TSA Meets Secure Flight Milestone

Tuesday, September 9, 2008

Airplane taking off from runwayThe Transportation Security Administration (TSA) today announced in Congressional testimony before the House Homeland Security Subcommittee on Transportation Security and Infrastructure Protection that it has successfully met the 10-point certification requirement for Secure Flight outlined in the 2005 Department of Homeland Security (DHS) Appropriations Act. This important milestone signifies the ongoing efforts of the agency to better match passengers to terror watch lists while significantly reducing the number of misidentifications to these lists and validates that strict privacy protections are in the program.

Additionally, the agency continues to encourage airlines to volunteer for baseline testing of this new program. Airlines participating in baseline testing thus far have experienced fewer passenger misidentifications to terror watch lists than under legacy, airline-based watch list matching systems.

Currently airlines are responsible for matching passenger manifests to the no-fly and selectee terror watch lists. With dozens of airlines matching the lists in unique ways, results vary from airline to airline and misidentifications do occur. Once fully implemented, Secure Flight will shift pre-departure watch list matching responsibilities from individual air carriers to TSA and will implement a key recommendation of the 9/11 Commission while greatly reducing passenger inconvenience because of misidentifications.

The 10 conditions required:

  • Establishment of an Internal Oversight Board
  • Implementing operational safeguards to reduce abuse opportunities
  • Putting in place substantial security measures to prevent hacking
  • Building processes to accommodate states with unique transportation needs
  • Establishing a redress process
  • Ensuring that the system will not produce a large number of false positives
  • Addressing privacy concerns
  • Determine appropriate life cycle cost estimates and program plans exist
  • Conduct stress tests and demonstrated the accuracy of the system
  • Ensure procedures for effective oversight of the use and operation of the system

As a complementary measure to reduce misidentifications, this past April, DHS Secretary Michael Chertoff authorized airlines to create records systems to verify and securely store a passenger's date of birth in order to reduce watch list misidentifications. By voluntarily providing this limited biographical data to an airline and verifying that information once at the ticket counter, travelers that were previously inconvenienced on every trip are now able to check-in online or at remote kiosks.

TSA evaluated and rebuilt Secure Flight in 2006 to ensure that security and privacy are fundamental to the program. In December 2006, DHS submitted a report to Congress outlining TSA's approach to certification. The Secure Flight Notice of Proposed Rule Making (NPRM) was published in the Federal Register in August 2007. The NPRM initiated a public comment period that ran through Nov. 21, 2007, and enabled the traveling public and industry to voice comments and concerns. In February 2008, TSA conducted a formal review with GAO to review its progress towards meeting all 10 conditions.

Secure Flight completed benchmark testing in the summer of 2008 with three aircraft operators to help with analysis of false positive and false negative rates. TSA is currently conducting end to end testing of the system and processes with volunteer aircraft operators prior to operational implementation.