (TSA) efforts to develop and implement the Secure Flight program. The purpose of Secure Flight is to compare information on domestic airline passengers against information on known or suspected terrorists to identify passengers who should undergo additional security scrutiny. As we reported in February and March 2005, to develop Secure Flight, TSA has been conducting tests to compare data from airline reservation systems, such as name and flight number, with data from the government's consolidated terrorist watch lists, which include names of known and suspected terrorists. We also reported that TSA has been testing the use of selected data available from commercial data sources--private companies that maintain records on individual names, addresses, phone numbers, and other information--as a means of verifying the accuracy of passenger-provided data. In this letter, we report on key aspects of TSA's disclosure of its use of personal information during commercial data testing for Secure Flight as required by the Privacy Act, and TSA's actions to more fully disclose its use of personal information. We will continue our assessment of Secure Flight privacy protections as part of our ongoing review of the Secure Flight program.