WASHINGTON – The Transportation Security Administration (TSA) has released draft Security, Privacy and Compliance Standards for Sponsoring Entities and Service Providers for the industry-driven Registered Traveler program. The draft standards have been posted to the Registered Traveler homepage on TSA.gov and are open for a two-week public comment period. Ultimately, these standards will help to direct Registered Traveler vendors on how to enroll participants, validate their biometric and biographical information, maintain privacy, and operate the program in compliance with government requirements.
TSA established the Security, Privacy and Compliance Standards by gathering leading practices from both the public and private sectors. Specifically, TSA researched applicable existing government regulations; conducted a vulnerability assessment to identify and address areas of high risk; and considered standards from other public-private partnership programs.
“The release of these standards provides the private sector with the tools needed to ensure their systems and processes are properly built to move towards program implementation,” said Kip Hawley, Assistant Secretary for TSA. “Completing this important milestone underscores TSA’s commitment to working with industry to develop and support the Registered Traveler program.”
In recent weeks, TSA has completed a Privacy Impact Assessment and provided its final recommendations to the Registered Traveler Interoperability Consortium. Earlier this month, TSA advised potential vendors for the program that they may begin collecting limited personal information from individuals interested in becoming Registered Traveler participants through an advance registration process.
TSA’s guiding principles for Registered Traveler are to ensure a self-sustaining private sector program that will not disadvantage non-registered travelers and will not compromise security.