Automated Targeting System

30 Nov 2006 in Regulatory Science

The Associated Press is reporting on the Department of Homeland Security's Automated Targeting System (ATS), which assigns international airline passengers "risk scores."

All international airline passengers do not pose an equal terrorism threat. In principle, risk scores help allocate scarce homeland security resources on more serious threats. as with all scoring systems, risk scores provide rankings that are categorical (e.g., "low," medium, "high") or ordinal (e.g., 1 to 100 points). Errors will occur. For example:

Some travelers will be ranked riskier than they really are ("false positives")
Some travelers wll be ranked less risky that they really are ("false negatives")
Rankings may be systematically biased.

Privacy advocates generally object to all such systems unless, at a minimum, travelers can learn their ranking and protest errors. If such an appeal process could be devised (and for sake of argument, imagine that it was costless to implement), it almost certainly would solve error type #1, do nothing to solve error type #2, and increase error type #3. Those who believe their risk has been overstated will petition for correction, but those whose risks have been understated will not. The database will consist of two groups: (1) Those whose risks are accurately estimated and (2) those whose risks are underestimated.

The Department of Homeland Security's privacy notice explains the purpose of the Automated Targeting System:

To perform targeting of individuals, including passengers and crew, focusing CBP [Customs and Border Protection] resources by identifying persons who may pose a risk to border security, may be a terrorist or suspected terrorist, or may otherwise be engaged in activity in violation of U.S. law;
To perform targeting of conveyances and cargo to focus CBP’s resources for inspection and examination and enhance CBP’s ability to identify potential violations of U.S. law, possible terrorist threats, and other threats to border security; and
To assist in the enforcement of the laws enforced or administered by DHS, including those related to counterterrorism.

DHs describes ATS as a risk assessmet system:

The Treasury Enforcement Communications System is established as an overarching law enforcement information collection, targeting, and sharing environment. This environment is comprised of several modules designed to collect, maintain, and screen data, conduct targeting, and share information. Among these modules, the Automated Targeting
System performs screening of both inbound and outbound cargo, travelers, and conveyances. As part of this screening function, the Automated Targeting System compares information obtained from the public with a set series of queries designed to permit targeting of conveyances, goods, cargo, or persons to facilitate DHS’s border enforcement mission.

The risk assessment and links to information upon which the assessment is based, which are stored in the Automated Targeting System, are created from existing information in a number of sources, including, but not limited to: the trade community through the Automated Commercial System or its successor; the Automated Commercial Environment system; the traveling public through information submitted by their carrier to the Advance Passenger Information System;
persons crossing the United States land border by automobile or on foot; the Treasury Enforcement Communications
System, or its successor; or law enforcement information maintained in other parts of the Treasury Enforcement
Communications System that pertain to persons, goods, or conveyances.

As part of the information it accesses for screening, Passenger Name Record (PNR) information, which is currently
collected pursuant to an existing CBP regulation (19 CFR 122.49d) from both inbound and outbound travelers
through the carrier upon which travel occurs, is stored in the Automated Targeting System. PNR is comprised of
data which carriers collect as a matter of their usual business practice in negotiating and arranging the travel
transaction.

The notice lists the data ATS may contain about each traveler

PNR record locator code
Date of reservation
Date(s) of intended travel
Name
Other names on PNR
Number of travelers on PNR
Seat information
Address
All forms of payment information
Billing address
Contact telephone numbers
All travel itinerary for specific PNR
Frequent flyer information
Travel agency
Travel agent
Code share PNR information
Travel status of passenger
Split/Divided PNR information
Identifiers for free tickets
One-way tickets
E-mail address
Ticketing field information
Automated Ticketing Fare Quote (ATFQ) fields
General remarks
Ticket number
Seat number
Date of ticket issuance
Any collected APIS information
No show history
Number of bags
Bag tag numbers
Go show information
Number of bags on each segment
Other Supplementary information (OSI)
Special Services information (SSI)
Special Services Request (SSR)
Voluntary/involuntary upgrades
Received from information
All historical changes to the PNR

Privacy advocates worry that this information may be in error, that it may not be secure, and that travelers cannot know what their scores are and protest error. The first two concerns are valid; the third is less so. The notice explains how travelers can find out their risk scores: Ask a Member of Congress to obtain it:

In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act, all or a portion of the records or information contained in this system may be disclosed outside DHS as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:
...
F. To a Congressional office, for the record of an individual in response to an inquiry from that Congressional office made at the request of the individual to whom the record pertains...

Presumably, some Members will choose to exercise this provision aggressively.

Tech Tags: are delightful

[add a comment]