- Overflight Table for Third-Party Providers. Version #3.0 (pdf, 127kb)
- Airlines and Travel Agencies - Use the Secure Flight Communications Toolkit to communicate the changes and benefits that Secure Flight brings to your customers.
- Find answers to your questions regarding Secure Flight on the FAQs page.
- Think you were misidentified as a match to the watch list? Visit the DHS Travel Redress Inquiry Program (DHS TRIP) and help prevent future difficulties.
Secure Flight Overview
Secure Flight is a behind-the-scenes program that enhances the security of domestic and international commercial air travel through the use of improved watch list matching. Collecting additional passenger data improves the travel experience for all airline passengers, including those who have been misidentified in the past.
When passengers travel, they are required to provide the following Secure Flight Passenger Data (SFPD)(.pdf, 192kb) to the airline:
- Name (as it appears on government-issued ID the passenger plans to use when traveling)
- Date of Birth
- Redress Number (if applicable)
- Known Traveler Number (if applicable)
The airline submits this information to Secure Flight, which uses it to perform watch list matching. This serves to prevent individuals on the No Fly List from boarding an aircraft and to identify individuals on the Selectee List for enhanced screening. After matching passenger information against government watch lists, Secure Flight transmits the matching results back to airlines so they can issue passenger boarding passes.
Prior to the implementation of Secure Flight, airlines were responsible for matching passenger information against the watch lists. Secure Flight is a program developed by the Department of Homeland Security (DHS) in response to a key 9/11 Commission recommendation: uniform watch list matching by the Transportation Security Administration (TSA).
The mission of the Secure Flight program is to strengthen the security of commercial air travel into, out of, within, and over the United States through the use of improved and expanded watch list matching using risk-based security measures.
By transferring these watch list matching responsibilities from the airlines to TSA, Secure Flight:
- Decreases the chance for compromised watch list data by limiting its distribution
- Provides earlier identification of potential matches, allowing for expedited notification of law enforcement and threat management
- Provides a fair, equitable, and consistent matching process across all airlines
- Offers consistent application of an integrated redress process for misidentified individuals through the Department of Homeland Security's Travel Redress Inquiry Program (DHS TRIP)
As of November 2010, Secure Flight conducts uniform prescreening of passenger information against federal government watch lists for all covered U.S. and foreign flights into, out of, and within the United States – fulfilling a key 9/11 Commission recommendation a month ahead of schedule. This also includes point-to-point international flights operated by U.S. airlines. Secure Flight also performs watch list matching for flights that overfly, but do not land in, the continental United States (i.e., lower 48 contiguous states, excluding Alaska and Hawaii).
The program’s goals are to:
- Support TSA’s Risk-Based Security (RBS) mission by identifying high-risk passengers for appropriate security measures/actions and identifying low-risk passengers for expedited screening
- Prevent individuals on the No Fly List from boarding an aircraft
- Identify individuals on the Selectee List for enhanced screening
- Minimize misidentification of individuals as potential threats to aviation security
- Incorporate additional risk-based security capabilities to streamline processes and accommodate additional aviation populations
- Protect passengers’ personal information from unauthorized use and disclosure
How It Works
Under the Secure Flight program, passengers making a reservation are required to provide their full name (as it appears on the government-issued identification they plan to use when traveling), date of birth, and gender.
TSA matches this information against government watch lists. After matching passenger information against government watch lists, Secure Flight transmits the matching results back to airlines so they may issue passenger boarding passes.
Ensuring the privacy of individuals is a cornerstone of Secure Flight. TSA developed a comprehensive privacy plan to incorporate privacy laws and practices into all areas of Secure Flight. The program worked extensively to maximize individual privacy.
In addition to assuring compliance and reinforcing its commitment to protecting privacy, Secure Flight created an environment dedicated to guaranteeing its privacy mission that is front and center every day.
The Secure Flight Privacy Program includes:
- Foundational Privacy Principles: Tenets that underpin and guide all Secure Flight behaviors, requirements, systems, and processes
- Privacy Organization: Dedicated Privacy Officer and privacy staff, processes, and procedures responsible for privacy compliance, for assessing Secure Flight privacy risks, and for developing and implementing plans to effectively manage those risks
- Systems Development and Security: Administrative, physical, and technical safeguards that manage privacy risks throughout the lifecycle of the Secure Flight system
- Awareness and Training: Programs to make the Secure Flight organization and its stakeholders, including the traveling public and the airlines, aware of Secure Flight's privacy posture and practices
- Monitoring and Compliance: Programs to monitor adherence to statutory and regulatory privacy requirements and Secure Flight's privacy principles, policies, procedures, standards and rules of behavior
- Redress and Response: Systems and processes to respond, if needed, to privacy inquiries, issues, and incidents
- Privacy Risk Management: Tools and techniques to support Secure Flight privacy risk management
TSA collects the minimum amount of personal information necessary to conduct effective watch list matching. Furthermore, personal data is collected, used, distributed, stored, and disposed of according to stringent guidelines and all applicable privacy laws and regulations. Secure Flight published a Privacy Impact Assessment (PIA) in conjunction with the Secure Flight Final Rule and published a System of Records Notice (SORN) in the Federal Register to provide detailed information about the program's privacy approach.
TSA does not collect or use commercial data to conduct Secure Flight watch list matching.
TSA's Secure Flight Exemption Rule was published November 9, 2007 in the Federal Register. The Exemption Rule provides the public notice of TSA's decision to exempt the Secure Flight Records system (DHS/TSA 019) from several provisions of the Privacy Act of 1974, as well as the basis for the claimed exemptions. Additionally, the Exemption Rule provides a comprehensive response to public comments received for the Secure Flight Notice of Proposed Rule Making for Privacy Act Exemptions.
What Laws Mandate Secure Flight?
The 9/11 Commission Report recommended that TSA take over watch list matching from aircraft operators. The Intelligence Reform and Terrorism Prevention Act (IRPTA) of 2004 codified this recommendation into law, and requires DHS and TSA to assume from aircraft operators the function of conducting pre-flight comparisons of passenger information to federal government watch lists. TSA implemented the Secure Flight program to meet this Congressional mandate. The Secure Flight Final Rule provides the regulatory authority for the implementation of the Secure Flight program.